chore(files): Adapt to moved payload

Signed-off-by: Christopher Ng <chrng8@gmail.com>
chore(files): Provide old node on moved
2024-09-13 17:31:25 -07:00 · 2024-09-13 17:31:25 -07:00
8332 changed files with 261244 additions and 293281 deletions
@@ -1,3 +0,0 @@
-watch_file lib/versioncheck.php
-watch_file package.json
-use flake
@@ -35,9 +35,6 @@ module.exports = {
 		jsdoc: {
 			mode: 'typescript',
 		},
-		'import/resolver': {
-			typescript: {}, // this loads <rootdir>/tsconfig.json to eslint
-		},
 	},
 	overrides: [
 		// Allow any in tests
@@ -46,6 +43,6 @@ module.exports = {
 			rules: {
 				'@typescript-eslint/no-explicit-any': 'warn',
 			},
-		},
+		}
 	],
 }
@@ -11,7 +11,3 @@ aa5f037af71c915424c6dcfd5ad2dc82797dc0d6
 af6de04e9e141466dc229e444ff3f146f4a34765
 0bd284cb81b6866338aaaa67aa1d81ef9bfbb2ab
 8af7ecb2576071f170ecbb0aa2311b26581e40e2
-# Update to coding-standard 1.3.1
-9836e9b16484582d309c8437ab46d82e34956941
-# Automated refactorings
-49dd79eabb2b8902559a7a4e8f8fcad54f46b604
@@ -2,18 +2,14 @@
 /apps/admin_audit/appinfo/info.xml            @luka-nextcloud @blizzz
 /apps/cloud_federation_api/appinfo/info.xml   @mejo-
 /apps/comments/appinfo/info.xml               @edward-ly @Pytal
-/apps/contactsinteraction/appinfo/info.xml    @kesselb @SebastianKrupinski
-/apps/contactsinteraction/lib                 @kesselb @SebastianKrupinski
-/apps/contactsinteraction/tests               @kesselb @SebastianKrupinski
-/apps/dashboard/appinfo/info.xml              @julien-nc @juliusknorr
-/apps/dav/lib/CalDAV                          @st3iny @SebastianKrupinski @tcitworld
-/apps/dav/lib/CardDAV                         @hamza221 @SebastianKrupinski
-/apps/dav/tests/unit/CalDAV                   @st3iny @SebastianKrupinski @tcitworld
-/apps/dav/tests/unit/CardDAV                  @hamza221 @SebastianKrupinski
+/apps/contactsinteraction/appinfo/info.xml    @kesselb @miaulalala @ChristophWurst @GretaD @hamza221 @st3iny
+/apps/dashboard/appinfo/info.xml              @julien-nc @juliushaertl
+/apps/dav/lib/CalDAV                          @ChristophWurst @miaulalala @tcitworld
+/apps/dav/lib/CardDAV                         @ChristophWurst @miaulalala @tcitworld
 /apps/encryption/appinfo/info.xml             @come-nc @icewind1991
 /apps/federatedfilesharing/appinfo/info.xml   @icewind1991 @danxuliu
-/apps/federation/appinfo/info.xml             @nfebe
-/apps/files/appinfo/info.xml                  @skjnldsv @Pytal @ArtificialOwl @come-nc @artonge @icewind1991 @szaimen @susnux @nfebe
+/apps/federation/appinfo/info.xml             @datenangebot
+/apps/files/appinfo/info.xml                  @skjnldsv @Pytal @ArtificialOwl @come-nc @artonge @icewind1991 @szaimen @susnux @Fenn-CS
 /apps/files_external/appinfo/info.xml         @icewind1991 @artonge
 /apps/files_reminders/appinfo/info.xml        @Pytal
 /apps/files_sharing/appinfo/info.xml          @skjnldsv @come-nc
@@ -24,14 +20,14 @@
 /apps/settings/appinfo/info.xml               @Pytal @JuliaKirschenheuter
 /apps/sharebymail/appinfo/info.xml            @Altahrim
 /apps/systemtags/appinfo/info.xml             @Antreesy @marcelklehr
-/apps/theming/appinfo/info.xml                @skjnldsv @juliusknorr
+/apps/theming/appinfo/info.xml                @skjnldsv @juliushaertl
 /apps/twofactor_backupcodes/appinfo/info.xml  @st3iny @miaulalala @ChristophWurst
 /apps/updatenotification/appinfo/info.xml     @Pytal @JuliaKirschenheuter
 /apps/user_ldap/appinfo/info.xml              @come-nc @blizzz
 /apps/user_status/appinfo/info.xml            @Antreesy @nickvergessen
-/apps/weather_status/appinfo/info.xml         @julien-nc @juliusknorr
+/apps/weather_status/appinfo/info.xml         @julien-nc @juliushaertl
 /apps/webhook_listeners/appinfo/info.xml      @come-nc @julien-nc
-/apps/workflowengine/appinfo/info.xml         @blizzz @juliusknorr
+/apps/workflowengine/appinfo/info.xml         @blizzz @juliushaertl

 # Frontend expertise
 /apps/files/src*                  @skjnldsv
@@ -41,9 +37,9 @@
 /apps/files_trashbin/src*         @skjnldsv

 # Security team
-/build/psalm-baseline-security.xml  @nickvergessen
 /resources/codesigning              @mgallien @miaulalala @nickvergessen
-/resources/config/ca-bundle.crt     @miaulalala @nickvergessen
+/resources/config/ca-bundle.crt     @ChristophWurst @miaulalala @nickvergessen
+/.drone.yml                         @nickvergessen

 # Two-Factor Authentication
 # https://github.com/nextcloud/wg-two-factor-authentication#members
@@ -69,14 +65,6 @@ ResponseDefinitions.php @provokateurin
 /lib/public/Talk                    @nickvergessen
 /lib/public/UserStatus              @nickvergessen

-# Groupware
-/build/integration/dav_features/caldav.feature   @st3iny @SebastianKrupinski @tcitworld
-/build/integration/dav_features/carddav.feature  @hamza221 @SebastianKrupinski
-/lib/private/Calendar                            @st3iny @SebastianKrupinski @tcitworld
-/lib/private/Contacts                            @hamza221 @SebastianKrupinski
-/lib/public/Calendar                             @st3iny @SebastianKrupinski @tcitworld
-/lib/public/Contacts                             @hamza221 @SebastianKrupinski
-
 # Personal interest
 */Activity/*                        @nickvergessen
 */Notifications/*                   @nickvergessen
@@ -48,7 +48,7 @@ In some areas unit testing is hard (aka almost impossible) as of today - in thes

 ### Sign your work

-We use the Developer Certificate of Origin (DCO) as an additional safeguard
+We use the Developer Certificate of Origin (DCO) as a additional safeguard
 for the Nextcloud project. This is a well established and widely used
 mechanism to assure contributors have confirmed their right to license
 their contribution under the project's license.
@@ -72,7 +72,6 @@ body:
      options:
        - "28"
        - "29"
-        - "30"
        - "master"
    validations:
      required: true
@@ -168,7 +167,7 @@ body:
        ./occ config:list system
        ```
        > NOTE: This will be automatically formatted into code for better readability.
-      render: json
+      render: shell
  - type: textarea
    id: apps
    attributes:
@@ -200,10 +199,10 @@ body:
    attributes:
      label: Nextcloud Logs
      description: |
-        Provide relevant Nextcloud log entries (e.g. from the time period you reproduced the problem).
-        Copy full individual entries from `data/nextcloud.log` or use `Copy raw entry` from `/settings/admin/logging` section:
+        Provide Nextcloud logs lines.
+        Copy all contents from `data/nextcloud.log` or a RAW from `/settings/admin/logging` section:
        > NOTE: This will be automatically formatted into code for better readability.
-      render: json
+      render: shell
  - type: textarea
    id: additional-info
    attributes:
@@ -59,20 +59,6 @@ updates:
  reviewers:
    - "nextcloud/server-dependabot"

-# phpunit
- package-ecosystem: composer
-  directory: "/vendor-bin/phpunit"
-  schedule:
-    interval: weekly
-    day: saturday
-    time: "04:40"
-    timezone: Europe/Madrid
-  labels:
-    - "3. to review"
-    - "feature: dependencies"
-  reviewers:
-    - "nextcloud/server-dependabot"
-
 # Main master npm
 - package-ecosystem: npm
  directory: "/"
@@ -21,5 +21,3 @@
 - [ ] Screenshots before/after for front-end changes
 - [ ] Documentation ([manuals](https://github.com/nextcloud/documentation/) or wiki) has been updated or is not required
 - [ ] [Backports requested](https://github.com/nextcloud/backportbot/#usage) where applicable (ex: critical bugfixes)
- [ ] [Labels added](https://github.com/nextcloud/server/labels) where applicable (ex: bug/enhancement, `3. to review`, feature component)
- [ ] [Milestone added](https://github.com/nextcloud/server/milestones) for target branch/version (ex: 32.x for `stable32`)
@@ -37,7 +37,7 @@ jobs:
              - 'composer.lock'
              - '**.php'

-  autoloader:
+  autocheckers:
    runs-on: ubuntu-latest

    needs: changes
@@ -51,16 +51,15 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, json, mbstring
          coverage: none
          ini-file: development
        env:
@@ -72,32 +71,6 @@ jobs:
      - name: Check auto loaders
        run: bash ./build/autoloaderchecker.sh

-  autocheckers:
-    runs-on: ubuntu-latest-low
-
-    strategy:
-      matrix:
-        php-versions: ['8.1']
-
-    name: Translation and Files checkers
-
-    steps:
-      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          submodules: true
-
-      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 #v2.32.0
-        with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
-          coverage: none
-          ini-file: development
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
      - name: Check translations are JSON decodeable
        run: php ./build/translation-checker.php

@@ -114,7 +87,7 @@ jobs:
    permissions:
      contents: none
    runs-on: ubuntu-latest-low
-    needs: [changes, autoloader, autocheckers]
+    needs: [changes, autocheckers]

    if: always()

@@ -122,4 +95,4 @@ jobs:

    steps:
      - name: Summary status
-        run: if ${{ needs.autocheckers.result != 'success' || (needs.changes.outputs.src != 'false' && needs.autoloader.result != 'success') }}; then exit 1; fi
+        run: if ${{ needs.changes.outputs.src != 'false' && needs.autocheckers.result != 'success' }}; then exit 1; fi
@@ -27,22 +27,13 @@ jobs:

    steps:
      - name: Set server major version environment
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            const regex = /^stable(\d+)$/
-            const baseRef = context.payload.pull_request.base.ref
-            const match = baseRef.match(regex)
-            if (match) {
-              console.log('Setting server_major to ' + match[1]);
-              core.exportVariable('server_major', match[1]);
-              console.log('Setting current_month to ' + (new Date()).toISOString().substr(0, 7));
-              core.exportVariable('current_month', (new Date()).toISOString().substr(0, 7));
-            }
+        run: |
+          # retrieve version number from branch reference
+          server_major=$(echo "${{ github.base_ref }}" | sed -En 's/stable//p')
+          echo "server_major=$server_major" >> $GITHUB_ENV
+          echo "current_month=$(date +%Y-%m)" >> $GITHUB_ENV

-      - name: Checking if server ${{ env.server_major }} is EOL
-        if: ${{ env.server_major != '' }}
+      - name: Checking if ${{ env.server_major }} is EOL
        run: |
          curl -s https://raw.githubusercontent.com/nextcloud-releases/updater_server/production/config/major_versions.json \
            | jq '.["${{ env.server_major }}"]["eol"] // "9999-99" | . >= "${{ env.current_month }}"' \
@@ -28,30 +28,8 @@ jobs:
    runs-on: ubuntu-latest-low

    steps:
-      - name: Register server reference to fallback to master branch
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            const baseRef = context.payload.pull_request.base.ref
-            if (baseRef === 'main' || baseRef === 'master') {
-              core.exportVariable('server_ref', 'master');
-              console.log('Setting server_ref to master');
-            } else {
-              const regex = /^stable(\d+)$/
-              const match = baseRef.match(regex)
-              if (match) {
-                core.exportVariable('server_ref', match[0]);
-                console.log('Setting server_ref to ' + match[0]);
-              } else {
-                console.log('Not based on master/main/stable*, so skipping freeze check');
-              }
-            }
-
-      - name: Download version.php from ${{ env.server_ref }}
-        if: ${{ env.server_ref != '' }}
-        run: curl 'https://raw.githubusercontent.com/nextcloud/server/${{ env.server_ref }}/version.php' --output version.php
+      - name: Download version.php from ${{ github.base_ref }}
+        run: curl 'https://raw.githubusercontent.com/nextcloud/server/${{ github.base_ref }}/version.php' --output version.php

      - name: Run check
-        if: ${{ env.server_ref != '' }}
        run: cat version.php | grep 'OC_VersionString' | grep -i -v 'RC'
@@ -31,49 +31,25 @@ jobs:
              - 'version.php'

      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: 3rdparty commit hash on current branch
        id: actual
        run: |
          echo "commit=$(git submodule status | grep ' 3rdparty' | egrep -o '[a-f0-9]{40}')" >> "$GITHUB_OUTPUT"

-      - name: Register server reference to fallback to master branch
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            const baseRef = context.payload.pull_request.base.ref
-            if (baseRef === 'main' || baseRef === 'master') {
-              core.exportVariable('server_ref', 'master');
-              console.log('Setting server_ref to master');
-            } else {
-              const regex = /^stable(\d+)$/
-              const match = baseRef.match(regex)
-              if (match) {
-                core.exportVariable('server_ref', match[0]);
-                console.log('Setting server_ref to ' + match[0]);
-              } else {
-                console.log('Not based on master/main/stable*, so skipping outdated 3rdparty check');
-              }
-            }
-
      - name: Last 3rdparty commit on target branch
-        if: ${{ env.server_ref != '' }}
        id: target
        run: |
-          echo "commit=$(git ls-remote https://github.com/nextcloud/3rdparty refs/heads/${{ env.server_ref }} | awk '{ print $1}')" >> "$GITHUB_OUTPUT"
+          echo "commit=$(git ls-remote https://github.com/nextcloud/3rdparty refs/heads/${{ github.base_ref }} | awk '{ print $1}')" >> "$GITHUB_OUTPUT"

      - name: Compare if 3rdparty commits are different
-        if: ${{ env.server_ref != '' }}
        run: |
          echo '3rdparty/ seems to not point to the last commit of the dedicated branch:'
          echo 'Branch has: ${{ steps.actual.outputs.commit }}'
-          echo '${{ env.server_ref }} has: ${{ steps.target.outputs.commit }}'
+          echo '${{ github.base_ref }} has: ${{ steps.target.outputs.commit }}'

      - name: Fail if 3rdparty commits are different
-        if: ${{ env.server_ref != '' && steps.changes.outputs.src != 'false' && steps.actual.outputs.commit != steps.target.outputs.commit }}
+        if: ${{ steps.changes.outputs.src != 'false' && steps.actual.outputs.commit != steps.target.outputs.commit }}
        run: |
          exit 1
@@ -27,9 +27,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - uses: webiny/action-conventional-commits@8bc41ff4e7d423d56fa4905f6ff79209a78776c7 # v1.3.0
        with:
@@ -11,9 +11,6 @@ on:
  issue_comment:
    types: [created]

-permissions:
-  contents: read
-
 jobs:
  init:
    runs-on: ubuntu-latest
@@ -79,7 +76,7 @@ jobs:
          fi

      - name: Init branch
-        uses: xt0rted/pull-request-comment-branch@e8b8daa837e8ea7331c0003c9c316a64c6d8b0b1 # v3.0.0
+        uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
        id: comment-branch

      - name: Add reaction on failure
@@ -89,7 +86,7 @@ jobs:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
+          reactions: "-1"

  process:
    runs-on: ubuntu-latest
@@ -97,16 +94,14 @@ jobs:

    steps:
      - name: Restore cached git repository
-        uses: buildjet/cache@3e70d19e31d6a8030aeddf6ed8dbe601f94d09f4 # v4.0.2
+        uses: buildjet/cache@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          path: .git
          key: git-repo

      - name: Checkout ${{ needs.init.outputs.head_ref }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          # Needed to allow force push later
-          persist-credentials: true
          token: ${{ secrets.COMMAND_BOT_PAT }}
          fetch-depth: 0
          ref: ${{ needs.init.outputs.head_ref }}
@@ -124,7 +119,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }}
          cache: npm
@@ -181,4 +176,4 @@ jobs:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          repository: ${{ github.event.repository.full_name }}
          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
+          reactions: "-1"
@@ -34,60 +34,28 @@ jobs:
          exit 1

      - name: Init branch
-        uses: xt0rted/pull-request-comment-branch@e8b8daa837e8ea7331c0003c9c316a64c6d8b0b1 # v1
+        uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
        id: comment-branch

      - name: Checkout ${{ steps.comment-branch.outputs.head_ref }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          fetch-depth: 0
          token: ${{ secrets.COMMAND_BOT_PAT }}
          ref: ${{ steps.comment-branch.outputs.head_ref }}

-      - name: Register server reference to fallback to master branch
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            const baseRef = context.payload.pull_request.base.ref
-            if (baseRef === 'main' || baseRef === 'master') {
-              core.exportVariable('server_ref', 'master');
-              console.log('Setting server_ref to master');
-            } else {
-              const regex = /^stable(\d+)$/
-              const match = baseRef.match(regex)
-              if (match) {
-                core.exportVariable('server_ref', match[0]);
-                console.log('Setting server_ref to ' + match[0]);
-              } else {
-                console.log('Not based on master/main/stable*, so skipping pull 3rdparty command');
-              }
-            }
-
      - name: Setup git
        run: |
          git config --local user.email 'nextcloud-command@users.noreply.github.com'
          git config --local user.name 'nextcloud-command'

-      - name: Add reaction on failure
-        uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v3.0.1
-        if: ${{ env.server_ref == '' }}
-        with:
-          token: ${{ secrets.COMMAND_BOT_PAT }}
-          repository: ${{ github.event.repository.full_name }}
-          comment-id: ${{ github.event.comment.id }}
-          reactions: '-1'
-
      - name: Pull 3rdparty
-        if: ${{ env.server_ref != '' }}
-        run: git submodule foreach 'if [ "$sm_path" == "3rdparty" ]; then git pull origin '"'"'${{ env.server_ref }}'"'"'; fi'
+        run: git submodule foreach 'if [ "$sm_path" == "3rdparty" ]; then git pull origin '"'"'${{ github.event.issue.pull_request.base.ref }}'"'"'; fi'

      - name: Commit and push changes
-        if: ${{ env.server_ref != '' }}
        run: |
          git add 3rdparty
-          git commit -s -m 'Update submodule 3rdparty to latest ${{ env.server_ref }}'
+          git commit -s -m 'Update submodule 3rdparty to latest ${{ github.event.issue.pull_request.base.ref }}'
          git push

      - name: Add reaction on failure
@@ -18,16 +18,9 @@ env:
  # Adjust APP_NAME if your repository name is different
  APP_NAME: ${{ github.event.repository.name }}

-  # This represents the server branch to checkout.
-  # Usually it's the base branch of the PR, but for pushes it's the branch itself.
-  # e.g. 'main', 'stable27' or 'feature/my-feature'
-  # n.b. server will use head_ref, as we want to test the PR branch.
+  # Server requires head_ref instead of base_ref, as we want to test the PR branch
  BRANCH: ${{ github.head_ref || github.ref_name }}

-
-permissions:
-  contents: read
-
 jobs:
  init:
    runs-on: ubuntu-latest
@@ -48,9 +41,8 @@ jobs:
          exit 1

      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          # We need to checkout submodules for 3rdparty
          submodules: true

@@ -72,7 +64,7 @@ jobs:
          fallbackNpm: "^10"

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -88,7 +80,7 @@ jobs:
        run: npm run cypress:version

      - name: Save context
-        uses: buildjet/cache/save@3e70d19e31d6a8030aeddf6ed8dbe601f94d09f4 # v4.0.2
+        uses: buildjet/cache/save@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          key: cypress-context-${{ github.run_id }}
          path: ./
@@ -102,7 +94,7 @@ jobs:
      matrix:
        # Run multiple copies of the current job in parallel
        # Please increase the number or runners as your tests suite grows (0 based index for e2e tests)
-        containers: ['component', '0', '1', '2', '3', '4', '5', '6', '7']
+        containers: ["component", '0', '1', '2', '3', '4', '5', '6', '7']
        # Hack as strategy.job-total includes the component and GitHub does not allow math expressions
        # Always align this number with the total of e2e runners (max. index + 1)
        total-containers: [8]
@@ -111,14 +103,14 @@ jobs:

    steps:
      - name: Restore context
-        uses: buildjet/cache/restore@3e70d19e31d6a8030aeddf6ed8dbe601f94d09f4 # v4.0.2
+        uses: buildjet/cache/restore@e376f15c6ec6dc595375c78633174c7e5f92dc0e # v3
        with:
          fail-on-cache-miss: true
          key: cypress-context-${{ github.run_id }}
          path: ./

      - name: Set up node ${{ needs.init.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.init.outputs.nodeVersion }}

@@ -129,7 +121,7 @@ jobs:
        run: ./node_modules/cypress/bin/cypress install

      - name: Run ${{ matrix.containers == 'component' && 'component' || 'E2E' }} cypress tests
-        uses: cypress-io/github-action@f1f0912d392f0d06bdd01fb9ebe3b3299e5806fb # v6.7.7
+        uses: cypress-io/github-action@496e7dc0edc421a9de8a36a31c793340e00c61bf # v6.7.5
        with:
          # We already installed the dependencies in the init job
          install: false
@@ -150,21 +142,19 @@ jobs:
          SPLIT: ${{ matrix.total-containers }}
          SPLIT_INDEX: ${{ matrix.containers == 'component' && 0 || matrix.containers }}

-      - name: Upload snapshots and videos
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+      - name: Upload snapshots
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        if: always()
        with:
-          name: snapshots_videos_${{ matrix.containers }}
-          path: |
-            cypress/snapshots
-            cypress/videos
+          name: snapshots_${{ matrix.containers }}
+          path: cypress/snapshots

      - name: Extract NC logs
        if: failure() && matrix.containers != 'component'
-        run: docker logs nextcloud-cypress-tests_${{ env.APP_NAME }} > nextcloud.log
+        run: docker logs nextcloud-cypress-tests-${{ env.APP_NAME }} > nextcloud.log

      - name: Upload NC logs
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        if: failure() && matrix.containers != 'component'
        with:
          name: nc_logs_${{ matrix.containers }}
@@ -172,10 +162,10 @@ jobs:

      - name: Create data dir archive
        if: failure() && matrix.containers != 'component'
-        run: docker exec nextcloud-cypress-tests_${{ env.APP_NAME }} tar -cvjf - data > data.tar
+        run: docker exec nextcloud-cypress-tests-server tar -cvjf - data > data.tar

      - name: Upload data dir archive
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        if: failure() && matrix.containers != 'component'
        with:
          name: nc_data_${{ matrix.containers }}
@@ -9,7 +9,7 @@
 name: Dependabot

 on:
-  pull_request_target: # zizmor: ignore[dangerous-triggers]
+  pull_request_target:
    branches:
      - main
      - master
@@ -24,7 +24,7 @@ concurrency:

 jobs:
  auto-approve-merge:
-    if: github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'renovate[bot]'
+    if: github.actor == 'dependabot[bot]' || github.actor == 'renovate[bot]'
    runs-on: ubuntu-latest-low
    permissions:
      # for hmarr/auto-approve-action to approve PRs
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-ftp-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -46,7 +43,7 @@ jobs:
      # do not stop on another job's failure
      fail-fast: false
      matrix:
-        php-versions: ['8.1', '8.4']
+        php-versions: ['8.1', '8.3']
        ftpd: ['proftpd', 'vsftpd', 'pure-ftpd']
        include:
          - php-versions: '8.1'
@@ -56,9 +53,8 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up ftpd
@@ -76,7 +72,7 @@ jobs:
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -104,7 +100,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-ftp
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-s3-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -44,16 +41,16 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
-          - php-versions: '8.3'
+          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}

    name: php${{ matrix.php-versions }}-s3

    services:
      minio:
-        image: bitnami/minio@sha256:50cec18ac4184af4671a78aedd5554942c8ae105d51a465fa82037949046da01 # v2025.4.22
+        image: bitnami/minio
        env:
          MINIO_ROOT_USER: nextcloud
          MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
@@ -63,9 +60,8 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
@@ -87,23 +83,22 @@ jobs:
          composer install
          ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
          ./occ app:enable --force files_external
-          echo "<?php return ['run' => true, 'minio' => true, 'secret' => 'actually-not-secret', 'passwordsalt' => 'actually-not-secret', 'hostname' => 'localhost','key' => '$OBJECT_STORE_KEY','secret' => '$OBJECT_STORE_SECRET', 'bucket' => 'bucket', 'port' => 9000, 'use_ssl' => false, 'autocreate' => true, 'use_path_style' => true];" > apps/files_external/tests/config.amazons3.php
+          echo "<?php return ['run' => true, 'secret' => 'actually-not-secret', 'passwordsalt' => 'actually-not-secret', 'hostname' => 'localhost','key' => '$OBJECT_STORE_KEY','secret' => '$OBJECT_STORE_SECRET', 'bucket' => 'bucket', 'port' => 9000, 'use_ssl' => false, 'autocreate' => true, 'use_path_style' => true];" > apps/files_external/tests/config.amazons3.php

      - name: Wait for S3
        run: |
+          sleep 10
          curl -f -m 1 --retry-connrefused --retry 10 --retry-delay 10 http://localhost:9000/minio/health/ready

      - name: PHPUnit
-        run: |
-          composer run test:files_external -- \
-            --group S3 \
-            --log-junit junit.xml \
-            apps/files_external/tests/Storage \
-            ${{ matrix.coverage && '--coverage-clover ./clover.xml' || '' }}
+        run: composer run test:files_external -- \
+          apps/files_external/tests/Storage/Amazons3Test.php \
+          apps/files_external/tests/Storage/VersionedAmazonS3Test.php \
+          ${{ matrix.coverage && ' --coverage-clover ./clover.xml' || '' }}

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-s3
@@ -122,7 +117,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.3'
            coverage: true
@@ -134,15 +129,14 @@ jobs:
        env:
          SERVICES: s3
          DEBUG: 1
-        image: localstack/localstack@sha256:9d4253786e0effe974d77fe3c390358391a56090a4fff83b4600d8a64404d95d # v4.5.0
+        image: localstack/localstack
        ports:
          - "4566:4566"

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
@@ -161,19 +155,17 @@ jobs:
          composer install
          ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
          ./occ app:enable --force files_external
-          echo "<?php return ['run' => true, 'localstack' => true, 'hostname' => 'localhost','key' => 'ignored','secret' => 'ignored', 'bucket' => 'bucket', 'port' => 4566, 'use_ssl' => false, 'autocreate' => true, 'use_path_style' => true];" > apps/files_external/tests/config.amazons3.php
+          echo "<?php return ['run' => true,'hostname' => 'localhost','key' => 'ignored','secret' => 'ignored', 'bucket' => 'bucket', 'port' => 4566, 'use_ssl' => false, 'autocreate' => true, 'use_path_style' => true];" > apps/files_external/tests/config.amazons3.php

      - name: PHPUnit
-        run: |
-          composer run test:files_external -- \
-            --group S3 \
-            --log-junit junit.xml \
-            apps/files_external/tests/Storage \
-            ${{ matrix.coverage && '--coverage-clover ./clover.xml' || '' }}
+        run: composer run test:files_external -- \
+          apps/files_external/tests/Storage/Amazons3Test.php \
+          apps/files_external/tests/Storage/VersionedAmazonS3Test.php \
+          ${{ matrix.coverage && ' --coverage-clover ./clover.xml' || '' }}

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-s3
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-sftp-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -46,7 +43,7 @@ jobs:
      # do not stop on another job's failure
      fail-fast: false
      matrix:
-        php-versions: ['8.1', '8.4']
+        php-versions: ['8.1', '8.3']
        sftpd: ['openssh']
        include:
          - php-versions: '8.1'
@@ -56,9 +53,8 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up sftpd
@@ -72,7 +68,7 @@ jobs:
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -93,7 +89,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-sftp
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-smb-kerberos-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -37,7 +34,7 @@ jobs:
              - '**.php'

  files-external-smb-kerberos:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    needs: changes

    if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }}
@@ -46,24 +43,16 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Checkout user_saml
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          repository: nextcloud/user_saml
          path: apps/user_saml

-      - name: Install user_saml
-        run: |
-          cd apps/user_saml
-          composer i
-          cd ../..
-
      - name: Pull images
        run: |
          docker pull ghcr.io/icewind1991/samba-krb-test-dc
@@ -88,18 +77,6 @@ jobs:
        run: |
          apps/files_external/tests/sso-setup/test-sso-smb.sh ${{ env.DC_IP }}

-      - name: Show logs DC
-        if: always()
-        run: |
-          docker logs dc
-          echo "------------"
-          docker exec dc cat /var/log/samba/log.samba
-
-      - name: Show logs Apache
-        if: always()
-        run: |
-          docker logs apache
-
      - name: Show logs
        if: always()
        run: |
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-smb-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -44,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.1'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -53,15 +50,14 @@ jobs:

    services:
      samba:
-        image: ghcr.io/nextcloud/continuous-integration-samba:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-samba:latest
        ports:
          - 445:445

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
@@ -69,7 +65,7 @@ jobs:
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, smbclient, sqlite, pdo_sqlite
+          extensions: ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, smbclient, sqlite, pdo_sqlite
          coverage: ${{ matrix.coverage && 'xdebug' || 'none' }}
          ini-file: development
        env:
@@ -98,7 +94,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20 # v4.1.1
        with:
          files: ./clover.xml
          flags: phpunit-files-external-smb
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-webdav-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -44,7 +41,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -53,15 +50,14 @@ jobs:

    services:
      apache:
-        image: ghcr.io/nextcloud/continuous-integration-webdav-apache:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-webdav-apache:latest
        ports:
          - 8081:80

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
@@ -95,7 +91,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20 # v4.1.1
        with:
          files: ./clover.xml
          flags: phpunit-files-external-webdav
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: files-external-generic-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -43,7 +40,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.2', '8.3', '8.4']
+        php-versions: ['8.1', '8.2', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -52,9 +49,8 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
@@ -78,12 +74,12 @@ jobs:
          ./occ app:enable --force files_external

      - name: PHPUnit
-        run: composer run test:files_external -- \
+        run: composer run test:files_external \
          ${{ matrix.coverage && ' --coverage-clover ./clover.xml' || '' }}

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-files-external-generic
@@ -1,98 +0,0 @@
-# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-
-name: Generate changelog on release
-
-on:
-  release:
-    types: [published]
-
-permissions:
-  contents: write
-
-jobs:
-  changelog_generate:
-    runs-on: ubuntu-latest
-
-    # Only allowed to be run on nextcloud-releases repositories
-    if: ${{ github.repository_owner == 'nextcloud-releases' }}
-
-    steps:
-      - name: Check actor permission
-        uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0
-        with:
-          require: write
-
-      - name: Checkout github_helper
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          repository: nextcloud/github_helper
-          path: github_helper
-
-      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          path: server
-          fetch-depth: 0
-
-      - name: Get previous tag
-        shell: bash
-        run: |
-          cd server
-          # Print all tags
-          git log --decorate --oneline | egrep 'tag: ' | sed -r 's/^.+tag: ([^,\)]+)[,\)].+$/\1/g'
-          # Get the current tag
-          TAGS=$(git log --decorate --oneline | egrep 'tag: ' | sed -r 's/^.+tag: ([^,\)]+)[,\)].+$/\1/g')
-          CURRENT_TAG=$(echo "$TAGS" | head -n 1)
-
-          # Get the previous tag - filter pre-releases only if current tag is stable
-          if echo "$CURRENT_TAG" | grep -q 'rc\|beta\|alpha'; then
-            # Current tag is pre-release, don't filter
-            PREVIOUS_TAG=$(echo "$TAGS" | sed -n '2p')
-          else
-            # Current tag is stable, filter out pre-releases
-            PREVIOUS_TAG=$(echo "$TAGS" | grep -v 'rc\|beta\|alpha' | sed -n '2p')
-          fi
-
-          echo "CURRENT_TAG=$CURRENT_TAG" >> $GITHUB_ENV
-          echo "PREVIOUS_TAG=$PREVIOUS_TAG" >> $GITHUB_ENV
-
-      # Since this action only runs on nextcloud-releases, ignoring is okay
-      - name: Verify current tag # zizmor: ignore[template-injection]
-        run: |
-         if [ "${{ github.ref_name }}" != "${{ env.CURRENT_TAG }}" ]; then
-           echo "Current tag does not match the release tag. Exiting."
-           exit 1
-         fi
-
-      - name: Set up php 8.2
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
-        with:
-          php-version: 8.2
-          coverage: none
-          ini-file: development
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set credentials
-        run: |
-          echo '{"username": "github-actions"}' > github_helper/credentials.json
-
-      # Since this action only runs on nextcloud-releases, ignoring is okay
-      - name: Generate changelog between ${{ env.PREVIOUS_TAG }} and ${{ github.ref_name }} # zizmor: ignore[template-injection]
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          cd github_helper/changelog
-          composer install
-          php index.php generate:changelog --no-bots --format=forum server ${{ env.PREVIOUS_TAG }} ${{ github.ref_name }} > changelog.md
-
-      # Since this action only runs on nextcloud-releases, ignoring is okay
-      - name: Set changelog to release # zizmor: ignore[template-injection]
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-         cd server
-         gh release edit ${{ github.ref_name }} --notes-file "../github_helper/changelog/changelog.md" --title "${{ github.ref_name }}"
@@ -4,9 +4,6 @@ name: DAV integration tests
 on:
  pull_request:

-permissions:
-  contents: read
-
 concurrency:
  group: integration-caldav-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -54,9 +51,8 @@ jobs:

    steps:
        - name: Checkout server
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
          with:
-            persist-credentials: false
            submodules: true

        - name: Set up php ${{ matrix.php-versions }}
@@ -71,7 +67,7 @@ jobs:
            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

        - name: Set up Python
-          uses: LizardByte/setup-python-action@f4367d0377eceec7e5e26da8f3863dd365b95a94 # v2025.426.160528
+          uses: LizardByte/setup-python-action@master
          with:
            python-version: '2.7'

@@ -103,9 +99,9 @@ jobs:

        - name: Run CalDAVTester
          run: |
-            cp "apps/dav/tests/testsuits/caldavtest/serverinfo-${{ matrix.endpoint }}${{ matrix.endpoint == 'old' && (matrix.service == 'CardDAV' && '-carddav' || '-caldav') || '' }}-endpoint.xml" "apps/dav/tests/testsuits/caldavtest/serverinfo.xml"
+            cp "apps/dav/tests/travis/caldavtest/serverinfo-${{ matrix.endpoint }}${{ matrix.endpoint == 'old' && (matrix.service == 'CardDAV' && '-carddav' || '-caldav') || '' }}-endpoint.xml" "apps/dav/tests/travis/caldavtest/serverinfo.xml"
            pushd CalDAVTester
-            PYTHONPATH="../pycalendar/src" python testcaldav.py --print-details-onfail --basedir "../apps/dav/tests/testsuits/caldavtest" -o cdt.txt \
+            PYTHONPATH="../pycalendar/src" python testcaldav.py --print-details-onfail --basedir "../apps/dav/tests/travis/caldavtest" -o cdt.txt \
              "${{ matrix.service }}/current-user-principal.xml" \
              "${{ matrix.service }}/sync-report.xml" \
              ${{ matrix.endpoint == 'new' && format('{0}/sharing-{1}.xml', matrix.service, matrix.service == 'CalDAV' && 'calendars' || 'addressbooks') || ';' }}
@@ -4,9 +4,6 @@ name: Litmus integration tests
 on:
  pull_request:

-permissions:
-  contents: read
-
 concurrency:
  group: integration-litmus-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -53,9 +50,8 @@ jobs:

    steps:
        - name: Checkout server
-          uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
          with:
-            persist-credentials: false
            submodules: true

        - name: Set up php ${{ matrix.php-versions }}
@@ -4,9 +4,6 @@ name: S3 primary storage integration tests
 on:
  pull_request:

-permissions:
-  contents: read
-
 concurrency:
  group: integration-s3-primary-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -53,12 +50,12 @@ jobs:

    services:
      redis:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
        ports:
          - 6379:6379/tcp
      minio:
-        image: bitnami/minio@sha256:50cec18ac4184af4671a78aedd5554942c8ae105d51a465fa82037949046da01 # v2025.4.22
+        image: bitnami/minio
        env:
          MINIO_ROOT_USER: nextcloud
          MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
@@ -68,13 +65,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -61,7 +61,6 @@ jobs:
          - 'federation_features'
          - '--tags ~@large files_features'
          - 'filesdrop_features'
-          - 'file_conversions'
          - 'openldap_features'
          - 'openldap_numerical_features'
          - 'ldap_features'
@@ -69,21 +68,19 @@ jobs:
          - 'setup_features'
          - 'sharees_features'
          - 'sharing_features'
-          - 'theming_features'
          - 'videoverification_features'

        php-versions: ['8.1']
-        spreed-versions: ['stable31']
-        activity-versions: ['stable31']
+        spreed-versions: ['main']

    services:
      redis:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
        ports:
          - 6379:6379/tcp
      openldap:
-        image: ghcr.io/nextcloud/continuous-integration-openldap:openldap-7 # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-openldap:openldap-7
        ports:
          - 389:389
        env:
@@ -94,31 +91,20 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          submodules: true

      - name: Checkout Talk app
        if: ${{ matrix.test-suite == 'videoverification_features' }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          repository: nextcloud/spreed
          path: apps/spreed
          ref: ${{ matrix.spreed-versions }}

-      - name: Checkout Activity app
-        if: ${{ matrix.test-suite == 'sharing_features' }}
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          repository: nextcloud/activity
-          path: apps/activity
-          ref: ${{ matrix.activity-versions }}
-
      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -20,9 +20,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src}}
@@ -56,9 +53,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -68,7 +63,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -48,12 +48,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php8.1
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: 8.1
          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
@@ -47,18 +47,16 @@ jobs:

    strategy:
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
+        php-versions: [ '8.1', '8.2', '8.3' ]

    name: php-lint

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          coverage: none
@@ -1,53 +0,0 @@
-# This workflow is provided via the organization template repository
-#
-# https://github.com/nextcloud/.github
-# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-#
-# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-
-name: Lint stylelint
-
-on: pull_request
-
-permissions:
-  contents: read
-
-concurrency:
-  group: lint-stylelint-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    name: stylelint
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-
-      - name: Read package.json node and npm engines version
-        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
-        id: versions
-        with:
-          fallbackNode: '^20'
-          fallbackNpm: '^10'
-
-      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version: ${{ steps.versions.outputs.nodeVersion }}
-
-      - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
-        run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
-
-      - name: Install dependencies
-        env:
-          CYPRESS_INSTALL_BINARY: 0
-        run: npm ci
-
-      - name: Lint
-        run: npm run stylelint
@@ -23,9 +23,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src}}
@@ -62,9 +59,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -85,12 +80,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -106,7 +99,7 @@ jobs:
        run: npm run test:coverage --if-present

      - name: Collect coverage
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@4b21c320b5517fc6ffd4406a28e66325c721dc20 # v4.3.1
        with:
          files: ./coverage/lcov.info

@@ -121,12 +114,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -151,12 +142,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up node ${{ needs.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
        with:
          node-version: ${{ needs.versions.outputs.nodeVersion }}

@@ -20,9 +20,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src}}
@@ -56,9 +53,7 @@ jobs:
    name: NPM build
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -68,7 +63,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -14,9 +14,6 @@ on:
    # At 2:30 on Sundays
    - cron: '30 2 * * 0'

-permissions:
-  contents: read
-
 jobs:
  build:
    runs-on: ubuntu-latest
@@ -24,18 +21,15 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        branches: ['main', 'master', 'stable31', 'stable30']
+        branches: ['main', 'master', 'stable30', 'stable29', 'stable28']

    name: npm-audit-fix-${{ matrix.branches }}

    steps:
      - name: Checkout
-        id: checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          ref: ${{ matrix.branches }}
-        continue-on-error: true

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -45,7 +39,7 @@ jobs:
          fallbackNpm: '^10'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

@@ -54,10 +48,10 @@ jobs:

      - name: Fix npm audit
        id: npm-audit
-        uses: nextcloud-libraries/npm-audit-action@1b1728b2b4a7a78d69de65608efcf4db0e3e42d0 # v0.2.0
+        uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0

      - name: Run npm ci and npm run build
-        if: steps.checkout.outcome == 'success'
+        if: always()
        env:
          CYPRESS_INSTALL_BINARY: 0
        run: |
@@ -65,8 +59,8 @@ jobs:
          npm run build --if-present

      - name: Create Pull Request
-        if: steps.checkout.outcome == 'success'
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        if: always()
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(deps): Fix npm audit'
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "15 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: object-storage-azure-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -57,7 +54,7 @@ jobs:

    services:
      azurite:
-        image: mcr.microsoft.com/azure-storage/azurite@sha256:0a47e12e3693483cef5c71f35468b91d751611f172d2f97414e9c69113b106d9 # v3.34.0
+        image: mcr.microsoft.com/azure-storage/azurite
        env:
          AZURITE_ACCOUNTS: nextcloud:bmV4dGNsb3Vk
        ports:
@@ -65,20 +62,19 @@ jobs:
        options: --health-cmd="nc 127.0.0.1 10000 -z" --health-interval=1s --health-retries=30

      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -109,7 +105,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-azure
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "15 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: object-storage-s3-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -57,13 +54,13 @@ jobs:

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

      minio:
-        image: bitnami/minio@sha256:50cec18ac4184af4671a78aedd5554942c8ae105d51a465fa82037949046da01 # v2025.4.22
+        image: bitnami/minio
        env:
          MINIO_ROOT_USER: nextcloud
          MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
@@ -73,13 +70,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -115,7 +111,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-s3
@@ -6,9 +6,6 @@ on:
  schedule:
    - cron: "15 2 * * *"

-permissions:
-  contents: read
-
 concurrency:
  group: object-storage-swift-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -57,26 +54,25 @@ jobs:

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

      swift:
-        image: ghcr.io/cscfi/docker-keystone-swift@sha256:e8b1ec21120ab9adc6ac6a2b98785fd273676439a8633fe898e37f2aea7e0712
+        image: ghcr.io/cscfi/docker-keystone-swift
        ports:
          - 5000:5000
          - 8080:8080

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -105,7 +101,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-swift
@@ -26,12 +26,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

      - name: Set up php
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
          extensions: ctype, curl, dom, fileinfo, gd, json, libxml, mbstring, openssl, pcntl, pdo, posix, session, simplexml, xml, xmlreader, xmlwriter, zip, zlib
@@ -4,9 +4,6 @@ name: Performance testing
 on:
  pull_request:

-permissions:
-  contents: read
-
 concurrency:
  group: performance-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
@@ -17,9 +14,6 @@ jobs:

    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

-    permissions:
-      pull-requests: write
-
    strategy:
      fail-fast: false
      matrix:
@@ -35,17 +29,16 @@ jobs:
          exit 1

      - name: Checkout server before PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true
          ref: ${{ github.event.pull_request.base.ref }}

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+          extensions: mbstring, fileinfo, intl, sqlite, pdo_sqlite, zip, gd
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

@@ -56,7 +49,7 @@ jobs:

          php -S localhost:8080 &
      - name: Apply blueprint
-        uses: icewind1991/blueprint@00504403f76cb2a09efd0d16793575055e6f63cb # v0.1.2
+        uses: icewind1991/blueprint@v0.1.2
        with:
          blueprint: tests/blueprints/basic.toml
          ref: ${{ github.event.pull_request.head.ref }}
@@ -71,9 +64,9 @@ jobs:
            curl -s -u test:test -T README.md http://localhost:8080/remote.php/dav/files/test/new_file.txt
            curl -s -u test:test -X DELETE http://localhost:8080/remote.php/dav/files/test/new_file.txt
          output: before.json
-          profiler-branch: stable31
+          profiler-branch: master

-      - name: Apply PR # zizmor: ignore[template-injection]
+      - name: Apply PR
        run: |
          git remote add pr '${{ github.event.pull_request.head.repo.clone_url }}'
          git fetch pr '${{ github.event.pull_request.head.ref }}'
@@ -93,19 +86,19 @@ jobs:
            curl -s -u test:test -T README.md http://localhost:8080/remote.php/dav/files/test/new_file.txt
            curl -s -u test:test -X DELETE http://localhost:8080/remote.php/dav/files/test/new_file.txt
          output: after.json
-          profiler-branch: stable31
+          profiler-branch: master
          compare-with: before.json

      - name: Upload profiles
        if: always()
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
        with:
          name: profiles
          path: |
            before.json
            after.json

-      - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
+      - uses: actions/github-script@v7
        if: failure() && steps.compare.outcome == 'failure'
        with:
          github-token: ${{secrets.GITHUB_TOKEN}}
@@ -32,9 +32,8 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Install tools
@@ -43,7 +42,7 @@ jobs:
          sudo apt-get install -y ffmpeg imagemagick libmagickcore-6.q16-3-extra

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, openssl, pdo_sqlite, posix, sqlite, xml, zip, apcu
@@ -23,9 +23,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src}}
@@ -64,14 +61,12 @@ jobs:
          - php-versions: '8.3'
            mariadb-versions: '10.11'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - php-versions: '8.4'
-            mariadb-versions: '11.4'

    name: MariaDB ${{ matrix.mariadb-versions }} (PHP ${{ matrix.php-versions }}) - database tests

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
@@ -89,13 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -128,7 +122,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mariadb
@@ -55,7 +55,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.3', '8.4']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -64,20 +64,19 @@ jobs:

    services:
      memcached:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 11212:11212/tcp
          - 11212:11212/udp

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -102,7 +101,7 @@ jobs:

      - name: Upload code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.xml
          flags: phpunit-memcached
@@ -62,13 +62,13 @@ jobs:

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

      mysql:
-        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest
        ports:
          - 4444:3306/tcp
        env:
@@ -78,7 +78,7 @@ jobs:
          MYSQL_DATABASE: oc_autotest
        options: --health-cmd="mysqladmin ping" --health-interval 5s --health-timeout 2s --health-retries 10
      shard1:
-        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest
        ports:
          - 5001:3306/tcp
        env:
@@ -88,7 +88,7 @@ jobs:
          MYSQL_DATABASE: nextcloud
        options: --health-cmd="mysqladmin ping" --health-interval 5s --health-timeout 2s --health-retries 10
      shard2:
-        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest
        ports:
          - 5002:3306/tcp
        env:
@@ -98,7 +98,7 @@ jobs:
          MYSQL_DATABASE: nextcloud
        options: --health-cmd="mysqladmin ping" --health-interval 5s --health-timeout 2s --health-retries 10
      shard3:
-        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest
        ports:
          - 5003:3306/tcp
        env:
@@ -108,7 +108,7 @@ jobs:
          MYSQL_DATABASE: nextcloud
        options: --health-cmd="mysqladmin ping" --health-interval 5s --health-timeout 2s --health-retries 10
      shard4:
-        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest
        ports:
          - 5004:3306/tcp
        env:
@@ -120,13 +120,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -160,7 +159,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mysql
@@ -23,9 +23,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src }}
@@ -64,20 +61,18 @@ jobs:
          - mysql-versions: '8.0'
            php-versions: '8.3'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - mysql-versions: '8.4'
-            php-versions: '8.4'

    name: MySQL ${{ matrix.mysql-versions }} (PHP ${{ matrix.php-versions }}) - database tests

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

      mysql:
-        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-mysql-${{ matrix.mysql-versions }}:latest
        ports:
          - 4444:3306/tcp
        env:
@@ -89,13 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -128,7 +122,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-mysql
@@ -42,7 +42,6 @@ jobs:
              - '**/lib/**'
              - '**/templates/**'
              - '**/tests/**'
-              - 'resources/**'
              - 'vendor/**'
              - 'vendor-bin/**'
              - '.php-cs-fixer.dist.php'
@@ -58,7 +57,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.1', '8.3', '8.4']
+        php-versions: ['8.1', '8.3']
        include:
          - php-versions: '8.2'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -67,20 +66,19 @@ jobs:

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -108,7 +106,7 @@ jobs:

      - name: Upload nodb code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.nodb.xml
          flags: phpunit-nodb
@@ -1,125 +0,0 @@
-# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: PHPUnit primary object store
-on:
-  pull_request:
-  schedule:
-    - cron: "15 2 * * *"
-
-permissions:
-  contents: read
-
-concurrency:
-  group: phpunit-object-store-primary-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  changes:
-    runs-on: ubuntu-latest-low
-
-    outputs:
-      src: ${{ steps.changes.outputs.src}}
-
-    steps:
-      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
-        id: changes
-        continue-on-error: true
-        with:
-          filters: |
-            src:
-              - '.github/workflows/**'
-              - '3rdparty/**'
-              - '**/appinfo/**'
-              - '**/lib/**'
-              - '**/templates/**'
-              - '**/tests/**'
-              - 'vendor/**'
-              - 'vendor-bin/**'
-              - '.php-cs-fixer.dist.php'
-              - 'composer.json'
-              - 'composer.lock'
-              - '**.php'
-
-  object-store-primary-tests-minio:
-    runs-on: ubuntu-latest
-    needs: changes
-
-    if: ${{ github.repository_owner != 'nextcloud-gmbh' && needs.changes.outputs.src != 'false' }}
-
-    strategy:
-      # do not stop on another job's failure
-      fail-fast: false
-      matrix:
-        php-versions: ['8.1']
-        key: ['s3', 's3-multibucket']
-
-    name: php${{ matrix.php-versions }}-${{ matrix.key }}-minio
-
-    services:
-      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
-        ports:
-          - 6379:6379/tcp
-        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
-
-      minio:
-        image: bitnami/minio@sha256:50cec18ac4184af4671a78aedd5554942c8ae105d51a465fa82037949046da01 # v2025.4.22
-        env:
-          MINIO_ROOT_USER: nextcloud
-          MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
-          MINIO_DEFAULT_BUCKETS: nextcloud
-        ports:
-          - "9000:9000"
-
-    steps:
-      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
-          submodules: true
-
-      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
-        with:
-          php-version: ${{ matrix.php-versions }}
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, redis, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Nextcloud
-        env:
-          OBJECT_STORE: ${{ matrix.key }}
-          OBJECT_STORE_KEY: nextcloud
-          OBJECT_STORE_SECRET: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
-        run: |
-          composer install
-          cp tests/redis.config.php config/
-          cp tests/preseed-config.php config/config.php
-          ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password
-          php -f tests/enable_all.php | grep -i -C9999 error && echo "Error during app setup" && exit 1 || exit 0
-
-      - name: Wait for S3
-        run: |
-          sleep 10
-          curl -f -m 1 --retry-connrefused --retry 10 --retry-delay 10 http://localhost:9000/minio/health/ready
-
-      - name: PHPUnit
-        run: composer run test:db
-
-      - name: S3 logs
-        if: always()
-        run: |
-          cat data/nextcloud.log
-          docker ps -a
-          docker ps -aq | while read container ; do IMAGE=$(docker inspect --format='{{.Config.Image}}' $container); echo $IMAGE; docker logs $container; echo "\n\n" ; done
-
-
-  object-store-primary-summary:
-    runs-on: ubuntu-latest-low
-    needs: [changes,object-store-primary-tests-minio]
-
-    if: always()
-
-    steps:
-      - name: Summary status
-        run: if ${{ needs.changes.outputs.src != 'false' && needs.object-store-primary-tests-minio.result != 'success' }}; then exit 1; fi
@@ -23,9 +23,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src }}
@@ -69,14 +66,12 @@ jobs:
            php-versions: '8.2'
          - oracle-versions: '23'
            php-versions: '8.3'
-          - oracle-versions: '23'
-            php-versions: '8.4'

    name: Oracle ${{ matrix.oracle-versions }} (PHP ${{ matrix.php-versions }}) - database tests

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
@@ -101,13 +96,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -133,7 +127,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-oci
@@ -23,9 +23,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src }}
@@ -59,26 +56,24 @@ jobs:
    strategy:
      matrix:
        php-versions: ['8.1']
-        # To keep the matrix smaller we ignore PostgreSQL versions in between as we already test the minimum and the maximum
-        postgres-versions: ['13', '17']
+        # To keep the matrix smaller we ignore PostgreSQL '13', '14', and '15' as we already test 12 and 16 as lower and upper bound
+        postgres-versions: ['12', '16']
        include:
          - php-versions: '8.3'
-            postgres-versions: '17'
+            postgres-versions: '16'
            coverage: ${{ github.event_name != 'pull_request' }}
-          - php-versions: '8.4'
-            postgres-versions: '17'

    name: PostgreSQL ${{ matrix.postgres-versions }} (PHP ${{ matrix.php-versions }}) - database tests

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

      postgres:
-        image: ghcr.io/nextcloud/continuous-integration-postgres-${{ matrix.postgres-versions }}:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-postgres-${{ matrix.postgres-versions }}:latest
        ports:
          - 4444:5432/tcp
        env:
@@ -89,13 +84,12 @@ jobs:

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -123,7 +117,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-postgres
@@ -23,9 +23,6 @@ concurrency:
 jobs:
  changes:
    runs-on: ubuntu-latest-low
-    permissions:
-      contents: read
-      pull-requests: read

    outputs:
      src: ${{ steps.changes.outputs.src }}
@@ -58,7 +55,7 @@ jobs:

    strategy:
      matrix:
-        php-versions: ['8.2', '8.3', '8.4']
+        php-versions: ['8.2', '8.3']
        include:
          - php-versions: '8.1'
            coverage: ${{ github.event_name != 'pull_request' }}
@@ -67,20 +64,19 @@ jobs:

    services:
      cache:
-        image: ghcr.io/nextcloud/continuous-integration-redis:latest # zizmor: ignore[unpinned-images]
+        image: ghcr.io/nextcloud/continuous-integration-redis:latest
        ports:
          - 6379:6379/tcp
        options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3

    steps:
      - name: Checkout server
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php ${{ matrix.php-versions }}
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a # v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: ${{ matrix.php-versions }}
          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -109,7 +105,7 @@ jobs:

      - name: Upload db code coverage
        if: ${{ !cancelled() && matrix.coverage }}
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@v4.5.0
        with:
          files: ./clover.db.xml
          flags: phpunit-sqlite
@@ -15,17 +15,12 @@ on:
  schedule:
    - cron: '30 1 * * *'

-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
  pr-feedback:
-    if: ${{ github.repository_owner == 'nextcloud' }}
    runs-on: ubuntu-latest
    steps:
      - name: The get-github-handles-from-website action
-        uses: marcelklehr/get-github-handles-from-website-action@06b2239db0a48fe1484ba0bfd966a3ab81a08308 # v1.0.1
+        uses: marcelklehr/get-github-handles-from-website-action@a739600f6b91da4957f51db0792697afbb2f143c # v1.0.0
        id: scrape
        with:
          website: 'https://nextcloud.com/team/'
@@ -36,7 +31,7 @@ jobs:
          blocklist=$(curl https://raw.githubusercontent.com/nextcloud/.github/master/non-community-usernames.txt | paste -s -d, -)
          echo "blocklist=$blocklist" >> "$GITHUB_OUTPUT"

-      - uses: nextcloud/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4 # main
+      - uses: marcelklehr/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4
        with:
          feedback-message: |
            Hello there,
@@ -11,17 +11,12 @@ name: REUSE Compliance Check

 on: [pull_request]

-permissions:
-  contents: read
-
 jobs:
  reuse-compliance-check:
-    runs-on: ubuntu-latest-low
+    runs-on: ubuntu-latest
    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          persist-credentials: false
+    - name: Checkout
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

-      - name: REUSE Compliance Check
-        uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
+    - name: REUSE Compliance Check
+      uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083 # v4.0.0
@@ -7,9 +7,6 @@ on:
  schedule:
    - cron: "0 0 * * *"

-permissions:
-  contents: read
-
 jobs:
  stale:
    runs-on: ubuntu-latest
@@ -20,7 +17,7 @@ jobs:
      issues: write

    steps:
-    - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9
+    - uses: actions/stale@v9
      with:
        repo-token: ${{ secrets.COMMAND_BOT_PAT }}
        stale-issue-message: >
@@ -30,6 +27,7 @@ jobs:
          for your contributions.
        stale-issue-label: 'stale'
        only-labels: 'needs info'
+        labels-to-remove-when-unstale: 'needs info,stale'
        exempt-issue-labels: '1. to develop,2. developing,3. to review,4. to release,security'
        days-before-stale: 30
        days-before-close: 14
@@ -4,17 +4,6 @@ name: Psalm static code analysis

 on:
  pull_request:
-  push:
-    branches:
-      - main
-      - master
-      - stable*
-    paths:
-      - '.github/workflows/static-code-analysis.yml'
-      - '**.php'
-
-permissions:
-  contents: read

 concurrency:
  group: static-code-analysis-${{ github.head_ref || github.run_id }}
@@ -24,20 +13,19 @@ jobs:
  static-code-analysis:
    runs-on: ubuntu-latest

-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
+    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -46,64 +34,60 @@ jobs:
        run: composer i

      - name: Psalm
-        run: composer run psalm -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif

      - name: Show potential changes in Psalm baseline
        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
+        run: git diff -- . ':!lib/composer'
+
+      - name: Upload Analysis results to GitHub
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif

  static-code-analysis-security:
    runs-on: ubuntu-latest

-    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
-
    steps:
      - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,ftp,gd,imagick,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none

      - name: Composer install
        run: composer i

      - name: Psalm taint analysis
-        run: composer run psalm:security -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
-
-      - name: Show potential changes in Psalm baseline
-        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis

      - name: Upload Security Analysis results to GitHub
        if: always()
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3
+        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

  static-code-analysis-ocp:
    runs-on: ubuntu-latest

-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
-
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          submodules: true

      - name: Set up php
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
        with:
          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
          coverage: none
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -112,35 +96,8 @@ jobs:
        run: composer i

      - name: Psalm
-        run: composer run psalm:ocp -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline

      - name: Show potential changes in Psalm baseline
        if: always()
-        run: git diff --exit-code -- . ':!lib/composer'
-
-  static-code-analysis-ncu:
-    runs-on: ubuntu-latest
-
-    if: ${{ github.event_name != 'push' && github.repository_owner != 'nextcloud-gmbh' }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-        with:
-          persist-credentials: false
-          submodules: true
-
-      - name: Set up php
-        uses: shivammathur/setup-php@cf4cade2721270509d5b1c766ab3549210a39a2a #v2.33.0
-        with:
-          php-version: '8.1'
-          extensions: ctype,curl,dom,fileinfo,gd,imagick,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
-          coverage: none
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Composer install
-        run: composer i
-
-      - name: Psalm
-        run: composer run psalm:ncu -- --threads=1 --monochrome --no-progress --output-format=github
+        run: git diff -- . ':!lib/composer'
@@ -7,9 +7,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 jobs:
  update-ca-certificate-bundle:
    runs-on: ubuntu-latest
@@ -22,9 +19,8 @@ jobs:
    name: update-ca-certificate-bundle-${{ matrix.branches }}

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          ref: ${{ matrix.branches }}
          submodules: true

@@ -32,7 +28,7 @@ jobs:
        run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(security): Update CA certificate bundle'
@@ -7,9 +7,6 @@ on:
  schedule:
    - cron: "5 2 * * *"

-permissions:
-  contents: read
-
 jobs:
  update-code-signing-crl:
    runs-on: ubuntu-latest
@@ -22,9 +19,8 @@ jobs:
    name: update-code-signing-crl-${{ matrix.branches }}

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
        with:
-          persist-credentials: false
          ref: ${{ matrix.branches }}
          submodules: true

@@ -35,7 +31,7 @@ jobs:
        run: openssl crl -verify -in resources/codesigning/root.crl -CAfile resources/codesigning/root.crt -noout

      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
        with:
          token: ${{ secrets.COMMAND_BOT_PAT }}
          commit-message: 'fix(security): Update code signing revocation list'
@@ -0,0 +1,52 @@
+# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+name: Auto approve psalm baseline update
+
+on:
+  pull_request_target:
+    branches:
+      - main
+      - master
+      - stable*
+
+permissions:
+  contents: read
+
+concurrency:
+  group: update-psalm-baseline-approve-merge-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  auto-approve-merge:
+    if: github.actor == 'nextcloud-command'
+    runs-on: ubuntu-latest-low
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write
+      # for alexwilson/enable-github-automerge-action to approve PRs
+      contents: write
+
+    steps:
+      - name: Disabled on forks
+        if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+        run: |
+          echo 'Can not approve PRs from forks'
+          exit 1
+
+      - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0
+        id: branchname
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # GitHub actions bot approve
+      - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
+        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      # Enable GitHub auto merge
+      - name: Auto merge
+        uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # main
+        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -0,0 +1,69 @@
+# SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+name: Update Psalm baseline
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "5 2 * * *"
+
+jobs:
+  update-psalm-baseline:
+    runs-on: ubuntu-latest
+
+    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
+
+    strategy:
+      fail-fast: false
+      matrix:
+        branches: ['master', 'stable30', 'stable29', 'stable28']
+
+    name: update-psalm-baseline-${{ matrix.branches }}
+
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        with:
+          ref: ${{ matrix.branches }}
+          submodules: true
+
+      - name: Set up php
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
+        with:
+          php-version: '8.1'
+          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+          coverage: none
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Composer install
+        run: composer install
+
+      - name: Psalm
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=text --update-baseline
+        continue-on-error: true
+
+      - name: Psalm OCP
+        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+        continue-on-error: true
+
+      - name: Reset composer
+        run: |
+          git clean -f lib/composer
+          git checkout composer.json composer.lock lib/composer
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
+        with:
+          token: ${{ secrets.COMMAND_BOT_PAT }}
+          commit-message: 'chore(tests): Update psalm baseline'
+          committer: GitHub <noreply@github.com>
+          author: nextcloud-command <nextcloud-command@users.noreply.github.com>
+          signoff: true
+          branch: 'automated/noid/${{ matrix.branches }}-update-psalm-baseline'
+          title: '[${{ matrix.branches }}] Update psalm-baseline.xml'
+          body: |
+            Auto-generated update psalm-baseline.xml with fixed psalm warnings
+          labels: |
+            automated pr
+            3. to review
+          team-reviewers: server-backend
@@ -1,69 +0,0 @@
-# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: Update PRs titles on stable branches
-
-on:
-  pull_request:
-    types: [opened, edited]
-    branches:
-      - "stable*"
-
-concurrency:
-  group: stable-pr-title-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
-jobs:
-  update-pr-title:
-    runs-on: ubuntu-latest-low
-    permissions:
-      pull-requests: write
-      contents: read
-
-    steps:
-      - name: Wait for potential title edits
-        run: sleep 15
-
-      - name: Get PR details and update title
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const { data: pr } = await github.rest.pulls.get({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              pull_number: context.issue.number,
-            });
-
-            const baseBranch = pr.base.ref;
-            const currentTitle = pr.title;
-
-            // Check if this is a stable branch
-            // Should not happen as we only trigger on stable* branches 🤷‍♀️
-            if (!baseBranch.startsWith('stable')) {
-              console.log(`Not a stable branch: ${baseBranch}`);
-              return;
-            }
-
-            const prefix = `[${baseBranch}]`;
-
-            // Check if title already has the correct prefix and no other stable tags
-            const correctTagRegex = new RegExp(`^\\[${baseBranch}\\]\\s*`);
-            const hasOtherStableTags = /\[stable[\d.]*\]/.test(currentTitle.replace(correctTagRegex, ''));
-
-            if (correctTagRegex.test(currentTitle) && !hasOtherStableTags) {
-              console.log(`Title already has correct prefix only: ${currentTitle}`);
-              return;
-            }
-
-            // Remove all stable tags and add the correct one
-            const cleanTitle = currentTitle.replace(/\[stable[\d.]*\]\s*/g, '').trim();
-            const newTitle = `${prefix} ${cleanTitle}`;
-
-            console.log(`Updating title from: "${currentTitle}" to: "${newTitle}"`);
-
-            await github.rest.pulls.update({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              pull_number: context.issue.number,
-              title: newTitle,
-            });
@@ -35,7 +35,6 @@
 !/apps/lookup_server_connector
 !/apps/user_ldap
 !/apps/oauth2
-!/apps/profile
 !/apps/provisioning_api
 !/apps/settings
 !/apps/systemtags
@@ -152,7 +151,6 @@ Vagrantfile

 # Tests - auto-generated files
 /data-autotest
-/results.sarif
 /tests/.phpunit.result.cache
 /tests/coverage*
 /tests/css
@@ -184,5 +182,3 @@ core/js/mimetypelist.js
 cypress/downloads
 cypress/snapshots
 cypress/videos
-
-/.direnv
@@ -15,18 +15,11 @@

  <IfModule mod_env.c>
    # Add security and privacy related headers
+
    # Avoid doubled headers by unsetting headers in "onsuccess" table,
    # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
-
-    <If "%{REQUEST_URI} =~ m#/login$#">
-      # Only on the login page we need any Origin or Referer header set.
-      Header onsuccess unset Referrer-Policy
-      Header always set Referrer-Policy "same-origin"
-    </If>
-    <Else>
-      Header onsuccess unset Referrer-Policy
-      Header always set Referrer-Policy "no-referrer"
-    </Else>
+    Header onsuccess unset Referrer-Policy
+    Header always set Referrer-Policy "no-referrer"

    Header onsuccess unset X-Content-Type-Options
    Header always set X-Content-Type-Options "nosniff"
@@ -56,8 +49,8 @@
    </Else>
  </FilesMatch>

-  # Let browsers cache OTF and WOFF files for a week
-  <FilesMatch "\.(otf|woff2?)$">
+  # Let browsers cache WOFF files for a week
+  <FilesMatch "\.woff2?$">
    Header set Cache-Control "max-age=604800"
  </FilesMatch>
 </IfModule>
@@ -110,10 +103,10 @@
 #  - https://docs.cyberduck.io/mountainduck/issues/fastcgi/
 #  - https://docs.nextcloud.com/server/latest/admin_manual/issues/general_troubleshooting.html#troubleshooting-webdav
 <IfModule mod_setenvif.c>
-  SetEnvIfNoCase Transfer-Encoding "chunked" proxy-sendcl=1
+  SetEnvIf Transfer-Encoding "chunked" proxy-sendcl=1
 </IfModule>

-# Apache disabled the sending of the server-side content-length header
+# Apache disabled the sending of the server-side content-length header 
 # in their 2.4.59 patch updated which breaks some use-cases in Nextcloud.
 # Setting ap_trust_cgilike_cl allows to bring back the usual behaviour.
 # See https://bz.apache.org/bugzilla/show_bug.cgi?id=68973
@@ -116,12 +116,6 @@ source_file = translationfiles/templates/oauth2.pot
 source_lang = en
 type        = PO

-[o:nextcloud:p:nextcloud:r:profile]
-file_filter = translationfiles/<lang>/profile.po
-source_file = translationfiles/templates/profile.pot
-source_lang = en
-type        = PO
-
 [o:nextcloud:p:nextcloud:r:provisioning_api]
 file_filter = translationfiles/<lang>/provisioning_api.po
 source_file = translationfiles/templates/provisioning_api.pot
@@ -619,7 +619,6 @@
 - szaimen <szaimen@e.mail.de>
 - tbartenstein <tbartenstein@users.noreply.github.com>
 - tbelau666 <thomas.belau@gmx.de>
- - TechnicalSuwako <suwako@076.moe>
 - tgrant <tom.grant760@gmail.com>
 - timm2k <timm2k@gmx.de>
 - tux-rampage <tux-rampage@users.noreply.github.com>
@@ -6,4 +6,4 @@ and our products: “Nextcloud Files”; “Nextcloud Groupware” and “Nextcl
 This set of marks is collectively referred to as the “Nextcloud marks.”

 Use of Nextcloud logos and other marks is only permitted under the guidelines provided by the Nextcloud GmbH.
-A copy can be found at https://nextcloud.com/trademarks/
+A copy can be found at https://discord.com/branding
@@ -0,0 +1,39 @@
+License Agreement for Freepik Content
+
+The Company authorizes the User to download and use the Freepik Content under the terms of this Section (see Section 7 in relation to Sponsored Content). The Company and its licensors reserve all rights over the Freepik Content not expressly granted in this license to the User.
+
+Subject to the fulfillment of these Terms, the Company authorizes the User in a non-transferable, revocable, limited, non-exclusive manner and on a worldwide basis for the duration of the relevant rights; to download, use and modify the Freepik Content, in a device the User owns or controls and only for the purposes and uses allowed in these Terms.
+
+The User may use the Freepik Content (including any derivative work), either using the Freepik Contents in its entirety or using only some or some of its elements, either using the Freepik Contents without modification, combining them with other contents or having previously modified them, being the license granted with respect to the Freepik content, provided that it:
+
+* Does not involve collective use;
+* The Freepik Content is not used in a manner that suggests an association or endorsement of any kind by the Company or the Website;
+* The Freepik Content or any derivative work is not used or included (in whole or in part) in a database, archive or in any other media/stock product, collection, set of clips, or library, for distribution or resale or used in any other way that could prevent or limit future visits or downloads from the Website;
+* Does not resell, assign, transfer or sublicense the Freepik Content or any derived work from the Freepik Content;
+* Does not use the Freepik Content in printed or electronic items (e.g. t-shirts, cups, postcards, birthday or greeting cards, invitations, calendars, web models or electronic devices, apps, NFTs, videogames, advertising spots, audiovisual animations) aimed to be resold, in which the content in the Freepik Content is the main element (because of size, relevance or any other cause, in case of doubt about whether the content is main element, it shall be deemed that the content is main element);
+* Does not use the Freepik Content (totally or partially) in any trademark, or part of the same, which may be used by any other means to guarantee or to imply a guaranty of any product and/or service, unless the Freepik Content used in such cases is modified in such a way as to be a new and different content not confusingly similar with the original Freepik Content or implies a use of the Freepik Content as a template or test, and not as a final item or material;
+* Does not use the Freepik Content (including any caption information, title, keywords or other metadata associated with the Freepik Content) for any machine learning and/or artificial intelligence purposes, or for any technologies designed or intended for the identification of natural persons.
+* Does not make any use of the Freepik Content which might be considered defamatory, libellous, obscene, immoral or illegal, including, without limitation, using it in a way that places any person appearing in the Freepik Content in a negative light or depicts them in a way that they may find offensive such as the use in pornography, advertisements for escort or similar services, political endorsements, birth control products, and;
+* Does not make any use of the Freepik Content to slander, libel or to vilify a person, race, sex, culture, sexual orientation, religion, country, region, town, village or any other place, or any other human group.
+
+When any Freepik Content is marked or identified as for editorial use, or when within the same there are logos, recognizable products, public buildings, public events or images taken in places where recognizable persons appear in the background, the User shall only be entitled to use it for such editorial use. In such cases, the User undertakes not to use that content in any manner that entails any connection with any business activity, the use in economic traffic or advertising, marketing or commercialization of any product or service. The User shall be directly liable and the Company shall not assume any liability as a result of the use for commercial purposes by the User of any content belonging to the Freepik Content, which according to this paragraph should be for editorial use only.
+
+The authorization to use the Freepik Content shall be free provided that any use of the content in the Freepik Content by the User is credited to the Company/Website as stated by the Company from time to time. In order to benefit from the Service or to use the Freepik Content without acknowledging the Company/Website, the User must purchase a premium subscription (hereinafter, the "Premium Subscription") in the Website and download the Freepik Content during the term of any such Premium Subscription. Conditions in Section 10 shall apply to the purchase of the Premium Subscription.
+
+As a general rule, it is forbidden for a User to authorize any third parties to use the Freepik Content (or any modification of any content in the Freepik Content). As an exception to the prohibition, the User may allow third parties to use the Freepik Content, when each and every of the following conditions are met:
+
+* The third party has professionally instructed the User to produce goods or provide services to it/him/her and the User uses a limited number of items within the Freepik Content to produce such goods or provide such services to the instructing third party;
+* The authorization granted by the User to the third party is in writing and complies with every restriction of the User’s authorization to use the relevant Freepik Content and includes, without limitation, a restriction for the third party to distribute, resell or license the relevant content in the Freepik Content (i.e. the third party is the final user of the relevant content in the Freepik Content);
+* None of the contents in the Freepik Content which are subject to the authorization are used as the main element (because of size, relevance or any other cause; in case of doubt about whether the content is the main element, it shall be deemed as the main element) in printed or electronic items (e.g. t-shirts, cups, postcards, birthday or greeting cards, invitations, calendars, web models or electronic devices, apps, NFTs, videogames, advertising spots, audiovisual animations) aimed to be resold by the third party;
+* The production of goods or provision of services by the User to the third party is not done by automatic means, it is tailor-made for the third party (and therefore its use is not authorized by the User to any other third party) and requires a specific substantial human intervention from the User in relation to each third party; and
+* The User -and not the third party- chooses the specific items within the content of the Freepik Content to be used in the production of goods or provision of services for the third party.
+
+When all of the above conditions are met, the User shall be entitled to authorize a third party to use the relevant content in the Freepik Content. This exception refers only to the prohibition for the User to authorize third parties to use the content in the Freepik Content without affecting or limiting in any way the remaining conditions of the User’s right to use the Freepik Content. Whether the above conditions regarding the exception to the prohibition for Users to authorize third parties to use the content in the Freepik Content are met shall be interpreted restrictively so that, in case of doubt, it shall be deemed that the conditions are not met.
+
+The User does not acquire any right as a result of the use of the content in the Freepik Content. In particular, the User is not authorized to distribute, resell or rent any content in the Freepik Content (or any modification of any content in the Freepik Content).
+
+The Company may, at any time, offer any content on the Website under a different license from the one included in this Section (the "Specific License"). The Company will inform on the Website which content is licensed under an Specific License. The Specific License will be made available to the User and will include, without limitation, a description of the license itself, as well as the permitted and prohibited uses in relation to the content. In the event that a particular content is offered under a Specific License, the Specific License shall apply over the general license described in this Section. Notwithstanding the foregoing, all other obligations contained in these Terms shall continue to be binding on the User, unless they conflict with the Specific License, in which case the Specific License shall prevail.
+
+The User’s rights under this Section will end automatically without any notice if the User breaches any of the Terms. In case of termination of the rights hereunder, the User shall cease using content in the Freepik Content and will destroy every copy, whether total or partial, thereof.
+
+A copy can be found at <https://www.freepikcompany.com/legal/#nav-freepik-agreement>
@@ -5,14 +5,14 @@
 -->
 # Nextcloud Server ☁
 [![REUSE status](https://api.reuse.software/badge/github.com/nextcloud/server)](https://api.reuse.software/info/github.com/nextcloud/server)
-[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/nextcloud/server/badges/quality-score.png?b=stable31)](https://scrutinizer-ci.com/g/nextcloud/server/?branch=stable31)
-[![codecov](https://codecov.io/gh/nextcloud/server/branch/stable31/graph/badge.svg)](https://codecov.io/gh/nextcloud/server)
+[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/nextcloud/server/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/nextcloud/server/?branch=master)
+[![codecov](https://codecov.io/gh/nextcloud/server/branch/master/graph/badge.svg)](https://codecov.io/gh/nextcloud/server)
 [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/209/badge)](https://bestpractices.coreinfrastructure.org/projects/209)
 [![Design](https://contribute.design/api/shield/nextcloud/server)](https://contribute.design/nextcloud/server)

 **A safe home for all your data.**

-![](https://raw.githubusercontent.com/nextcloud/screenshots/stable31/nextcloud-hub-files-25-preview.png)
+![](https://raw.githubusercontent.com/nextcloud/screenshots/master/nextcloud-hub-files-25-preview.png)

 ## Why is this so awesome? 🤩

@@ -59,7 +59,7 @@ There are many ways to contribute, of which development is only one! Find out [h

 Third-party components are handled as git submodules which have to be initialized first. So aside from the regular git checkout invoking `git submodule update --init` or a similar command is needed, for details see Git documentation.

-Several apps that are included by default in regular releases such as [First run wizard](https://github.com/nextcloud/firstrunwizard) or [Activity](https://github.com/nextcloud/activity) are missing in `stable31` and have to be installed manually by cloning them into the `apps` subfolder.
+Several apps that are included by default in regular releases such as [First run wizard](https://github.com/nextcloud/firstrunwizard) or [Activity](https://github.com/nextcloud/activity) are missing in `master` and have to be installed manually by cloning them into the `apps` subfolder.

 Otherwise, git checkouts can be handled the same as release archives, by using the `stable*` branches. Note they should never be used on production systems.

@@ -14,5 +14,4 @@ export default {
 	get: async () => ({ status: 200, data: {} }),
 	delete: async () => ({ status: 200, data: {} }),
 	post: async () => ({ status: 200, data: {} }),
-	head: async () => ({ status: 200, data: {} }),
 }
@@ -3,11 +3,11 @@
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

-import { vi } from 'vitest'
+import { jest } from '@jest/globals'

-export const showMessage = vi.fn()
-export const showSuccess = vi.fn()
-export const showWarning = vi.fn()
-export const showInfo = vi.fn()
-export const showError = vi.fn()
-export const showUndo = vi.fn()
+export const showMessage = jest.fn()
+export const showSuccess = jest.fn()
+export const showWarning = jest.fn()
+export const showInfo = jest.fn()
+export const showError = jest.fn()
+export const showUndo = jest.fn()
@@ -2,13 +2,7 @@
 * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
-window.OC = {
-	config: {
-		version: '31.0.0',
-	},
-	...window.OC,
-}
-
+window.OC = { ...window.OC }
 window.OCA = { ...window.OCA }
 window.OCP = { ...window.OCP }

@@ -1,7 +0,0 @@
-/**
- * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: CC0-1.0
- */
-export function setup() {
-	process.env.TZ = 'UTC'
-}
@@ -3,4 +3,3 @@
 * SPDX-License-Identifier: CC0-1.0
 */
 import '@testing-library/jest-dom/vitest'
-import 'core-js/stable/index.js'
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Аўдыт / Журнал",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Прадастаўляе магчымасці вядзення журнала дзенняў для Nextcloud, такіх як доступ да файлаў або іншых канфідэнцыйных дзеянняў."
-},
-"nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n%100>=11 && n%100<=14)? 2 : 3);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Аўдыт / Журнал",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Прадастаўляе магчымасці вядзення журнала дзенняў для Nextcloud, такіх як доступ да файлаў або іншых канфідэнцыйных дзеянняў."
-},"pluralForm" :"nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n%100>=11 && n%100<=14)? 2 : 3);"
-}
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Одитиране / Регистри на действията",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Предоставя възможности за създаване на регистри на действията в \"Nextcloud\", като например кой е осъществил достъп до файл или други действия."
+    "Auditing / Logging" : "Одитиране/създаване на регистри",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Предоставя възможности за регистриране в Nextcloud, като например достъп до файлове за регистриране или други чувствителни действия."
 },
 "nplurals=2; plural=(n != 1);");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "Одитиране / Регистри на действията",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Предоставя възможности за създаване на регистри на действията в \"Nextcloud\", като например кой е осъществил достъп до файл или други действия."
+    "Auditing / Logging" : "Одитиране/създаване на регистри",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Предоставя възможности за регистриране в Nextcloud, като например достъп до файлове за регистриране или други чувствителни действия."
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -1,6 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Aodit / Kerzhlevr"
-},
-"nplurals=5; plural=((n%10 == 1) && (n%100 != 11) && (n%100 !=71) && (n%100 !=91) ? 0 :(n%10 == 2) && (n%100 != 12) && (n%100 !=72) && (n%100 !=92) ? 1 :(n%10 ==3 || n%10==4 || n%10==9) && (n%100 < 10 || n% 100 > 19) && (n%100 < 70 || n%100 > 79) && (n%100 < 90 || n%100 > 99) ? 2 :(n != 0 && n % 1000000 == 0) ? 3 : 4);");
@@ -1,4 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Aodit / Kerzhlevr"
-},"pluralForm" :"nplurals=5; plural=((n%10 == 1) && (n%100 != 11) && (n%100 !=71) && (n%100 !=91) ? 0 :(n%10 == 2) && (n%100 != 12) && (n%100 !=72) && (n%100 !=92) ? 1 :(n%10 ==3 || n%10==4 || n%10==9) && (n%100 < 10 || n% 100 > 19) && (n%100 < 70 || n%100 > 79) && (n%100 < 90 || n%100 > 99) ? 2 :(n != 0 && n % 1000000 == 0) ? 3 : 4);"
-}
@@ -2,6 +2,6 @@ OC.L10N.register(
    "admin_audit",
    {
    "Auditing / Logging" : "Ekzamenado / Protokolado",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Ebligas protokoladon, ekzemple protokolado de aliroj al dosieroj aŭ aliaj delikataj agoj."
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Provizi protokolado-kapablojn por Nextcloud, kiel ekzemple protokolado de aliroj al dosieroj aŭ aliaj delikataj agoj."
 },
 "nplurals=2; plural=(n != 1);");
@@ -1,5 +1,5 @@
 { "translations": {
    "Auditing / Logging" : "Ekzamenado / Protokolado",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Ebligas protokoladon, ekzemple protokolado de aliroj al dosieroj aŭ aliaj delikataj agoj."
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Provizi protokolado-kapablojn por Nextcloud, kiel ekzemple protokolado de aliroj al dosieroj aŭ aliaj delikataj agoj."
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
@@ -1,7 +1,6 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Auditoría / Registros",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Proporciona capacidades de registro para Nextcloud, como el registro de accesos a archivos o acciones sensibles."
+    "Auditing / Logging" : "Auditoría / Registros"
 },
 "nplurals=3; plural=n == 1 ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;");
@@ -1,5 +1,4 @@
 { "translations": {
-    "Auditing / Logging" : "Auditoría / Registros",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Proporciona capacidades de registro para Nextcloud, como el registro de accesos a archivos o acciones sensibles."
+    "Auditing / Logging" : "Auditoría / Registros"
 },"pluralForm" :"nplurals=3; plural=n == 1 ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;"
 }
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "حسابرسی / گزارش‌گیری",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "قابلیت‌های گزارش‌گیری مانند ثبت گزارش دسترسی به پرونده‌ها یا اقدامات حساس دیگر را برای نکست‌کلود فراهم می‌کند."
+    "Auditing / Logging" : "حسابرسی / ورود به سیستم",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "قابلیت‌های ثبت‌نام را برای نکست‌کلود فراهم می‌کند، مانند ثبت دسترسی به فایل‌ها یا اقدامات حساس دیگر."
 },
 "nplurals=2; plural=(n > 1);");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "حسابرسی / گزارش‌گیری",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "قابلیت‌های گزارش‌گیری مانند ثبت گزارش دسترسی به پرونده‌ها یا اقدامات حساس دیگر را برای نکست‌کلود فراهم می‌کند."
+    "Auditing / Logging" : "حسابرسی / ورود به سیستم",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "قابلیت‌های ثبت‌نام را برای نکست‌کلود فراهم می‌کند، مانند ثبت دسترسی به فایل‌ها یا اقدامات حساس دیگر."
 },"pluralForm" :"nplurals=2; plural=(n > 1);"
 }
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Pengauditan/Pencatatan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kemampuan pencatatan untuk Nextcloud, misalnya pencatatan akses file atau tindakan sensitif lainnya."
+    "Auditing / Logging" : "Pemeriksaan / Pencatatan",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kemampuan pencatatan untuk Nextcloud seperti pencatatan akses berkas atau tindakan sensitif lainnya."
 },
 "nplurals=1; plural=0;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "Pengauditan/Pencatatan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kemampuan pencatatan untuk Nextcloud, misalnya pencatatan akses file atau tindakan sensitif lainnya."
+    "Auditing / Logging" : "Pemeriksaan / Pencatatan",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kemampuan pencatatan untuk Nextcloud seperti pencatatan akses berkas atau tindakan sensitif lainnya."
 },"pluralForm" :"nplurals=1; plural=0;"
 }
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Auditēšana / Žurnalizēšana",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nodrošina Nextcloud žurnalēšanas spējas, piemēram, datņu piekļuves žurnalēšanu vai citas jūtīgas darbības."
-},
-"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Auditēšana / Žurnalizēšana",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Nodrošina Nextcloud žurnalēšanas spējas, piemēram, datņu piekļuves žurnalēšanu vai citas jūtīgas darbības."
-},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);"
-}
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Pengauditan / Pengelogan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kebolehan pengelogan untuk Nextcloud seperti akses fail log atau tindakan sensitif."
-},
-"nplurals=1; plural=0;");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Pengauditan / Pengelogan",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Menyediakan kebolehan pengelogan untuk Nextcloud seperti akses fail log atau tindakan sensitif."
-},"pluralForm" :"nplurals=1; plural=0;"
-}
@@ -2,6 +2,6 @@ OC.L10N.register(
    "admin_audit",
    {
    "Auditing / Logging" : "Auditoria / Registro",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece recursos de registro para o Nextcloud, como acessos a arquivos de registro ou outras ações sensíveis."
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece habilidades de registro para o NextCloud, como acessos de arquivo de log ou ações sensíveis."
 },
 "nplurals=3; plural=(n == 0 || n == 1) ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;");
@@ -1,5 +1,5 @@
 { "translations": {
    "Auditing / Logging" : "Auditoria / Registro",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece recursos de registro para o Nextcloud, como acessos a arquivos de registro ou outras ações sensíveis."
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece habilidades de registro para o NextCloud, como acessos de arquivo de log ou ações sensíveis."
 },"pluralForm" :"nplurals=3; plural=(n == 0 || n == 1) ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;"
 }
@@ -1,7 +1,7 @@
 OC.L10N.register(
    "admin_audit",
    {
-    "Auditing / Logging" : "Auditorias / registos",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou outras ações sensíveis. "
+    "Auditing / Logging" : "Auditorias / Registos",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou demais ações sensíveis. "
 },
 "nplurals=3; plural=(n == 0 || n == 1) ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;");
@@ -1,5 +1,5 @@
 { "translations": {
-    "Auditing / Logging" : "Auditorias / registos",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou outras ações sensíveis. "
+    "Auditing / Logging" : "Auditorias / Registos",
+    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Fornece funcionalidades de registo para o Nextcloud como registar acessos a ficheiros ou demais ações sensíveis. "
 },"pluralForm" :"nplurals=3; plural=(n == 0 || n == 1) ? 0 : n != 0 && n % 1000000 == 0 ? 1 : 2;"
 }
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Praćenje / Beleženje",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Daje Nextcloudu mogućnost beleženja, poput pristupa fajlovima ili drugih osetljivih radnji."
-},
-"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);");
@@ -1,5 +0,0 @@
-{ "translations": {
-    "Auditing / Logging" : "Praćenje / Beleženje",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Daje Nextcloudu mogućnost beleženja, poput pristupa fajlovima ili drugih osetljivih radnji."
-},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"
-}
@@ -1,7 +0,0 @@
-OC.L10N.register(
-    "admin_audit",
-    {
-    "Auditing / Logging" : "Ukaguzi/kuweka kumbukumbu",
-    "Provides logging abilities for Nextcloud such as logging file accesses or otherwise sensitive actions." : "Hutoa uwezo wa kuweka kumbukumbu kwa Nextcloud kama vile ufikiaji wa faili za kumbukumbu au vitendo nyeti."
-},
-"nplurals=2; plural=(n != 1);");
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Christopher Ng	5f0a45ee1c	chore(files): Adapt to moved payload Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-09-13 17:31:25 -07:00
Christopher Ng	fb87dc331b	chore(files): Provide old node on moved Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-09-13 17:31:25 -07:00