Make sure we add new line between vcf groups exports

Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>

Merge pull request #24331 from nextcloud/bugfix/fix-contactsmenu-position

Fix contacts menu position and show uid as a tooltip

Merge pull request #24324 from nextcloud/td/psalm/backgroundjob_job

Fix the OCP\BackgroundJob\Job to make it compatible with  its interface

Fix contacts menu position and show uid as a tooltip

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Merge pull request #24315 from nextcloud/fix/23174/flow-ops-fix-default-value

avoid empty null default with value that will be inserted anyways

Merge pull request #24272 from nextcloud/dependabot/npm_and_yarn/jquery-migrate-3.3.2

Merge pull request #24323 from nextcloud/fix/comments-tab-missing

Fix reverse registration and missing comments tab

Fix the OCP\BackgroundJob\Job to make it compatible with  its interface

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Bump jquery-migrate from 3.3.1 to 3.3.2

Bumps [jquery-migrate](https://github.com/jquery/jquery-migrate) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/jquery/jquery-migrate/releases)
- [Commits](https://github.com/jquery/jquery-migrate/compare/3.3.1...3.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Merge pull request #24312 from nextcloud/bugfix/noid/fix-router-alias

Add proper alias for internal router class

Merge pull request #24271 from nextcloud/dependabot/npm_and_yarn/babel/preset-env-7.12.7

Bump @babel/preset-env from 7.12.1 to 7.12.7

Merge pull request #24320 from nextcloud/typo/noid/fix-typo-in-deprecated

Fix typo in @deprecated PHPDoc tag

Merge pull request #24321 from nextcloud-pr-bot/automated/noid/psalm-baseline-update

[Automated] Update psalm-baseline.xml

Fix reverse registration and missing comments tab

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Add proper alias for internal router class

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Update psalm baseline

Signed-off-by: GitHub <noreply@github.com>

[tx-robot] updated from transifex

Fix typo in @deprecated PHPDoc tag

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

avoid empty null default with value that will be inserted anyways

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

Merge pull request #24288 from nextcloud/techdebt/noid/encryption-setup-dependency-cleanup

Remove unused dependencies in encryption app setup

Bump @babel/preset-env from 7.12.1 to 7.12.7

Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.12.1 to 7.12.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.12.7/packages/babel-preset-env)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Merge pull request #24289 from nextcloud/techdebt/noid/encryption-make-application-class-dependency-free

[encryption] Remove dependency fetching inside the constructor and mo…

Remove unused dependencies in encryption app setup

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Merge pull request #24310 from nextcloud/perf/noid/theming-capabilities

Optimize check if background is themed

Merge pull request #24273 from nextcloud/dependabot/npm_and_yarn/babel/core-7.12.7

Bump @babel/core from 7.12.3 to 7.12.7

Optimize chek if background is themed

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Bump @babel/core from 7.12.3 to 7.12.7

Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.12.3 to 7.12.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.12.7/packages/babel-core)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Merge pull request #24275 from nextcloud/dependabot/npm_and_yarn/moment-timezone-0.5.32

Bump moment-timezone from 0.5.31 to 0.5.32

Merge pull request #24251 from nextcloud/fix/sabre-parse-xml-errors

Update sabre/xml to fix XML parsing errors (with empty strings)

Bump moment-timezone from 0.5.31 to 0.5.32

Bumps [moment-timezone](https://github.com/moment/moment-timezone) from 0.5.31 to 0.5.32.
- [Release notes](https://github.com/moment/moment-timezone/releases)
- [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md)
- [Commits](https://github.com/moment/moment-timezone/compare/0.5.31...0.5.32)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>

Update sabre/xml to fix XML parsing errors (with empty strings)

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Merge pull request #24290 from nextcloud/propagate-taint

Add IRequest taint sources

Merge pull request #24293 from nextcloud/dependabot/composer/vimeo/psalm-4.2.1

Bump vimeo/psalm from 4.2.0 to 4.2.1

Bump vimeo/psalm from 4.2.0 to 4.2.1

Bumps [vimeo/psalm](https://github.com/vimeo/psalm) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/vimeo/psalm/releases)
- [Commits](https://github.com/vimeo/psalm/compare/4.2.0...4.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

[tx-robot] updated from transifex

Add IRequest taint sources

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

[encryption] Remove dependency fetching inside the constructor and move them to method call parameters

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Merge pull request #24267 from nextcloud/techdebt/noid/auto-wire-encryption-app-view-dependent

Auto-wire remaining encryption app services that depend on View

Auto-wire remaining encryption app services that depend on View

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Merge pull request #24269 from nextcloud/taint-specialize

Mark getAppPath as specialized taint

Merge pull request #24268 from nextcloud/add-app-as-sanitizer-for-include

Mark cleanAppId as sanitizer for include

[tx-robot] updated from transifex

Merge pull request #24276 from nextcloud/dependabot/npm_and_yarn/vue-material-design-icons-4.11.0

Bump vue-material-design-icons from 4.10.0 to 4.11.0

Bump vue-material-design-icons from 4.10.0 to 4.11.0

Bumps [vue-material-design-icons](https://github.com/robcresswell/vue-material-design-icons) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/robcresswell/vue-material-design-icons/releases)
- [Changelog](https://github.com/robcresswell/vue-material-design-icons/blob/dev/CHANGELOG.md)
- [Commits](https://github.com/robcresswell/vue-material-design-icons/compare/4.10.0...4.11.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

[tx-robot] updated from transifex

Mark getAppPath as specialized taint

Should remove some false positives.

https://psalm.dev/docs/security_analysis/avoiding_false_positives/

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Mark cleanAppId as sanitizer for include

Should remove a bunch of false positive code scanning results.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Allow View to be used via DI

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Merge pull request #24064 from nextcloud/techdebt/noid/auto-wire-encryption-app

Auto-wire as much as possible in the encryption app

Merge pull request #24246 from LukasReschke/add-taint-flow-analysis

Add Psalm Security Analysis

Auto-wire as much as possible in the encryption app

Also cleans up only non-classname services in the server container

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Add Psalm Taint Flow Analysis

This adds the Psalm Security Analysis, as described at
https://psalm.dev/docs/security_analysis/

It also adds a plugin for adding input into AppFramework.

The results can be viewed in the GitHub Security tab at
https://github.com/nextcloud/server/security/code-scanning

**Q&A:**

Q: Why do you not use the shipped Psalm version?
A: I do a lot of changes to the Psalm Taint behaviour. Using released
versions is not gonna get us the results we want.

Q: How do I improve false positives?
A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/

Q: How do I add custom sources?
A: https://psalm.dev/docs/security_analysis/custom_taint_sources/

Q: We should run this on apps!
A: Yes.

Q: What will change in Psalm?
A: Quite some of the PHP core functions are not yet marked to propagate
the taint. This leads to results where the taint flow is lost. That's
something that I am currently working on.

Q: Why is the plugin MIT licensed?
A: Because its the first of its kind (based on GitHub Code Search) and
I want other people to copy it if they want to. Security is for all :)

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Merge pull request #24257 from nextcloud/nc-comments

Simple typo in comments

Merge pull request #24242 from essys/patch-1

Update ScanLegacyFormat.php

Merge pull request #24254 from nextcloud/enh/lint_php8

Also lint php8

Simple typo in comments

Also lint php8

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Merge pull request #24062 from nextcloud/revert-24060-revert-24039-faster-installation

Revert "Revert "Installation goes brrrr""

Merge pull request #24241 from nextcloud/enh/harden_EncryptionLegacyCipher_repair

Harden EncryptionLegacyCipher a bit

Merge pull request #24243 from nextcloud/techdebt/composer-require-libxml

Require libxml in composer

Require xmlreader via composer

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Require libxml in composer

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Update ScanLegacyFormat.php

Fixed a small typo on line 99.

Merge pull request #24234 from nextcloud/dependabot/composer/vimeo/psalm-4.2.0

Bump vimeo/psalm from 4.1.1 to 4.2.0

Harden EncryptionLegacyCipher a bit

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Bump vimeo/psalm from 4.1.1 to 4.2.0

Bumps [vimeo/psalm](https://github.com/vimeo/psalm) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/vimeo/psalm/releases)
- [Commits](https://github.com/vimeo/psalm/compare/4.1.1...4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Merge pull request #24235 from nextcloud-pr-bot/automated/noid/psalm-baseline-update

[Automated] Update psalm-baseline.xml

Update psalm baseline

Signed-off-by: GitHub <noreply@github.com>

[tx-robot] updated from transifex

Merge pull request #24017 from nextcloud/enh/share_expiration

Make the expire shares cron job actually expire the shares

Merge pull request #24203 from nextcloud/enh/search_regex_file_shares

Use regex when searching on single file shares

Merge pull request #24211 from nextcloud/bugfix/noid/theming-image

Fix setting images through occ for theming

Merge pull request #24007 from nextcloud/select-distinct-multiple

allow selecting multiple columns with SELECT DISTINCT

Merge pull request #24103 from nextcloud/bugfix/noid/groupfolder-share-object-storage

Only check path for being accessible when the storage is a object home

Merge pull request #24164 from nextcloud/fix/lazy-app-registration

Allow lazy app registration

Merge pull request #24094 from nextcloud/bugfix/noid/trash-appdata

Only attempt to move to trash if a file is not in appdata

Merge pull request #24225 from nextcloud/enh/dataresponse_typehints

Fix DataResponse typehints

Fix DataResponse typehints

We use this already in several places where we just pass strings or
numbers.
This all works because we just convert it to a json response in the end.
So better to have the typehints reflect this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Make the expire shares cron job actually expire the shares

Right now we just delete the shares from the DB. Which is efficient
sure. But doesn't trigger any real cleanup. So no Admin audit entries or
any other post processing is done.

This makes sure we really trigger this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Merge pull request #24135 from medical-cloud/fix/23357-nextcloud-logo-in-email-notifications-is-misaligned-in-version-20

Fix nextcloud logo in email notifications misalignment

Limit shared cache search if it is just a file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Merge pull request #24207 from nextcloud/bugfix/noid/missing-level-psrlogged

missing level in ScopedPsrLogger

Fix setting images through occ for theming

Signed-off-by: Julius Härtl <jus@bitgrid.net>

[tx-robot] updated from transifex

Fix #23357

Signed-off-by: medcloud <42641918+medcloud@users.noreply.github.com>

missing level

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

Merge pull request #24189 from nextcloud/enh/csp/frame-ancestors

Set frame-ancestors to none if none are filled

Merge pull request #24198 from nextcloud/bugfix/noid/no-fs-setup-dashboard

Only setup filesystem if needed for dashboard background service

Merge pull request #24186 from nextcloud/enh/password_to_post

Move the password fiels of chaging passwords to post

Set frame-ancestors to none if none are filled

frame-ancestors doesn't fall back to default-src. So when we apply a
very restricted CSP we should make sure to set it to 'none' and not
leave it empty.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Only setup filesystem if needed for dashboard background service

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Allow lazy app registration

During app installation we run migration steps. Those steps may use
services the app registers or classes from composer. Hence we have to
make sure the app runs through the registration.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

[tx-robot] updated from transifex

Merge pull request #21716 from nextcloud/td/remove/irouter_cleanup

Remove some IRouter methods

Merge pull request #24188 from nextcloud/enh/password_external_post

Move the global password for files external to post

Merge pull request #24192 from nextcloud/dependachristoph/npm_and_yarn/jquery-3.3

Bump jquery from 3.2 to 3.3

Bump jquery from 3.2 to 3.3

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Merge pull request #24179 from nextcloud/dependachristoph/npm_and_yarn/jquery-3.2

Bump jquery from 3.1 to 3.2

Move the global password for files external to post

Again more false positives in some scanners

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Move the password fiels of chaging passwords to post

* This is not actually used with GET (obviously). But else some scanners
  trip on it

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>