commit d0c469c3c05eef7a37f5c49ca695c3e418e28748
Author: Yakov Till <37628546+Lyapsus@users.noreply.github.com>
Date:   Mon Apr 27 17:55:31 2026 +0200

    iclouddrive: add read only  iCloud Photos support and SRP authentication
    
    Add read-only iCloud Photos support to the existing iclouddrive
    backend via `service = photos` config option.
    
    Also includes auth improvements on top of #9209's SRP authentication.
    
    **Photos features:**
    - 3-level hierarchy: libraries (Personal + Shared Photo Library) →
      albums → photos/videos
    - server-side smart albums (All Photos, Videos, Favorites,
      Screenshots, Live, Bursts, Panoramas, Slo-mo, Time-lapse, Portrait,
      Long Exposure, Animated, Hidden, Recently Deleted)
    - User-created albums and nested album folders
    - Live Photo `.MOV` companions as first-class entries
    - Edited photo versions (`-edited` suffix) and RAW alternatives
    - Duplicate filename dedup for camera counter wrap collisions
    - Parallel cold listing for large albums
    - Delta sync via CloudKit `changes/zone` - warm listings near-instant from disk cache
    - Disk cache (libraries, albums, photos) with atomic writes for crash safety
    - `ChangeNotify` support for FUSE mounts via `changes/zone` polling
    - `ListR` support for `--fast-list` and recursive operations
    - `--metadata` support - width, height, added-time, favorite, hidden
    - Fresh download URLs per file - no stale URL failures on long copies
    - FUSE mount documentation with recommended flags
    
    **Auth improvements over #9209:**
    - SMS 2FA fallback for users without trusted Apple devices
    - Explicit push notification request - fixes iOS/macOS 26.4+ where 409
      no longer auto-pushes
    - Thread safety for concurrent FUSE callers (mutexes on session and client state)
    - Session endpoint caching - skips ~5s `/validate` round-trip on warm start
    - `Disconnect` support - clears auth state + disk cache
    - PCS cookie support for Advanced Data Protection accounts, including
      trusted-device approval for PCS cookies
    
    Built on @coughlanio's Photos PoC (Closes #8734) and @mikegillan's SRP auth (#9209).
    
    Fixes #7982
    Co-authored-by: Chris Coughlan <chris@coughlan.io>

commit 6b67be9d48065b6351452662dcc5c25b0676354a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 13 17:33:33 2026 +0100

    mountlib: rc: fix mounts created with mountPoint "*" overwriting each other
    
    On Windows, passing "*" as mountPoint to the mount/mount RC command
    auto-assigns a drive letter (e.g. "Z:"), but the resolved letter was
    never propagated back to mountlib. This caused liveMounts to be keyed
    on the literal "*", breaking tracking of multiple mounts and making
    unmount unreliable.
    
    Change MountFn to return the actual mount point as an additional
    return value. Update MountPoint.Mount() to store the resolved value,
    and mountRc() to use it as the liveMounts key. The mount/mount RC
    response now returns the actual mountPoint so callers can discover
    which drive letter was assigned.

commit d2b8b73ea342dae9062c0394d45e290fa4b97d21
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 24 18:12:44 2026 +0100

    vfs/vfscache/downloaders: kick waiters periodically, not just once
    
    The background kicker goroutine had a bare select outside a for loop,
    so the 5s ticker fired at most once before the goroutine exited. The
    intent was to run every 5s for the lifetime of the Downloaders.
    
    This wraps the select in a for loop so the ticker fires repeatedly
    until ctx is cancelled.
    
    In practice this was benign because every downloader exit and every
    successful Write already calls kickWaiters, so the background kicker
    is only load-bearing when a waiter is queued, no downloader is
    running, and _ensureDownloader failed transiently. In that state,
    before this fix, the waiter would hang until another Download() call
    or Close() arrived; now it gets retried every 5s and will either
    recover or accumulate enough errors to trip maxErrorCount and error
    out cleanly.

commit 7c56eff1a77287d74b71a2198a43fdf49b9cbaaa
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 24 14:14:17 2026 +0100

    rc: add user directories to core/disks and filter mounts better

commit 55da1abb23c5da1ffc0a4b03b6774d42454eb0d1
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 27 15:06:13 2026 +0100

    docs: notes on how to update pseudo versions

commit b8bfcbc0c0c3565483e09b7ff7c76b6c8be7eab7
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 27 15:07:00 2026 +0100

    Add dlaumen to contributors

commit 96f0979b663eed2146c3b2ed8d9de9cfffb2c0b1
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 27 15:07:00 2026 +0100

    Add Luke Cyca to contributors

commit a55ad462016212653b04e7548316feca02b4dc32
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 27 15:07:00 2026 +0100

    Add mathieulongtin to contributors

commit a71c6f0459dad2b68930ad2823356784a0019083
Author: dlaumen <262192488+dlaumen@users.noreply.github.com>
Date:   Mon Apr 27 12:24:46 2026 +0200

    protondrive: update to latest go-proton-api to use new host

commit 96760f1c14ab1c136dd15c69fc6e5e41c198e206
Author: Luke Cyca <me@lukecyca.com>
Date:   Fri Apr 24 10:51:28 2026 -0700

    docs: amend Google Drive client_id instructions to include running web-based auth flow

commit 8e60792d961891e012066d5a12dbdeb3011e8ca5
Author: mathieulongtin <617359+mathieulongtin@users.noreply.github.com>
Date:   Fri Apr 24 13:21:22 2026 -0400

    azureblob,azurefile: fix documentation about federated identity

commit c385d8586a620fc3c0ac3a9bddf2c7df728b76e9
Author: José Zúniga <125698953+jzunigax2@users.noreply.github.com>
Date:   Fri Apr 24 18:20:18 2026 +0200

    internxt: implement multi-part uploads
    
    Implement multipart upload support with configurable chunk size and concurrency options
    
    Enable OpenChunkWriter with per-chunk encryption
    
    Enhance multipart upload handling with new upload cutoff and error management for small files

commit 328ac017c1b3dc63a1285d6ce746c2ea40317775
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Apr 22 17:56:18 2026 +0100

    serve dlna: remove file extensions from titles to prevent Samsung TV duplication
    
    Samsung TVs have a bug where they duplicate file extensions when both
    the title contains an extension and the MIME type indicates the same
    file type. For example, "photo.jpg" becomes "photo.jpg.jpg".
    
    Remove extensions from <dc:title> while keeping them in the resource URL
    and MIME type. This provides a cleaner display and prevents Samsung TVs
    from incorrectly "fixing" what they perceive as missing extensions.

commit 8502532c22d8b55f86dc661a8eaa3d0149af3408
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 21 10:06:25 2026 +0100

    serve dlna: fix XML quote escaping for Samsung TV compatibility
    
    Samsung TVs have strict XML parsers that fail to interpret &#34;
    (numeric quote entity) correctly within DIDL-Lite metadata, causing
    files to appear as empty folders. By replacing &#34; with &quot;
    (named quote entity) in all marshaled XML, Samsung TVs can now
    properly parse the metadata and display files.
    
    This handles the "Big 5" XML entities that might cause parsing issues:
    
    - &#34; -> &quot; (double quotes)
    - &#39; -> &apos; (apostrophes)
    - &#38; -> &amp;  (ampersands)
    - &#60; -> &lt;   (less than)
    - &#62; -> &gt;   (greater than)
    
    While Go's xml.Marshal already uses named entities for &, <, >
    characters, this ensures complete protection against any edge cases
    where numeric entities might be generated. Samsung TVs are known
    to have strict XML parsers that can't handle numeric entities.
    
    Fixes #9346

commit 3e9e29ba8fee2ad3196d8f900ba7df124d7febf2
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 18 10:36:38 2026 +0100

    serve dlna: handle empty ObjectID from Samsung TVs
    
    Samsung TVs sometimes send Browse requests with empty ObjectID
    parameters (<ObjectID></ObjectID>) which causes DLNA servers to
    return errors. Default empty ObjectID to "0" (root container) to
    maintain compatibility.
    
    This fix is based on ReadyMedia/MiniDLNA Bug 311 which documented
    the same issue and solution for Samsung TVs.
    
    See #9346

commit 9cb329809d303e8b9c8d743bdf323bd3298e2813
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 18 10:35:51 2026 +0100

    serve dlna: add Samsung-specific XML namespace
    
    Add xmlns:sec="http://www.sec.co.kr/" namespace to DIDL-Lite responses
    as required by Samsung TV DLNA implementations. This namespace is used
    by working DLNA servers like MediaBrowser/Emby for Samsung compatibility.
    
    Based on research of open source DLNA servers that successfully work
    with Samsung TVs.
    
    See #9346

commit 6d0bca0fc89966d69485758ab6160a10b936c037
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 16 10:20:19 2026 +0100

    serve dlna: fix invalid dc:date for containers
    
    Containers (directories) never had their Date field set, producing
    <dc:date>0001-01-01</dc:date> (Go's zero time) in DIDL-Lite metadata.
    This invalid date can confuse strict DLNA clients.
    
    Set the dc:date to the directory's modification time, and as a safety
    net, omit the dc:date element entirely when the timestamp is zero.
    
    See #9346

commit 49650db8afc96909a02bdbfa836da95468d3f2bc
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 16 10:19:51 2026 +0100

    serve dlna: fix container childCount to reflect actual contents
    
    The childCount attribute on DLNA containers was hardcoded to 1
    regardless of how many items the directory actually contained. Some
    DLNA clients (notably Samsung TVs) use childCount to decide whether
    to browse into a container. Report the actual number of directory
    entries instead.
    
    See #9346

commit 9b7f960a2454ad0fc347005fa93c1b84a5255e55
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 16 10:18:47 2026 +0100

    serve dlna: fix SOAP response argument ordering for Samsung TV compatibility
    
    Samsung TVs are strict DLNA clients that expect SOAP response arguments
    in the order defined by the service SCPD (Service Control Protocol
    Description). The Browse response was using a Go map which produces
    random iteration order, causing arguments like Result, NumberReturned,
    TotalMatches, and UpdateID to appear in unpredictable order. Samsung TVs
    fail to parse such responses and never proceed to browse directory
    children, showing "no content" to the user.
    
    Replace the map[string]string return type with an ordered []soapArg
    slice throughout the UPnPService.Handle() interface, ensuring response
    arguments always appear in SCPD-defined order.
    
    See #9346

commit 18aa4b2f29db7f28414c66bc66982ea6d66d1940
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 24 16:26:56 2026 +0100

    Add Anton Bordwine to contributors

commit 8e9ea05a6733f1e253aa2b4edef0859d119d49b0
Author: Anton Bordwine <54022438+antonchuvashow@users.noreply.github.com>
Date:   Fri Apr 24 20:23:12 2026 +0500

    listremotes: add --exact flag for filtering - fixes #9076

commit 1f44b2ee937a51d7f04162976c6da5e9c8987d39
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Apr 24 16:18:05 2026 +0100

    build: bump github.com/Azure/go-ntlmssp to 0.1.1 to fix CVE-2026-32952
    
    Fix CVE-2026-32952: A malicious NTLM challenge message can causes an slice out
    of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an
    HTTP transport.
    
    This is in use in rclone in the webdav backend to access sharepoint.
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 90028ab3daae31c196b1611dc705a25441646577
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 23 17:43:17 2026 +0100

    azurefiles: fix missing x-ms-file-request-intent header with OAuth - fixes #9367
    
    The fix for #8241 set FileRequestIntent=Backup on
    service.ClientOptions so the azfile SDK emits the
    x-ms-file-request-intent header was inadvertently dropped in this
    commit (released in v1.73.0)
    
    846f193806877b11 azureblob,azurefiles: factor the common auth into a library
    
    This broke azurefiles with OAuth (service principal secret,
    certificate, MSI, etc.) with:
    
        400 MissingRequiredHeader: x-ms-file-request-intent
    
    This restores it in the azurefiles SetClientOptions callback. The SDK
    only emits the header for TokenCredential auth, so shared-key and SAS
    paths are unaffected.

commit d45f66f840b89fa81a77087efa0f7bf612a79577
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 24 15:55:43 2026 +0100

    Add tdawe to contributors

commit 4942541f0233dd8f472efac18aa09140a724a7ee
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 24 15:55:43 2026 +0100

    Add Jan Heylen to contributors

commit ae5d388ea3116cc7a2d23c95f106d305cd1aa65c
Author: tdawe <90407556+tdawe1@users.noreply.github.com>
Date:   Fri Apr 24 22:40:29 2026 +0900

    protondrive: align backend with newer Proton SDK stack
    
    send SDK-era app headers for move and upload compatibility

commit a1ad9b3f46daf62385d659381f2f08c26a7452ad
Author: Jan Heylen <heyleke@gmail.com>
Date:   Thu Apr 23 20:13:29 2026 +0200

    s3: fix bucket creation failing on Ceph/radosgw
    
    Before this change, uploading to an existing bucket on Ceph (radosgw)
    could fail with:
    
        BucketAlreadyExists: 409 Conflict
    
    when rclone attempted to create the destination bucket (which it does
    by default unless --s3-no-check-bucket is set).
    
    The Ceph rgw S3 implementation never returns BucketAlreadyOwnedByYou;
    it returns BucketAlreadyExists for every CreateBucket on an existing
    bucket, even one the caller owns. With the use_already_exists quirk
    set to true, rclone wraps BucketAlreadyExists as a non-retriable error
    and aborts the transfer.
    
    The Ceph provider used to set useAlreadyExists = true explicitly. When
    the s3 providers were converted to YAML files in f28c83c, Ceph did not
    set use_already_exists so it picked up the default of true (via
    set(&opt.UseAlreadyExists, true, provider.Quirks.UseAlreadyExists)),
    which matched the previous behaviour but is the wrong setting for
    Ceph.
    
    This sets use_already_exists: false for the Ceph provider so rclone
    ignores BucketAlreadyExists on CreateBucket and continues with the
    upload.
    
    Side effect: this partially reverts #7871 for the Ceph provider. If a
    user tries to create a bucket on Ceph that is actually owned by
    someone else, rclone will no longer fail fast at CreateBucket time;
    the subsequent object PUT will fail instead. This is unavoidable on
    Ceph since the server does not distinguish "already owned by you" from
    "owned by someone else".

commit 79379faeac81ca78f4d5285fe74b04b3a19e8651
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 23 15:04:43 2026 +0100

    rc: add core/disks to enumerate attached disks

commit 9dedb12b9d65735bdb1b8f623cb1a372574faecc
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 23 17:21:50 2026 +0100

    build: update golang.org/x/image/webp to v0.39.0 to fix CVE-2026-33813
    
    Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.
    
    This only affects users on 32 bit platforms using the Internxt backend.
    
    See: https://pkg.go.dev/vuln/GO-2026-4961

commit 53a571abf1ae1e9ccf58811cb7f14378216aff30
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 23 18:46:10 2026 +0100

    Add SyoBoN to contributors

commit 8688785a7aafc055c9c60af6a233c17c6f6358e2
Author: SyoBoN <syobon@syobon.net>
Date:   Tue Apr 21 18:48:40 2026 +0900

    docs: fix typo

commit f1a5e44d50c2e56e0f3ade0f519d64bba34f73d0
Author: albertony <12441419+albertony@users.noreply.github.com>
Date:   Mon Apr 20 18:45:38 2026 +0200

    docs: fix code comment regarding cmount tag

commit 65ef7d8e6cb10d616e0ccaa981061f914208bb16
Author: Chris <238498929+chris081519-crypto@users.noreply.github.com>
Date:   Fri Apr 3 17:59:37 2026 +0200

    s3: add HCP provider and list_versions_oldest_first quirk
    
    Hitachi Content Platform (HCP) returns object versions in ascending
    chronological order (oldest first), unlike the S3 standard which
    returns them newest first. This causes --s3-version-at to return the
    wrong version when used with HCP.
    
    Add a new list_versions_oldest_first quirk which reverses the Versions
    and DeleteMarkers lists before merging, so the existing versionAt
    filter works correctly regardless of backend sort order.
    
    Add HCP as a new provider with this quirk enabled by default.
    
    See: https://docs.hitachivantara.com/r/en-us/content-platform/9.6.x/mk-95hcph002/using-the-hitachi-api-for-amazon-s3/working-with-buckets/listing-bucket-contents-version-2

commit c744949d9192f04eaf2696ce4100555dccdb799a
Author: Andrew Gunnerson <accounts+github@chiller3.com>
Date:   Sun Apr 12 16:12:05 2026 -0400

    mega: fix crash when logging in with previous auth keys fails
    
    When Mega.LoginWithKeys() fails to make the API request, it leaves the
    object in a state where Mega.FS.root is nil because it could never query
    any information about the filesystem tree. An easy way for this to
    happen is if the device is not connected to the internet.
    
    Previously, these failures would be ignored, but Fs.findRoot() on the
    rclone side is written in a way that assumes the go-meta filesystem will
    have a non-nil root. This leads to an immediate nil pointer dereference
    when NewFs() calls Fs.findRoot().
    
    This commit fixes the problem by making LoginWithKeys() failures hard
    failures, similar to the MultiFactorLogin() path.
    
    Signed-off-by: Andrew Gunnerson <accounts+github@chiller3.com>

commit 94e7adaeba6fabe98a574f38c2eda48ddd7de67b
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 17 16:18:56 2026 +0100

    pcloud: fix recursive listing from the root - fixes #9315
    
    pCloud now disallow recursive listing from the root so this change
    lists the root normally then uses recursive listings for
    subdirectories.

commit f191448b0dde8065430022ac8831cf81effe6b99
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 14 17:17:58 2026 +0100

    rc: flip auth default so all endpoints require auth unless opted out
    
    Replace AuthRequired bool with NoAuth bool on the rc.Call struct and
    flip the auth check logic. Previously endpoints were unauthenticated
    by default and had to opt in with AuthRequired: true, which led to
    security vulnerabilities when developers forgot to set the flag.
    
    Now all endpoints require authentication by default. Only explicitly
    safe read-only endpoints are marked with NoAuth: true:
    
    - rc/noop
    - rc/error
    - rc/list
    - core/version
    - core/stats
    - core/group-list
    - core/transferred
    - core/du
    - cache/stats
    - vfs/list
    - vfs/stats
    - vfs/queue
    - job/status
    - job/list
    
    See GHSA-25qr-6mpr-f7qx, GHSA-jfwf-28xr-xw6q

commit c5df1ddf4b935c473086fb7f2b26e12b8a49efa9
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sun Apr 19 13:30:02 2026 +0100

    Changelog updates from Version v1.73.5

commit 9e3e68d00c3ecf475a1432fc206400cfb4df7e3f
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 14 17:08:55 2026 +0100

    operations: add AuthRequired to operations/fsinfo to prevent backend creation CVE-2026-41179
    
    The operations/fsinfo RC endpoint was registered without AuthRequired,
    allowing unauthenticated callers to instantiate arbitrary backends via
    inline backend definitions.
    
    See GHSA-jfwf-28xr-xw6q

commit 08490972a53e4e838a594a4ccbe8fbac8c4815e3
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 14 17:01:18 2026 +0100

    rc: snapshot NoAuth at startup to prevent runtime auth bypass CVE-2026-41176
    
    Snapshot the NoAuth setting when the RC server is created rather than
    reading it from the mutable options struct on each request. This
    prevents any runtime mutation of rc.NoAuth (e.g. via options/set)
    from disabling the auth gate for protected RC methods.
    
    See GHSA-25qr-6mpr-f7qx

commit 06aa958ad6fd18ac14b9de9b5066ae09880196b1
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 14 17:00:25 2026 +0100

    rc: add AuthRequired to options/set to prevent auth bypass CVE-2026-41176
    
    The options/set RC endpoint was registered without AuthRequired,
    allowing unauthenticated callers to mutate global runtime options
    including rc.NoAuth, which disables the auth gate for all protected
    RC methods. Require authentication for options/set.
    
    See GHSA-25qr-6mpr-f7qx

commit 67e5f435c60458bf8ff083dfbf715f195f620d12
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 18 17:30:50 2026 +0100

    accounting: fix rcat/copyurl for files.com
    
    The files.com integration tests for rcat/copyurl were failing because
    fs/account.Account was declaring a ReadAt method when the underlying
    handle did not support it. The files.com SDK decided to use the ReadAt
    method to speed transfers up which failed.
    
    ReadAt and Seek methods were added in this commit to support the
    archive command:
    
    409dc75328c66f12 accounting: add io.Seeker/io.ReaderAt support to accounting.Account
    
    This fixes the problem by adding new methods to the Account object
    WithSeeker/WithReaderAt/WithReadAtSeeker which produce an object with
    the desired methods or errors if it isn't possible.
    
    This stops Account advertising things it can't do which is bad Go
    practice.

commit e76a30471a961115598a70588d21a6e1ae889245
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 18 16:19:14 2026 +0100

    bisync: fix integration tests after sftp log changes
    
    We added a new log message here which we need to ignore in the bisync tests
    
    3658470022d8a440 sftp: warn the user if no host key validation is configured

commit 2b570c788caf098c891ba676ba83fda96ee595dd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Apr 10 22:42:49 2026 +0000

    build: bump actions/github-script from 8 to 9
    
    Bumps [actions/github-script](https://github.com/actions/github-script) from 8 to 9.
    - [Release notes](https://github.com/actions/github-script/releases)
    - [Commits](https://github.com/actions/github-script/compare/v8...v9)
    
    ---
    updated-dependencies:
    - dependency-name: actions/github-script
      dependency-version: '9'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 9b889684b0a66be42c8ec48b517c05baf431cc1f
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 16 17:31:34 2026 +0100

    fstest/test_all: stop test servers on signal, panic, or exit
    
    Until now test_all relied entirely on per-goroutine defer finish()
    calls in fstest/runs to stop test servers. A Ctrl-C, kill, or panic
    aborted those defers and left docker containers running, breaking the
    next run.
    
    Register testserver.CleanupAll with lib/atexit so SIGINT/SIGTERM
    delivery runs the sweep automatically. Also defer atexit.Run for the
    normal exit and unrecovered-panic paths, and call it explicitly
    before os.Exit(1) since os.Exit does not fire defers. The fs.Fatalf
    call sites above only fire before any server starts so they need no
    explicit sweep.

commit 48a6584baf3896fd2fb6531fa4130918f0e568f4
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 16 17:30:10 2026 +0100

    fstest/testserver: add CleanupAll for end-of-run server sweep
    
    Cleanup today is entirely per-goroutine via the stop closure that Start
    returns. If the driver process is killed or panics, those deferred
    stops never run and the underlying container keeps running.
    
    Track every remote Start has brought up in a process-local map, and
    expose CleanupAll which force-stops each tracked remote via the new
    run.bash "force-stop" verb. The returned stop closure is now
    sync.Once-wrapped so it and CleanupAll can both fire harmlessly. No
    callers yet; wired up in fstest/test_all in a follow-up commit.

commit 58a51c2ce94caa71830250793cc5b7a6efd82411
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 16 17:29:06 2026 +0100

    fstest/testserver: add force-stop and reconcile stale refcounts
    
    run.bash holds a persistent refcount file in the shared state directory
    so multiple concurrent tests can share a single container. If a prior
    test_all run is killed (e.g. Ctrl-C), the count never reaches zero on
    the next run and the container is never stopped - forcing manual
    cleanup.
    
    Three fixes, all in fstest/testserver/init.d/run.bash:
    
    - On start, if the refcount is non-zero but no container is running,
      treat it as zero. Stops leaking through future runs.
    - reset now rm -rfs RUN_ROOT (the per-server state) instead of
      RUN_BASE (the shared parent) which was clobbering sibling services.
    - New force-stop verb unconditionally stops the container and zeroes
      the refcount. This is the primitive that the Go-side cleanup sweep
      will call at end-of-run.

commit b715ad2a9751edc9ae977cbb232dae944e1ce9a5
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Dec 18 17:53:24 2025 +0000

    fshttp: add --dump curl for dumping HTTP requests as curl commands

commit e12c250705f727543e342d791146f4ef1f1d4bb3
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Apr 15 12:19:18 2026 +0100

    s3: fix empty delimiter parameter rejected by Archiware P5 server
    
    Some S3-compatible servers (e.g. Archiware P5) reject requests with an
    empty `?delimiter=` query parameter. For recursive listings, pass `nil`
    instead of a pointer to an empty string so the parameter is omitted
    entirely from the request.
    
    Fixes #9342

commit 513d2fc17e8da12c973beb8c154f531d872b0773
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Apr 15 17:51:48 2026 +0100

    serve nfs: fix EOF flag in READ response not being set when read reaches end of file
    
    This was fixed in the upstream library
    
    See: https://github.com/willscott/go-nfs/pull/149

commit 3be3347e8663b728777a21b2a5ce5b686ade0554
Author: ZRHan <56144550+ZRHann@users.noreply.github.com>
Date:   Thu Apr 16 00:40:27 2026 +0800

    webdav: optimize performance by using Depth=0 for metadata requests

commit bf55d5e6d37fd86164a87782191f9e1ffcaafa82
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 13 18:21:22 2026 +0100

    bisync: fix flaky TestBisyncConcurrent by increasing random name entropy
    
    The temp directory name used random.String(2) giving only 676 possible
    values. When multiple concurrent tests started in the same second, they
    shared the same timestamp prefix, causing name collisions and shared
    temp directories. This led to lock file conflicts, listing file races,
    and file deletion errors.
    
    Increase to random.String(8) to make collisions effectively impossible.

commit dd5250ca55f1e5a5cc407ee768fb7f3f76b1df41
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 13 11:48:32 2026 +0100

    azureblob: add --azureblob-decompress flag to download gzip-encoded files
    
    Before this change, if an object compressed with "Content-Encoding:
    gzip" was downloaded, a length and hash mismatch would occur since the
    go runtime automatically decompressed the object on download.
    
    If --azureblob-decompress is set, this change erases the length and hash on
    compressed objects so they can be downloaded successfully, at the cost
    of not being able to check the length or the hash of the downloaded
    object.
    
    If --azureblob-decompress is not set the compressed files will be downloaded
    as-is providing compressed objects with intact size and hash
    information.
    
    Fixes #9337

commit cf11c8bbd995bc46bff1c8afa7e43006a87a9f8c
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 13 16:45:00 2026 +0100

    docs: serve backend metadata as JSON on the website
    
    Add a Hugo page at /backends/index.json that exports all the
    backend YAML data from docs/data/backends/ as a single JSON file
    for external consumption.

commit bbd7297b33d848bcbb8f29880f160f2f366bf5b6
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 13 15:27:20 2026 +0100

    azureblob/auth: add Microsoft Partner Network User-Agent prefix
    
    Set the User-Agent to include the APN prefix for Azure backends
    (azureblob, azurefiles, onelake) to identify rclone as a Microsoft
    Partner. The User-Agent is now:
    
        APN/1.0 rclone/1.0 rclone/<version>

commit 7b8994ab32e6e44357f5ff1dc4949f80e10136e2
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Mar 25 18:37:43 2026 +0000

    vfs: add context parameter to New() for config propagation
    
    Add a ctx parameter to vfs.New() so callers can pass in context
    carrying ConfigInfo and FilterInfo. The context is stripped of
    cancellation but config and filter values are preserved into a fresh
    background context.

commit 9f2edc3077b29dd90b06138bb83391bf0f071b2f
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Mar 25 17:57:33 2026 +0000

    vfs: replace context.TODO/Background with stored VFS context
    
    Add a ctx field to the VFS struct, initialized in New() from the
    existing cancellable context. Propagate this through the cache
    subsystem hierarchy.
    
    This ensures proper context cancellation when a VFS shuts down, rather
    than using disconnected context.TODO() or context.Background() calls
    throughout and paves the way for VFS to have its own config.

commit 771267d713bfbd74753a2bc72516ab575215c424
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Apr 13 12:19:00 2026 +0100

    build: fix `make fetch-gui` in CI workflow - it was in the wrong place

commit 5f791079fc3325d156377c83abdde65cecf61721
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 11 13:20:10 2026 +0100

    gui: join Wait goroutines on shutdown

commit 7b9ac79ab43690fa357958d76782a6cbb5e39430
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 11 13:19:30 2026 +0100

    gui: remove flag.Lookup test guard around browser open
    
    The flag.Lookup("test.v") check existed to skip opening a browser
    during tests, but the tests don't exercise RunE, so this was never
    used. The --no-open-browser flag is sufficient on its own.

commit 8ddccc12853f7b43d211383c2ab9ec225640286e
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 11 13:19:11 2026 +0100

    gui: drop freePort helper, use libhttp port binding for the RC server
    
    Bind the RC server to localhost:0 and read the bound URL back via a
    new rcserver.Server.URLs() accessor instead of pre-allocating a port
    in cmd/gui. This removes the small TOCTOU race window between
    freePort() closing its listener and rcserver claiming the same port.

commit 55afa13921cb59260ebf4431275da441f4e370d3
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 11 13:04:55 2026 +0100

    gui: allow serving from a local zip file or an unpacked directory
    
    This helps with local development and allows users to try older and
    newer releases of rclone-web.

commit a08b48adaa2ca4c828037da6579720069ec52da5
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 11 12:18:35 2026 +0100

    gui: don't run fetch-gui on make
    
    - Fail gracefully if `make fetch-gui` hasn't been run
    - Return errors instead of panic or fatal errrors
    - Don't run `make fetch-gui` on every make since we have it in the workflow

commit 5337b14739d2baff460725b17ffe2d2ce7dd0b72
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Sat Apr 11 12:00:50 2026 +0100

    build: fix GitHub API rate limit errors when fetching GUI dist in CI
    
    The fetch-gui-dist.sh script calls the GitHub releases API
    unauthenticated, which is limited to 60 requests/hour per source IP.
    GitHub Actions runners share outbound IPs, so this quota is regularly
    exhausted.
    
    Pass GITHUB_TOKEN (or GH_TOKEN) as an Authorization header when
    present, raising the limit to 1000/hour, and wire secrets.GITHUB_TOKEN
    into the workflow step. Local unauthenticated runs still work.

commit 3ad0178b5b3083b9c7ed7c736d3f20e112d6aab3
Author: a1pcm <a1pcm@users.noreply.github.com>
Date:   Thu Apr 9 16:32:41 2026 -0500

    drime: fix User.EntryPermissions JSON unmarshalling
    
    `json:"entry_permissions"` is known to be either empty [] or of
    structure {string: boolean}. This may have been a breaking API change on
    Drime's side. Because EntryPermissions is not used, the type was changed
    to `any` to capture both cases, otherwise we could implement custom
    unmarshalling for that type.

commit 1a924aa746999449f9b8eae5f738b2feb52b529b
Author: Enduriel <endur1el@protonmail.com>
Date:   Thu Mar 26 09:44:02 2026 +0100

    filen: make multi-threaded upload chunks individually retryable

commit 33996381dfc85d729853a9689269d3f863517e7c
Author: Enduriel <endur1el@protonmail.com>
Date:   Fri Apr 10 18:45:29 2026 +0200

    chore: add Enduriel as filen backend maintainer

commit 299e7274f88cd027698224ae92e63a819d4d5756
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Mar 27 14:46:17 2026 +0000

    filter: fix debug logs that fire before logger is configured - fixes #9291
    
    These Debugf calls in NewFilter() ran during GlobalOptionsInit(), before
    InitLogging() configured the JSON log format. This caused plain-text
    debug lines to leak to stderr when --use-json-log was set, breaking
    tooling that expected only JSON output.
    
    The resolved time values are already available via --dump filters so
    this commit removes the debug messages.

commit c5b4745cb9856b5ff117b1ad9534f8746437ad88
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 10 13:02:13 2026 +0100

    Add Mozi to contributors

commit 560882de2c3cc8bc20f81472f0caf82994223925
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 10 13:02:12 2026 +0100

    Add Brais Couce to contributors

commit acf887b46494ede346a3175643c8b6526542bb05
Author: FTCHD <144691102+FTCHD@users.noreply.github.com>
Date:   Fri Apr 10 13:39:50 2026 +0300

    gui: new command to launch the https://github.com/rclone/rclone-web/ GUI
    
    This adds a new gui command which runs an embedded copy of the GUI at
    
    https://github.com/rclone/rclone-web/
    
    The GUI release is fetched as part of the CI build.

commit 082031cc85d47cc6198c898532d233d3b022b6fd
Author: Mozi <29089388+pzhlkj6612@users.noreply.github.com>
Date:   Sun Apr 5 18:04:32 2026 +0000

    s3: fix TencentCOS CDN endpoint failing on bucket check
    
    The Global Acceleration Endpoint (cos.accelerate.myqcloud.com) of
    Tencent COS does not seem to support "CreateBucket" (maybe also other
    bucket management operations). Since the acceleration functionality must
    be enabled per-bucket in the Tencent Cloud console, the bucket will
    always exist before this endpoint is used, so this check can be safely
    skipped.
    
    Now, "no_check_bucket = true" will be auto set when using this endpoint.
    
    Why "NewFs()": on-the-fly remotes (connection string remotes), for
    example, ":s3,provider=TencentCOS,...:..." will also be fixed.
    
    Why no unit test: I can't find a good way to test "NewFs()" without
    leveraging live endpoints. I think we can extract all existing mutations
    for different providers (e.g., AWS, Fastly, and Rabata) from "NewFs()"
    to a new function in the future.
    
    Some Tencent docs about this CDN endpoint:
    - English: Global Acceleration Endpoint | https://www.tencentcloud.com/pt/document/product/436/40700
    - Chinese: 对象存储 全球加速概述_腾讯云 | https://cloud.tencent.com/document/product/436/38866
    
    Assisted-By: OpenCode

commit 40b064993e332da2277b0e9ba9768fc7defc056e
Author: Chris <238498929+chris081519-crypto@users.noreply.github.com>
Date:   Fri Apr 3 17:12:42 2026 +0200

    s3: fix --s3-versions flag ignored by cleanup-hidden when GetBucketVersioning fails
    
    When a user has --s3-versions set but lacks the s3:GetBucketVersioning
    permission, GetBucketVersioning returns an error and isVersioned() caches
    the result as false. This caused CleanUpHidden (backend cleanup-hidden) to
    silently exit with "bucket is not versioned so not removing old versions",
    ignoring the user's explicit --s3-versions flag.
    
    Fix this by trusting the explicit --s3-versions flag in purge(), bypassing
    the GetBucketVersioning check when the user has explicitly declared the
    bucket is versioned.

commit d15f1142ef1206dff04a389cc1510a3a1c420fea
Author: Brais Couce <braiscouce@gmail.com>
Date:   Fri Apr 3 20:40:51 2026 +0200

    iclouddrive: fix 'directory not found' error when the directory contains accent marks

commit 0b4c21fbda33c55980518f40cc6a81d975781bae
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 9 16:56:47 2026 +0100

    downloaders: fix flaky TestDownloaders/EnsureDownloader test
    
    Replace racy assert.False/Sleep/assert.True pattern with
    assert.Eventually which polls until the async download completes.

commit 3658470022d8a440256105759a427e0b86248b79
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 9 16:08:51 2026 +0100

    sftp: warn the user if no host key validation is configured
    
    Previously ssh.InsecureIgnoreHostKey() was set unconditionally as the
    default HostKeyCallback with no indication to the user.
    
    This logs a warning pointing users to the documentation on how to
    enable host key validation.
    
    See: https://github.com/rclone/rclone/security/code-scanning/167

commit 96238509793a938fa579e031c8eb3805941cdb89
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 9 17:00:35 2026 +0100

    Add TheBabu to contributors

commit e863f751f08e59ed6492f59e8406b6763cadd0af
Author: TheBabu <ariq.haqq@gmail.com>
Date:   Thu Apr 2 16:13:51 2026 -0600

    lib/http: Add HTTP/2 cleartext support in server configuration
    
    Enable HTTP/2 cleartext support for non-TLS listeners.

commit a2ce8b04f31d921c1aef834dddf0b8548dc3411e
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 9 14:37:30 2026 +0100

    build: add explicit permissions to GitHub Actions workflows
    
    This restricts the GITHUB_TOKEN to least-privilege in all workflows,
    fixing CodeQL code-scanning alerts for actions/missing-workflow-permissions.

commit bfd650b4289542fed6d2c4319cb87f8d5ee13722
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 9 12:48:59 2026 +0100

    vfscache: fix grace timer reusing stale fd after _checkObject removes cache file
    
    Before this change when a cache item was in its grace period (with
    HandleCaching) and the file is reopened, _checkObject runs before the
    grace timer recovery check. If the remote object's fingerprint changed
    _checkObject removes the cache file from disk. However the grace
    recovery path still reused the now-stale fd pointing to a deleted
    inode, skipping _createFile entirely. This left no cache file on disk,
    causing cache.Exists() to return false and breaking
    rename-while-writing logic.
    
    Fix this by checking the cache file still exists before reusing the fd
    in grace recovery. If the file was removed, close the stale fd and
    downloaders and fall through to _createFile.
    
    Also update the fingerprint in item.rename after setting the new object,
    preventing unnecessary cache invalidation when a file is reopened after
    a rename.
    
    This was discovered in the integration tests on backends that update
    modtime on rename (like mailru).

commit 16591fdc21a0efe3bcb782684ff5c4b2897b6a24
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 9 11:46:51 2026 +0100

    webdav: Add a section on symlink/junction points in the help
    
    This notes in particular not to use `--links` but to use
    `--local-links`.
    
    Fixes #9317

commit c1f5df209024c79028c98134b703b31d599befac
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Apr 8 16:43:41 2026 +0100

    Changelog updates from Version v1.73.4

commit 0fa16e8638fe06ebe23a44e0bbdcd486cd166a10
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Apr 8 10:19:50 2026 +0100

    build: update all dependencies
    
    This also streamlines the update process in RELEASE.md and the Makefile

commit d58ce7b1b78f6590068ab93a93d04dfe80e914cc
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Apr 8 09:17:10 2026 +0100

    docs: fix XSS vulnerability in dropdown mobile header
    
    Use textContent instead of innerHTML when inserting the dropdown
    label to prevent DOM text being reinterpreted as HTML.
    
    Fixes https://github.com/rclone/rclone/security/code-scanning/176

commit f757e6c0a7a7de921229e2cbe0546afca810847d
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Apr 8 09:03:49 2026 +0100

    build: fix Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder
    
    Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) from 1.96.0 to 1.97.3.
    - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
    - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.96.0...service/s3/v1.97.3)
    
    ---
    updated-dependencies:
    - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
      dependency-version: 1.97.3
      dependency-type: direct:production
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 20eaad4b6d258a513f331afaf87283a4edec1ef4
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 10 16:21:15 2026 +0000

    linkbox: fix downloading files by using web API - fixes #8665
    
    The Linkbox open API (/api/open/file_search) no longer returns download
    URLs, breaking all downloads. This switches to using the web API
    (/api/file/my_file_list/web) which requires email+password authentication
    but returns working download URLs.
    
    This will unfortunately require changing your existing rclone config.
    
    - Add email, password, and web_token config options
    - Add web API login via /api/user/login_email with token caching and retry
    - Create separate CDN HTTP client with HTTP/2 disabled and browser
      User-Agent to avoid CDN fingerprint blocking
    - Remove searchOK regex and name-filtering (web API doesn't support it)

commit 1ac0c3eecb2b7517dcd792f4a8e878046ab124a3
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 7 23:25:54 2026 +0100

    vfs: fix tests after --vfs-handle-caching
    
    In this commit
    
    0db3e7a2a0e6a989 vfs: fix slow nfs serve by adding --vfs-handle-caching
    
    We added --vfs-handle-caching but unfortunately forgot to disable it
    for the TestRWCacheUpdate test.

commit 561f20f83f0bd5c0af2b3136a518329df574ecc6
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Apr 7 23:27:16 2026 +0100

    Add Suyun to contributors

commit e7deebdf40afce02f49244b79c2cbbc2f487c249
Author: Suyun <suyun@aosc.io>
Date:   Mon Apr 6 17:54:17 2026 +0800

    build: fix loong64 and s390x build

commit cb9bdf629c9dc25953f4c760e5bfd6c1b5faef3e
Author: albertony <12441419+albertony@users.noreply.github.com>
Date:   Sun Feb 22 15:01:44 2026 +0100

    jottacloud: add encoding of percent character to default backend encoding
    
    Fixes #9153

commit 1f3770a57fa078660cf6f1ee53f87c8daa6d2134
Author: albertony <12441419+albertony@users.noreply.github.com>
Date:   Fri Apr 3 14:25:07 2026 +0200

    docs: fix markdown issues in mount docs

commit 829b06d39bbf2c889360da9257eec65489740df3
Author: Clément Notin <clement.notin@gmail.com>
Date:   Fri Apr 3 14:32:24 2026 +0200

    docs: fix header level for metadata option

commit 0db3e7a2a0e6a9897f66a7b365dbeb17fd448ae9
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Mar 12 12:55:45 2026 +0000

    vfs: fix slow nfs serve by adding --vfs-handle-caching
    
    Add a configurable grace period (default 5s) that delays closing file
    handles and downloaders when the last handle closes. If a new handle
    opens within the grace period, it reuses the existing resources.
    
    This fixes 40x performance degradation with serve nfs vs serve sftp
    caused by go-nfs opening/reading/closing on every NFS READ RPC, which
    destroyed read-ahead prefetch before it could accumulate.
    
    The grace period only applies to non-dirty files so that writeback
    proceeds immediately on close.
    
    Fixes #9251

commit 654df913757a0d24491ef9b81f980ff3d13aad68
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 3 11:10:33 2026 +0100

    Add Xiangzhe to contributors

commit f079361a015bccd34734e7c8adc0e3498e236ef0
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Apr 3 11:10:33 2026 +0100

    Add Mike GIllan to contributors

commit 3677b7ff77dee08ad412d1fb9f3df8b2f967d06b
Author: Ross Smith II <ross@smithii.com>
Date:   Thu Apr 2 07:29:15 2026 -0700

    fix(docs): Fix link to not be language specific

commit 4a00a4dc4bbf21aa6f112036c644701968c7234b
Author: Mike GIllan <mike.gillan@gmail.com>
Date:   Mon Mar 23 17:43:10 2026 -0400

    iclouddrive: lowercase Apple ID for SRP authentication
    
    Apple IDs are case-insensitive, but the SRP proof computation (M1)
    hashes the username client-side. The old plaintext signin let the
    server normalize the case, but with SRP the client must match.
    Lowercase the Apple ID before use so mixed-case IDs authenticate
    correctly.
    
    Reported-by: ArturKlauser

commit 2610beb18d165c2b0ecde7099754b3e6d5f4ecbb
Author: Xiangzhe <xiangzhedev@gmail.com>
Date:   Tue Mar 3 15:59:59 2026 +0800

    iclouddrive: use dynamic origin for SRP auth headers
    
    This fixes China mainland iCloud authentication by deriving the Origin
    and Referer headers from authEndpoint instead of hardcoding idmsa.apple.com.
    
    Fixes compatibility with PR #8818 (China region support) and PR #9209
    (SRP authentication).
    
    Signed-off-by: Xiangzhe <xiangzhedev@gmail.com>

commit 35e4f605485e0d1eff044c99c6f5515a2605f1f2
Author: Mike GIllan <mike.gillan@gmail.com>
Date:   Mon Feb 23 17:24:23 2026 -0500

    iclouddrive: replace plaintext signin with SRP authentication
    
    Apple has deprecated the legacy /appleauth/auth/signin endpoint and
    now blocks it, causing "Invalid Session Token" errors for all users
    when their trust token expires. The browser login flow now requires
    SRP (Secure Remote Password), a cryptographic handshake that never
    transmits the password.
    
    Replace Session.SignIn() with a multi-step SRP-6a flow:
    1. authStart - initialize session at /authorize/signin
    2. authFederate - submit account name to /federate
    3. authSRPInit - exchange client public value for salt/B at /signin/init
    4. authSRPComplete - send M1/M2 proofs to /signin/complete
    
    The SRP implementation uses the RFC 5054 2048-bit group with SHA-256
    and Apple's NoUserNameInX variant. Password derivation supports both
    s2k and s2k_fo protocols via SHA-256 + PBKDF2.
    
    The 2FA and trust token flow is unchanged. Auth headers for all
    idmsa.apple.com requests now include X-Apple-Auth-Attributes,
    X-Apple-Frame-Id, and use Origin/Referer of https://idmsa.apple.com.
    
    Fixes #8587

commit 839a3b92e0a8454577a7ed6770e02a9ce4b1beed
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 17 16:58:05 2026 +0000

    docs: modernize rclone.org site design
    
    - replace Bootstrap/jQuery with purpose-built CSS and JS
    - remove backend icons from navbar and content pages
    - replace remaining FontAwesome icons with inline SVGs, remove FontAwesome
    - modernize CSS styling for menus, typography, cards, tables, and code blocks
    - add copy-to-clipboard buttons on code blocks using SVG icon
    - move TOC to left sidebar with responsive overlay drawer
    - add sticky header, top scrollbar and first column for wide tables
    - add left/right arrow buttons to scrollable tables
    - hide homepage logo on mobile
    - make wide menus with filter for Commands and Storage Systems
    - add dark mode support based on browser preference
    - fix CSS/JS cache busting to use build time

commit 492e0bd6167a3efac85bb45bb4bf444af9404ef8
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Andriy Senyshyn to contributors

commit d4894db7659ffb8ce26c054de5967e07f6fb8b3a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Claude Opus 4.6 to contributors

commit 8d09f166818670ba91719fbae2fa6e40a472bb4e
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add jinyu.han to contributors

commit 550889c096ecdf09e7a57fca40068d96b06cb843
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add jinkeyuu to contributors

commit 896961404b8c894a1e358fa9600b8e572d8c8e46
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add lif to contributors

commit 5eabfc74f4d9f599f4fbaea4afb0c1a275c23ec7
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add BizaNator to contributors

commit 787d0333763e88d9701dc0ea645429bd3bbbe5b8
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Patrick Farrell to contributors

commit db258d404af1b081f83165ad982429f06425bafb
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Jason to contributors

commit 3cdf680a15ef9527b58236c56ecd3cc8357bd69f
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add ZRHan to contributors

commit bc57110920622f57a5a357b808e5db311d6b6a65
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Andrew Furman to contributors

commit 133eae4d5bd4d6708c2894373ac46a29c25295ab
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Andriy Senyshyn to contributors

commit 24c40463ebacf04e7a5dc62a270ab8ec569341bb
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Apr 2 16:32:22 2026 +0100

    Add Bhagyashreek8 to contributors

commit e9fddaabebd2676ac90a7c909f9026c93ae9caa6
Author: jinkeyuu <44105232+jinkeyuu@users.noreply.github.com>
Date:   Tue Mar 31 18:45:40 2026 +0800

    s3: add UCloud Object Storage provider (#9230)
    
    Co-authored-by: jinyu.han <jinyu.han@ucloud.cn>

commit c49015552ca8c125cf0808e1ab8eeb0c7270c13b
Author: lif <1835304752@qq.com>
Date:   Tue Mar 31 17:56:28 2026 +0800

    bisync: fix handling of unreadable lockfiles - fixes #9290
    
    Lockfiles with invalid JSON content caused bisync to fail permanently
    because lockFileIsExpired() logged the decode error but still fell
    through to the "valid lock file" path with zero-value TimeExpires.
    
    Now when a JSON decode error is detected:
    - If --max-lock is set (< basicallyforever): treat garbled lockfile as
      expired, mark listings failed, and proceed (safe assumption: the
      previous bisync run crashed and left garbage).
    - If --max-lock is not set (default): log a clear error telling the
      user the lockfile needs manual inspection, and return false.

commit ffdd043b957aad7808f82910f737bab3de2f5b10
Author: BizaNator <17164422+BizaNator@users.noreply.github.com>
Date:   Sun Mar 29 20:59:43 2026 -0500

    librclone/ctest: add Windows support and fix memory management
    
    Make ctest build and run on Windows in addition to Linux/macOS:
    
    - Add OS detection in Makefile using ifeq ($(OS),Windows_NT)
    - Use .lib extension and .exe suffix on Windows
    - Link Windows system libraries (winmm, ws2_32, ole32)
    - Remove unused dlfcn.h include that prevented compilation on Windows
    
    Fix memory management to use RcloneFreeString instead of free for
    strings returned by RcloneRPC, as documented in the librclone README.
    
    Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

commit 434edba275b4032a197808568781dbcbcfc38bf8
Author: Chris <238498929+chris081519-crypto@users.noreply.github.com>
Date:   Fri Mar 27 10:24:28 2026 +0100

    s3: fix regression where PutObject fails with non-seekable readers
    
    Commit a3e1312d accidentally replaced io.NopCloser(in) with a bare
    io.Reader when assigning req.Body in uploadSinglepartPutObject.
    
    rclone wraps upload readers in an accounting.Account for progress
    tracking. When the AWS SDK calls Seek on the body, Account.Seek does
    a type assert on the inner reader. With a bare io.Reader the type
    is unexpected and causes:
    
      operation error S3: PutObject, serialization failed: internal error:
      Seek not implemented for io.nopCloser
    
    With io.NopCloser(in) the type assert works correctly for both seekable
    and non-seekable readers.
    
    Restore io.NopCloser(in) to wrap the reader correctly in all cases.
    
    Verified by running both before (regression confirmed) and after (fix
    confirmed):
      go test ./backend/s3/... ./fs/operations/... -remote TestS3:

commit da7a3d8d64d1a22fce3c0477f78ce5fb41eafa4e
Author: Enduriel <endur1el@protonmail.com>
Date:   Mon Mar 30 12:09:36 2026 +0200

    filen: update SDK version
    
    - increase timeout for http requests
    - only use a single URL per request type

commit 2362b4ca50dc0d81c1c06ac38bbb4c7c86b5b001
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Mar 30 16:29:51 2026 +0000

    build(deps): bump golang.org/x/image from 0.36.0 to 0.38.0
    
    Bumps [golang.org/x/image](https://github.com/golang/image) from 0.36.0 to 0.38.0.
    - [Commits](https://github.com/golang/image/compare/v0.36.0...v0.38.0)
    
    ---
    updated-dependencies:
    - dependency-name: golang.org/x/image
      dependency-version: 0.38.0
      dependency-type: indirect
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 5e3d783b3ef5fc3132045a973dbf81a468729541
Author: kapitainsky <dariuszb@me.com>
Date:   Sat Mar 28 13:29:53 2026 +0100

    docs: note macOS 10.15 (Catalina) support with version v1.70.3
    
    due to min golang requirements macOS Catalina (10.15) can not run newer rclone versions

commit 7a63990df2f1ce2e3d9fbe006cdad7df53a77d0b
Author: Bjoern Franke <bjo+git@schafweide.org>
Date:   Tue Mar 24 23:13:19 2026 +0100

    Add OVHcloud storage classes
    
    Added OVHcloud storage classes according to https://help.ovhcloud.com/csm/en-ie-public-cloud-storage-s3-choosing-right-storage-class?id=kb_article_view&sysparm_article=KB0047293 and https://help.ovhcloud.com/csm/en-ie-public-cloud-storage-s3-choosing-right-storage-class?id=kb_article_view&sysparm_article=KB0047293

commit 7ca667d35d6b4ef1e76e55aec6c71ea28059945a
Author: Patrick Farrell <pfarrell@whamcloud.com>
Date:   Mon Mar 23 15:33:01 2026 -0400

    local: remove fadvise calls that cause spinlock contention
    
    Remove the POSIX_FADV_DONTNEED and POSIX_FADV_SEQUENTIAL calls
    from the local backend. The DONTNEED calls cause severe spinlock
    contention on parallel file systems (and any system with many
    concurrent transfers), because each call triggers per-page cache
    teardown under a global lock.
    
    Observed on a 256-core system running rclone with 64 parallel
    transfers over Lustre: 69% of all CPU cycles were spent in
    kernel spinlock contention from the fadvise path, with effective
    throughput well below hardware capability.
    
    The kernel's own page reclaim (kswapd) handles eviction more
    efficiently from a single context. Since rclone does not always
    read files sequentially (e.g. multipart uploads rewind and
    re-read blocks), FADV_SEQUENTIAL was also not reliably correct.
    
    This is consistent with the non-Linux behavior (which never
    called fadvise) and with restic's decision to remove identical
    code (restic/restic#670).
    
    Fixes #7886

commit 1e22af83588d472b7afb7f4b80af23b0e77b17b4
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Mar 23 23:03:59 2026 +0000

    Changelog updates from Version v1.73.3

commit 589d45a0bfe282f77db3c56412de0009ce6f5d6b
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Mar 20 22:19:00 2026 +0000

    build(deps): bump github.com/buger/jsonparser from 1.1.1 to 1.1.2
    
    Bumps [github.com/buger/jsonparser](https://github.com/buger/jsonparser) from 1.1.1 to 1.1.2.
    - [Release notes](https://github.com/buger/jsonparser/releases)
    - [Commits](https://github.com/buger/jsonparser/compare/v1.1.1...v1.1.2)
    
    ---
    updated-dependencies:
    - dependency-name: github.com/buger/jsonparser
      dependency-version: 1.1.2
      dependency-type: indirect
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit d5deec353471c0f74f1e963c2d05a78a23172e46
Author: albertony <12441419+albertony@users.noreply.github.com>
Date:   Fri Mar 20 21:18:07 2026 +0100

    docs/jottacloud: fix broken link

commit 53c19e04ba08394163753a25637a7931fd857c49
Author: Jason <jasonbabo@gmail.com>
Date:   Fri Mar 20 13:51:27 2026 +0000

    docs: clarify Filen password change requires updating both password and API key in rclone config

commit e7fadc7e3d3ee512cd9e9e83fcad45bfc3ea158b
Author: Jason <jasonbabo@gmail.com>
Date:   Fri Mar 20 11:06:24 2026 +0000

    docs: note that Filen API key changes on password change

commit 7dfc5b30765dcdf1457e09c72ad81d9418e0300f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Mar 19 02:20:16 2026 +0000

    build(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3
    
    Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.79.1 to 1.79.3.
    - [Release notes](https://github.com/grpc/grpc-go/releases)
    - [Commits](https://github.com/grpc/grpc-go/compare/v1.79.1...v1.79.3)
    
    ---
    updated-dependencies:
    - dependency-name: google.golang.org/grpc
      dependency-version: 1.79.3
      dependency-type: indirect
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 523a29a4e993c9f4e3fe1a30adc95f31c9bbfe10
Author: ZRHan <56144550+ZRHann@users.noreply.github.com>
Date:   Tue Mar 17 01:29:45 2026 +0800

    webdav: request only required properties in listAll to improve performance
    
    This PR optimizes the PROPFIND requests in the webdav backend to only ask for
    the specific properties rclone actually needs.
    
    Currently, the generic webdav backend sends an empty XML body during directory
    listing (listAll), which causes the server to fall back to allprops by default.
    This forces the server to return properties we never use, such as
    getcontenttype.
    
    Fetching getcontenttype can be a very expensive operation on the server side.
    For instance, in the official golang.org/x/net/webdav library, determining the
    content type requires the server to open the file and read the first 500 bytes.
    
    For a directory with 1,300 files in my environment, rclone ls time dropped from
    ~30s to ~4s (as fast as native ls).
    
    This only applies to the other vendor for backwards compatibility which could be
    expanded.

commit a3e1312d9dd67937631c2451c6fa8bb0a2bc82c0
Author: Chris <238498929+chris081519-crypto@users.noreply.github.com>
Date:   Sat Feb 21 15:57:57 2026 +0100

    s3: fix Content-MD5 for Object Lock uploads and add GCS quirk
    
    AWS S3 requires Content-MD5 for PutObject with Object Lock parameters.
    Since rclone passes a non-seekable io.Reader, the SDK cannot compute
    checksums automatically. Buffer the body and compute MD5 manually for
    singlepart PutObject and presigned request uploads when Object Lock
    parameters are set. Multipart uploads are unaffected as Object Lock
    headers go on CreateMultipartUpload which has no body.
    
    Add object_lock_supported provider quirk (default true) to allow
    skipping Object Lock integration tests on providers with incomplete
    S3 API support. Set to false for GCS which uses non-standard
    x-goog-bypass-governance-retention header and doesn't implement
    PutObjectLegalHold/GetObjectLegalHold.
    
    Add Multipart and Presigned subtests to Object Lock integration tests
    to cover all three upload paths.
    
    Fixes #9199

commit e987d4f3519aca87146f11758821085d2f60ef74
Author: Marco Ferretti <mferretti93@gmail.com>
Date:   Sat Mar 14 22:15:47 2026 +0000

    s3: add multi tenant support for Cubbit

commit 639bd8895967f46571b53419633a3b3bae58048e
Author: Andrew Furman <7343697+furmandev@users.noreply.github.com>
Date:   Thu Mar 12 14:58:22 2026 -0700

    lib/rest: fix URLPathEscapeAll breaking WebDAV servers (eg nzbdav) with strict path matching
    
    URLPathEscapeAll was only passing [A-Za-z0-9/] through unencoded, causing
    it to percent-encode RFC 3986 unreserved characters (-, ., _, ~). Per RFC
    3986 §2.3, unreserved characters MUST NOT be percent-encoded, and a URI
    that unnecessarily encodes them is not equivalent to one that does not.
    
    Servers that perform strict path matching without normalising
    percent-encoded characters will reject the over-encoded form with a 404.
    
    Before: /files/my-report.pdf → /files/my%2Dreport%2Epdf
    After:  /files/my-report.pdf → /files/my-report.pdf
    
    Reserved characters (spaces, semicolons, colons, etc.) continue to be
    encoded as before.

commit bfa2fbb78edc2f5cebf55c48e7be1a4eff0949ae
Author: Andriy Senyshyn <135705861+sam-mt@users.noreply.github.com>
Date:   Thu Mar 12 19:30:13 2026 +0200

    copyurl: fix ignored --upload-headers and --download-headers
    
    Co-authored-by: Andriy Senyshyn <andriy.senyshyn@kiteworks.com>

commit 69ccbacf306c677b7253e8d7c1b6478996fe7dfd
Author: Bhagyashreek8 <57988406+Bhagyashreek8@users.noreply.github.com>
Date:   Thu Mar 12 15:34:16 2026 +0530

    s3: IBM COS: provide ibm_iam_endpoint as a configurable param for IBM IAM-based auth

commit 5d6690eb20f4698b71a00edfc569608bf796d39b
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Mar 9 12:03:44 2026 +0000

    list: fix nil pointer panic in Sorter when temp file creation fails
    
    When extsort.Strings() cannot create temporary files (e.g. due to
    apparmor restrictions or permission denied), it returns a nil sorter
    with the error on errChan. The code then called Sort() on the nil
    sorter, causing a panic.
    
    Check for nil sorter and return the error instead of panicking.
    
    Fixes #9244

commit c7b8654b17e3a578dbf8339c5f878a185e1b94b1
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 10 09:49:05 2026 +0000

    docs: update RELEASE procedure to avoid mistakes

commit 906b27d8b94f0ec83afd30a6fad174e806aafbc9
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Mar 11 11:26:05 2026 +0000

    Add Billy Hughes to contributors

commit e233f8b0a74b6bee1a4662b23148f0eb425f04ad
Author: Billy Hughes <w.g.h.hughes@gmail.com>
Date:   Mon Feb 2 11:10:36 2026 +0000

    accounting: Add deletedDirs stat to core/stats help output

commit 17a547a980e3ee4a4424f552c27a984ae55cb065
Author: Jan-Philipp Reßler <75355263+TabError@users.noreply.github.com>
Date:   Mon Mar 9 19:35:20 2026 +0100

    docs: added text to the label showing version-introduced info
    
    Co-authored-by: Jan-Philipp Reßler <xodarap@xodarap.de>

commit cdb3ecb0fb3cd6a1451a80a11f3c5f6bd6d993e4
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Mar 6 20:43:59 2026 +0000

    Changelog updates from Version v1.73.2

commit 2d7f84576a82ab481eceaf33d65062fb9eca08ba
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Mar 6 11:24:00 2026 +0000

    fs/log: fix data race on OutputHandler.format field
    
    The format field was read in Handle() without synchronization while
    setFormat() could write it concurrently from InitLogging(). This
    caused a data race detected by the race detector, failing
    TestListBucketsAuthProxy in cmd/serve/s3.
    
    Fix by protecting all access to format with the existing mutex.

commit ab234dcfd7e3da3506baad82515c54811170eeb3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Mar 5 23:04:17 2026 +0000

    build(deps): bump docker/build-push-action from 6 to 7
    
    Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7.
    - [Release notes](https://github.com/docker/build-push-action/releases)
    - [Commits](https://github.com/docker/build-push-action/compare/v6...v7)
    
    ---
    updated-dependencies:
    - dependency-name: docker/build-push-action
      dependency-version: '7'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit c5bcfbac8f7044a76b470912fc413bf9eef9840a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Mar 5 23:04:12 2026 +0000

    build(deps): bump docker/setup-buildx-action from 3 to 4
    
    Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4.
    - [Release notes](https://github.com/docker/setup-buildx-action/releases)
    - [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4)
    
    ---
    updated-dependencies:
    - dependency-name: docker/setup-buildx-action
      dependency-version: '4'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 88ed8e2b43dbd925f5f7db70dc7348286c00bc1d
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Mar 5 23:04:08 2026 +0000

    build(deps): bump docker/metadata-action from 5 to 6
    
    Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5 to 6.
    - [Release notes](https://github.com/docker/metadata-action/releases)
    - [Commits](https://github.com/docker/metadata-action/compare/v5...v6)
    
    ---
    updated-dependencies:
    - dependency-name: docker/metadata-action
      dependency-version: '6'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit b097454f835a6d1582464df525b5e7a97a3d44ad
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Mar 4 22:43:20 2026 +0000

    build(deps): bump docker/setup-qemu-action from 3 to 4
    
    Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3 to 4.
    - [Release notes](https://github.com/docker/setup-qemu-action/releases)
    - [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4)
    
    ---
    updated-dependencies:
    - dependency-name: docker/setup-qemu-action
      dependency-version: '4'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 2f890114b678e6db5cf7a038b9129d7013aae308
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Mar 4 22:43:15 2026 +0000

    build(deps): bump docker/login-action from 3 to 4
    
    Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4.
    - [Release notes](https://github.com/docker/login-action/releases)
    - [Commits](https://github.com/docker/login-action/compare/v3...v4)
    
    ---
    updated-dependencies:
    - dependency-name: docker/login-action
      dependency-version: '4'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 78a7d9bb8e6c4654701877db238ec0aa31fb7fbc
Author: nielash <nielronash@gmail.com>
Date:   Mon Mar 2 21:06:39 2026 -0500

    bisync: update changelog

commit 72c561d20958574e31dfa08837cb055f479b78d3
Author: nielash <nielronash@gmail.com>
Date:   Mon Mar 2 12:28:02 2026 -0500

    bisync: auto-generate rc help docs
    
    This adds a go generate ./cmd/bisync command to autogenerate the bisync rc docs,
    including the list of params.

commit b864c4f9c950bcbe3b9014636a26f11344da6ab9
Author: nielash <nielronash@gmail.com>
Date:   Mon Mar 2 12:10:13 2026 -0500

    bisync: add more structured info to rc output
    
    This adds a few handy bits of info, like the session name, workdir location, and
    listing file paths, to the rc output.

commit bb78eb8ab20f360b7dbc91701242d671c67cbf83
Author: nielash <nielronash@gmail.com>
Date:   Mon Mar 2 12:08:48 2026 -0500

    bisync: add missing rc params - fixes #7799
    
    This adds 11 previously-missing rc params for newer bisync features.
    
    It also makes optional parameters truly optional. (Previously, callers were
    required to supply every single one, even if using the default value.)

commit e11a066e009ef5f9c96ac691ac13925602c45270
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 16 17:26:02 2026 +0000

    operations: multithread copy: grab memory before making go routines
    
    This reduces the number of go routines which can get out of hand when
    using large --transfers and --multi-thread-streams from potentially
    --multi-thread-streams * --transfers Go routines to --max-memory /
    --multi-thread-chunk-size
    
    It serializes the memory allocator in each transfer which should be
    good for performance and reduce lock contention.

commit f0dfe9280c9aa1fc8a41981d1f51f1e26c128ce3
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 3 12:44:42 2026 +0000

    b2: add server side copy real time accounting

commit b8d2ce8962bde274a75b7bd7808952f686bdce3d
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 3 12:45:28 2026 +0000

    s3: add server side copy real time accounting

commit f60b09e7ab276385d43d8adc51068f7622b0b69c
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 12 16:34:06 2026 +0000

    azureblob: add server side copy real time accounting

commit 307f1edaf4b07c28be56192e6b95146893a17932
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 12 16:32:09 2026 +0000

    operations: add method to real time account server side copy
    
    Before this change server side copies would show at 0% until they were
    done then show at 100%.
    
    With support from the backend, server side copies can now be accounted
    in real time. This will only work for backends which have been
    modified and themselves get feedback about how copies are going.
    
    If the transfer fails, the bytes accounted will be reversed.

commit a7a3bee4882d7d4aa67d5d4f903c4936bcd9af8a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 3 14:00:47 2026 +0000

    Add Duncan F to contributors

commit 8e24a21ef246587fa12f1693c6e7436c814b0a47
Author: Duncan F <131309315+duncanaf@users.noreply.github.com>
Date:   Tue Feb 10 18:09:35 2026 -0800

    azureblob: add --azureblob-copy-total-concurrency to limit total multipart copy concurrency

commit 239dae97dba49553c2da45eb398be6f3af009fee
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Mar 3 14:00:47 2026 +0000

    Add razorloves to contributors

commit 7056989972e229f2664b71ddb796865e940f52b1
Author: razorloves <razorloves@gmail.com>
Date:   Tue Mar 3 02:53:42 2026 -0600

    docs: fix new drive flag typo in changelog

commit 056adc97d61343c01c958824fc4912db1f99890d
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:24:16 2026 +0000

    build: update to golang.org/x/net v0.51.0 to fix CVE-2026-27141 #9220
    
    See: https://pkg.go.dev/vuln/GO-2026-4559

commit c2fd08192bdb21659d2860830e68717e12efae12
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:12 2026 +0000

    Add Bjoern Franke to contributors

commit 9e0054983cb4ef5adadf2179ab1f4190eec312e0
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:12 2026 +0000

    Add Brian Bockelman to contributors

commit 7c336fdb6f2e4970fcabf1005bc060af2e5e388a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:12 2026 +0000

    Add Romāns Potašovs to contributors

commit 5d07f521dca2448df387b1d9aaa35fbcc5645d7e
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:11 2026 +0000

    Add Adam Kasztenny to contributors

commit 0d759d1280d1035c90be2d24a0a5245ddac56f94
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:11 2026 +0000

    Add hxnd to contributors

commit 93b1c50c14647c3fd5891470c6a1d501011ae3f8
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:11 2026 +0000

    Add Bjoern Franke to contributors

commit d6819d9d462e289b23310aae935644cf28834f9a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 27 11:22:11 2026 +0000

    Add FTCHD to contributors

commit 65f2f5973462cf59abd61b7fce039f25fd00d15f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Feb 26 22:43:00 2026 +0000

    build(deps): bump actions/upload-artifact from 6 to 7
    
    Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7.
    - [Release notes](https://github.com/actions/upload-artifact/releases)
    - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7)
    
    ---
    updated-dependencies:
    - dependency-name: actions/upload-artifact
      dependency-version: '7'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit ac177f70cb48e73ffcc86d7e5eade79172a5417f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Feb 26 22:43:03 2026 +0000

    build(deps): bump actions/download-artifact from 7 to 8
    
    Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8.
    - [Release notes](https://github.com/actions/download-artifact/releases)
    - [Commits](https://github.com/actions/download-artifact/compare/v7...v8)
    
    ---
    updated-dependencies:
    - dependency-name: actions/download-artifact
      dependency-version: '8'
      dependency-type: direct:production
      update-type: version-update:semver-major
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>

commit 9be4fc8c2b628128282ccdaeee07021292221636
Author: Leon Brocard <lbrocard@fastly.com>
Date:   Thu Feb 26 18:18:52 2026 +0100

    serve http: add gzip compression
    
    Add gzip compression for directory listings and text assets served over HTTP.
    
    This reduces the rclone repository file listing from 40 kB to 8 kB and reduces
    the rclone MANUAL.txt from 2.7 MB to 700 kB.
    
    This makes listings and assets served across the network load faster.
    
    The compression level of 5 should be a good balance between size and speed.

commit cf240b6c0f8435568d1fc71234462ec68bb00e7a
Author: Brian Bockelman <bbockelman@morgridge.org>
Date:   Sat Feb 7 09:50:48 2026 -0600

    webdav: permit redirects on PROPFIND for metadata
    
    The WebDAV implementation already permits redirects on PROPFIND for
    listing paths in the `listAll` method but does not permit this for
    metadata in `readMetaDataForPath`.  This results in a strange experience
    for endpoints that heavily use redirects -
    
    ```
    rclone lsl endpoint:
    ```
    
    functions and lists `hello_world.txt` in its output but
    
    ```
    rclone lsl endpoint:hello_world.txt
    ```
    
    Fails with a HTTP 307.
    
    The git history for this setting indicates this was done to avoid
    an issue where redirects cause a verb change to GET in the Go HTTP
    client; it does not appear to be problematic with HTTP 307.
    
    To fix, a new `CheckRedirect` function is added in the `rest` library
    to force the client to use the same verb across redirects, forcing this
    for the PROPFIND case.

commit 6159ea9cf5597db9a9c0c56641069e3a91d5ea9f
Author: Romāns Potašovs <justgook@gmail.com>
Date:   Sun Feb 8 23:34:10 2026 +0200

    webdav: add missing headers for CORS
    
    fix #7492

commit be1fb99aeea33aea0be11da356a166ac42821611
Author: Adam Kasztenny <adamkasztenny@gmail.com>
Date:   Sun Feb 8 21:12:10 2026 -0500

    docs: Document unsupported S3 object keys with double slashes
    
    Fixes #5063 by documenting that S3 object keys containing
    consecutive forward slashes (//) are not supported by rclone.
    
    The issue occurs because rclone normalizes paths like "a//b" to "a/b",
    causing "object not found" errors when trying to access the original
    object. This documentation addition explicitly warns users about this
    limitation and provides workarounds.
    
    Changes:
    - Added new subsection "Important note about double slashes (//)"
      under "Restricted filename characters" in S3 documentation
    - Explains the normalization behavior and its consequences
    - Provides clear examples and workarounds
    
    AI Model/Tool Attribution:
    - Implemented using opencode AI assistant
    - Issue analysis and documentation update performed by AI tools
    
    Resolves: #5063

commit 01095a539b5a7cec0972037f83f99845393bdcf4
Author: Prakhar Chhalotre <chhalotreprakhar00@gmail.com>
Date:   Thu Feb 26 21:50:24 2026 +0530

    touch: add metadata when using `--metadata-set`

commit 6578f0ad089a93082bc228b3c47bdfd9f48176a7
Author: hxnd <callmehxnd@outlook.de>
Date:   Thu Feb 26 13:41:24 2026 +0100

    s3: ionos: updated regions & endpoints

commit f4ffa549520a9862ce1bc5a1fe3303d7177705a3
Author: Bjoern Franke <bjo+git@schafweide.org>
Date:   Thu Feb 26 13:38:22 2026 +0100

    s3: scaleway: ONEZONE_IA is available in all zones, GLACIER only in FR-PAR
    
    Co-authored-by: Bjoern Franke <bjo@schafweide.org>

commit abed695720c2e18b8dfa3f580349c7f08ad44b31
Author: Prakhar Chhalotre <chhalotreprakhar00@gmail.com>
Date:   Thu Feb 26 18:07:10 2026 +0530

    drive: add integration test for handling folder names with single quotes

commit 77892a8289495f4f1d06a8b0b15c1914efa60a5c
Author: FTCHD <144691102+FTCHD@users.noreply.github.com>
Date:   Sat Feb 21 03:06:08 2026 +0300

    http: dark mode for browser

commit 9f9569ad6fb8efec0787f179ceea2637b14f7e47
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 26 11:59:20 2026 +0000

    docs: note that --use-server-modtime only works on some backends
    
    Closes #6977

commit 80cdc4dd06fd5c689d0cbd0d010cf0b5cd0a6664
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 26 12:00:43 2026 +0000

    Add a1pcm to contributors

commit 216c9de2c40753d74573dea3bf2a50748ba703be
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 26 12:00:43 2026 +0000

    Add Leon Brocard to contributors

commit 7952910e4096a0beb27d3808dc4272a2c20a04d2
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 26 12:00:43 2026 +0000

    Add Dark Dragon to contributors

commit 7eed0b682520d9dd547158a4e460d6535987f409
Author: jzunigax2 <125698953+jzunigax2@users.noreply.github.com>
Date:   Mon Feb 9 14:06:26 2026 -0600

    internxt: fix Entry doesn't belong in directory errors on windows

commit c7da3ab77f19c5a0bfad40d34dc8918fcf539b91
Author: a1pcm <a1pcm@users.noreply.github.com>
Date:   Mon Feb 23 03:26:31 2026 -0600

    drime: fix chunk-uploaded files ignoring workspace ID
    
    When specifying --drime-workspace-id, a file greater than the limit at
    which file uploads get chunked would ignore the specified ID and get put
    into the default workspace instead.
    
    Completes the fix described in commit 2360e65 by properly closing the
    chunkwriter by providing the workspace ID to the Drime API call.

commit 879913da414460b4a7f8b7332413c9a53c1a393a
Author: Leon Brocard <lbrocard@fastly.com>
Date:   Thu Feb 26 10:02:27 2026 +0100

    s3: add new Fastly Object Storage regions
    
    Add AU East 1, EU South 1, JP Central 1, UK East 1, and US Central 1
    regions and endpoints for Fastly Object Storage.
    
    Also sort the entries alphabetically.

commit 576e6145fcc1656c7cdb84319107ae3c40163bbc
Author: Dark Dragon <darkdragon-001@web.de>
Date:   Tue Feb 24 13:44:10 2026 +0100

    docs: Fix headers hierarchy for mount.md
    
    Similar to "Mounting on macOS", "Mounting on Linux" needs to move one layer down. This also fixes the missing anchor overlay on hover.

commit be73a72f930da0fd2b0ecb7c10e2278c517513d2
Author: Leon Brocard <acme@astray.com>
Date:   Wed Feb 25 13:48:17 2026 +0100

    serve http: add fallback embedded favicon
    
    Browsers make a request to /favicon.ico when visiting pages generated
    by the HTTP server.
    
    Previously, if remotes did not have a /favicon.ico then the server
    responded with a 404, causing browsers to show a default icon.
    
    This adds a tiny fallback embedded PNG rclone favicon to help users
    identify the rclone browser tab.

commit 36913cda94ddc96054a16f4f3cb88433257c460e
Author: Leon Brocard <acme@astray.com>
Date:   Wed Feb 25 13:45:49 2026 +0100

    graphics: optimise images losslessly with ImageOptim
    
    All PNG and JPEG images in the graphics/ and docs/static/img/
    directories have been run through ImageOptim with lossless compression.
    This reduces the checkout size and the size of logo files served,
    without any change in visual quality.
    
    ```bash
    git diff --cached --stat
    docs/static/img/ncw-bitcoin-address.png                                  | Bin 1100 -> 404 bytes
    docs/static/img/rclone-1200x630.png                                      | Bin 36503 -> 24220 bytes
    docs/static/img/rclone-32x32.png                                         | Bin 1106 -> 704 bytes
    graphics/cover.jpg                                                       | Bin 9986330 -> 8998666 bytes
    graphics/logo/favicon/favicon_16px.png                                   | Bin 559 -> 389 bytes
    graphics/logo/favicon/favicon_32px.png                                   | Bin 1106 -> 704 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_color_128px.png      | Bin 10651 -> 6655 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_color_256px.png      | Bin 22388 -> 14378 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_color_32px.png       | Bin 2656 -> 1650 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_color_64px.png       | Bin 5284 -> 3245 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_mono_128px.png       | Bin 9875 -> 5790 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_mono_256px.png       | Bin 21247 -> 10809 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_mono_32px.png        | Bin 2234 -> 1406 bytes
    graphics/logo/logo_on_dark/logo_on_dark__horizontal_mono_64px.png        | Bin 4622 -> 2751 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_color_128px.png        | Bin 3946 -> 2444 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_color_256px.png        | Bin 8234 -> 5134 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_color_512px.png        | Bin 17223 -> 10797 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_color_64px.png         | Bin 1979 -> 1271 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_mono_128px.png         | Bin 3490 -> 2104 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_mono_256px.png         | Bin 7372 -> 4630 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_mono_512px.png         | Bin 16451 -> 8358 bytes
    graphics/logo/logo_on_dark/logo_on_dark__vertical_mono_64px.png          | Bin 1684 -> 1049 bytes
    graphics/logo/logo_on_dark/logo_symbol_on_dark_mono_128px.png            | Bin 3889 -> 2239 bytes
    graphics/logo/logo_on_dark/logo_symbol_on_dark_mono_256px.png            | Bin 8843 -> 4917 bytes
    graphics/logo/logo_on_dark/logo_symbol_on_dark_mono_512px.png            | Bin 19071 -> 9074 bytes
    graphics/logo/logo_on_dark/logo_symbol_on_dark_mono_64px.png             | Bin 1731 -> 1130 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_color_128px.png    | Bin 10621 -> 6860 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_color_256px.png    | Bin 22317 -> 14747 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_color_32px.png     | Bin 2594 -> 1655 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_color_64px.png     | Bin 5184 -> 3316 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_mono_128px.png     | Bin 8839 -> 5907 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_mono_256px.png     | Bin 19305 -> 11010 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_mono_32px.png      | Bin 2092 -> 1422 bytes
    graphics/logo/logo_on_light/logo_on_light__horizontal_mono_64px.png      | Bin 4198 -> 2835 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_color_128px.png      | Bin 3856 -> 2446 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_color_256px.png      | Bin 8083 -> 5179 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_color_512px.png      | Bin 16804 -> 11148 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_color_64px.png       | Bin 1932 -> 1258 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_color_800px_2to1.png | Bin 23388 -> 12019 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_mono_128px.png       | Bin 3139 -> 2106 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_mono_256px.png       | Bin 6347 -> 4630 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_mono_512px.png       | Bin 14138 -> 8358 bytes
    graphics/logo/logo_on_light/logo_on_light__vertical_mono_64px.png        | Bin 1522 -> 1038 bytes
    graphics/logo/logo_on_light/logo_symbol_on_light_mono_128px.png          | Bin 3193 -> 2241 bytes
    graphics/logo/logo_on_light/logo_symbol_on_light_mono_256px.png          | Bin 6992 -> 4917 bytes
    graphics/logo/logo_on_light/logo_symbol_on_light_mono_512px.png          | Bin 16638 -> 9074 bytes
    graphics/logo/logo_on_light/logo_symbol_on_light_mono_64px.png           | Bin 1568 -> 1127 bytes
    graphics/logo/logo_symbol/logo_symbol_color_128px.png                    | Bin 4468 -> 2783 bytes
    graphics/logo/logo_symbol/logo_symbol_color_16px.png                     | Bin 1787 -> 391 bytes
    graphics/logo/logo_symbol/logo_symbol_color_256px.png                    | Bin 9362 -> 5835 bytes
    graphics/logo/logo_symbol/logo_symbol_color_512px.png                    | Bin 19898 -> 12946 bytes
    graphics/logo/logo_symbol/logo_symbol_color_600px_spaced.png             | Bin 18775 -> 13537 bytes
    graphics/logo/logo_symbol/logo_symbol_color_64px.png                     | Bin 2235 -> 1380 bytes
    ```

commit 699e4cfb2374796a08cb5db801b52c4bd489fead
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:01:33 2026 +0000

    docs: update sponsors

commit bc5cad879243294a6472b31d1bc231e56e90f8db
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:05:25 2026 +0000

    Add Jan-Philipp Reßler to contributors

commit 9024962fc4b8a641db446e731c7b5bc0823f8ac5
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:05:25 2026 +0000

    Add Chris to contributors

commit aa1f4ace64496b66dc3c88e4756f588eb5cfb6af
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:05:25 2026 +0000

    Add Shlomi Avihou to contributors

commit dd1d750c55455220227ce7b4c5f9dcd84204fdcb
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:05:25 2026 +0000

    Add Jan-Philipp Reßler to contributors

commit 5a2564c6e28b559585fe3556c36d794b46354592
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:05:24 2026 +0000

    Add Varun Chawla to contributors

commit 82cc80cc6f737ae2ef902d88bab04da468686137
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 23 13:05:24 2026 +0000

    Add Prakhar Chhalotre to contributors

commit 7d0a8bf850b93d3f70a50f47eab489295e6058d9
Author: Chris <238498929+chris081519-crypto@users.noreply.github.com>
Date:   Fri Feb 20 17:40:24 2026 +0100

    s3: add Object Lock support
    
    Add support for S3 Object Lock with the following new options:
    
    - --s3-object-lock-mode: set retention mode (GOVERNANCE/COMPLIANCE/copy)
    - --s3-object-lock-retain-until-date: set retention date (RFC3339/duration/copy)
    - --s3-object-lock-legal-hold-status: set legal hold (ON/OFF/copy)
    - --s3-bypass-governance-retention: bypass GOVERNANCE lock on delete
    - --s3-bucket-object-lock-enabled: enable Object Lock on bucket creation
    - --s3-object-lock-set-after-upload: apply lock via separate API calls
    
    The special value "copy" preserves the source object's setting when used
    with --metadata flag, enabling scenarios like cloning objects from
    COMPLIANCE to GOVERNANCE mode while preserving the original retention date.
    
    Includes integration tests that create a temporary Object Lock bucket covering:
    - Retention Mode and Date
    - Legal Hold
    - Apply settings after upload
    - Override protections using bypass-governance flag
    The tests are gracefully skipped on providers that do not support Object Lock.
    
    Fixes #4683
    Closes #7894 #7893 #8866

commit fd8b28d36dd176844c48caf7ca5c2017ab5f8b47
Author: Varun Chawla <34209028+veeceey@users.noreply.github.com>
Date:   Fri Feb 20 08:30:15 2026 -0800

    webdav: escape reserved characters in URL path segments
    
    Use URLPathEscapeAll instead of URLPathEscape for path encoding.
    
    URLPathEscape relies on Go's url.URL.String() which only minimally
    escapes paths - reserved sub-delimiter characters like semicolons and
    equals signs pass through unescaped. Per RFC 3986 section 3.3, these
    characters must be percent-encoded when used as literal values in
    path segments.
    
    Some WebDAV servers (notably dCache/Jetty) interpret unescaped
    semicolons as path parameter delimiters, which truncates filenames
    at the semicolon position. URLPathEscapeAll encodes everything
    except [A-Za-z0-9/], which is safe for all servers.
    
    Fixes #9082

commit c63ecace4148735b1ceae80eae85dd3330e72052
Author: Shlomi Avihou <shlomi@zadarastorage.com>
Date:   Fri Feb 13 11:57:41 2026 -0800

    s3: add Zadara Object Storage provider

commit 0c8c3d8fb934bccb04467a4d3be0dfe7c7de33cb
Author: Jan-Philipp Reßler <75355263+TabError@users.noreply.github.com>
Date:   Fri Feb 20 17:21:48 2026 +0100

    bisync: add group Sync to the bisync command
    
    Co-authored-by: Jan-Philipp Reßler <xodarap@xodarap.de>

commit 5042f360f0ca482a3fa1e803a13012f01288acdd
Author: Varun Chawla <34209028+veeceey@users.noreply.github.com>
Date:   Fri Feb 20 03:46:53 2026 -0800

    archive: extract: strip "./" prefix from tar entry paths
    
    Tar files created from the current directory (e.g. tar -czf archive.tar.gz .)
    produce entries prefixed with "./". When extracting, rclone's character
    encoding replaces the "." with a full-width dot (U+FF0E), creating a
    spurious directory instead of merging into the destination root.
    
    Strip the leading "./" from NameInArchive before processing. Only "./"
    is stripped specifically to avoid enabling path traversal attacks via
    "../".
    
    Fixes #9168

commit 9601dbce87d469626a8486cbc3a7e92b3b78c82a
Author: Prakhar Chhalotre <chhalotreprakhar00@gmail.com>
Date:   Wed Feb 18 20:49:47 2026 +0530

    accounting: update String method output format for clarity in transfer rate representation - fixes #9129

commit e06f0b0595fbc11e032a10c58274ec12fb11c1d7
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Feb 18 12:12:04 2026 +0000

    docs: add instructions on how to update Go version

commit b2866f0291a4918499378a92279656a3988cb96a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Feb 18 12:11:52 2026 +0000

    build: modernize Go code with go fix for go1.25

commit cf97f250df6d4719a7e6a740142ba4eae30df64a
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Feb 18 09:59:16 2026 +0000

    build: update all dependencies
    
    Could not update github.com/coreos/go-systemd as the new version doesn't build under freebsd
    
    See: https://github.com/coreos/go-systemd/issues/509

commit 627b763d4bb9299b4e5f82bcb1992dc3b2ddeb75
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Feb 18 09:50:56 2026 +0000

    lib/rest: remove go1.24 workaround now go1.25 is the minimum

commit f14945f9c1648da9d8b3ed3b97844f7efbae0279
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Feb 18 09:48:58 2026 +0000

    build: update to go1.26 and make go1.25 the minimum required version

commit 391661fdb4a57bb0b64a93654a0235012e89a1ed
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Feb 18 11:33:38 2026 +0000

    Add Jack Kelly to contributors

commit faffd0a6f105011a7159fb8613d68c45758d6077
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 17 18:22:21 2026 +0000

    Changelog updates from Version v1.73.1

commit 6cc3356f8e1509f4c5536e873fb53da7d01134eb
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 17 16:48:52 2026 +0000

    build: fix build using go 1.26.0 instead of go 1.25.7
    
    In the actions config use Go ~1.25.7 to pin the go version to 1.25.x,
    x >= 7.
    
    Before this it was choosing Go 1.26.0 which isn't what we want.

commit 07e76419c92247e5f2d13546ecbb48ab058417cf
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Wed Dec 31 17:59:36 2025 +0000

    fs/march: fix runtime: program exceeds 10000-thread limit
    
    Before this change when doing a sync with `--no-traverse` and
    `--files-from` we could call `NewObject` a total of `--checkers` *
    `--checkers` times simultaneously.
    
    With `--checkers 128` this can exceed the 10,000 thread limit and
    fails when run on a local to local transfer because `NewObject` calls
    `lstat` which is a syscall which needs an OS thread of its own.
    
    This patch uses a weighted semaphore to limit the number of
    simultaneous calls to `NewObject` to `--checkers` instead which won't
    blow the 10,000 thread limit and is far more sensible use of OS
    resources.
    
    Fixes #9073

commit 60c4f35b56bb7b8cecb9f8c0ed84279d93fb6739
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 16 16:03:40 2026 +0000

    accounting: fix missing server side stats from core/stats rc
    
    These stats weren't being updated in the global stats read by rc
    core/stats:
    
    - transferQueue
    - deletesSize
    - serverSideCopies
    - serverSideCopyBytes
    - serverSideMoves
    - serverSideMoveBytes

commit 15a9c0fd367285e68d5699bc22a9b0d1072329e7
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 6 13:02:18 2026 +0000

    pacer: re-read the sleep time as it may be stale
    
    Before this change we read sleepTime before acquiring the pacer token
    and uses that possibly stale value to schedule the token return. When
    many goroutines enter while sleepTime is high (e.g., 10s), each
    goroutine caches this 10s value. Even if successful calls rapidly
    decay the pacer state to 0, the queued goroutines still schedule 10s
    token returns, so the queue drains at 1 req/10s for the entire herd.
    This can create multi‑minute delays even after the pacer has dropped
    to 0.
    
    After this change we refresh the sleep time after getting the token.
    
    This problem was introduced by the desire to skip reading the pacer
    token entirely when sleepTime is 0 in high performance backends (eg
    s3, azure blob).

commit 8b85ffbf033cff39f1c861eb3ee15b2f691f6685
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 3 16:40:54 2026 +0000

    pacer: fix deadlock between pacer token and --max-connections
    
    It was possible in the presence of --max-connections and recursive
    calls to the pacer to deadlock it leaving all connections waiting on
    either a max connection token or a pacer token.
    
    This fixes the problem by making sure we return the pacer token on
    schedule if we take it.
    
    This also short circuits the pacer token if sleepTime is 0.

commit 26fb659fe436b594ddf1795df6128e70558ec918
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 17 11:54:37 2026 +0000

    test_all: increase retries for Internxt eventual consistency

commit 7aa3d8a32f2ae2492dd3f2a4937a5662cf3c1378
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 17 11:40:41 2026 +0000

    build: fix CVE-2025-68121 by updating go to 1.25.7 or later - fixes #9167

commit b7ebec865bfbd696779b2fafcbf80d170dddfd07
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 2 15:42:45 2026 +0000

    drime: fix files and directories being created in the default workspace
    
    Before this change directories and files were created in the default
    workspace, not the workspace specified by --drime-workspace-id.

commit a60d09c43d15b05ec2762db7dfeb0dd4ed7013d6
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 17 11:32:21 2026 +0000

    docs: update sponsors

commit 14a47937c03e6b33c2c70d90470c71b2a0c29302
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Tue Feb 17 11:32:44 2026 +0000

    Add kingston125 to contributors

commit 64d691616102e73b0eb78e1b178498be392dbe66
Author: Jack Kelly <jack@OpenClimateFix.org>
Date:   Tue Feb 3 08:08:09 2026 +0000

    copyurl: Extend copyurl docs with an example of CSV FILENAMEs starting with a path.

commit ae778f1413b39d3f9a7b8ddc39bdb4b35e7452e0
Author: kingston125 <kingston125@github.com>
Date:   Tue Feb 10 21:30:15 2026 -0500

    filelu: migrate API calls to lib/rest

commit 33859568d6793684493db80bbe861c0f2bac5ed2
Author: José Zúniga <125698953+jzunigax2@users.noreply.github.com>
Date:   Fri Feb 13 14:18:51 2026 -0500

    internxt: implement re-login under refresh logic, improve retry logic - fixes #9174

commit 4b3aa5aea03d4826a6a2c72d97f724f2945c5546
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Feb 6 16:24:28 2026 +0000

    docs: add ExchangeRate-API as a sponsor

commit 349487bb7f71ba5225bbfce981a719d1b3ca62c3
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 12 14:08:09 2026 +0000

    Add Cohinem to contributors

commit b70b2fff16e8627b5f8af3402bf50293633f6a7d
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Thu Feb 12 14:08:09 2026 +0000

    Add Leon Brocard to contributors

commit 32307e9226551477af9f7ec0d6b3cce2e7cf099e
Author: Leon Brocard <acme@astray.com>
Date:   Wed Feb 11 22:12:35 2026 +0000

    s3: remove StackPath Object Storage provider
    
    StackPath's object storage service no longer exists and all S3
    endpoints are no longer operational.
    
    Before this change, users could select StackPath as an S3 provider
    during configuration, but connections would fail as the endpoints no
    longer respond and the service has been discontinued.
    
    After this change, StackPath is removed from the list of supported
    S3 providers, preventing users from attempting to configure a
    non-functional service.
    
    Fixes #9148

commit 2bd6630c2eacbe0aa647216455946f50a618c8d1
Author: Cohinem <143964778+Cohinem@users.noreply.github.com>
Date:   Wed Feb 11 17:06:31 2026 +0300

    drime: implement About

commit 54c2078f257d6ba266f96baa2869812817f861c9
Author: albertony <12441419+albertony@users.noreply.github.com>
Date:   Tue Feb 10 09:12:17 2026 +0100

    build: bump github.com/go-chi/chi/v5 from 5.2.3 to 5.2.5 to fix GO-2026-4316

commit 4f284614a47d2c2c00375b3a9378c73cc97160f1
Author: kingston125 <support@filelu.com>
Date:   Tue Feb 10 22:05:49 2026 -0500

    Set list_version to 2 for FileLu S3 configuration

commit eef0b39a2caf03dc8b14cf2eb69d6c210499aa90
Author: kingston125 <support@filelu.com>
Date:   Wed Feb 4 17:26:17 2026 -0500

    filelu: add multipart upload support with configurable cutoff

commit 37f633663642ccbf654ee0119413f2c2151c2f0e
Author: kingston125 <support@filelu.com>
Date:   Wed Feb 4 17:29:07 2026 -0500

    filelu: add multipart init response type

commit 1049f88a1da1cd2e042e92b6e3126adc010bc885
Author: kingston125 <support@filelu.com>
Date:   Wed Feb 4 17:18:12 2026 -0500

    filelu: add comment for response body wrapping

commit 327ca25a4d225046ceec637c082c8af4841925a1
Author: kingston125 <support@filelu.com>
Date:   Wed Feb 4 17:09:55 2026 -0500

    filelu: avoid buffering entire file in memory
    
    Avoid buffering the entire file in memory during download, especially
    for large files.

commit 673e24a60ff46bdc0fd32a465d631597554b026b
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Mon Feb 2 11:12:34 2026 +0000

    docs: update sponsor logos

commit 43db4c5dc76be95dd230176f7dbd62bb2a28b5b3
Author: Leon Brocard <acme@astray.com>
Date:   Thu Feb 5 12:10:53 2026 +0000

    s3: add Fastly Object Storage provider
    
    - Add new Fastly provider with US East, US West, and EU Central regions
    - Add `etag_is_not_md5` quirk for providers with mandatory encryption
    - Disable server-side copy for Fastly (not supported)

commit 88b484722a3fb7ff2a7bf7af16d00647b27fd421
Author: Enduriel <endur1el@protonmail.com>
Date:   Mon Feb 2 16:38:01 2026 +0100

    filen: fix potential panic in case of error during upload

commit ed5bd327c08bb222e1ab3888bb0869c76e3be629
Author: Enduriel <endur1el@protonmail.com>
Date:   Thu Feb 5 12:07:41 2026 +0100

    filen: fix 32 bit targets not being able to list directories Fixes #9142
    
    or do pretty much anything,
    this was caused by timestamps not being read to 64 bit integers

commit 341ce61a2aa535b5c555ade033dfa82b0fab4474
Author: wiserain <mail275@gmail.com>
Date:   Tue Feb 3 08:13:03 2026 +0900

    pikpak: support custom filenames for addurl backend command - fixes #9111
    
    Extended the addurl backend command to accept an optional filename parameter,
    enabling customized naming for downloaded files.

commit 9abf9d38c0b8009430228150c8f1f0a50e52505b
Author: Nick Craig-Wood <nick@craig-wood.com>
Date:   Fri Jan 30 22:19:04 2026 +0000

    Start v1.74.0-DEV development
