Maintenance releases of 25.0.2, 24.0.8 and 23.0.12 are coming in a week and RCs for those are now available on our download server.
As always, help with testing is very much welcome!
We updated our servers, did our tests, and the release candidates seem pretty decent. Still, give it a whirl and report back here so weāre even more sure that itās good to go! If you notice anything out of order, please report back on the appropriate github repository!
Nextcloud 23 will receive its last release and enter end of life. If you are still on 23, it is a good idea to plan your upgrade.
Also PHP 7.4 enters end of life on Nov 28 and will not receive any secruity releases by the PHP team anymore. If you have not so far, strongly consider to upgrade your PHP installation or distribution.
Downloads
- https://download.nextcloud.com/server/prereleases/nextcloud-25.0.2rc1.zip
- https://download.nextcloud.com/server/prereleases/nextcloud-24.0.8rc1.zip
- https://download.nextcloud.com/server/prereleases/nextcloud-23.0.12rc1.zip
Changelog
25.0.2 RC1
- Avoid double ldap_unbind in Wizard.php (server#34577)
- Fix disabled federated scope (server#34862)
- Fix NC25 for 32-bit (server#34905)
- Update 64-bit check wording (server#34921)
- Disable upgrades to 26 for 32-bit (server#34922)
- Fix visibility of internal expire date (server#34925)
- Update @nextcloud/dialogs and fix toasts styling (server#34928)
- Fix deprecations logged as errors (server#34944)
- Skip general login with email for non-valid addresses and LDAP (server#34946)
- Run session token renewals in a database transaction (server#34953)
- Read encrypted session data again on reopen (server#34955)
- Fix invalid date in security.txt (server#34964)
- Fix duplicate event email notifications (server#34978)
- Avoid a crash when a PHP extension has no version (server#34998)
- Fix cron warning with time insensitive jobs (server#35010)
- Fix unsuccessful token login logged as error (server#35011)
- Cast to int (server#35023)
- Add repair command to fix wrong share ownership (server#35034)
- Fix checkmark for theme settings in dark mode (server#35035)
- Fix size calculation on copying the skeleton files (server#35048)
- Add description for calendar uri (server#35058)
- Fix sidebar not automatically hidden in Files app (server#35060)
- Fix top margin in empty versions list (server#35064)
- Add pre-commit configuration (server#35078)
- Bump microsoft/azure-storage-blob to 1.5.4 in stable25 (server#35082)
- Fix HTML entities not decoded in comment just added (server#35085)
- Make sure that path is normalized and then checked, (server#35086)
- Fix PublicKeyTokenProviderTest import and mock (server#35099)
- Fix distorted previews when using imaginary (server#35117)
- Fix hasBigIntConversionPendingColumns missing files_trash (server#35118)
- [LDAP] always create instance of own user manager (server#35130)
- Run integration tests on 3rdparty bump (server#35133)
- Support postgres15 (server#35135)
- Bump aws/aws-sdk-php to 3.240 in stable25 (server#35137)
- Make sure to not pass null to DateTime::createFromFormat (server#35161)
- Deprecate PHP7.4 (server#35164)
- Allow single character search by default (server#35166)
- Fix rendering of login headline (server#35172)
- Bump swiftmailer/swiftmailer to 6.3.0 in stable25 (server#35174)
- Use the updated mariadb10.6 container in drone (server#35180)
- Update CODEOWNERS (server#35183)
- Bump @nextcloud/vue to 7.1.0-beta0 (server#35188)
- Fix dashboard scrolling (server#35190)
- Fix AppMenu icons for firefox (server#35191)
- Mark more config values as sensitive (server#35199)
- Fix settings for setting default expiration date (server#35214)
- Fix logo not correctly inverted (server#35216)
- Fix sharing expiration date handling and saving (server#35220)
- Check quota on file copy (server#35232)
- Close global search menu when keyboard focus leaves (server#35233)
- Limit toggle grid view button scope (server#35235)
- Fix missing native submit type from OAuth client add button (server#35237)
- Delay updating setup providers untill we register the mounts (server#35255)
- Fix default theming variables (server#35256)
- Generate user themed icons (server#35261)
- Also cancel XHR when cancelling uploads (server#35265)
- Hide warning about missing apps for when shipped in the next version (server#35291)
- Increase the fair-use push limit to 1.000 users (server#35298)
- Donāt use quota cache through user management (server#35312)
- Fix mentions rendering in comment editor (server#35322)
- Optimize background image migration job (server#35326)
- Handle badly named version files more gracefully and log information (server#35327)
- Help pages: set window title for sidebar sections (server#35330)
- Revert āFix quota type to intā (server#35335)
- Fix navigation order (server#35338)
- Prevents the selection of encrypted folders when clicking on the āSelect allā checkbox (server#35340)
- Fix border color contrast (server#35346)
- Fix forwarding the object id when searching comments (server#35354)
- Update cache when file size === 0 (server#35366)
- Fix user settings layout (server#35375)
- Add repair job that will ensure that secret and passwordsalt are set (server#35377)
- Add label to sharing search field (server#35382)
- Fix UX of renaming token (server#35390)
- Update some deps (server#35394)
- Revert minimum length for tags (server#35404)
- Do not check quota for non Node (server#35408)
- Fix missing share icon (server#35411)
- Place
<h1>
into main content (server#35412) - Fix share admin page (server#35414)
- Fix theming tests (server#35415)
- Bump microsoft/azure-storage-blob to 1.5.4 in stable25 (3rdparty#1217)
- Bump aws/aws-sdk-php to 3.240 in stable25 (3rdparty#1227)
- Bump swiftmailer/swiftmailer to 6.3.0 in stable25 (3rdparty#1229)
- Update nextcloud/ocp dependency (activity#1001)
- Run NPM audit fix (activity#1003)
- Apply ACL groupfolders (activity#1015)
- Add filter to page title (activity#1017)
- Update load-utils to 2.0.4 (bruteforcesettings#420)
- Re-activate getMember() (circles#1203)
- Update loader-utils and minimatch (files_pdfviewer#681)
- Update nextcloud/ocp dependency (firstrunwizard#752)
- Update nextcloud/ocp dependency (firstrunwizard#780)
- Fix navigation menu order (firstrunwizard#784)
- Update some libs (logreader#817)
- Update nextcloud/ocp dependency (nextcloud_announcements#136)
- Still push notifications of twofactor_nextcloud_notification when in DND (notifications#1355)
- Update nextcloud/ocp dependency (notifications#1366)
- Close menu when focus leaves (notifications#1368)
- Add admin setting page with users defaults (notifications#1369)
- Run NPM audit fix (notifications#1373)
- Update user status with event data (notifications#1377)
- Update loader-utils from 1.4.0 to 1.4.2 and 2.0.2 to 2.0.4 (password_policy#410)
- Update some libs (password_policy#411)
- Update nextcloud/ocp dependency (photos#1443)
- Add primary key index to collaborators table (photos#1449)
- Bump @vue/test-utils from 1.3.0 to 1.3.3 (photos#1460)
- Update nextcloud/ocp dependency (photos#1482)
- Prevent throwing an error in node deletion hook (photos#1493)
- Run npm audit fix (photos#1495)
- Fix version20003Date20221102170153 migration (photos#1501)
- Audit fix (privacy#814)
- Bump @nextcloud/dialogs from 3.1.2 to 3.1.4 (privacy#817)
- Bump @nextcloud/vue from 5.4.0 to 7.0.1 (privacy#822)
- Update nextcloud/ocp dependency (related_resources#132)
- Remove completed remove route TODO (related_resources#133)
- Revert āRevert āalternate route for complex itemidāā (related_resources#135)
- Update nextcloud/ocp dependency (related_resources#138)
- Bump npm dependencies (related_resources#145)
- Chore(deps): update dependency @nextcloud/webpack-vue-config to ^5.4.0 (text#3314)
- Fix: relative link in RichWorkspace (text#3323)
- Chore(deps): update dependency vite to ^3.2.2 (text#3337)
- Fix(deps): update tiptap (text#3338)
- Update nextcloud/ocp dependency (text#3343)
- Chore(deps): update dependency @cypress/webpack-preprocessor to ^5.15.3 (text#3355)
- Chore(deps): update dependency @vue/test-utils to ^1.3.3 (text#3359)
- DirectEditing: Set session user for DirectSession editing (text#3371)
- Disable rich workspace rendering when view is not visible (text#3377)
- Chore(deps): update dependency @cypress/webpack-preprocessor to ^5.15.4 (text#3383)
- Chore(deps): update dependency vite to ^3.2.3 (text#3385)
- Chore(deps): update dependency jest-environment-jsdom to ^29.3.0 (text#3386)
- Donāt apply author annotations when in composition (text#3395)
- Set IUserSession user in SessionController if available (text#3397)
- Chore(deps): update dependency jest-environment-jsdom to ^29.3.1 (text#3406)
- Fix(deps): update vue monorepo to ^2.7.14 (text#3409)
- Chore(deps): update dependency @cypress/webpack-preprocessor to ^5.15.5 (text#3412)
- Chore(deps): update dependency @nextcloud/eslint-config to ^8.1.3 (text#3415)
- Fix hard line breaks displayed with additional new line between (text#3416)
- Update nextcloud/ocp dependency (text#3420)
- Fix(deps): update tiptap (text#3426)
- Make images block nodes (text#3431)
- Fix(deps): update dependency @nextcloud/vue to ^7.1.0-beta.0 (text#3433)
- Bring back menubar without formatting on plain text mode (text#3437)
- Refactor vuex store (text#3439)
- Chore(deps): update dependency vite to ^3.2.4 (text#3440)
- Chore(deps): update dependency @nextcloud/eslint-config to ^8.1.4 (text#3447)
- Fix(deps): update dependency @nextcloud/vue to ^7.1.0-beta.1 (text#3455)
- Fix(deps): update dependency prosemirror-model to ^1.18.3 (text#3456)
- Fix notification icon color (text#3463)
- Add APIs for outline state to RichTextReader and WrapperComponent (text#3466)
- Update loader-utils (text#3468)
- Fix mention uid autocomplete and keyboard handler in list nodes (text#3471)
- Fix direct editing loading of txt files (text#3479)
- Combined code block backport (text#3480)
- Backport of #3460 - Fix front matter rendering (text#3481)
- Fix(deps): update dependency @nextcloud/vue to ^7.1.0-beta.2 (text#3485)
- Revert āSet autocomplete attribute of input field to one-time-codeā (twofactor_totp#1301)
- Fallback to direct image if preview load failed (+ cypress fixes) (viewer#1452)
- Increase visual regression for video to 0.02% (viewer#1454)
- Build(deps): bump vue from 2.7.13 to 2.7.14 (viewer#1459)
- Build(deps-dev): bump @types/dockerode from 3.3.11 to 3.3.12 (viewer#1460)
- Build(deps-dev): bump tslib from 2.4.0 to 2.4.1 (viewer#1463)
- Bump @nextcloud/vue to 7.1.0-beta0 (viewer#1468)
- Stop encoding sidebar path (viewer#1471)
- Bump @types/dockerode from 3.3.12 to 3.3.14 (viewer#1476)
- Audit fix (viewer#1479)
24.0.8 RC1
- Update guzzlehttp/guzzle requirement from 7.4.5 to 7.5.0 in /build/integration (server#33888)
- Add rate limiting on lost password emails (server#34659)
- Emit typed event when preview is requested (server#34855)
- Avoid double ldap_unbind in Wizard.php (server#34942)
- Skip general login with email for non-valid addresses and LDAP (server#34947)
- Cleanup tempfiles after each cron job run (server#34949)
- Run session token renewals in a database transaction (server#34952)
- Fix invalid date in security.txt (server#34966)
- Avoid a crash when a PHP extension has no version (server#35005)
- Fix unsuccessful token login logged as error (server#35012)
- Only show cron warning after 24h due to time insensitive jobs (server#35018)
- Fix duplicate event email notifications (server#35019)
- Cast to int (server#35022)
- Add repair command to fix wrong share ownership (server#35039)
- Fix size calculation on copying the skeleton files (server#35049)
- Add description for calendar uri (server#35059)
- Fix sidebar not automatically hidden in Files app (server#35061)
- Fix top margin in empty versions list (server#35065)
- Make sure that path is normalized and then checked, (server#35088)
- Fix HTML entities not decoded in comment just added (server#35100)
- Fix PublicKeyTokenProviderTest import and mock (server#35101)
- Appropriate length check in Notification.php (server#35113)
- Use the updated mariadb10.6 container in drone (server#35114)
- Fix distorted previews when using imaginary (server#35115)
- [LDAP] always create instance of own user manager (server#35131)
- Run integration tests on 3rdparty bump (server#35134)
- Revert āAppropriate length check in Notification.phpā (server#35140)
- Detect weird local ips (server#35141)
- Make sure to not pass null to DateTime::createFromFormat (server#35162)
- Mark more config values as sensitive (server#35200)
- Fix settings for setting default expiration date (server#35215)
- Fix JSON error when comment has no reactions (server#35245)
- Properly compare quota against both float/int values (server#35250)
- Delay updating setup providers untill we register the mounts (server#35258)
- Also cancel XHR when cancelling uploads (server#35266)
- Hide warning about missing apps for when shipped in the next version (server#35292)
- Bump swiftmailer/swiftmailer to 6.3.0 in stable24 (server#35297)
- Donāt use quota cache through user management (server#35313)
- Fix mentions rendering in comment editor (server#35321)
- Check quota on file copy (server#35328)
- Check quota on file copy (server#35332)
- Revert āFix quota type to intā (server#35334)
- Prevents the selection of encrypted folders when clicking on the āSelect allā checkbox (server#35349)
- Handle badly named version files more gracefully and log information (server#35351)
- Fix forwarding the object id when searching comments (server#35356)
- Update cache when file size === 0 (server#35367)
- Fix UX of renaming token (server#35392)
- Update some libs (server#35395)
- Do not check quota for non Node (server#35409)
- Add mlocati/ip-lib in stable24 (3rdparty#1221)
- Bump swiftmailer/swiftmailer to 6.3.0 in stable24 (3rdparty#1237)
- Run NPM audit fix (activity#1004)
- Update nextcloud/ocp dependency (activity#993)
- Do not pass an instance of User where a string is expected (activity#996)
- Update nextcloud/ocp dependency (activity#999)
- Re-activate getMember() (circles#1204)
- Refresh cache on demand (circles#1215)
- Audit fix (files_pdfviewer#682)
- Update nextcloud/ocp dependency (firstrunwizard#753)
- Update some libs (logreader#818)
- Update nextcloud/ocp dependency (nextcloud_announcements#132)
- Update nextcloud/ocp dependency (nextcloud_announcements#135)
- Still push notifications of twofactor_nextcloud_notification when in DND (notifications#1356)
- Update nextcloud/ocp dependency (notifications#1359)
- Update nextcloud/ocp dependency (notifications#1364)
- Run NPM audit fix (notifications#1372)
- Update user status with event data (notifications#1378)
- Update some libs (password_policy#412)
- Update nextcloud/ocp dependency (photos#1442)
- Bump @vue/test-utils from 1.3.0 to 1.3.3 (photos#1461)
- Bump postcss from 8.4.18 to 8.4.19 (photos#1479)
- Update nextcloud/ocp dependency (photos#1480)
- Run npm audit fix (photos#1496)
- Audit fix (privacy#813)
- Bump @nextcloud/dialogs from 3.1.2 to 3.1.4 (privacy#816)
- Fix(deps): update dependency prosemirror-markdown to ^1.10.1 (text#3339)
- Update nextcloud/ocp dependency (text#3341)
- Avoid saving without changes (text#3351)
- Chore(deps): update dependency @cypress/webpack-preprocessor to ^5.15.3 (text#3360)
- Chore(deps): update dependency @vue/test-utils to ^1.3.3 (text#3361)
- Fix(deps): update tiptap to ^2.0.0-beta.202 (text#3362)
- Chore(deps): update dependency eslint-plugin-jsdoc to ^39.6.2 (text#3363)
- Update nextcloud/ocp dependency (text#3366)
- DirectEditing: Set session user for DirectSession editing (text#3372)
- Chore(deps): update dependency @cypress/webpack-preprocessor to ^5.15.4 (text#3387)
- Donāt apply author annotations when in composition (text#3396)
- Set IUserSession user in SessionController if available (text#3398)
- Fix typo in serializePlainText (text#3402)
- Disable rich workspace rendering when view is not visible (text#3403)
- Chore(deps): update dependency @cypress/webpack-preprocessor to ^5.15.5 (text#3413)
- Update nextcloud/ocp dependency (text#3418)
- Fix(deps): update dependency core-js to ^3.26.1 (text#3421)
- Fix(deps): update tiptap (text#3441)
- Chore(deps): update dependency regenerator-runtime to ^0.13.11 (text#3448)
- Fix(deps): update dependency prosemirror-model to ^1.18.3 (text#3457)
- Update npm dependencies (text#3469)
- Bring back menubar without formatting on plain text mode (text#3475)
- Audit fix (viewer#1478)
23.0.12 RC1
- Add rate limiting on lost password emails (server#34660)
- Add pre-commit configuration to stable24 as well (server#34808)
- Fix: Prevent deadlocks during mtime/size/etag propagation (server#34844)
- Skip general login with email for non-valid addresses and LDAP (server#34948)
- Cleanup tempfiles after each cron job run (server#34950)
- Fix invalid date in security.txt (server#34967)
- Avoid a crash when a PHP extension has no version (server#34999)
- Fix duplicate event email notifications (server#35020)
- Add repair command to fix wrong share ownership (server#35040)
- Fix size calculation on copying the skeleton files (server#35050)
- Use storage filter when fetching previews to cleanup (server#35051)
- Fix sidebar not automatically hidden in Files app (server#35062)
- Fix top margin in empty versions list (server#35073)
- Make sure that path is normalized and then checked, (server#35087)
- Fix HTML entities not decoded in comment just added (server#35102)
- Detect weird local ips (server#35144)
- Make sure to not pass null to DateTime::createFromFormat (server#35163)
- Mark more config values as sensitive (server#35202)
- Also cancel XHR when cancelling uploads (server#35267)
- Check quota on file copy (server#35329)
- Fix unsuccessful token login logged as error (server#35339)
- Handle badly named version files more gracefully and log information (server#35352)
- Fix forwarding the object id when searching comments (server#35357)
- Fix mentions rendering in comment editor (server#35361)
- Update cache when file size === 0 (server#35369)
- Properly compare quota against both float/int values (server#35371)
- Update some libs (server#35396)
- Do not check quota for non Node (server#35410)
- Add mlocati/ip-lib to 1.18 in stable23 (3rdparty#1228)
- Run NPM audit fix (activity#1005)
- Improve email logging (activity#983)
- Re-activate getMember() (circles#1205)
- Fix getChecksum() (circles#1206)
- Refresh cache on demand (circles#1216)
- Audit fix and pin npm/node engines (files_pdfviewer#683)
- Update some deps (logreader#819)
- Still push notifications of twofactor_nextcloud_notification when in DND (notifications#1357)
- Run NPM audit fix (notifications#1371)
- Update user status with event data (notifications#1379)
- Update some libs (password_policy#413)
- Run npm audit fix (photos#1497)
- Bump @nextcloud/vue from 2.6.5 to 2.6.9 (privacy#744)
- Audit fix (privacy#815)
- Chore(deps): update dependency @nextcloud/webpack-vue-config to ^4.1.4 (text#3326)
- Fix(deps): update dependency prosemirror-markdown to ^1.10.1 (text#3340)
- Chore(deps): update dependency @vue/test-utils to ^1.3.3 (text#3364)
- DirectEditing: Set session user for DirectSession editing (text#3373)
- Set IUserSession user in SessionController if available (text#3405)
- Fix(deps): update dependency core-js to ^3.26.1 (text#3422)
- Chore(deps): update dependency regenerator-runtime to ^0.13.11 (text#3449)
- Fix(deps): update tiptap (text#3458)
- Update npm dependencies (text#3470)
- Audit fix (viewer#1477)