5.0.0-alpha.5

Table of Contents

• Changelog for 5.0.0

Changes in 5.0.0

Summary

• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Don't reload web config: #7369
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix default language fallback: #7465
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Fix last month search: #31145
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Fix search service start: #7795
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Token storage config fixed: #7528
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Set the mountpoint on auto accept: #7460
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add banned password list to the default deployments: #7784
• Enhancement - Default link permission config: #7783
• Enhancement - Add search MediaType filter: #7602
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Add the password policies: #7285
• Enhancement - Add user filter startswith and contains: #7739
• Enhancement - Allow configuring additional routes: #7740
• Enhancement - Update to go 1.21: #7794
• Enhancement - Bump reva: #7721
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Add login URL config: #7317
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - Add user list requires filter config: #7866
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - Add Sharing NG list permissions endpoint: #7805
• Enhancement - Add Sharing NG endpoints: #7633
• Enhancement - SSE for messaging: #6992
• Enhancement - Store and index metadata: #7490
• Enhancement - Implement sharing roles: #7524
• Enhancement - Improve SSE format: #7325
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add new permissions: #7700
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - The password policies change request: #7264
• Enhancement - Add preferred language to user settings: #7720
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Introduce service accounts: #6427
• Enhancement - Make sse service scalable: #7382
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Update web to v8.0.0-alpha.12: #7883
• Enhancement - Configs for Web embed mode: #7670

Details

• Bugfix - Return 423 status code on tag create: #7596

  When a file is locked, return 423 status code instead 500 on tag create

  #7596

• Bugfix - Delete outdated userlog events: #7410

  Userlog will now delete events when the user has no longer access to the underlying resource

  #7410

• Bugfix - Don't reload web config: #7369

  When requesting config.json file from the server, web service would reload the file if a path
  is set. This will remove config entries set via Envvar. Since we want to have the possiblity to
  set configuration from both sources we removed the reading from file. The file will still be
  loaded on service startup.

  #7369

• Bugfix - Fix the auth service env variable: #7523

  We the auth service env variable to the service specific name. Before it was configurable via
  AUTH_MACHINE_JWT_SECRET and now is configurable via AUTH_SERVICE_JWT_SECRET.

  #7523

• Bugfix - Fix the kql-bleve search: #7290

  We fixed the issue when 500 on searches that contain ":". Added the characters escaping
  according to https://blevesearch.com/docs/Query-String-Query/

  #7282
  #7290

• Bugfix - Fix wrong compile date: #6132

  We fixed that current date is always printed.

  #6124
  #6132

• Bugfix - Fix default language fallback: #7465

  Add the default language for the webui, the settings, userlog and notification service.

  #7465

• Bugfix - Disable DEPTH infinity in PROPFIND: #7746

  We fixed the Disabled DEPTH infinity in PROPFIND for: Personal /remote.php/dav/files/admin
  Public link share /remote.php/dav/public-files/ Trashbin
  /remote.php/dav/spaces/trash-bin/

  #7359
  #7746
  cs3org/reva#4278

• Bugfix - Fix 403 in docs pipeline: #7509

  Docs pipeline was not routed through our proxies which could lead to requests being
  blacklisted

  #7509
  #7511

• Bugfix - Fix libre-graph status codes: [#7678](https://github.com/owncloud/oci...

5.0.0-alpha.4

Table of Contents

• Changelog for 5.0.0

Changes in 5.0.0

Summary

• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Don't reload web config: #7369
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix default language fallback: #7465
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Fix last month search: #31145
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Fix search service start: #7795
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Token storage config fixed: #7528
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Set the mountpoint on auto accept: #7460
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add banned password list to the default deployments: #7784
• Enhancement - Default link permission config: #7783
• Enhancement - Add search MediaType filter: #7602
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Add the password policies: #7285
• Enhancement - Add user filter startswith and contains: #7739
• Enhancement - Allow configuring additional routes: #7740
• Enhancement - Update to go 1.21: #7794
• Enhancement - Bump reva: #7721
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Add login URL config: #7317
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - Add Sharing NG list permissions endpoint: #7805
• Enhancement - Add Sharing NG endpoints: #7633
• Enhancement - SSE for messaging: #6992
• Enhancement - Store and index metadata: #7490
• Enhancement - Implement sharing roles: #7524
• Enhancement - Improve SSE format: #7325
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add new permissions: #7700
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - The password policies change request: #7264
• Enhancement - Add preferred language to user settings: #7720
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Introduce service accounts: #6427
• Enhancement - Make sse service scalable: #7382
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Update web to v8.0.0: #7852
• Enhancement - Configs for Web embed mode: #7670

Details

• Bugfix - Return 423 status code on tag create: #7596

  When a file is locked, return 423 status code instead 500 on tag create

  #7596

• Bugfix - Delete outdated userlog events: #7410

  Userlog will now delete events when the user has no longer access to the underlying resource

  #7410

• Bugfix - Don't reload web config: #7369

  When requesting config.json file from the server, web service would reload the file if a path
  is set. This will remove config entries set via Envvar. Since we want to have the possiblity to
  set configuration from both sources we removed the reading from file. The file will still be
  loaded on service startup.

  #7369

• Bugfix - Fix the auth service env variable: #7523

  We the auth service env variable to the service specific name. Before it was configurable via
  AUTH_MACHINE_JWT_SECRET and now is configurable via AUTH_SERVICE_JWT_SECRET.

  #7523

• Bugfix - Fix the kql-bleve search: #7290

  We fixed the issue when 500 on searches that contain ":". Added the characters escaping
  according to https://blevesearch.com/docs/Query-String-Query/

  #7282
  #7290

• Bugfix - Fix wrong compile date: #6132

  We fixed that current date is always printed.

  #6124
  #6132

• Bugfix - Fix default language fallback: #7465

  Add the default language for the webui, the settings, userlog and notification service.

  #7465

• Bugfix - Disable DEPTH infinity in PROPFIND: #7746

  We fixed the Disabled DEPTH infinity in PROPFIND for: Personal /remote.php/dav/files/admin
  Public link share /remote.php/dav/public-files/ Trashbin
  /remote.php/dav/spaces/trash-bin/

  #7359
  #7746
  cs3org/reva#4278

• Bugfix - Fix 403 in docs pipeline: #7509

  Docs pipeline was not routed through our proxies which could lead to requests being
  blacklisted

  #7509
  #7511

• Bugfix - Fix libre-graph status codes: #7678

  Creating group: https://owncloud.dev/libre-graph-api/#/groups/CreateGroup changed:
  200 -> 2...

4.0.3

Changes in 4.0.3

Summary

• Bugfix - Bump reva to 2.16.2: #7512
• Bugfix - Token storage config fixed: #7546
• Enhancement - Support spec violating AD FS access token issuer: #7140
• Enhancement - Update web to v7.1.2: #7798

Details

• Bugfix - Bump reva to 2.16.2: #7512

  • Bugfix cs3org/reva#4251: ldap: fix GetUserByClaim for binary encoded UUIDs

  #7469
  #7512

• Bugfix - Token storage config fixed: #7546

  The token storage config in the config.json for web was missing when it was set to false.

  #7462
  #7546

• Enhancement - Support spec violating AD FS access token issuer: #7140

  AD FS /adfs/.well-known/openid-configuration has an optional access_token_issuer
  which, in violation of the OpenID Connect spec, takes precedence over issuer.

  #7140

• Enhancement - Update web to v7.1.2: #7798

  Tags: web

  We updated ownCloud Web to v7.1.2. Please refer to the changelog (linked) for details on the web
  release.

  Summary * Bugfix owncloud/web#9833:

  Resolving external URLs * Bugfix
  owncloud/web#9868: Respect
  "details"-query on private links * Bugfix
  owncloud/web#9913: Private link
  resolving via share jail ID

  #7798
  https://github.com/owncloud/web/releases/tag/v7.1.2

5.0.0-alpha.3

Table of Contents

• Changelog for 5.0.0

Changes in 5.0.0

Summary

• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Don't reload web config: #7369
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Fix default language fallback: #7465
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Fix last month search: #31145
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Token storage config fixed: #7528
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Set the mountpoint on auto accept: #7460
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add search MediaType filter: #7602
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Add the password policies: #7285
• Enhancement - Allow configuring additional routes: #7740
• Enhancement - Bump reva: #7721
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Add login URL config: #7317
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - Add Sharing NG endpoints: #7633
• Enhancement - SSE for messaging: #6992
• Enhancement - Store and index metadata: #7490
• Enhancement - Implement sharing roles: #7524
• Enhancement - Improve SSE format: #7325
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add new permissions: #7700
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - The password policies change request: #7264
• Enhancement - Add preferred language to user settings: #7720
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Introduce service accounts: #6427
• Enhancement - Make sse service scalable: #7382
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Update web to v8.0.0: #7773
• Enhancement - Configs for Web embed mode: #7670

Details

• Bugfix - Return 423 status code on tag create: #7596

  When a file is locked, return 423 status code instead 500 on tag create

  #7596

• Bugfix - Delete outdated userlog events: #7410

  Userlog will now delete events when the user has no longer access to the underlying resource

  #7410

• Bugfix - Don't reload web config: #7369

  When requesting config.json file from the server, web service would reload the file if a path
  is set. This will remove config entries set via Envvar. Since we want to have the possiblity to
  set configuration from both sources we removed the reading from file. The file will still be
  loaded on service startup.

  #7369

• Bugfix - Fix the auth service env variable: #7523

  We the auth service env variable to the service specific name. Before it was configurable via
  AUTH_MACHINE_JWT_SECRET and now is configurable via AUTH_SERVICE_JWT_SECRET.

  #7523

• Bugfix - Fix the kql-bleve search: #7290

  We fixed the issue when 500 on searches that contain ":". Added the characters escaping
  according to https://blevesearch.com/docs/Query-String-Query/

  #7282
  #7290

• Bugfix - Fix default language fallback: #7465

  Add the default language for the webui, the settings, userlog and notification service.

  #7465

• Bugfix - Fix 403 in docs pipeline: #7509

  Docs pipeline was not routed through our proxies which could lead to requests being
  blacklisted

  #7509
  #7511

• Bugfix - Fix libre-graph status codes: #7678

  Creating group: https://owncloud.dev/libre-graph-api/#/groups/CreateGroup changed:
  200 -> 201

  Creating users: https://owncloud.dev/libre-graph-api/#/users/CreateUser changed: 200
  -> 201

  Export GDPR: https://owncloud.dev/libre-graph-api/#/user/ExportPersonalData
  changed: 201 -> 202

  #7678
  #7705

• Bugfix - Check school number for duplicates before adding a school: #7351

  We fixed an issue that allowed to create two schools with the same school number

  owncloud/enterprise#6051
  #7351

• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319

  We fixed a problem with the "ocis migrate rebuild-jsoncs3-indexes" command which reset the
  state of received shares to "pending".

  #7319

• Bugfix - Fix last month search: #31145

  We've fixed the last month search edge case when currently is 31-th.

  Https://github.com/owncloud/ocis/issues/7629
  #7742

  golang/go#31145
  The
  issue
  is
  related
  to
  the
  build-in
  package
  behavior

• Bugfix - Set existing mountpoint on auto accept: #7592

  When already having a share for a specific resou...

5.0.0-alpha.2

Changes in 5.0.0

Summary

• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Don't reload web config: #7369
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Fix default language fallback: #7465
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Token storage config fixed: #7528
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Set the mountpoint on auto accept: #7460
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Add the password policies: #7285
• Enhancement - Bump reva: #7629
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Add login URL config: #7317
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - SSE for messaging: #6992
• Enhancement - Store and index metadata: #7490
• Enhancement - Implement sharing roles: #7524
• Enhancement - Improve SSE format: #7325
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - The password policies change request: #7264
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Introduce service accounts: #6427
• Enhancement - Make sse service scalable: #7382
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Update web to v8.0.0: #7673
• Enhancement - Configs for Web embed mode: #7670

Details

• Bugfix - Return 423 status code on tag create: #7596

  When a file is locked, return 423 status code instead 500 on tag create

  #7596

• Bugfix - Delete outdated userlog events: #7410

  Userlog will now delete events when the user has no longer access to the underlying resource

  #7410

• Bugfix - Don't reload web config: #7369

  When requesting config.json file from the server, web service would reload the file if a path
  is set. This will remove config entries set via Envvar. Since we want to have the possiblity to
  set configuration from both sources we removed the reading from file. The file will still be
  loaded on service startup.

  #7369

• Bugfix - Fix the auth service env variable: #7523

  We the auth service env variable to the service specific name. Before it was configurable via
  AUTH_MACHINE_JWT_SECRET and now is configurable via AUTH_SERVICE_JWT_SECRET.

  #7523

• Bugfix - Fix the kql-bleve search: #7290

  We fixed the issue when 500 on searches that contain ":". Added the characters escaping
  according to https://blevesearch.com/docs/Query-String-Query/

  #7282
  #7290

• Bugfix - Fix default language fallback: #7465

  Add the default language for the webui, the settings, userlog and notification service.

  #7465

• Bugfix - Fix 403 in docs pipeline: #7509

  Docs pipeline was not routed through our proxies which could lead to requests being
  blacklisted

  #7509
  #7511

• Bugfix - Check school number for duplicates before adding a school: #7351

  We fixed an issue that allowed to create two schools with the same school number

  owncloud/enterprise#6051
  #7351

• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319

  We fixed a problem with the "ocis migrate rebuild-jsoncs3-indexes" command which reset the
  state of received shares to "pending".

  #7319

• Bugfix - Set existing mountpoint on auto accept: #7592

  When already having a share for a specific resource, auto accept would use custom mountpoints
  which lead to other errors. Now auto-accept is using the existing mountpoint of a share.

  #7592

• Bugfix - Deprecate redundant encryptions settings for notification service: #7345

  The values tls and ssl for the smtp_encryption configuration setting are duplicates of
  starttls and ssltls. They have been marked as deprecated. A warning will be logged when
  they are still used. Please use starttls instead for tls and ssltls instead of `ssl.

  #7345

• Bugfix - Token storage config fixed: #7528

  The token storage config in the config.json for web was missing when it was set to false.

  #7462
  #7528

• Bugfix - Fix preview request 500 error when made too early: #7502

  Fix the status code and message when a thumbnail request is made too early.

  #7502
  #7507

• Bugfix - GetUserByClaim fixed for Active Directory: #7476

  The reva ldap backend for the users and groups service did not hex escape binary uuids in LDAP
  filter correctly this could cause problems in Active Directory setups for services using the
  GetUserByClaim CS3 request with claim "userid".

  #7469
  #7476

• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312

  We reintrod...

5.0.0-alpha.1

Changes in 5.0.0

Summary

• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Don't reload web config: #7369
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Fix default language fallback: #7465
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Token storage config fixed: #7528
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Set the mountpoint on auto accept: #7460
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Add the password policies: #7285
• Enhancement - Bump Reva: #7611
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Add login URL config: #7317
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - SSE for messaging: #6992
• Enhancement - Implement sharing roles: #7524
• Enhancement - Improve SSE format: #7325
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - The password policies change request: #7264
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Introduce service accounts: #6427
• Enhancement - Make sse service scalable: #7382
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Update web to v8.0.0: #7622

Details

• Bugfix - Return 423 status code on tag create: #7596

  When a file is locked, return 423 status code instead 500 on tag create

  #7596

• Bugfix - Delete outdated userlog events: #7410

  Userlog will now delete events when the user has no longer access to the underlying resource

  #7410

• Bugfix - Don't reload web config: #7369

  When requesting config.json file from the server, web service would reload the file if a path
  is set. This will remove config entries set via Envvar. Since we want to have the possiblity to
  set configuration from both sources we removed the reading from file. The file will still be
  loaded on service startup.

  #7369

• Bugfix - Fix the auth service env variable: #7523

  We the auth service env variable to the service specific name. Before it was configurable via
  AUTH_MACHINE_JWT_SECRET and now is configurable via AUTH_SERVICE_JWT_SECRET.

  #7523

• Bugfix - Fix the kql-bleve search: #7290

  We fixed the issue when 500 on searches that contain ":". Added the characters escaping
  according to https://blevesearch.com/docs/Query-String-Query/

  #7282
  #7290

• Bugfix - Fix default language fallback: #7465

  Add the default language for the webui, the settings, userlog and notification service.

  #7465

• Bugfix - Fix 403 in docs pipeline: #7509

  Docs pipeline was not routed through our proxies which could lead to requests being
  blacklisted

  #7509
  #7511

• Bugfix - Check school number for duplicates before adding a school: #7351

  We fixed an issue that allowed to create two schools with the same school number

  owncloud/enterprise#6051
  #7351

• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319

  We fixed a problem with the "ocis migrate rebuild-jsoncs3-indexes" command which reset the
  state of received shares to "pending".

  #7319

• Bugfix - Set existing mountpoint on auto accept: #7592

  When already having a share for a specific resource, auto accept would use custom mountpoints
  which lead to other errors. Now auto-accept is using the existing mountpoint of a share.

  #7592

• Bugfix - Deprecate redundant encryptions settings for notification service: #7345

  The values tls and ssl for the smtp_encryption configuration setting are duplicates of
  starttls and ssltls. They have been marked as deprecated. A warning will be logged when
  they are still used. Please use starttls instead for tls and ssltls instead of `ssl.

  #7345

• Bugfix - Token storage config fixed: #7528

  The token storage config in the config.json for web was missing when it was set to false.

  #7462
  #7528

• Bugfix - Fix preview request 500 error when made too early: #7502

  Fix the status code and message when a thumbnail request is made too early.

  #7502
  #7507

• Bugfix - GetUserByClaim fixed for Active Directory: #7476

  The reva ldap backend for the users and groups service did not hex escape binary uuids in LDAP
  filter correctly this could cause problems in Active Directory setups for services using the
  GetUserByClaim CS3 request with claim "userid".

  #7469
  #7476

• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312

  We reintroduced the USERS_LDAP_USER_SCHEMA_ID variable which was accidently removed from
  the users service with the 4.0.0 release.

  #7312
  owncloud/ocis-charts#397

• Bugfix - Set the mountpoint on auto accept: #7460

  On shares auto accept set a mountpoint with same logic as ocs handler

  h...

4.0.2

Changes in 4.0.2

Summary

• Bugfix - Bump reva to 2.16.1: #7350
• Bugfix - Do not reset received share state to pending: #7319
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Disable username validation for keycloak example: #7230
• Bugfix - Actually pass PROXY_OIDC_SKIP_USER_INFO option to oidc client middleware: #7220
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176

Details

• Bugfix - Bump reva to 2.16.1: #7350

  • Bugfix cs3org/reva#4194: Make appctx package compatible with go v1.21
  • Bugfix cs3org/reva#4214: Always pass adjusted default nats options

  #7350

• Bugfix - Do not reset received share state to pending: #7319

  We fixed a problem where the states of received shares were reset to PENDING in the "ocis migrate
  rebuild-jsoncs3-indexes" command

  #7319

• Bugfix - Check school number for duplicates before adding a school: #7351

  We fixed an issue that allowed to create two schools with the same school number

  owncloud/enterprise#6051
  #7351

• Bugfix - Disable username validation for keycloak example: #7230

  Set 'GRAPH_USERNAME_MATCH' to 'none'. To accept any username that is also valid for keycloak.

  #7230

• Bugfix - Actually pass PROXY_OIDC_SKIP_USER_INFO option to oidc client middleware: #7220

  #7220

• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312

  We reintroduced the USERS_LDAP_USER_SCHEMA_ID variable which was accidently removed from
  the users service with the 4.0.0 release.

  #7312
  owncloud/ocis-charts#397

• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176

  The enviroment variable OCIS_LDAP_BIND_PASSWORD was added to be more consistent with all
  other global LDAP variables.

  LDAP_BIND_PASSWORD is deprecated now and scheduled for removal with the 5.0.0 release.

  We also deprecated LDAP_USER_SCHEMA_ID_IS_OCTETSTRING for removal with 5.0.0. The
  replacement for it is OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING.

  #7176

4.0.2-rc.1

Changes in 4.0.2

Summary

• Bugfix - Bump reva to 2.16.1: #7350
• Bugfix - Do not reset received share state to pending: #7319
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Disable username validation for keycloak example: #7230
• Bugfix - Actually pass PROXY_OIDC_SKIP_USER_INFO option to oidc client middleware: #7220
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176

Details

• Bugfix - Bump reva to 2.16.1: #7350

  • Bugfix cs3org/reva#4194: Make appctx package compatible with go v1.21
  • Bugfix cs3org/reva#4214: Always pass adjusted default nats options

  #7350

• Bugfix - Do not reset received share state to pending: #7319

  We fixed a problem where the states of received shares were reset to PENDING in the "ocis migrate
  rebuild-jsoncs3-indexes" command

  #7319

• Bugfix - Check school number for duplicates before adding a school: #7351

  We fixed an issue that allowed to create two schools with the same school number

  owncloud/enterprise#6051
  #7351

• Bugfix - Disable username validation for keycloak example: #7230

  Set 'GRAPH_USERNAME_MATCH' to 'none'. To accept any username that is also valid for keycloak.

  #7230

• Bugfix - Actually pass PROXY_OIDC_SKIP_USER_INFO option to oidc client middleware: #7220

  #7220

• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312

  We reintroduced the USERS_LDAP_USER_SCHEMA_ID variable which was accidently removed from
  the users service with the 4.0.0 release.

  #7312
  owncloud/ocis-charts#397

• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176

  The enviroment variable OCIS_LDAP_BIND_PASSWORD was added to be more consistent with all
  other global LDAP variables.

  LDAP_BIND_PASSWORD is deprecated now and scheduled for removal with the 5.0.0 release.

  We also deprecated LDAP_USER_SCHEMA_ID_IS_OCTETSTRING for removal with 5.0.0. The
  replacement for it is OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING.

  #7176

4.0.1

Changes in 4.0.1

Summary

• Bugfix: Disallow sharee to search sharer files outside the share: #7184

Details

• Bugfix: Disallow sharee to search sharer files outside the share: #7184

  When a file was shared with user(sharee) and the sharee searched the shared file the response contained unshared resources as well.

  #7184

4.0.0

Changes in 4.0.0

Summary

• Bugfix - Add default store to postprocessing: #6578
• Bugfix - Add token to LinkAccessedEvent: #6554
• Bugfix - Add missing timestamps: #6515
• Bugfix - Check public auth first: #6900
• Bugfix - Don't connect to ldap on startup: #6565
• Bugfix - Let clients cache web and theme assets: #6914
• Bugfix - Fix CORS issues: #6912
• Bugfix - Handle the bad request status: #6469
• Bugfix - Fix error message on 400 response for thumbnail requests: #2064
• Bugfix - Graph service did not honor the OCIS_LDAP_GROUP_SCHEMA_MEMBER setting: #7032
• Bugfix - Fix nats registry: #6881
• Bugfix - Fix the oidc role assigner: #6605
• Bugfix - Fix the default document language for OnlyOffice: #6878
• Bugfix - Fix the routing capability: #9367
• Bugfix - Fix the search: #6947
• Bugfix - Fix search shares: #6741
• Bugfix - Restart Postprocessing: #6726
• Change - YAML configuration files are restricted to yaml-1.2: #6510
• Enhancement - Add 'ocis decomposedfs check-treesize' command: #6556
• Enhancement - Add IDs to graph resource logging: #6593
• Enhancement - Add permissions to report: #6528
• Enhancement - Add command for rebuilding the jsoncs3 share manager indexes: #6986
• Enhancement - Add more metadata to the remote item: #6300
• Enhancement - Add X-Request-Id to all responses: #6715
• Enhancement - Add SSE Endpoint: #5998
• Enhancement - We added the storage id to the audit log for spaces: #6548
• Enhancement - Make the post logout redirect uri configurable: #6583
• Enhancement - Make the app provider service name configurable: #6482
• Enhancement - Add old & new values to audit logs: #6537
• Enhancement - Bump Hugo: #6787
• Enhancement - Bump reva to 2.16.0: #6829
• Enhancement - Bump sonarcloud: #6961
• Enhancement - Clarify license text in the dev docs: #6755
• Enhancement - Use reva client selectors: #6452
• Enhancement - Configure max grpc message size: #6849
• Enhancement - Thumbnails can be disabled for webdav & web now: #6577
• Enhancement - Add companion URL config: #6453
• Enhancement - Add imprint and privacy url config: #6462
• Enhancement - Add logged out url config: #6549
• Enhancement - Add WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP env variable: #6328
• Enhancement - Add postprocessing mimetype to extension helper: #6133
• Enhancement - Provide Search filter for locations: #6713
• Enhancement - Add search result content preview and term highlighting: #6634
• Enhancement - Add WEB_OPTION_TOKEN_STORAGE_LOCAL env variable: #6760
• Enhancement - Evaluate policy resource information on single file shares: #6888
• Enhancement - Extendable policy mimetype extension mapping: #6869
• Enhancement - Fix envvar defaults: #6516
• Enhancement - Skip if the simulink is a directory: #6574
• Enhancement - Fix the groupname validation: #6490
• Enhancement - Fix the username validation: #6437
• Enhancement - Add static secret to gn endpoints: #6946
• Enhancement - Improve the notification logs: #6862
• Enhancement - Move graph to service tracerprovider: #6695
• Enhancement - Move proxy to service tracerprovider: #6591
• Enhancement - Nats named connections: #6979
• Enhancement - Remove deprecated environment variables: #7099
• Enhancement - Add functionality to retry postprocessing: #6500
• Enhancement - Update go-micro kubernetes registry: #6457
• Enhancement - Update web to v7.0.1: #6470
• Enhancement - Update web to v7.1.0-rc.5: #6944
• Enhancement - Update web to v7.1.0: #7107
• Enhancement - Allow disabling wopi chat: #6544

Details

• Bugfix - Add default store to postprocessing: #6578

  Postprocessing did not have a default store especially database and table are needed to
  talk to nats-js

  #6578

• Bugfix - Add token to LinkAccessedEvent: #6554

  We added the link token to the LinkAccessedEvent

  #3753
  #6554
  cs3org/reva#3993

• Bugfix - Add missing timestamps: #6515

  We have added missing timestamps to the audit service

  #3753
  #6515

• Bugfix - Check public auth first: #6900

  When authenticating in proxy, first check for public link authorization.

  #6900

• Bugfix - Don't connect to ldap on startup: #6565

  This leads to misleading error messages. Instead we connect on first request

  #6565

• Bugfix - Let clients cache web and theme assets: #6914

  We needed to remove "must-revalidate" from the cache-control header to allow clients to cache
  the web and theme assets.

  #6914

• Bugfix - Fix CORS issues: #6912

  We fixed the CORS issues when client asking for the 'Cache-Control' header before load the file

  #5108
  #6912

• Bugfix - Handle the bad request status: #6469

  Handle the bad request status for the CreateStorageSpace function

  #6414
  #6469
  cs3org/reva#3948

• Bugfix - Fix error message on 400 response for thumbnail requests: #2064

  Fix the error message when the thumbnail request returns a '400 Bad Request' response.

  #2064
  #6911

• Bugfix - Graph service did not honor the OCIS_LDAP_GROUP_SCHEMA_MEMBER setting: #7032

  We fixed issue when using a custom LDAP attribute for group members. The graph service did not
  honor the OCIS_LDAP_GROUP_SCHEMA_MEMBER environment variable

  #7032

• Bugfix - Fix nats registry: #6881

  Using nats as service registry did work, but when a service would restart and gets a new ip it
  couldn't re-register. We fixed this by using "put" register action instead of the default
  "create"

  #6881

• Bugfix - Fix the oidc role assigner: #6605

  The update role method did not allow to set a role when the user already has two roles. This makes
  no sense as the user is supposed to have only one and the update will fix that. We still log an error
  level log to make the admin aware of that.

  #6605
  #6618

• Bugfix - Fix the default document language for OnlyOffice: [#6878](https://github.com/ownclou...