Current File : //var/softaculous/owncloud/changelog.txt
Changelog for ownCloud Core [10.10.0] (2022-05-16)
=======================================
The following sections list the changes in ownCloud core 10.10.0 relevant to
ownCloud admins and users.
[10.10.0]: https://github.com/owncloud/core/compare/v10.9.1...v10.10.0
Summary
-------
* Security - Prevent stored mail settings password from showing in the webUI: [#39833](https://github.com/owncloud/core/pull/39833)
* Bugfix - Properly setup share owner file system on public link shares: [#39518](https://github.com/owncloud/core/pull/39518)
* Bugfix - Prevent group names starting or ending with white space: [#39540](https://github.com/owncloud/core/pull/39540)
* Bugfix - Set page title for the tags file list: [#39556](https://github.com/owncloud/core/issues/39556)
* Bugfix - Don't resend invitation mail if a user is guest: [#39602](https://github.com/owncloud/core/pull/39602)
* Bugfix - Text previews had faulty content if BOM was present: [#39669](https://github.com/owncloud/core/pull/39669)
* Bugfix - Fix files:checksums:verify for a single file: [#39683](https://github.com/owncloud/core/pull/39683)
* Bugfix - Moving a file from one folder into a folder that is a number fails: [#39702](https://github.com/owncloud/core/issues/39702)
* Bugfix - Make licenses expire at the end of the expiration date: [#39735](https://github.com/owncloud/core/pull/39735)
* Bugfix - Subadmin will be shown only his assignable groups in the users page: [#39752](https://github.com/owncloud/core/pull/39752)
* Bugfix - Fix wrong formatted XML in public-files dav endpoint: [#39797](https://github.com/owncloud/core/pull/39797)
* Bugfix - Fix issue restoring versions from the trashbin after sharing: [#39822](https://github.com/owncloud/core/pull/39822)
* Bugfix - Fix issue when encryption is enabled and a file is moved out of the share: [#39829](https://github.com/owncloud/core/pull/39829)
* Bugfix - Avoid sending unneeded passwords in the files_external app: [#39841](https://github.com/owncloud/core/pull/39841)
* Bugfix - Fix issue with requesting an invalid share id: [#39868](https://github.com/owncloud/core/issues/39868)
* Bugfix - Remove fr_FR language variant: [#39931](https://github.com/owncloud/core/issues/39931)
* Bugfix - Limit the width of the form on login page: [#39962](https://github.com/owncloud/core/pull/39962)
* Bugfix - Allow re-uploading the same folder after being renamed: [#39966](https://github.com/owncloud/core/pull/39966)
* Bugfix - Default for propfind depth infinity adjusted: [#40016](https://github.com/owncloud/core/pull/40016)
* Bugfix - Allow partial initialization of the FS: [#40031](https://github.com/owncloud/core/pull/40031)
* Bugfix - Filter sensitive data in log for Session::createSessionToken: [#40066](https://github.com/owncloud/core/pull/40066)
* Change - Update the default poll-interval in capabilities: [#39143](https://github.com/owncloud/core/pull/39143)
* Change - Private keys for SFTP storage will be stored in credentials table: [#39935](https://github.com/owncloud/core/pull/39935)
* Change - Update JavaScript dependencies: [#39709](https://github.com/owncloud/core/pull/39709)
* Change - Update PHP dependencies: [#39526](https://github.com/owncloud/core/pull/39526)
* Change - Update Symfony components: [#39526](https://github.com/owncloud/core/pull/39526)
* Enhancement - Allow OPTIONS request handling in framework controllers: [#38758](https://github.com/owncloud/core/pull/38758)
* Enhancement - Unify API responses when setting permissions for public links: [#39194](https://github.com/owncloud/core/pull/39194)
* Enhancement - Show detailed error message if moving a mount into another fails: [#39584](https://github.com/owncloud/core/pull/39584)
* Enhancement - Add warnings for commands that are incompatible with object storage: [#39604](https://github.com/owncloud/core/pull/39604)
* Enhancement - Cache some data in memory from the filecache: [#39847](https://github.com/owncloud/core/pull/39847)
* Enhancement - Add product to version in capabilities response: [#39851](https://github.com/owncloud/core/pull/39851)
* Enhancement - Allow files_external app to be disabled: [#39856](https://github.com/owncloud/core/pull/39856)
* Enhancement - Improve FileDrop view: [#39900](https://github.com/owncloud/core/pull/39900)
* Enhancement - Align "close" for messages: [#39907](https://github.com/owncloud/core/pull/39907)
* Enhancement - Changes regarding cookie handling: [#39916](https://github.com/owncloud/core/pull/39916)
* Enhancement - Expose user type of share receiver in share api: [#40013](https://github.com/owncloud/core/pull/40013)
* Enhancement - Use the same string in the header also in public view: [#40032](https://github.com/owncloud/core/pull/40032)
Details
-------
* Security - Prevent stored mail settings password from showing in the webUI: [#39833](https://github.com/owncloud/core/pull/39833)
https://github.com/owncloud/enterprise/issues/5035
https://github.com/owncloud/core/pull/39833
* Bugfix - Properly setup share owner file system on public link shares: [#39518](https://github.com/owncloud/core/pull/39518)
https://github.com/owncloud/core/pull/39518
* Bugfix - Prevent group names starting or ending with white space: [#39540](https://github.com/owncloud/core/pull/39540)
https://github.com/owncloud/core/pull/39540
* Bugfix - Set page title for the tags file list: [#39556](https://github.com/owncloud/core/issues/39556)
https://github.com/owncloud/core/issues/39556
https://github.com/owncloud/core/pull/39585
* Bugfix - Don't resend invitation mail if a user is guest: [#39602](https://github.com/owncloud/core/pull/39602)
With this change the resend invitation mail action in the user management UI for guest users has
been removed, it is not appropriate for this type of user.
https://github.com/owncloud/enterprise/issues/4868
https://github.com/owncloud/core/pull/39602
* Bugfix - Text previews had faulty content if BOM was present: [#39669](https://github.com/owncloud/core/pull/39669)
The BOM was incorrectly detected and was causing ownCloud to choose the wrong font for the text,
showing unexpected results. The BOM is now processed correctly and the preview is shown as
expected
https://github.com/owncloud/core/pull/39669
* Bugfix - Fix files:checksums:verify for a single file: [#39683](https://github.com/owncloud/core/pull/39683)
Fixed an issue where running files:checksums:verify for a single file would fail.
https://github.com/owncloud/core/pull/39683
* Bugfix - Moving a file from one folder into a folder that is a number fails: [#39702](https://github.com/owncloud/core/issues/39702)
The issue is fixed by updating sabre/dav from 4.3.0 to 4.3.1
https://github.com/owncloud/core/issues/39702
https://github.com/owncloud/core/pull/39703
* Bugfix - Make licenses expire at the end of the expiration date: [#39735](https://github.com/owncloud/core/pull/39735)
https://github.com/owncloud/core/pull/39735
* Bugfix - Subadmin will be shown only his assignable groups in the users page: [#39752](https://github.com/owncloud/core/pull/39752)
Previously, the subadmin could see all groups even if he could only assign users to a bunch of
them. Now the subadmin will see the groups he can assign to the user
https://github.com/owncloud/core/pull/39752
* Bugfix - Fix wrong formatted XML in public-files dav endpoint: [#39797](https://github.com/owncloud/core/pull/39797)
Previously, trying to perform a PROPFIND over the public-files endpoint could cause an
exception to be thrown, which would generate a wrong formatted XML response. Now, the XML
response is properly formatted and can be parsed without problems.
https://github.com/owncloud/core/pull/39797
* Bugfix - Fix issue restoring versions from the trashbin after sharing: [#39822](https://github.com/owncloud/core/pull/39822)
Previously, having encryption enabled, if a user shared a folder with another user, and that
new user removed a file inside that shared folder, that file ended up in the new user's trashbin
along with the file's versions. Restoring that file from the trashbin caused the versions of
that file to get broken due to a bad signature. The file was restored correctly. Now, the
versions are also restored correctly from the trashbin too.
https://github.com/owncloud/core/pull/39822
* Bugfix - Fix issue when encryption is enabled and a file is moved out of the share: [#39829](https://github.com/owncloud/core/pull/39829)
When encryption was used, moving a file out of a shared folder caused the versions of the file to
get broken. The file was moved correctly though. This happened due to the key file not being
copied to the new location and a new key file being generated for the file. Now, the key file is
properly copied to the new location, so the versions can be decrypted properly.
https://github.com/owncloud/core/pull/39829
* Bugfix - Avoid sending unneeded passwords in the files_external app: [#39841](https://github.com/owncloud/core/pull/39841)
Some passwords were being sent to the web UI in the external storage configuration. These
passwords aren't required and they're now replaced in the web UI in order not to leak the actual
password
https://github.com/owncloud/core/pull/39841
* Bugfix - Fix issue with requesting an invalid share id: [#39868](https://github.com/owncloud/core/issues/39868)
When using the pgsql database and requesting an invalid share id, a 500 error status could be
returned. This has been fixed. A 404 "not found" is now returned.
https://github.com/owncloud/core/issues/39868
https://github.com/owncloud/core/pull/39873
* Bugfix - Remove fr_FR language variant: [#39931](https://github.com/owncloud/core/issues/39931)
French translations were in both the "fr" and the "fr_FR" language codes. "fr_FR" had very few
translations and could cause missing translations when the system did not automatically
choose "fr". The "fr_FR" translations have been removed. Translators should use "fr" when
doing translations in Transifex.
https://github.com/owncloud/core/issues/39931
https://github.com/owncloud/core/pull/39939
* Bugfix - Limit the width of the form on login page: [#39962](https://github.com/owncloud/core/pull/39962)
The login form breaks if error messages and info messages are longer.
https://github.com/owncloud/core/pull/39962
* Bugfix - Allow re-uploading the same folder after being renamed: [#39966](https://github.com/owncloud/core/pull/39966)
Previously, you couldn't upload a folder, rename it in the web UI and then re-upload the same
folder.
This behavior is fixed, so you can now re-upload the folder after renaming it
https://github.com/owncloud/core/pull/39966
* Bugfix - Default for propfind depth infinity adjusted: [#40016](https://github.com/owncloud/core/pull/40016)
Fixed potential cause for performance issues under certain conditions with infinite
propfind being enabled by default.
https://github.com/owncloud/enterprise/issues/5154
https://github.com/owncloud/core/pull/40016
* Bugfix - Allow partial initialization of the FS: [#40031](https://github.com/owncloud/core/pull/40031)
Previously, when the FS was initialized, we needed to make a request to the LDAP server in order
to fetch the possible group shares of the user. Some commands only accessed to the trashbin or
versions, and operated for a target user, so accessing to the LDAP server to fetch groups that
wouldn't be used doesn't make much sense.
Now, the commands have the ability to initialize the FS partially, meaning that no additional
mount point other than the home one will be mounted. In particular, this affects shares and
external storages. Anyway, the commands that have been modified don't need such access. The
main advantage is that now, those commands can operate without a working connection to the LDAP
server because the users will be fetched from the DB and they don't operate with groups.
https://github.com/owncloud/core/pull/40031
* Bugfix - Filter sensitive data in log for Session::createSessionToken: [#40066](https://github.com/owncloud/core/pull/40066)
https://github.com/owncloud/core/pull/40066
* Change - Update the default poll-interval in capabilities: [#39143](https://github.com/owncloud/core/pull/39143)
The default pollinterval advertised in capabilities has been set to 30000 milliseconds.
Previously it was 60 milliseconds.
https://github.com/owncloud/core/pull/39143
* Change - Private keys for SFTP storage will be stored in credentials table: [#39935](https://github.com/owncloud/core/pull/39935)
Previously, both private and public keys were part of the configuration of the SFTP mount
point. Although encrypted, there were some scenarios where the private key could be visible.
The following changes have been implemented: * The private key will never leave the ownCloud
server. * The private key will be stored encrypted inside the oc_credentials table. * A random
token will be created to refer to the private key. This token will be part of the SFTP mount point
configuration. * The public key will be treated as a normal configuration parameter. This
means that it won't be neither encrypted nor encoded in any way.
The overall behavior remains the same. ownCloud will generate a key pair, whose public key will
need to be placed in the SFTP server.
https://github.com/owncloud/core/pull/39935
* Change - Update JavaScript dependencies: [#39709](https://github.com/owncloud/core/pull/39709)
The following have been updated: - ansi-regex (3.0.0 to 3.0.1) - bower_components/backbone
(1.4.0 to 1.4.1) - bower_components/showdown (1.9.1 to 2.0.0) -
bower_components/underscore (1.13.1 to 1.13.2) - follow-redirects (1.14.2 to 1.14.8) -
karma (6.3.8 to 6.3.19) - karma-coverage (2.0.3 to 2.2.0) - log4js (6.3.0 to 6.4.1) - minimist
(1.2.5 to 1.2.6)
https://github.com/owncloud/core/pull/39709
https://github.com/owncloud/core/pull/39763
https://github.com/owncloud/core/pull/39764
https://github.com/owncloud/core/pull/39785
https://github.com/owncloud/core/pull/39788
https://github.com/owncloud/core/pull/39814
https://github.com/owncloud/core/pull/39816
https://github.com/owncloud/core/pull/39838
https://github.com/owncloud/core/pull/39839
https://github.com/owncloud/core/pull/39926
https://github.com/owncloud/core/pull/39941
https://github.com/owncloud/core/pull/39989
* Change - Update PHP dependencies: [#39526](https://github.com/owncloud/core/pull/39526)
The following have been updated: - christophwurst/id3parser (v0.1.3 to v0.1.4) -
doctrine/dbal (2.13.5 to 2.13.9) - doctrine/lexer (1.2.1 to 1.2.3) -
laminas/laminas-inputfilter (2.12.0 to 2.12.1) - laminas/laminas-stdlib (3.6.1 to 3.7.1)
- laminas/laminas-validator (2.15.0 to 2.17.0) - laminas/laminas-zendframework-bridge
(1.4.0 to 1.4.1) - league/flysystem (1.1.5 to 1.1.9) - league/mime-type-detection (1.8.0 to
1.11.0) - opis/closure (3.6.2 to 3.6.3) - paragonie/constant_time_encoding (2.4.0 to
2.5.0) - phpseclib/phpseclib (3.0.11 to 3.0.14) - sabre/dav (4.2.0 to 4.3.1) - sabre/vobject
(4.4.0 to 4.4.1)
The following have been updated in apps/files_external/3rdparty: - google/apiclient
(2.11.0 to 2.12.4) - google/apiclient-services (0.231.0 to 0.244.0) - guzzlehttp/psr7
(1.8.3 to 1.8.5) - icewind/smb (3.5.1 to 3.5.2) - monolog/monolog (2.3.5 to 2.5.0) -
paragonie/constant_time_encoding (v2.4.0 to v2.5.0) - phpseclib/phpseclib (3.0.11 to
3.0.14) - react/promise (v2.8.0 to v2.9.0)
https://github.com/owncloud/core/pull/39526
https://github.com/owncloud/core/pull/39567
https://github.com/owncloud/core/pull/39631
https://github.com/owncloud/core/pull/39649
https://github.com/owncloud/core/pull/39693
https://github.com/owncloud/core/pull/39695
https://github.com/owncloud/core/pull/39703
https://github.com/owncloud/core/pull/39713
https://github.com/owncloud/core/pull/39717
https://github.com/owncloud/core/pull/39731
https://github.com/owncloud/core/pull/39780
https://github.com/owncloud/core/pull/39838
https://github.com/owncloud/core/pull/39839
https://github.com/owncloud/core/pull/39859
https://github.com/owncloud/core/pull/39949
https://github.com/owncloud/core/pull/39956
https://github.com/owncloud/core/pull/39999
https://github.com/owncloud/core/pull/40001
https://github.com/owncloud/core/pull/40003
https://github.com/owncloud/core/pull/40038
* Change - Update Symfony components: [#39526](https://github.com/owncloud/core/pull/39526)
The following Symfony components have been updated to: - console 4.4.41 - event-dispatcher
4.4.37 - event-dispatcher-contracts 4.4.34 - process 4.4.41 - routing 4.4.41 -
service-contracts 4.4.34 - translation 4.4.41 - translation-contracts 2.5.0
The following Symfony polyfill components have been updated to: - symfony/polyfill-ctype
v1.25.0 - symfony/polyfill-iconv v1.25.0 - symfony/polyfill-intl-idn v1.25.0 -
symfony/polyfill-intl-normalizer v1.25.0 - symfony/polyfill-mbstring v1.25.0 -
symfony/polyfill-php72 v1.25.0 - symfony/polyfill-php73 v1.25.0 -
symfony/polyfill-php80 v1.25.0
The following Symfony contract components have been updated to: -
symfony/deprecation-contracts (v2.5.0 to v2.5.1) - symfony/event-dispatcher-contracts
(v1.1.11 to v1.1.12) - symfony/service-contracts (v2.5.0 to v2.5.1) -
symfony/translation-contracts (v2.5.0 to v2.5.1)
https://github.com/owncloud/core/pull/39526
https://github.com/owncloud/core/pull/39631
https://github.com/owncloud/core/pull/39646
https://github.com/owncloud/core/pull/39731
https://github.com/owncloud/core/pull/39838
https://github.com/owncloud/core/pull/39855
https://github.com/owncloud/core/pull/39940
https://github.com/owncloud/core/pull/39955
https://github.com/owncloud/core/pull/40026
https://symfony.com/blog/symfony-4-4-34-released
https://symfony.com/blog/symfony-4-4-36-released
https://symfony.com/blog/symfony-4-4-37-released
https://symfony.com/blog/symfony-4-4-38-released
https://symfony.com/blog/symfony-4-4-40-released
https://symfony.com/blog/symfony-4-4-41-released
* Enhancement - Allow OPTIONS request handling in framework controllers: [#38758](https://github.com/owncloud/core/pull/38758)
https://github.com/owncloud/core/pull/38758
* Enhancement - Unify API responses when setting permissions for public links: [#39194](https://github.com/owncloud/core/pull/39194)
Setting (and changing) the permissions of public links via the OCS API will now return proper
and unified API responses. Adding create permissions while public uploading is disabled
globally will always return a 403 response.
https://github.com/owncloud/core/issues/36442
https://github.com/owncloud/core/issues/36443
https://github.com/owncloud/core/pull/39194
* Enhancement - Show detailed error message if moving a mount into another fails: [#39584](https://github.com/owncloud/core/pull/39584)
With this change, a detailed error message is shown when moving a mount point into another mount
point fails. This is for example the case while moving a shared folder into a SFTP external
storage.
https://github.com/owncloud/core/issues/39550
https://github.com/owncloud/core/pull/39584
* Enhancement - Add warnings for commands that are incompatible with object storage: [#39604](https://github.com/owncloud/core/pull/39604)
The following commands are affected:
* `user:home:list-users` * `user:home:list-dirs` * `user:move` * `user:report`
https://github.com/owncloud/core/issues/39590
https://github.com/owncloud/core/pull/39604
* Enhancement - Cache some data in memory from the filecache: [#39847](https://github.com/owncloud/core/pull/39847)
Some data from the filecache will be cached from the DB after accessing. This will improve the
performance a bit.
https://github.com/owncloud/core/pull/39847
* Enhancement - Add product to version in capabilities response: [#39851](https://github.com/owncloud/core/pull/39851)
https://github.com/owncloud/core/pull/39851
* Enhancement - Allow files_external app to be disabled: [#39856](https://github.com/owncloud/core/pull/39856)
Previously, the files_external app couldn't be disabled. The corresponding section in the
settings page had a checkbox to show or not the settings for the files_external app. Now, if the
app is disabled, that section won't appear. The behavior will be the same as any other disabled
app.
https://github.com/owncloud/core/pull/39856
* Enhancement - Improve FileDrop view: [#39900](https://github.com/owncloud/core/pull/39900)
Small change in the design and behavior of the FileDrop view of Public Links.
- The font is bigger and thicker - Background color was added to the list of files - The text in the
"Dropbox" is wrapped properly, line-height was removed - Don't hide the logo on small
resolutions
https://github.com/owncloud/core/pull/39900
* Enhancement - Align "close" for messages: [#39907](https://github.com/owncloud/core/pull/39907)
The close button for messages (yellow banner) was slightly displaced.
https://github.com/owncloud/core/pull/39907
* Enhancement - Changes regarding cookie handling: [#39916](https://github.com/owncloud/core/pull/39916)
The following changes have been implemented: * The expiration set for the passphrase cookie
will be refreshed each time a page is loaded or when the "heartbeat" endpoint is hit * If the
"session_keepalive" config option is set to true, a periodic request to the "heartbeat"
endpoint will be made automatically regardless of any activity going on. This will extend the
session lifetime preventing its expiration. * If the "session_keepalive" config option is
set to false, a "heartbeat" will be sent based on activity in order to extend the session
lifetime. If we don't detect any activity, the session might expire, and the user will need to
login again. * The new "session_forced_logout_timeout" option has been added to the
config.php. It's disabled by default, and setting a positive (non-zero) value will enable the
feature. If it's enabled, the passphrase cookie will expire after those number of seconds
pass, when the tab or the browser closes. This will force the user to login again.
https://github.com/owncloud/core/pull/39916
* Enhancement - Expose user type of share receiver in share api: [#40013](https://github.com/owncloud/core/pull/40013)
https://github.com/owncloud/core/pull/40013
* Enhancement - Use the same string in the header also in public view: [#40032](https://github.com/owncloud/core/pull/40032)
In the public view, a different string was used next to the logo than in the internal header. This
can cause problems with branding.
The string HTMLName from defaults.php is now only used for the header. Name is used exclusively
for the mail templates.
https://github.com/owncloud/core/pull/40032
Mini Shell