[10.15.0]: https://github.com/owncloud/core/compare/v10.14.0...v10.15.0
## Summary
* Bugfix - Fail fast on unresponsive remote servers: [#41210](https://github.com/owncloud/core/pull/41210)
* Bugfix - Link in public link notification has to be from a trusted domain: [#41214](https://github.com/owncloud/core/pull/41214)
* Bugfix - User can only change their own external storage configuration: [#41225](https://github.com/owncloud/core/pull/41225)
* Bugfix - Hardening SVG processing: [#41234](https://github.com/owncloud/core/pull/41234)
* Bugfix - Handle no longer existing user in preview cleanup: [#41247](https://github.com/owncloud/core/pull/41247)
* Bugfix - Disallow HTTP API requests for user external storages in case disabled: [#41250](https://github.com/owncloud/core/pull/41250)
* Bugfix - Handle short classes in Autoloader: [#41252](https://github.com/owncloud/core/pull/41252)
* Bugfix - No update check if not connected to the internet: [#41262](https://github.com/owncloud/core/pull/41262)
* Bugfix - Default value of preview_max_dimensions is now 6016x6016: [#41263](https://github.com/owncloud/core/pull/41263)
* Bugfix - AllConfig::getUserKeys to return string[] only: [#41270](https://github.com/owncloud/core/pull/41270)
* Bugfix - Wrong Logic When 'allow_user_mounting' is Initially Undefined: [#41272](https://github.com/owncloud/core/pull/41272)
* Change - Update PHP dependencies: [#41195](https://github.com/owncloud/core/pull/41195)
## Details
* Bugfix - Fail fast on unresponsive remote servers: [#41210](https://github.com/owncloud/core/pull/41210)
In case a remote/federated server is not responding the share will not be added and any requests
will fail faster.
https://github.com/owncloud/core/pull/41210
* Bugfix - Link in public link notification has to be from a trusted domain: [#41214](https://github.com/owncloud/core/pull/41214)
https://github.com/owncloud/core/pull/41214
* Bugfix - User can only change their own external storage configuration: [#41225](https://github.com/owncloud/core/pull/41225)
https://github.com/owncloud/core/pull/41225
* Bugfix - Hardening SVG processing: [#41234](https://github.com/owncloud/core/pull/41234)
Purify SVGs before processing.
https://github.com/owncloud/core/pull/41234
* Bugfix - Handle no longer existing user in preview cleanup: [#41247](https://github.com/owncloud/core/pull/41247)
A no longer existing user no longer causes an exception in the preview cleanup job.
https://github.com/owncloud/core/pull/41247
* Bugfix - Disallow HTTP API requests for user external storages in case disabled: [#41250](https://github.com/owncloud/core/pull/41250)
API requests for a user's external storages now correctly fail when user mounted storages are
disabled.
https://github.com/owncloud/core/pull/41250
* Bugfix - Handle short classes in Autoloader: [#41252](https://github.com/owncloud/core/pull/41252)
The Autoloader findClass method was emitting a PHP notice "undefined offset" for class
strings at the top OCA level. The code has been corrected so that the PHP notice is not emitted.
https://github.com/owncloud/core/pull/41252
https://github.com/owncloud/core/pull/41253
* Bugfix - No update check if not connected to the internet: [#41262](https://github.com/owncloud/core/pull/41262)
In case an owncloud instance is not connected to the internet there is no need in polling for
updates in the update notification app.
https://github.com/owncloud/core/pull/41262
* Bugfix - Default value of preview_max_dimensions is now 6016x6016: [#41263](https://github.com/owncloud/core/pull/41263)
This allows processing of 4K portrait images by default.
https://github.com/owncloud/core/pull/41263
* Bugfix - AllConfig::getUserKeys to return string[] only: [#41270](https://github.com/owncloud/core/pull/41270)
The array returned by getUserKeys() is now always an array of strings.
https://github.com/owncloud/core/pull/41270
* Bugfix - Wrong Logic When 'allow_user_mounting' is Initially Undefined: [#41272](https://github.com/owncloud/core/pull/41272)
On a freshly installed system, the checkbox '[ ] Allow users to mount external storage' is not
set, implying 'no'. The code handled this as 'yes' until the admin once selected and unselected
the checkbox.
https://github.com/owncloud/core/pull/41272
https://github.com/owncloud/core/pull/41273
* Change - Update PHP dependencies: [#41195](https://github.com/owncloud/core/pull/41195)
The following have been updated: - deepdiver/zipstreamer (2.0.2 to 2.0.3) -
google/apiclient (v2.15.3 to v2.16.0) - google/apiclient-services (v0.335.0 to v0.355.0)
- google/auth (v1.35.0 to v1.37.1) - monolog/monolog (2.9.2 to 2.9.3) -
paragonie/constant_time_encoding (v2.6.3 to v2.7.0) - pear/archive_tar (1.4.14 to
1.15.0) - pear/pear-core-minimal (v1.10.14 to v1.10.15) - phpseclib/phpseclib (3.0.35 to
3.0.39) - psr/http-factory (1.0.2 to 1.1.0) - sabre/xml (2.2.6 to 2.2.7) -
symfony/event-dispatcher-contracts (v2.5.2 to v2.5.3) - symfony/service-contracts
(v2.5.2 to v2.5.3) - symfony/translation-contracts (v2.5.2 to v2.5.3) - symfony/console
(v5.4.35 to v5.4.40) - symfony/event-dispatcher (v5.4.35 to v5.4.40) - symfony/process
(v5.4.35 to v5.4.40) - symfony/routing (v5.4.35 to v5.4.40) - symfony/string (v5.4.35 to
v5.4.40) - symfony/translation (v5.4.35 to v5.4.40)
https://github.com/owncloud/core/pull/41195
https://github.com/owncloud/core/pull/41203
https://github.com/owncloud/core/pull/41205
https://github.com/owncloud/core/pull/41212
https://github.com/owncloud/core/pull/41222
https://github.com/owncloud/core/pull/41230
https://github.com/owncloud/core/pull/41242
https://github.com/owncloud/core/pull/41255
https://github.com/owncloud/core/pull/41259
https://github.com/owncloud/core/pull/41267
https://github.com/owncloud/core/pull/41276
[10.14.0]: https://github.com/owncloud/core/compare/v10.13.4...v10.14.0
## Summary
* Bugfix - Validate comment verb length: [#40965](https://github.com/owncloud/core/pull/40965)
* Bugfix - Log.conditions with `shared_secret` shall not break file uploads: [#41044](https://github.com/owncloud/core/pull/41044)
* Bugfix - Create previews from first page: [#41045](https://github.com/owncloud/core/pull/41045)
* Bugfix - CalDAV query where the time range is not given: [#41050](https://github.com/owncloud/core/pull/41050)
* Bugfix - Store user information in explicit variable: [#41054](https://github.com/owncloud/core/pull/41054)
* Bugfix - Fix expiration date and eliminate duplicate entries in file list: [#41056](https://github.com/owncloud/core/pull/41056)
* Bugfix - LDAP groups will be properly applied to external storages: [#41063](https://github.com/owncloud/core/pull/41063)
* Bugfix - Disallow browsers to translate the frontend: [#41067](https://github.com/owncloud/core/pull/41067)
* Bugfix - Limit performance impact when version meta data is enabled: [#41069](https://github.com/owncloud/core/pull/41069)
* Bugfix - Proper error handling when deleting users or groups: [#41077](https://github.com/owncloud/core/pull/41077)
* Bugfix - Account terms can be removed if they differ with the ones stored: [#41120](https://github.com/owncloud/core/pull/41120)
* Bugfix - "user:list -a" occ command now correctly displays user's creation time: [#41125](https://github.com/owncloud/core/pull/41125)
* Bugfix - Fix log exceptions for mp3 preview: [#41153](https://github.com/owncloud/core/pull/41153)
* Bugfix - Set oc_file_locks.id to bigint: [#41158](https://github.com/owncloud/core/pull/41158)
* Bugfix - Add compatibility to richdocuments.document.index route: [#41161](https://github.com/owncloud/core/pull/41161)
* Bugfix - Sanitize title in dialogs: [#41166](https://github.com/owncloud/core/pull/41166)
* Bugfix - Decommission of templateeditor app: [#41168](https://github.com/owncloud/core/pull/41168)
* Bugfix - Input validation when setting the displayname of a user or self: [#41172](https://github.com/owncloud/core/pull/41172)
* Bugfix - Image dimension validation on avatar upload and preview generation: [#41175](https://github.com/owncloud/core/pull/41175)
* Change - No activities on rejected shares: [#41078](https://github.com/owncloud/core/pull/41078)
* Change - Update PHP dependencies: [#41033](https://github.com/owncloud/core/pull/41033)
* Enhancement - Replace the isAdmin implementation: [#41171](https://github.com/owncloud/core/pull/41171)
## Details
* Bugfix - Validate comment verb length: [#40965](https://github.com/owncloud/core/pull/40965)
User input validation of comment verb
https://github.com/owncloud/core/pull/40965
* Bugfix - Log.conditions with `shared_secret` shall not break file uploads: [#41044](https://github.com/owncloud/core/pull/41044)
Any file upload (or PUT request in general) could cause a 500/Internal Server Error due to wrong
usage of the request object. This is now fixed.
https://github.com/owncloud/core/pull/41044
* Bugfix - Create previews from first page: [#41045](https://github.com/owncloud/core/pull/41045)
On multi-page documents (doc, odt, pdf etc) the preview will now be generated from the first
page and no longer from the last page.
https://github.com/owncloud/core/pull/41045
* Bugfix - CalDAV query where the time range is not given: [#41050](https://github.com/owncloud/core/pull/41050)
Outlook CalDAV plugin is sending `false` as time range which no longer results in a crash.
https://github.com/owncloud/core/issues/39922
https://github.com/owncloud/core/pull/41050
* Bugfix - Store user information in explicit variable: [#41054](https://github.com/owncloud/core/pull/41054)
Before user information was stored in the browser global object. In some rare cases browsers
seem to loose data stored in the global object. This is fixed now.
https://github.com/owncloud/enterprise/issues/5873
https://github.com/owncloud/core/pull/41054
* Bugfix - Fix expiration date and eliminate duplicate entries in file list: [#41056](https://github.com/owncloud/core/pull/41056)
We've addressed two visual issues in the web ui file list. Firstly, the problem where the start
of the epoch was mistakenly displayed as an expiration date in the shared file list has been
resolved. Secondly, we've tackled the pesky bug causing duplicate entries to appear when
switching between shared tabs and clicking on a file list entry.
https://github.com/owncloud/core/pull/41056
* Bugfix - LDAP groups will be properly applied to external storages: [#41063](https://github.com/owncloud/core/pull/41063)
The admin can setup external storages to be used by specific users and groups. When a LDAP group
was setup, there were some issues so users belonging to that group weren't able to access the
external storage even though they should.
Now, users belonging to LDAP groups can access external storages configured to be accessed by
those groups.
https://github.com/owncloud/core/pull/41063
* Bugfix - Disallow browsers to translate the frontend: [#41067](https://github.com/owncloud/core/pull/41067)
Web frontend offers a lot of proper translations. Browser capabilities are not needed.
https://github.com/owncloud/core/issues/39946
https://github.com/owncloud/core/pull/41067
* Bugfix - Limit performance impact when version meta data is enabled: [#41069](https://github.com/owncloud/core/pull/41069)
Negative performance impact when `file_storage.save_version_metadata` is enabled has
been removed.
https://github.com/owncloud/core/pull/41069
* Bugfix - Proper error handling when deleting users or groups: [#41077](https://github.com/owncloud/core/pull/41077)
https://github.com/owncloud/core/pull/41077
https://github.com/owncloud/core/pull/41075
* Bugfix - Account terms can be removed if they differ with the ones stored: [#41120](https://github.com/owncloud/core/pull/41120)
Search terms for the account can now be removed from the DB if they differ with the ones stored in
the DB. This can happen with the user_ldap app, when user search attributes are removed from the
connection configuration in the LDAP wizard.
https://github.com/owncloud/core/pull/41120
* Bugfix - "user:list -a" occ command now correctly displays user's creation time: [#41125](https://github.com/owncloud/core/pull/41125)
Previously, the "user:list -a" occ command was not correctly returning the user's creation
time but rather the path to the user's home directory. This has been now fixed.
https://github.com/owncloud/core/pull/41125
* Bugfix - Fix log exceptions for mp3 preview: [#41153](https://github.com/owncloud/core/pull/41153)
This change fixes log exceptions when previews for mp3 files are being created
https://github.com/owncloud/core/pull/41153
* Bugfix - Set oc_file_locks.id to bigint: [#41158](https://github.com/owncloud/core/pull/41158)
https://github.com/owncloud/core/pull/41158
* Bugfix - Add compatibility to richdocuments.document.index route: [#41161](https://github.com/owncloud/core/pull/41161)
https://github.com/owncloud/core/pull/41161
* Bugfix - Sanitize title in dialogs: [#41166](https://github.com/owncloud/core/pull/41166)
https://github.com/owncloud/core/pull/41166
* Bugfix - Decommission of templateeditor app: [#41168](https://github.com/owncloud/core/pull/41168)
https://github.com/owncloud/core/pull/41168
* Bugfix - Input validation when setting the displayname of a user or self: [#41172](https://github.com/owncloud/core/pull/41172)
https://github.com/owncloud/core/pull/41172
* Bugfix - Image dimension validation on avatar upload and preview generation: [#41175](https://github.com/owncloud/core/pull/41175)
https://github.com/owncloud/core/pull/41175
https://github.com/owncloud/core/pull/41193
* Change - No activities on rejected shares: [#41078](https://github.com/owncloud/core/pull/41078)
As soon as a user has rejected a share no activities within this share are reported via the
activity app.
https://github.com/owncloud/core/pull/41078
* Change - Update PHP dependencies: [#41033](https://github.com/owncloud/core/pull/41033)
The following have been updated: - deepdiver/zipstreamer (2.0.0 to v2.0.2) -
doctrine/deprecations (1.1.2 to 1.1.3) - doctrine/lexer (2.1.0 to 2.1.1) -
firebase/php-jwt (6.8.1 to 6.10.0) - google/apiclient (v2.15.1 to v2.15.3) -
google/apiclient-services (v0.319.0 to v0.335.0) - google/auth (v1.31.0 to v1.35.0) -
guzzlehttp/guzzle (7.8.0 to 7.8.1) - laravel/serializable-closure (v1.3.1 to v1.3.3) -
league/mime-type-detection (1.13.0 to 1.15.0) - monolog/monolog (2.9.1 to 2.9.2) -
phpseclib/phpseclib (3.0.33 to 3.0.35) - sabre/dav (4.4.0 to 4.6.0) - sabre/vobject (4.5.3
to 4.5.4) - symfony/console (5.4.28 to 5.4.35) - symfony/event-dispatcher (5.4.26 to
5.4.35) - symfony/polyfill-php80 (v1.28.0 to v1.29.0) - symfony/process (5.4.28 to 5.4.35)
- symfony/routing (5.4.26 to 5.4.35) - symfony/string (5.4.29 to 5.4.35) -
symfony/translation (5.4.24 to 5.4.35)
https://github.com/owncloud/core/pull/41033
https://github.com/owncloud/core/pull/41071
https://github.com/owncloud/core/pull/41081
https://github.com/owncloud/core/pull/41097
https://github.com/owncloud/core/pull/41101
https://github.com/owncloud/core/pull/41102
https://github.com/owncloud/core/pull/41121
https://github.com/owncloud/core/pull/41126
https://github.com/owncloud/core/pull/41130
https://github.com/owncloud/core/pull/41132
https://github.com/owncloud/core/pull/41133
https://github.com/owncloud/core/pull/41139
https://github.com/owncloud/core/pull/41151
https://github.com/owncloud/core/pull/41152
https://github.com/owncloud/core/pull/41155
https://github.com/owncloud/core/pull/41173
https://github.com/owncloud/core/pull/41182
* Enhancement - Replace the isAdmin implementation: [#41171](https://github.com/owncloud/core/pull/41171)
Instead of asking the backends for the groups an user belongs to, we now get the admin group and
list the members to detect if user is admin or not
https://github.com/owncloud/core/pull/41171
Copyright 2K16 - 2K18 Indonesian Hacker Rulez