ampache-4.0.3_all.zip (MD5SUM 0052c5c2b7a3ca05e5e7986099d61a60)
🚀 Lots of fixes related to the API/Playlists. Things are starting to stabilize really well and we should see a bit more gap between releases due to all the great reports that came in.
- Fixes for Api::get_indexes, Api::playlists, Api::playlist, Api::playlist_songs
- 🛠 Fix Access::check to allow all public lists
- Filter playlists by access in subsonic
- Fail check_php_verison() when using less than php7.1
- 🛠 Fix global user connecting through the API with an API key.
ampache-4.0.2_all.zip (MD5SUM af2154aa9904cb13f02794d2e5aa84a1)
👀 Good to see all the new reports coming in. Keep those reports coming in!
- ⬆️ Bump API version to 400002. (v4.0.0 build 002)
- Extend Api::playlist_generate (add new mode 'unplayed')
- 🛠 Fix API playlist commands and access checks relating to playlists
- Access::check should be passing user id from the API
- 🛠 SQL query fixes for Album, Playlist methods
- ✂ Remove spaces from play url extensions (Should help with nginx)
- ✅ Translate typo in show_test.inc
- Trim massive year, time and track when importing new songs
ampache-4.0.1_all.zip (MD5SUM afae10c4e18cfd03ab8327b1aac2dc56)
🚀 Minor release to fix bug in album class and some minor details.
- 🐛 Bug fix that would cause albums to be recreated in Album::check on null original_year
- ➕ Added 'file' to Song::find array
ampache-4.0.0_all.zip (MD5SUM 0f1f8a3c6b5c9511294a0db6d00efa5e)
⚡️ Major update points
- ⬇️ Drop PHP 5.6 support for 7.1+
- Resolve CVE-2019-12385 for the SQL Injection
- Resolve CVE-2019-12386 for the persistent XSS
- Resolve NS-18-046 Multiple Reflected Cross-site Scripting Vulnerabilities in Ampache 3.9.0
- ⚡️ Default to disk 1 instead of 0 (db updates to handle existing albums)
- Fix - MySQL8 installation using mysql_native_password with caveats [https://github.com/ampache/ampache/wiki/mysql-faq]
- If you are using charts/graphs there has been a change regarding c-pchart chart-faq
- 🆕 New Plugin - Matomo.plugin. [https://matomo.org/]
- 🆕 New Plugin - ListenBrainz.plugin [https://listenbrainz.org/]
- 0️⃣ Default to mashup view for artists and albums
- Documented the Ampache API [https://github.com/ampache/ampache/wiki/XML-methods]
- API Authentication: Require a handshake and generate unique sessions at all times
- API Authentication: allow sha256 encrypted apikey for auth
- You must send an encrypted api key in the following fashion. (Hash key joined with username)
- $passphrase = hash('sha256', $username . hash('sha256', $apikey));
- ⚡️ Update Subsonic api to 1.13.0 [http://www.subsonic.org/pages/api.jsp]
- 👍 Allow token auth using API Key instead of password.
- MD5SUM of zip file: bf229c07cbced00ff58cdd10802a4964
- 🚀 Autoupdate now ignores pre-release (preview) versions.
- Video details now correctly displayed for personal video.
- XML API now fully accepts user's API key. Session will be extended if it exists; Otherwise it's replaced.
- Artist name added to Lastfm track.getsimilar query.
- ⚡️ Catalog_update.inc now includes switches for catalog name and catalog type.
- ➕ Added Beets catalog to Composer autoload.
- 🐎 Performance improved with playlist display and search.
- ⚡️ General translation Updates.
- Documented php module requirement for FreeBSD.
MD5SUM of zip file: 91c3ed650b5a5201499e8ac2f26d27aa
🛠 Fixed uploading of avatar.
DSub now writes the correct extension when the ampache config switch
Artist info now properly displayed.
🛠 Fixed login bug with PHP-7.2 installed.
- 🚚 Subsonic API now removes illegal characters before returning text.
- ✂ Removed hardcoded access level to allow guests to stream audio.
- Guest accounts can now access songs and public playlists.
- 🛠 Fixed bug in subsonic API which caused DSub not to create folders or
➕ add file extensions when caching.