Marcel Klehr
fdfd320eff
Merge pull request #61490 from nextcloud/fix-webhook
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
fix: webhook payload for system tag events
2026-07-09 15:05:44 +02:00
Peter R.
9f654c738a
Merge pull request #61849 from nextcloud/feat/search-combobox-shell
...
feat(core): header-anchored combobox shell for unified search
2026-07-09 14:44:06 +02:00
Kate
dc0aa505bd
Merge pull request #61929 from nextcloud/fix/files_sharing/interaction-file-delete-create-before-increase
...
fix(files_sharing): Fail on sharing file with create or delete permission before failing on increased permissions
2026-07-09 14:20:58 +02:00
Peter Ringelmann
a35788772b
chore: build assets
...
Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
2026-07-09 13:21:46 +02:00
Stephan Orbaugh
fb9a073571
Merge pull request #61916 from nextcloud/carl/fetch-groups-optimization
...
feat: Fetch groups in batch in getUserGroups
2026-07-09 13:10:49 +02:00
provokateurin
2e633e37f8
fix(files_sharing): Fail on sharing file with create or delete permission before failing on increased permissions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-09 12:06:48 +02:00
Peter Ringelmann
755680829b
feat(core): support unified search on mobile viewports
...
Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
2026-07-09 11:58:40 +02:00
Côme Chilliet
c89eab5153
Merge pull request #61866 from nextcloud/feat/sabre-xml-remove-callable-serialization
...
feat: Disable callable serialization in sabre/xml
2026-07-09 11:53:42 +02:00
Peter Ringelmann
bb4b70cf3a
feat(core): header-anchored combobox shell for unified search
...
Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
2026-07-09 11:47:08 +02:00
Carl Schwan
30291ff591
feat: Fetch groups in batch in getUserGroups
...
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-07-09 11:23:54 +02:00
Nextcloud bot
ecf8eff2aa
fix(l10n): Update translations from Transifex
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2026-07-09 00:22:37 +00:00
Ferdinand Thiessen
08b04d9ac5
Merge pull request #61658 from nextcloud/fix/files-node-name
...
fix(files): proper accessible row name and title for overflow
2026-07-09 01:51:38 +02:00
Ferdinand Thiessen
e0bc30e682
chore: compile assets
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 21:33:47 +02:00
Ferdinand Thiessen
bca2c7f229
fix(files): proper accessible row name and title for overflow
...
- resolves https://github.com/nextcloud/server/issues/59203
- resolves https://github.com/nextcloud/server/issues/56611
In the files list before this the accessible name of the button (default
action) was overridden to the default action display name.
But this causes problem for screen readers because then the whole table
row is just called "view" or "download" instead of using the inner text
(e.g. "filename.txt").
This fixes it to rename it `ACTION: FILENAME` instead.
Also when long names were truncated there were no useful title (tooltip)
for it, so it was not possible to get the real name.
This is fixed by always provide a proper tooltip including the full
name.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 21:33:47 +02:00
Andy Scherzinger
3b7e586de6
Merge pull request #61900 from nextcloud/automated/noid/master-update-code-signing-crl
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
[master] fix(security): Update code signing revocation list
2026-07-08 21:10:52 +02:00
John Molakvoæ
6f1e9146c2
Merge pull request #56079 from nextcloud/fix/systemtags
...
fix(systemtags): remove duplicates, cleanup existing tags
2026-07-08 19:47:16 +02:00
Ferdinand Thiessen
e4739c488a
Merge pull request #61506 from nextcloud/fix/names
...
fix(files): distinguish between files and folders for validation messages
2026-07-08 19:11:38 +02:00
Carl Schwan
4e5652b7e5
Merge pull request #61908 from nextcloud/leftybournes/feat/federation_scan_share_on_accept
...
feat(files_sharing): schedule external share scan job when accepted
2026-07-08 18:57:35 +02:00
Ferdinand Thiessen
89449f0ae9
chore: compile assets
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 18:24:05 +02:00
Ferdinand Thiessen
836dd57aca
fix(files): distinguish between files and folders for validation messages
...
Unit tests are AI assisted.
Assisted-by: ClaudeCode:claude-opus-4-8
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 18:22:43 +02:00
Ferdinand Thiessen
763c805a8f
Merge pull request #61577 from nextcloud/fix/app-icon
...
fix(appstore): use proper app icon or adjust color if needed
2026-07-08 18:21:41 +02:00
Ferdinand Thiessen
99dde997f7
chore: compile assets
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 17:00:15 +02:00
Ferdinand Thiessen
1fa501b52e
fix(appstore): use proper app icon or adjust color if needed
...
- resolves https://github.com/nextcloud/server/issues/61244
Use the dark variant if possible first and then fallback to bright
variant and adjust the icon if needed.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 16:55:33 +02:00
Kent Delante
b92c953241
feat(files_sharing): schedule external share scan job when accepted
...
Signed-off-by: Kent Delante <kent@delante.me>
Schedule a scan job on an external share when an account accepts it
to make file information available (e.g. size) without having to
interact with the share.
2026-07-08 21:30:36 +08:00
Christoph Wurst
60f4e84e66
Merge pull request #61679 from nextcloud/fix/hide-scroll-bar
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
fix: hide scroll bar in unified search when not needed
2026-07-08 14:01:02 +02:00
skjnldsv
84a8e5b1f2
fix(systemtags): remove duplicates, prevent and sanitize existing tags
...
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
Assisted-by: ClaudeCode:claude-opus-4-8
2026-07-08 12:16:50 +02:00
nextcloud-command
784f8d5e82
fix(security): Update code signing revocation list
...
Signed-off-by: GitHub <noreply@github.com>
2026-07-08 03:12:08 +00:00
Nextcloud bot
5ae39da765
fix(l10n): Update translations from Transifex
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2026-07-08 00:22:43 +00:00
David Dreschner
ae35f81b7a
Merge pull request #61881 from nextcloud/fix/force-trashbin-deletion
...
fix(CalDav): Force trashbin deletion when re-creating item with same UID
2026-07-07 23:05:31 +02:00
Andy Scherzinger
a256d7eecc
Merge pull request #61615 from nextcloud/fix/lostpassword-throttle-reset-form
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
fix(core): Throttle lost-password reset form when link is disabled
2026-07-07 18:56:24 +02:00
Andy Scherzinger
65736e5598
Merge pull request #61686 from nextcloud/bug-dont-throttle-csrf
...
fix(bruteforce): Don't throttle requests with failing CSRF
2026-07-07 18:34:31 +02:00
David Dreschner
f6caf5a7ee
fix(CalDav): Force trashbin deletion when re-creating item with same UID
...
Assisted-by: ClaudeCode:claude-fable-5
Signed-off-by: David Dreschner <david.dreschner@nextcloud.com>
2026-07-07 17:36:50 +02:00
Stephen Cuppett
507c0a78f5
Merge pull request #60002 from cuppett/cuppett/migrate-appconfig-keys-to-bool
...
refactor(encryption): Migrate appconfig keys to typed bool IAppConfig with repair step
2026-07-07 11:06:57 -04:00
Daniel Kesselberg
58b21c0709
fix(bruteforce): Don't throttle requests with failing CSRF
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2026-07-07 17:02:08 +02:00
nfebe
f9e274dfe3
fix(core): Throttle lost-password reset form when link is disabled
...
When password reset links were disabled, the reset form did not rate-limit
failed token attempts, leaving that endpoint open to unthrottled token
guessing. Failed attempts on the form are now always throttled, consistent
with the other reset steps.
Signed-off-by: nfebe <fenn25.fn@gmail.com>
2026-07-07 16:53:02 +02:00
Andy Scherzinger
39d2dc253e
Merge pull request #61845 from nextcloud/fix/declarative-settings-delegation
...
fix(DeclarativeManager): Fix admin delegation
2026-07-07 15:57:26 +02:00
Kate
2eaad341b4
Merge pull request #61870 from nextcloud/kano-ocm-token-confinement
...
fix(auth): confine OCM access token to the masked share endpoint
2026-07-07 15:54:49 +02:00
Côme Chilliet
8547e210de
feat: Disable callable serialization in sabre/xml
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-07-07 15:50:21 +02:00
Kate
bc162c7706
Merge pull request #61858 from nextcloud/test/heic
...
test: fix HEIC tests
2026-07-07 15:10:08 +02:00
Micke Nordin
db96073459
fix(auth): confine OCM access token to the masked share endpoint
...
Gate the temporary-token bearer auth behind an allowOcmAccessToken flag
that only the public, share-masked webdav endpoints set, and drop the
BearerAuth backend from the CalDAV/CardDAV entrypoints. The token is now
honored only on /public.php/webdav, where per-share masking applies.
Assisted-by: ClaudeCode:claude-fable-5
Signed-off-by: Micke Nordin <kano@sunet.se>
2026-07-07 13:56:32 +02:00
Stephan Orbaugh
7c41ebcd80
Merge pull request #61751 from nextcloud/test/files-pw
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
test(files): migrate end-to-end tests to PlayWright
2026-07-07 13:49:26 +02:00
Ferdinand Thiessen
1479eba07b
test: fix HEIC tests
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-07 13:30:58 +02:00
Kate
ed052e6fa4
Merge pull request #61128 from nextcloud/feat/ocp/interaction
...
feat(OCP): Add Interaction API
2026-07-07 12:42:46 +02:00
Joas Schilling
efe0f83881
Merge pull request #61682 from nextcloud/feat/improve-bruteforce-protection-command-output
...
feat(bruteforce): improve bruteforce protection command output
2026-07-07 11:03:34 +02:00
Marcel Klehr
6d2a98a5d3
fix(DeclarativeManagerTest): Fix testAdminFormUserUnauthorized
...
Assisted-by: ClaudeCode:claude-opus-4-8
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2026-07-07 08:55:18 +02:00
Andy Scherzinger
68dd6aca6b
Merge pull request #61841 from nextcloud/fix/dont-break-cache-entry
...
fix(Sharing): Don't break cache entry by setting path to null
2026-07-07 08:54:27 +02:00
Carl Schwan
92f7adc31e
Merge pull request #61511 from Murena-SAS/dev/dont-scan-appdata
...
Fix the ScanFiles job to not trigger scans of root directory for every single user
2026-07-07 08:26:12 +02:00
provokateurin
fb17121065
refactor(files_sharing,Share20): Use Interaction API to apply restrictions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
65366c98ca
refactor(Share20\Manager): Rename generalChecks method and remove unused parameter
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
6cfda6849c
feat(Interaction): Implement all existing restrictions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00