syncthing

v2.1.1 Feature

This release adds 4 notable features for engineering teams evaluating rollout.

Published 1d File Storage & Sync

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

go p2p peer-to-peer synchronization

Summary

AI summary

Updates Major changes in 2.1, Other, and syncthing across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Medium	Devices and folders can now be grouped in the GUI using the new `group` attribute. Devices and folders can now be grouped in the GUI using the new `group` attribute. Source: llm_adapter@2026-06-02 Confidence: high	—
Feature	Medium	HTTP and HTTPS proxies with CONNECT support can now be used alongside SOCKS proxies via `all_proxy` environment variable. HTTP and HTTPS proxies with CONNECT support can now be used alongside SOCKS proxies via `all_proxy` environment variable. Source: llm_adapter@2026-06-02 Confidence: high	—
Feature	Medium	Block indexing can be disabled for folders to reduce database size and overhead via the `blockIndexing` attribute. Block indexing can be disabled for folders to reduce database size and overhead via the `blockIndexing` attribute. Source: llm_adapter@2026-06-02 Confidence: high	—
Feature	Medium	GUI login session duration and cookie path are now configurable via `sessionCookieDurationS` and `sessionCookiePath` attributes. GUI login session duration and cookie path are now configurable via `sessionCookieDurationS` and `sessionCookiePath` attributes. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Updated x/net dependency for govulncheck (build(deps): x/net for govulncheck). Updated x/net dependency for govulncheck (build(deps): x/net for govulncheck). Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix
Bugfix	Medium	Properly upgrade Syncthing via REST when the service is running (fixes #10697). Properly upgrade Syncthing via REST when the service is running (fixes #10697). Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	Ensure user read/write/execute permissions on archived directories during versioning (fixes #10532). Ensure user read/write/execute permissions on archived directories during versioning (fixes #10532). Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	Announce TCP punching wildcard only when listening on a wildcard address (fixes #10503). Announce TCP punching wildcard only when listening on a wildcard address (fixes #10503). Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	Close source loader responses on errors in stcrashreceiver (PR #10704). Close source loader responses on errors in stcrashreceiver (PR #10704). Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	Handle zero‑size requests in the protocol layer (fixes #10709). Handle zero‑size requests in the protocol layer (fixes #10709). Source: llm_adapter@2026-06-02 Confidence: high	—

Full changelog

Major changes in 2.1

Devices and folders can now be grouped in the GUI by setting the new
group attribute.
HTTP and HTTPS proxies with support for CONNECT can now be used, in
addition to the existing support for SOCKS proxies (the environment
variable all_proxy=https://...).
Block indexing can be turned off for folders where it's more desirable to
optimise for reduced database size and overhead than minimal transfer
size (the blockIndexing attribute on folder configuration).
GUI login session duration can be configured to be longer or shorter than
the default one week, or set to infinitely long. The cookie path can also
be adjusted. (The sessionCookieDurationS and sessionCookiePath
attributes in the GUI configuration.)

This release is also available as:

APT repository: https://apt.syncthing.net/
Docker image: docker.io/syncthing/syncthing:2.1.1 or ghcr.io/syncthing/syncthing:2.1.1
({docker,ghcr}.io/syncthing/syncthing:2 to follow just the major version)

What's Changed

Fixes

fix(syncthing): properly upgrade via REST when Syncthing is running (fixes #10697) by @calmh in https://github.com/syncthing/syncthing/pull/10699
fix(versioner): ensure user read/write/execute on archived dirs (fixes #10532) by @calmh in https://github.com/syncthing/syncthing/pull/10696
fix(discover): only announce wildcard for TCP punching when listening on wildcard address (fixes #10503) by @calmh in https://github.com/syncthing/syncthing/pull/10691
fix(stcrashreceiver): close source loader responses on errors by @mattn in https://github.com/syncthing/syncthing/pull/10704
fix(protocol): handle zero-size requests (fixes #10709) by @calmh in https://github.com/syncthing/syncthing/pull/10710

Other

build: be explicit about workflow permissions by @calmh in https://github.com/syncthing/syncthing/pull/10690
chore(syncthing): include runtime context in GC crashes by @calmh in https://github.com/syncthing/syncthing/pull/10702
build(deps): x/net for govulncheck by @calmh in https://github.com/syncthing/syncthing/pull/10703
chore: use path/filepath for local file system paths by @mattn in https://github.com/syncthing/syncthing/pull/10705

New Contributors

@mattn made their first contribution in https://github.com/syncthing/syncthing/pull/10704

Full Changelog: https://github.com/syncthing/syncthing/compare/v2.1.0...v2.1.1

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track syncthing

Get notified when new releases ship.

About syncthing

Open Source Continuous File Synchronization

All releases →