What's Changed

• Bump github.com/yuin/goldmark from 1.7.11 to 1.7.12 by @dependabot in #186
• Fix extension selection. by @patrickdappollonio in #188
• Bump golangci/golangci-lint-action from 7 to 8 by @dependabot in #182
• Fix 500 Internal Server Error on empty files. by @patrickdappollonio in #189
• Fix rendering all markdown by default. by @patrickdappollonio in #190

Full Changelog: v2.8.1...v2.9.0

What's Changed

• Add custom output formats. by @patrickdappollonio in #185

Full Changelog: v2.8.0...v2.8.1

What's Changed

• Allow forcing the download of specific file extensions. by @patrickdappollonio in #184

Full Changelog: v2.7.0...v2.8.0

What's new?

This release includes support for GitHub-style admonitions, like:

Try them in http-server!

What's Changed

• Bump github.com/yuin/goldmark from 1.7.10 to 1.7.11 by @dependabot in #179
• Add footnotes. Update MermaidJS to version 11.6.0. by @patrickdappollonio in #180
• Add Github-style admonitions. by @patrickdappollonio in #181

Full Changelog: v2.6.0...v2.7.0

TL;DR

• Upgraded MermaidJS to version 11.4.1.
• Added an option to render as HTML every markdown file (either .md or .markdown) with --render-all-markdown
  • This mode also supports hiding all files just so you can show the markdown file itself with no extra content.
• Fixed an issue where username and passwords from basic authentication would not work if there were special characters in them
• Fixed an issue where the banner feature and the CSS used for it would render inappropriately
• Fixed an issue where usernames or password could not have special characters; this was an unintended effect
• Fixed a CVE in jwt-go by upgrading to the latest version available

What's Changed

• Create a GitHub action to create a sample site. by @patrickdappollonio in #143
• Clean up http-server tree structure. Fixes CSS in banner. by @patrickdappollonio in #147
• Allow hiding files in markdown mode. by @patrickdappollonio in #149
• Add docker compose example. by @patrickdappollonio in #161
• Add support for full charset for username and password. by @patrickdappollonio in #176
• Enable support for rendering all markdown files. by @patrickdappollonio in #175
• Add support for custom CSS by @patrickdappollonio in #174
• Upgrade jwt-go to the newest version. Fixes CVE-2025-30204. by @patrickdappollonio in #177
• Add new label for stale issues and PRs by @patrickdappollonio in #178

Updated dependencies

• Bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by @dependabot in #148
• Bump MermaidJS to version 11.4.1 by @patrickdappollonio in #150
• Bump github.com/spf13/viper from 1.19.0 to 1.20.0 by @dependabot in #157
• Bump github.com/klauspost/compress from 1.17.11 to 1.18.0 by @dependabot in #155
• Bump github.com/go-playground/validator/v10 from 10.24.0 to 10.25.0 by @dependabot in #152
• Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot in #153
• Bump golang.org/x/net from 0.34.0 to 0.36.0 in the go_modules group by @dependabot in #156
• Bump github.com/spf13/viper from 1.20.0 to 1.20.1 by @dependabot in #163
• Bump github.com/go-playground/validator/v10 from 10.25.0 to 10.26.0 by @dependabot in #165
• Bump github.com/yuin/goldmark from 1.7.8 to 1.7.10 by @dependabot in #171
• Bump golang.org/x/net from 0.36.0 to 0.38.0 in the go_modules group by @dependabot in #172

Full Changelog: v2.5.3...v2.6.0

What's Changed

• Bump github.com/go-playground/validator/v10 from 10.22.1 to 10.23.0 by @dependabot in #137
• Bump github.com/go-chi/chi/v5 from 5.1.0 to 5.2.0 by @dependabot in #138
• Bump golang.org/x/crypto from 0.21.0 to 0.31.0 in the go_modules group by @dependabot in #139
• Update README with Homebrew tap. by @patrickdappollonio in #141

Full Changelog: v2.5.2...v2.5.3

This update includes better handling of GOMAXPROCS, the limiter for Go runtime to perform operations such as garbage collection and goroutine parallelization.

In Layman's terms, this means that http-server now is more friendly to Kubernetes and other container environment deployments that impose limits (CPU/Memory) to http-server by properly detecting the values provided while in containerized mode.

This is automatically transparent to users and, before this patch, resource contention with the offset between the container's knowledge of limits and the actual limits being different would potentially yield less RPS handling.

Try it out and provide your feedback, it's always welcomed!

What's Changed

• Add support for appropriate GOMAXPROCS that's aware of Kubernetes limits. by @patrickdappollonio in #136

Full Changelog: v2.5.1...v2.5.2

From this release forward, http-server will only generate etags for files smaller than 5 Megabytes (5 * 1024 * 1024). This value is configurable, and using a smaller value will use less RAM.

What's Changed

• Bump github.com/klauspost/compress from 1.17.10 to 1.17.11 by @dependabot in #130
• Bump github.com/yuin/goldmark from 1.7.4 to 1.7.8 by @dependabot in #133
• Enable etag generation on smaller files only. by @patrickdappollonio in #135

Full Changelog: v2.5.0...v2.5.1

Many thanks to @muse-sisay for adding support for custom 404 handling and solving a longstanding feature request from 2021! (#7).

What's Changed

• Add support for custom status codes in "serveFile". by @patrickdappollonio in #128
• Add support for custom 404 error pages by @muse-sisay in #126
• Update documentation on README by @patrickdappollonio in #129

New Contributors

• @muse-sisay made their first contribution in #126

Full Changelog: v2.4.0...v2.5.0

A new feature and a fix to our recent release of _redirections was updated in this release:

Redirecting on empty paths

For those of you living in the edge and already using the _redirections file, there was a bug that if a specific redirections file was crafted, some matches would incorrectly match an empty path. For example assume a URL called /docs/ with the following redirections file:

/docs/:foo /docs/:foo/overview permanent

This would incorrectly match a URL of http://example.com/docs to be redirected to http://example.com/docs//overview. We've added a test to ensure this case doesn't repeat again.

Preventing directory listing

For some mission-critical sites, using http-server truly is just a way to show your websites (HTML-made) to the world without leaking potentially important information while at it.

This release allows you to specify --disable-directory-listing in any of the configuration forms and automatically return a HTTP 404 Not Found response if you land on a directory that doesn't include an index. This will also play nicely with an upcoming feature to return a customized 404 page (and potentially returning 200 instead of 404 in those pages, to allow for SPAs to be rendered via http-server).

What's Changed

• Fix redirecting on empty path parameter by @patrickdappollonio in #123
• Enable option to disable directory listing. by @patrickdappollonio in #124

Full Changelog: v2.3.0...v2.4.0