Nextcloud 17 Beta 2 arrived! But still no news?

Nextcloud 17 Beta 2 has been pushed to the beta update channel, and I am still missing any official news about this upcoming release.

I guess most admins, that selected the beta channel, see the notification, then head over to the forum to see what’s new, what to test, what to keep an eye on.

So the best place to find details is of course the Nextcloud server GitHub page. Here an unfiltered overview of all issues and pull requests attached to the Nextcloud 17 milestone:
https://github.com/nextcloud/server/issues?q=milestone:“Nextcloud+17”

  • Note that some are doubled, since every opened issue that leads code changes, has an attached pull request.
  • You can select Labels to filter the ~700 entries by category, effected features, development state and such.

An overview about what what is and has been worked on between the beta versions can be found in their overview pull requests, which themselves do not more then raising the RC version:

To see ALL commits between the current Nextcloud 16 release and the upcoming 17 Beta 3, one can compare the two branches. But IMO this is simply too much to be helpful: https://github.com/nextcloud/server/compare/stable16...version/17.0.0/beta3


While one can do some effort to find out about all changes that have been done, it is IMO hard to get the essence, the ~10 largest or most important features, or the area (security, performance, usability, …) which has been especially worked on for this release, if applicable. This info is what would allow me to test more target orientated and what only official news from insiders can serve :smiley:.

And btw. the admin panel still gives you the wrong information that there were updates available for all apps, but they are NOT! For me most importantly the calendar app has no NC17 release yet, and I could not find any info about any known issue or successful test of the current version with NC17.

1 Like

Okay I went the step now and updated Nextcloud 16.0.4 => 17.0.0 Beta 2.

Process via web based updater

  • I used the web based updater, since it should be generally slightly more vulnerable. If it fails, often the console-based update method works instead. So when one really want to help testing, use the web updater, if one want to stay on the safe side (while still want to test Beta versions), use the console-based (occ) update method.
  • :u6307: No issues

Incompatible apps

  • AppOrder
  • Calendar
  • Impersonate
  • Ransomware protection

Enable untested app

  • :u6307: AppOrder works without issues, icons are ordered as I chose, start app opens as chosen, re-ordering via settings works. No related Nextcloud or server log.

  • :u6307: Calendar works perfectly fine as well, web UI, client (CalDAV) sync, settings, no related log entries.
    EDIT: Got official NC17-compatible update meanwhile.

  • :u6307: Impersonate works fine as well. I am wondering why impersonating a user produces two warnings in logs. This should be infos instead since for users/admins with sufficient permissions this is expected. However, no other logs that would indicate an error.
    EDIT: Got official NC17-compatible update meanwhile.

  • :u5272: Ransomware protection fails with a massive secondly repeating error message:
    :u6307: EDIT: This has been fixed with a new app release, works well now!

    [no app in context] Error: InvalidArgumentException: Notifier Ransomware-Schutz (id: ransomware_protection) is not considered because it is using the old way to register. at <<closure>>
    
    0. /var/www/nextcloud/apps/ransomware_protection/lib/AppInfo/Application.php line 86
       OC\Notification\Manager->registerNotifier(Closure {}, Closure {})
    1. /var/www/nextcloud/apps/ransomware_protection/lib/AppInfo/Application.php line 46
       OCA\RansomwareProtection\AppInfo\Application->registerNotificationNotifier()
    2. /var/www/nextcloud/apps/ransomware_protection/appinfo/app.php line 25
       OCA\RansomwareProtection\AppInfo\Application->register()
    3. /var/www/nextcloud/lib/private/legacy/app.php line 260
       undefinedundefinedrequire_once("/var/www/nextcl ... p")
    4. /var/www/nextcloud/lib/private/legacy/app.php line 154
       OC_App::requireAppFile(OCA\RansomwarePr ... {})
    5. /var/www/nextcloud/lib/private/legacy/app.php line 127
       OC_App::loadApp("ransomware_protection")
    6. /var/www/nextcloud/lib/base.php line 985
       OC_App::loadApps()
    7. /var/www/nextcloud/index.php line 42
       OC::handleRequest()
    
    POST /nextcloud/settings/apps/disable
    from 149.233.241.245 by Micha at 2019-08-25T15:20:58+02:10
    

    https://github.com/nextcloud/ransomware_protection/issues/52

Other error log entries

[cron] Error: Error: Call to a member function getTime() on null at <<closure>>

0. /var/www/nextcloud/lib/public/BackgroundJob/QueuedJob.php line 46
   OCP\BackgroundJob\Job->execute(OC\BackgroundJob\JobList {}, OC\Log {})
1. /var/www/nextcloud/cron.php line 124
   OCP\BackgroundJob\QueuedJob->execute(OC\BackgroundJob\JobList {}, OC\Log {})

at 2019-08-25T15:15:03+02:00
  • :u55b6: Occurred only once during the first 15-minutely cron job after the update. The next cron jobs ran without any error, so I guess it was a one-time error.

Affected server config

The X security headers are implemented in a different way now:

  • X-Frame-Options "SAMEORIGIN" has been added to .htaccess and is expected to be set manually in non-Apache (non-htaccess capable) webserver configs, otherwise the admin panel will print a warning. This aligns this security header with the other ones, so it is sent not only by PHP (script internally) but by the webserver itself.
  • All security headers got the always options, which means that they are send as well with non-2xx answers, e.g. 30x (redirection) and 40x (error).
  • The example Nginx config has already been updated to reflect these changes: https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html
    Although there are still some minor flaws in it: https://github.com/nextcloud/documentation/pull/1597

If you have other web sites/applications on the same webserver, e.g. Nextcloud only being one sub directory, AND it is Apache, then this as well means the following:

  • Apache maintains two separate tables for headers. One for 2xx-only headers (without always option) and one for headers with always option. This means that headers can be send doubled as 2xx response, if they were added to both tables.
  • Nextcloud still does not like this, and the admin panel will show a warning about each security header that is send doubled (added to both tables).
  • So this means, to get rid of the warning, you can either:
    • Set/Add all headers, applied to webroot, only with the always option, so the 2xx-only response table stays empty.
    • Or unset all 2xx-only headers within you Nextcloud vhost/dir config.

New apps

The new Text app is installed and enabled by default. See the related news:

  • It seems to work well, however I just recognised it due to info channel log entries every 15 minutes (system cron):
4 Likes

On my experimental install I used the web-updater. Everything seemed to work alright, but got HTTP ERROR 500
I did occ maintenance:repair and got

PHP Fatal error: Declaration of OCA\GroupFolders\Versions\VersionsBackend::getVersionFile(OCP\IUser $user, OCP\Files\FileInfo $sourceFile, int $revision): OCP\Files\File must be compatible with OCA\Files_Versions\Versions\IVersionBackend::getVersionFile(OCP\IUser $user, OCP\Files\FileInfo $sourceFile, $revision): OCP\Files\File in /var/www/nextcloud/apps/groupfolders/lib/Versions/VersionsBackend.php on line 38

did occ upgrade

Then NC worked. Some apps are marked non tested. Calender seems to work. PicoCMS does not.

Have this error in the logg (same as I have in NC 16-0-3 after upgrade of mail)

{“reqId”:“ETRqW1UoVU00Uu9fOM3I”,“level”:3,“time”:“2019-08-27T10:12:09+02:00”,“remoteAddr”:“192.168.1.1”,“user”:“NCadmin”,“app”:“PHP”,“method”:“GET”,“url”:"/apps/cms_pico/pico/nyheter",“message”:“Cannot retrieve value of undefined directive Core.AllowParseManyTags invoked on line 72 in file /var/www/nextcloud/apps/mail/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php at /var/www/nextcloud/apps/mail/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php#901”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36”,“version”:“17.0.0.4”,“id”:“5d64e67b95318”}

1 Like

You could perhaps make a request that with the beta versions to give more details on what is new and what should be tested. I am happy to test new features that interest me but I am not going to search what might have changed. Changes are not only in the main repo, it could be in different apps as well.

2 Likes

There is done daily hard work on a new 1.0 release: https://github.com/nextcloud/cms_pico/tree/cms_pico-1.0
That is also marked as NC17 comparible: https://github.com/nextcloud/cms_pico/blob/cms_pico-1.0/appinfo/info.xml#L48

Jep. I mean with the last major version beta releases, there were news with major changes published quite early, e.g.: Time for some testing: Beta 1 of Nextcloud 16 is here!
Not sure why there is still none for NC17. It is beta, so no claims and every beta user has to know that there can be still bugs and incompatibilities, reported or not. But indeed as it is beta (and not dev/nightly), I assume it is meant to be ready for public testing. And it should be in everyone’s interest that this beta phase is as productive as possible:

  • Admin panel should show the correct info about which apps have compatible releases and which not, so users can check in the first place if they can even test the majority of the apps they use or not (yet).
  • An overview news thread here, as of mentioned reasons, makes sense, right with the first beta that is pushed to update channel. This could be even linked from within the admin panel, as “see what's new”.

Ransomware protection has been fixed (new release available) meanwhile btw :smiley:.

Nextcloud 17 Beta 3 is available.

The admin panel now shows correctly which apps have compatible updates available and which not, so this seems to have been fixed by with an earlier beta (I upgraded from v16.0.4 to v17 Beta 2 directly).

Fixes/changes from Beta 2 to Beta 3

  • What requires admin attention is that the cron job frequency advice has been changed from once every 15 minutes to once every 5 minutes. Hmm, for home, family or small office servers this might be an overkill? No harm, but it spams my journalctl:smile:

Lets do it

  • :u6307: No issues
  • :u55b6: Indeed admin panel shows a warning if last cron job has been more then 5 minutes ago. crontab -u www-data -e: */15 => */5 and we’re back in order. For large instances this most likely makes sense, for small instances most probably not, but it does not hurt.

Tasks for Nextcloud 17 Beta 4

Important

:u5272: Group folders currently break Nextcloud 17 (500 internal server error): https://github.com/nextcloud/groupfolders/issues/565
It is not disabled on update automatically. Manually removing the app directory from Nextcloud install dir is required to regain access. Of course at best remove the app ordinary BEFORE updating to NC17 Beta.

I think it was like this at least in the past. It’s just how often do you want this background jobs (notifications, clean-up processes) to run. So they probably say, it’s best to run it as often as possible, one reason not to do is that if you want your disks to shut down after some time.

I think that is a good thing for a bug report. If it is not really required to run as often, it would be enough to check if the cronjob was run within the last 30 minutes. In case some new feature or some new internal logic requires the cronjob to run every 5 minutes, they should tell you.

2 Likes

If it makes sense to check every setting, and print a warning if it does not match/reach official recommendations, is another question. But currently it is in line with other cases, e.g.:

  • I made some test there to see how much files and overall size the OPcache gets, on fresh install, and after installing ALL apps from the store (that can be installed alongside).
  • Result is that currently it seems to be impossible to reach even 64M OPcache usage and > 4000 scripts, however recommendation is 128M/10000.

So currently recommendations are failsafe strict, so they “work” in nearly all kind of setups, e.g. OPcache allows to have other website handled by the same PHP server. If one knows that certain values are not required for the particular instance, one has to live with admin panel warnings.

1 Like

Updated to Beta 3. Went smoth. The impression is it is faster than NC16.
I also upgraded cms_pico to 1.0 - worked. I miss(need groupfolders.

1 Like

Calendar also got an NC17 update now.

Impersonate got an NC17 release
Beta 4 is out: https://github.com/nextcloud/server/pull/16919
RC 1 is the next to come: https://github.com/nextcloud/server/pull/17067
Official Beta news arrived, although no details and about Beta 2 while Beta 3 was already available: Nextcloud 17 Beta 2 is out!

Update Beta 3 => Beta 4 went smooth, last app I use, without official NC17 release is AppOrder, btu it works without any recognised issues when enabling as “untested app”.

1 Like

any hint how to get beta4?

settings says:

Nextcloud 17.0.0 Beta 2
A new version is available: Nextcloud 17.0.0beta4

updater says:

Current version is 17.0.0 Beta 2.
No update available.

Strange indeed. Wasn’t there a way to reset the updater by removing the related sub dir in data dir?
Otherwise perhaps time resolves it by its own.

Finally, the news about the new features got out:

2 Likes

Jep, sadly I didn’t recognise the very interesting and useful remote wipe feature before, and now time for testing is short.

RC1 is out as well, update went smooth. What I already recognised the last Beta updates is the following one-time error log when starting the web update:

[jsresourceloader] Error: Could not find resource js/config.js to load

GET /nextcloud/
from <my_public_ip> at 2019-09-14T11:29:42+02:00

It does not seem to cause any lasting issue, but anyone else faces this? It appears right before the updater info logs.

There is indeed no config.js file in my Nextcloud dir, however there is as well no jsresourceloader app, so I am wondering what is expecting this where.

RC2 and final release have been merged:

Push to website and updater is outstanding.
I will wait for the final release and skip RC2 :wink: .

1 Like

And what’s in the latest docker image? Since friday or displays 17.0.0.9

Indeed the Docker image is already NC17 final.

Finally NC17 is available through the stable update channel and provided on the website :partying_face: : https://nextcloud.com/install/#instructions-server

Update went very well. AppOrder still lacks an update but still works great. Actually an update is already there since August, only bumping max supported NC version (https://github.com/juliushaertl/apporder/releases), @juliushaertl would you mind to upload/publish via app store now where NC17 is live?