nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Maxence Lange	132513dbf3	fix(userconfig): duplicate core lexicon Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-29 10:36:44 +07:00
John Molakvoæ	e89b3a0597	Merge pull request #54051 from nextcloud/fix/session/log-ephemeral-session-close	2025-07-28 08:16:32 +07:00
Maxence Lange	33bff30e1d	feat(lexicon): moving out from unstable Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-24 15:56:33 +07:00
Christoph Wurst	084a2e8859	fix(session): log when ephemeral sessions are closed Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2025-07-23 07:52:06 +07:00
Ferdinand Thiessen	7fe272fd74	fix(Coordinator): ensure the core app is loaded first Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-07-17 16:59:45 +07:00
Côme Chilliet	2346a528ba	fix: Tidy up middleware registration code and scope them to application container This make sure that all middlewares get a logger scoped to the application id, among other things. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:16 +07:00
Côme Chilliet	3dd4ba854f	fix: Add back ContainerInterface service to DIContainer Otherwise it gets resolved to \OC::$server. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:15 +07:00
Côme Chilliet	2240acec7f	fix: Put back ScopedPsrLogger service Cannot use an alias for this one, as it depends upon LoggerInterface so that creates an infinite loop. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:15 +07:00
Côme Chilliet	bbe766b07a	fix: Make sure Request class can be dependency injected to fix SameSiteCookieMiddleware injection Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:14 +07:00
Côme Chilliet	ab310ce938	fix: Fix issues and tests in DIContainer and friends Some tests related to MiddlewareDispatcher are still failing. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:14 +07:00
Côme Chilliet	9913bdda90	chore: Cleanup DIContainer class Also removed deprecated tag from the class as this class will not be removed, only the interface IAppContainer and associated methods should be removed. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:12 +07:00
Andy Scherzinger	0c087ece4c	Merge pull request #53740 from nextcloud/fix/properly-fail-on-invalid-json Properly fail on invalid json	2025-07-03 18:00:28 +07:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +07:00
Côme Chilliet	79f4e0de76	fix: Only attempt to decode JSON input if it is not an empty string Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-01 11:24:27 +07:00
Côme Chilliet	e8bc35ec0a	fix(ocs): Return a proper error on JSON decoding failures Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-01 10:45:31 +07:00
Côme Chilliet	87f98c88ab	chore: Rename property and type it to match its current use in Request Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-01 10:25:14 +07:00
Robin Appelman	8b0a3a774d	fix: throw a better error if we don't get an authorization header for secutity confirmation Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-24 15:57:20 +07:00
Daniel Kesselberg	be587def0e	fix: use correct format for expires, last-modified, and if-modified-since headers Before: Sat, 10 May 2025 18:17:41 +0000 After: Sat, 10 May 2025 18:17:41 GMT RFC: https://httpwg.org/specs/rfc9110.html#http.date Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-06-10 13:15:31 +07:00
Côme Chilliet	2eed6d3a89	feat: Add a configuration toggle for lazy objects in DI Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:51:24 +07:00
Côme Chilliet	98b2cfc416	fix: Fix several side effects of lazy ghosts Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:50:42 +07:00
Côme Chilliet	86ff5810d7	fix: Only use Lazy objects if PHP is 8.4 or higher Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:49:58 +07:00
Côme Chilliet	1bf41550d0	chore: Suppress psalm error Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:49:58 +07:00
Côme Chilliet	06c062bebd	feat: Use Lazy ghosts for Dependency injection This will only work with PHP 8.4, so we’ll need to put it behind a version check later. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:49:38 +07:00
Côme Chilliet	e8370bf73a	fix: Use only enabled applications versions in the cache prefix This makes sure the cached routes are updated after enabling a previously disabled application Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 17:58:54 +07:00
Ferdinand Thiessen	c21e189850	fix: make core application bootstrapable by coordinator Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-06-02 15:58:54 +07:00
Joas Schilling	89a7778f87	test: Mock ITaskManager to remove test interactions Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-29 12:20:20 +07:00
Ferdinand Thiessen	e4ed062d68	fix(RouteParser): bail out if method name contains hashtag Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-05-15 13:57:14 +07:00
provokateurin	63ba61487b	chore(AppFramework): Remove unused RouteConfig class and migrate tests to RouteParser Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-05-15 13:57:14 +07:00
Côme Chilliet	0c56605497	fix: Fix psalm issue and update baseline Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-05-14 19:18:31 +07:00
Côme Chilliet	20c6d1a7e9	feat: Improve init a bit, and add more profiling steps Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-05-13 16:08:49 +07:00
Joas Schilling	7964f338dc	fix(throttler): Remove the sleep from the throttler that throws The sleep is not adding benefit when it's being aborted with 429 in other cases anyway. Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-02 11:27:29 +07:00
Josh	6951053c90	docs(dispatcher): Correct described return values Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-04-23 22:43:03 +07:00
Côme Chilliet	92038229fa	fix: Remove support for app.php loading It has been deprecated for a long time, and the last known active application to use it (user_saml) is now migrated the modern API. Presence of the file is still checked in order to log an error. This behavior may be removed as well in a few versions. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-04-14 14:30:00 +07:00
Louis Chemineau	3bff9ee3e1	fix: Use login name to check the password Signed-off-by: Louis Chemineau <louis@chmn.me>	2025-04-02 15:50:05 +07:00
Côme Chilliet	c7037d7b38	fix: Move getAppInstalledVersions to AppConfig so that it can be used earlier Call it from OC_App to make sure there is only one request to DB. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-03-25 16:20:21 +07:00
Joas Schilling	c9aea8ffdf	fix(auth): Allow 2FA challenges for Ephemeral sessions Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-03-18 09:52:51 +07:00
Louis Chemineau	a163fa08d0	fix(login): Properly target public page with attribute Signed-off-by: Louis Chemineau <louis@chmn.me>	2025-03-05 16:36:26 +07:00
Arthur Schiwon	42d752f767	Merge pull request #51116 from nextcloud/enh/noid/nullable-range feat(AppFramework): extend range check to optional parameters	2025-03-04 14:23:21 +07:00
Arthur Schiwon	6594d7d96d	feat(AppFramework): extend range check to optional parameters Now it also applies when a paramater is documtend with a pending \|null, but no further unionation is considered. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2025-02-27 19:49:04 +07:00
Louis Chemineau	47bd75a052	fix(login): Also check legacy annotation for ephemeral sessions Signed-off-by: Louis Chemineau <louis@chmn.me>	2025-02-27 13:12:55 +07:00
Louis	c7900de4f2	Merge pull request #51051 from nextcloud/artonge/fix/login_flow_v2_sessions_2 feat: Close sessions created for login flow v2	2025-02-27 08:52:00 +07:00
Louis Chemineau	c6293204a2	feat: Close sessions created for login flow v2 Sessions created during the login flow v2 should be short lived to not leave an unexpected opened session in the browser. This commit add a property to the session object to track its origin, and will close it as soon as possible, i.e., on the first non public page request. Signed-off-by: Louis Chemineau <louis@chmn.me>	2025-02-26 13:42:18 +07:00
Joas Schilling	095ab4419e	fix(l10n): Improve english source strings - No leading/trailing whitespace - Use asci single quote Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-02-26 09:54:32 +07:00
Côme Chilliet	c1c59f9a6c	chore: Add missing star in phpdoc comment Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-02-17 15:26:23 +07:00
Côme Chilliet	fa108d5b54	fix: Correctly tag json encoding in BaseResponse to fix false-positive …in psalm taint analysis Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-02-17 15:26:22 +07:00
Joas Schilling	c1655bcde7	fix(ratelimit): Allow to bypass rate-limit from bruteforce allowlist Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-01-27 12:46:15 +07:00
Elizabeth Danzberger	fdfeb7f265	feat(api): File conversion API Signed-off-by: Elizabeth Danzberger <lizzy7128@tutanota.de>	2025-01-15 16:38:18 +07:00
Maxence Lange	bd4a154d64	feat(lexicon): configurable default value Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-01-14 10:36:07 +07:00
provokateurin	7db694f534	fix(Http): Only allow valid HTTP status code values via template Signed-off-by: provokateurin <kate@provokateurin.de>	2025-01-07 15:45:30 +07:00
Maxence Lange	96586ba709	feat(config): implementation of lexicon Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-12-13 11:08:20 +07:00

1 2 3 4 5 ...

611 Commits (b9ab00a59e2d906fdb43eaaea37eb7a4a9cc8a13)