aboutsummaryrefslogtreecommitdiffstats
path: root/build
Commit message (Collapse)AuthorAgeFilesLines
* feat(files_sharing): add config option for extending link-share permissionsFerdinand Thiessen5 days2-0/+3
| | | | | | | | This allows the admin to control the behavior whether link shares with READ permissions should be extended to also gain SHARE permissions, allowing users (public share receivers) to add the share to their cloud. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix(security): Update CA certificate bundleautomated/noid/master-update-ca-cert-bundlenextcloud-command7 days1-1/+1
| | | | Signed-off-by: GitHub <noreply@github.com>
* build: Update psalm baselinebuild/update-psalm-baselineprovokateurin9 days1-1/+0
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* Revert "perf(base): Stop setting up the FS for every basic auth request"John Molakvoæ11 days5-9/+185
|
* Merge pull request #53141 from nextcloud/perf/files/setup-fs-basic-auth-requestJohn Molakvoæ11 days5-185/+9
|\
| * chore: Remove unused \OC\Cache\CappedMemoryCacheprovokateurin2025-07-081-11/+0
| | | | | | | | Signed-off-by: provokateurin <kate@provokateurin.de>
| * fix(core): Stop abusing the cache for avatar uploadprovokateurin2025-07-084-174/+9
| | | | | | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* | Merge pull request #53897 from nextcloud/fix/noid/krb-fallbackArthur Schiwon12 days1-5/+0
|\ \ | | | | | | fix(Krb): switch away from deprecated and broken KerberosApacheAuth()
| * | fix(Krb): switch away from deprecated and broken KerberosApacheAuth()Arthur Schiwon12 days1-5/+0
| | | | | | | | | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | | Merge pull request #53887 from nextcloud/fix/lower-email-caseJohn Molakvoæ12 days1-2/+0
|\ \ \
| * | | fix: force lowercase emailsfix/lower-email-caseskjnldsv13 days1-2/+0
| |/ / | | | | | | | | | Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
* | | Merge pull request #53501 from nextcloud/fix-theming-for-disabled-accountsDaniel Calviño Sánchez12 days4-0/+191
|\ \ \ | | | | | | | | fix: Fix theming for disabled accounts
| * | | fix: Fix theming for disabled accountsfix-theming-for-disabled-accountsDaniel Calviño Sánchez12 days4-0/+191
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Theming app injects the stylesheets for the different themes in the "<header>" element of the page, and those stylesheets are then loaded by the browser from a "Controller" (a plain "Controller", not an "OCSController"). The stylesheets, in turn, may also get some images (like the background) also from the "Controller". When handling a request to "index.php" it is checked whether the user is logged in and, if not, a login is tried. A disabled user is explicitly seen as not logged in, so a login is always tried in that case, but disabled users are also explicitly prevented to log in, so the login also fails. Due to that trying to get any of the themed stylesheets or images with a disabled account (to be able to show the "Account disabled" error page) fails with an HTTP status 401. To solve that, and to avoid touching this basic logic as much as possible, the login exception is now ignored (if the user is disabled) for some specific requests to the Theming app. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* / / chore: update psalm baselinefix/cleanup-loadapp-callsCôme Chilliet13 days1-11/+0
|/ / | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Merge pull request #53537 from nextcloud/fix/cleanup-dependencyanalyserKate14 days1-12/+0
|\ \
| * | chore: update psalm baselinefix/cleanup-dependencyanalyserCôme Chilliet14 days1-12/+0
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | | feat(OCP): Consumable vs. Implementable public APItechdebt/standard-15/consumable-ocpJoas Schilling14 days1-2/+90
|/ / | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* / chore: update psalm baselineCôme Chilliet2025-07-081-9/+0
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* chore: add rector DataProviderAnnotationToAttributeRectorRobin Appelman2025-07-011-0/+2
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* chore: add phpunit StaticDataProviderClassMethodRector rector ruleRobin Appelman2025-07-011-1/+3
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* chore: apply new CSFixer rulesFerdinand Thiessen2025-07-0138-21/+59
| | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
* Merge pull request #53671 from nextcloud/fix/read-only-share-downloadJohn Molakvoæ2025-07-012-3/+32
|\
| * feat(files_sharing): allow viewing files with download disabledskjnldsv2025-06-262-3/+32
| | | | | | | | Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
* | fix(files): Always transfer incoming shares when doing ownership transfer to ↵provokateurin2025-07-012-49/+15
| | | | | | | | | | | | prevent broken reshares Signed-off-by: provokateurin <kate@provokateurin.de>
* | Merge branch 'master' into remove-x-xss-protectionJoas Schilling2025-06-307-62/+174
|\ \
| * | fix: handle ambiguous IResponse.getBody return typesdebt/noid/wrong-return-type-iresponseDaniel Kesselberg2025-06-301-12/+0
| | | | | | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
| * | docs(http): Update return type for getBodyDaniel Kesselberg2025-06-301-10/+0
| | | | | | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
| * | fix(nullcache): make get compliant with the interfacedebt/noid/wrong-return-type-nullcacheDaniel Kesselberg2025-06-261-19/+0
| |/ | | | | | | | | | | The interface defines ICacheEntry|false, thus we should not return null. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
| * fix: revive always storing lowercased email addressesRichard Steinmetz2025-06-241-0/+12
| | | | | | | | Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
| * refactor(dav): move shared logic to a dedicated example contact servicerefactor/dav/example-contact-serviceRichard Steinmetz2025-06-191-11/+0
| | | | | | | | Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
| * Merge pull request #52916 from nextcloud/fix/cache-ldap-configuration-prefixesCôme Chilliet2025-06-191-8/+0
| |\ | | | | | | fix(user_ldap): Store the list of used configuration prefixed in appconfig
| | * chore: update psalm baselinefix/cache-ldap-configuration-prefixesCôme Chilliet2025-06-101-8/+0
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix(FilenameValidator): use `_` as default replacement for invalid charsfix/validation-defaultsFerdinand Thiessen2025-06-181-1/+1
| | | | | | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * | test(dav): add integration test for principal property searchbug/noid/principal-guest_app-not-foundDaniel Kesselberg2025-06-174-0/+156
| | | | | | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
| * | chore: add UseSpecificWillMethodRector to rector configurationRobin Appelman2025-06-121-0/+4
| | | | | | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * | chore: add tests to rector configurationRobin Appelman2025-06-121-1/+1
| |/ | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* / Fix: Remove X-XSS-Protection use, check and recommendationinvario2025-06-133-4/+0
|/ | | | | Co-authored-by: John Molakvoæ <skjnldsv@users.noreply.github.com> Signed-off-by: invario <67800603+invario@users.noreply.github.com>
* fix: use logical operator instead of bitwiseDaniel Kesselberg2025-06-101-6/+0
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Merge pull request #52538 from nextcloud/feat/use-php84-lazy-objectsCôme Chilliet2025-06-101-44/+0
|\ | | | | Use PHP 8.4 lazy ghosts for Dependency injection
| * fix: Fix psalm issue and update baselineCôme Chilliet2025-06-051-44/+0
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Merge pull request #53287 from nextcloud/feat/test-app-routesStephan Orbaugh2025-06-063-1/+81
|\ \ | |/ |/| feat(tests): Test application enabling/disabling and routes
| * feat(tests): Test application enabling/disabling and routesfeat/test-app-routesCôme Chilliet2025-06-053-1/+81
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | chore: update psalm baselinefeat/cache-routesCôme Chilliet2025-06-051-3/+0
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | chore: Disable appstore from integration testsCôme Chilliet2025-06-051-0/+2
| | | | | | | | | | | | This avoids spamming the appstore server and getting banned from CI runs Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | fix(dav): file drop nicknameskjnldsv2025-06-051-4/+43
|/ | | | Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
* refactor(core): migrate core application to `IBootstrap`Ferdinand Thiessen2025-06-021-6/+0
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* feat: move primary object store configuration to a single placeprimary-object-store-settingsRobin Appelman2025-05-281-8/+0
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* fix(security): Update CA certificate bundlenextcloud-command2025-05-211-1/+1
| | | | Signed-off-by: GitHub <noreply@github.com>
* Revert "fix(files_sharing): Filter own shares that are reshares"revert-52503-fix/files_sharing/filter-own-reshared-sharesJoas Schilling2025-05-191-0/+9
|
* Merge pull request #52891 from nextcloud/chore/nix-flakeKate2025-05-191-0/+3
|\