Syncthing

Recent Commits

• Syncthing Release Automation (08 Jun 26)

  chore(gui, man, authors): update docs, translations, and contributors

• Simon Frei (04 Jun 26)

  chore(db, model): separate methods to drop a device vs its files (#10480) Fixes #10469 --------- Signed-off-by: Simon Frei <[email protected]> Signed-off-by: Jakob Borg <[email protected]> Co-authored-by: Marcus B Spencer <[email protected]> Co-authored-by: Jakob Borg <[email protected]>

• Jakob Borg (03 Jun 26)

  fix: let umask do the thing (#10723) We had a few places where we had perhaps too much of an opinion on the permissions on created files and directories, sometimes fuled by a misconception about how permissions work in both Unix and Windows. Recap on the ground rules: - On all unixes, all file & directory creation (`Mkdir`, `MkdirAll`, `Create`, `WriteFile`, `Open`) has the given permission bits filtered via the user's umask. The proper permissions for us to use are in almost all cases 0o666 for files and 0o777 for directories, strange as that may look at the call site. - On Windows, there is no umask but in turn all of the permission bits except the user write bit are ignored. The absence of user write bit is converted into the read only attribute. This means that what is proper for Unix above is also proper for Windows. - We make an exception when creating files for certificate keys and the config / database directories, as those contain secrets we think should remain closed even if the user generally collaborates with other users on the system. (Also removal of a bugfixed copy of MkdirAll for Windows that hasn't been necessary for a few years.) --------- Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (02 Jun 26)

  fix(gui): properly escape filenames in fancytree Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (02 Jun 26)

  fix(connections): do not report connection metrics for self (ref #10509) (#10724) Makes the metrics easier to interpret. Signed-off-by: Jakob Borg <[email protected]>

• Shablone (02 Jun 26)

  fix: on Windows don't allocate console if not opened inside one (#10726) This change allows Syncthing to be launched from Explorer without showing a console window, while preserving the existing command-line behavior. Previously, launching syncthing.exe from Explorer would always allocate a console window, which could only be hidden later by using `--no-console`. It was not possible to avoid console allocation entirely without introducing other issues. On Windows 24H2 and later a new application manifest allows us to achieve it. See [console allocation policy](https://learn.microsoft.com/en-us/windows/console/console-allocation-policy) This manifest is built into a syso-file by `goversioninfo`, which is already used to generate Windows resource files consumed by the Go compiler. **Note1:** On Windows 24H2 and later, no console is allocated when Syncthing is launched from Explorer, even if `--no-console` is set to `False`. It can still be used as a CLI tool as usual if you call it from console. **Note2:** The content of the manifest file may not be formatted. Even a `newline` would break it. ### Testing Tested on Windows 11 25H2: No console visible from explorer. CLI works as usual. Ref #8046, ref #10633, ref #10481, ref #10600 Signed-off-by: Elias <[email protected]> Co-authored-by: Elias <[email protected]>

• Syncthing Release Automation (01 Jun 26)

  chore(gui, man, authors): update docs, translations, and contributors

• Shablone (25 May 26)

  chore(syncthing): open URLs via Windows API instead via cmd.exe (#10712) ### Purpose On Windows replace `cmd.exe /C start` with direct `ShellExecute` API for opening the webpage. The previous implementation used `exec.Command("cmd.exe", "/C", "start "+url)` which spawns two extra processes (cmd.exe → start). Launching cmd.exe resulted in a shortly visible terminal. Both -`start` -and another alternative `exec.Command("rundll32", "url.dll,FileProtocolHandler", url).Start()` are just wrappers for `ShellExecute`. So this implementation is even more direct ### Testing I executed the compiled syncthing.exe on Windows 11, both from explorer and console. The webpage opened as expected. ### Screenshots N/A. ### Documentation N/A ## Authorship Name: Elias @Shablone Email: [[email protected]](mailto:[email protected]) Signed-off-by: Elias <[email protected]> Co-authored-by: Elias <[email protected]>

• Jakob Borg (25 May 26)

  fix(protocol): handle zero-size requests (fixes #10709) (#10710) - Allow zero-sized requests since they are sent by all current versions of Syncthing. - Stop sending zero-sized requests since that's stupid. --------- Signed-off-by: Jakob Borg <[email protected]>

• Syncthing Release Automation (25 May 26)

  chore(gui, man, authors): update docs, translations, and contributors

• mattn (23 May 26)

  chore: use path/filepath for local file system paths (#10705) ### Purpose `path` is for slash-separated paths (URLs, BEP protocol); local file system paths should use `path/filepath`. Fixed in `cmd/stdiscosrv/database.go` (3 sites) and `internal/db/sqlite/db_test.go` (1 site). ### Testing `go build ./cmd/stdiscosrv/...` and `go vet` pass. Signed-off-by: Yasuhiro Matsumoto <[email protected]>

• mattn (23 May 26)

  fix(stcrashreceiver): close source loader responses on errors (#10704) Fix a response body leak in `githubSourceCodeLoader.Load` where the body was not closed when the HTTP status was non-200. Signed-off-by: Yasuhiro Matsumoto <[email protected]>

• Jakob Borg (23 May 26)

  Revert "build: temporarily disable illumos for release" This reverts commit c0c401efebf27af58b91309b381d7d3eae870a64.

• Jakob Borg (23 May 26)

  Merge branch 'infrastructure' * infrastructure: build: let infra containers builds fail individually chore(ur): move structs to reduce dependency chain chore(stcrashreceiver): add profiler on metrics port chore(stcrashreceiver): compact diskstore in-memory representation chore(stcrashreceiver): better source cache & metrics chore(stcrashreceiver): metrics on ignore matches

• Jakob Borg (23 May 26)

  build: let infra containers builds fail individually Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (23 May 26)

  chore(ur): move structs to reduce dependency chain lib/ur brings in a lot of dependencies we don't need in e.g. stcrashreceiver, who only needs the small failure reporting structs. Make those part of the lean `contract` package instead. Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (23 May 26)

  chore(stcrashreceiver): add profiler on metrics port Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (21 May 26)

  chore(stcrashreceiver): compact diskstore in-memory representation Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (21 May 26)

  chore(stcrashreceiver): better source cache & metrics Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (21 May 26)

  chore(stcrashreceiver): metrics on ignore matches Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (23 May 26)

  build(deps): x/net for govulncheck (#10703) Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (23 May 26)

  chore(syncthing): include runtime context in GC crashes (#10702) The runtime prints a lot of context for crashes due to bad pointers etc, which is required to understand the crash, but this context comes before the `fatal error: ...` line. Currently those lines get filtered out and not included in the crash report. This change modifies the criteria so that we start collecting crash data also at a line that begins with `runtime:`, and tweaks the parsing later to look for the specific `panic:` or `fatal error:` which may come later as the subject. --------- Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (23 May 26)

  fix(discover): only announce wildcard for TCP punching when listening on wildcard address (fixes #10503) (#10691) If we aren't announcing e.g. tcp://0.0.0.0:22000 then also do not announce tcp://0.0.0.0:0. Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (23 May 26)

  fix(versioner): ensure user read/write/execute on archived dirs (fixes #10532) (#10696) This makes sure the user running Syncthing, and hence Synchting itself, has read/write/execute on directories in .stversions. The other permission bits remain copied from the source directory, ensuring whatever group and other permissions were set remain in effect. Closes #10695. --------- Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (21 May 26)

  fix(syncthing): properly upgrade via REST when Syncthing is running (fixes #10697) (#10699) The locking logic for upgrades got inverted in the lockfile changes. If we got the lock it means Syncthing wasn't already running, so we can do a direct upgrade. If we failed to get the lock it means Syncthing was running and we should tell the REST interface to do the upgrade. Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (21 May 26)

  Merge branch 'infrastructure' * infrastructure: fix(stcrashreceiver): allow extra pre/post data in version line chore(stcrashreceiver): improve logging chore(stdiscosrv): prewarm counters at startup

• Jakob Borg (18 May 26)

  fix(stcrashreceiver): allow extra pre/post data in version line Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (18 May 26)

  chore(stcrashreceiver): improve logging Signed-off-by: Jakob Borg <[email protected]>

• Jakob Borg (09 May 26)

  chore(stdiscosrv): prewarm counters at startup Signed-off-by: Jakob Borg <[email protected]>

• Syncthing Release Automation (18 May 26)

  chore(gui, man, authors): update docs, translations, and contributors