Maintenance releases of 32.0.3 and 31.0.12 are coming next Thursday and RCs for those are now available on our download server.
As always, help with testing is very much welcome!
We updated our servers, did our tests, and the release candidates seem pretty decent. Still, give it a whirl and report back here so we’re even more sure that it’s good to go! If you notice anything out of order, please report back on the appropriate GitHub repository! 
Download
Changelogs
32.0.3 RC1
server
- Fix chunked upload for file drop shares (server#55804)
- Fix: don’t suggest files:scan with object store in info:file (server#56434)
- Fix(core): RTL legacy snapper width (server#56448)
- Fix: pass only necessary information when deleting mulitple objects (server#56505)
- Feat(profiler): Use gzdecode/gzencode to parse profiles (server#56506)
- Fix(files): Do not fail on missing sidebar in files list (server#56513)
- Feat: Add option to update the public key of a user (server#56526)
- Fix(files_reminder): prevent setting reminder in the past (server#56535)
- Fix(i18n): Corrected plural for multi plural languages (server#56539)
- Feat(objectstore): add configurable S3 retry attempts (server#56541)
- Fix: mp3info break frame parsing on short frames (server#56552)
- Chore: remove codecov bundle analysis (server#56560)
- Fix(settings): Reactive UI updates for app group limitations (server#56569)
- Encode s3 metadata as base64 if needed (server#56573)
- Feat: emit an event when an S3 bucket is created (server#56617)
- Fix(encryption): Increment `lastChunkNr` when size is off (server#56654)
- Fix(files_sharing): Allow deleting a share of a missing file (server#56657)
- Fix/fix/theming legacy app config (server#56662)
- Fix(CalDAV): imip set language per user (server#56663)
- Fix(l10n): do not consider user language when getting the generic one (server#56666)
- Fix(user_status): adjust online status string (server#56714)
- Fix(logger): add back lost params for logger methods (server#56731)
- Fix(files_sharing): Hide ‘Open locally’ action (server#56738)
- Fix(files_sharing): sidebar link share password checkbox (server#56760)
- Feat(CertificateManager): Add option to specify the default certificates bundle path (server#56766)
- Fix(oracle): Add a warning for Oracle 11 (server#56767)
- Feat(admin_audit): Log cache insert/delete to audit log (server#56769)
- Fix(Memcache): use different cache key when in maintenance mode (server#56774)
- Feat(ObjectStore): Allow overriding arguments per bucket (server#56778)
- Fix(QuotaPlugin): Always check the quota before moving (server#56787)
- Fix(sharing): Allow public share access for everyone (server#56798)
- Fix(s3): rename ‘Amazon S3’ to ‘S3 Storage’ (server#56800)
- Fix(updatenotification): Fix log spam from ResetToken job (server#56803)
- Fix(s3): make data integrity protections opt-in (server#56821)
- Debt(files): Remove regular stats request (server#56822)
- Chore(deps): Update flake to 25.11 and haze to 2.1.3 (server#56829)
- Reflect public shares in `isPublic` flag and fix permission check (server#56837)
- Refactor(workflowengine): Check if class is correct (server#56838)
- Fix(sharing): Add isTrustedServer flag to lookup results (server#56842)
- Fix(trashbin): deletedBy of a file from a federated folder (server#56849)
3rdparty
activity
- Fix(emails): catch server connection exceptions (activity#2235)
- Chore: pin ocp version (activity#2239)
- Chore(deps): bump @nextcloud libraries (activity#2241)
app_api
- Feat(docker-29): set minimum docker engine API version to v1.44 (app_api#700)
- Fix: APCu cache condition (app_api#706)
- Fix: Use OCP\IAppConfig instead of OCP\IConfig to prevent config error (app_api#725)
- Fix(default_daemon_config): save as “lazy” setting (app_api#726)
circles
- Fix: replace circle/circles text with team/teams (circles#2227)
- Add auto-approve and merge workflow for Nextcloud OCP (circles#2250)
- Fix(members): minlevel on initiator (circles#2259)
files_pdfviewer
logreader
notifications
photos
- Perf: Use distributed cache for no media paths (photos#3330)
- Revert “Revert “fix: Disable ReverseGeoCoderService when the server has no internet”” (photos#3331)
- Fix: fix original date time filter type (photos#3336)
suspicious_login
text
- Fix: Add cleanup for orphaned text steps (text#7923)
- Assistant button performance and visibility fixes (text#7982)
- Fix(TextDirection): Skip composition transactions (text#7983)
- Test: Use example.org instead of nextcloud.com for testing links (text#7999)
- Fix: increase websocket timeout for background throttling (text#8006)
- Fix: Properly check for array of authenticated share ids (text#8010)
twofactor_totp
- Chore: update package lock format (twofactor_totp#1659)
- Fix: add BFP to the enable route (twofactor_totp#1682)
- Perf: load totp secret just once for verification (twofactor_totp#1685)
updater
viewer
31.0.12 RC2
server
- Fix(systemtags): Provide initial state for admin restriction setting (server#55278)
- Fix(encryption): do not setup filesystem without permissions (server#55356)
- Fix(sharing): Allow reasonable control for ‘Hide download’ on fed shares (server#56178)
- Build(deps): bump @nextcloud/password-confirmation from 5.3.1 to 5.3.2 (server#56324)
- Build(deps): bump @nextcloud/vue from 8.29.2 to 8.34.0 (server#56333)
- Fix: don’t suggest files:scan with object store in info:file (server#56435)
- Fix(core): RTL legacy snapper width (server#56449)
- Build(deps-dev): bump typescript from 5.8.3 to 5.9.3 (server#56470)
- Build(deps-dev): bump @babel/node from 7.27.1 to 7.28.0 (server#56471)
- Build(deps): bump @nextcloud/capabilities from 1.2.0 to 1.2.1 (server#56473)
- Build(deps): bump @nextcloud/router from 3.0.1 to 3.1.0 (server#56474)
- Build(deps): bump @nextcloud/paths from 2.2.1 to 2.3.0 (server#56475)
- Build(deps): bump focus-trap from 7.6.5 to 7.6.6 (server#56476)
- Build(deps): bump @nextcloud/browserslist-config from 3.1.0 to 3.1.2 (server#56477)
- Build(deps-dev): bump @testing-library/jest-dom from 6.6.3 to 6.9.1 (server#56478)
- Build(deps-dev): bump @nextcloud/typings from 1.9.1 to 1.10.0 (server#56479)
- Build(deps-dev): bump msw from 2.12.0 to 2.12.2 (server#56482)
- Feat(profiler): Use gzdecode/gzencode to parse profiles (server#56507)
- Fix(files): Do not fail on missing sidebar in files list (server#56514)
- Feat: Add option to update the public key of a user (server#56525)
- Fix(files_reminder): prevent setting reminder in the past (server#56534)
- Feat(objectstore): add configurable S3 retry attempts (server#56542)
- Fix: mp3info break frame parsing on short frames (server#56553)
- Allow configuring multiple object store backends (server#56557)
- Fix(settings): Reactive UI updates for app group limitations (server#56568)
- Build(deps-dev): bump sass from 1.94.0 to 1.94.2 (server#56600)
- Build(deps-dev): bump webpack from 5.102.1 to 5.103.0 (server#56601)
- Build(deps-dev): bump @zip.js/zip.js from 2.8.10 to 2.8.11 (server#56602)
- Build(deps): bump libphonenumber-js from 1.12.9 to 1.12.29 (server#56603)
- Build(deps-dev): bump puppeteer from 24.29.1 to 24.31.0 (server#56604)
- Build(deps-dev): bump @types/dockerode from 3.3.41 to 3.3.47 (server#56605)
- Feat: emit an event when an S3 bucket is created (server#56616)
- Build(deps-dev): bump bamarni/composer-bin-plugin from 1.8.2 to 1.8.3 (server#56637)
- Build(deps-dev): bump workbox-webpack-plugin from 7.3.0 to 7.4.0 (server#56640)
- Build(deps-dev): bump msw from 2.12.2 to 2.12.3 (server#56641)
- Build(deps-dev): bump stylelint from 16.25.0 to 16.26.0 (server#56642)
- Build(deps): bump core-js from 3.46.0 to 3.47.0 (server#56644)
- Fix(encryption): Increment `lastChunkNr` when size is off (server#56653)
- Fix(files_sharing): Allow deleting a share of a missing file (server#56656)
- Fix(CalDAV): imip set language per user (server#56665)
- Fix(l10n): do not consider user language when getting the generic one (server#56667)
- Fix(files_sharing): Hide ‘Open locally’ action (server#56737)
- Build(deps-dev): bump stylelint from 16.26.0 to 16.26.1 (server#56752)
- Fix(files_sharing): sidebar link share password checkbox (server#56762)
- Feat(CertificateManager): Add option to specify the default certificates bundle path (server#56765)
- Fix(oracle): Add a warning for Oracle 11 (server#56775)
- Feat(ObjectStore): Allow overriding arguments per bucket (server#56777)
- Fix(QuotaPlugin): Always check the quota before moving (server#56786)
- Fix(s3): rename ‘Amazon S3’ to ‘S3 Storage’ (server#56799)
- Fix(security): Update CA certificate bundle (server#56815)
- Debt(files): Remove regular stats request (server#56823)
- Chore(deps): Update flake to 25.11 and haze to 2.1.3 (server#56828)
- 31.0.12 RC1 (server#56833)
- Refactor(workflowengine): Check if class is correct (server#56839)
- Fix(sharing): Add isTrustedServer flag to lookup results (server#56844)
- Fix(trashbin): deletedBy of a file from a federated folder (server#56848)
- 31.0.12 RC2 (server#56854)
3rdparty
activity
- Fix(emails): catch server connection exceptions (activity#2234)
- Chore: pin php and nexctloud ocp version for psalm (activity#2236)
- Update nextcloud/ocp dependency (activity#2250)
- Update nextcloud/ocp dependency (activity#2263)
app_api
- Feat(docker-29): set minimum docker engine API version to v1.44 (app_api#701)
- Fix: APCu cache condition (app_api#707)
circles
- Update nextcloud/ocp dependency (circles#2072)
- Fix: replace circle/circles text with team/teams (circles#2228)
- Ci: update all workflow templates from organization template repository (circles#2247)
- Add auto-approve and merge workflow for Nextcloud OCP (circles#2249)
- Fix(members): minlevel on initiator (circles#2258)
files_downloadlimit
- Update nextcloud/ocp dependency (files_downloadlimit#629)
- Update nextcloud/ocp dependency (files_downloadlimit#643)
files_pdfviewer
- Fix npm audit (files_pdfviewer#1295)
- Fix(deps): Use correct version of vue-loader (files_pdfviewer#1308)
logreader
- Fix npm audit (logreader#1815)
- Chore: update workflows (logreader#1822)
- Update nextcloud/ocp dependency (logreader#1831)
nextcloud_announcements
notifications
- Fix npm audit (notifications#2651)
- Chore: update workflows (notifications#2658)
- Update nextcloud/ocp dependency (notifications#2660)
- Update nextcloud/ocp dependency (notifications#2674)
- Fix npm audit (notifications#2677)
photos
privacy
recommendations
related_resources
serverinfo
suspicious_login
- Ci: update all workflow templates from organization template repository (suspicious_login#1048)
- Chore(github): remove st3iny as maintainer (suspicious_login#1053)
text
- Ci: update all workflow templates from organization template repository (text#7921)
- Update nextcloud/ocp dependency (text#7952)
- Fix(TextDirection): Skip composition transactions (text#7984)
- Ci: update all workflow templates from organization template repository (text#7988)
- Update nextcloud/ocp dependency (text#7995)
- Test: Use example.org instead of nextcloud.com for testing links (text#8000)
- Fix: increase websocket timeout for background throttling (text#8007)
- Fix: Properly check for array of authenticated share ids (text#8011)
twofactor_nextcloud_notification
- Fix npm audit (twofactor_nextcloud_notification#1115)
- Update nextcloud/ocp dependency (twofactor_nextcloud_notification#1130)
- Fix npm audit (twofactor_nextcloud_notification#1134)
twofactor_totp
- Ci: update all workflow templates from organization template repository (twofactor_totp#1658)
- Chore: update package lock format (twofactor_totp#1660)
- Fix: add BFP to the enable route (twofactor_totp#1681)
- Perf: load totp secret just once for verification (twofactor_totp#1684)