better column hider

9001 released this 30 Sep 23:59

· 827 commits to hovudstraum since this release

fae5a36

read-only demo server at https://a.ocv.me/pub/demo/
docker image ╱ similar software ╱ client testbed

no vulnerabilities since 2023-07-23

there is a discord server with an @everyone in case of future important updates
v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
- all serverlogs reviewed so far (5 public servers) showed no signs of exploitation

new features

column hiding on phones is much more intuitive
- since you usually want to hide multiple columns, the hiding mode must now be manually disengaged
- click-handler now covers the entire header cell, preventing a misclick from accidentally sorting the table instead

bugfixes

#51 running copyparty with an invalid value for --lang made it crash with a confusing error message
- also makes it more compatible with other localStorage-using webservices running on the same domain

other changes

CVE-2023-5217, a vulnerability in libvpx, was fixed by alpine recently and no longer present in the docker images
- unlike the fix in v1.9.6, this is irrelevant since it was impossible to reach in all conceivable setups, but still nice

⚠️ not the latest version!

Assets 7