7.0.0-rc.3

Table of Contents

• Changelog for 7.0.0-rc.3

Changes in 7.0.0-rc.3

Summary

• Bugfix - Log GRPC requests in debug mode: #10438
• Bugfix - Fix impersonated request user mismatch: #10548
• Bugfix - Fix federated sharing when using an external IDP: #10567
• Bugfix - Fix node cache ttl updates: #10575
• Bugfix - We now limit the number of workers of the jsoncs3 share manager: #10578
• Bugfix - Set MaxConcurrency to 1: #10580
• Bugfix - Reuse go-micro service clients: #10582
• Bugfix - Make collaboration service use a gateway selector: #10584
• Bugfix - Return an error if we can't get the keys and ensure they're cached: #10590
• Bugfix - Fix status code for thumbnail requests: #10592
• Bugfix - Fix the activity field mapping: #10593
• Bugfix - Bump Reva to v2.26.7: #10612
• Enhancement - Update web to v11.0.4: #10569

Details

• Bugfix - Log GRPC requests in debug mode: #10438

  When log level is set to debug we will now also log grpc requests.

  #10438

• Bugfix - Fix impersonated request user mismatch: #10548

  We fixed a user id and name mismatch in the impersonated auth-app API request

  #10292
  https://github.com/owncloud/ocis/pull/10548

• Bugfix - Fix federated sharing when using an external IDP: #10567

  We fixed a bug that caused federated sharing to fail, when the federated oCIS
  instances where sharing the same external IDP.

  #10567
  cs3org/reva#4933

• Bugfix - Fix node cache ttl updates: #10575

  We now only udpate the TTL of the node that is created or updated.

  #10575

• Bugfix - We now limit the number of workers of the jsoncs3 share manager: #10578

  We now restrict the number of workers that look up shares to 5. The number can
  be changed with SHARING_USER_JSONCS3_MAX_CONCURRENCY or
  OCIS_MAX_CONCURRENCY.

  #10578
  #10552

• Bugfix - Set MaxConcurrency to 1: #10580

  Set MaxConcurrency for frontend and userlog and sharing services to 1. Too many
  workers will negatively impact performance on small machines.

  #10580
  #10557

• Bugfix - Reuse go-micro service clients: #10582

  Go micro clients must not be reinitialized. The internal selector will spawn a
  new go routine to watch for registry changes.

  #10582

• Bugfix - Make collaboration service use a gateway selector: #10584

  #10584

• Bugfix - Return an error if we can't get the keys and ensure they're cached: #10590

  Previously, there was an issue where we could get an error while getting the
  public keys from the /hosting/discovery endpoint but we're returning a wrong
  success value instead. This is fixed now and we're returning the error.

  In addition, the public keys weren't being cached, so we hit the
  /hosting/discovery endpoint every time we need to use the public keys. The keys
  are now cached so we don't need to hit the endpoint more than what we need.

  #10590

• Bugfix - Fix status code for thumbnail requests: #10592

  We fixed the status code returned by the thumbnails service when the image
  source for a thumbnail exceeds the configured maximum dimensions or file size.
  The service now returns a 403 Forbidden status code instead of a 500 Internal
  Server Error status code.

  #10589
  #10592

• Bugfix - Fix the activity field mapping: #10593

  #10228
  #10593
  Fixed
  the
  activity
  field
  mapping

• Bugfix - Bump Reva to v2.26.7: #10612

  • Fix cs3org/reva#4964: Fix a wrong error code when approvider creates a new file

  Bump Reva to v2.26.6

  • Fix cs3org/reva#4955: Allow small clock skew in reva token validation
  • Fix cs3org/reva#4929: Fix flaky posixfs integration tests
  • Fix cs3org/reva#4953: Avoid gateway panics
  • Fix cs3org/reva#4959: Fix missing file touched event
  • Fix cs3org/reva#4933: Fix federated sharing when using an external identity provider
  • Fix cs3org/reva#4935: Enable datatx log
  • Fix cs3org/reva#4936: Do not delete mlock files
  • Fix cs3org/reva#4954: Prevent a panic when logging an error
  • Fix cs3org/reva#4956: Improve posixfs error handling and logging
  • Fix cs3org/reva#4951: Pass the initialized logger down the stack

  #10612

• Enhancement - Update web to v11.0.4: #10569

  Tags: web

  We updated ownCloud Web to v11.0.4. Please refer to the changelog (linked) for
  details on the web release.

  • Bugfix owncloud/web#11870:
    Preview image retries postprocessing - Bugfix
    owncloud/web#11883: Preview app
    Shared with me page - Bugfix
    owncloud/web#11897: "Save as" /
    "Open" when embed delegate authentication is enabled - Bugfix
    owncloud/web#11900: App top bar
    does not show location when shared file is opened - Bugfix
    owncloud/web#11900: Open from
    app and Save As feature broken when opened via shared file - Bugfix
    owncloud/web#11904: Public
    folder reload - Bugfix
    owncloud/web#11916: Fix order in
    roles drop down - Bugfix
    owncloud/web#11923: Allow create
    template with different editors - Bugfix
    owncloud/web#11924: Extension
    actions in right sidebar - Bugfix
    owncloud/web#11929: Unique
    request ids

  #10569
  #10604
  https://github.com/owncloud/web/releases/tag/v11.0.3
  https://github.com/owncloud/web/releases/tag/v11.0.4

5.0.9

Table of Contents

• Changelog for 5.0.9

Changes in 5.0.9

Summary

• Bugfix - Thumbnail request limit: #10280
• Bugfix - Restart Postprocessing properly: #10439
• Change - Define maximum input image dimensions and size when generating previews: #10270

Details

• Bugfix - Thumbnail request limit: #10280

  The THUMBNAILS_MAX_CONCURRENT_REQUESTS setting was not working correctly.
  Previously it was just limiting the number of concurrent thumbnail downloads.
  Now the limit is applied to the number thumbnail generations requests.
  Additionally the webdav service is now returning a "Retry-After" header when it
  is hitting the ratelimit of the thumbnail service.

  #10280
  #10270
  #10225

• Bugfix - Restart Postprocessing properly: #10439

  Properly differentiate between resume and restart postprocessing.

  #10439

• Change - Define maximum input image dimensions and size when generating previews: #10270

  This is a general hardening change to limit processing time and resources of the
  thumbnailer.

  #10270
  #9360
  #9035
  #9069

7.0.0-rc.2

Table of Contents

7.0.0-rc.1

Table of Contents

• Changelog for 7.0.0-rc.1

Changes in 7.0.0-rc.1

Summary

• Bugfix - Removed 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' setting: #104
• Bugfix - Respect proxy url when validating proofkeys: #1234
• Bugfix - Generate short tokens to be used as access tokens for WOPI: #10391
• Bugfix - Fix put relative wopi operation for microsoft: #10403
• Bugfix - Make SSE keepalive interval configurable: #10411
• Bugfix - Micro registry cache fixes: #10429
• Bugfix - Fix the memlimit loglevel: #10431
• Bugfix - Restart Postprocessing properly: #10439
• Bugfix - Allow to configure data server URL for ocm: #10440
• Bugfix - Return wopi lock header in get lock response: #10469
• Bugfix - 'ocis backup consistency' fixed for file revisions: #10493
• Bugfix - Wait for services to be ready before registering them: #10498
• Bugfix - Fix 0-byte file uploads: #10500
• Bugfix - Fixed sharedWithMe response for OCM shares: #10501
• Bugfix - Fix gateway nats checks: #10502
• Enhancement - Create thumbnails for GGP MIME types: #10303
• Enhancement - Include a product name in the collaboration service: #10335
• Enhancement - Add web extensions to the ocis_full example: #10399
• Enhancement - Bump reva to 2.26.4: #10419
• Enhancement - Remove deprecated CLI commands: #10430
• Enhancement - Bump cs3api: #10448
• Enhancement - Update web to v11.0.2: #10467
• Enhancement - Bump reva to latest: #10472
• Enhancement - Concurrent userlog processing: #10504
• Enhancement - Concurrent autoaccept for shares: #10505

Details

• Bugfix - Removed 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' setting: #104

  The config option 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' was
  removed from the OCM service. The additional security provided by this setting
  is somewhat questionable and only provided in very specific setups.

  We are not going through the normal deprecation process for this setting, as it
  was never really working anyway. If you have this setting in your configuration,
  it will be ignored. You can safely remove it.

  #10355
  https://github.com/owncloud/ocis/pull/104xx

• Bugfix - Respect proxy url when validating proofkeys: #1234

  We fixed a bug where the proxied wopi URL was not used when validating
  proofkeys. This caused the validation to fail when the proxy was used.

  #1234

• Bugfix - Generate short tokens to be used as access tokens for WOPI: #10391

  Currently, the access tokens being used might be too long. In particular,
  Microsoft Office Online complains about the URL (which contains the access
  token) is too long and refuses to work.

  #10391

• Bugfix - Fix put relative wopi operation for microsoft: #10403

  We fixed a bug in the put relative wopi operation for microsoft. The response
  now contains the correct properties.

  #10403

• Bugfix - Make SSE keepalive interval configurable: #10411

  To prevent intermediate proxies from closing the SSE connection admins can now
  configure a SSE_KEEPALIVE_INTERVAL.

  #10411

• Bugfix - Micro registry cache fixes: #10429

  We now invalidate cache entries when any of the nodes was not updated.

  #10429

• Bugfix - Fix the memlimit loglevel: #10431

  We set the memlimit default loglevel to error.

  #10428
  #10431

• Bugfix - Restart Postprocessing properly: #10439

  Properly differentiate between resume and restart postprocessing.

  #10439

• Bugfix - Allow to configure data server URL for ocm: #10440

  We introduced the OCM_OCM_STORAGE_DATA_SERVER_URL setting to fix a bug when
  downloading files from an OCM share. Before the data server URL defaulted to the
  listen address of the OCM server, which did not work when using 0.0.0.0 as the
  listen address.

  #10358
  #10440

• Bugfix - Return wopi lock header in get lock response: #10469

  We fixed a bug where the wopi lock header was not returned in the get lock
  response. This is now fixed and the wopi validator tests are passing.

  #10469

• Bugfix - 'ocis backup consistency' fixed for file revisions: #10493

  A bug was fixed that caused the 'ocis backup consistency' command to incorrectly
  report inconistencies when file revisions with a zero value for the nano-second
  part of the timestamp were present.

  #9498
  #10493

• Bugfix - Wait for services to be ready before registering them: #10498

  #10498

• Bugfix - Fix 0-byte file uploads: #10500

  We fixed an issue where 0-byte files upload did not return the Location header.

  #10469
  #10500

• Bugfix - Fixed sharedWithMe response for OCM shares: #10501

  OCM shares returned in the sharedWithMe response did not have the mimeType
  property populated correctly.

  #10495
  #10501

• Bugfix - Fix gateway nats checks: #10502

  We now only check if nats is available when the gateway actually uses it.
  Furthermore, we added a backoff for checking the readys endpoint.

  #10502

• Enhancement - Create thumbnails for GGP MIME types: #10303

  Creates thumbnails for newly added ggp files

  #10303

• Enhancement - Include a product name in the collaboration service: #10335

  The product name will allow using a different app name. For example, a "CoolBox"
  app name might use a branded Collabora instance by using "Collabora" as product
  name.

  #10335
  #10490

• Enhancement - Add web extensions to the ocis_full example: #10399

  We added some of the web extensions from ownCloud to the ocis_full docker
  compose example.

  • importer - draw-io - external-sites - json-viewer - unzip - progressbars

  These can be enabled in the .env file one by one.

  Read more about ocis extensions in
  https://github.com/owncloud/web-extensions/blob/main/README.md

  #10399

• Enhancement - Bump reva to 2.26.4: #10419

  • Bugfix cs3org/reva#4917: Fix 0-byte file uploads
  • Bugfix cs3org/reva#4918: Fix app templates

  Bump reva to 2.26.3

  • Bugfix cs3org/reva#4908: Add checksum to OCM storageprovider responses
  • Enhancement cs3org/reva#4910: Bump cs3api
  • Enhancement cs3org/reva#4909: Bump cs3api
  • Enhancement cs3org/reva#4906: Bump cs3api

  Bump reva to 2.26.2

  • Enhancement cs3org/reva#4897: Fix remaining quota calculation
  • Bugfix cs3org/reva#4902: Fix quota calculation

  #10419

• Enhancement - Remove deprecated CLI commands: #10430

  We removed the following deprecated CLI commands: ocis storage-users uploads list ocis storage-users uploads clean

  #10428
  ...

6.6.1

Table of Contents

• Changelog for 6.6.1

Changes in 6.6.1

Summary

• Bugfix - Fix panic when stopping the nats: #10363
• Bugfix - Disable download activity: #10368
• Bugfix - Fix Activitylog issues: #10376
• Bugfix - Security fixes: #10376
• Bugfix - Make antivirus workers configurable: #10383
• Bugfix - Increase event processing workers: #10385
• Bugfix - Fix envvar deprecations for next production release: #10386
• Bugfix - Fix healthchecks: #10405

Details

• Bugfix - Fix panic when stopping the nats: #10363

  The nats server itself runs signal handling that the Shutdown() call in the ocis
  code is redundant and led to a panic.

  #10360
  #10363

• Bugfix - Disable download activity: #10368

  We disable the download activity until we have a proper solution for it.

  #10293
  #10368

• Bugfix - Fix Activitylog issues: #10376

  Fixes multiple activititylog issues. There was an error about max payload exceeded when there were too many activities on one folder. Listing would take
  very long even with a limit activated. All of these issues are now fixed.

  #10376

• Bugfix - Security fixes: #10376

  We polished some of the sonarcloud issues.

  #10376

• Bugfix - Make antivirus workers configurable: #10383

  We made the number of go routines that pull events from the queue configurable.

  #10383

• Bugfix - Increase event processing workers: #10385

  We increased the number of go routines that pull events from the queue to three
  and made the number off workers configurable. Furthermore, the postprocessing
  delay no longer introduces a sleep that slows down pulling of events, but
  asynchronously triggers the next step.

  #10385
  #10368

• Bugfix - Fix envvar deprecations for next production release: #10386

  Some envvar deprecations were incomplete. One was missed to be removed, one had
  missing information.

  #10386

• Bugfix - Fix healthchecks: #10405

  We needed to replace 0.0.0.0 bind addresses by outbound IP addresses in the
  healthcheck routine.

  #10405

6.6.1-rc.2

Table of Contents

6.6.1-rc.1

Table of Contents

6.6.0

Table of Contents

• Changelog for 6.6.0

Changes in 6.6.0

Summary

• Bugfix - Fix health and ready endpoints: #10163
• Bugfix - Always treat LDAP attribute names case-insensitively: #10204
• Bugfix - Fix delete share panic: #10219
• Bugfix - Continue listing shares on error: #10243
• Bugfix - Avoid re-creating thumbnails: #10251
• Bugfix - Kept historical resource naming in activity: #10266
• Bugfix - Fix panic when sharing with groups: #10279
• Bugfix - Thumbnail request limit: #10280
• Bugfix - Forbid the ocm space sharing: #10287
• Bugfix - Use secure config defaults for OCM: #10307
• Bugfix - Graph service now supports OCIS_LDAP_USER_SCHEMA_DISPLAYNAME env var: #10257
• Enhancement - Add OCM wellknown configuration: #9815
• Enhancement - Load IDP logo from theme: #10274
• Enhancement - WebOffice Templates: #10276
• Enhancement - Remove Deprecations: #10305
• Enhancement - Allow to use libvips for generating thumbnails: #10310
• Enhancement - Bump various dependencies: #10352
• Enhancement - Update web to v11.0.0: #10357
• Enhancement - Bump reva to 2.26.0: #10364

Details

• Bugfix - Fix health and ready endpoints: #10163

  We added new checks to the /readyz and /healthz endpoints to ensure that the
  services are ready and healthy. This change ensures that the endpoints return
  the correct status codes, which is needed to stabilize the k8s deployments.

  #10316
  #10281
  #10163
  #10301
  #10302
  #10303
  #10308
  #10323
  #10163
  #10333

• Bugfix - Always treat LDAP attribute names case-insensitively: #10204

  We fixes a bug where some LDAP attributes (e.g. owncloudUUID) were not treated
  case-insensitively.

  #10200
  #10204

• Bugfix - Fix delete share panic: #10219

  Fixes a panic when deleting an ocm share

  #10219

• Bugfix - Continue listing shares on error: #10243

  We now continue listing received shares when one of the shares cannot be statted
  or converted to a driveItem.

  #10243

• Bugfix - Avoid re-creating thumbnails: #10251

  We fixed a bug that caused the system to re-create thumbnails for images, even
  if a thumbnail already existed in the cache.

  #10251

• Bugfix - Graph service now supports OCIS_LDAP_USER_SCHEMA_DISPLAYNAME env var: #10257
  To align with the other services the graph service now supports the
  OCIS_LDAP_USER_SCHEMA_DISPLAYNAME environment variable to configure the LDAP
  attribute that is used for display name attribute of users.
  LDAP_USER_SCHEMA_DISPLAY_NAME is now deprecated and will be removed in a
  future release.
  #10257

• Bugfix - Kept historical resource naming in activity: #10266

  Kept historical resource naming after renaming in activity for shares and public
  links.

  #10210
  #10266

• Bugfix - Fix panic when sharing with groups: #10279

  We fixed a bug which caused a panic when sharing with groups, this only happened
  under a heavy load. Besides the bugfix, we also reduced the number of share auto
  accept log messages to avoid flooding the logs.

  #10258
  #10279

• Bugfix - Thumbnail request limit: #10280

  The THUMBNAILS_MAX_CONCURRENT_REQUESTS setting was not working correctly.
  Previously it was just limiting the number of concurrent thumbnail downloads.
  Now the limit is applied to the number thumbnail generations requests.
  Additionally the webdav service is now returning a "Retry-After" header when it
  is hitting the ratelimit of the thumbnail service.

  #10280
  #10225

• Bugfix - Forbid the ocm space sharing: #10287

  We forbid adding the federated users as members of the space via items invite.

  #10051
  #10287

• Bugfix - Use secure config defaults for OCM: #10307

  #10307

• Enhancement - Add OCM wellknown configuration: #9815

  We now configure the wellknown service for OCM.

  #9815

• Enhancement - Load IDP logo from theme: #10274

  We now load the IDP logo from the theme file.

  owncloud/web#11603
  #10274

• Enhancement - WebOffice Templates: #10276

  We are now able to use templates for WebOffice and use them as a starting point
  for new documents.

  We are supporting the following mime types:

  OnlyOffice

  • MimeType: application/vnd.ms-word.template.macroenabled.12
    TargetExtension: docx

  • MimeType: application/vnd.oasis.opendocument.text-template
    TargetExtension: docx

  • MimeType:
    application/vnd.openxmlformats-officedocument.wordprocessingml.template
    TargetExtension: docx

  • MimeType: application/vnd.oasis.opendocument.spreadsheet-template
    TargetExtension: xlsx

  • MimeType: application/vnd.ms-excel.template.macroenabled.12
    TargetExtension: xlsx

  • MimeType:
    application/vnd.openxmlformats-officedocument.spreadsheetml.template
    TargetExtension: xlsx

  • MimeType: application/vnd.oasis.opendocument.presentation-template
    TargetExtension: pptx

  • MimeType: application/vnd.ms-powerpoint.template.macroenabled.12
    TargetExtension: pptx

  • MimeType:
    application/vnd.openxmlformats-officedocument.presentationml.template
    TargetExtension: pptx

  Collabora

  • MimeType: application/vnd.oasis.opendocument.spreadsheet-template
    TargetExtension: ods

  • MimeType: application/vnd.oasis.opendocument.text-template
    TargetExtension: odt

  • MimeType: application/vnd.oasis.opendocument.presentation-template
    TargetExtension: odp

  #9785
  #10276

• Enhancement - Remove Deprecations: #10305

  Remove deprecated stores/caches/registries and envvars from the codebase.

  #10305

• Enhancement - Allow to use libvips for generating thumbnails: #10310

  To improve performance (and to be able to support a wider range of images
  formats in the future) the thumbnails service is now able to utilize libvips
  (https://www.libvips.org/) for generating thumbnails. Enabling the use of
  libvips is implemented as a build-time option which is currently disabled for
  the "bare-metal" build of the ocis binary and enabled for the docker image
  builds.

  #10310

• Enhancement - Bump various dependencies: #10352

  #10352

• Enhancement - Update web to v11.0.0: #10357

  Tags: web

  We updated ownCloud Web to v11.0.0. Please refer to the changelog (linked) for
  details on the web release.

  • Change owncloud/web#11709:
    Remove importer as default app - Enhancement
    owncloud/web#11668: Allow setting
    view mode for apps via query - Enhancement
    owncloud/web#11731: File size
    warning in editors - E...

6.6.0-rc.1

Table of Contents

6.6.0-alpha.1

Table of Contents