chore(files): Adapt to moved payload

Signed-off-by: Christopher Ng <chrng8@gmail.com>
chore(files): Provide old node on moved
2024-09-13 17:31:25 -07:00 · 2024-09-13 17:31:25 -07:00
7069 changed files with 167619 additions and 184822 deletions
@@ -11,9 +11,3 @@ aa5f037af71c915424c6dcfd5ad2dc82797dc0d6
 af6de04e9e141466dc229e444ff3f146f4a34765
 0bd284cb81b6866338aaaa67aa1d81ef9bfbb2ab
 8af7ecb2576071f170ecbb0aa2311b26581e40e2
-# Update to coding-standard 1.3.1
-9836e9b16484582d309c8437ab46d82e34956941
-# Automated refactorings
-49dd79eabb2b8902559a7a4e8f8fcad54f46b604
-# @nextcloud/vue import paths
-b06f5ba4c47450f355a8903c1a93ac68e8c6cfc2
@@ -1,43 +1,15 @@
-# Fallback owners for code review - ensure all PRs have someone assigned for review.
-# (the last match will used so this is only used if there is no more specific code owner below)
-
-# Backend
-# is the first and gets everything to make things easier from matching syntax
-*                                             @nextcloud/server-backend
-
-# Frontend
-# this will override the backend code owners if needed
-/__mocks__                                    @nextcloud/server-frontend
-/__tests__                                    @nextcloud/server-frontend
-/cypress                                      @nextcloud/server-frontend
-**/js                                         @nextcloud/server-frontend
-**/src                                        @nextcloud/server-frontend
-*.js                                          @nextcloud/server-frontend
-*.ts                                          @nextcloud/server-frontend
-
-# dependency management
-package.json                                  @nextcloud/server-dependabot
-package-lock.json                             @nextcloud/server-dependabot
-
-# Compiled assets only - no owner set to not spam on automated dependency updates
-/dist                                         
-
 # App maintainers
 /apps/admin_audit/appinfo/info.xml            @luka-nextcloud @blizzz
 /apps/cloud_federation_api/appinfo/info.xml   @mejo-
 /apps/comments/appinfo/info.xml               @edward-ly @Pytal
-/apps/contactsinteraction/appinfo/info.xml    @kesselb @SebastianKrupinski
-/apps/contactsinteraction/lib                 @kesselb @SebastianKrupinski
-/apps/contactsinteraction/tests               @kesselb @SebastianKrupinski
-/apps/dashboard/appinfo/info.xml              @julien-nc @juliusknorr
-/apps/dav/lib/CalDAV                          @st3iny @SebastianKrupinski @tcitworld
-/apps/dav/lib/CardDAV                         @hamza221 @SebastianKrupinski
-/apps/dav/tests/unit/CalDAV                   @st3iny @SebastianKrupinski @tcitworld
-/apps/dav/tests/unit/CardDAV                  @hamza221 @SebastianKrupinski
+/apps/contactsinteraction/appinfo/info.xml    @kesselb @miaulalala @ChristophWurst @GretaD @hamza221 @st3iny
+/apps/dashboard/appinfo/info.xml              @julien-nc @juliushaertl
+/apps/dav/lib/CalDAV                          @ChristophWurst @miaulalala @tcitworld
+/apps/dav/lib/CardDAV                         @ChristophWurst @miaulalala @tcitworld
 /apps/encryption/appinfo/info.xml             @come-nc @icewind1991
 /apps/federatedfilesharing/appinfo/info.xml   @icewind1991 @danxuliu
-/apps/federation/appinfo/info.xml             @nfebe
-/apps/files/appinfo/info.xml                  @skjnldsv @Pytal @ArtificialOwl @come-nc @artonge @icewind1991 @szaimen @susnux @nfebe
+/apps/federation/appinfo/info.xml             @datenangebot
+/apps/files/appinfo/info.xml                  @skjnldsv @Pytal @ArtificialOwl @come-nc @artonge @icewind1991 @szaimen @susnux @Fenn-CS
 /apps/files_external/appinfo/info.xml         @icewind1991 @artonge
 /apps/files_reminders/appinfo/info.xml        @Pytal
 /apps/files_sharing/appinfo/info.xml          @skjnldsv @come-nc
@@ -48,26 +20,26 @@ package-lock.json                             @nextcloud/server-dependabot
 /apps/settings/appinfo/info.xml               @Pytal @JuliaKirschenheuter
 /apps/sharebymail/appinfo/info.xml            @Altahrim
 /apps/systemtags/appinfo/info.xml             @Antreesy @marcelklehr
-/apps/theming/appinfo/info.xml                @skjnldsv @juliusknorr
+/apps/theming/appinfo/info.xml                @skjnldsv @juliushaertl
 /apps/twofactor_backupcodes/appinfo/info.xml  @st3iny @miaulalala @ChristophWurst
 /apps/updatenotification/appinfo/info.xml     @Pytal @JuliaKirschenheuter
 /apps/user_ldap/appinfo/info.xml              @come-nc @blizzz
 /apps/user_status/appinfo/info.xml            @Antreesy @nickvergessen
-/apps/weather_status/appinfo/info.xml         @julien-nc @juliusknorr
+/apps/weather_status/appinfo/info.xml         @julien-nc @juliushaertl
 /apps/webhook_listeners/appinfo/info.xml      @come-nc @julien-nc
-/apps/workflowengine/appinfo/info.xml         @blizzz @juliusknorr
+/apps/workflowengine/appinfo/info.xml         @blizzz @juliushaertl

 # Frontend expertise
-/apps/files/src*                    @skjnldsv @nextcloud/server-frontend
-/apps/files_external/src*           @skjnldsv @nextcloud/server-frontend
-/apps/files_reminders/src*          @skjnldsv @nextcloud/server-frontend
-/apps/files_sharing/src/actions*    @skjnldsv @nextcloud/server-frontend
-/apps/files_trashbin/src*           @skjnldsv @nextcloud/server-frontend
+/apps/files/src*                  @skjnldsv
+/apps/files_external/src*         @skjnldsv
+/apps/files_reminders/src*        @skjnldsv
+/apps/files_sharing/src/actions*  @skjnldsv
+/apps/files_trashbin/src*         @skjnldsv

 # Security team
-/build/psalm-baseline-security.xml  @nickvergessen @nextcloud/server-backend
 /resources/codesigning              @mgallien @miaulalala @nickvergessen
-/resources/config/ca-bundle.crt     @miaulalala @nickvergessen
+/resources/config/ca-bundle.crt     @ChristophWurst @miaulalala @nickvergessen
+/.drone.yml                         @nickvergessen

 # Two-Factor Authentication
 # https://github.com/nextcloud/wg-two-factor-authentication#members
@@ -77,26 +49,24 @@ package-lock.json                             @nextcloud/server-dependabot

 # Limit login to IP
 # Watch login routes for https://github.com/nextcloud/limit_login_to_ip
-/core/routes.php                    @Altahrim @nextcloud/server-backend
+/core/routes.php	@Altahrim

 # OpenAPI
-openapi*.json                       @provokateurin
-ResponseDefinitions.php             @provokateurin
+openapi*.json           @provokateurin
+ResponseDefinitions.php @provokateurin

 # Talk team
-/lib/private/Comments               @nickvergessen @nextcloud/talk-backend
-/lib/private/Federation             @nickvergessen @nextcloud/talk-backend @nextcloud/server-backend
-/lib/private/Talk                   @nickvergessen @nextcloud/talk-backend
-/lib/public/Comments                @nickvergessen @nextcloud/talk-backend
-/lib/public/Federation              @nickvergessen @nextcloud/talk-backend @nextcloud/server-backend
-/lib/public/OCM                     @nickvergessen @nextcloud/talk-backend @nextcloud/server-backend
-/lib/public/Talk                    @nickvergessen @nextcloud/talk-backend
-/lib/public/UserStatus              @nickvergessen @nextcloud/talk-backend
-
-# Groupware
-/build/integration/dav_features/caldav.feature    @st3iny @SebastianKrupinski
-/build/integration/dav_features/carddav.feature   @st3iny @SebastianKrupinski
+/lib/private/Comments               @nickvergessen
+/lib/private/Federation             @nickvergessen
+/lib/private/Talk                   @nickvergessen
+/lib/public/Comments                @nickvergessen
+/lib/public/Federation              @nickvergessen
+/lib/public/OCM                     @nickvergessen
+/lib/public/Talk                    @nickvergessen
+/lib/public/UserStatus              @nickvergessen

 # Personal interest
-*/Activity/*                        @nickvergessen @nextcloud/server-backend
-*/Notifications/*                   @nickvergessen @nextcloud/talk-backend
+*/Activity/*                        @nickvergessen
+*/Notifications/*                   @nickvergessen
+/lib/private/Profiler               @CarlSchwan
+/lib/public/Profiler                @CarlSchwan
@@ -48,7 +48,7 @@ In some areas unit testing is hard (aka almost impossible) as of today - in thes

 ### Sign your work

-We use the Developer Certificate of Origin (DCO) as an additional safeguard
+We use the Developer Certificate of Origin (DCO) as a additional safeguard
 for the Nextcloud project. This is a well established and widely used
 mechanism to assure contributors have confirmed their right to license
 their contribution under the project's license.
@@ -70,9 +70,8 @@ body:
        Select Nextcloud Server version.
        _Versions not listed here are not maintained and not supported anymore_
      options:
+        - "28"
        - "29"
-        - "30"
-        - "31"
        - "master"
    validations:
      required: true
@@ -95,10 +94,10 @@ body:
        Select PHP engine version serving Nextcloud Server.
        _Describe in the "Additional info" section if you chose "Other"._
      options:
-        - "PHP 8.4"
        - "PHP 8.3"
        - "PHP 8.2"
        - "PHP 8.1"
+        - "PHP 8.0"
        - "Other"
  - type: dropdown
    id: webserver
@@ -132,8 +131,8 @@ body:
      description: |
        Select if bug is present after an update or on a fresh install.
      options:
-        - "Updated from a MINOR version (ex. 32.0.1 to 32.0.2)"
-        - "Upgraded to a MAJOR version (ex. 31 to 32)"
+        - "Updated from a MINOR version (ex. 28.0.1 to 28.0.2)"
+        - "Upgraded to a MAJOR version (ex. 28 to 29)"
        - "Fresh Nextcloud Server install"
  - type: dropdown
    id: encryption
@@ -168,7 +167,7 @@ body:
        ./occ config:list system
        ```
        > NOTE: This will be automatically formatted into code for better readability.
-      render: json
+      render: shell
  - type: textarea
    id: apps
    attributes:
@@ -200,10 +199,10 @@ body:
    attributes:
      label: Nextcloud Logs
      description: |
-        Provide relevant Nextcloud log entries (e.g. from the time period you reproduced the problem).
-        Copy full individual entries from `data/nextcloud.log` or use `Copy raw entry` from `/settings/admin/logging` section:
+        Provide Nextcloud logs lines.
+        Copy all contents from `data/nextcloud.log` or a RAW from `/settings/admin/logging` section:
        > NOTE: This will be automatically formatted into code for better readability.
-      render: json
+      render: shell
  - type: textarea
    id: additional-info
    attributes:
@@ -59,20 +59,6 @@ updates:
  reviewers:
    - "nextcloud/server-dependabot"

-# phpunit
- package-ecosystem: composer
-  directory: "/vendor-bin/phpunit"
-  schedule:
-    interval: weekly
-    day: saturday
-    time: "04:40"
-    timezone: Europe/Madrid
-  labels:
-    - "3. to review"
-    - "feature: dependencies"
-  reviewers:
-    - "nextcloud/server-dependabot"
-
 # Main master npm
 - package-ecosystem: npm
  directory: "/"
@@ -114,6 +100,25 @@ updates:
    - "3. to review"
    - "feature: dependencies"

+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: weekly
+    day: saturday
+    time: "03:00"
+    timezone: Europe/Paris
+  target-branch: stable28
+  labels:
+    - "3. to review"
+    - "feature: dependencies"
+  reviewers:
+    - "nextcloud/server-dependabot"
+  ignore:
+    - dependency-name: "*"
+      update-types: ["version-update:semver-major", "version-update:semver-minor"]
+  # Disable automatic rebasing because without a build CI will likely fail anyway
+  rebase-strategy: "disabled"
+
 - package-ecosystem: npm
  directory: "/"
  schedule:
@@ -152,24 +157,23 @@ updates:
  # Disable automatic rebasing because without a build CI will likely fail anyway
  rebase-strategy: "disabled"

- package-ecosystem: npm
-  directory: "/"
+- package-ecosystem: composer
+  directory: "/build/integration"
  schedule:
    interval: weekly
    day: saturday
    time: "03:00"
    timezone: Europe/Paris
-  target-branch: stable31
+  target-branch: stable28
  labels:
    - "3. to review"
    - "feature: dependencies"
  reviewers:
    - "nextcloud/server-dependabot"
  ignore:
+    # ignore all GitHub linguist patch updates
    - dependency-name: "*"
-      update-types: ["version-update:semver-major", "version-update:semver-minor"]
-  # Disable automatic rebasing because without a build CI will likely fail anyway
-  rebase-strategy: "disabled"
+      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]

 - package-ecosystem: composer
  directory: "/build/integration"
@@ -207,24 +211,6 @@ updates:
    - dependency-name: "*"
      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]

- package-ecosystem: composer
-  directory: "/build/integration"
-  schedule:
-    interval: weekly
-    day: saturday
-    time: "03:00"
-    timezone: Europe/Paris
-  target-branch: stable31
-  labels:
-    - "3. to review"
-    - "feature: dependencies"
-  reviewers:
-    - "nextcloud/server-dependabot"
-  ignore:
-    # ignore all GitHub linguist patch updates
-    - dependency-name: "*"
-      update-types: ["version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch"]
-
 # GitHub Actions
 - package-ecosystem: "github-actions"
  directory: "/"
@@ -37,7 +37,7 @@ jobs:
              - 'composer.lock'
              - '**.php'

-  autoloader:
+  autocheckers:
    runs-on: ubuntu-latest

    needs: changes
@@ -51,16 +51,15 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, json, mbstring
          coverage: none
          ini-file: development
        env:
@@ -72,32 +71,6 @@ jobs:
      - name: Check auto loaders
        run: bash ./build/autoloaderchecker.sh

-  autocheckers:
-    runs-on: ubuntu-latest-low
-
-    strategy:
-      matrix:
-        php-versions: ['8.1']
-
-    name: Translation and Files checkers
-
-    steps:
-      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          submodules: true
-
-      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
-        with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
-          coverage: none
-          ini-file: development
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
      - name: Check translations are JSON decodeable
        run: php ./build/translation-checker.php

@@ -114,7 +87,7 @@ jobs:
    permissions:
      contents: none
    runs-on: ubuntu-latest-low
-    needs: [changes, autoloader, autocheckers]
+    needs: [changes, autocheckers]

    if: always()

@@ -122,4 +95,4 @@ jobs:

    steps:
      - name: Summary status
-        run: if ${{ needs.autocheckers.result != 'success' || (needs.changes.outputs.src != 'false' && needs.autoloader.result != 'success') }}; then exit 1; fi
+        run: if ${{ needs.changes.outputs.src != 'false' && needs.autocheckers.result != 'success' }}; then exit 1; fi
@@ -31,7 +31,7 @@ jobs:
              - 'version.php'

      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: 3rdparty commit hash on current branch
        id: actual
@@ -27,7 +27,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - uses: webiny/action-conventional-commits@8bc41ff4e7d423d56fa4905f6ff79209a78776c7 # v1.3.0
        with:
@@ -76,7 +76,7 @@ jobs:
          fi

      - name: Init branch
-        uses: xt0rted/pull-request-comment-branch@e8b8daa837e8ea7331c0003c9c316a64c6d8b0b1 # v3.0.0
+        uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
        id: comment-branch

      - name: Add reaction on failure
@@ -86,7 +86,7 @@ jobs:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
+          reactions: "-1"

  process:
    runs-on: ubuntu-latest
@@ -94,15 +94,14 @@ jobs:

    steps:
      - name: Restore cached git repository
-        uses: buildjet/cache@3e70d19e31d6a8030aeddf6ed8dbe601f94d09f4 # v4.0.2
+        uses: buildjet/cache@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          path: .git
          key: git-repo

      - name: Checkout ${{ needs.init.outputs.head_ref }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: true
          token: ${{ secrets.COMMAND_BOT_PAT }}
          fetch-depth: 0
          ref: ${{ needs.init.outputs.head_ref }}
@@ -120,7 +119,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }}
          cache: npm
@@ -177,4 +176,4 @@ jobs:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
+          reactions: "-1"
@@ -34,11 +34,11 @@ jobs:
          exit 1

      - name: Init branch
-        uses: xt0rted/pull-request-comment-branch@e8b8daa837e8ea7331c0003c9c316a64c6d8b0b1 # v1
+        uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
        id: comment-branch

      - name: Checkout ${{ steps.comment-branch.outputs.head_ref }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          fetch-depth: 0
          token: ${{ secrets.COMMAND_BOT_PAT }}
@@ -41,7 +41,7 @@ jobs:
          exit 1

      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          # We need to checkout submodules for 3rdparty
          submodules: true
@@ -64,7 +64,7 @@ jobs:
          fallbackNpm: "^10"

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -80,7 +80,7 @@ jobs:
        run: npm run cypress:version

      - name: Save context
-        uses: buildjet/cache/save@v4
+        uses: buildjet/cache/save@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          key: cypress-context-${{ github.run_id }}
          path: ./
@@ -103,14 +103,14 @@ jobs:

    steps:
      - name: Restore context
-        uses: buildjet/cache/restore@v4
+        uses: buildjet/cache/restore@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          fail-on-cache-miss: true
          key: cypress-context-${{ github.run_id }}
          path: ./

      - name: Set up node ${{ needs.init.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.init.outputs.nodeVersion }}

@@ -121,7 +121,7 @@ jobs:
        run: ./node_modules/cypress/bin/cypress install

      - name: Run ${{ matrix.containers == 'component' && 'component' || 'E2E' }} cypress tests
-        uses: cypress-io/github-action@9c318d4f950c2f0ff2e96fa4dc4279e5706efd8e # v6.7.14
+        uses: cypress-io/github-action@496e7dc0edc421a9de8a36a31c793340e00c61bf # v6.7.5
        with:
          # We already installed the dependencies in the init job
          install: false
@@ -142,21 +142,19 @@ jobs:
          SPLIT: ${{ matrix.total-containers }}
          SPLIT_INDEX: ${{ matrix.containers == 'component' && 0 || matrix.containers }}

-      - name: Upload snapshots and videos
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+      - name: Upload snapshots
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        if: always()
        with:
-          name: snapshots_videos_${{ matrix.containers }}
-          path: |
-            cypress/snapshots
-            cypress/videos
+          name: snapshots_${{ matrix.containers }}
+          path: cypress/snapshots

      - name: Extract NC logs
        if: failure() && matrix.containers != 'component'
-        run: docker logs nextcloud-cypress-tests_${{ env.APP_NAME }} > nextcloud.log
+        run: docker logs nextcloud-cypress-tests-${{ env.APP_NAME }} > nextcloud.log

      - name: Upload NC logs
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        if: failure() && matrix.containers != 'component'
        with:
          name: nc_logs_${{ matrix.containers }}
@@ -164,10 +162,10 @@ jobs:

      - name: Create data dir archive
        if: failure() && matrix.containers != 'component'
-        run: docker exec nextcloud-cypress-tests_${{ env.APP_NAME }} tar -cvjf - data > data.tar
+        run: docker exec nextcloud-cypress-tests-server tar -cvjf - data > data.tar

      - name: Upload data dir archive
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        if: failure() && matrix.containers != 'component'
        with:
          name: nc_data_${{ matrix.containers }}
@@ -43,7 +43,7 @@ jobs:
      # do not stop on another job's failure
      fail-fast: false
      matrix:
-        php-versions: ['8.1', '8.4']
+        php-versions: ['8.1', '8.3']
        ftpd: ['proftpd', 'vsftpd', 'pure-ftpd']
        include:
          - php-versions: '8.1'
@@ -53,7 +53,7 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

@@ -68,11 +68,11 @@ jobs:
          if [[ "${{ matrix.ftpd }}" == 'pure-ftpd' ]]; then docker run --name ftp -d --net host -e "PUBLICHOST=localhost" -e FTP_USER_NAME=test -e FTP_USER_PASS=test -e FTP_USER_HOME=/home/test -v /tmp/ftp:/home/test -v /tmp/ftp:/etc/pure-ftpd/passwd stilliard/pure-ftpd; fi

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -100,7 +100,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-ftp
@@ -41,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -60,12 +60,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -98,7 +98,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-s3
@@ -135,12 +135,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -165,7 +165,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-s3
@@ -43,7 +43,7 @@ jobs:
      # do not stop on another job's failure
      fail-fast: false
      matrix:
-        php-versions: ['8.1', '8.4']
+        php-versions: ['8.1', '8.3']
        sftpd: ['openssh']
        include:
          - php-versions: '8.1'
@@ -53,7 +53,7 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

@@ -64,11 +64,11 @@ jobs:
          if [[ '${{ matrix.sftpd }}' == 'openssh' ]]; then docker run -p 2222:22 --name sftp -d -v /tmp/sftp:/home/test atmoz/sftp 'test:test:::data'; fi

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -89,7 +89,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-sftp
@@ -34,7 +34,7 @@ jobs:
              - '**.php'

  files-external-smb-kerberos:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    needs: changes

    if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }}
@@ -43,22 +43,16 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Checkout user_saml
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          repository: nextcloud/user_saml
          path: apps/user_saml

-      - name: Install user_saml
-        run: |
-          cd apps/user_saml
-          composer i
-          cd ../..
-
      - name: Pull images
        run: |
          docker pull ghcr.io/icewind1991/samba-krb-test-dc
@@ -41,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.1'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -56,16 +56,16 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, smbclient, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, smbclient, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
          ini-file: development
        env:
@@ -94,7 +94,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v4.1.1
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20 # v4.1.1
        with:
          files: ./clover.xml
          flags: phpunit-files-external-smb
@@ -41,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -56,12 +56,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -91,7 +91,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v4.1.1
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20 # v4.1.1
        with:
          files: ./clover.xml
          flags: phpunit-files-external-webdav
@@ -40,7 +40,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -49,12 +49,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -74,12 +74,12 @@ jobs:
          ./occ app:enable --force files_external

      - name: PHPUnit
-        run: composer run test:files_external -- \
+        run: composer run test:files_external \
          ${{ matrix.coverage && ' --coverage-clover ./clover.xml' || '' }}

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-generic
@@ -51,12 +51,12 @@ jobs:

    steps:
        - name: Checkout server
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
          with:
            submodules: true

        - name: Set up php ${{ matrix.php-versions }}
-          uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+          uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
          with:
            php-version: ${{ matrix.php-versions }}
            # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -99,9 +99,9 @@ jobs:

        - name: Run CalDAVTester
          run: |
-            cp "apps/dav/tests/testsuits/caldavtest/serverinfo-${{ matrix.endpoint }}${{ matrix.endpoint == 'old' && (matrix.service == 'CardDAV' && '-carddav' || '-caldav') || '' }}-endpoint.xml" "apps/dav/tests/testsuits/caldavtest/serverinfo.xml"
+            cp "apps/dav/tests/travis/caldavtest/serverinfo-${{ matrix.endpoint }}${{ matrix.endpoint == 'old' && (matrix.service == 'CardDAV' && '-carddav' || '-caldav') || '' }}-endpoint.xml" "apps/dav/tests/travis/caldavtest/serverinfo.xml"
            pushd CalDAVTester
-            PYTHONPATH="../pycalendar/src" python testcaldav.py --print-details-onfail --basedir "../apps/dav/tests/testsuits/caldavtest" -o cdt.txt \
+            PYTHONPATH="../pycalendar/src" python testcaldav.py --print-details-onfail --basedir "../apps/dav/tests/travis/caldavtest" -o cdt.txt \
              "${{ matrix.service }}/current-user-principal.xml" \
              "${{ matrix.service }}/sync-report.xml" \
              ${{ matrix.endpoint == 'new' && format('{0}/sharing-{1}.xml', matrix.service, matrix.service == 'CalDAV' && 'calendars' || 'addressbooks') || ';' }}
@@ -50,12 +50,12 @@ jobs:

    steps:
        - name: Checkout server
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
          with:
            submodules: true

        - name: Set up php ${{ matrix.php-versions }}
-          uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+          uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
          with:
            php-version: ${{ matrix.php-versions }}
            # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -65,12 +65,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -61,7 +61,6 @@ jobs:
          - 'federation_features'
          - '--tags ~@large files_features'
          - 'filesdrop_features'
-          - 'file_conversions'
          - 'openldap_features'
          - 'openldap_numerical_features'
          - 'ldap_features'
@@ -92,20 +91,20 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Checkout Talk app
        if: ${{ matrix.test-suite == 'videoverification_features' }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          repository: nextcloud/spreed
          path: apps/spreed
          ref: ${{ matrix.spreed-versions }}

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -53,7 +53,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -63,7 +63,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v3
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -48,10 +48,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php8.1
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: 8.1
          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
@@ -47,16 +47,16 @@ jobs:

    strategy:
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
+        php-versions: [ '8.1', '8.2', '8.3' ]

    name: php-lint

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          coverage: none
@@ -1,51 +0,0 @@
-# This workflow is provided via the organization template repository
-#
-# https://github.com/nextcloud/.github
-# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-#
-# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-
-name: Lint stylelint
-
-on: pull_request
-
-permissions:
-  contents: read
-
-concurrency:
-  group: lint-stylelint-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    name: stylelint
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: Read package.json node and npm engines version
-        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
-        id: versions
-        with:
-          fallbackNode: '^20'
-          fallbackNpm: '^10'
-
-      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
-        with:
-          node-version: ${{ steps.versions.outputs.nodeVersion }}
-
-      - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
-        run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
-
-      - name: Install dependencies
-        env:
-          CYPRESS_INSTALL_BINARY: 0
-        run: npm ci
-
-      - name: Lint
-        run: npm run stylelint
@@ -59,7 +59,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -80,10 +80,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -99,7 +99,7 @@ jobs:
        run: npm run test:coverage --if-present

      - name: Collect coverage
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v4.3.1
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20 # v4.3.1
        with:
          files: ./coverage/lcov.info

@@ -114,10 +114,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -142,10 +142,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -53,7 +53,7 @@ jobs:
    name: NPM build
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -63,7 +63,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v3
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -14,9 +14,6 @@ on:
    # At 2:30 on Sundays
    - cron: '30 2 * * 0'

-permissions:
-  contents: read
-
 jobs:
  build:
    runs-on: ubuntu-latest
@@ -24,18 +21,15 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        branches: ['main', 'master', 'stable31', 'stable30', 'stable29']
+        branches: ['main', 'master', 'stable30', 'stable29', 'stable28']

    name: npm-audit-fix-${{ matrix.branches }}

    steps:
      - name: Checkout
-        id: checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          ref: ${{ matrix.branches }}
-        continue-on-error: true

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -45,7 +39,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -57,7 +51,7 @@ jobs:
        uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0

      - name: Run npm ci and npm run build
-        if: steps.checkout.outcome == 'success'
+        if: always()
        env:
          CYPRESS_INSTALL_BINARY: 0
        run: |
@@ -65,8 +59,8 @@ jobs:
          npm run build --if-present

      - name: Create Pull Request
-        if: steps.checkout.outcome == 'success'
-        uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284 # v7.0.7
+        if: always()
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(deps): Fix npm audit'
@@ -69,12 +69,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -105,7 +105,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-azure
@@ -70,12 +70,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -111,7 +111,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-s3
@@ -67,12 +67,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -101,7 +101,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-swift
@@ -26,10 +26,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
          extensions: ctype, curl, dom, fileinfo, gd, json, libxml, mbstring, openssl, pcntl, pdo, posix, session, simplexml, xml, xmlreader, xmlwriter, zip, zlib
@@ -29,16 +29,16 @@ jobs:
          exit 1

      - name: Checkout server before PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true
          ref: ${{ github.event.pull_request.base.ref }}

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: mbstring, fileinfo, intl, sqlite, pdo_sqlite, zip, gd
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

@@ -91,7 +91,7 @@ jobs:

      - name: Upload profiles
        if: always()
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
        with:
          name: profiles
          path: |
@@ -32,7 +32,7 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

@@ -42,7 +42,7 @@ jobs:
          sudo apt-get install -y ffmpeg imagemagick libmagickcore-6.q16-3-extra

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, openssl, pdo_sqlite, posix, sqlite, xml, zip, apcu
@@ -61,8 +61,6 @@ jobs:
          - php-versions: '8.3'
            mariadb-versions: '10.11'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - php-versions: '8.4'
-            mariadb-versions: '11.4'

    name: MariaDB ${{ matrix.mariadb-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -86,12 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -124,7 +122,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mariadb
@@ -55,7 +55,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.3', '8.4']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -71,12 +71,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -101,7 +101,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-memcached
@@ -120,12 +120,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -159,7 +159,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mysql
@@ -61,8 +61,6 @@ jobs:
          - mysql-versions: '8.0'
            php-versions: '8.3'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - mysql-versions: '8.4'
-            php-versions: '8.4'

    name: MySQL ${{ matrix.mysql-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -86,12 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -124,7 +122,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mysql
@@ -57,7 +57,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.3', '8.4']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -73,12 +73,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -106,7 +106,7 @@ jobs:

      - name: Upload nodb code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.nodb.xml
          flags: phpunit-nodb
@@ -1,121 +0,0 @@
-# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: PHPUnit primary object store
-on:
-  pull_request:
-  schedule:
-    - cron: "15 2 * * *"
-
-concurrency:
-  group: phpunit-object-store-primary-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  changes:
-    runs-on: ubuntu-latest-low
-
-    outputs:
-      src: ${{ steps.changes.outputs.src}}
-
-    steps:
-      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        id: changes
-        continue-on-error: true
-        with:
-          filters: |
-            src:
-              - '.github/workflows/**'
-              - '3rdparty/**'
-              - '**/appinfo/**'
-              - '**/lib/**'
-              - '**/templates/**'
-              - '**/tests/**'
-              - 'vendor/**'
-              - 'vendor-bin/**'
-              - '.php-cs-fixer.dist.php'
-              - 'composer.json'
-              - 'composer.lock'
-              - '**.php'
-
-  object-store-primary-tests-minio:
-    runs-on: ubuntu-latest
-    needs: changes
-
-    if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }}
-
-    strategy:
-      # do not stop on another job's failure
-      fail-fast: false
-      matrix:
-        php-versions: ['8.1']
-        key: ['s3', 's3-multibucket']
-
-    name: php${{ matrix.php-versions }}-${{ matrix.key }}-minio
-
-    services:
-      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest
-        ports:
-          - 6379:6379/tcp
-        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
-
-      minio:
-        image: bitnami/minio
-        env:
-          MINIO_ROOT_USER: nextcloud
-          MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
-          MINIO_DEFAULT_BUCKETS: nextcloud
-        ports:
-          - "9000:9000"
-
-    steps:
-      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          submodules: true
-
-      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
-        with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Nextcloud
-        env:
-          OBJECT_STORE: ${{ matrix.key }}
-          OBJECT_STORE_KEY: nextcloud
-          OBJECT_STORE_SECRET: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
-        run: |
-          composer install
-          cp tests/redis.config.php config/
-          cp tests/preseed-config.php config/config.php
-          ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
-          php -f tests/enable_all.php | grep -i -C9999 error && echo "Error during app setup" && exit 1 || exit 0
-
-      - name: Wait for S3
-        run: |
-          sleep 10
-          curl -f -m 1 --retry-connrefused --retry 10 --retry-delay 10 http://localhost:9000/minio/health/ready
-
-      - name: PHPUnit
-        run: composer run test:db
-
-      - name: S3 logs
-        if: always()
-        run: |
-          cat data/nextcloud.log
-          docker ps -a
-          docker ps -aq | while read container ; do IMAGE=$(docker inspect --format='{{.Config.Image}}' $container); echo $IMAGE; docker logs $container; echo "\n\n" ; done
-
-
-  object-store-primary-summary:
-    runs-on: ubuntu-latest-low
-    needs: [changes,object-store-primary-tests-minio]
-
-    if: always()
-
-    steps:
-      - name: Summary status
-        run: if ${{ needs.changes.outputs.src != 'false' && needs.object-store-primary-tests-minio.result != 'success' }}; then exit 1; fi
@@ -66,8 +66,6 @@ jobs:
            php-versions: '8.2'
          - oracle-versions: '23'
            php-versions: '8.3'
-          - oracle-versions: '23'
-            php-versions: '8.4'

    name: Oracle ${{ matrix.oracle-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -98,12 +96,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -129,7 +127,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-oci
@@ -56,14 +56,12 @@ jobs:
    strategy:
      matrix:
        php-versions: ['8.1']
-        # To keep the matrix smaller we ignore PostgreSQL versions in between as we already test the minimum and the maximum
-        postgres-versions: ['13', '17']
+        # To keep the matrix smaller we ignore PostgreSQL '13', '14', and '15' as we already test 12 and 16 as lower and upper bound
+        postgres-versions: ['12', '16']
        include:
          - php-versions: '8.3'
-            postgres-versions: '17'
+            postgres-versions: '16'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - php-versions: '8.4'
-            postgres-versions: '17'

    name: PostgreSQL ${{ matrix.postgres-versions }} (PHP ${{ matrix.php-versions }}) - database tests

@@ -86,12 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -119,7 +117,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-postgres
@@ -55,7 +55,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.2', '8.3', '8.4']
+        php-versions: ['8.2', '8.3']
        include:
          - php-versions: '8.1'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -71,12 +71,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -105,7 +105,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@v5.4.0
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-sqlite
@@ -20,7 +20,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: The get-github-handles-from-website action
-        uses: marcelklehr/get-github-handles-from-website-action@06b2239db0a48fe1484ba0bfd966a3ab81a08308 # v1.0.1
+        uses: marcelklehr/get-github-handles-from-website-action@a739600f6b91da4957f51db0792697afbb2f143c # v1.0.0
        id: scrape
        with:
          website: 'https://nextcloud.com/team/'
@@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

    - name: REUSE Compliance Check
-      uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
+      uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083 # v4.0.0
@@ -27,6 +27,7 @@ jobs:
          for your contributions.
        stale-issue-label: 'stale'
        only-labels: 'needs info'
+        labels-to-remove-when-unstale: 'needs info,stale'
        exempt-issue-labels: '1. to develop,2. developing,3. to review,4. to release,security'
        days-before-stale: 30
        days-before-close: 14
@@ -4,14 +4,6 @@ name: Psalm static code analysis

 on:
  pull_request:
-  push:
-    branches:
-      - main
-      - master
-      - stable*
-    paths:
-      - '.github/workflows/static-code-analysis.yml'
-      - '**.php'

 concurrency:
  group: static-code-analysis-${{ github.head_ref || github.run_id }}
@@ -21,19 +13,19 @@ jobs:
  static-code-analysis:
    runs-on: ubuntu-latest

-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
+    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -42,39 +34,39 @@ jobs:
        run: composer i

      - name: Psalm
-        run: composer run psalm -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif

      - name: Show potential changes in Psalm baseline
        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
+        run: git diff -- . ':!lib/composer'
+
+      - name: Upload Analysis results to GitHub
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif

  static-code-analysis-security:
    runs-on: ubuntu-latest

-    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
-
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none

      - name: Composer install
        run: composer i

      - name: Psalm taint analysis
-        run: composer run psalm:security -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
-
-      - name: Show potential changes in Psalm baseline
-        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis

      - name: Upload Security Analysis results to GitHub
        if: always()
@@ -85,19 +77,17 @@ jobs:
  static-code-analysis-ocp:
    runs-on: ubuntu-latest

-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
-
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -106,34 +96,8 @@ jobs:
        run: composer i

      - name: Psalm
-        run: composer run psalm:ocp -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline

      - name: Show potential changes in Psalm baseline
        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
-
-  static-code-analysis-ncu:
-    runs-on: ubuntu-latest
-
-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          submodules: true
-
-      - name: Set up php
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
-        with:
-          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
-          coverage: none
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Composer install
-        run: composer i
-
-      - name: Psalm
-        run: composer run psalm:ncu -- --threads=1 --monochrome --no-progress --output-format=github
+        run: git diff -- . ':!lib/composer'
@@ -14,12 +14,12 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        branches: ['master', 'stable31', 'stable30', 'stable29',  'stable28',  'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']
+        branches: ['master', 'stable30', 'stable29',  'stable28',  'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']

    name: update-ca-certificate-bundle-${{ matrix.branches }}

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          ref: ${{ matrix.branches }}
          submodules: true
@@ -28,7 +28,7 @@ jobs:
        run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(security): Update CA certificate bundle'
@@ -19,7 +19,7 @@ jobs:
    name: update-code-signing-crl-${{ matrix.branches }}

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
          ref: ${{ matrix.branches }}
          submodules: true
@@ -31,7 +31,7 @@ jobs:
        run: openssl crl -verify -in resources/codesigning/root.crl -CAfile resources/codesigning/root.crt -noout

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(security): Update code signing revocation list'
@@ -1,123 +0,0 @@
-# SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: Update min supported desktop version
-
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: "0 0 * * 1"
-
-jobs:
-  update-minimum-supported-desktop-version:
-    runs-on: ubuntu-latest-low
-
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          submodules: true
-
-      - name: Download desktop client version file from 5 years ago
-        id: download
-        run: |
-          # Create a temporary directory for the downloaded file
-          mkdir -p tmp
-
-          # Download the version file from the provided URL
-          VERSION_FILE_URL="https://github.com/nextcloud/desktop/raw/@%7B5.years.ago%7D/VERSION.cmake"
-
-          # Download the file using curl
-          curl -s -L "$VERSION_FILE_URL" -o tmp/VERSION.cmake
-
-          if [ ! -f "tmp/VERSION.cmake" ]; then
-            echo "Failed to download VERSION.cmake file"
-            exit 1
-          fi
-
-          echo "VERSION_FILE=tmp/VERSION.cmake" >> $GITHUB_OUTPUT
-          echo "Downloaded version file to tmp/VERSION.cmake"
-
-      - name: Extract version info
-        id: extract-version
-        run: |
-          # Path to the downloaded version file
-          VERSION_FILE="${{ steps.download.outputs.VERSION_FILE }}"
-
-          # Extract major, minor, patch versions
-          MAJOR=$(grep "VERSION_MAJOR" $VERSION_FILE | grep -o '[0-9]\+')
-          MINOR=$(grep "VERSION_MINOR" $VERSION_FILE | grep -o '[0-9]\+')
-          PATCH=$(grep "VERSION_PATCH" $VERSION_FILE | grep -o '[0-9]\+')
-
-          # Construct the version string
-          VERSION="$MAJOR.$MINOR.$PATCH"
-
-          # Validate format: xx.xx.xx where each x is a digit
-          if ! [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
-            echo "Error: Extracted version '$VERSION' does not match required format (xx.xx.xx)"
-            exit 1
-          fi
-
-          rm -rf tmp
-
-          echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
-          echo "Extracted Version: $VERSION"
-
-      - name: Update files with new version ${{ steps.extract-version.outputs.VERSION }}
-        id: update-files
-        run: |
-          VERSION="${{ steps.extract-version.outputs.VERSION }}"
-
-          # Define the files to update
-          DAV_FILE="apps/dav/lib/Connector/Sabre/BlockLegacyClientPlugin.php"
-          CONFIG_FILE="config/config.sample.php"
-
-          # Check if files exist
-          if [ ! -f "$DAV_FILE" ]; then
-            echo "Error: DAV file not found at $DAV_FILE"
-            exit 1
-          fi
-
-          if [ ! -f "$CONFIG_FILE" ]; then
-            echo "Error: Config file not found at $CONFIG_FILE"
-            exit 1
-          fi
-
-          # Update the DAV file - replace the version in the specific line
-          sed -i "s/\('minimum\.supported\.desktop\.version', '\)[0-9]\+\.[0-9]\+\.[0-9]\+'/\1$VERSION'/g" "$DAV_FILE"
-          echo "Updated $DAV_FILE"
-
-          # Update the config sample file
-          PREV_VERSION=$(grep "'minimum.supported.desktop.version'" "$CONFIG_FILE" | grep -o '[0-9]\+\.[0-9]\+\.[0-9]\+')
-          sed -i "s/Defaults to \`\`$PREV_VERSION\`\`/Defaults to \`\`$VERSION\`\`/" "$CONFIG_FILE"
-          sed -i "s/'minimum\.supported\.desktop\.version' => '[0-9]\+\.[0-9]\+\.[0-9]\+'/'minimum.supported.desktop.version' => '$VERSION'/g" "$CONFIG_FILE"
-          echo "Updated $CONFIG_FILE"
-
-          # Check if any changes were made
-          if [ -n "$(git diff "$DAV_FILE" "$CONFIG_FILE")" ]; then
-            echo "CHANGES_MADE=true" >> $GITHUB_OUTPUT
-            echo "Changes were made to the files"
-            git diff "$DAV_FILE" "$CONFIG_FILE"
-          else
-            echo "CHANGES_MADE=false" >> $GITHUB_OUTPUT
-            echo "No changes were needed (versions might already be up to date)"
-          fi
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284
-        if: steps.update-files.outputs.CHANGES_MADE == 'true'
-        with:
-          token: ${{ secrets.COMMAND_BOT_PAT }}
-          commit-message: "chore: Update minimum supported desktop version"
-          committer: GitHub <noreply@github.com>
-          author: nextcloud-command <nextcloud-command@users.noreply.github.com>
-          signoff: true
-          branch: "automated/noid/${{ matrix.branches }}-update-min-supported-desktop-version"
-          title: "chore: Update minimum supported desktop version to ${{ steps.extract-version.outputs.VERSION }}"
-          base: "master"
-          body: |
-            Auto-generated update of the minimum supported desktop version using last supported version.
-            https://github.com/nextcloud/desktop/blob/@%7B5.years.ago%7D/VERSION.cmake
-          labels: |
-            client: 💻 desktop
-            automated
-            3. to review
-          reviewers: tobiasKaminsky, camilasan, claucambra
@@ -0,0 +1,52 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+name: Auto approve psalm baseline update
+
+on:
+  pull_request_target:
+    branches:
+      - main
+      - master
+      - stable*
+
+permissions:
+  contents: read
+
+concurrency:
+  group: update-psalm-baseline-approve-merge-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  auto-approve-merge:
+    if: github.actor == 'nextcloud-command'
+    runs-on: ubuntu-latest-low
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write
+      # for alexwilson/enable-github-automerge-action to approve PRs
+      contents: write
+
+    steps:
+      - name: Disabled on forks
+        if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+        run: |
+          echo 'Can not approve PRs from forks'
+          exit 1
+
+      - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0
+        id: branchname
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # GitHub actions bot approve
+      - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
+        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # Enable GitHub auto merge
+      - name: Auto merge
+        uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # main
+        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -0,0 +1,69 @@
+# SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+name: Update Psalm baseline
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "5 2 * * *"
+
+jobs:
+  update-psalm-baseline:
+    runs-on: ubuntu-latest
+
+    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        branches: ['master', 'stable30', 'stable29', 'stable28']
+
+    name: update-psalm-baseline-${{ matrix.branches }}
+
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        with:
+          ref: ${{ matrix.branches }}
+          submodules: true
+
+      - name: Set up php
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
+        with:
+          php-version: '8.1'
+          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          coverage: none
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Composer install
+        run: composer install
+
+      - name: Psalm
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=text --update-baseline
+        continue-on-error: true
+
+      - name: Psalm OCP
+        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+        continue-on-error: true
+
+      - name: Reset composer
+        run: |
+          git clean -f lib/composer
+          git checkout composer.json composer.lock lib/composer
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
+        with:
+          token: ${{ secrets.COMMAND_BOT_PAT }}
+          commit-message: 'chore(tests): Update psalm baseline'
+          committer: GitHub <noreply@github.com>
+          author: nextcloud-command <nextcloud-command@users.noreply.github.com>
+          signoff: true
+          branch: 'automated/noid/${{ matrix.branches }}-update-psalm-baseline'
+          title: '[${{ matrix.branches }}] Update psalm-baseline.xml'
+          body: |
+            Auto-generated update psalm-baseline.xml with fixed psalm warnings
+          labels: |
+            automated pr
+            3. to review
+          team-reviewers: server-backend
@@ -35,7 +35,6 @@
 !/apps/lookup_server_connector
 !/apps/user_ldap
 !/apps/oauth2
-!/apps/profile
 !/apps/provisioning_api
 !/apps/settings
 !/apps/systemtags
@@ -152,7 +151,6 @@ Vagrantfile

 # Tests - auto-generated files
 /data-autotest
-/results.sarif
 /tests/.phpunit.result.cache
 /tests/coverage*
 /tests/css
@@ -15,18 +15,11 @@

  <IfModule mod_env.c>
    # Add security and privacy related headers
+
    # Avoid doubled headers by unsetting headers in "onsuccess" table,
    # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
-
-    <If "%{REQUEST_URI} =~ m#/login$#">
-      # Only on the login page we need any Origin or Referer header set.
-      Header onsuccess unset Referrer-Policy
-      Header always set Referrer-Policy "same-origin"
-    </If>
-    <Else>
-      Header onsuccess unset Referrer-Policy
-      Header always set Referrer-Policy "no-referrer"
-    </Else>
+    Header onsuccess unset Referrer-Policy
+    Header always set Referrer-Policy "no-referrer"

    Header onsuccess unset X-Content-Type-Options
    Header always set X-Content-Type-Options "nosniff"
@@ -56,8 +49,8 @@
    </Else>
  </FilesMatch>

-  # Let browsers cache OTF and WOFF files for a week
-  <FilesMatch "\.(otf|woff2?)$">
+  # Let browsers cache WOFF files for a week
+  <FilesMatch "\.woff2?$">
    Header set Cache-Control "max-age=604800"
  </FilesMatch>
 </IfModule>
@@ -110,10 +103,10 @@
 #  - https://docs.cyberduck.io/mountainduck/issues/fastcgi/
 #  - https://docs.nextcloud.com/server/latest/admin_manual/issues/general_troubleshooting.html#troubleshooting-webdav
 <IfModule mod_setenvif.c>
-  SetEnvIfNoCase Transfer-Encoding "chunked" proxy-sendcl=1
+  SetEnvIf Transfer-Encoding "chunked" proxy-sendcl=1
 </IfModule>

-# Apache disabled the sending of the server-side content-length header
+# Apache disabled the sending of the server-side content-length header 
 # in their 2.4.59 patch updated which breaks some use-cases in Nextcloud.
 # Setting ap_trust_cgilike_cl allows to bring back the usual behaviour.
 # See https://bz.apache.org/bugzilla/show_bug.cgi?id=68973
@@ -116,12 +116,6 @@ source_file = translationfiles/templates/oauth2.pot
 source_lang = en
 type        = PO

-[o:nextcloud:p:nextcloud:r:profile]
-file_filter = translationfiles/<lang>/profile.po
-source_file = translationfiles/templates/profile.pot
-source_lang = en
-type        = PO
-
 [o:nextcloud:p:nextcloud:r:provisioning_api]
 file_filter = translationfiles/<lang>/provisioning_api.po
 source_file = translationfiles/templates/provisioning_api.pot
@@ -559,7 +559,6 @@
 - fnuesse <felix.nuesse@t-online.de>
 - fnuesse <fnuesse@techfak.uni-bielefeld.de>
 - greta <gretadoci@gmail.com>
- - Hector Valcarcel <hmvalcarcel@gmail.com>
 - helix84 <helix84@centrum.sk>
 - hkjolhede <hkjolhede@gmail.com>
 - hoellen <dev@hoellen.eu>
@@ -6,4 +6,4 @@ and our products: “Nextcloud Files”; “Nextcloud Groupware” and “Nextcl
 This set of marks is collectively referred to as the “Nextcloud marks.”

 Use of Nextcloud logos and other marks is only permitted under the guidelines provided by the Nextcloud GmbH.
-A copy can be found at https://nextcloud.com/trademarks/
+A copy can be found at https://discord.com/branding
@@ -0,0 +1,39 @@
+License Agreement for Freepik Content
+
+The Company authorizes the User to download and use the Freepik Content under the terms of this Section (see Section 7 in relation to Sponsored Content). The Company and its licensors reserve all rights over the Freepik Content not expressly granted in this license to the User.
+
+Subject to the fulfillment of these Terms, the Company authorizes the User in a non-transferable, revocable, limited, non-exclusive manner and on a worldwide basis for the duration of the relevant rights; to download, use and modify the Freepik Content, in a device the User owns or controls and only for the purposes and uses allowed in these Terms.
+
+The User may use the Freepik Content (including any derivative work), either using the Freepik Contents in its entirety or using only some or some of its elements, either using the Freepik Contents without modification, combining them with other contents or having previously modified them, being the license granted with respect to the Freepik content, provided that it:
+
+* Does not involve collective use;
+* The Freepik Content is not used in a manner that suggests an association or endorsement of any kind by the Company or the Website;
+* The Freepik Content or any derivative work is not used or included (in whole or in part) in a database, archive or in any other media/stock product, collection, set of clips, or library, for distribution or resale or used in any other way that could prevent or limit future visits or downloads from the Website;
+* Does not resell, assign, transfer or sublicense the Freepik Content or any derived work from the Freepik Content;
+* Does not use the Freepik Content in printed or electronic items (e.g. t-shirts, cups, postcards, birthday or greeting cards, invitations, calendars, web models or electronic devices, apps, NFTs, videogames, advertising spots, audiovisual animations) aimed to be resold, in which the content in the Freepik Content is the main element (because of size, relevance or any other cause, in case of doubt about whether the content is main element, it shall be deemed that the content is main element);
+* Does not use the Freepik Content (totally or partially) in any trademark, or part of the same, which may be used by any other means to guarantee or to imply a guaranty of any product and/or service, unless the Freepik Content used in such cases is modified in such a way as to be a new and different content not confusingly similar with the original Freepik Content or implies a use of the Freepik Content as a template or test, and not as a final item or material;
+* Does not use the Freepik Content (including any caption information, title, keywords or other metadata associated with the Freepik Content) for any machine learning and/or artificial intelligence purposes, or for any technologies designed or intended for the identification of natural persons.
+* Does not make any use of the Freepik Content which might be considered defamatory, libellous, obscene, immoral or illegal, including, without limitation, using it in a way that places any person appearing in the Freepik Content in a negative light or depicts them in a way that they may find offensive such as the use in pornography, advertisements for escort or similar services, political endorsements, birth control products, and;
+* Does not make any use of the Freepik Content to slander, libel or to vilify a person, race, sex, culture, sexual orientation, religion, country, region, town, village or any other place, or any other human group.
+
+When any Freepik Content is marked or identified as for editorial use, or when within the same there are logos, recognizable products, public buildings, public events or images taken in places where recognizable persons appear in the background, the User shall only be entitled to use it for such editorial use. In such cases, the User undertakes not to use that content in any manner that entails any connection with any business activity, the use in economic traffic or advertising, marketing or commercialization of any product or service. The User shall be directly liable and the Company shall not assume any liability as a result of the use for commercial purposes by the User of any content belonging to the Freepik Content, which according to this paragraph should be for editorial use only.
+
+The authorization to use the Freepik Content shall be free provided that any use of the content in the Freepik Content by the User is credited to the Company/Website as stated by the Company from time to time. In order to benefit from the Service or to use the Freepik Content without acknowledging the Company/Website, the User must purchase a premium subscription (hereinafter, the "Premium Subscription") in the Website and download the Freepik Content during the term of any such Premium Subscription. Conditions in Section 10 shall apply to the purchase of the Premium Subscription.
+
+As a general rule, it is forbidden for a User to authorize any third parties to use the Freepik Content (or any modification of any content in the Freepik Content). As an exception to the prohibition, the User may allow third parties to use the Freepik Content, when each and every of the following conditions are met:
+
+* The third party has professionally instructed the User to produce goods or provide services to it/him/her and the User uses a limited number of items within the Freepik Content to produce such goods or provide such services to the instructing third party;
+* The authorization granted by the User to the third party is in writing and complies with every restriction of the User’s authorization to use the relevant Freepik Content and includes, without limitation, a restriction for the third party to distribute, resell or license the relevant content in the Freepik Content (i.e. the third party is the final user of the relevant content in the Freepik Content);
+* None of the contents in the Freepik Content which are subject to the authorization are used as the main element (because of size, relevance or any other cause; in case of doubt about whether the content is the main element, it shall be deemed as the main element) in printed or electronic items (e.g. t-shirts, cups, postcards, birthday or greeting cards, invitations, calendars, web models or electronic devices, apps, NFTs, videogames, advertising spots, audiovisual animations) aimed to be resold by the third party;
+* The production of goods or provision of services by the User to the third party is not done by automatic means, it is tailor-made for the third party (and therefore its use is not authorized by the User to any other third party) and requires a specific substantial human intervention from the User in relation to each third party; and
+* The User -and not the third party- chooses the specific items within the content of the Freepik Content to be used in the production of goods or provision of services for the third party.
+
+When all of the above conditions are met, the User shall be entitled to authorize a third party to use the relevant content in the Freepik Content. This exception refers only to the prohibition for the User to authorize third parties to use the content in the Freepik Content without affecting or limiting in any way the remaining conditions of the User’s right to use the Freepik Content. Whether the above conditions regarding the exception to the prohibition for Users to authorize third parties to use the content in the Freepik Content are met shall be interpreted restrictively so that, in case of doubt, it shall be deemed that the conditions are not met.
+
+The User does not acquire any right as a result of the use of the content in the Freepik Content. In particular, the User is not authorized to distribute, resell or rent any content in the Freepik Content (or any modification of any content in the Freepik Content).
+
+The Company may, at any time, offer any content on the Website under a different license from the one included in this Section (the "Specific License"). The Company will inform on the Website which content is licensed under an Specific License. The Specific License will be made available to the User and will include, without limitation, a description of the license itself, as well as the permitted and prohibited uses in relation to the content. In the event that a particular content is offered under a Specific License, the Specific License shall apply over the general license described in this Section. Notwithstanding the foregoing, all other obligations contained in these Terms shall continue to be binding on the User, unless they conflict with the Specific License, in which case the Specific License shall prevail.
+
+The User’s rights under this Section will end automatically without any notice if the User breaches any of the Terms. In case of termination of the rights hereunder, the User shall cease using content in the Freepik Content and will destroy every copy, whether total or partial, thereof.
+
+A copy can be found at <https://www.freepikcompany.com/legal/#nav-freepik-agreement>
@@ -3,11 +3,11 @@
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

-import { vi } from 'vitest'
+import { jest } from '@jest/globals'

-export const showMessage = vi.fn()
-export const showSuccess = vi.fn()
-export const showWarning = vi.fn()
-export const showInfo = vi.fn()
-export const showError = vi.fn()
-export const showUndo = vi.fn()
+export const showMessage = jest.fn()
+export const showSuccess = jest.fn()
+export const showWarning = jest.fn()
+export const showInfo = jest.fn()
+export const showError = jest.fn()
+export const showUndo = jest.fn()
@@ -3,4 +3,3 @@
 * SPDX-License-Identifier: CC0-1.0
 */
 import '@testing-library/jest-dom/vitest'
-import 'core-js/stable/index.js'
@@ -10,7 +10,7 @@
 	<name>Auditing / Logging</name>
 	<summary>Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions.</summary>
 	<description>Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions.</description>
-	<version>1.22.0</version>
+	<version>1.21.0</version>
 	<licence>agpl</licence>
 	<author>Nextcloud</author>
 	<namespace>AdminAudit</namespace>
@@ -20,7 +20,7 @@
 	<category>monitoring</category>
 	<bugs>https://github.com/nextcloud/server/issues</bugs>
 	<dependencies>
-		<nextcloud min-version="32" max-version="32"/>
+		<nextcloud min-version="31" max-version="31"/>
 	</dependencies>
 	<background-jobs>
 		<job>OCA\AdminAudit\BackgroundJobs\Rotate</job>
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Auditēšana / Žurnalizēšana",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nodrošina Nextcloud žurnalizēšanas iespējas, piemēram, faila piekļuves žurnalizēšanu vai citas sensitīvas darbības."
-},
-"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Auditēšana / Žurnalizēšana",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nodrošina Nextcloud žurnalizēšanas iespējas, piemēram, faila piekļuves žurnalizēšanu vai citas sensitīvas darbības."
-},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);"
-}
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Pengauditan / Pengelogan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kebolehan pengelogan untuk Nextcloud seperti akses fail log atau tindakan sensitif."
-},
-"nplurals=1; plural=0;");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Pengauditan / Pengelogan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kebolehan pengelogan untuk Nextcloud seperti akses fail log atau tindakan sensitif."
-},"pluralForm" :"nplurals=1; plural=0;"
-}
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Auditorias / registos",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou outras ações sensíveis. "
+    "Auditing / Logging" : "Auditorias / Registos",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou demais ações sensíveis. "
 },
 "nplurals=3; plural=(n == 0 || n == 1) ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "Auditorias / registos",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou outras ações sensíveis. "
+    "Auditing / Logging" : "Auditorias / Registos",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou demais ações sensíveis. "
 },"pluralForm" :"nplurals=3; plural=(n == 0 || n == 1) ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;"
 }
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "ئىقتىسادىي تەپتىش / خاتىرىلەش",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nextcloud غا تىزىمغا كىرىش ئىقتىدارى بىلەن تەمىنلەيدۇ ، مەسىلەن ھۆججەتلەرنى زىيارەت قىلىش ياكى باشقا سەزگۈر ھەرىكەتلەر."
-},
-"nplurals=2; plural=(n != 1);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "ئىقتىسادىي تەپتىش / خاتىرىلەش",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nextcloud غا تىزىمغا كىرىش ئىقتىدارى بىلەن تەمىنلەيدۇ ، مەسىلەن ھۆججەتلەرنى زىيارەت قىلىش ياكى باشقا سەزگۈر ھەرىكەتلەر."
-},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Kiểm tra / Nhật ký",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác."
+    "Auditing / Logging" : "‎Kiểm tra / Nhật ký‎",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "‎Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác.‎"
 },
 "nplurals=1; plural=0;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "Kiểm tra / Nhật ký",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác."
+    "Auditing / Logging" : "‎Kiểm tra / Nhật ký‎",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "‎Cung cấp khả năng ghi nhật ký cho Nextcloud, chẳng hạn như ghi nhật ký quyền truy cập tệp hoặc các hành động nhạy cảm khác.‎"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "稽核/記錄",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如紀錄檔存取，或其他敏感操作。"
+    "Auditing / Logging" : "稽核／記錄",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如記錄檔存取或其他敏感操作。"
 },
 "nplurals=1; plural=0;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "稽核/記錄",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如紀錄檔存取，或其他敏感操作。"
+    "Auditing / Logging" : "稽核／記錄",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "提供 Nextcloud 的記錄功能，例如記錄檔存取或其他敏感操作。"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -32,13 +32,16 @@ class Action {
 			if (!isset($params[$element])) {
 				if ($obfuscateParameters) {
 					$this->logger->critical(
-						'$params["' . $element . '"] was missing.',
+						'$params["'.$element.'"] was missing.',
 						['app' => 'admin_audit']
 					);
 				} else {
 					$this->logger->critical(
-						'$params["' . $element . '"] was missing. Transferred value: {params}',
-						['app' => 'admin_audit', 'params' => $params]
+						sprintf(
+							'$params["'.$element.'"] was missing. Transferred value: %s',
+							print_r($params, true)
+						),
+						['app' => 'admin_audit']
 					);
 				}
 				return;
@@ -8,16 +8,16 @@ declare(strict_types=1);
 namespace OCA\AdminAudit\Actions;

 use OC\Files\Node\NonExistingFile;
-use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
 use OCP\Files\Events\Node\BeforeNodeReadEvent;
 use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
+use OCP\Files\Events\Node\BeforeNodeWrittenEvent;
 use OCP\Files\Events\Node\NodeCopiedEvent;
 use OCP\Files\Events\Node\NodeCreatedEvent;
+use OCP\Files\Events\Node\NodeDeletedEvent;
 use OCP\Files\Events\Node\NodeRenamedEvent;
 use OCP\Files\Events\Node\NodeWrittenEvent;
 use OCP\Files\InvalidPathException;
 use OCP\Files\NotFoundException;
-use OCP\Server;
 use Psr\Log\LoggerInterface;

 /**
@@ -28,20 +28,21 @@ use Psr\Log\LoggerInterface;
 class Files extends Action {

 	private array $renamedNodes = [];
-
 	/**
 	 * Logs file read actions
+	 *
+	 * @param BeforeNodeReadEvent $event
 	 */
 	public function read(BeforeNodeReadEvent $event): void {
 		try {
 			$node = $event->getNode();
 			$params = [
 				'id' => $node instanceof NonExistingFile ? null : $node->getId(),
-				'path' => $node->getPath(),
+				'path' => mb_substr($node->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file read: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file read: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -54,14 +55,16 @@ class Files extends Action {

 	/**
 	 * Logs rename actions of files
+	 *
+	 * @param BeforeNodeRenamedEvent $event
 	 */
 	public function beforeRename(BeforeNodeRenamedEvent $event): void {
 		try {
 			$source = $event->getSource();
 			$this->renamedNodes[$source->getId()] = $source;
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file rename: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file rename: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -69,6 +72,8 @@ class Files extends Action {

 	/**
 	 * Logs rename actions of files
+	 *
+	 * @param NodeRenamedEvent $event
 	 */
 	public function afterRename(NodeRenamedEvent $event): void {
 		try {
@@ -76,12 +81,12 @@ class Files extends Action {
 			$originalSource = $this->renamedNodes[$target->getId()];
 			$params = [
 				'newid' => $target->getId(),
-				'oldpath' => $originalSource->getPath(),
-				'newpath' => $target->getPath(),
+				'oldpath' => mb_substr($originalSource->getInternalPath(), 5),
+				'newpath' => mb_substr($target->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file rename: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file rename: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -96,16 +101,18 @@ class Files extends Action {

 	/**
 	 * Logs creation of files
+	 *
+	 * @param NodeCreatedEvent $event
 	 */
 	public function create(NodeCreatedEvent $event): void {
 		try {
 			$params = [
 				'id' => $event->getNode()->getId(),
-				'path' => $event->getNode()->getPath(),
+				'path' => mb_substr($event->getNode()->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file create: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file create: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -121,18 +128,20 @@ class Files extends Action {

 	/**
 	 * Logs copying of files
+	 *
+	 * @param NodeCopiedEvent $event
 	 */
 	public function copy(NodeCopiedEvent $event): void {
 		try {
 			$params = [
 				'oldid' => $event->getSource()->getId(),
 				'newid' => $event->getTarget()->getId(),
-				'oldpath' => $event->getSource()->getPath(),
-				'newpath' => $event->getTarget()->getPath(),
+				'oldpath' => mb_substr($event->getSource()->getInternalPath(), 5),
+				'newpath' => mb_substr($event->getTarget()->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file copy: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file copy: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -145,17 +154,19 @@ class Files extends Action {

 	/**
 	 * Logs writing of files
+	 *
+	 * @param BeforeNodeWrittenEvent $event
 	 */
-	public function write(NodeWrittenEvent $event): void {
+	public function write(BeforeNodeWrittenEvent $event): void {
 		$node = $event->getNode();
 		try {
 			$params = [
-				'id' => $node->getId(),
-				'path' => $node->getPath(),
+				'id' => $node instanceof NonExistingFile ? null : $node->getId(),
+				'path' => mb_substr($node->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file write: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file write: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -171,17 +182,43 @@ class Files extends Action {
 	}

 	/**
-	 * Logs deletions of files
+	 * Logs update of files
+	 *
+	 * @param NodeWrittenEvent $event
 	 */
-	public function delete(BeforeNodeDeletedEvent $event): void {
+	public function update(NodeWrittenEvent $event): void {
 		try {
 			$params = [
 				'id' => $event->getNode()->getId(),
-				'path' => $event->getNode()->getPath(),
+				'path' => mb_substr($event->getNode()->getInternalPath(), 5),
 			];
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file delete: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file update: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			);
+			return;
+		}
+		$this->log(
+			'File with id "%s" updated: "%s"',
+			$params,
+			array_keys($params)
+		);
+	}
+
+	/**
+	 * Logs deletions of files
+	 *
+	 * @param NodeDeletedEvent $event
+	 */
+	public function delete(NodeDeletedEvent $event): void {
+		try {
+			$params = [
+				'id' => $event->getNode()->getId(),
+				'path' => mb_substr($event->getNode()->getInternalPath(), 5),
+			];
+		} catch (InvalidPathException|NotFoundException $e) {
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file delete: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -34,16 +34,16 @@ use OCP\AppFramework\App;
 use OCP\AppFramework\Bootstrap\IBootContext;
 use OCP\AppFramework\Bootstrap\IBootstrap;
 use OCP\AppFramework\Bootstrap\IRegistrationContext;
-use OCP\Authentication\Events\AnyLoginFailedEvent;
 use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
 use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
 use OCP\Console\ConsoleEvent;
 use OCP\EventDispatcher\IEventDispatcher;
-use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
 use OCP\Files\Events\Node\BeforeNodeReadEvent;
 use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
+use OCP\Files\Events\Node\BeforeNodeWrittenEvent;
 use OCP\Files\Events\Node\NodeCopiedEvent;
 use OCP\Files\Events\Node\NodeCreatedEvent;
+use OCP\Files\Events\Node\NodeDeletedEvent;
 use OCP\Files\Events\Node\NodeRenamedEvent;
 use OCP\Files\Events\Node\NodeWrittenEvent;
 use OCP\Group\Events\GroupCreatedEvent;
@@ -57,7 +57,6 @@ use OCP\Preview\BeforePreviewFetchedEvent;
 use OCP\Share;
 use OCP\Share\Events\ShareCreatedEvent;
 use OCP\Share\Events\ShareDeletedEvent;
-use OCP\SystemTag\ManagerEvent;
 use OCP\User\Events\BeforeUserLoggedInEvent;
 use OCP\User\Events\BeforeUserLoggedOutEvent;
 use OCP\User\Events\PasswordUpdatedEvent;
@@ -106,7 +105,6 @@ class Application extends App implements IBootstrap {
 		$context->registerEventListener(UserLoggedInWithCookieEvent::class, AuthEventListener::class);
 		$context->registerEventListener(UserLoggedInEvent::class, AuthEventListener::class);
 		$context->registerEventListener(BeforeUserLoggedOutEvent::class, AuthEventListener::class);
-		$context->registerEventListener(AnyLoginFailedEvent::class, AuthEventListener::class);

 		// File events
 		$context->registerEventListener(BeforePreviewFetchedEvent::class, FileEventListener::class);
@@ -159,7 +157,7 @@ class Application extends App implements IBootstrap {

 	private function tagHooks(IAuditLogger $logger,
 		IEventDispatcher $eventDispatcher): void {
-		$eventDispatcher->addListener(ManagerEvent::EVENT_CREATE, function (ManagerEvent $event) use ($logger): void {
+		$eventDispatcher->addListener(\OCP\SystemTag\ManagerEvent::EVENT_CREATE, function (\OCP\SystemTag\ManagerEvent $event) use ($logger) {
 			$tagActions = new TagManagement($logger);
 			$tagActions->createTag($event->getTag());
 		});
@@ -170,49 +168,56 @@ class Application extends App implements IBootstrap {

 		$eventDispatcher->addListener(
 			BeforeNodeRenamedEvent::class,
-			function (BeforeNodeRenamedEvent $event) use ($fileActions): void {
+			function (BeforeNodeRenamedEvent $event) use ($fileActions) {
 				$fileActions->beforeRename($event);
 			}
 		);

 		$eventDispatcher->addListener(
 			NodeRenamedEvent::class,
-			function (NodeRenamedEvent $event) use ($fileActions): void {
+			function (NodeRenamedEvent $event) use ($fileActions) {
 				$fileActions->afterRename($event);
 			}
 		);

 		$eventDispatcher->addListener(
 			NodeCreatedEvent::class,
-			function (NodeCreatedEvent $event) use ($fileActions): void {
+			function (NodeCreatedEvent $event) use ($fileActions) {
 				$fileActions->create($event);
 			}
 		);

 		$eventDispatcher->addListener(
 			NodeCopiedEvent::class,
-			function (NodeCopiedEvent $event) use ($fileActions): void {
+			function (NodeCopiedEvent $event) use ($fileActions) {
 				$fileActions->copy($event);
 			}
 		);

 		$eventDispatcher->addListener(
-			NodeWrittenEvent::class,
-			function (NodeWrittenEvent $event) use ($fileActions): void {
+			BeforeNodeWrittenEvent::class,
+			function (BeforeNodeWrittenEvent $event) use ($fileActions) {
 				$fileActions->write($event);
 			}
 		);

+		$eventDispatcher->addListener(
+			NodeWrittenEvent::class,
+			function (NodeWrittenEvent $event) use ($fileActions) {
+				$fileActions->update($event);
+			}
+		);
+
 		$eventDispatcher->addListener(
 			BeforeNodeReadEvent::class,
-			function (BeforeNodeReadEvent $event) use ($fileActions): void {
+			function (BeforeNodeReadEvent $event) use ($fileActions) {
 				$fileActions->read($event);
 			}
 		);

 		$eventDispatcher->addListener(
-			BeforeNodeDeletedEvent::class,
-			function (BeforeNodeDeletedEvent $event) use ($fileActions): void {
+			NodeDeletedEvent::class,
+			function (NodeDeletedEvent $event) use ($fileActions) {
 				$fileActions->delete($event);
 			}
 		);
@@ -10,7 +10,6 @@ declare(strict_types=1);
 namespace OCA\AdminAudit\Listener;

 use OCA\AdminAudit\Actions\Action;
-use OCP\Authentication\Events\AnyLoginFailedEvent;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
 use OCP\User\Events\BeforeUserLoggedInEvent;
@@ -19,7 +18,7 @@ use OCP\User\Events\UserLoggedInEvent;
 use OCP\User\Events\UserLoggedInWithCookieEvent;

 /**
- * @template-implements IEventListener<BeforeUserLoggedInEvent|UserLoggedInWithCookieEvent|UserLoggedInEvent|BeforeUserLoggedOutEvent|AnyLoginFailedEvent>
+ * @template-implements IEventListener<BeforeUserLoggedInEvent|UserLoggedInWithCookieEvent|UserLoggedInEvent|BeforeUserLoggedOutEvent>
 */
 class AuthEventListener extends Action implements IEventListener {
 	public function handle(Event $event): void {
@@ -29,8 +28,6 @@ class AuthEventListener extends Action implements IEventListener {
 			$this->userLoggedIn($event);
 		} elseif ($event instanceof BeforeUserLoggedOutEvent) {
 			$this->beforeUserLogout($event);
-		} elseif ($event instanceof AnyLoginFailedEvent) {
-			$this->anyLoginFailed($event);
 		}
 	}

@@ -67,17 +64,4 @@ class AuthEventListener extends Action implements IEventListener {
 			[]
 		);
 	}
-
-	private function anyLoginFailed(AnyLoginFailedEvent $event): void {
-		$this->log(
-			'Login failed: "%s"',
-			[
-				'loginName' => $event->getLoginName()
-			],
-			[
-				'loginName',
-			],
-			true
-		);
-	}
 }
@@ -15,7 +15,6 @@ use OCP\EventDispatcher\IEventListener;
 use OCP\Files\InvalidPathException;
 use OCP\Files\NotFoundException;
 use OCP\Preview\BeforePreviewFetchedEvent;
-use OCP\Server;
 use Psr\Log\LoggerInterface;

 /**
@@ -40,7 +39,7 @@ class FileEventListener extends Action implements IEventListener {
 				'height' => $event->getHeight(),
 				'crop' => $event->isCrop(),
 				'mode' => $event->getMode(),
-				'path' => $file->getPath(),
+				'path' => mb_substr($file->getInternalPath(), 5)
 			];
 			$this->log(
 				'Preview accessed: (id: "%s", width: "%s", height: "%s" crop: "%s", mode: "%s", path: "%s")',
@@ -48,8 +47,8 @@ class FileEventListener extends Action implements IEventListener {
 				array_keys($params)
 			);
 		} catch (InvalidPathException|NotFoundException $e) {
-			Server::get(LoggerInterface::class)->error(
-				'Exception thrown in file preview: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
+			\OCP\Server::get(LoggerInterface::class)->error(
+				'Exception thrown in file preview: '.$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e]
 			);
 			return;
 		}
@@ -1,92 +0,0 @@
-<?php
-
-declare(strict_types=1);
-/**
- * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-namespace OCA\AdminAudit\Tests\Actions;
-
-use OCA\AdminAudit\IAuditLogger;
-use OCA\AdminAudit\Listener\UserManagementEventListener;
-use OCP\IUser;
-use OCP\User\Events\UserChangedEvent;
-use PHPUnit\Framework\MockObject\MockObject;
-use Test\TestCase;
-
-class UserManagementEventListenerTest extends TestCase {
-	private IAuditLogger&MockObject $logger;
-
-	private UserManagementEventListener $listener;
-
-	private MockObject&IUser $user;
-
-	protected function setUp(): void {
-		parent::setUp();
-
-		$this->logger = $this->createMock(IAuditLogger::class);
-		$this->listener = new UserManagementEventListener($this->logger);
-
-		$this->user = $this->createMock(IUser::class);
-		$this->user->method('getUID')->willReturn('alice');
-		$this->user->method('getDisplayName')->willReturn('Alice');
-	}
-
-	public function testSkipUnsupported(): void {
-		$this->logger->expects($this->never())
-			->method('info');
-
-		$event = new UserChangedEvent(
-			$this->user,
-			'unsupported',
-			'value',
-		);
-
-		$this->listener->handle($event);
-	}
-
-	public function testUserEnabled(): void {
-		$this->logger->expects($this->once())
-			->method('info')
-			->with('User enabled: "alice"', ['app' => 'admin_audit']);
-
-		$event = new UserChangedEvent(
-			$this->user,
-			'enabled',
-			true,
-			false,
-		);
-
-		$this->listener->handle($event);
-	}
-
-	public function testUserDisabled(): void {
-		$this->logger->expects($this->once())
-			->method('info')
-			->with('User disabled: "alice"', ['app' => 'admin_audit']);
-
-		$event = new UserChangedEvent(
-			$this->user,
-			'enabled',
-			false,
-			true,
-		);
-
-		$this->listener->handle($event);
-	}
-
-	public function testEmailChanged(): void {
-		$this->logger->expects($this->once())
-			->method('info')
-			->with('Email address changed for user alice', ['app' => 'admin_audit']);
-
-		$event = new UserChangedEvent(
-			$this->user,
-			'eMailAddress',
-			'alice@alice.com',
-			'',
-		);
-
-		$this->listener->handle($event);
-	}
-}
@@ -9,7 +9,7 @@
 	<name>Cloud Federation API</name>
 	<summary>Enable clouds to communicate with each other and exchange data</summary>
 	<description>The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data.</description>
-	<version>1.15.0</version>
+	<version>1.14.0</version>
 	<licence>agpl</licence>
 	<author>Bjoern Schiessle</author>
 	<namespace>CloudFederationAPI</namespace>
@@ -19,6 +19,6 @@
 	<category>integration</category>
 	<bugs>https://github.com/nextcloud/server/issues</bugs>
 	<dependencies>
-		<nextcloud min-version="32" max-version="32"/>
+		<nextcloud min-version="31" max-version="31"/>
 	</dependencies>
 </info>
@@ -1,8 +1,8 @@
 OC.L10N.register(
    "cloud_federation_api",
    {
-    "Cloud Federation API" : "Cloud sammenkoblings API",
+    "Cloud Federation API" : "Cloud Federation API",
    "Enable clouds to communicate with each other and exchange data" : "Gør det muligt for skyer at kommunikere med hinanden og udveksle data",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cloud sammenkoblings API gør det muligt for forskellige Nextcloud-instanser at kommunikere med hinanden og udveksle data."
+    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cloud Federation API gør det muligt for forskellige Nextcloud-instanser at kommunikere med hinanden og udveksle data."
 },
 "nplurals=2; plural=(n != 1);");
@@ -1,6 +1,6 @@
 { "translations": {
-    "Cloud Federation API" : "Cloud sammenkoblings API",
+    "Cloud Federation API" : "Cloud Federation API",
    "Enable clouds to communicate with each other and exchange data" : "Gør det muligt for skyer at kommunikere med hinanden og udveksle data",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cloud sammenkoblings API gør det muligt for forskellige Nextcloud-instanser at kommunikere med hinanden og udveksle data."
+    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cloud Federation API gør det muligt for forskellige Nextcloud-instanser at kommunikere med hinanden og udveksle data."
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -2,7 +2,7 @@ OC.L10N.register(
    "cloud_federation_api",
    {
    "Cloud Federation API" : "Ligeann API Comhdhéanta na Scamaill",
-    "Enable clouds to communicate with each other and exchange data" : "Cumasaigh scamaill cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cuireann API Cloud Federation ar chumas cásanna éagsúla Nextcloud cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú."
+    "Enable clouds to communicate with each other and exchange data" : "Lig dóimhneacht a chur ar chumas na scamaill cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú.",
+    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Ligeann API Comhdhéanta na Scamaill do réimse éagsúil de chásanna Nextcloud cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú."
 },
 "nplurals=5; plural=(n==1 ? 0 : n==2 ? 1 : n<7 ? 2 : n<11 ? 3 : 4);");
@@ -1,6 +1,6 @@
 { "translations": {
    "Cloud Federation API" : "Ligeann API Comhdhéanta na Scamaill",
-    "Enable clouds to communicate with each other and exchange data" : "Cumasaigh scamaill cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cuireann API Cloud Federation ar chumas cásanna éagsúla Nextcloud cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú."
+    "Enable clouds to communicate with each other and exchange data" : "Lig dóimhneacht a chur ar chumas na scamaill cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú.",
+    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Ligeann API Comhdhéanta na Scamaill do réimse éagsúil de chásanna Nextcloud cumarsáid a dhéanamh lena chéile agus sonraí a mhalartú."
 },"pluralForm" :"nplurals=5; plural=(n==1 ? 0 : n==2 ? 1 : n<7 ? 2 : n<11 ? 3 : 4);"
 }
@@ -1,8 +0,0 @@
-OC.L10N.register(
-    "cloud_federation_api",
-    {
-    "Cloud Federation API" : "Cloud Federation API",
-    "Enable clouds to communicate with each other and exchange data" : "클라우드 간 소통과 데이터 교환을 가능케 합니다.",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cloud Federation API는 다양한 Nextcloud 인스턴스가 서로 소통하거나 데이터를 교환할 수 있도록 합니다."
-},
-"nplurals=1; plural=0;");
@@ -1,6 +0,0 @@
-{ "translations": {
-    "Cloud Federation API" : "Cloud Federation API",
-    "Enable clouds to communicate with each other and exchange data" : "클라우드 간 소통과 데이터 교환을 가능케 합니다.",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "Cloud Federation API는 다양한 Nextcloud 인스턴스가 서로 소통하거나 데이터를 교환할 수 있도록 합니다."
-},"pluralForm" :"nplurals=1; plural=0;"
-}
@@ -1,8 +0,0 @@
-OC.L10N.register(
-    "cloud_federation_api",
-    {
-    "Cloud Federation API" : "بۇلۇت فېدېراتسىيەسى API",
-    "Enable clouds to communicate with each other and exchange data" : "بۇلۇتلارنىڭ ئۆز-ئارا ئالاقە قىلىشى ۋە سانلىق مەلۇمات ئالماشتۇرۇشىنى قوزغىتىڭ",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "بۇلۇت فېدېراتسىيەسى API ھەر خىل Nextcloud مىساللىرىنى ئۆز-ئارا ئالاقە قىلىش ۋە سانلىق مەلۇمات ئالماشتۇرۇش ئىمكانىيىتىگە ئىگە قىلىدۇ."
-},
-"nplurals=2; plural=(n != 1);");
@@ -1,6 +0,0 @@
-{ "translations": {
-    "Cloud Federation API" : "بۇلۇت فېدېراتسىيەسى API",
-    "Enable clouds to communicate with each other and exchange data" : "بۇلۇتلارنىڭ ئۆز-ئارا ئالاقە قىلىشى ۋە سانلىق مەلۇمات ئالماشتۇرۇشىنى قوزغىتىڭ",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "بۇلۇت فېدېراتسىيەسى API ھەر خىل Nextcloud مىساللىرىنى ئۆز-ئارا ئالاقە قىلىش ۋە سانلىق مەلۇمات ئالماشتۇرۇش ئىمكانىيىتىگە ئىگە قىلىدۇ."
-},"pluralForm" :"nplurals=2; plural=(n != 1);"
-}
@@ -1,8 +1,8 @@
 OC.L10N.register(
    "cloud_federation_api",
    {
-    "Cloud Federation API" : "雲端聯邦 API",
+    "Cloud Federation API" : "雲端聯盟 API",
    "Enable clouds to communicate with each other and exchange data" : "讓雲端可互相通訊並交換資料",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "雲端聯邦 API 能讓多個 Nextcloud 實體之間，可以互相通訊並交換資料。"
+    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "雲端聯盟 API 讓多個 Nextcloud 站台可以互相通訊並交換資料。"
 },
 "nplurals=1; plural=0;");
@@ -1,6 +1,6 @@
 { "translations": {
-    "Cloud Federation API" : "雲端聯邦 API",
+    "Cloud Federation API" : "雲端聯盟 API",
    "Enable clouds to communicate with each other and exchange data" : "讓雲端可互相通訊並交換資料",
-    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "雲端聯邦 API 能讓多個 Nextcloud 實體之間，可以互相通訊並交換資料。"
+    "The Cloud Federation API enables various Nextcloud instances to communicate with each other and to exchange data." : "雲端聯盟 API 讓多個 Nextcloud 站台可以互相通訊並交換資料。"
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -6,27 +6,20 @@ declare(strict_types=1);
 * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
+
 namespace OCA\CloudFederationAPI;

-use NCU\Security\Signature\Exceptions\IdentityNotFoundException;
-use NCU\Security\Signature\Exceptions\SignatoryException;
-use OC\OCM\OCMSignatoryManager;
 use OCP\Capabilities\ICapability;
-use OCP\IAppConfig;
 use OCP\IURLGenerator;
 use OCP\OCM\Exceptions\OCMArgumentException;
 use OCP\OCM\IOCMProvider;
-use Psr\Log\LoggerInterface;

 class Capabilities implements ICapability {
-	public const API_VERSION = '1.1'; // informative, real version.
+	public const API_VERSION = '1.0-proposal1';

 	public function __construct(
 		private IURLGenerator $urlGenerator,
-		private IAppConfig $appConfig,
 		private IOCMProvider $provider,
-		private readonly OCMSignatoryManager $ocmSignatoryManager,
-		private readonly LoggerInterface $logger,
 	) {
 	}

@@ -35,20 +28,15 @@ class Capabilities implements ICapability {
 	 *
 	 * @return array{
 	 *     ocm: array{
-	 *     	   apiVersion: '1.0-proposal1',
 	 *         enabled: bool,
+	 *         apiVersion: string,
 	 *         endPoint: string,
-	 *         publicKey: array{
-	 *             keyId: string,
-	 *             publicKeyPem: string,
-	 *         },
-	 *         resourceTypes: list<array{
+	 *         resourceTypes: array{
 	 *             name: string,
-	 *             shareTypes: list<string>,
+	 *             shareTypes: string[],
 	 *             protocols: array<string, string>
-	 *         }>,
-	 *         version: string
-	 *     }
+	 *           }[],
+	 *       },
 	 * }
 	 * @throws OCMArgumentException
 	 */
@@ -72,21 +60,6 @@ class Capabilities implements ICapability {

 		$this->provider->addResourceType($resource);

-		// Adding a public key to the ocm discovery
-		try {
-			if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
-				/**
-				 * @experimental 31.0.0
-				 * @psalm-suppress UndefinedInterfaceMethod
-				 */
-				$this->provider->setSignatory($this->ocmSignatoryManager->getLocalSignatory());
-			} else {
-				$this->logger->debug('ocm public key feature disabled');
-			}
-		} catch (SignatoryException|IdentityNotFoundException $e) {
-			$this->logger->warning('cannot generate local signatory', ['exception' => $e]);
-		}
-
-		return ['ocm' => json_decode(json_encode($this->provider->jsonSerialize()), true)];
+		return ['ocm' => $this->provider->jsonSerialize()];
 	}
 }
@@ -16,9 +16,11 @@ use OCP\Federation\ICloudFederationProviderManager;
 */
 class Config {

-	public function __construct(
-		private ICloudFederationProviderManager $cloudFederationProviderManager,
-	) {
+	/** @var ICloudFederationProviderManager */
+	private $cloudFederationProviderManager;
+
+	public function __construct(ICloudFederationProviderManager $cloudFederationProviderManager) {
+		$this->cloudFederationProviderManager = $cloudFederationProviderManager;
 	}

 	/**
@@ -5,18 +5,8 @@
 */
 namespace OCA\CloudFederationAPI\Controller;

-use NCU\Federation\ISignedCloudFederationProvider;
-use NCU\Security\Signature\Exceptions\IdentityNotFoundException;
-use NCU\Security\Signature\Exceptions\IncomingRequestException;
-use NCU\Security\Signature\Exceptions\SignatoryNotFoundException;
-use NCU\Security\Signature\Exceptions\SignatureException;
-use NCU\Security\Signature\Exceptions\SignatureNotFoundException;
-use NCU\Security\Signature\IIncomingSignedRequest;
-use NCU\Security\Signature\ISignatureManager;
-use OC\OCM\OCMSignatoryManager;
 use OCA\CloudFederationAPI\Config;
 use OCA\CloudFederationAPI\ResponseDefinitions;
-use OCA\FederatedFileSharing\AddressHandler;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\BruteForceProtection;
@@ -32,13 +22,11 @@ use OCP\Federation\Exceptions\ProviderDoesNotExistsException;
 use OCP\Federation\ICloudFederationFactory;
 use OCP\Federation\ICloudFederationProviderManager;
 use OCP\Federation\ICloudIdManager;
-use OCP\IAppConfig;
 use OCP\IGroupManager;
 use OCP\IRequest;
 use OCP\IURLGenerator;
 use OCP\IUserManager;
 use OCP\Share\Exceptions\ShareNotFound;
-use OCP\Util;
 use Psr\Log\LoggerInterface;

 /**
@@ -61,12 +49,8 @@ class RequestHandlerController extends Controller {
 		private IURLGenerator $urlGenerator,
 		private ICloudFederationProviderManager $cloudFederationProviderManager,
 		private Config $config,
-		private readonly AddressHandler $addressHandler,
-		private readonly IAppConfig $appConfig,
 		private ICloudFederationFactory $factory,
-		private ICloudIdManager $cloudIdManager,
-		private readonly ISignatureManager $signatureManager,
-		private readonly OCMSignatoryManager $signatoryManager,
+		private ICloudIdManager $cloudIdManager
 	) {
 		parent::__construct($appName, $request);
 	}
@@ -82,7 +66,7 @@ class RequestHandlerController extends Controller {
 	 * @param string|null $ownerDisplayName Display name of the user who shared the item
 	 * @param string|null $sharedBy Provider specific UID of the user who shared the resource
 	 * @param string|null $sharedByDisplayName Display name of the user who shared the resource
-	 * @param array{name: list<string>, options: array<string, mixed>} $protocol e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]]
+	 * @param array{name: string[], options: array<string, mixed>} $protocol e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]]
 	 * @param string $shareType 'group' or 'user' share
 	 * @param string $resourceType 'file', 'calendar',...
 	 *
@@ -96,20 +80,11 @@ class RequestHandlerController extends Controller {
 	#[NoCSRFRequired]
 	#[BruteForceProtection(action: 'receiveFederatedShare')]
 	public function addShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) {
-		try {
-			// if request is signed and well signed, no exception are thrown
-			// if request is not signed and host is known for not supporting signed request, no exception are thrown
-			$signedRequest = $this->getSignedRequest();
-			$this->confirmSignedOrigin($signedRequest, 'owner', $owner);
-		} catch (IncomingRequestException $e) {
-			$this->logger->warning('incoming request exception', ['exception' => $e]);
-			return new JSONResponse(['message' => $e->getMessage(), 'validationErrors' => []], Http::STATUS_BAD_REQUEST);
-		}
-
 		// check if all required parameters are set
 		if ($shareWith === null ||
 			$name === null ||
 			$providerId === null ||
+			$owner === null ||
 			$resourceType === null ||
 			$shareType === null ||
 			!is_array($protocol) ||
@@ -247,16 +222,6 @@ class RequestHandlerController extends Controller {
 			);
 		}

-		try {
-			// if request is signed and well signed, no exception are thrown
-			// if request is not signed and host is known for not supporting signed request, no exception are thrown
-			$signedRequest = $this->getSignedRequest();
-			$this->confirmNotificationIdentity($signedRequest, $resourceType, $notification);
-		} catch (IncomingRequestException $e) {
-			$this->logger->warning('incoming request exception', ['exception' => $e]);
-			return new JSONResponse(['message' => $e->getMessage(), 'validationErrors' => []], Http::STATUS_BAD_REQUEST);
-		}
-
 		try {
 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);
 			$result = $provider->notificationReceived($notificationType, $providerId, $notification);
@@ -290,7 +255,6 @@ class RequestHandlerController extends Controller {
 			$response->throttle();
 			return $response;
 		} catch (\Exception $e) {
-			$this->logger->warning('incoming notification exception', ['exception' => $e]);
 			return new JSONResponse(
 				[
 					'message' => 'Internal error at ' . $this->urlGenerator->getBaseUrl(),
@@ -312,7 +276,7 @@ class RequestHandlerController extends Controller {
 	private function mapUid($uid) {
 		// FIXME this should be a method in the user management instead
 		$this->logger->debug('shareWith before, ' . $uid, ['app' => $this->appName]);
-		Util::emitHook(
+		\OCP\Util::emitHook(
 			'\OCA\Files_Sharing\API\Server2Server',
 			'preLoginNameUsedAsUserName',
 			['uid' => &$uid]
@@ -321,147 +285,4 @@ class RequestHandlerController extends Controller {

 		return $uid;
 	}
-
-
-	/**
-	 * returns signed request if available.
-	 * throw an exception:
-	 * - if request is signed, but wrongly signed
-	 * - if request is not signed but instance is configured to only accept signed ocm request
-	 *
-	 * @return IIncomingSignedRequest|null null if remote does not (and never did) support signed request
-	 * @throws IncomingRequestException
-	 */
-	private function getSignedRequest(): ?IIncomingSignedRequest {
-		try {
-			$signedRequest = $this->signatureManager->getIncomingSignedRequest($this->signatoryManager);
-			$this->logger->debug('signed request available', ['signedRequest' => $signedRequest]);
-			return $signedRequest;
-		} catch (SignatureNotFoundException|SignatoryNotFoundException $e) {
-			$this->logger->debug('remote does not support signed request', ['exception' => $e]);
-			// remote does not support signed request.
-			// currently we still accept unsigned request until lazy appconfig
-			// core.enforce_signed_ocm_request is set to true (default: false)
-			if ($this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_ENFORCED, lazy: true)) {
-				$this->logger->notice('ignored unsigned request', ['exception' => $e]);
-				throw new IncomingRequestException('Unsigned request');
-			}
-		} catch (SignatureException $e) {
-			$this->logger->warning('wrongly signed request', ['exception' => $e]);
-			throw new IncomingRequestException('Invalid signature');
-		}
-		return null;
-	}
-
-
-	/**
-	 * confirm that the value related to $key entry from the payload is in format userid@hostname
-	 * and compare hostname with the origin of the signed request.
-	 *
-	 * If request is not signed, we still verify that the hostname from the extracted value does,
-	 * actually, not support signed request
-	 *
-	 * @param IIncomingSignedRequest|null $signedRequest
-	 * @param string $key entry from data available in data
-	 * @param string $value value itself used in case request is not signed
-	 *
-	 * @throws IncomingRequestException
-	 */
-	private function confirmSignedOrigin(?IIncomingSignedRequest $signedRequest, string $key, string $value): void {
-		if ($signedRequest === null) {
-			$instance = $this->getHostFromFederationId($value);
-			try {
-				$this->signatureManager->getSignatory($instance);
-				throw new IncomingRequestException('instance is supposed to sign its request');
-			} catch (SignatoryNotFoundException) {
-				return;
-			}
-		}
-
-		$body = json_decode($signedRequest->getBody(), true) ?? [];
-		$entry = trim($body[$key] ?? '', '@');
-		if ($this->getHostFromFederationId($entry) !== $signedRequest->getOrigin()) {
-			throw new IncomingRequestException('share initiation (' . $signedRequest->getOrigin() . ') from different instance (' . $entry . ') [key=' . $key . ']');
-		}
-	}
-
-	/**
-	 *  confirm identity of the remote instance on notification, based on the share token.
-	 *
-	 *  If request is not signed, we still verify that the hostname from the extracted value does,
-	 *  actually, not support signed request
-	 *
-	 * @param IIncomingSignedRequest|null $signedRequest
-	 * @param string $resourceType
-	 * @param string $sharedSecret
-	 *
-	 * @throws IncomingRequestException
-	 * @throws BadRequestException
-	 */
-	private function confirmNotificationIdentity(
-		?IIncomingSignedRequest $signedRequest,
-		string $resourceType,
-		array $notification,
-	): void {
-		$sharedSecret = $notification['sharedSecret'] ?? '';
-		if ($sharedSecret === '') {
-			throw new BadRequestException(['sharedSecret']);
-		}
-
-		try {
-			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType);
-			if ($provider instanceof ISignedCloudFederationProvider) {
-				$identity = $provider->getFederationIdFromSharedSecret($sharedSecret, $notification);
-			} else {
-				$this->logger->debug('cloud federation provider {provider} does not implements ISignedCloudFederationProvider', ['provider' => $provider::class]);
-				return;
-			}
-		} catch (\Exception $e) {
-			throw new IncomingRequestException($e->getMessage());
-		}
-
-		$this->confirmNotificationEntry($signedRequest, $identity);
-	}
-
-
-	/**
-	 * @param IIncomingSignedRequest|null $signedRequest
-	 * @param string $entry
-	 *
-	 * @return void
-	 * @throws IncomingRequestException
-	 */
-	private function confirmNotificationEntry(?IIncomingSignedRequest $signedRequest, string $entry): void {
-		$instance = $this->getHostFromFederationId($entry);
-		if ($signedRequest === null) {
-			try {
-				$this->signatureManager->getSignatory($instance);
-				throw new IncomingRequestException('instance is supposed to sign its request');
-			} catch (SignatoryNotFoundException) {
-				return;
-			}
-		} elseif ($instance !== $signedRequest->getOrigin()) {
-			throw new IncomingRequestException('remote instance ' . $instance . ' not linked to origin ' . $signedRequest->getOrigin());
-		}
-	}
-
-	/**
-	 * @param string $entry
-	 * @return string
-	 * @throws IncomingRequestException
-	 */
-	private function getHostFromFederationId(string $entry): string {
-		if (!str_contains($entry, '@')) {
-			throw new IncomingRequestException('entry ' . $entry . ' does not contains @');
-		}
-		$rightPart = substr($entry, strrpos($entry, '@') + 1);
-
-		// in case the full scheme is sent; getting rid of it
-		$rightPart = $this->addressHandler->removeProtocolFromUrl($rightPart);
-		try {
-			return $this->signatureManager->extractIdentityFromUri('https://' . $rightPart);
-		} catch (IdentityNotFoundException) {
-			throw new IncomingRequestException('invalid host within federation id: ' . $entry);
-		}
-	}
 }
@@ -20,10 +20,10 @@ namespace OCA\CloudFederationAPI;
 * }
 *
 * @psalm-type CloudFederationAPIValidationError = CloudFederationAPIError&array{
- *     validationErrors: list<array{
+ *     validationErrors: array{
 *          name: string,
 *          message: string|null,
- *     }>,
+ *     }[],
 * }
 */
 class ResponseDefinitions {
@@ -43,40 +43,20 @@
                    "ocm": {
                        "type": "object",
                        "required": [
-                            "apiVersion",
                            "enabled",
+                            "apiVersion",
                            "endPoint",
-                            "publicKey",
-                            "resourceTypes",
-                            "version"
+                            "resourceTypes"
                        ],
                        "properties": {
-                            "apiVersion": {
-                                "type": "string",
-                                "enum": [
-                                    "1.0-proposal1"
-                                ]
-                            },
                            "enabled": {
                                "type": "boolean"
                            },
-                            "endPoint": {
+                            "apiVersion": {
                                "type": "string"
                            },
-                            "publicKey": {
-                                "type": "object",
-                                "required": [
-                                    "keyId",
-                                    "publicKeyPem"
-                                ],
-                                "properties": {
-                                    "keyId": {
-                                        "type": "string"
-                                    },
-                                    "publicKeyPem": {
-                                        "type": "string"
-                                    }
-                                }
+                            "endPoint": {
+                                "type": "string"
                            },
                            "resourceTypes": {
                                "type": "array",
@@ -105,9 +85,6 @@
                                        }
                                    }
                                }
-                            },
-                            "version": {
-                                "type": "string"
                            }
                        }
                    }
@@ -10,7 +10,7 @@
 	<name>Comments</name>
 	<summary>Files app plugin to add comments to files</summary>
 	<description>Files app plugin to add comments to files</description>
-	<version>1.22.0</version>
+	<version>1.21.0</version>
 	<licence>agpl</licence>
 	<author>Arthur Schiwon</author>
 	<author>Vincent Petry</author>
@@ -21,7 +21,7 @@
 	<category>social</category>
 	<bugs>https://github.com/nextcloud/server/issues</bugs>
 	<dependencies>
-		<nextcloud min-version="32" max-version="32"/>
+		<nextcloud min-version="31" max-version="31"/>
 	</dependencies>

 	<activity>
@@ -19,18 +19,19 @@ OC.L10N.register(
    "New comment" : "تعليق جديد",
    "Write a comment …" : "أكتُب تعليق ...",
    "Post comment" : "أضف تعليق",
-    "@ for mentions, : for emoji, / for smart picker" : "@ للإشارات : للإيموجي  / للاقط الذكي",
+    "@ for mentions, : for emoji, / for smart picker" : "@ للإشارات،    : للإيموجي،    / للاقط الذكي",
    "Could not reload comments" : "تعذّرت إعادة تحميل التعليقات",
-    "Failed to mark comments as read" : "فشل في تعيين ملاحظات كمقرؤة",
-    "Unable to load the comments list" : "تعذر تحميل قائمة التعليقات",
    "No comments yet, start the conversation!" : "لا توجد تعليقات, ابدأ النقاش الآن!",
    "No more messages" : "لامزيد من الرسائل",
    "Retry" : "أعد المحاولة",
+    "Failed to mark comments as read" : "إخفاق في تعيين ملاحظات كمقرؤة",
+    "Unable to load the comments list" : "تعذر تحميل قائمة التعليقات",
    "_1 new comment_::_{unread} new comments_" : ["1 تعليق جديد","1 تعليق جديد","{unread} تعليقات جديدة","{unread} تعليقات جديدة","{unread} تعليقات جديدة","{unread} تعليقات جديدة"],
    "Comment" : "تعليق",
    "An error occurred while trying to edit the comment" : "حدث خطأ أثناء محاولة تعديل التعليق",
    "Comment deleted" : "التعليق محذوف",
    "An error occurred while trying to delete the comment" : "حدث خطأ أثناء محاولة حذف التعليق",
-    "An error occurred while trying to create the comment" : "حدث خطأ أثناء محاولة إنشاء التعليق"
+    "An error occurred while trying to create the comment" : "حدث خطأ أثناء محاولة إنشاء التعليق",
+    "You were mentioned on \"{file}\", in a comment by a user that has since been deleted" : "تمت الإشارة إليك في \"{file}\" في تعليق لمستخدم. لكن هذا المستخدم تم حذف حسابه بعدها"
 },
 "nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;");
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Christopher Ng	5f0a45ee1c	chore(files): Adapt to moved payload Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-09-13 17:31:25 -07:00
Christopher Ng	fb87dc331b	chore(files): Provide old node on moved Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-09-13 17:31:25 -07:00