Merge pull request #47890 from nextcloud/release/30.0.0_rc5

Merge pull request #47915 from nextcloud/backport/47913/stable30
[stable30] fix: Add whiteboard to education and public sector bundle
2024-09-12 14:44:24 +02:00 · 2024-09-12 13:16:05 +02:00 · 2024-09-12 11:23:31 +02:00 · 2024-09-12 09:08:22 +00:00 · 2024-09-12 10:41:56 +02:00 · 2024-09-12 10:40:43 +02:00
6780 changed files with 150637 additions and 153708 deletions
@@ -1,17 +0,0 @@
-# .git-blame-ignore-revs
-
-# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: AGPL-3.0-or-later
-
-# Format control structures
-caff1023ea72bb2ea94130e18a2a6e2ccf819e5f
-# Update to coding-standard 1.1.1
-aa5f037af71c915424c6dcfd5ad2dc82797dc0d6
-# Update to coding-standard 1.2.3
-af6de04e9e141466dc229e444ff3f146f4a34765
-0bd284cb81b6866338aaaa67aa1d81ef9bfbb2ab
-8af7ecb2576071f170ecbb0aa2311b26581e40e2
-# Update to coding-standard 1.3.1
-9836e9b16484582d309c8437ab46d82e34956941
-# Automated refactorings
-49dd79eabb2b8902559a7a4e8f8fcad54f46b604
@@ -2,18 +2,14 @@
 /apps/admin_audit/appinfo/info.xml            @luka-nextcloud @blizzz
 /apps/cloud_federation_api/appinfo/info.xml   @mejo-
 /apps/comments/appinfo/info.xml               @edward-ly @Pytal
-/apps/contactsinteraction/appinfo/info.xml    @kesselb @SebastianKrupinski
-/apps/contactsinteraction/lib                 @kesselb @SebastianKrupinski
-/apps/contactsinteraction/tests               @kesselb @SebastianKrupinski
-/apps/dashboard/appinfo/info.xml              @julien-nc @juliusknorr
-/apps/dav/lib/CalDAV                          @st3iny @SebastianKrupinski @tcitworld
-/apps/dav/lib/CardDAV                         @hamza221 @SebastianKrupinski
-/apps/dav/tests/unit/CalDAV                   @st3iny @SebastianKrupinski @tcitworld
-/apps/dav/tests/unit/CardDAV                  @hamza221 @SebastianKrupinski
+/apps/contactsinteraction/appinfo/info.xml    @kesselb @miaulalala @ChristophWurst @GretaD @hamza221 @st3iny
+/apps/dashboard/appinfo/info.xml              @julien-nc @juliushaertl
+/apps/dav/lib/CalDAV                          @ChristophWurst @miaulalala @tcitworld
+/apps/dav/lib/CardDAV                         @ChristophWurst @miaulalala @tcitworld
 /apps/encryption/appinfo/info.xml             @come-nc @icewind1991
 /apps/federatedfilesharing/appinfo/info.xml   @icewind1991 @danxuliu
-/apps/federation/appinfo/info.xml             @nfebe
-/apps/files/appinfo/info.xml                  @skjnldsv @Pytal @ArtificialOwl @come-nc @artonge @icewind1991 @szaimen @susnux @nfebe
+/apps/federation/appinfo/info.xml             @datenangebot
+/apps/files/appinfo/info.xml                  @skjnldsv @Pytal @ArtificialOwl @come-nc @artonge @icewind1991 @szaimen @susnux @Fenn-CS
 /apps/files_external/appinfo/info.xml         @icewind1991 @artonge
 /apps/files_reminders/appinfo/info.xml        @Pytal
 /apps/files_sharing/appinfo/info.xml          @skjnldsv @come-nc
@@ -24,14 +20,14 @@
 /apps/settings/appinfo/info.xml               @Pytal @JuliaKirschenheuter
 /apps/sharebymail/appinfo/info.xml            @Altahrim
 /apps/systemtags/appinfo/info.xml             @Antreesy @marcelklehr
-/apps/theming/appinfo/info.xml                @skjnldsv @juliusknorr
+/apps/theming/appinfo/info.xml                @skjnldsv @juliushaertl
 /apps/twofactor_backupcodes/appinfo/info.xml  @st3iny @miaulalala @ChristophWurst
 /apps/updatenotification/appinfo/info.xml     @Pytal @JuliaKirschenheuter
 /apps/user_ldap/appinfo/info.xml              @come-nc @blizzz
 /apps/user_status/appinfo/info.xml            @Antreesy @nickvergessen
-/apps/weather_status/appinfo/info.xml         @julien-nc @juliusknorr
+/apps/weather_status/appinfo/info.xml         @julien-nc @juliushaertl
 /apps/webhook_listeners/appinfo/info.xml      @come-nc @julien-nc
-/apps/workflowengine/appinfo/info.xml         @blizzz @juliusknorr
+/apps/workflowengine/appinfo/info.xml         @blizzz @juliushaertl

 # Frontend expertise
 /apps/files/src*                  @skjnldsv
@@ -41,9 +37,9 @@
 /apps/files_trashbin/src*         @skjnldsv

 # Security team
-/build/psalm-baseline-security.xml  @nickvergessen
 /resources/codesigning              @mgallien @miaulalala @nickvergessen
-/resources/config/ca-bundle.crt     @miaulalala @nickvergessen
+/resources/config/ca-bundle.crt     @ChristophWurst @miaulalala @nickvergessen
+/.drone.yml                         @nickvergessen

 # Two-Factor Authentication
 # https://github.com/nextcloud/wg-two-factor-authentication#members
@@ -69,10 +65,6 @@ ResponseDefinitions.php @provokateurin
 /lib/public/Talk                    @nickvergessen
 /lib/public/UserStatus              @nickvergessen

-# Groupware
-/build/integration/dav_features/caldav.feature    @st3iny @SebastianKrupinski
-/build/integration/dav_features/carddav.feature   @st3iny @SebastianKrupinski
-
 # Personal interest
 */Activity/*                        @nickvergessen
 */Notifications/*                   @nickvergessen
@@ -48,7 +48,7 @@ In some areas unit testing is hard (aka almost impossible) as of today - in thes

 ### Sign your work

-We use the Developer Certificate of Origin (DCO) as an additional safeguard
+We use the Developer Certificate of Origin (DCO) as a additional safeguard
 for the Nextcloud project. This is a well established and widely used
 mechanism to assure contributors have confirmed their right to license
 their contribution under the project's license.
@@ -62,6 +62,22 @@ body:
      description: Describe what you expected to happen instead.
    validations:
      required: true
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: Installation method
+      description: |
+        Select installation method you've used.
+        _Describe the method in the "Additional info" section if you chose "Other"._
+      options:
+        - "Community Web installer on a VPS or web space"
+        - "Community Manual installation with Archive"
+        - "Community Docker image"
+        - "Community NextcloudPi appliance"
+        - "Community SNAP package"
+        - "Community VM appliance"
+        - "Other Community project"
+        - "Official All-in-One appliance"
  - type: dropdown
    id: nextcloud-version
    attributes:
@@ -70,9 +86,8 @@ body:
        Select Nextcloud Server version.
        _Versions not listed here are not maintained and not supported anymore_
      options:
+        - "28"
        - "29"
-        - "30"
-        - "31"
        - "master"
    validations:
      required: true
@@ -95,10 +110,10 @@ body:
        Select PHP engine version serving Nextcloud Server.
        _Describe in the "Additional info" section if you chose "Other"._
      options:
-        - "PHP 8.4"
-        - "PHP 8.3"
-        - "PHP 8.2"
+        - "PHP 8.0"
        - "PHP 8.1"
+        - "PHP 8.2"
+        - "PHP 8.3"
        - "Other"
  - type: dropdown
    id: webserver
@@ -132,8 +147,8 @@ body:
      description: |
        Select if bug is present after an update or on a fresh install.
      options:
-        - "Updated from a MINOR version (ex. 32.0.1 to 32.0.2)"
-        - "Upgraded to a MAJOR version (ex. 31 to 32)"
+        - "Updated from a MINOR version (ex. 28.0.1 to 28.0.2)"
+        - "Upgraded to a MAJOR version (ex. 28 to 29)"
        - "Fresh Nextcloud Server install"
  - type: dropdown
    id: encryption
@@ -168,7 +183,7 @@ body:
        ./occ config:list system
        ```
        > NOTE: This will be automatically formatted into code for better readability.
-      render: json
+      render: shell
  - type: textarea
    id: apps
    attributes:
@@ -200,10 +215,10 @@ body:
    attributes:
      label: Nextcloud Logs
      description: |
-        Provide relevant Nextcloud log entries (e.g. from the time period you reproduced the problem).
-        Copy full individual entries from `data/nextcloud.log` or use `Copy raw entry` from `/settings/admin/logging` section:
+        Provide Nextcloud logs lines.
+        Copy all contents from `data/nextcloud.log` or a RAW from `/settings/admin/logging` section:
        > NOTE: This will be automatically formatted into code for better readability.
-      render: json
+      render: shell
  - type: textarea
    id: additional-info
    attributes:
@@ -59,20 +59,6 @@ updates:
  reviewers:
    - "nextcloud/server-dependabot"

-# phpunit
- package-ecosystem: composer
-  directory: "/vendor-bin/phpunit"
-  schedule:
-    interval: weekly
-    day: saturday
-    time: "04:40"
-    timezone: Europe/Madrid
-  labels:
-    - "3. to review"
-    - "feature: dependencies"
-  reviewers:
-    - "nextcloud/server-dependabot"
-
 # Main master npm
 - package-ecosystem: npm
  directory: "/"
@@ -121,7 +107,7 @@ updates:
    day: saturday
    time: "03:00"
    timezone: Europe/Paris
-  target-branch: stable29
+  target-branch: stable28
  labels:
    - "3. to review"
    - "feature: dependencies"
@@ -140,7 +126,7 @@ updates:
    day: saturday
    time: "03:00"
    timezone: Europe/Paris
-  target-branch: stable30
+  target-branch: stable29
  labels:
    - "3. to review"
    - "feature: dependencies"
@@ -152,24 +138,23 @@ updates:
  # Disable automatic rebasing because without a build CI will likely fail anyway
  rebase-strategy: "disabled"

- package-ecosystem: npm
-  directory: "/"
+- package-ecosystem: composer
+  directory: "/build/integration"
  schedule:
    interval: weekly
    day: saturday
    time: "03:00"
    timezone: Europe/Paris
-  target-branch: stable31
+  target-branch: stable28
  labels:
    - "3. to review"
    - "feature: dependencies"
  reviewers:
    - "nextcloud/server-dependabot"
  ignore:
+    # ignore all GitHub linguist patch updates
    - dependency-name: "*"
-      update-types: ["version-update:semver-major", "version-update:semver-minor"]
-  # Disable automatic rebasing because without a build CI will likely fail anyway
-  rebase-strategy: "disabled"
+      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]

 - package-ecosystem: composer
  directory: "/build/integration"
@@ -189,42 +174,6 @@ updates:
    - dependency-name: "*"
      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]

- package-ecosystem: composer
-  directory: "/build/integration"
-  schedule:
-    interval: weekly
-    day: saturday
-    time: "03:00"
-    timezone: Europe/Paris
-  target-branch: stable30
-  labels:
-    - "3. to review"
-    - "feature: dependencies"
-  reviewers:
-    - "nextcloud/server-dependabot"
-  ignore:
-    # ignore all GitHub linguist patch updates
-    - dependency-name: "*"
-      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]
-
- package-ecosystem: composer
-  directory: "/build/integration"
-  schedule:
-    interval: weekly
-    day: saturday
-    time: "03:00"
-    timezone: Europe/Paris
-  target-branch: stable31
-  labels:
-    - "3. to review"
-    - "feature: dependencies"
-  reviewers:
-    - "nextcloud/server-dependabot"
-  ignore:
-    # ignore all GitHub linguist patch updates
-    - dependency-name: "*"
-      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]
-
 # GitHub Actions
 - package-ecosystem: "github-actions"
  directory: "/"
@@ -51,15 +51,15 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, json, mbstring
          coverage: none
          ini-file: development
        env:
@@ -31,7 +31,7 @@ jobs:
              - 'version.php'

      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: 3rdparty commit hash on current branch
        id: actual
@@ -27,7 +27,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - uses: webiny/action-conventional-commits@8bc41ff4e7d423d56fa4905f6ff79209a78776c7 # v1.3.0
        with:
@@ -76,7 +76,7 @@ jobs:
          fi

      - name: Init branch
-        uses: xt0rted/pull-request-comment-branch@e8b8daa837e8ea7331c0003c9c316a64c6d8b0b1 # v3.0.0
+        uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
        id: comment-branch

      - name: Add reaction on failure
@@ -86,7 +86,7 @@ jobs:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
+          reactions: "-1"

  process:
    runs-on: ubuntu-latest
@@ -94,15 +94,14 @@ jobs:

    steps:
      - name: Restore cached git repository
-        uses: buildjet/cache@3e70d19e31d6a8030aeddf6ed8dbe601f94d09f4 # v4.0.2
+        uses: buildjet/cache@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          path: .git
          key: git-repo

      - name: Checkout ${{ needs.init.outputs.head_ref }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: true
          token: ${{ secrets.COMMAND_BOT_PAT }}
          fetch-depth: 0
          ref: ${{ needs.init.outputs.head_ref }}
@@ -120,7 +119,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }}
          cache: npm
@@ -177,4 +176,4 @@ jobs:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
+          reactions: "-1"
@@ -34,11 +34,11 @@ jobs:
          exit 1

      - name: Init branch
-        uses: xt0rted/pull-request-comment-branch@e8b8daa837e8ea7331c0003c9c316a64c6d8b0b1 # v1
+        uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
        id: comment-branch

      - name: Checkout ${{ steps.comment-branch.outputs.head_ref }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          fetch-depth: 0
          token: ${{ secrets.COMMAND_BOT_PAT }}
@@ -29,8 +29,6 @@ jobs:
      npmVersion: ${{ steps.versions.outputs.npmVersion }}

    env:
-      # We'll install cypress in the cypress job
-      CYPRESS_INSTALL_BINARY: 0
      PUPPETEER_SKIP_DOWNLOAD: true

    steps:
@@ -41,7 +39,7 @@ jobs:
          exit 1

      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          # We need to checkout submodules for 3rdparty
          submodules: true
@@ -64,7 +62,7 @@ jobs:
          fallbackNpm: "^10"

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -80,7 +78,7 @@ jobs:
        run: npm run cypress:version

      - name: Save context
-        uses: buildjet/cache/save@v4
+        uses: buildjet/cache/save@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          key: cypress-context-${{ github.run_id }}
          path: ./
@@ -103,28 +101,23 @@ jobs:

    steps:
      - name: Restore context
-        uses: buildjet/cache/restore@v4
+        uses: buildjet/cache/restore@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          fail-on-cache-miss: true
          key: cypress-context-${{ github.run_id }}
          path: ./

      - name: Set up node ${{ needs.init.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.init.outputs.nodeVersion }}

      - name: Set up npm ${{ needs.init.outputs.npmVersion }}
        run: npm i -g 'npm@${{ needs.init.outputs.npmVersion }}'

-      - name: Install cypress
-        run: ./node_modules/cypress/bin/cypress install
-
      - name: Run ${{ matrix.containers == 'component' && 'component' || 'E2E' }} cypress tests
-        uses: cypress-io/github-action@7271bed2a170d73c0b08939cd192db51a1c46c50 # v6.7.10
+        uses: cypress-io/github-action@df7484c5ba85def7eef30db301afa688187bc378 # v6.7.2
        with:
-          # We already installed the dependencies in the init job
-          install: false
          component: ${{ matrix.containers == 'component' }}
          group: ${{ matrix.use-cypress-cloud && matrix.containers == 'component' && 'Run component' || matrix.use-cypress-cloud && 'Run E2E' || '' }}
          # cypress env
@@ -142,21 +135,19 @@ jobs:
          SPLIT: ${{ matrix.total-containers }}
          SPLIT_INDEX: ${{ matrix.containers == 'component' && 0 || matrix.containers }}

-      - name: Upload snapshots and videos
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+      - name: Upload snapshots
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
        if: always()
        with:
-          name: snapshots_videos_${{ matrix.containers }}
-          path: |
-            cypress/snapshots
-            cypress/videos
+          name: snapshots_${{ matrix.containers }}
+          path: cypress/snapshots

      - name: Extract NC logs
        if: failure() && matrix.containers != 'component'
-        run: docker logs nextcloud-cypress-tests_${{ env.APP_NAME }} > nextcloud.log
+        run: docker logs nextcloud-cypress-tests-${{ env.APP_NAME }} > nextcloud.log

      - name: Upload NC logs
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
        if: failure() && matrix.containers != 'component'
        with:
          name: nc_logs_${{ matrix.containers }}
@@ -164,10 +155,10 @@ jobs:

      - name: Create data dir archive
        if: failure() && matrix.containers != 'component'
-        run: docker exec nextcloud-cypress-tests_${{ env.APP_NAME }} tar -cvjf - data > data.tar
+        run: docker exec nextcloud-cypress-tests-server tar -cvjf - data > data.tar

      - name: Upload data dir archive
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
        if: failure() && matrix.containers != 'component'
        with:
          name: nc_data_${{ matrix.containers }}
@@ -43,7 +43,7 @@ jobs:
      # do not stop on another job's failure
      fail-fast: false
      matrix:
-        php-versions: ['8.1', '8.4']
+        php-versions: ['8.1', '8.3']
        ftpd: ['proftpd', 'vsftpd', 'pure-ftpd']
        include:
          - php-versions: '8.1'
@@ -53,7 +53,7 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

@@ -68,11 +68,11 @@ jobs:
          if [[ "${{ matrix.ftpd }}" == 'pure-ftpd' ]]; then docker run --name ftp -d --net host -e "PUBLICHOST=localhost" -e FTP_USER_NAME=test -e FTP_USER_PASS=test -e FTP_USER_HOME=/home/test -v /tmp/ftp:/home/test -v /tmp/ftp:/etc/pure-ftpd/passwd stilliard/pure-ftpd; fi

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -100,7 +100,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-ftp
@@ -41,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -60,12 +60,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -98,7 +98,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-s3
@@ -135,12 +135,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -165,7 +165,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-s3
@@ -43,7 +43,7 @@ jobs:
      # do not stop on another job's failure
      fail-fast: false
      matrix:
-        php-versions: ['8.1', '8.4']
+        php-versions: ['8.1', '8.3']
        sftpd: ['openssh']
        include:
          - php-versions: '8.1'
@@ -53,7 +53,7 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

@@ -64,11 +64,11 @@ jobs:
          if [[ '${{ matrix.sftpd }}' == 'openssh' ]]; then docker run -p 2222:22 --name sftp -d -v /tmp/sftp:/home/test atmoz/sftp 'test:test:::data'; fi

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -89,7 +89,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-sftp
@@ -34,7 +34,7 @@ jobs:
              - '**.php'

  files-external-smb-kerberos:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    needs: changes

    if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }}
@@ -43,22 +43,16 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Checkout user_saml
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          repository: nextcloud/user_saml
          path: apps/user_saml

-      - name: Install user_saml
-        run: |
-          cd apps/user_saml
-          composer i
-          cd ../..
-
      - name: Pull images
        run: |
          docker pull ghcr.io/icewind1991/samba-krb-test-dc
@@ -41,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.1'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -56,16 +56,16 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, smbclient, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, smbclient, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
          ini-file: development
        env:
@@ -94,7 +94,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v4.1.1
+        uses: codecov/codecov-action@922d8d7b314a529f2be903c1e79ee8283c492863 # v4.1.1
        with:
          files: ./clover.xml
          flags: phpunit-files-external-smb
@@ -41,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -56,12 +56,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -91,7 +91,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v4.1.1
+        uses: codecov/codecov-action@922d8d7b314a529f2be903c1e79ee8283c492863 # v4.1.1
        with:
          files: ./clover.xml
          flags: phpunit-files-external-webdav
@@ -40,7 +40,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -49,12 +49,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -74,12 +74,12 @@ jobs:
          ./occ app:enable --force files_external

      - name: PHPUnit
-        run: composer run test:files_external -- \
+        run: composer run test:files_external \
          ${{ matrix.coverage && ' --coverage-clover ./clover.xml' || '' }}

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-generic
@@ -51,12 +51,12 @@ jobs:

    steps:
        - name: Checkout server
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
          with:
            submodules: true

        - name: Set up php ${{ matrix.php-versions }}
-          uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+          uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
          with:
            php-version: ${{ matrix.php-versions }}
            # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -99,9 +99,9 @@ jobs:

        - name: Run CalDAVTester
          run: |
-            cp "apps/dav/tests/testsuits/caldavtest/serverinfo-${{ matrix.endpoint }}${{ matrix.endpoint == 'old' && (matrix.service == 'CardDAV' && '-carddav' || '-caldav') || '' }}-endpoint.xml" "apps/dav/tests/testsuits/caldavtest/serverinfo.xml"
+            cp "apps/dav/tests/travis/caldavtest/serverinfo-${{ matrix.endpoint }}${{ matrix.endpoint == 'old' && (matrix.service == 'CardDAV' && '-carddav' || '-caldav') || '' }}-endpoint.xml" "apps/dav/tests/travis/caldavtest/serverinfo.xml"
            pushd CalDAVTester
-            PYTHONPATH="../pycalendar/src" python testcaldav.py --print-details-onfail --basedir "../apps/dav/tests/testsuits/caldavtest" -o cdt.txt \
+            PYTHONPATH="../pycalendar/src" python testcaldav.py --print-details-onfail --basedir "../apps/dav/tests/travis/caldavtest" -o cdt.txt \
              "${{ matrix.service }}/current-user-principal.xml" \
              "${{ matrix.service }}/sync-report.xml" \
              ${{ matrix.endpoint == 'new' && format('{0}/sharing-{1}.xml', matrix.service, matrix.service == 'CalDAV' && 'calendars' || 'addressbooks') || ';' }}
@@ -50,12 +50,12 @@ jobs:

    steps:
        - name: Checkout server
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
          with:
            submodules: true

        - name: Set up php ${{ matrix.php-versions }}
-          uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+          uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
          with:
            php-version: ${{ matrix.php-versions }}
            # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -65,12 +65,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -61,7 +61,6 @@ jobs:
          - 'federation_features'
          - '--tags ~@large files_features'
          - 'filesdrop_features'
-          - 'file_conversions'
          - 'openldap_features'
          - 'openldap_numerical_features'
          - 'ldap_features'
@@ -72,7 +71,7 @@ jobs:
          - 'videoverification_features'

        php-versions: ['8.1']
-        spreed-versions: ['main']
+        spreed-versions: ['stable30']

    services:
      redis:
@@ -92,20 +91,20 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Checkout Talk app
        if: ${{ matrix.test-suite == 'videoverification_features' }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          repository: nextcloud/spreed
          path: apps/spreed
          ref: ${{ matrix.spreed-versions }}

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -53,7 +53,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -63,7 +63,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v3
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -48,10 +48,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php8.1
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: 8.1
          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
@@ -47,16 +47,16 @@ jobs:

    strategy:
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
+        php-versions: [ '8.1', '8.2', '8.3' ]

    name: php-lint

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          coverage: none
@@ -1,51 +0,0 @@
-# This workflow is provided via the organization template repository
-#
-# https://github.com/nextcloud/.github
-# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-#
-# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-
-name: Lint stylelint
-
-on: pull_request
-
-permissions:
-  contents: read
-
-concurrency:
-  group: lint-stylelint-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    name: stylelint
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: Read package.json node and npm engines version
-        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
-        id: versions
-        with:
-          fallbackNode: '^20'
-          fallbackNpm: '^10'
-
-      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
-        with:
-          node-version: ${{ steps.versions.outputs.nodeVersion }}
-
-      - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
-        run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
-
-      - name: Install dependencies
-        env:
-          CYPRESS_INSTALL_BINARY: 0
-        run: npm ci
-
-      - name: Lint
-        run: npm run stylelint
@@ -59,7 +59,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -80,10 +80,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -99,7 +99,7 @@ jobs:
        run: npm run test:coverage --if-present

      - name: Collect coverage
-        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v4.3.1
+        uses: codecov/codecov-action@922d8d7b314a529f2be903c1e79ee8283c492863 # v4.3.1
        with:
          files: ./coverage/lcov.info

@@ -114,10 +114,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -142,10 +142,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -53,7 +53,7 @@ jobs:
    name: NPM build
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -63,7 +63,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v3
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -21,13 +21,13 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        branches: ['main', 'master', 'stable31', 'stable30', 'stable29']
+        branches: ['main', 'master', 'stable29', 'stable28', 'stable27']

    name: npm-audit-fix-${{ matrix.branches }}

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          ref: ${{ matrix.branches }}

@@ -39,7 +39,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v3
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -60,7 +60,7 @@ jobs:

      - name: Create Pull Request
        if: always()
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(deps): Fix npm audit'
@@ -69,12 +69,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -105,7 +105,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-azure
@@ -70,12 +70,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -111,7 +111,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-s3
@@ -67,12 +67,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -101,7 +101,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-swift
@@ -26,10 +26,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
          extensions: ctype, curl, dom, fileinfo, gd, json, libxml, mbstring, openssl, pcntl, pdo, posix, session, simplexml, xml, xmlreader, xmlwriter, zip, zlib
@@ -29,16 +29,16 @@ jobs:
          exit 1

      - name: Checkout server before PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true
          ref: ${{ github.event.pull_request.base.ref }}

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: mbstring, fileinfo, intl, sqlite, pdo_sqlite, zip, gd
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

@@ -64,7 +64,7 @@ jobs:
            curl -s -u test:test -T README.md http://localhost:8080/remote.php/dav/files/test/new_file.txt
            curl -s -u test:test -X DELETE http://localhost:8080/remote.php/dav/files/test/new_file.txt
          output: before.json
-          profiler-branch: master
+          profiler-branch: stable30

      - name: Apply PR
        run: |
@@ -86,12 +86,12 @@ jobs:
            curl -s -u test:test -T README.md http://localhost:8080/remote.php/dav/files/test/new_file.txt
            curl -s -u test:test -X DELETE http://localhost:8080/remote.php/dav/files/test/new_file.txt
          output: after.json
-          profiler-branch: master
+          profiler-branch: stable30
          compare-with: before.json

      - name: Upload profiles
        if: always()
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
        with:
          name: profiles
          path: |
@@ -32,7 +32,7 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

@@ -42,7 +42,7 @@ jobs:
          sudo apt-get install -y ffmpeg imagemagick libmagickcore-6.q16-3-extra

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, openssl, pdo_sqlite, posix, sqlite, xml, zip, apcu
@@ -61,8 +61,6 @@ jobs:
          - php-versions: '8.3'
            mariadb-versions: '10.11'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - php-versions: '8.4'
-            mariadb-versions: '11.4'

    name: MariaDB ${{ matrix.mariadb-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -86,12 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -124,7 +122,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mariadb
@@ -55,7 +55,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.3', '8.4']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -71,12 +71,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -101,7 +101,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-memcached
@@ -120,12 +120,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b #v2.31.0
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -159,7 +159,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.1.1
        with:
          files: ./clover.db.xml
          flags: phpunit-mysql
@@ -61,8 +61,6 @@ jobs:
          - mysql-versions: '8.0'
            php-versions: '8.3'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - mysql-versions: '8.4'
-            php-versions: '8.4'

    name: MySQL ${{ matrix.mysql-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -86,12 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -124,7 +122,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mysql
@@ -57,7 +57,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.3', '8.4']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -73,12 +73,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -106,7 +106,7 @@ jobs:

      - name: Upload nodb code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.nodb.xml
          flags: phpunit-nodb
@@ -1,121 +0,0 @@
-# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: PHPUnit primary object store
-on:
-  pull_request:
-  schedule:
-    - cron: "15 2 * * *"
-
-concurrency:
-  group: phpunit-object-store-primary-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  changes:
-    runs-on: ubuntu-latest-low
-
-    outputs:
-      src: ${{ steps.changes.outputs.src}}
-
-    steps:
-      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        id: changes
-        continue-on-error: true
-        with:
-          filters: |
-            src:
-              - '.github/workflows/**'
-              - '3rdparty/**'
-              - '**/appinfo/**'
-              - '**/lib/**'
-              - '**/templates/**'
-              - '**/tests/**'
-              - 'vendor/**'
-              - 'vendor-bin/**'
-              - '.php-cs-fixer.dist.php'
-              - 'composer.json'
-              - 'composer.lock'
-              - '**.php'
-
-  object-store-primary-tests-minio:
-    runs-on: ubuntu-latest
-    needs: changes
-
-    if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }}
-
-    strategy:
-      # do not stop on another job's failure
-      fail-fast: false
-      matrix:
-        php-versions: ['8.1']
-        key: ['s3', 's3-multibucket']
-
-    name: php${{ matrix.php-versions }}-${{ matrix.key }}-minio
-
-    services:
-      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest
-        ports:
-          - 6379:6379/tcp
-        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
-
-      minio:
-        image: bitnami/minio
-        env:
-          MINIO_ROOT_USER: nextcloud
-          MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
-          MINIO_DEFAULT_BUCKETS: nextcloud
-        ports:
-          - "9000:9000"
-
-    steps:
-      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          submodules: true
-
-      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
-        with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Nextcloud
-        env:
-          OBJECT_STORE: ${{ matrix.key }}
-          OBJECT_STORE_KEY: nextcloud
-          OBJECT_STORE_SECRET: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
-        run: |
-          composer install
-          cp tests/redis.config.php config/
-          cp tests/preseed-config.php config/config.php
-          ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
-          php -f tests/enable_all.php | grep -i -C9999 error && echo "Error during app setup" && exit 1 || exit 0
-
-      - name: Wait for S3
-        run: |
-          sleep 10
-          curl -f -m 1 --retry-connrefused --retry 10 --retry-delay 10 http://localhost:9000/minio/health/ready
-
-      - name: PHPUnit
-        run: composer run test:db
-
-      - name: S3 logs
-        if: always()
-        run: |
-          cat data/nextcloud.log
-          docker ps -a
-          docker ps -aq | while read container ; do IMAGE=$(docker inspect --format='{{.Config.Image}}' $container); echo $IMAGE; docker logs $container; echo "\n\n" ; done
-
-
-  object-store-primary-summary:
-    runs-on: ubuntu-latest-low
-    needs: [changes,object-store-primary-tests-minio]
-
-    if: always()
-
-    steps:
-      - name: Summary status
-        run: if ${{ needs.changes.outputs.src != 'false' && needs.object-store-primary-tests-minio.result != 'success' }}; then exit 1; fi
@@ -66,8 +66,6 @@ jobs:
            php-versions: '8.2'
          - oracle-versions: '23'
            php-versions: '8.3'
-          - oracle-versions: '23'
-            php-versions: '8.4'

    name: Oracle ${{ matrix.oracle-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -98,12 +96,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -129,7 +127,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-oci
@@ -56,14 +56,12 @@ jobs:
    strategy:
      matrix:
        php-versions: ['8.1']
-        # To keep the matrix smaller we ignore PostgreSQL versions in between as we already test the minimum and the maximum
-        postgres-versions: ['13', '17']
+        # To keep the matrix smaller we ignore PostgreSQL '13', '14', and '15' as we already test 12 and 16 as lower and upper bound
+        postgres-versions: ['12', '16']
        include:
          - php-versions: '8.3'
-            postgres-versions: '17'
+            postgres-versions: '16'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - php-versions: '8.4'
-            postgres-versions: '17'

    name: PostgreSQL ${{ matrix.postgres-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -86,12 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -119,7 +117,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-postgres
@@ -55,7 +55,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.2', '8.3', '8.4']
+        php-versions: ['8.2', '8.3']
        include:
          - php-versions: '8.1'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -71,12 +71,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -105,7 +105,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.3.1
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-sqlite
@@ -20,7 +20,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: The get-github-handles-from-website action
-        uses: marcelklehr/get-github-handles-from-website-action@06b2239db0a48fe1484ba0bfd966a3ab81a08308 # v1.0.1
+        uses: marcelklehr/get-github-handles-from-website-action@a739600f6b91da4957f51db0792697afbb2f143c # v1.0.0
        id: scrape
        with:
          website: 'https://nextcloud.com/team/'
@@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

    - name: REUSE Compliance Check
-      uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
+      uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083 # v4.0.0
@@ -27,6 +27,7 @@ jobs:
          for your contributions.
        stale-issue-label: 'stale'
        only-labels: 'needs info'
+        labels-to-remove-when-unstale: 'needs info,stale'
        exempt-issue-labels: '1. to develop,2. developing,3. to review,4. to release,security'
        days-before-stale: 30
        days-before-close: 14
@@ -4,14 +4,6 @@ name: Psalm static code analysis

 on:
  pull_request:
-  push:
-    branches:
-      - main
-      - master
-      - stable*
-    paths:
-      - '.github/workflows/static-code-analysis.yml'
-      - '**.php'

 concurrency:
  group: static-code-analysis-${{ github.head_ref || github.run_id }}
@@ -21,19 +13,19 @@ jobs:
  static-code-analysis:
    runs-on: ubuntu-latest

-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
+    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -42,39 +34,39 @@ jobs:
        run: composer i

      - name: Psalm
-        run: composer run psalm -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif

      - name: Show potential changes in Psalm baseline
        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
+        run: git diff -- . ':!lib/composer'
+
+      - name: Upload Analysis results to GitHub
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif

  static-code-analysis-security:
    runs-on: ubuntu-latest

-    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
-
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none

      - name: Composer install
        run: composer i

      - name: Psalm taint analysis
-        run: composer run psalm:security -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
-
-      - name: Show potential changes in Psalm baseline
-        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis

      - name: Upload Security Analysis results to GitHub
        if: always()
@@ -85,19 +77,17 @@ jobs:
  static-code-analysis-ocp:
    runs-on: ubuntu-latest

-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
-
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -106,34 +96,8 @@ jobs:
        run: composer i

      - name: Psalm
-        run: composer run psalm:ocp -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline

      - name: Show potential changes in Psalm baseline
        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
-
-  static-code-analysis-ncu:
-    runs-on: ubuntu-latest
-
-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          submodules: true
-
-      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
-        with:
-          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
-          coverage: none
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Composer install
-        run: composer i
-
-      - name: Psalm
-        run: composer run psalm:ncu -- --threads=1 --monochrome --no-progress --output-format=github
+        run: git diff -- . ':!lib/composer'
@@ -14,12 +14,12 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        branches: ['master', 'stable31', 'stable30', 'stable29',  'stable28',  'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']
+        branches: ['master', 'stable29',  'stable28',  'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']

    name: update-ca-certificate-bundle-${{ matrix.branches }}

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          ref: ${{ matrix.branches }}
          submodules: true
@@ -28,7 +28,7 @@ jobs:
        run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(security): Update CA certificate bundle'
@@ -14,12 +14,12 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        branches: ['master', 'stable30', 'stable29',  'stable28',  'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']
+        branches: ['master', 'stable29',  'stable28',  'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']

    name: update-code-signing-crl-${{ matrix.branches }}

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          ref: ${{ matrix.branches }}
          submodules: true
@@ -31,7 +31,7 @@ jobs:
        run: openssl crl -verify -in resources/codesigning/root.crl -CAfile resources/codesigning/root.crt -noout

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(security): Update code signing revocation list'
@@ -0,0 +1,52 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+name: Auto approve psalm baseline update
+
+on:
+  pull_request_target:
+    branches:
+      - main
+      - master
+      - stable*
+
+permissions:
+  contents: read
+
+concurrency:
+  group: update-psalm-baseline-approve-merge-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  auto-approve-merge:
+    if: github.actor == 'nextcloud-command'
+    runs-on: ubuntu-latest-low
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write
+      # for alexwilson/enable-github-automerge-action to approve PRs
+      contents: write
+
+    steps:
+      - name: Disabled on forks
+        if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+        run: |
+          echo 'Can not approve PRs from forks'
+          exit 1
+
+      - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0
+        id: branchname
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # GitHub actions bot approve
+      - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
+        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # Enable GitHub auto merge
+      - name: Auto merge
+        uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # main
+        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -0,0 +1,69 @@
+# SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+name: Update Psalm baseline
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "5 2 * * *"
+
+jobs:
+  update-psalm-baseline:
+    runs-on: ubuntu-latest
+
+    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        branches: ['master', 'stable29', 'stable28', 'stable27']
+
+    name: update-psalm-baseline-${{ matrix.branches }}
+
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        with:
+          ref: ${{ matrix.branches }}
+          submodules: true
+
+      - name: Set up php
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
+        with:
+          php-version: '8.1'
+          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          coverage: none
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Composer install
+        run: composer install
+
+      - name: Psalm
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=text --update-baseline
+        continue-on-error: true
+
+      - name: Psalm OCP
+        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+        continue-on-error: true
+
+      - name: Reset composer
+        run: |
+          git clean -f lib/composer
+          git checkout composer.json composer.lock lib/composer
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
+        with:
+          token: ${{ secrets.COMMAND_BOT_PAT }}
+          commit-message: 'chore(tests): Update psalm baseline'
+          committer: GitHub <noreply@github.com>
+          author: nextcloud-command <nextcloud-command@users.noreply.github.com>
+          signoff: true
+          branch: 'automated/noid/${{ matrix.branches }}-update-psalm-baseline'
+          title: '[${{ matrix.branches }}] Update psalm-baseline.xml'
+          body: |
+            Auto-generated update psalm-baseline.xml with fixed psalm warnings
+          labels: |
+            automated pr
+            3. to review
+          team-reviewers: server-backend
@@ -35,7 +35,6 @@
 !/apps/lookup_server_connector
 !/apps/user_ldap
 !/apps/oauth2
-!/apps/profile
 !/apps/provisioning_api
 !/apps/settings
 !/apps/systemtags
@@ -152,7 +151,6 @@ Vagrantfile

 # Tests - auto-generated files
 /data-autotest
-/results.sarif
 /tests/.phpunit.result.cache
 /tests/coverage*
 /tests/css
@@ -15,18 +15,11 @@

  <IfModule mod_env.c>
    # Add security and privacy related headers
+
    # Avoid doubled headers by unsetting headers in "onsuccess" table,
    # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
-
-    <If "%{REQUEST_URI} =~ m#/login$#">
-      # Only on the login page we need any Origin or Referer header set.
-      Header onsuccess unset Referrer-Policy
-      Header always set Referrer-Policy "same-origin"
-    </If>
-    <Else>
-      Header onsuccess unset Referrer-Policy
-      Header always set Referrer-Policy "no-referrer"
-    </Else>
+    Header onsuccess unset Referrer-Policy
+    Header always set Referrer-Policy "no-referrer"

    Header onsuccess unset X-Content-Type-Options
    Header always set X-Content-Type-Options "nosniff"
@@ -56,8 +49,8 @@
    </Else>
  </FilesMatch>

-  # Let browsers cache OTF and WOFF files for a week
-  <FilesMatch "\.(otf|woff2?)$">
+  # Let browsers cache WOFF files for a week
+  <FilesMatch "\.woff2?$">
    Header set Cache-Control "max-age=604800"
  </FilesMatch>
 </IfModule>
@@ -110,10 +103,10 @@
 #  - https://docs.cyberduck.io/mountainduck/issues/fastcgi/
 #  - https://docs.nextcloud.com/server/latest/admin_manual/issues/general_troubleshooting.html#troubleshooting-webdav
 <IfModule mod_setenvif.c>
-  SetEnvIfNoCase Transfer-Encoding "chunked" proxy-sendcl=1
+  SetEnvIf Transfer-Encoding "chunked" proxy-sendcl=1
 </IfModule>

-# Apache disabled the sending of the server-side content-length header
+# Apache disabled the sending of the server-side content-length header 
 # in their 2.4.59 patch updated which breaks some use-cases in Nextcloud.
 # Setting ap_trust_cgilike_cl allows to bring back the usual behaviour.
 # See https://bz.apache.org/bugzilla/show_bug.cgi?id=68973
@@ -14,23 +14,29 @@ $config = new Config();
 $config
 	->setParallelConfig(ParallelConfigFactory::detect())
 	->getFinder()
+	->ignoreVCSIgnored(true)
 	->exclude('config')
-	->exclude('3rdparty')
-	->exclude('build/stubs')
-	->exclude('composer')
+	->exclude('data')
+	->notPath('3rdparty')
+	->notPath('build/integration/vendor')
+	->notPath('build/lib')
+	->notPath('build/node_modules')
+	->notPath('build/stubs')
+	->notPath('composer')
+	->notPath('node_modules')
+	->notPath('vendor')
+	->in('apps')
 	->in(__DIR__);

-$ignoredEntries = shell_exec('git status --porcelain --ignored ' . escapeshellarg(__DIR__));
-$ignoredEntries = explode("\n", $ignoredEntries);
-$ignoredEntries = array_filter($ignoredEntries, static fn (string $line) => str_starts_with($line, '!! '));
-$ignoredEntries = array_map(static fn (string $line) => substr($line, 3), $ignoredEntries);
-$ignoredEntries = array_values($ignoredEntries);
+// Ignore additional app directories
+$rootDir = new \DirectoryIterator(__DIR__);
+foreach ($rootDir as $node) {
+	if (str_starts_with($node->getFilename(), 'apps')) {
+		$return = shell_exec('git check-ignore ' . escapeshellarg($node->getFilename() . '/'));

-foreach ($ignoredEntries as $ignoredEntry) {
-	if (str_ends_with($ignoredEntry, '/')) {
-		$config->getFinder()->exclude($ignoredEntry);
-	} else {
-		$config->getFinder()->notPath($ignoredEntry);
+		if ($return !== null) {
+			$config->getFinder()->exclude($node->getFilename());
+		}
 	}
 }

@@ -116,12 +116,6 @@ source_file = translationfiles/templates/oauth2.pot
 source_lang = en
 type        = PO

-[o:nextcloud:p:nextcloud:r:profile]
-file_filter = translationfiles/<lang>/profile.po
-source_file = translationfiles/templates/profile.pot
-source_lang = en
-type        = PO
-
 [o:nextcloud:p:nextcloud:r:provisioning_api]
 file_filter = translationfiles/<lang>/provisioning_api.po
 source_file = translationfiles/templates/provisioning_api.pot
@@ -314,7 +314,6 @@
 - Max <max@nextcloud.com>
 - Max Kovalenko <mxss1998@yandex.ru>
 - Max Kunzelmann <maxdev@posteo.de>
- - Max Schmit <maxschm@hotmail.com>
 - Maxence Lange <maxence@artificial-owl.com>
 - Maxence Lange <maxence@nextcloud.com>
 - Maxence Lange <maxence@pontapreta.net>
@@ -6,4 +6,4 @@ and our products: “Nextcloud Files”; “Nextcloud Groupware” and “Nextcl
 This set of marks is collectively referred to as the “Nextcloud marks.”

 Use of Nextcloud logos and other marks is only permitted under the guidelines provided by the Nextcloud GmbH.
-A copy can be found at https://nextcloud.com/trademarks/
+A copy can be found at https://discord.com/branding
@@ -0,0 +1,39 @@
+License Agreement for Freepik Content
+
+The Company authorizes the User to download and use the Freepik Content under the terms of this Section (see Section 7 in relation to Sponsored Content). The Company and its licensors reserve all rights over the Freepik Content not expressly granted in this license to the User.
+
+Subject to the fulfillment of these Terms, the Company authorizes the User in a non-transferable, revocable, limited, non-exclusive manner and on a worldwide basis for the duration of the relevant rights; to download, use and modify the Freepik Content, in a device the User owns or controls and only for the purposes and uses allowed in these Terms.
+
+The User may use the Freepik Content (including any derivative work), either using the Freepik Contents in its entirety or using only some or some of its elements, either using the Freepik Contents without modification, combining them with other contents or having previously modified them, being the license granted with respect to the Freepik content, provided that it:
+
+* Does not involve collective use;
+* The Freepik Content is not used in a manner that suggests an association or endorsement of any kind by the Company or the Website;
+* The Freepik Content or any derivative work is not used or included (in whole or in part) in a database, archive or in any other media/stock product, collection, set of clips, or library, for distribution or resale or used in any other way that could prevent or limit future visits or downloads from the Website;
+* Does not resell, assign, transfer or sublicense the Freepik Content or any derived work from the Freepik Content;
+* Does not use the Freepik Content in printed or electronic items (e.g. t-shirts, cups, postcards, birthday or greeting cards, invitations, calendars, web models or electronic devices, apps, NFTs, videogames, advertising spots, audiovisual animations) aimed to be resold, in which the content in the Freepik Content is the main element (because of size, relevance or any other cause, in case of doubt about whether the content is main element, it shall be deemed that the content is main element);
+* Does not use the Freepik Content (totally or partially) in any trademark, or part of the same, which may be used by any other means to guarantee or to imply a guaranty of any product and/or service, unless the Freepik Content used in such cases is modified in such a way as to be a new and different content not confusingly similar with the original Freepik Content or implies a use of the Freepik Content as a template or test, and not as a final item or material;
+* Does not use the Freepik Content (including any caption information, title, keywords or other metadata associated with the Freepik Content) for any machine learning and/or artificial intelligence purposes, or for any technologies designed or intended for the identification of natural persons.
+* Does not make any use of the Freepik Content which might be considered defamatory, libellous, obscene, immoral or illegal, including, without limitation, using it in a way that places any person appearing in the Freepik Content in a negative light or depicts them in a way that they may find offensive such as the use in pornography, advertisements for escort or similar services, political endorsements, birth control products, and;
+* Does not make any use of the Freepik Content to slander, libel or to vilify a person, race, sex, culture, sexual orientation, religion, country, region, town, village or any other place, or any other human group.
+
+When any Freepik Content is marked or identified as for editorial use, or when within the same there are logos, recognizable products, public buildings, public events or images taken in places where recognizable persons appear in the background, the User shall only be entitled to use it for such editorial use. In such cases, the User undertakes not to use that content in any manner that entails any connection with any business activity, the use in economic traffic or advertising, marketing or commercialization of any product or service. The User shall be directly liable and the Company shall not assume any liability as a result of the use for commercial purposes by the User of any content belonging to the Freepik Content, which according to this paragraph should be for editorial use only.
+
+The authorization to use the Freepik Content shall be free provided that any use of the content in the Freepik Content by the User is credited to the Company/Website as stated by the Company from time to time. In order to benefit from the Service or to use the Freepik Content without acknowledging the Company/Website, the User must purchase a premium subscription (hereinafter, the "Premium Subscription") in the Website and download the Freepik Content during the term of any such Premium Subscription. Conditions in Section 10 shall apply to the purchase of the Premium Subscription.
+
+As a general rule, it is forbidden for a User to authorize any third parties to use the Freepik Content (or any modification of any content in the Freepik Content). As an exception to the prohibition, the User may allow third parties to use the Freepik Content, when each and every of the following conditions are met:
+
+* The third party has professionally instructed the User to produce goods or provide services to it/him/her and the User uses a limited number of items within the Freepik Content to produce such goods or provide such services to the instructing third party;
+* The authorization granted by the User to the third party is in writing and complies with every restriction of the User’s authorization to use the relevant Freepik Content and includes, without limitation, a restriction for the third party to distribute, resell or license the relevant content in the Freepik Content (i.e. the third party is the final user of the relevant content in the Freepik Content);
+* None of the contents in the Freepik Content which are subject to the authorization are used as the main element (because of size, relevance or any other cause; in case of doubt about whether the content is the main element, it shall be deemed as the main element) in printed or electronic items (e.g. t-shirts, cups, postcards, birthday or greeting cards, invitations, calendars, web models or electronic devices, apps, NFTs, videogames, advertising spots, audiovisual animations) aimed to be resold by the third party;
+* The production of goods or provision of services by the User to the third party is not done by automatic means, it is tailor-made for the third party (and therefore its use is not authorized by the User to any other third party) and requires a specific substantial human intervention from the User in relation to each third party; and
+* The User -and not the third party- chooses the specific items within the content of the Freepik Content to be used in the production of goods or provision of services for the third party.
+
+When all of the above conditions are met, the User shall be entitled to authorize a third party to use the relevant content in the Freepik Content. This exception refers only to the prohibition for the User to authorize third parties to use the content in the Freepik Content without affecting or limiting in any way the remaining conditions of the User’s right to use the Freepik Content. Whether the above conditions regarding the exception to the prohibition for Users to authorize third parties to use the content in the Freepik Content are met shall be interpreted restrictively so that, in case of doubt, it shall be deemed that the conditions are not met.
+
+The User does not acquire any right as a result of the use of the content in the Freepik Content. In particular, the User is not authorized to distribute, resell or rent any content in the Freepik Content (or any modification of any content in the Freepik Content).
+
+The Company may, at any time, offer any content on the Website under a different license from the one included in this Section (the "Specific License"). The Company will inform on the Website which content is licensed under an Specific License. The Specific License will be made available to the User and will include, without limitation, a description of the license itself, as well as the permitted and prohibited uses in relation to the content. In the event that a particular content is offered under a Specific License, the Specific License shall apply over the general license described in this Section. Notwithstanding the foregoing, all other obligations contained in these Terms shall continue to be binding on the User, unless they conflict with the Specific License, in which case the Specific License shall prevail.
+
+The User’s rights under this Section will end automatically without any notice if the User breaches any of the Terms. In case of termination of the rights hereunder, the User shall cease using content in the Freepik Content and will destroy every copy, whether total or partial, thereof.
+
+A copy can be found at <https://www.freepikcompany.com/legal/#nav-freepik-agreement>
@@ -5,8 +5,8 @@
 -->
 # Nextcloud Server ☁
 [![REUSE status](https://api.reuse.software/badge/github.com/nextcloud/server)](https://api.reuse.software/info/github.com/nextcloud/server)
-[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/nextcloud/server/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/nextcloud/server/?branch=master)
-[![codecov](https://codecov.io/gh/nextcloud/server/branch/master/graph/badge.svg)](https://codecov.io/gh/nextcloud/server)
+[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/nextcloud/server/badges/quality-score.png?b=stable30)](https://scrutinizer-ci.com/g/nextcloud/server/?branch=stable30)
+[![codecov](https://codecov.io/gh/nextcloud/server/branch/stable30/graph/badge.svg)](https://codecov.io/gh/nextcloud/server)
 [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/209/badge)](https://bestpractices.coreinfrastructure.org/projects/209)
 [![Design](https://contribute.design/api/shield/nextcloud/server)](https://contribute.design/nextcloud/server)

@@ -74,10 +74,6 @@ Otherwise, git checkouts can be handled the same as release archives, by using t

 - Comment on a pull request with `/update-3rdparty` to update the 3rd party submodule. It will update to the last commit of the 3rd party branch named like the PR target.

-#### Ignore code style updates in git blame
-
-`git config blame.ignoreRevsFile .git-blame-ignore-revs`
-
 ## Contribution guidelines 📜

 All contributions to this repository from June 16, 2016, and onward are considered to be
@@ -3,11 +3,11 @@
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

-import { vi } from 'vitest'
+import { jest } from '@jest/globals'

-export const showMessage = vi.fn()
-export const showSuccess = vi.fn()
-export const showWarning = vi.fn()
-export const showInfo = vi.fn()
-export const showError = vi.fn()
-export const showUndo = vi.fn()
+export const showMessage = jest.fn()
+export const showSuccess = jest.fn()
+export const showWarning = jest.fn()
+export const showInfo = jest.fn()
+export const showError = jest.fn()
+export const showUndo = jest.fn()
@@ -0,0 +1,12 @@
+/**
+ * SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import '@testing-library/jest-dom'
+
+// Mock `window.location` with Jest spies and extend expect
+import 'jest-location-mock'
+
+// Mock `window.fetch` with Jest
+import 'jest-fetch-mock'
@@ -2,8 +2,7 @@
 * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
+
 window.OC = { ...window.OC }
 window.OCA = { ...window.OCA }
 window.OCP = { ...window.OCP }
-
-window._oc_webroot = ''
@@ -1,6 +0,0 @@
-/**
- * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: CC0-1.0
- */
-import '@testing-library/jest-dom/vitest'
-import 'core-js/stable/index.js'
@@ -0,0 +1,6 @@
+{
+	"extends": "../tsconfig.json",
+	"compilerOptions": {
+		"verbatimModuleSyntax": false
+	}
+}
@@ -10,7 +10,7 @@
 	<name>Auditing / Logging</name>
 	<summary>Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions.</summary>
 	<description>Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions.</description>
-	<version>1.22.0</version>
+	<version>1.20.0</version>
 	<licence>agpl</licence>
 	<author>Nextcloud</author>
 	<namespace>AdminAudit</namespace>
@@ -20,7 +20,7 @@
 	<category>monitoring</category>
 	<bugs>https://github.com/nextcloud/server/issues</bugs>
 	<dependencies>
-		<nextcloud min-version="32" max-version="32"/>
+		<nextcloud min-version="30" max-version="30"/>
 	</dependencies>
 	<background-jobs>
 		<job>OCA\AdminAudit\BackgroundJobs\Rotate</job>
@@ -8,22 +8,20 @@ $baseDir = $vendorDir;
 return array(
    'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php',
    'OCA\\AdminAudit\\Actions\\Action' => $baseDir . '/../lib/Actions/Action.php',
+    'OCA\\AdminAudit\\Actions\\AppManagement' => $baseDir . '/../lib/Actions/AppManagement.php',
+    'OCA\\AdminAudit\\Actions\\Auth' => $baseDir . '/../lib/Actions/Auth.php',
+    'OCA\\AdminAudit\\Actions\\Console' => $baseDir . '/../lib/Actions/Console.php',
    'OCA\\AdminAudit\\Actions\\Files' => $baseDir . '/../lib/Actions/Files.php',
+    'OCA\\AdminAudit\\Actions\\GroupManagement' => $baseDir . '/../lib/Actions/GroupManagement.php',
+    'OCA\\AdminAudit\\Actions\\Security' => $baseDir . '/../lib/Actions/Security.php',
    'OCA\\AdminAudit\\Actions\\Sharing' => $baseDir . '/../lib/Actions/Sharing.php',
    'OCA\\AdminAudit\\Actions\\TagManagement' => $baseDir . '/../lib/Actions/TagManagement.php',
    'OCA\\AdminAudit\\Actions\\Trashbin' => $baseDir . '/../lib/Actions/Trashbin.php',
+    'OCA\\AdminAudit\\Actions\\UserManagement' => $baseDir . '/../lib/Actions/UserManagement.php',
    'OCA\\AdminAudit\\Actions\\Versions' => $baseDir . '/../lib/Actions/Versions.php',
    'OCA\\AdminAudit\\AppInfo\\Application' => $baseDir . '/../lib/AppInfo/Application.php',
    'OCA\\AdminAudit\\AuditLogger' => $baseDir . '/../lib/AuditLogger.php',
    'OCA\\AdminAudit\\BackgroundJobs\\Rotate' => $baseDir . '/../lib/BackgroundJobs/Rotate.php',
    'OCA\\AdminAudit\\IAuditLogger' => $baseDir . '/../lib/IAuditLogger.php',
-    'OCA\\AdminAudit\\Listener\\AppManagementEventListener' => $baseDir . '/../lib/Listener/AppManagementEventListener.php',
-    'OCA\\AdminAudit\\Listener\\AuthEventListener' => $baseDir . '/../lib/Listener/AuthEventListener.php',
-    'OCA\\AdminAudit\\Listener\\ConsoleEventListener' => $baseDir . '/../lib/Listener/ConsoleEventListener.php',
    'OCA\\AdminAudit\\Listener\\CriticalActionPerformedEventListener' => $baseDir . '/../lib/Listener/CriticalActionPerformedEventListener.php',
-    'OCA\\AdminAudit\\Listener\\FileEventListener' => $baseDir . '/../lib/Listener/FileEventListener.php',
-    'OCA\\AdminAudit\\Listener\\GroupManagementEventListener' => $baseDir . '/../lib/Listener/GroupManagementEventListener.php',
-    'OCA\\AdminAudit\\Listener\\SecurityEventListener' => $baseDir . '/../lib/Listener/SecurityEventListener.php',
-    'OCA\\AdminAudit\\Listener\\SharingEventListener' => $baseDir . '/../lib/Listener/SharingEventListener.php',
-    'OCA\\AdminAudit\\Listener\\UserManagementEventListener' => $baseDir . '/../lib/Listener/UserManagementEventListener.php',
 );
@@ -23,24 +23,22 @@ class ComposerStaticInitAdminAudit
    public static $classMap = array (
        'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php',
        'OCA\\AdminAudit\\Actions\\Action' => __DIR__ . '/..' . '/../lib/Actions/Action.php',
+        'OCA\\AdminAudit\\Actions\\AppManagement' => __DIR__ . '/..' . '/../lib/Actions/AppManagement.php',
+        'OCA\\AdminAudit\\Actions\\Auth' => __DIR__ . '/..' . '/../lib/Actions/Auth.php',
+        'OCA\\AdminAudit\\Actions\\Console' => __DIR__ . '/..' . '/../lib/Actions/Console.php',
        'OCA\\AdminAudit\\Actions\\Files' => __DIR__ . '/..' . '/../lib/Actions/Files.php',
+        'OCA\\AdminAudit\\Actions\\GroupManagement' => __DIR__ . '/..' . '/../lib/Actions/GroupManagement.php',
+        'OCA\\AdminAudit\\Actions\\Security' => __DIR__ . '/..' . '/../lib/Actions/Security.php',
        'OCA\\AdminAudit\\Actions\\Sharing' => __DIR__ . '/..' . '/../lib/Actions/Sharing.php',
        'OCA\\AdminAudit\\Actions\\TagManagement' => __DIR__ . '/..' . '/../lib/Actions/TagManagement.php',
        'OCA\\AdminAudit\\Actions\\Trashbin' => __DIR__ . '/..' . '/../lib/Actions/Trashbin.php',
+        'OCA\\AdminAudit\\Actions\\UserManagement' => __DIR__ . '/..' . '/../lib/Actions/UserManagement.php',
        'OCA\\AdminAudit\\Actions\\Versions' => __DIR__ . '/..' . '/../lib/Actions/Versions.php',
        'OCA\\AdminAudit\\AppInfo\\Application' => __DIR__ . '/..' . '/../lib/AppInfo/Application.php',
        'OCA\\AdminAudit\\AuditLogger' => __DIR__ . '/..' . '/../lib/AuditLogger.php',
        'OCA\\AdminAudit\\BackgroundJobs\\Rotate' => __DIR__ . '/..' . '/../lib/BackgroundJobs/Rotate.php',
        'OCA\\AdminAudit\\IAuditLogger' => __DIR__ . '/..' . '/../lib/IAuditLogger.php',
-        'OCA\\AdminAudit\\Listener\\AppManagementEventListener' => __DIR__ . '/..' . '/../lib/Listener/AppManagementEventListener.php',
-        'OCA\\AdminAudit\\Listener\\AuthEventListener' => __DIR__ . '/..' . '/../lib/Listener/AuthEventListener.php',
-        'OCA\\AdminAudit\\Listener\\ConsoleEventListener' => __DIR__ . '/..' . '/../lib/Listener/ConsoleEventListener.php',
        'OCA\\AdminAudit\\Listener\\CriticalActionPerformedEventListener' => __DIR__ . '/..' . '/../lib/Listener/CriticalActionPerformedEventListener.php',
-        'OCA\\AdminAudit\\Listener\\FileEventListener' => __DIR__ . '/..' . '/../lib/Listener/FileEventListener.php',
-        'OCA\\AdminAudit\\Listener\\GroupManagementEventListener' => __DIR__ . '/..' . '/../lib/Listener/GroupManagementEventListener.php',
-        'OCA\\AdminAudit\\Listener\\SecurityEventListener' => __DIR__ . '/..' . '/../lib/Listener/SecurityEventListener.php',
-        'OCA\\AdminAudit\\Listener\\SharingEventListener' => __DIR__ . '/..' . '/../lib/Listener/SharingEventListener.php',
-        'OCA\\AdminAudit\\Listener\\UserManagementEventListener' => __DIR__ . '/..' . '/../lib/Listener/UserManagementEventListener.php',
    );

    public static function getInitializer(ClassLoader $loader)
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Auditēšana / Žurnalizēšana",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nodrošina Nextcloud žurnalizēšanas iespējas, piemēram, faila piekļuves žurnalizēšanu vai citas sensitīvas darbības."
-},
-"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Auditēšana / Žurnalizēšana",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nodrošina Nextcloud žurnalizēšanas iespējas, piemēram, faila piekļuves žurnalizēšanu vai citas sensitīvas darbības."
-},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);"
-}
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Pengauditan / Pengelogan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kebolehan pengelogan untuk Nextcloud seperti akses fail log atau tindakan sensitif."
-},
-"nplurals=1; plural=0;");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Pengauditan / Pengelogan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kebolehan pengelogan untuk Nextcloud seperti akses fail log atau tindakan sensitif."
-},"pluralForm" :"nplurals=1; plural=0;"
-}
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "ئىقتىسادىي تەپتىش / خاتىرىلەش",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nextcloud غا تىزىمغا كىرىش ئىقتىدارى بىلەن تەمىنلەيدۇ ، مەسىلەن ھۆججەتلەرنى زىيارەت قىلىش ياكى باشقا سەزگۈر ھەرىكەتلەر."
-},
-"nplurals=2; plural=(n != 1);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "ئىقتىسادىي تەپتىش / خاتىرىلەش",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nextcloud غا تىزىمغا كىرىش ئىقتىدارى بىلەن تەمىنلەيدۇ ، مەسىلەن ھۆججەتلەرنى زىيارەت قىلىش ياكى باشقا سەزگۈر ھەرىكەتلەر."
-},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Kiểm tra / Nhật ký",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác."
+    "Auditing / Logging" : "‎Kiểm tra / Nhật ký‎",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "‎Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác.‎"
 },
 "nplurals=1; plural=0;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "Kiểm tra / Nhật ký",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác."
+    "Auditing / Logging" : "‎Kiểm tra / Nhật ký‎",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "‎Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác.‎"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "稽核/記錄",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如紀錄檔存取，或其他敏感操作。"
+    "Auditing / Logging" : "稽核／記錄",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如記錄檔存取或其他敏感操作。"
 },
 "nplurals=1; plural=0;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "稽核/記錄",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如紀錄檔存取，或其他敏感操作。"
+    "Auditing / Logging" : "稽核／記錄",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如記錄檔存取或其他敏感操作。"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -32,13 +32,13 @@ class Action {
 			if (!isset($params[$element])) {
 				if ($obfuscateParameters) {
 					$this->logger->critical(
-						'$params["' . $element . '"] was missing.',
+						'$params["'.$element.'"] was missing.',
 						['app' => 'admin_audit']
 					);
 				} else {
 					$this->logger->critical(
 						sprintf(
-							'$params["' . $element . '"] was missing. Transferred value: %s',
+							'$params["'.$element.'"] was missing. Transferred value: %s',
 							print_r($params, true)
 						),
 						['app' => 'admin_audit']
@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+namespace OCA\AdminAudit\Actions;
+
+class AppManagement extends Action {
+
+	/**
+	 * @param string $appName
+	 */
+	public function enableApp(string $appName): void {
+		$this->log('App "%s" enabled',
+			['app' => $appName],
+			['app']
+		);
+	}
+
+	/**
+	 * @param string $appName
+	 * @param string[] $groups
+	 */
+	public function enableAppForGroups(string $appName, array $groups): void {
+		$this->log('App "%1$s" enabled for groups: %2$s',
+			['app' => $appName, 'groups' => implode(', ', $groups)],
+			['app', 'groups']
+		);
+	}
+
+	/**
+	 * @param string $appName
+	 */
+	public function disableApp(string $appName): void {
+		$this->log('App "%s" disabled',
+			['app' => $appName],
+			['app']
+		);
+	}
+}
@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+namespace OCA\AdminAudit\Actions;
+
+/**
+ * Class Auth logs all auth related actions
+ *
+ * @package OCA\AdminAudit\Actions
+ */
+class Auth extends Action {
+	public function loginAttempt(array $params): void {
+		$this->log(
+			'Login attempt: "%s"',
+			$params,
+			[
+				'uid',
+			],
+			true
+		);
+	}
+
+	public function loginSuccessful(array $params): void {
+		$this->log(
+			'Login successful: "%s"',
+			$params,
+			[
+				'uid',
+			],
+			true
+		);
+	}
+
+	public function logout(array $params): void {
+		$this->log(
+			'Logout occurred',
+			[],
+			[]
+		);
+	}
+}
@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+namespace OCA\AdminAudit\Actions;
+
+class Console extends Action {
+	/**
+	 * @param array $arguments
+	 */
+	public function runCommand(array $arguments): void {
+		if (!isset($arguments[1]) || $arguments[1] === '_completion') {
+			// Don't log autocompletion
+			return;
+		}
+
+		// Remove `./occ`
+		array_shift($arguments);
+
+		$this->log('Console command executed: %s',
+			['arguments' => implode(' ', $arguments)],
+			['arguments']
+		);
+	}
+}
@@ -8,16 +8,17 @@ declare(strict_types=1);
 namespace OCA\AdminAudit\Actions;

 use OC\Files\Node\NonExistingFile;
-use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
 use OCP\Files\Events\Node\BeforeNodeReadEvent;
 use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
+use OCP\Files\Events\Node\BeforeNodeWrittenEvent;
 use OCP\Files\Events\Node\NodeCopiedEvent;
 use OCP\Files\Events\Node\NodeCreatedEvent;
+use OCP\Files\Events\Node\NodeDeletedEvent;
 use OCP\Files\Events\Node\NodeRenamedEvent;
 use OCP\Files\Events\Node\NodeWrittenEvent;
 use OCP\Files\InvalidPathException;
 use OCP\Files\NotFoundException;
-use OCP\Server;
+use OCP\Preview\BeforePreviewFetchedEvent;
 use Psr\Log\LoggerInterface;

 /**
@@ -28,9 +29,10 @@ use Psr\Log\LoggerInterface;
 class Files extends Action {

 	private array $renamedNodes = [];
-
 	/**
 	 * Logs file read actions
+	 *
+	 * @param BeforeNodeReadEvent $event
 	 */
 	public function read(BeforeNodeReadEvent $event): void {
 		try {
@@ -40,8 +42,8 @@ class Files extends Action {
 				'path' => mb_substr($node->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file read: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file read: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -54,14 +56,16 @@ class Files extends Action {

 	/**
 	 * Logs rename actions of files
+	 *
+	 * @param BeforeNodeRenamedEvent $event
 	 */
 	public function beforeRename(BeforeNodeRenamedEvent $event): void {
 		try {
 			$source = $event->getSource();
 			$this->renamedNodes[$source->getId()] = $source;
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file rename: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file rename: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -69,6 +73,8 @@ class Files extends Action {

 	/**
 	 * Logs rename actions of files
+	 *
+	 * @param NodeRenamedEvent $event
 	 */
 	public function afterRename(NodeRenamedEvent $event): void {
 		try {
@@ -80,8 +86,8 @@ class Files extends Action {
 				'newpath' => mb_substr($target->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file rename: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file rename: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -96,6 +102,8 @@ class Files extends Action {

 	/**
 	 * Logs creation of files
+	 *
+	 * @param NodeCreatedEvent $event
 	 */
 	public function create(NodeCreatedEvent $event): void {
 		try {
@@ -104,8 +112,8 @@ class Files extends Action {
 				'path' => mb_substr($event->getNode()->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file create: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file create: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -121,6 +129,8 @@ class Files extends Action {

 	/**
 	 * Logs copying of files
+	 *
+	 * @param NodeCopiedEvent $event
 	 */
 	public function copy(NodeCopiedEvent $event): void {
 		try {
@@ -131,8 +141,8 @@ class Files extends Action {
 				'newpath' => mb_substr($event->getTarget()->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file copy: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file copy: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -145,17 +155,19 @@ class Files extends Action {

 	/**
 	 * Logs writing of files
+	 *
+	 * @param BeforeNodeWrittenEvent $event
 	 */
-	public function write(NodeWrittenEvent $event): void {
+	public function write(BeforeNodeWrittenEvent $event): void {
 		$node = $event->getNode();
 		try {
 			$params = [
-				'id' => $node->getId(),
+				'id' => $node instanceof NonExistingFile ? null : $node->getId(),
 				'path' => mb_substr($node->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file write: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file write: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -171,17 +183,43 @@ class Files extends Action {
 	}

 	/**
-	 * Logs deletions of files
+	 * Logs update of files
+	 *
+	 * @param NodeWrittenEvent $event
 	 */
-	public function delete(BeforeNodeDeletedEvent $event): void {
+	public function update(NodeWrittenEvent $event): void {
 		try {
 			$params = [
 				'id' => $event->getNode()->getId(),
 				'path' => mb_substr($event->getNode()->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file delete: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file update: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			);
+			return;
+		}
+		$this->log(
+			'File with id "%s" updated: "%s"',
+			$params,
+			array_keys($params)
+		);
+	}
+
+	/**
+	 * Logs deletions of files
+	 *
+	 * @param NodeDeletedEvent $event
+	 */
+	public function delete(NodeDeletedEvent $event): void {
+		try {
+			$params = [
+				'id' => $event->getNode()->getId(),
+				'path' => mb_substr($event->getNode()->getInternalPath(), 5),
+			];
+		} catch (InvalidPathException|NotFoundException $e) {
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file delete: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -191,4 +229,33 @@ class Files extends Action {
 			array_keys($params)
 		);
 	}
+
+	/**
+	 * Logs preview access to a file
+	 *
+	 * @param BeforePreviewFetchedEvent $event
+	 */
+	public function preview(BeforePreviewFetchedEvent $event): void {
+		try {
+			$file = $event->getNode();
+			$params = [
+				'id' => $file->getId(),
+				'width' => $event->getWidth(),
+				'height' => $event->getHeight(),
+				'crop' => $event->isCrop(),
+				'mode' => $event->getMode(),
+				'path' => mb_substr($file->getInternalPath(), 5)
+			];
+		} catch (InvalidPathException|NotFoundException $e) {
+			\OCP\Server::get(LoggerInterface::class)->error(
+				"Exception thrown in file preview: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			);
+			return;
+		}
+		$this->log(
+			'Preview accessed: (id: "%s", width: "%s", height: "%s" crop: "%s", mode: "%s", path: "%s")',
+			$params,
+			array_keys($params)
+		);
+	}
 }
@@ -0,0 +1,87 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+namespace OCA\AdminAudit\Actions;
+
+use OCP\IGroup;
+use OCP\IUser;
+
+/**
+ * Class GroupManagement logs all group manager related events
+ *
+ * @package OCA\AdminAudit\Actions
+ */
+class GroupManagement extends Action {
+
+	/**
+	 * log add user to group event
+	 *
+	 * @param IGroup $group
+	 * @param IUser $user
+	 */
+	public function addUser(IGroup $group, IUser $user): void {
+		$this->log('User "%s" added to group "%s"',
+			[
+				'group' => $group->getGID(),
+				'user' => $user->getUID()
+			],
+			[
+				'user', 'group'
+			]
+		);
+	}
+
+	/**
+	 * log remove user from group event
+	 *
+	 * @param IGroup $group
+	 * @param IUser $user
+	 */
+	public function removeUser(IGroup $group, IUser $user): void {
+		$this->log('User "%s" removed from group "%s"',
+			[
+				'group' => $group->getGID(),
+				'user' => $user->getUID()
+			],
+			[
+				'user', 'group'
+			]
+		);
+	}
+
+	/**
+	 * log create group to group event
+	 *
+	 * @param IGroup $group
+	 */
+	public function createGroup(IGroup $group): void {
+		$this->log('Group created: "%s"',
+			[
+				'group' => $group->getGID()
+			],
+			[
+				'group'
+			]
+		);
+	}
+
+	/**
+	 * log delete group to group event
+	 *
+	 * @param IGroup $group
+	 */
+	public function deleteGroup(IGroup $group): void {
+		$this->log('Group deleted: "%s"',
+			[
+				'group' => $group->getGID()
+			],
+			[
+				'group'
+			]
+		);
+	}
+}
@@ -0,0 +1,60 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+namespace OCA\AdminAudit\Actions;
+
+use OCP\Authentication\TwoFactorAuth\IProvider;
+use OCP\IUser;
+
+/**
+ * Class Sharing logs the sharing actions
+ *
+ * @package OCA\AdminAudit\Actions
+ */
+class Security extends Action {
+	/**
+	 * Logs failed twofactor challenge
+	 */
+	public function twofactorFailed(IUser $user, IProvider $provider): void {
+		$params = [
+			'displayName' => $user->getDisplayName(),
+			'uid' => $user->getUID(),
+			'provider' => $provider->getDisplayName(),
+		];
+
+		$this->log(
+			'Failed two factor attempt by user %s (%s) with provider %s',
+			$params,
+			[
+				'displayName',
+				'uid',
+				'provider',
+			]
+		);
+	}
+
+	/**
+	 * Logs successful twofactor challenge
+	 */
+	public function twofactorSuccess(IUser $user, IProvider $provider): void {
+		$params = [
+			'displayName' => $user->getDisplayName(),
+			'uid' => $user->getUID(),
+			'provider' => $provider->getDisplayName(),
+		];
+
+		$this->log(
+			'Successful two factor attempt by user %s (%s) with provider %s',
+			$params,
+			[
+				'displayName',
+				'uid',
+				'provider',
+			]
+		);
+	}
+}
@@ -7,12 +7,279 @@ declare(strict_types=1);
 */
 namespace OCA\AdminAudit\Actions;

+use OCP\Share\IShare;
+
 /**
 * Class Sharing logs the sharing actions
 *
 * @package OCA\AdminAudit\Actions
 */
 class Sharing extends Action {
+	/**
+	 * Logs sharing of data
+	 *
+	 * @param array $params
+	 */
+	public function shared(array $params): void {
+		if ($params['shareType'] === IShare::TYPE_LINK) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared via link with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_USER) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the user "%s" with permissions "%s"  (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_GROUP) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the group "%s" with permissions "%s"  (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_ROOM) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the room "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_EMAIL) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the email recipient "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_CIRCLE) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the circle "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_REMOTE) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the remote user "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_REMOTE_GROUP) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the remote group "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_DECK) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the deck card "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_SCIENCEMESH) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been shared to the ScienceMesh user "%s" with permissions "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'path',
+					'itemSource',
+					'shareWith',
+					'permissions',
+					'id',
+				]
+			);
+		}
+	}
+
+	/**
+	 * Logs unsharing of data
+	 *
+	 * @param array $params
+	 */
+	public function unshare(array $params): void {
+		if ($params['shareType'] === IShare::TYPE_LINK) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_USER) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the user "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_GROUP) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the group "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_ROOM) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the room "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_EMAIL) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the email recipient "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_CIRCLE) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the circle "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_REMOTE) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the remote user "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_REMOTE_GROUP) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the remote group "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_DECK) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the deck card "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		} elseif ($params['shareType'] === IShare::TYPE_SCIENCEMESH) {
+			$this->log(
+				'The %s "%s" with ID "%s" has been unshared from the ScienceMesh user "%s" (Share ID: %s)',
+				$params,
+				[
+					'itemType',
+					'fileTarget',
+					'itemSource',
+					'shareWith',
+					'id',
+				]
+			);
+		}
+	}

 	/**
 	 * Logs the updating of permission changes for shares
@@ -0,0 +1,122 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+namespace OCA\AdminAudit\Actions;
+
+use OCP\IUser;
+
+/**
+ * Class UserManagement logs all user management related actions.
+ *
+ * @package OCA\AdminAudit\Actions
+ */
+class UserManagement extends Action {
+	/**
+	 * Log creation of users
+	 *
+	 * @param array $params
+	 */
+	public function create(array $params): void {
+		$this->log(
+			'User created: "%s"',
+			$params,
+			[
+				'uid',
+			]
+		);
+	}
+
+	/**
+	 * Log assignments of users (typically user backends)
+	 *
+	 * @param string $uid
+	 */
+	public function assign(string $uid): void {
+		$this->log(
+			'UserID assigned: "%s"',
+			[ 'uid' => $uid ],
+			[ 'uid' ]
+		);
+	}
+
+	/**
+	 * Log deletion of users
+	 *
+	 * @param array $params
+	 */
+	public function delete(array $params): void {
+		$this->log(
+			'User deleted: "%s"',
+			$params,
+			[
+				'uid',
+			]
+		);
+	}
+
+	/**
+	 * Log unassignments of users (typically user backends, no data removed)
+	 *
+	 * @param string $uid
+	 */
+	public function unassign(string $uid): void {
+		$this->log(
+			'UserID unassigned: "%s"',
+			[ 'uid' => $uid ],
+			[ 'uid' ]
+		);
+	}
+
+	/**
+	 * Log enabling of users
+	 *
+	 * @param array $params
+	 */
+	public function change(array $params): void {
+		switch ($params['feature']) {
+			case 'enabled':
+				$this->log(
+					$params['value'] === true
+						? 'User enabled: "%s"'
+						: 'User disabled: "%s"',
+					['user' => $params['user']->getUID()],
+					[
+						'user',
+					]
+				);
+				break;
+			case 'eMailAddress':
+				$this->log(
+					'Email address changed for user %s',
+					['user' => $params['user']->getUID()],
+					[
+						'user',
+					]
+				);
+				break;
+		}
+	}
+
+	/**
+	 * Logs changing of the user scope
+	 *
+	 * @param IUser $user
+	 */
+	public function setPassword(IUser $user): void {
+		if ($user->getBackendClassName() === 'Database') {
+			$this->log(
+				'Password of user "%s" has been changed',
+				[
+					'user' => $user->getUID(),
+				],
+				[
+					'user',
+				]
+			);
+		}
+	}
+}
@@ -1,35 +1,29 @@
 <?php

 declare(strict_types=1);
-
 /**
 * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
-
 namespace OCA\AdminAudit\AppInfo;

+use OC\Group\Manager as GroupManager;
+use OC\User\Session as UserSession;
+use OCA\AdminAudit\Actions\AppManagement;
 use OCA\AdminAudit\Actions\Auth;
 use OCA\AdminAudit\Actions\Console;
 use OCA\AdminAudit\Actions\Files;
+use OCA\AdminAudit\Actions\GroupManagement;
+use OCA\AdminAudit\Actions\Security;
 use OCA\AdminAudit\Actions\Sharing;
 use OCA\AdminAudit\Actions\TagManagement;
 use OCA\AdminAudit\Actions\Trashbin;
+use OCA\AdminAudit\Actions\UserManagement;
 use OCA\AdminAudit\Actions\Versions;
 use OCA\AdminAudit\AuditLogger;
 use OCA\AdminAudit\IAuditLogger;
-use OCA\AdminAudit\Listener\AppManagementEventListener;
-use OCA\AdminAudit\Listener\AuthEventListener;
-use OCA\AdminAudit\Listener\ConsoleEventListener;
 use OCA\AdminAudit\Listener\CriticalActionPerformedEventListener;
-use OCA\AdminAudit\Listener\FileEventListener;
-use OCA\AdminAudit\Listener\GroupManagementEventListener;
-use OCA\AdminAudit\Listener\SecurityEventListener;
-use OCA\AdminAudit\Listener\SharingEventListener;
-use OCA\AdminAudit\Listener\UserManagementEventListener;
-use OCP\App\Events\AppDisableEvent;
-use OCP\App\Events\AppEnableEvent;
-use OCP\App\Events\AppUpdateEvent;
+use OCP\App\ManagerEvent;
 use OCP\AppFramework\App;
 use OCP\AppFramework\Bootstrap\IBootContext;
 use OCP\AppFramework\Bootstrap\IBootstrap;
@@ -38,39 +32,29 @@ use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
 use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
 use OCP\Console\ConsoleEvent;
 use OCP\EventDispatcher\IEventDispatcher;
-use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
 use OCP\Files\Events\Node\BeforeNodeReadEvent;
 use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
+use OCP\Files\Events\Node\BeforeNodeWrittenEvent;
 use OCP\Files\Events\Node\NodeCopiedEvent;
 use OCP\Files\Events\Node\NodeCreatedEvent;
+use OCP\Files\Events\Node\NodeDeletedEvent;
 use OCP\Files\Events\Node\NodeRenamedEvent;
 use OCP\Files\Events\Node\NodeWrittenEvent;
-use OCP\Group\Events\GroupCreatedEvent;
-use OCP\Group\Events\GroupDeletedEvent;
-use OCP\Group\Events\UserAddedEvent;
-use OCP\Group\Events\UserRemovedEvent;
 use OCP\IConfig;
+use OCP\IGroupManager;
+use OCP\IUserSession;
 use OCP\Log\Audit\CriticalActionPerformedEvent;
 use OCP\Log\ILogFactory;
 use OCP\Preview\BeforePreviewFetchedEvent;
 use OCP\Share;
-use OCP\Share\Events\ShareCreatedEvent;
-use OCP\Share\Events\ShareDeletedEvent;
-use OCP\SystemTag\ManagerEvent;
-use OCP\User\Events\BeforeUserLoggedInEvent;
-use OCP\User\Events\BeforeUserLoggedOutEvent;
-use OCP\User\Events\PasswordUpdatedEvent;
-use OCP\User\Events\UserChangedEvent;
-use OCP\User\Events\UserCreatedEvent;
-use OCP\User\Events\UserDeletedEvent;
-use OCP\User\Events\UserIdAssignedEvent;
-use OCP\User\Events\UserIdUnassignedEvent;
-use OCP\User\Events\UserLoggedInEvent;
-use OCP\User\Events\UserLoggedInWithCookieEvent;
 use OCP\Util;
 use Psr\Container\ContainerInterface;
+use Psr\Log\LoggerInterface;

 class Application extends App implements IBootstrap {
+	/** @var LoggerInterface */
+	protected $logger;
+
 	public function __construct() {
 		parent::__construct('admin_audit');
 	}
@@ -81,45 +65,6 @@ class Application extends App implements IBootstrap {
 		});

 		$context->registerEventListener(CriticalActionPerformedEvent::class, CriticalActionPerformedEventListener::class);
-
-		// User management events
-		$context->registerEventListener(UserCreatedEvent::class, UserManagementEventListener::class);
-		$context->registerEventListener(UserDeletedEvent::class, UserManagementEventListener::class);
-		$context->registerEventListener(UserChangedEvent::class, UserManagementEventListener::class);
-		$context->registerEventListener(PasswordUpdatedEvent::class, UserManagementEventListener::class);
-		$context->registerEventListener(UserIdAssignedEvent::class, UserManagementEventListener::class);
-		$context->registerEventListener(UserIdUnassignedEvent::class, UserManagementEventListener::class);
-
-		// Group management events
-		$context->registerEventListener(UserAddedEvent::class, GroupManagementEventListener::class);
-		$context->registerEventListener(UserRemovedEvent::class, GroupManagementEventListener::class);
-		$context->registerEventListener(GroupCreatedEvent::class, GroupManagementEventListener::class);
-		$context->registerEventListener(GroupDeletedEvent::class, GroupManagementEventListener::class);
-
-		// Sharing events
-		$context->registerEventListener(ShareCreatedEvent::class, SharingEventListener::class);
-		$context->registerEventListener(ShareDeletedEvent::class, SharingEventListener::class);
-
-		// Auth events
-		$context->registerEventListener(BeforeUserLoggedInEvent::class, AuthEventListener::class);
-		$context->registerEventListener(UserLoggedInWithCookieEvent::class, AuthEventListener::class);
-		$context->registerEventListener(UserLoggedInEvent::class, AuthEventListener::class);
-		$context->registerEventListener(BeforeUserLoggedOutEvent::class, AuthEventListener::class);
-
-		// File events
-		$context->registerEventListener(BeforePreviewFetchedEvent::class, FileEventListener::class);
-
-		// Security events
-		$context->registerEventListener(TwoFactorProviderChallengePassed::class, SecurityEventListener::class);
-		$context->registerEventListener(TwoFactorProviderChallengeFailed::class, SecurityEventListener::class);
-
-		// App management events
-		$context->registerEventListener(AppEnableEvent::class, AppManagementEventListener::class);
-		$context->registerEventListener(AppDisableEvent::class, AppManagementEventListener::class);
-		$context->registerEventListener(AppUpdateEvent::class, AppManagementEventListener::class);
-
-		// Console events
-		$context->registerEventListener(ConsoleEvent::class, ConsoleEventListener::class);
 	}

 	public function boot(IBootContext $context): void {
@@ -130,87 +75,172 @@ class Application extends App implements IBootstrap {
 		 * TODO: once the hooks are migrated to lazy events, this should be done
 		 *       in \OCA\AdminAudit\AppInfo\Application::register
 		 */
-		$this->registerLegacyHooks($logger, $context->getServerContainer());
+		$this->registerHooks($logger, $context->getServerContainer());
 	}

 	/**
 	 * Register hooks in order to log them
 	 */
-	private function registerLegacyHooks(IAuditLogger $logger, ContainerInterface $serverContainer): void {
+	private function registerHooks(IAuditLogger $logger,
+		ContainerInterface $serverContainer): void {
+		$this->userManagementHooks($logger, $serverContainer->get(IUserSession::class));
+		$this->groupHooks($logger, $serverContainer->get(IGroupManager::class));
+		$this->authHooks($logger);
+
+
 		/** @var IEventDispatcher $eventDispatcher */
 		$eventDispatcher = $serverContainer->get(IEventDispatcher::class);
-		$this->sharingLegacyHooks($logger);
+		$this->consoleHooks($logger, $eventDispatcher);
+		$this->appHooks($logger, $eventDispatcher);
+
+		$this->sharingHooks($logger);
+
 		$this->fileHooks($logger, $eventDispatcher);
 		$this->trashbinHooks($logger);
 		$this->versionsHooks($logger);
+
+		$this->securityHooks($logger, $eventDispatcher);
 		$this->tagHooks($logger, $eventDispatcher);
 	}

-	private function sharingLegacyHooks(IAuditLogger $logger): void {
+	private function userManagementHooks(IAuditLogger $logger,
+		IUserSession $userSession): void {
+		$userActions = new UserManagement($logger);
+
+		Util::connectHook('OC_User', 'post_createUser', $userActions, 'create');
+		Util::connectHook('OC_User', 'post_deleteUser', $userActions, 'delete');
+		Util::connectHook('OC_User', 'changeUser', $userActions, 'change');
+
+		assert($userSession instanceof UserSession);
+		$userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']);
+		$userSession->listen('\OC\User', 'assignedUserId', [$userActions, 'assign']);
+		$userSession->listen('\OC\User', 'postUnassignedUserId', [$userActions, 'unassign']);
+	}
+
+	private function groupHooks(IAuditLogger $logger,
+		IGroupManager $groupManager): void {
+		$groupActions = new GroupManagement($logger);
+
+		assert($groupManager instanceof GroupManager);
+		$groupManager->listen('\OC\Group', 'postRemoveUser', [$groupActions, 'removeUser']);
+		$groupManager->listen('\OC\Group', 'postAddUser', [$groupActions, 'addUser']);
+		$groupManager->listen('\OC\Group', 'postDelete', [$groupActions, 'deleteGroup']);
+		$groupManager->listen('\OC\Group', 'postCreate', [$groupActions, 'createGroup']);
+	}
+
+	private function sharingHooks(IAuditLogger $logger): void {
 		$shareActions = new Sharing($logger);

+		Util::connectHook(Share::class, 'post_shared', $shareActions, 'shared');
+		Util::connectHook(Share::class, 'post_unshare', $shareActions, 'unshare');
+		Util::connectHook(Share::class, 'post_unshareFromSelf', $shareActions, 'unshare');
 		Util::connectHook(Share::class, 'post_update_permissions', $shareActions, 'updatePermissions');
 		Util::connectHook(Share::class, 'post_update_password', $shareActions, 'updatePassword');
 		Util::connectHook(Share::class, 'post_set_expiration_date', $shareActions, 'updateExpirationDate');
 		Util::connectHook(Share::class, 'share_link_access', $shareActions, 'shareAccessed');
 	}

+	private function authHooks(IAuditLogger $logger): void {
+		$authActions = new Auth($logger);
+
+		Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt');
+		Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful');
+		Util::connectHook('OC_User', 'logout', $authActions, 'logout');
+	}
+
+	private function appHooks(IAuditLogger $logger,
+		IEventDispatcher $eventDispatcher): void {
+		$eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE, function (ManagerEvent $event) use ($logger) {
+			$appActions = new AppManagement($logger);
+			$appActions->enableApp($event->getAppID());
+		});
+		$eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE_FOR_GROUPS, function (ManagerEvent $event) use ($logger) {
+			$appActions = new AppManagement($logger);
+			$appActions->enableAppForGroups($event->getAppID(), $event->getGroups());
+		});
+		$eventDispatcher->addListener(ManagerEvent::EVENT_APP_DISABLE, function (ManagerEvent $event) use ($logger) {
+			$appActions = new AppManagement($logger);
+			$appActions->disableApp($event->getAppID());
+		});
+	}
+
+	private function consoleHooks(IAuditLogger $logger,
+		IEventDispatcher $eventDispatcher): void {
+		$eventDispatcher->addListener(ConsoleEvent::class, function (ConsoleEvent $event) use ($logger) {
+			$appActions = new Console($logger);
+			$appActions->runCommand($event->getArguments());
+		});
+	}
 	private function tagHooks(IAuditLogger $logger,
 		IEventDispatcher $eventDispatcher): void {
-		$eventDispatcher->addListener(ManagerEvent::EVENT_CREATE, function (ManagerEvent $event) use ($logger): void {
+		$eventDispatcher->addListener(\OCP\SystemTag\ManagerEvent::EVENT_CREATE, function (\OCP\SystemTag\ManagerEvent $event) use ($logger) {
 			$tagActions = new TagManagement($logger);
 			$tagActions->createTag($event->getTag());
 		});
 	}

-	private function fileHooks(IAuditLogger $logger, IEventDispatcher $eventDispatcher): void {
+	private function fileHooks(IAuditLogger $logger,
+		IEventDispatcher $eventDispatcher): void {
 		$fileActions = new Files($logger);
+		$eventDispatcher->addListener(
+			BeforePreviewFetchedEvent::class,
+			function (BeforePreviewFetchedEvent $event) use ($fileActions) {
+				$fileActions->preview($event);
+			}
+		);

 		$eventDispatcher->addListener(
 			BeforeNodeRenamedEvent::class,
-			function (BeforeNodeRenamedEvent $event) use ($fileActions): void {
+			function (BeforeNodeRenamedEvent $event) use ($fileActions) {
 				$fileActions->beforeRename($event);
 			}
 		);

 		$eventDispatcher->addListener(
 			NodeRenamedEvent::class,
-			function (NodeRenamedEvent $event) use ($fileActions): void {
+			function (NodeRenamedEvent $event) use ($fileActions) {
 				$fileActions->afterRename($event);
 			}
 		);

 		$eventDispatcher->addListener(
 			NodeCreatedEvent::class,
-			function (NodeCreatedEvent $event) use ($fileActions): void {
+			function (NodeCreatedEvent $event) use ($fileActions) {
 				$fileActions->create($event);
 			}
 		);

 		$eventDispatcher->addListener(
 			NodeCopiedEvent::class,
-			function (NodeCopiedEvent $event) use ($fileActions): void {
+			function (NodeCopiedEvent $event) use ($fileActions) {
 				$fileActions->copy($event);
 			}
 		);

 		$eventDispatcher->addListener(
-			NodeWrittenEvent::class,
-			function (NodeWrittenEvent $event) use ($fileActions): void {
+			BeforeNodeWrittenEvent::class,
+			function (BeforeNodeWrittenEvent $event) use ($fileActions) {
 				$fileActions->write($event);
 			}
 		);

+		$eventDispatcher->addListener(
+			NodeWrittenEvent::class,
+			function (NodeWrittenEvent $event) use ($fileActions) {
+				$fileActions->update($event);
+			}
+		);
+
 		$eventDispatcher->addListener(
 			BeforeNodeReadEvent::class,
-			function (BeforeNodeReadEvent $event) use ($fileActions): void {
+			function (BeforeNodeReadEvent $event) use ($fileActions) {
 				$fileActions->read($event);
 			}
 		);

 		$eventDispatcher->addListener(
-			BeforeNodeDeletedEvent::class,
-			function (BeforeNodeDeletedEvent $event) use ($fileActions): void {
+			NodeDeletedEvent::class,
+			function (NodeDeletedEvent $event) use ($fileActions) {
 				$fileActions->delete($event);
 			}
 		);
@@ -227,4 +257,16 @@ class Application extends App implements IBootstrap {
 		Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
 		Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
 	}
+
+	private function securityHooks(IAuditLogger $logger,
+		IEventDispatcher $eventDispatcher): void {
+		$eventDispatcher->addListener(TwoFactorProviderChallengePassed::class, function (TwoFactorProviderChallengePassed $event) use ($logger) {
+			$security = new Security($logger);
+			$security->twofactorSuccess($event->getUser(), $event->getProvider());
+		});
+		$eventDispatcher->addListener(TwoFactorProviderChallengeFailed::class, function (TwoFactorProviderChallengeFailed $event) use ($logger) {
+			$security = new Security($logger);
+			$security->twofactorFailed($event->getUser(), $event->getProvider());
+		});
+	}
 }
@@ -1,12 +1,9 @@
 <?php

-declare(strict_types=1);
-
 /**
 * SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
-
 namespace OCA\AdminAudit;

 use OCP\IConfig;
@@ -1,60 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\App\Events\AppDisableEvent;
-use OCP\App\Events\AppEnableEvent;
-use OCP\App\Events\AppUpdateEvent;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-
-/**
- * @template-implements IEventListener<AppEnableEvent|AppDisableEvent|AppUpdateEvent>
- */
-class AppManagementEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof AppEnableEvent) {
-			$this->appEnable($event);
-		} elseif ($event instanceof AppDisableEvent) {
-			$this->appDisable($event);
-		} elseif ($event instanceof AppUpdateEvent) {
-			$this->appUpdate($event);
-		}
-	}
-
-	private function appEnable(AppEnableEvent $event): void {
-		if (empty($event->getGroupIds())) {
-			$this->log('App "%s" enabled',
-				['app' => $event->getAppId()],
-				['app']
-			);
-		} else {
-			$this->log('App "%1$s" enabled for groups: %2$s',
-				['app' => $event->getAppId(), 'groups' => implode(', ', $event->getGroupIds())],
-				['app', 'groups']
-			);
-		}
-	}
-
-	private function appDisable(AppDisableEvent $event): void {
-		$this->log('App "%s" disabled',
-			['app' => $event->getAppId()],
-			['app']
-		);
-	}
-
-	private function appUpdate(AppUpdateEvent $event): void {
-		$this->log('App "%s" updated',
-			['app' => $event->getAppId()],
-			['app']
-		);
-	}
-}
@@ -1,67 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-use OCP\User\Events\BeforeUserLoggedInEvent;
-use OCP\User\Events\BeforeUserLoggedOutEvent;
-use OCP\User\Events\UserLoggedInEvent;
-use OCP\User\Events\UserLoggedInWithCookieEvent;
-
-/**
- * @template-implements IEventListener<BeforeUserLoggedInEvent|UserLoggedInWithCookieEvent|UserLoggedInEvent|BeforeUserLoggedOutEvent>
- */
-class AuthEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof BeforeUserLoggedInEvent) {
-			$this->beforeUserLoggedIn($event);
-		} elseif ($event instanceof UserLoggedInWithCookieEvent || $event instanceof UserLoggedInEvent) {
-			$this->userLoggedIn($event);
-		} elseif ($event instanceof BeforeUserLoggedOutEvent) {
-			$this->beforeUserLogout($event);
-		}
-	}
-
-	private function beforeUserLoggedIn(BeforeUserLoggedInEvent $event): void {
-		$this->log(
-			'Login attempt: "%s"',
-			[
-				'uid' => $event->getUsername()
-			],
-			[
-				'uid',
-			],
-			true
-		);
-	}
-
-	private function userLoggedIn(UserLoggedInWithCookieEvent|UserLoggedInEvent $event): void {
-		$this->log(
-			'Login successful: "%s"',
-			[
-				'uid' => $event->getUser()->getUID()
-			],
-			[
-				'uid',
-			],
-			true
-		);
-	}
-
-	private function beforeUserLogout(BeforeUserLoggedOutEvent $event): void {
-		$this->log(
-			'Logout occurred',
-			[],
-			[]
-		);
-	}
-}
@@ -1,42 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\Console\ConsoleEvent;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-
-/**
- * @template-implements IEventListener<ConsoleEvent>
- */
-class ConsoleEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof ConsoleEvent) {
-			$this->runCommand($event);
-		}
-	}
-
-	private function runCommand(ConsoleEvent $event): void {
-		$arguments = $event->getArguments();
-		if (!isset($arguments[1]) || $arguments[1] === '_completion') {
-			// Don't log autocompletion
-			return;
-		}
-
-		// Remove `./occ`
-		array_shift($arguments);
-
-		$this->log('Console command executed: %s',
-			['arguments' => implode(' ', $arguments)],
-			['arguments']
-		);
-	}
-}
@@ -1,12 +1,10 @@
 <?php

 declare(strict_types=1);
-
 /**
 * SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
-
 namespace OCA\AdminAudit\Listener;

 use OCA\AdminAudit\Actions\Action;
@@ -1,57 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-use OCP\Files\InvalidPathException;
-use OCP\Files\NotFoundException;
-use OCP\Preview\BeforePreviewFetchedEvent;
-use OCP\Server;
-use Psr\Log\LoggerInterface;
-
-/**
- * @template-implements IEventListener<BeforePreviewFetchedEvent>
- */
-class FileEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof BeforePreviewFetchedEvent) {
-			$this->beforePreviewFetched($event);
-		}
-	}
-
-	/**
-	 * Logs preview access to a file
-	 */
-	private function beforePreviewFetched(BeforePreviewFetchedEvent $event): void {
-		try {
-			$file = $event->getNode();
-			$params = [
-				'id' => $file->getId(),
-				'width' => $event->getWidth(),
-				'height' => $event->getHeight(),
-				'crop' => $event->isCrop(),
-				'mode' => $event->getMode(),
-				'path' => mb_substr($file->getInternalPath(), 5)
-			];
-			$this->log(
-				'Preview accessed: (id: "%s", width: "%s", height: "%s" crop: "%s", mode: "%s", path: "%s")',
-				$params,
-				array_keys($params)
-			);
-		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file preview: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
-			);
-			return;
-		}
-	}
-}
@@ -1,81 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-use OCP\Group\Events\GroupCreatedEvent;
-use OCP\Group\Events\GroupDeletedEvent;
-use OCP\Group\Events\UserAddedEvent;
-use OCP\Group\Events\UserRemovedEvent;
-
-/**
- * @template-implements IEventListener<UserAddedEvent|UserRemovedEvent|GroupCreatedEvent|GroupDeletedEvent>
- */
-class GroupManagementEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof UserAddedEvent) {
-			$this->userAdded($event);
-		} elseif ($event instanceof UserRemovedEvent) {
-			$this->userRemoved($event);
-		} elseif ($event instanceof GroupCreatedEvent) {
-			$this->groupCreated($event);
-		} elseif ($event instanceof GroupDeletedEvent) {
-			$this->groupDeleted($event);
-		}
-	}
-
-	private function userAdded(UserAddedEvent $event): void {
-		$this->log('User "%s" added to group "%s"',
-			[
-				'group' => $event->getGroup()->getGID(),
-				'user' => $event->getUser()->getUID()
-			],
-			[
-				'user', 'group'
-			]
-		);
-	}
-
-	private function userRemoved(UserRemovedEvent $event): void {
-		$this->log('User "%s" removed from group "%s"',
-			[
-				'group' => $event->getGroup()->getGID(),
-				'user' => $event->getUser()->getUID()
-			],
-			[
-				'user', 'group'
-			]
-		);
-	}
-
-	private function groupCreated(GroupCreatedEvent $event): void {
-		$this->log('Group created: "%s"',
-			[
-				'group' => $event->getGroup()->getGID()
-			],
-			[
-				'group'
-			]
-		);
-	}
-
-	private function groupDeleted(GroupDeletedEvent $event): void {
-		$this->log('Group deleted: "%s"',
-			[
-				'group' => $event->getGroup()->getGID()
-			],
-			[
-				'group'
-			]
-		);
-	}
-}
@@ -1,61 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
-use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-
-/**
- * @template-implements IEventListener<TwoFactorProviderChallengePassed|TwoFactorProviderChallengeFailed>
- */
-class SecurityEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof TwoFactorProviderChallengePassed) {
-			$this->twoFactorProviderChallengePassed($event);
-		} elseif ($event instanceof TwoFactorProviderChallengeFailed) {
-			$this->twoFactorProviderChallengeFailed($event);
-		}
-	}
-
-	private function twoFactorProviderChallengePassed(TwoFactorProviderChallengePassed $event): void {
-		$this->log(
-			'Successful two factor attempt by user %s (%s) with provider %s',
-			[
-				'uid' => $event->getUser()->getUID(),
-				'displayName' => $event->getUser()->getDisplayName(),
-				'provider' => $event->getProvider()->getDisplayName()
-			],
-			[
-				'displayName',
-				'uid',
-				'provider',
-			]
-		);
-	}
-
-	private function twoFactorProviderChallengeFailed(TwoFactorProviderChallengeFailed $event): void {
-		$this->log(
-			'Failed two factor attempt by user %s (%s) with provider %s',
-			[
-				'uid' => $event->getUser()->getUID(),
-				'displayName' => $event->getUser()->getDisplayName(),
-				'provider' => $event->getProvider()->getDisplayName()
-			],
-			[
-				'displayName',
-				'uid',
-				'provider',
-			]
-		);
-	}
-}
@@ -1,291 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-use OCP\Share\Events\ShareCreatedEvent;
-use OCP\Share\Events\ShareDeletedEvent;
-use OCP\Share\IShare;
-
-/**
- * @template-implements IEventListener<ShareCreatedEvent|ShareDeletedEvent>
- */
-class SharingEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof ShareCreatedEvent) {
-			$this->shareCreated($event);
-		} elseif ($event instanceof ShareDeletedEvent) {
-			$this->shareDeleted($event);
-		}
-	}
-
-	private function shareCreated(ShareCreatedEvent $event): void {
-		$share = $event->getShare();
-
-		$params = [
-			'itemType' => $share->getNodeType(),
-			'path' => $share->getNode()->getPath(),
-			'itemSource' => $share->getNodeId(),
-			'shareWith' => $share->getSharedWith(),
-			'permissions' => $share->getPermissions(),
-			'id' => $share->getId()
-		];
-
-		match ($share->getShareType()) {
-			IShare::TYPE_LINK => $this->log(
-				'The %s "%s" with ID "%s" has been shared via link with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_USER => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the user "%s" with permissions "%s"  (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_GROUP => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the group "%s" with permissions "%s"  (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_ROOM => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the room "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_EMAIL => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the email recipient "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_CIRCLE => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the circle "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_REMOTE => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the remote user "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_REMOTE_GROUP => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the remote group "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_DECK => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the deck card "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			IShare::TYPE_SCIENCEMESH => $this->log(
-				'The %s "%s" with ID "%s" has been shared to the sciencemesh user "%s" with permissions "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'path',
-					'itemSource',
-					'shareWith',
-					'permissions',
-					'id',
-				]
-			),
-			default => null
-		};
-	}
-
-	private function shareDeleted(ShareDeletedEvent $event): void {
-		$share = $event->getShare();
-
-		$params = [
-			'itemType' => $share->getNodeType(),
-			'fileTarget' => $share->getTarget(),
-			'itemSource' => $share->getNodeId(),
-			'shareWith' => $share->getSharedWith(),
-			'id' => $share->getId()
-		];
-
-		match ($share->getShareType()) {
-			IShare::TYPE_LINK => $this->log(
-				'The %s "%s" with ID "%s" has been unshared (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'id',
-				]
-			),
-			IShare::TYPE_USER => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the user "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_GROUP => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the group "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_ROOM => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the room "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_EMAIL => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the email recipient "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_CIRCLE => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the circle "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_REMOTE => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the remote user "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_REMOTE_GROUP => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the remote group "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_DECK => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the deck card "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			IShare::TYPE_SCIENCEMESH => $this->log(
-				'The %s "%s" with ID "%s" has been unshared from the sciencemesh user "%s" (Share ID: %s)',
-				$params,
-				[
-					'itemType',
-					'fileTarget',
-					'itemSource',
-					'shareWith',
-					'id',
-				]
-			),
-			default => null
-		};
-	}
-}
@@ -1,126 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/**
- * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-namespace OCA\AdminAudit\Listener;
-
-use OCA\AdminAudit\Actions\Action;
-use OCP\EventDispatcher\Event;
-use OCP\EventDispatcher\IEventListener;
-use OCP\User\Events\PasswordUpdatedEvent;
-use OCP\User\Events\UserChangedEvent;
-use OCP\User\Events\UserCreatedEvent;
-use OCP\User\Events\UserDeletedEvent;
-use OCP\User\Events\UserIdAssignedEvent;
-use OCP\User\Events\UserIdUnassignedEvent;
-
-/**
- * @template-implements IEventListener<UserCreatedEvent|UserDeletedEvent|UserChangedEvent|PasswordUpdatedEvent|UserIdAssignedEvent|UserIdUnassignedEvent>
- */
-class UserManagementEventListener extends Action implements IEventListener {
-	public function handle(Event $event): void {
-		if ($event instanceof UserCreatedEvent) {
-			$this->userCreated($event);
-		} elseif ($event instanceof UserDeletedEvent) {
-			$this->userDeleted($event);
-		} elseif ($event instanceof UserChangedEvent) {
-			$this->userChanged($event);
-		} elseif ($event instanceof PasswordUpdatedEvent) {
-			$this->passwordUpdated($event);
-		} elseif ($event instanceof UserIdAssignedEvent) {
-			$this->userIdAssigned($event);
-		} elseif ($event instanceof UserIdUnassignedEvent) {
-			$this->userIdUnassigned($event);
-		}
-	}
-
-	private function userCreated(UserCreatedEvent $event): void {
-		$this->log(
-			'User created: "%s"',
-			[
-				'uid' => $event->getUid()
-			],
-			[
-				'uid',
-			]
-		);
-	}
-
-	private function userDeleted(UserDeletedEvent $event): void {
-		$this->log(
-			'User deleted: "%s"',
-			[
-				'uid' => $event->getUser()->getUID()
-			],
-			[
-				'uid',
-			]
-		);
-	}
-
-	private function userChanged(UserChangedEvent $event): void {
-		switch ($event->getFeature()) {
-			case 'enabled':
-				$this->log(
-					$event->getValue() === true
-						? 'User enabled: "%s"'
-						: 'User disabled: "%s"',
-					['user' => $event->getUser()->getUID()],
-					[
-						'user',
-					]
-				);
-				break;
-			case 'eMailAddress':
-				$this->log(
-					'Email address changed for user %s',
-					['user' => $event->getUser()->getUID()],
-					[
-						'user',
-					]
-				);
-				break;
-		}
-	}
-
-	private function passwordUpdated(PasswordUpdatedEvent $event): void {
-		if ($event->getUser()->getBackendClassName() === 'Database') {
-			$this->log(
-				'Password of user "%s" has been changed',
-				[
-					'user' => $event->getUser()->getUID(),
-				],
-				[
-					'user',
-				]
-			);
-		}
-	}
-
-	/**
-	 * Log assignments of users (typically user backends)
-	 */
-	private function userIdAssigned(UserIdAssignedEvent $event): void {
-		$this->log(
-			'UserID assigned: "%s"',
-			[ 'uid' => $event->getUserId() ],
-			[ 'uid' ]
-		);
-	}
-
-	/**
-	 * Log unassignments of users (typically user backends, no data removed)
-	 */
-	private function userIdUnassigned(UserIdUnassignedEvent $event): void {
-		$this->log(
-			'UserID unassigned: "%s"',
-			[ 'uid' => $event->getUserId() ],
-			[ 'uid' ]
-		);
-	}
-}
--- a/Show More
+++ b/Show More