Release v6.26.0 (2025-10-30)

Published 2025-10-30 15:14:32Z

• fylr_checksums.txt

• fylr_v6.26.0_darwin_amd64.tar.gz

• fylr_v6.26.0_darwin_arm64.tar.gz

• fylr_v6.26.0_linux_amd64.tar.gz

• fylr_v6.26.0_windows_amd64.zip

Server

Important

• A change in the rights management may lead to a necessary re-configuration of permissions. If you relied on ASSET_DOWNLOAD implying ASSET_SHOW, you must add a separate permission now as this is no longer the case. See below for more information.

• If you are using a custom exec server configuration in your fylr.yml, the new service ocr needs to be configured. See fylr.default.yml for an example. See below for more information. [532498eb7]

• This fylr version officially supports the new PostgreSQL 18. We recommend this version for new installations. [36ae2790a]

New

• /api/system/share_link: New API to shorten links. This new api endpoint allows frontends to request a shortened url for a given long path. This is useful to shorten complex search queries. [4a3b23377] [e3a01568c]

• /api/db: Support search & replace & append for loca values in group mode. [5b3675b3b]

• /api/db: New url parameter skip_plugins. Skips the execution of plugin callbacks (system.root users only).

• /api/oaipmh: Add tagfilter to mark records as deleted. Configuration in base config. [3ecb7faab]

• CSV Export: Support top level fields for reverse nested. Before, these fields were not part of the CSV output. [27724d990]

• IIIF Presentation Manifest: Support files with page previews (like PDF) in IIIF sequences. [e4482a5a1]

Improved

• /inspect/files/file: Output object ids from value table. The file.object_ids column is not correctly set if files are imported without version produced (remote files don't set this data). This was confusing for some users. The patch adds an actual select to show relations stored in the value table. [21927df00]

• Rights management: Separate ASSET_SHOW & ASSET_DOWNLOAD permissions. This patch changes the rights management. Before ASSET_DOWNLOAD would imply ASSET_SHOW which was confusing and prevented users from blocking non watermark renditions from view (but allow the download). Existing configurations which relied on that feature need to be adjusted by adding ASSET_SHOW to the allowed permissions. [35d0289d6]

• fylr pdf2pages: Use less memory by chunking mutool payloads. Limits processing to 10 pages per mutool call to use less memory when rendering pages for PDFs. [f0b6aee4b]

• fylr convert + pdf2pages: Catch CTRL-C and kill external programs. This cancels the context external programs are executed with. When pressing CTRL-C, fylr will now send a kill signal to started processes. Also, the new code tries to be more gently in killing started programs. It uses SIGTERM and only after 2 seconds will send SIGKILL. Also, it tries to gently kill the whole group (the external programs and its descendants). On Windows fylr now uses taskkill to signal the process and all its children to terminate. [77c105868] [2ae393075] [fa3101ddf]

• Dockerfile: Upgraded the distribution to the new Debian testing (forky). [f939b3fc3]

• /inspect/files: Action map_to_local_storage now sets the leave_on_remote flag to false which helps understanding the current state of the files better. The action can still be repeated because leave_on_remote is not a required flag for the action file filter. Also, always show status message in file list. And last but not least, action resync tests reachability of remote url for file with leave_on_remote turned on. [899e6940f] [b35469f4a] [77b036023]

• /api/config: Don't allow oauth2 client hashes with > 14 rounds. Turns out that such hashes need too much time to compute. [c6dc257e5]

• fylr.yml: New config fylr.debug.disableHttp2Client allows to disable HTTP2. If you experiencing problems when loading files from a Microsoft IIS, this option might help to fix the downloads. This patch re-enables HTTP2 in the fylr container image after 6.25.0 turned HTTP2 off. [aff8c5509] [8f5a9f8af]

• Janitor: Improved speed for collecting objects to purge and file delete. Also, moved files to the bottom of the janitor page in /inspect/system/janitor. [eca56878c] [cb95c71d3] [ff616a0ae] [c8435cc84]

• Filename replacements: Add _standard and more column types. This adds the _standard.N.text + _standard.N.text.LANG replacements to the filename compilation. Adds _pool.name.LANG and column types text_loca, integer_2, number, double, date, datetime, daterange. In addition, linked objects are supported with replacements for _standard.*. Sort the filename replacements returned by /api/objecttype alphabetically. [a91b3a422] [5f8a6b41e] [29c1abc7c]

• fylr backup / restore: Various improvements and fixes. [a05c9e1bb] [a05c9e1bb] [01d7e2ce0] [643167bb5] [4ad86efcc]

• /api/pool|objecttype: Added a per file configuration for captions. Also, introduced a 202 process to resync files. If watermark or caption configuration changes, the API responds with a 202 when pools or objecttypes are saved. This includes more replacements too (see Filename replacements) [97bdf0ebe] [39b48c8c7] [d7d7e9368] [4b294150f] [fcafbdbcc]

• Cookbook audioconverter: The recipe audioconverter.snippet gained support for fractional seconds. [a450a2a5a]

• Cookbook imageconverter: Add WEBP as supported output format to recipe imageconverter.browserthumbs. [520f7ca34]

• Cookbook _metadata: Introduce service ocr. This service is used by recipe _metadata.ocr and it allows a separate configuration to run the compute intense Tesseract. If you are using the standard configuration, no changes should be necessary. See fylr.default.yml for an example on how to configure the new service. [532498eb7]

• /api/db: Improved checks for deferred checks. The checks for errors DeferredLinkedObjectMatchingSystemObjectId and DeferredLinkedObjectWrongObjecttype are now only performed for newly inserted objects (version 1), which saves time. This patch also makes the checks safe for parallel injects (used by fylr restore). [6cc75f587]

• /api/db: Hierarchy numbering: Don't support <nil> child idx. This patch makes sure that _parent_child_idx is always set. This ensures that we see a numbering for hierarchies where this is configured. Before, a <nil> state was supported which disabled the numbering for that object. [4b899c980]

• /api/config: New 202 process to ignore errors. If the base config contains mapping errors like a faulty LDAP connection, the server now response with a 202 status. This allows the user to store such a config while ignoring the errors. BaseConfigMap can be skipped for saving if their attribute Savable is set. Currently only SAML & LDAP configuration check errors are savable. A new error BaseConfigParse was introduced for errors during unmarshal. [a901b4600]

• /api/message: Output API error StartTimeAfterEndTime if start_time > end_time. [e69237397]

Fixed

• Background Tasks: If a task was extecuted on many objects, a panic that fylr is out of timers could occur. Fixed by re-using timer objects with equal names. [0f6583915]

• /api/search: Fixed sorting for values with leading 0. Affected instances require a re-index for the new ordering to work. [1e86e9013]

• /api/schema: Remove deleted object types from transitions. Before, loading transitions with deleted object types would fail. [558cd637c]

• fylr backup: Fixed panic when parsing B.C. dates. Parsing BC dates required localization to be loaded. During backup we don't have that, added a fallback. [bb70270da]

• /api/db: Fixed saving _child_numbering with active plugins. The _all_fields mask (used for sending data to plugins), did not marshal _child_numbering, causing the value saved as empty. [26f6732a0]

• /api/db: Fixed bidirectional duplicate case which led to fylr crash. If a duplicate bidirectional link was sent, the server could crash with a stack overflow. [f35c656ec]

Frontend

New

• Splash Screen: A new loading screen has been added at the start of the application. The loading screen is displayed in parallel and does not block the app loading process.

• Shortener URL: A new option has been added to shorten URLs when sharing a search. Until now, when sharing a search via URL, all the different parameters were serialized in the URL, generating very long and complex links. Now fylr offers the option to use a short URL to share searches.

• Watermark Config Per Objecttype: We have added the ability to configure the watermark per object type. Previously, the watermark was configured at the pool level; now it can be configured per object type if it is not pool-managed and if it contains EAS columns.

• Image Captions: We have added the ability to add captions to images. These captions can use replacements and can also be configured per EAS column. You will find this new configuration in the same tab as the watermark settings in both Objecttype and Pool.

• Asset Version Plugins: We have added the ability to create new plugins for the Asset Versions section. This new plugin type allows extending editing functionalities such as rotation or cropping. The first plugin to use this new feature is the new fylr-plugin-image-obscure, which adds new editing options to obscure parts of images interactively in the frontend, such as pixelate, blur, or blackout. Currently, this new way to extend the version editor is not fully available for general development. Documentation and a practical example will be added to fylr-plugin-example once it is completely available.

• View and Download Right Split: A new check has been introduced in the frontend that allows users to configure download and read rights separately. Previously, the download right automatically implied read = true. Now they can be configured independently, allowing assets that can only be downloaded but not displayed in the asset browser.

Improved

• Pool Watermark: The watermark configuration in pools has been improved with a new selector that indicates whether the configuration is active, inherited from the parent pool, or completely disabled. Previously, there was no way to disable the watermark configuration in a child pool.

• Open of Records: Improved behavior when double-clicking on records in the main search. Until now, when an object was selected, it could be opened with a single click, which caused confusion with the double-click action. To make the intention clearer, the behavior has been changed so that an object can now only be opened by double-clicking.

Fixed

• Caption Configuration: Fixed a bug where the root pool triggered a resync popup when changing configurations other than the caption configuration.

• Search Selector: Fixed a z-index issue by reorganizing the markup so that z-index is no longer required.

• Pool Manager DEV: Added a dump data debug shortcut to the pool manager. Now, if Alt + Click is used on the save button, the pool data will be displayed in the console.

• Export Manager: Temporarily removed the "Stop" button for exports currently in progress.

• Pin Asset Browser: Fixed a bug where the pin asset browser button disappeared from the DOM when editing any field in the editor.

• Export Transport Editor: Fixed a bug where the export transport popup could not be opened if the configured transport data was invalid.

• WebP Assets: Fixed a bug where WebP versions with watermarks were never selected by the asset browser for display.

• Exact Token Query: Fixed a bug where Exact Token Query elements could not be edited by double-clicking them.

• Cross Server Modebar: Fixed an issue where the cross-server modebar was displayed in situations where it should not appear. Additionally, the modebar will now minimize when the header is minimized.

• Presentations: Fixed an error when loading collection presentations that could include unavailable elements.

• Nested Table: Fixed an error in nested tables that caused an extra row to be added if an asset was loaded into an EAS Column in the first row, resulting in two rows. Now the asset loads into the correct row without adding a new one at the top.