]>
source.dussan.org Git - nextcloud-server.git/log
Julius Härtl [Fri, 25 Sep 2020 10:03:55 +0000 (12:03 +0200)]
Avoid checking for brute force protection capabilities when upgrading
This might happen a releases that doesn't have this table yet
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Julius Härtl [Fri, 25 Sep 2020 10:03:15 +0000 (12:03 +0200)]
Fix missing authtoken scope
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Julius Härtl [Fri, 25 Sep 2020 07:12:26 +0000 (09:12 +0200)]
Drop fk constraints on locks table
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Julius Härtl [Fri, 25 Sep 2020 07:03:34 +0000 (09:03 +0200)]
Allow upgrade from oc 10.5
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Nextcloud bot [Mon, 14 Dec 2020 02:19:37 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 13 Dec 2020 02:18:42 +0000 (02:18 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sat, 12 Dec 2020 02:18:57 +0000 (02:18 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Fri, 11 Dec 2020 12:05:42 +0000 (13:05 +0100)]
Merge pull request #24649 from nextcloud/dependabot/npm_and_yarn/stable20/ini-1.3.7
[Security] Bump ini from 1.3.5 to 1.3.7
Nextcloud bot [Fri, 11 Dec 2020 02:20:27 +0000 (02:20 +0000)]
[tx-robot] updated from transifex
dependabot-preview[bot] [Thu, 10 Dec 2020 17:45:20 +0000 (17:45 +0000)]
[Security] Bump ini from 1.3.5 to 1.3.7
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7. **This update includes a security fix.**
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.7)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Nextcloud bot [Thu, 10 Dec 2020 02:20:27 +0000 (02:20 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Wed, 9 Dec 2020 19:24:07 +0000 (20:24 +0100)]
Merge pull request #24621 from nextcloud/version/20.0.3/final
20.0.3
Roeland Jago Douma [Wed, 9 Dec 2020 19:05:53 +0000 (20:05 +0100)]
20.0.3
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Nextcloud bot [Wed, 9 Dec 2020 02:19:57 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Tue, 8 Dec 2020 02:20:33 +0000 (02:20 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Mon, 7 Dec 2020 20:20:14 +0000 (21:20 +0100)]
Merge pull request #24584 from nextcloud/version/20.0.3/RC2
20.0.3 RC2
Roeland Jago Douma [Mon, 7 Dec 2020 10:52:17 +0000 (11:52 +0100)]
Merge pull request #24563 from nextcloud/backport/24552/stable20
[stable20] Remember me is not an app_password
Roeland Jago Douma [Mon, 7 Dec 2020 10:44:46 +0000 (11:44 +0100)]
20.0.3 RC2
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma [Mon, 7 Dec 2020 10:16:12 +0000 (11:16 +0100)]
Merge pull request #24582 from nextcloud/backport/24581/stable20
[stable20] Do not load nonexisting setup.js
Julius Härtl [Mon, 7 Dec 2020 06:39:25 +0000 (07:39 +0100)]
Do not load nonexisting setup.js
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Nextcloud bot [Mon, 7 Dec 2020 02:20:52 +0000 (02:20 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 6 Dec 2020 02:19:39 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sat, 5 Dec 2020 02:19:00 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Fri, 4 Dec 2020 11:51:45 +0000 (12:51 +0100)]
Fix typo
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Roeland Jago Douma [Fri, 4 Dec 2020 11:40:28 +0000 (12:40 +0100)]
Remember me is not an app_password
While technically they are stored the same. This session variable is
used to indicate that a user is using an app password to authenticate.
Like from a client. Or when having it generated automatically.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Christoph Wurst [Fri, 4 Dec 2020 15:17:26 +0000 (16:17 +0100)]
Merge pull request #24557 from nextcloud/bugfix/noid/force-composerv1/stable20
[stable20] dont use system composer for autoload checker
Roeland Jago Douma [Fri, 4 Dec 2020 15:09:52 +0000 (16:09 +0100)]
Merge pull request #24553 from nextcloud/backport/24550/stable20
[stable20] Generate a new session id if the decrypting the session data fails
Roeland Jago Douma [Fri, 4 Dec 2020 14:09:22 +0000 (15:09 +0100)]
Merge pull request #24556 from nextcloud/revert/stable20/21090
Revert "Do not read certificate bundle from data dir by default"
Julius Härtl [Fri, 4 Dec 2020 13:27:35 +0000 (14:27 +0100)]
Force composer v1
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Robin Appelman [Wed, 2 Dec 2020 14:02:56 +0000 (15:02 +0100)]
cleanup after autoloader generation
Signed-off-by: Robin Appelman <robin@icewind.nl>
Robin Appelman [Thu, 26 Nov 2020 14:47:33 +0000 (15:47 +0100)]
dont use system composer for autoload checker
this ensures that the same composer version is used by everyone (and ci)
Signed-off-by: Robin Appelman <robin@icewind.nl>
Morris Jobke [Fri, 4 Dec 2020 12:37:10 +0000 (13:37 +0100)]
Revert "Do not read certificate bundle from data dir by default"
This reverts commit
18b0d753f2d76da10fefbf9a34e22dfdcbdc93b0 .
Roeland Jago Douma [Fri, 4 Dec 2020 10:42:40 +0000 (11:42 +0100)]
Generate a new session id if the decrypting the session data fails
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Nextcloud bot [Fri, 4 Dec 2020 02:19:34 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Thu, 3 Dec 2020 12:49:47 +0000 (13:49 +0100)]
Merge pull request #24472 from nextcloud/version/20.0.3/RC1
20.0.3 RC1
Roeland Jago Douma [Tue, 1 Dec 2020 10:30:37 +0000 (11:30 +0100)]
20.0.3 RC1
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Morris Jobke [Thu, 3 Dec 2020 12:11:12 +0000 (13:11 +0100)]
Merge pull request #24534 from nextcloud/3rdparty/stable20/archive_tar
[3rdparty][security] Archive TAR to 1.4.11
Roeland Jago Douma [Thu, 3 Dec 2020 11:22:41 +0000 (12:22 +0100)]
Merge pull request #24532 from nextcloud/backport/24409/stable20
[stable20] Also run repair steps when encryption is disabled but a legacy key is present
Roeland Jago Douma [Thu, 3 Dec 2020 10:10:24 +0000 (11:10 +0100)]
[3rdparty][security] Archive TAR to 1.4.11
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Morris Jobke [Thu, 3 Dec 2020 10:14:46 +0000 (11:14 +0100)]
Merge pull request #24530 from nextcloud/fix/stable20-nextcloud-log-normalizer
[stable20] Replace abandoned log normalizer with our fork
Morris Jobke [Thu, 3 Dec 2020 10:14:03 +0000 (11:14 +0100)]
Merge pull request #24531 from nextcloud/backport/24516/stable20
[stable20] Add icon to user limit notification
Roeland Jago Douma [Thu, 3 Dec 2020 10:00:56 +0000 (11:00 +0100)]
Merge pull request #24527 from nextcloud/backport/24519/stable20
[stable20] Fix vsprint parameter
Julius Härtl [Fri, 27 Nov 2020 09:01:34 +0000 (10:01 +0100)]
Also handle legacy cipher support when encryption is disabled but an old master key is present
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Morris Jobke [Wed, 2 Dec 2020 20:42:32 +0000 (21:42 +0100)]
Improve wording
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Morris Jobke [Wed, 2 Dec 2020 19:13:33 +0000 (20:13 +0100)]
Add icon to user limit notification
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Christoph Wurst [Thu, 3 Dec 2020 08:50:10 +0000 (09:50 +0100)]
Replace abandoned log normalizer with our fork
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Roeland Jago Douma [Thu, 3 Dec 2020 08:37:44 +0000 (09:37 +0100)]
Merge pull request #24517 from nextcloud/backport/24459/stable20
[stable20] Only execute plain mimetype check for directories and do the fallback…
Roeland Jago Douma [Wed, 2 Dec 2020 20:56:55 +0000 (21:56 +0100)]
Fix vsprint parameter
%2\$; is not valid. On php7 this is just ignored but on php8 it gives an
error. %2\$s; works.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Nextcloud bot [Thu, 3 Dec 2020 02:20:01 +0000 (02:20 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Mon, 30 Nov 2020 15:43:55 +0000 (16:43 +0100)]
Only execute plain mimetype check for directories and do the fallback only for non-directories
Ref #23096
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Morris Jobke [Wed, 2 Dec 2020 19:50:08 +0000 (20:50 +0100)]
Merge pull request #24513 from nextcloud/backport/24501/stable20
[stable20] set mountid for personal external storage mounts
Roeland Jago Douma [Wed, 2 Dec 2020 19:03:24 +0000 (20:03 +0100)]
Merge pull request #24509 from nextcloud/backport/23257/stable20
[stable20] Fix file size computation on 32bit platforms
Robin Appelman [Wed, 2 Dec 2020 13:25:48 +0000 (14:25 +0100)]
set mountid for personal external storage mounts
Signed-off-by: Robin Appelman <robin@icewind.nl>
Roeland Jago Douma [Wed, 2 Dec 2020 18:47:18 +0000 (19:47 +0100)]
Merge pull request #24511 from nextcloud/backport/23278/stable20
[stable20] Allow subscription to indicate that a userlimit is reached
Morris Jobke [Wed, 2 Dec 2020 09:07:34 +0000 (10:07 +0100)]
Add notification for user limit
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Morris Jobke [Thu, 8 Oct 2020 09:41:16 +0000 (11:41 +0200)]
Allow subscription to indicate that a userlimit is reached
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Greta [Wed, 2 Dec 2020 15:45:17 +0000 (16:45 +0100)]
Merge pull request #24491 from nextcloud/backport/24376/stable20
[stable20] fix loading mtime of new file in conflict dialog in firefox
aler9 [Wed, 7 Oct 2020 11:50:29 +0000 (13:50 +0200)]
Fix file size computation on 32bit platforms
Signed-off-by: aler9 <46489434+aler9@users.noreply.github.com>
Morris Jobke [Wed, 2 Dec 2020 15:14:12 +0000 (16:14 +0100)]
Merge pull request #24502 from nextcloud/backport/24499/stable20
[stable20] Harden setup check for TLS version if host is not reachable
Morris Jobke [Wed, 2 Dec 2020 12:16:33 +0000 (13:16 +0100)]
Harden setup check for TLS version if host is not reachable
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Robin Appelman [Wed, 25 Nov 2020 15:56:06 +0000 (16:56 +0100)]
fix loading mtime of new file in conflict dialog in firefox
Signed-off-by: Robin Appelman <robin@icewind.nl>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>
Nextcloud bot [Wed, 2 Dec 2020 02:20:20 +0000 (02:20 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Tue, 1 Dec 2020 22:44:35 +0000 (23:44 +0100)]
Merge pull request #24477 from nextcloud/backport/24189/stable20
[stable20] Set frame-ancestors to none if none are filled
Morris Jobke [Tue, 1 Dec 2020 22:29:35 +0000 (23:29 +0100)]
Merge pull request #24478 from nextcloud/backport/24186/stable20
[stable20] Move the password fiels of chaging passwords to post
Morris Jobke [Tue, 1 Dec 2020 22:28:33 +0000 (23:28 +0100)]
Merge pull request #24479 from nextcloud/backport/24188/stable20
[stable20] Move the global password for files external to post
Morris Jobke [Tue, 1 Dec 2020 22:20:48 +0000 (23:20 +0100)]
Merge pull request #24483 from nextcloud/backport/24094/stable20
[stable20] Only attempt to move to trash if a file is not in appdata
Roeland Jago Douma [Tue, 17 Nov 2020 15:19:03 +0000 (16:19 +0100)]
Set frame-ancestors to none if none are filled
frame-ancestors doesn't fall back to default-src. So when we apply a
very restricted CSP we should make sure to set it to 'none' and not
leave it empty.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma [Tue, 17 Nov 2020 15:10:18 +0000 (16:10 +0100)]
Move the password fiels of chaging passwords to post
* This is not actually used with GET (obviously). But else some scanners
trip on it
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma [Tue, 17 Nov 2020 15:14:21 +0000 (16:14 +0100)]
Move the global password for files external to post
Again more false positives in some scanners
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Julius Härtl [Fri, 13 Nov 2020 07:30:35 +0000 (08:30 +0100)]
Only attempt to move to trash if a file is not in appdata
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Morris Jobke [Tue, 1 Dec 2020 10:04:22 +0000 (11:04 +0100)]
Merge pull request #24325 from nextcloud/backport/24103/stable20
[stable20] Only check path for being accessible when the storage is a object home
Roeland Jago Douma [Tue, 1 Dec 2020 07:48:16 +0000 (08:48 +0100)]
Merge pull request #24462 from nextcloud/backport/24460/stable20
[stable20] Use correct l10n source in files_sharing JS code
Nextcloud bot [Tue, 1 Dec 2020 02:19:56 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Mon, 30 Nov 2020 16:03:19 +0000 (17:03 +0100)]
Use correct l10n source in files_sharing JS code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>
Morris Jobke [Mon, 30 Nov 2020 16:22:42 +0000 (17:22 +0100)]
Merge pull request #24455 from nextcloud/backport/24451/stable20
[stable20] external storages: save group ids not display names in configuration
Morris Jobke [Mon, 30 Nov 2020 15:54:02 +0000 (16:54 +0100)]
Merge pull request #24453 from nextcloud/backport/24449/stable20
[stable20] Store scss variables under a different prefix for each theming config version
Arthur Schiwon [Mon, 30 Nov 2020 13:39:13 +0000 (14:39 +0100)]
save group ids not display names in configuration
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Julius Härtl [Mon, 30 Nov 2020 12:06:10 +0000 (13:06 +0100)]
Store scss variables under a different prefix for each theming config version
The main issue with using the general theming- prefix is that with APCu caching
the cache is not shared between processes, so when trying to reset the cache
through the CLI, e.g. when updating the theming config the old cache is never
invalidated.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Morris Jobke [Mon, 30 Nov 2020 10:24:38 +0000 (11:24 +0100)]
Merge pull request #24446 from nextcloud/backport/23652/stable20
[stable20] Fix public calendars shared to circles
Morris Jobke [Mon, 30 Nov 2020 09:24:27 +0000 (10:24 +0100)]
Merge pull request #24443 from nextcloud/backport/24357/stable20
[stable20] Make sure we add new line between vcf groups exports
Daniel Kesselberg [Fri, 23 Oct 2020 19:18:02 +0000 (21:18 +0200)]
A valid user session is required for circles.
The circles app depends on a valid userId. A public shared calender might be viewed by guests without a user session. For such requests the principal is null.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Daniel Kesselberg [Fri, 23 Oct 2020 19:12:15 +0000 (21:12 +0200)]
Update phpdoc for circleToPrincipal
as the QueryException is already catched inside circleToPrincipal.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
John Molakvoæ (skjnldsv) [Tue, 24 Nov 2020 17:33:39 +0000 (18:33 +0100)]
Make sure we add new line between vcf groups exports
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Nextcloud bot [Mon, 30 Nov 2020 02:19:54 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 29 Nov 2020 02:19:21 +0000 (02:19 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sat, 28 Nov 2020 02:18:33 +0000 (02:18 +0000)]
[tx-robot] updated from transifex
Christoph Wurst [Fri, 27 Nov 2020 08:44:45 +0000 (09:44 +0100)]
Merge pull request #24387 from nextcloud/backport/24382/stable20
[stable20] Properly encode path when fetching inherited shares
Nextcloud bot [Fri, 27 Nov 2020 02:18:26 +0000 (02:18 +0000)]
[tx-robot] updated from transifex
blizzz [Thu, 26 Nov 2020 21:13:43 +0000 (22:13 +0100)]
Merge pull request #24391 from nextcloud/backport/24375/stable20
[stable20] formatting remote sharer should take protocol, path into account
npmbuildbot-nextcloud[bot] [Thu, 26 Nov 2020 14:11:40 +0000 (14:11 +0000)]
Compile assets
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>
Joas Schilling [Thu, 26 Nov 2020 13:50:27 +0000 (14:50 +0100)]
Merge pull request #24333 from nextcloud/backport/24315/stable20
[stable20] avoid empty null default with value that will be inserted anyways
Arthur Schiwon [Wed, 25 Nov 2020 15:36:30 +0000 (16:36 +0100)]
formatting remote sharer should take protocol, path into account
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Julius Härtl [Thu, 26 Nov 2020 08:22:12 +0000 (09:22 +0100)]
Properly encode path when fetching inherited shares
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>
Nextcloud bot [Thu, 26 Nov 2020 02:18:57 +0000 (02:18 +0000)]
[tx-robot] updated from transifex
blizzz [Wed, 25 Nov 2020 19:38:29 +0000 (20:38 +0100)]
Merge pull request #24377 from nextcloud/backport/24374/stable20
[stable20] Use proper bundles for files client and fileinfo
Julius Härtl [Wed, 25 Nov 2020 14:05:04 +0000 (15:05 +0100)]
Files client and info bundles are always loaded so we don't need to load them again
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Roeland Jago Douma [Wed, 25 Nov 2020 15:18:23 +0000 (16:18 +0100)]
Merge pull request #24353 from nextcloud/backport/24162/stable20
[stable20] set the display name of federated sharees from addressbook
Roeland Jago Douma [Wed, 25 Nov 2020 15:17:34 +0000 (16:17 +0100)]
Merge pull request #24367 from nextcloud/backport/24363/stable20
[stable20] Catch storage not available in versions expire command
Arthur Schiwon [Tue, 24 Nov 2020 22:14:43 +0000 (23:14 +0100)]
send expected format of cloud id
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Christoph Wurst [Wed, 25 Nov 2020 08:28:38 +0000 (09:28 +0100)]
Catch storage not available in versions expire command
External storage with session credentials is not accessible without a
user session, hence background jobs and CLI commands can't work with
them. The previously unhandled exception causes logged errors in the
nextcloud log. This patch catches the specific exception and logs it as
warnings. So for a production instance the error won't spam their logs
for this non-recoverable and technically unsolvable error if the minimum
log level is set to the default of 3 (error).
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>