5.0.1

Changes in 5.0.1

Summary

• Bugfix - Update reva to v2.19.4: #8781
• Bugfix - Fix restarting of postprocessing: #8782
• Bugfix - Fix the create personal space cache: #8799
• Bugfix - Make IDP cookies same site strict: #8716

Details

• Bugfix - Update reva to v2.19.4: #8781

  We updated reva to v2.19.4

  • Bugfix cs3org/reva#4612: Use gateway selector in jsoncs3 to scale the service

  Https://github.com/owncloud/ocis/pull/8787

  We updated reva to v2.19.3

  • Bugfixcs3org/reva#4607: Mask user email in output

  #8781

• Bugfix - Fix restarting of postprocessing: #8782

  When an upload is not found, the logic to restart postprocessing was bunked.
  Additionally we extended the upload sessions command to be able to restart the
  uploads without using a second command.

  NOTE: This also includes a breaking fix for the deprecated ocis storage-users uploads list command

  #8782

• Bugfix - Fix the create personal space cache: #8799

  We fixed a problem with the config for the create personal space cache which
  resulted in the cache never being used.

  #8799

• Enhancement - Make IDP cookies same site strict: #8716

  To enhance the security of our application and prevent Cross-Site Request
  Forgery (CSRF) attacks, we have updated the SameSite attribute of the build in
  Identity Provider (IDP) cookies to Strict.

  This change restricts the browser from sending these cookies with any cross-site
  requests, thereby limiting the exposure of the user's session to potential
  threats.

  This update does not impact the existing functionality of the application but
  provides an additional layer of security where needed.

  This only affects cookies set by the built-in IDP. Production systems should not be affected.

  #8716

4.0.7

Changes in 4.0.7

Summary

• Bugfix - Update reva to include bugfixes and improvements: #8718
• Enhancement - Update to go 1.22: #8597

Details

• Bugfix - Update reva to include bugfixes and improvements: #8718

  Changelog for reva 2.13.4

  • Bugfix cs3org/reva#4398: Fix ceph build
  • Bugfix cs3org/reva#4396: Allow an empty credentials chain in the auth middleware
  • Bugfix cs3org/reva#4423: Fix disconnected traces
  • Bugfix cs3org/reva#4590: Fix uploading via a public link
  • Bugfix cs3org/reva#4470: Keep failed processing status
  • Enhancement cs3org/reva#4397: Introduce UploadSessionLister interface

  #8718

• Enhancement - Update to go 1.22: #8597

  We have updated go to version 1.22.

  #8597

5.0.0

Changes in 5.0.0

Summary

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - Fix search response: #7815
• Bugfix - The race conditions in tests: #7847
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Fix jwt config of policies service: #7893
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Disallow to delete a file during the processing: #8132
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survive a restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
• Bugfix - Cleanup search/pkg/search/search.go: #8230
• Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
• Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
• Bugfix - Fix nats authentication: #8236
• Bugfix - Fix the resource name: #8246
• Bugfix - Apply role constraints when creating shares via the graph API: #8247
• Bugfix - Fix concurrent access to a map: #8269
• Bugfix - Fix nats registry: #8281
• Bugfix - Remove invalid environment variables: #8303
• Bugfix - Fix concurrent shares config: #8317
• Bugfix - Fix Content-Disposition header for downloads: #8381
• Bugfix - Signed url verification: #8385
• Bugfix - Fix an error when move: #8396
• Bugfix - Fix extended env parser: #8409
• Bugfix - Graph/drives/permission Expiration date update: #8413
• Bugfix - Fix search error message: #8444
• Bugfix - Graph/sharedWithMe align IDs with webdav response: #8467
• Bugfix - Fix an error when lock/unlock a public shared file: #8472
• Bugfix - Bump reva to pull in changes to fix recursive trashcan purge: #8505
• Bugfix - Fix remove/update share permissions: #8529
• Bugfix - Fix graph drive invite: #8538
• Bugfix - We now always select the next clients when autoaccepting shares: #8570
• Bugfix - Correct the default mapping of roles: #8639
• Bugfix - Disable Multipart uploads: #8667
• Bugfix - Fix last month search: #31145
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Change - Remove privacyURL and imprintURL from the config: #7938
• Change - Remove accessDeniedHelpUrl from the config: #7970
• Change - Change the default store for presigned keys to nats-js-kv: #8419
• Change - Deprecate sharing cs3 backends: #8478
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Introduce service accounts: #6427
• Enhancement - SSE for messaging: #6992
• Enhancement - Support spec violating AD FS access token issuer: #7140
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - The password policies change request: #7264
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add the password policies: #7285
• Enhancement - Add login URL config: #7317
• Enhancement - Improve SSE format: #7325
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Make sse service scalable: #7382
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Add "Last modified" filter Chip: [#7455](https://github.com/owncloud/ocis/pul...

5.0.0-rc.6

Incremental changes since 5.0.0-rc.5

oCIS

• Bugfix - Fix an error when lock/unlock a public shared file: #8472
• Bugfix - Fix remove/update share permissions: #8529
• Bugfix - Fix graph drive invite: #8538
• Bugfix - We now always select the next clients when autoaccepting shares: #8570
• Bugfix - Correct the default mapping of roles: #8639
• Change - Change the default store for presigned keys to nats-js-kv: #8419
• Enhancement - Graphs endpoint for mounting and unmounting shares: #7885
• Enhancement - Update to go 1.22: #8586

Reva

• Bugfix cs3org/reva#4557: Fix ceph build
• Bugfix cs3org/reva#4570: Fix sharing invite on virtual drive
• Bugfix cs3org/reva#4559: Fix graph drive invite
• Bugfix cs3org/reva#4518: Fix an error when lock/unlock a file
• Bugfix cs3org/reva#4566: Fix public link previews
• Bugfix cs3org/reva#4561: Fix Stat() by Path on re-created resource
• Bugfix cs3org/reva#4534: Fix remove/update share permissions
• Bugfix cs3org/reva#4539: Fix a typo
• Enhancement cs3org/reva#4556: Allow tracing requests by giving util functions a context
• Enhancement cs3org/reva#4545: Extend service account permissions
• Enhancement cs3org/reva#4564: Send file locked/unlocked events

Web

• Bugfix owncloud/web#10573: Add link in right sidebar sharing menu, doesn't copy link to clipboard
• Bugfix owncloud/web#10576: WebDav Url in right sidebar is missing dav in path
• Bugfix owncloud/web#10585: Update translations
• Bugfix owncloud/web#10514: Indicate shares that are not manageable due to file locking

All Changes in 5.0.0-rc.6

Summary

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - Fix search response: #7815
• Bugfix - The race conditions in tests: #7847
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Fix jwt config of policies service: #7893
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Disallow to delete a file during the processing: #8132
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survive a restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
• Bugfix - Cleanup search/pkg/search/search.go: #8230
• Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
• Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
• Bugfix - Fix nats authentication: #8236
• Bugfix - Fix the resource name: #8246
• Bugfix - Apply role constraints when creating shares via the graph API: #8247
• Bugfix - Fix concurrent access to a map: #8269
• Bugfix - Fix nats registry: #8281
• Bugfix - Remove invalid environment variables: #8303
• Bugfix - Fix concurrent shares config: #8317
• Bugfix - Fix Content-Disposition header for downloads: #8381
• Bugfix - Signed url verification: #8385
• Bugfix - Fix an error when move: #8396
• Bugfix - Fix extended env parser: #8409
• Bugfix - Graph/drives/permission Expiration date update: #8413
• Bugfix - Fix search error message: #8444
• Bugfix - Graph/sharedWithMe align IDs with webdav response: #8467
• Bugfix - Fix an error when lock/unlock a public shared file: #8472
• Bugfix - Bump reva to pull in changes to fix recursive trashcan purge: #8505
• Bugfix - Fix remove/update share permissions: #8529
• Bugfix - Fix graph drive invite: #8538
• Bugfix - We now always select the next clients when autoaccepting shares: #8570
• Bugfix - Correct the default mapping of roles: #8639
• Bugfix - Fix last month search: #31145
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: [#7273](https:/...

5.0.0-rc.5

Incremental changes since 5.0.0-rc.4

ocis

• Bugfix - Fix search response: #7815
• Bugfix - Fix Content-Disposition header for downloads: #8381
• Bugfix - Fix an error when move: #8396
• Bugfix - Fix extended env parser: #8409
• Bugfix - Graph/drives/permission Expiration date update: #8413
• Bugfix - Fix search error message: #8444
• Bugfix - Graph/sharedWithMe align IDs with webdav response: #8467
• Bugfix - Bump reva to pull in changes to fix recursive trashcan purge: #8505
• Change - Deprecate sharing cs3 backends: #8478
• Enhancement - Improve ocis single binary start: #8320
• Enhancement - Use environment variables in yaml config files: #8339
• Enhancement - Bump reva: #8340
• Enhancement - Allow sending multiple user ids in one sse event: #8379
• Enhancement - Allow to skip service listing: #8408
• Enhancement - Add a make step to validate the env var annotations: #8436

Web

• Bugfix owncloud/web#10473: Public link file download
• Bugfix owncloud/web#10489: Wrong share permissions when resharing off

Reva

• Bugfix cs3org/reva#4464: Don't check lock grants
• Bugfix cs3org/reva#4516: The sharemanager can now reject grants with resharing permissions
• Bugfix cs3org/reva#4512: Bump dependencies
• Bugfix cs3org/reva#4498: Fix Content-Disposition header in dav
• Bugfix cs3org/reva#4517: Fix duplicated items in the sharejail root
• Bugfix cs3org/reva#4528: Respect IfNotExist option when uploading in cs3 metadata storage
• Bugfix cs3org/reva#4503: Fix an error when move
• Bugfix cs3org/reva#4533: Fix recursive trashcan purge
• Bugfix cs3org/reva#4492: Fix the resource name
• Bugfix cs3org/reva#4532: Jsoncs3 cache fixes
• Bugfix cs3org/reva#4529: We aligned some OCS return codes with oc10
• Bugfix cs3org/reva#4507: Make tusd CORS headers configurable
• Bugfix cs3org/reva#4527: Unify datagateway method handling
• Bugfix cs3org/reva#4530: Drop unnecessary grant exists check
• Enhancement cs3org/reva#4501: Allow sending multiple user ids in one sse event
• Enhancement cs3org/reva#4485: Modify the concurrency default
• Enhancement cs3org/reva#4526: Configurable s3 put options
• Enhancement cs3org/reva#4491: Add filename incrementor for secret filedrops
• Enhancement cs3org/reva#4490: Lazy initialize public share manager
• Enhancement cs3org/reva#4494: Start implementation of a plain posix storage driver
• Enhancement cs3org/reva#4502: Add spaceindex.AddAll()

All changes in v5.0.0-rc.5

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - Fix search response: #7815
• Bugfix - The race conditions in tests: #7847
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Fix jwt config of policies service: #7893
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Disallow to delete a file during the processing: #8132
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survive a restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
• Bugfix - Cleanup search/pkg/search/search.go: #8230
• Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
• Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
• Bugfix - Fix nats authentication: #8236
• Bugfix - Fix the resource name: #8246
• Bugfix - Apply role constraints when creating shares via the graph API: #8247
• Bugfix - Fix concurrent access to a map: #8269
• Bugfix - Fix nats registry: #8281
• Bugfix - Remove invalid environment variables: #8303
• Bugfix - Fix concurrent shares config: #8317
• Bugfix - Fix Content-Dis...

5.0.0-rc.4

Changes

Incremental Changes since 5.0.0-rc.3

• Bugfix - Remove invalid environment variables: #8303
• Bugfix - Fix concurrent shares config: #8317
• Bugfix - Signed url verification: #8385
• Enhancement - Support login page background configuration: #7674
• Enhancement - Modify the concurrency default: #8309

Full List of Changes in 5.0.0-rc.4

Summary

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - The race conditions in tests: #7847
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Fix jwt config of policies service: #7893
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Disallow to delete a file during the processing: #8132
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survire restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
• Bugfix - Cleanup search/pkg/search/search.go: #8230
• Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
• Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
• Bugfix - Fix nats authentication: #8236
• Bugfix - Fix the resource name: #8246
• Bugfix - Apply role constraints when creating shares via the graph API: #8247
• Bugfix - Fix concurrent access to a map: #8269
• Bugfix - Fix nats registry: #8281
• Bugfix - Remove invalid environment variables: #8303
• Bugfix - Fix concurrent shares config: #8317
• Bugfix - Signed url verification: #8385
• Bugfix - Fix last month search: #31145
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Change - Remove privacyURL and imprintURL from the config: #7938
• Change - Remove accessDeniedHelpUrl from the config: #7970
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Introduce service accounts: #6427
• Enhancement - SSE for messaging: #6992
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - The password policies change request: #7264
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add the password policies: #7285
• Enhancement - Add login URL config: #7317
• Enhancement - Improve SSE format: #7325
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Make sse service scalable: #7382
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Store and index metadata: #7490
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - Implement sharing roles: #7524
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Add search MediaType filter: #7602
• Enhancement - Add Sharing NG endpoints: [#7633](https://github.com/owncloud/ocis/pull/...

4.0.6

Changes in 4.0.6

Summary

• Bugfix - Fix RED metrics on the metrics endpoint: #7994
• Bugfix - Signed url verification: #8385

Details

• Bugfix - Fix RED metrics on the metrics endpoint: #7994

  We connected some metrics to the metrics endpoint to support the RED method for monitoring
  microservices.

  • Request Rate: The number of requests per second. The total count of requests is available
    under ocis_proxy_requests_total. - Error Rate: The number of failed requests per second.
    The total count of failed requests is available under ocis_proxy_errors_total. -
    Duration: The amount of time each request takes. The duration of all requests is available
    under ocis_proxy_request_duration_seconds. This is a histogram metric, so it also
    provides information about the distribution of request durations.

  The metrics are available under the following paths: PROXY_DEBUG_ADDR/metrics in a
  prometheus compatible format and maybe secured by PROXY_DEBUG_TOKEN.

  #7994

• Bugfix - Signed url verification: #8385

  Signed urls now expire properly

  #8385

5.0.0-rc.3

Incremental changes since 5.0.0-rc.2

Web

• No changes

Ocis

• Bugfix - Fix jwt config of policies service: #7893
• Bugfix - Disallow to delete a file during the processing: #8132
• Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
• Bugfix - Cleanup search/pkg/search/search.go: #8230
• Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
• Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
• Bugfix - Fix nats authentication: #8236
• Bugfix - Fix the resource name: #8246
• Bugfix - Apply role constraints when creating shares via the graph API: #8247
• Bugfix - Fix concurrent access to a map: #8269
• Bugfix - Fix nats registry: #8281
• Enhancement - Disable the password policy: #8152
• Enhancement - Allow restarting multiple uploads with one command: #8287

Reva

• Enhancement cs3org/reva#4453: Disable the password policy
• Enhancement cs3org/reva#4477: Extend ResumePostprocessing event
• Bugfix cs3org/reva#4454: Skip unnecessary share retrieval
• Bugfix cs3org/reva#4461: CORS handling for WebDAV requests fixed
• Bugfix cs3org/reva#4462: Prevent setting container specific permissions on files
• Bugfix cs3org/reva#4463: Fix the resource name
• Bugfix cs3org/reva#4466: Fix natsjskv store
• Bugfix cs3org/reva#4469: Handle interrupted uploads
• Bugfix cs3org/reva#4472: Fix concurrent access to a map
• Bugfix cs3org/reva#4473: Decomposedfs now correctly lists sessions
• Bugfix cs3org/reva#4474: Make /dav/meta consistent
• Bugfix cs3org/reva#4475: Upload session specific processing flag
• Bugfix cs3org/reva#4476: No need to unmark postprocessing when it was not started
• Bugfix cs3org/reva#4479: Fix creating documents in the approvider
• Bugfix cs3org/reva#4481: Distinguish failure and node metadata reversal

Changes in 5.0.0-rc.3

Summary

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - The race conditions in tests: #7847
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Fix jwt config of policies service: #7893
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Disallow to delete a file during the processing: #8132
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survire restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
• Bugfix - Cleanup search/pkg/search/search.go: #8230
• Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
• Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
• Bugfix - Fix nats authentication: #8236
• Bugfix - Fix the resource name: #8246
• Bugfix - Apply role constraints when creating shares via the graph API: #8247
• Bugfix - Fix concurrent access to a map: #8269
• Bugfix - Fix nats registry: #8281
• Bugfix - Fix last month search: #31145
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Change - Remove privacyURL and imprintURL from the config: #7938
• Change - Remove accessDeniedHelpUrl from the config: #7970
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Introduce service accounts: #6427
• Enhancement - SSE for messaging: #6992
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement ...

5.0.0-rc.2

Incremental changes since 5.0.0-rc.1

oCIS

• Bugfix - The race conditions in tests: #7847
• Bugfix - Fix Service Account Roles on external IDP: #8074
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survire restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Enhancement - Disable the password policy: #7985
• Enhancement - Update antivirus service: #8062
• Enhancement - Remove deprecated environment variables: [#8149](https://github.com/owncloud/ocis/pull/8149eb

Reva

• Bugfix cs3org/reva#4434: Fix the upload postprocessing
• Bugfix cs3org/reva#4443: Fixed wrong status code when moving a file to a denied path
• Bugfix cs3org/reva#4446: Disallow to delete a file during the processing
• Bugfix cs3org/reva#4448: Fix truncating existing files
• Bugfix cs3org/reva#4449: Keep failed processing status
• Bugfix cs3org/reva#4452: More efficient share jail
• Bugfix cs3org/reva#4456: Do not lose revisions when restoring the first revision
• Bugfix cs3org/reva#4457: Fix concurrent map access in sharecache

Web

• Bugfix owncloud/web#10176: Turned off file extensions not always respected
• Bugfix owncloud/web#10232: Skip searchbar preview fetch on reload

All Changes in 5.0.0-rc.2

Summary

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - The race conditions in tests: #7847
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix the upload postprocessing: #8117
• Bugfix - Fix wrong naming in nats-js-kv registry: #8140
• Bugfix - IDP CS3 backend sessions now survire restart: #8142
• Bugfix - Fix patching of language: #8182
• Bugfix - Fix search service to not log expected cases as errors: #8200
• Bugfix - Updating and reset logo failed: #8211
• Bugfix - Fix last month search: #31145
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Change - Remove privacyURL and imprintURL from the config: #7938
• Change - Remove accessDeniedHelpUrl from the config: #7970
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Introduce service accounts: #6427
• Enhancement - SSE for messaging: #6992
• Enhancement - Support spec violating AD FS access token issuer: #7138
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - The password policies change request: #7264
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add the password policies: #7285
• Enhancement - Add login URL config: #7317
• Enhancement - Improve SSE format: #7325
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Make sse service scalable: #7382
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Store and index metadata: #7490
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - Implement sharing roles: #7524
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Tika content extraction cleanup for search: [#7553](https://git...

5.0.0-rc.1

Table of Contents

• Changelog for 5.0.0-rc.1

Changes in 5.0.0-rc.1

Summary

• Bugfix - Fix wrong compile date: #6132
• Bugfix - Fix the kql-bleve search: #7290
• Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
• Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
• Bugfix - Deprecate redundant encryptions settings for notification service: #7345
• Bugfix - Check school number for duplicates before adding a school: #7351
• Bugfix - Don't reload web config: #7369
• Bugfix - Delete outdated userlog events: #7410
• Bugfix - Set the mountpoint on auto accept: #7460
• Bugfix - Fix default language fallback: #7465
• Bugfix - GetUserByClaim fixed for Active Directory: #7476
• Bugfix - Fix preview request 500 error when made too early: #7502
• Bugfix - Fix 403 in docs pipeline: #7509
• Bugfix - Fix the auth service env variable: #7523
• Bugfix - Token storage config fixed: #7528
• Bugfix - Set existing mountpoint on auto accept: #7592
• Bugfix - Return 423 status code on tag create: #7596
• Bugfix - Fix libre-graph status codes: #7678
• Bugfix - Fix unlock via space API: #7726
• Bugfix - Disable DEPTH infinity in PROPFIND: #7746
• Bugfix - Fix the tgz mime type: #7772
• Bugfix - Fix natsjs cache: #7790
• Bugfix - Fix search service start: #7795
• Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
• Bugfix - Fix the public link update: #7862
• Bugfix - Updating logo with new theme structure: #7930
• Bugfix - Password policy return code was wrong: #7952
• Bugfix - Removed outdated and unused dependency from idp package: #7957
• Bugfix - Update permission validation: #7963
• Bugfix - Renaming a user to a string with capital letters: #7964
• Bugfix - Improve OCM support: #7973
• Bugfix - Permissions of a role with duplicate ID: #7976
• Bugfix - Non durable streams for sse service: #7986
• Bugfix - Fix empty trace ids: #8023
• Bugfix - Fix search by containing special characters: #8050
• Bugfix - Fix last month search: #31145
• Change - Auto-Accept Shares: #7097
• Change - Change the default TUS chunk size: #7273
• Change - Remove privacyURL and imprintURL from the config: #7938
• Change - Remove accessDeniedHelpUrl from the config: #7970
• Enhancement - Add the Banned Passwords List: #4197
• Enhancement - Introduce service accounts: #6427
• Enhancement - SSE for messaging: #6992
• Enhancement - Support spec violating AD FS access token issuer: #7140
• Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
• Enhancement - Keyword Query Language (KQL) search syntax: #7212
• Enhancement - Introduce clientlog service: #7217
• Enhancement - Proxy uses service accounts for provisioning: #7240
• Enhancement - The password policies change request: #7264
• Enhancement - Introduce natsjs registry: #7272
• Enhancement - Add the password policies: #7285
• Enhancement - Add login URL config: #7317
• Enhancement - Improve SSE format: #7325
• Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
• Enhancement - Make sse service scalable: #7382
• Enhancement - Edit wrong named enves: #7406
• Enhancement - Thumbnail generation with image processors: #7409
• Enhancement - Set default for Async Uploads to true: #7416
• Enhancement - The default language added: #7417
• Enhancement - Add "Last modified" filter Chip: #7455
• Enhancement - Config for disabling Web extensions: #7486
• Enhancement - Store and index metadata: #7490
• Enhancement - Add support for audio files to the thumbnails service: #7491
• Enhancement - Implement sharing roles: #7524
• Enhancement - Add new permission to delete public link password: #7538
• Enhancement - Add config to enforce passwords on all public links: #7547
• Enhancement - Tika content extraction cleanup for search: #7553
• Enhancement - Allow configuring storage registry with envvars: #7554
• Enhancement - Add search MediaType filter: #7602
• Enhancement - Add Sharing NG endpoints: #7633
• Enhancement - Configs for Web embed mode: #7670
• Enhancement - Add new permissions: #7700
• Enhancement - Add preferred language to user settings: #7720
• Enhancement - Add user filter startswith and contains: #7739
• Enhancement - Allow configuring additional routes: #7741
• Enhancement - Default link permission config: #7783
• Enhancement - Add banned password list to the default deployments: #7784
• Enhancement - Update to go 1.21: #7794
• Enhancement - Add Sharing NG list permissions endpoint: #7805
• Enhancement - Add user list requires filter config: #7866
• Enhancement - Retry antivirus postprocessing step in case of problems: #7874
• Enhancement - Add validation to public share provider: #7877
• Enhancement - Store and index metadata: #7886
• Enhancement - Allow regular users to list other users: #7887
• Enhancement - Add edit public share to sharing NG: #7908
• Enhancement - Add cli commands for trash-bin: #7917
• Enhancement - Add validation update public share: #7978
• Enhancement - Allow inmemory nats-js-kv stores: #7979
• Enhancement - Use kv store in natsjs registry: #7987
• Enhancement - Allow authentication nats connections: #7989
• Enhancement - Add RED metrics to the metrics endpoint: #7994
• Enhancement - Add ocm and sciencemesh services: #7998
• Enhancement - Make nats-js-kv the default registry: #8011
• Enhancement - Update Reva to version 2.18.0: #8038
• Enhancement - Service Account roles: #8051
• Enhancem...