ownCloud Infinite Scale logo

ownCloud Infinite Scale

The new cloud-native file sync and share platform from ownCloud

Alternative to: dropbox, google drive, box


About Versions (100)

v8.1.0

2026-07-06

Table of Contents

Changes in 8.1.0

Summary

  • Security - Add X-XSS-Protection header: #12092
  • Security - Upgrade libvips to 8.18.2: #12301
  • Security - Fix signing-key to public share guests: #12332
  • Bugfix - Fix postprocessing resume command —restart flag: #11692
  • Bugfix - Don’t use hardcoded groupOfNames in group creation: #11776
  • Bugfix - Translation for some email notifications: #11979
  • Bugfix - Rework monitoring in the ocis_full deployment example: #11995
  • Bugfix - Extract metadata from oversized files and fix ISO field: #12000
  • Bugfix - Make tag unassignment idempotent and handle publish failures: #12001
  • Bugfix - Expose the signature-auth attribute: #12016
  • Bugfix - Fix CSP blocking bundled KaTeX font: #12070
  • Bugfix - Fix case-sensitive photo metadata search: #12078
  • Bugfix - Prevent incomplete Tika extractions from permanently blocking re-index: #12095
  • Bugfix - Use O(1) document lookup instead of full search during reindexing: #12096
  • Bugfix - Fix IDP build on FreeBSD by disabling absolute Babel runtime: #12114
  • Bugfix - Always descend into directories during space reindexing: #12119
  • Bugfix - Don’t index failed uploads: #12121
  • Bugfix - Avoid superfluous GetPublicShare call when deleting space permissions: #12122
  • Bugfix - Fix CreateHome cache: #12128
  • Bugfix - Return 200 OK for WOPI Lock requests in read-only and view-only modes: #12257
  • Bugfix - Fix typo in README: #12263
  • Bugfix - Fix space management middleware removing users from spaces on download: #12285
  • Bugfix - Search no longer disabled when OCIS_DISABLE_PREVIEWS=true: #12303
  • Bugfix - Stable order for user search attributes: #12337
  • Bugfix - Cache compiled rego policies to avoid recompiling on every request: #12345
  • Bugfix - SpaceEditorWithoutTrashbin roles now correctly allow file editing: #12346
  • Bugfix - Skip indexing of files still in postprocessing: #12350
  • Bugfix - Mask configs that hold secrets: #12397
  • Bugfix - Education user DELETE no longer 404s while leaving LDAP entry behind: #12400
  • Bugfix - Recover from permanently-closed NATS connections in the nats-js-kv store: #12402
  • Bugfix - Return correct issuerAssignedId on /me: #12411
  • Bugfix - Keep personal space when Drives.Create permission check is inconclusive: #12429
  • Bugfix - Fix the empty mount ID for reva config: #12492
  • Enhancement - Add web extensions deployment configuration: #11940
  • Enhancement - Add AI-assisted development guide: #11941
  • Enhancement - Bump Web to 12.3.1: #12015
  • Enhancement - Add space ID to incoming shares: #12024
  • Enhancement - Add spaceid to REPORT: #12028
  • Enhancement - Bump Reva version: #12051
  • Enhancement - Add ResourceID field to UploadReady event: #12060
  • Enhancement - Support numeric range queries in KQL: #12094
  • Enhancement - Add blobstore CLI commands to storage-users service: #12102
  • Enhancement - Optimize search index after bulk reindexing: #12104
  • Enhancement - Add vault storage with MFA-protected access: #12108
  • Enhancement - Retry and abort on repeated extraction failures during indexing: #12111
  • Enhancement - Log effective data and config paths at startup: #12117
  • Enhancement - Allow resetting IDM service user passwords: #12118
  • Enhancement - Update images in the ocis_full deployment example: #12123
  • Enhancement - Add ocis search optimize CLI command: #12136
  • Enhancement - Add Keycloak to the ocis_full deployment example: #12139
  • Enhancement - Allow multiple objectClasses on group creation: #12229
  • Enhancement - Add SpaceEditorWithoutVersionsWithoutTrashbin space membership role: #12261
  • Enhancement - Add vault capabilities to the OCS capabilities endpoint: #12283
  • Enhancement - Disable public link sharing for vault resources: #12321
  • Enhancement - Update web-extension images in ocis_fuill: #12324
  • Enhancement - Bump dependencies: #12325
  • Enhancement - Add VaultMode permission: #12328
  • Enhancement - Add vault themes: #12329
  • Enhancement - Bump Web to 12.4.2: #12450
  • Enhancement - Deprecate the owncloudsql storage driver option: #12486
  • Enhancement - Bump Web to 12.3.3: #13705
  • Enhancement - Bump Web to 12.4.0: #13809

Details

  • Security - Add X-XSS-Protection header: #12092

    Added the X-XSS-Protection header set to “0” to explicitly disable the deprecated browser XSS filter, which can introduce side-channel vulnerabilities. Modern XSS protection is provided through the Content-Security-Policy header.

    This change addresses security audit findings requiring explicit configuration of HTTP security headers per OWASP recommendations.

    https://github.com/owncloud/ocis/pull/12092

  • Security - Upgrade libvips to 8.18.2: #12301

    Bumped libvips to 8.18.2 in all Docker images to pick up the fix for a stack buffer overflow.

    https://github.com/owncloud/ocis/pull/12301

  • Security - Fix signing-key to public share guests: #12332

    The /ocs/v[12].php/cloud/user/signing-key endpoint was reachable through a public share session. The endpoint public-token is no longer allowed by the public-share resource scope in reva.

    https://github.com/owncloud/ocis/pull/12332 https://github.com/owncloud/reva/pull/608

  • Bugfix - Fix postprocessing resume command —restart flag: #11692

    The --restart / -r flag for ocis postprocessing resume was broken due to a flag name mismatch (retrigger vs restart) and silently did nothing. This has been fixed and the command now prints a confirmation message on success.

    https://github.com/owncloud/ocis/issues/11692 https://github.com/owncloud/ocis/pull/12002

  • Bugfix - Don’t use hardcoded groupOfNames in group creation: #11776

    Formerly, when creating a group with a different objectClass, it will always use groupOfNames instead of the one provided in the config. Now, the server creates groups using the objectClass defined in the config.

    https://github.com/owncloud/ocis/pull/11776

  • Bugfix - Translation for some email notifications: #11979

    Some email notifications showed a wrong translated message that shouldn’t appear. It’s fixed so that message won’t appear anymore.

    https://github.com/owncloud/ocis/pull/11979

  • Bugfix - Rework monitoring in the ocis_full deployment example: #11995

    The ocis_full deployment example has been basically reworked for how to provide monitoring.

    We now have: - a singe place for the definition of the tracing envvars for all ocis related container services - an easy and modular setup defining which sources should be inlcuded in monitoring via .env - comments describing the setup for the ease extending it - the monitoring definition in .env has been moved to the bottom and the compose_file assembly has monitoring as last entry now to guarantee nothing gets overwritten by accident

    https://github.com/owncloud/ocis/pull/11995

  • Bugfix - Extract metadata from oversized files and fix ISO field: #12000

    Two issues were found in the Tika content extractor:

    1. Files exceeding SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT (default 20MB) were skipped entirely — no EXIF, no photo metadata, no image dimensions were extracted. This particularly affected Pixel Motion Photos (.MP.jpg) which embed an MP4 video making them 3-9MB. Since EXIF metadata lives in the JPEG header (first few KB), a truncated stream is sufficient. The extractor now wraps the download in io.LimitReader instead of skipping Tika, sending only the first N bytes for metadata extraction.

    2. The ISO speed field was read from "Base ISO", a Canon-specific Tika field (sensor base sensitivity). Most cameras — Pixel, iPhone, Samsung — provide ISO via the standard "exif:IsoSpeedRatings" field. The extractor now checks exif:IsoSpeedRatings first and falls back to Base ISO for Canon compatibility.

    https://github.com/owncloud/ocis/pull/12000

  • Bugfix - Make tag unassignment idempotent and handle publish failures: #12001

    The DELETE tags endpoint now returns success when the requested tag is already absent from the file’s metadata, instead of returning HTTP 400 with a misleading error message. The TagsRemoved event is always published so the search index stays in sync even when file metadata and the search index are out of sync. If event publishing fails, the metadata change is rolled back and HTTP 500 is returned to avoid leaving the system in an inconsistent state.

    https://github.com/owncloud/ocis/pull/12001

  • Bugfix - Expose the signature-auth attribute: #12016

    Expose the “oc:signature-auth” attribute for the subfolders in the public link propfinds. This is a necessary change to be able to support archive downloads in password protected public links.

    https://github.com/owncloud/ocis/pull/12016

  • Bugfix - Fix CSP blocking bundled KaTeX font: #12070

    The default Content Security Policy blocked the bundled KaTeX math font (used by the md-editor) because it is inlined as a data: URI in the Web UI CSS. Added data: to the font-src directive to resolve the console error on every page load. Users with custom CSP files (PROXY_CSP_CONFIG_FILE_LOCATION) will need to add data: to their font-src directive manually.

    https://github.com/owncloud/ocis/pull/12070

  • Bugfix - Fix case-sensitive photo metadata search: #12078

    Searching for photo metadata fields like camera make/model was case-sensitive, so searching for “google” would not match a camera make stored as “Google”. Changed the photo string field analyzer from keyword to lowercaseKeyword so both indexed values and search terms are lowercased. Existing Bleve indexes need to be rebuilt after this change.

    https://github.com/owncloud/ocis/pull/12078

  • Bugfix - Prevent incomplete Tika extractions from permanently blocking re-index: #12095

    When Tika returned HTTP 200 but its child processes (OCR, ImageMagick) failed due to resource limits, the search index received metadata but no content. The document was written to Bleve with the correct mtime, and subsequent reindexes skipped it because the id+mtime check passed. This left files permanently stuck as “indexed” with no searchable content.

    Two fixes are applied:

    1. Validate Tika responses: if MetaRecursive() returns an empty metadata list, it is now treated as an extraction error so the document is not written to the index.

    2. Add an Extracted field to indexed resources. It is set to true only after successful extraction. The reindex skip check now requires Extracted:true, so incompletely indexed documents are automatically re-processed on the next reindex run.

    Note: existing search indexes will trigger a full re-extraction on the next reindex because documents written before this change lack the Extracted field.

    https://github.com/owncloud/ocis/issues/12093 https://github.com/owncloud/ocis/pull/12095

  • Bugfix - Use O(1) document lookup instead of full search during reindexing: #12096

    The IndexSpace bulk reindexer was using a full KQL search query per file to check whether re-extraction was needed. On large indexes this query took 600–950ms each, making a 61,000-file space take ~13.5 hours just to walk. Replaced the per-file Search() call with an O(1) Lookup() using Bleve’s DocIDQuery, then comparing mtime and extraction status in memory. This reduces per-file check time from ~800ms to <1ms.

    https://github.com/owncloud/ocis/issues/12093 https://github.com/owncloud/ocis/pull/12096

  • Bugfix - Fix IDP build on FreeBSD by disabling absolute Babel runtime: #12114

    The babel-preset-react-app preset defaults to absoluteRuntime: true, which hardcodes absolute paths to @babel/runtime helpers. These paths fail to resolve on non-Linux platforms like FreeBSD. Setting absoluteRuntime: false makes Babel resolve the runtime relative to the source file, which works across all platforms.

    https://github.com/owncloud/ocis/issues/12065 https://github.com/owncloud/ocis/pull/12114

  • Bugfix - Always descend into directories during space reindexing: #12119

    The search indexer’s IndexSpace walk previously used filepath.SkipDir to skip entire directory subtrees when the directory itself was already indexed. After a failed or interrupted indexing run (e.g. Tika crash), this caused thousands of unindexed files to be permanently skipped because the parent directory’s mtime had not changed. The indexer now always descends into directories, relying on the O(1) per-file DocID lookup to skip already-indexed files efficiently.

    https://github.com/owncloud/ocis/pull/12119

  • Bugfix - Don’t index failed uploads: #12121

    The search service was indexing uploads even when they failed. This caused unnecessary index operations for incomplete or errored file transfers. The fix skips indexing when the UploadReady event indicates the upload has failed.

    https://github.com/owncloud/ocis/pull/12121

  • Bugfix - Avoid superfluous GetPublicShare call when deleting space permissions: #12122

    We fixed DeletePermission to recognise space permission IDs (prefixed with u: or g:) by their format before making any gateway calls. Previously, deleting a space member always triggered a GetPublicShare lookup that was guaranteed to fail, producing a confusing error log.

    https://github.com/owncloud/ocis/issues/12012 https://github.com/owncloud/ocis/pull/12122

  • Bugfix - Fix CreateHome cache: #12128

    Move the CreateHome middleware cache to the proxy.

    https://github.com/owncloud/ocis/pull/12128 https://github.com/owncloud/reva/pull/562

  • Bugfix - Return 200 OK for WOPI Lock requests in read-only and view-only modes: #12257

    OnlyOffice sends a WOPI Lock request when opening any document, even when the user only has read access. The WOPI Lock handler was attempting to acquire a CS3 write lock regardless of the view mode, causing a permission error for read-only tokens that OnlyOffice displayed as an error message on load.

    The Lock handler now returns 200 OK immediately for READ_ONLY and VIEW_ONLY view modes without attempting to acquire a lock, consistent with the WOPI spec.

    https://github.com/owncloud/ocis/pull/12257

  • Bugfix - Fix typo in README: #12263

    Fixed a typo in the README documentation.

    https://github.com/owncloud/ocis/pull/12263

  • Bugfix - Fix space management middleware removing users from spaces on download: #12285

    The space management middleware ran on every authenticated request, including signed URL requests used for file downloads. Since signed URL auth does not carry OIDC claims, the middleware interpreted the absence of claims as “user should have no space access” and removed the user from all project spaces. On the next OIDC request the user was re-added, causing an oscillating add/remove cycle that led to intermittent download failures and transient “space not found” errors.

    The middleware now skips reconciliation entirely when no OIDC claims are present in the request context.

    https://github.com/owncloud/ocis/issues/12285 https://github.com/owncloud/ocis/pull/12285

  • Bugfix - Search no longer disabled when OCIS_DISABLE_PREVIEWS=true: #12303

    Setting OCIS_DISABLE_PREVIEWS=true removed the WebDAV REPORT routes from the router, breaking search on /dav/files, /dav/spaces and /webdav. The search routes are now registered independently of the preview flag.

    https://github.com/owncloud/ocis/pull/12303

  • Bugfix - Stable order for user search attributes: #12337

    The attributes field returned from the user search endpoint came back in a random order because getUsersAttributes ranged over a Go map. The function now iterates over the configured UserSearchDisplayedAttributes slice, so the returned attribute values follow the configured order.

    https://github.com/owncloud/ocis/pull/12337

  • Bugfix - Cache compiled rego policies to avoid recompiling on every request: #12345

    The policies service was reading and compiling .rego files from disk on every request, causing unnecessary memory pressure and per-request latency. The compiled PreparedEvalQuery is now cached per query string so compilation happens at most once per query string over the lifetime of the service.

    https://github.com/owncloud/ocis/pull/12345

  • Bugfix - SpaceEditorWithoutTrashbin roles now correctly allow file editing: #12346

    Fixed a bug where the *WithoutTrashbin space editor roles were rendered as read-only in the Web frontend. The OCS PermissionWrite bit was not set for these roles because the RoleFromResourcePermissions round-trip required RestoreRecycleItem, which these roles intentionally omit.

    https://github.com/owncloud/ocis/pull/12346

  • Bugfix - Skip indexing of files still in postprocessing: #12350

    When the search service re-indexed a space in response to an UploadReady event, the walker visited sibling nodes whose blobs were not yet finalized in the blobstore. Content extraction for those in-flight nodes triggered spurious storage-users error logs (S3 NoSuchKey). The walker now skips nodes marked as processing; they are indexed when their own UploadReady event arrives.

    https://github.com/owncloud/ocis/pull/12350

  • Bugfix - Mask configs that hold secrets: #12397

    Envvars and their config structs can hold secrets. The ServiceAccount config is now masked.

    https://github.com/owncloud/ocis/pull/12397

  • Bugfix - Education user DELETE no longer 404s while leaving LDAP entry behind: #12400

    The education user delete handler used user.GetExternalID() for the backend DELETE, while the regular /users handler and the pre-v8.0 code path used user.GetId(). With the default RequireExternalID=false, the LDAP backend looked up the user by name-or-UUID, so the externalID never matched, the LDAP entry was never removed, and the response was a 404. This is now fixed.

    https://github.com/owncloud/ocis/pull/12400

  • Bugfix - Recover from permanently-closed NATS connections in the nats-js-kv store: #12402

    The nats-js-kv go-micro store plugin’s hasConn() only checked whether the connection object was non-nil, not whether it was still alive. Once the underlying NATS client exhausted its reconnect attempts (e.g. a NATS pod restart longer than the client’s reconnect window), the connection stayed non-nil but permanently closed. Because connection initialization is gated on !hasConn(), it never re-ran, so every subsequent KV operation failed with nats: connection closed until the affected pod was restarted.

    This surfaced as several user-visible failures backed by the NATS KV cache, e.g. all spaces becoming invisible (storage-users ListStorageSpaces) and download failures from missing signing keys (ocs).

    The store plugin now treats a closed connection as no connection, so the next operation transparently re-initializes it.

    https://github.com/owncloud/ocis/pull/12402

  • Bugfix - Return correct issuerAssignedId on /me: #12411

    The /graph/v1.0/me endpoint reported the internal user UUID as identities[].issuerAssignedId instead of the issuer-assigned identity (the OIDC sub). The endpoint took a fast path that built the user model from the CS3 user in the request context, which does not carry the external identity, so it fell back to the internal UUID. /me now always resolves the user through the identity backend, which reads the stored external identity and returns the correct value. Group memberships are still only expanded when $expand=memberOf is requested.

    https://github.com/owncloud/ocis/pull/12411

  • Bugfix - Keep personal space when Drives.Create permission check is inconclusive: #12429

    When a user’s role is (re-)assigned, both the proxy (on OIDC login) and the graph appRoleAssignment handler check the Drives.Create permission to decide whether to restore or disable the user’s personal space. The permission check collapsed two very different outcomes into a single false: the user genuinely lacks the permission, and the permission could not be determined (a transport error, or a non-OK status such as CODE_INTERNAL returned by the settings/gateway service). In the second case the code proceeded to disable the personal space, moving it to the trash, even though the user’s entitlement was never actually denied.

    utils.CheckPermission now distinguishes the three cases at the root: a transport error or a non-OK status other than PERMISSION_DENIED is surfaced as an error and the callers fail closed. The personal space is left untouched, and the graph appRoleAssignment handler additionally reverts the role assignment it just persisted so the user is not left in a half-applied state. The role transition is retried on the next login.

    https://github.com/owncloud/ocis/issues/12429

  • Bugfix - Fix the empty mount ID for reva config: #12492

    We fixed the empty mount ID for storage-users

    https://github.com/owncloud/ocis/pull/12492

  • Enhancement - Add web extensions deployment configuration: #11940

    We added deployment configuration for the photo-addon and advanced-search web extensions to the ocis_full example. This includes Docker compose files for both extensions and CSP configuration for OpenStreetMap tiles required by the photo-addon map feature.

    https://github.com/owncloud/ocis/pull/11940

  • Enhancement - Add AI-assisted development guide: #11941

    A new guide has been added to the oCIS documentation demonstrating how to build web extensions using AI-assisted development with Claude AI. The guide covers MCP connector setup, a five-phase development workflow, debugging techniques, and contribution workflows.

    This approach has been validated through real contributions including PR #11912 (photo metadata search backend) and web extensions PRs #305 and #306.

    https://github.com/owncloud/ocis/pull/11941

  • Enhancement - Bump Web to 12.3.1: #12015

    Bugfix owncloud/web#13553: Search Text Overalps With Search Icon In The Search Bar

    https://github.com/owncloud/ocis/pull/12015 https://github.com/owncloud/web/releases/tag/v12.3.1

  • Enhancement - Add space ID to incoming shares: #12024

    Added the spaceId to the incoming shares. This is aligning the graph API with the WebDAV API where the clients can use spaceid property. This change allows clients to get the space ID directly instead of having to parse the resource ID.

    https://github.com/owncloud/ocis/pull/12024

  • Enhancement - Add spaceid to REPORT: #12028

    Added the spaceid to the REPORT responses. This is aligning the REPORT method with the PROPFIND method.

    https://github.com/owncloud/ocis/pull/12028

  • Enhancement - Bump Reva version: #12051

    Bumped reva version

    https://github.com/owncloud/ocis/pull/12051 https://github.com/owncloud/ocis/pull/12087 https://github.com/owncloud/ocis/pull/12137 https://github.com/owncloud/ocis/pull/12302 https://github.com/owncloud/ocis/pull/12410 https://github.com/owncloud/ocis/pull/12492

  • Enhancement - Add ResourceID field to UploadReady event: #12060

    The UploadReady NATS event now includes a ResourceID field containing the file’s actual resource identifier (with the correct node OpaqueId). Previously, only FileRef was available, whose ResourceId.OpaqueId is set to the space root ID (required for CS3 gateway path resolution). Consumers that need the file’s unique identifier for Graph API or WebDAV operations can now use ResourceID.OpaqueId directly.

    https://github.com/owncloud/ocis/issues/12056 https://github.com/owncloud/ocis/pull/12060 https://github.com/owncloud/reva/pull/547 https://github.com/owncloud/reva/pull/560

  • Enhancement - Support numeric range queries in KQL: #12094

    The KQL parser now supports numeric range queries using comparison operators (>=, <=, >, <) on numeric fields. Previously, range operators only worked with DateTime values, causing queries like size>=1048576 or photo.iso>=100 to silently fail by falling through to free-text search.

    Affected numeric fields: Size, photo.iso, photo.fNumber, photo.focalLength, photo.orientation.

    https://github.com/owncloud/ocis/issues/12093 https://github.com/owncloud/ocis/pull/12094

  • Enhancement - Add blobstore CLI commands to storage-users service: #12102

    Added two new CLI commands under ocis storage-users blobstore to help operators verify and inspect the configured blobstore without needing direct access to the underlying storage system.

    blobstore check performs a full upload/download/delete round-trip using a random payload. The payload size is configurable via --blob-size and accepts human-readable values such as 64, 1KB or 4MiB (default: 64 bytes).

    blobstore get downloads a specific blob by its ID to verify it is readable. The blob can be identified either with --blob-id and --space-id, or by passing the raw blob path from a log line directly via --path. Both the s3ng key format (<spaceID>/<pathified_blobID>) and the ocis filesystem path format (…/spaces/<pathified_spaceID>/blobs/<pathified_blobID>) are accepted. When using the s3ng driver without a known blob size, an automatic retry with the actual size is performed on a size mismatch.

    Both commands read the existing service configuration, so they always target the same blobstore as the running service. Only the ocis and s3ng storage drivers are supported.

    https://github.com/owncloud/ocis/pull/12102

  • Enhancement - Optimize search index after bulk reindexing: #12104

    After an IndexSpace walk completes, the search engine now triggers a segment merge (compaction) on the bleve index. Over time, writes create multiple index segments that degrade query performance. The new Optimize() method calls bleve’s ForceMerge to consolidate all segments into one, improving subsequent search and lookup speed. This is especially beneficial after bulk reindexing large spaces.

    https://github.com/owncloud/ocis/issues/12093 https://github.com/owncloud/ocis/pull/12104

  • Enhancement - Add vault storage with MFA-protected access: #12108

    Added a dedicated vault storage that can be protected with MFA. A separate storage-users service instance configured in vault mode runs and serves /vault/users and /vault/projects mount points with a dedicated VaultStorageProviderID. The graph service gained a new vault mode (OCIS_ENABLE_VAULT_MODE) that serves the vault API under the /vault prefix. The storage registry now routes vault-specific requests exclusively to the vault storage provider, preventing accidental access to vault spaces when no explicit storage ID is provided.

    MFA status is propagated through gRPC metadata and forwarded in HTTP headers for WOPI/collaboration flows.

    https://github.com/owncloud/ocis/pull/12108

  • Enhancement - Retry and abort on repeated extraction failures during indexing: #12111

    During ocis search index bulk reindexing, if the content extractor (e.g. Tika) becomes unavailable, individual file extractions are now retried up to 5 times with a 1-second delay between attempts. If a file still fails after all retries, the failure is logged and the walk continues.

    If 5 consecutive files fail extraction (indicating the extraction service is down rather than a single file being problematic), the index walk is aborted with an error so the admin can investigate.

    Previously, extraction failures were silently logged and the walk continued at full speed, accumulating thousands of wasted “connection refused” errors when Tika was down.

    https://github.com/owncloud/ocis/pull/12111

  • Enhancement - Log effective data and config paths at startup: #12117

    OCIS now logs the effective data path and config path at startup so operators can immediately verify that data is written to the expected location. This helps catch misconfigured Docker volume mounts where data silently falls back to an ephemeral container path instead of the intended persistent mount.

    https://github.com/owncloud/ocis/issues/12044 https://github.com/owncloud/ocis/pull/12117

  • Enhancement - Allow resetting IDM service user passwords: #12118

    The ocis idm resetpassword command now supports a --user-type flag to select the account type: user (default, ou=users) or service (ou=sysusers). This allows resetting passwords for service accounts (libregraph, idp, reva) which live in ou=sysusers. Previously, the DN was hardcoded to ou=users, making it impossible to reset service user passwords via the CLI.

    https://github.com/owncloud/ocis/issues/12106 https://github.com/owncloud/ocis/pull/12118

  • Enhancement - Update images in the ocis_full deployment example: #12123

    • Update the docker images for core services and web-extensions - Moving all default image definitions (latest) into the .env file for consistency

    https://github.com/owncloud/ocis/pull/12123

  • Enhancement - Add ocis search optimize CLI command: #12136

    Added a new ocis search optimize command that compacts the search index by merging Bleve segments, without re-indexing content. The command opens the index directly (without requiring the search service to be running), making it safe to run during maintenance windows without blocking search queries.

    This is useful after bulk reindexing operations that create many small index segments, which can degrade search performance over time.

    https://github.com/owncloud/ocis/pull/12136

  • Enhancement - Add Keycloak to the ocis_full deployment example: #12139

    Added Keycloak to the ocis_full deployment example.

    https://github.com/owncloud/ocis/pull/12139

  • Enhancement - Allow multiple objectClasses on group creation: #12229

    Added support for configuring additional LDAP objectClasses when creating groups. The new OCIS_LDAP_GROUP_ADDITIONAL_OBJECTCLASSES / GRAPH_LDAP_GROUP_ADDITIONAL_OBJECTCLASSES environment variable accepts a list of extra objectClasses that are set alongside the primary GRAPH_LDAP_GROUP_OBJECTCLASS when a new group is created in LDAP.

    https://github.com/owncloud/ocis/pull/12229

  • Enhancement - Add SpaceEditorWithoutVersionsWithoutTrashbin space membership role: #12261

    Added a new space membership role “Can edit” (SpaceEditorWithoutVersionsWithoutTrashbin) that grants full editor permissions (create, upload, download, edit, move, delete) on a space without access to file versions or the trashbin.

    https://github.com/owncloud/ocis/pull/12261

  • Enhancement - Add vault capabilities to the OCS capabilities endpoint: #12283

    Added OCIS_ENABLE_VAULT_MODE / FRONTEND_ENABLE_VAULT_MODE config option to the frontend service. When enabled, the OCS capabilities endpoint advertises vault.enabled = true. Clients can request vault-specific capabilities via /ocs/v2.php/cloud/capabilities?vault=true, which returns a response with public sharing and federation sharing disabled.

    https://github.com/owncloud/ocis/pull/12283 https://github.com/owncloud/reva/pull/584

  • Enhancement - Disable public link sharing for vault resources: #12321

    The graph service now rejects creating, updating, and setting passwords on public links when the target resource lives in the vault storage provider. Requests targeting a vault resource return 400 Bad Request with the message public links are not allowed for vault resources.

    https://github.com/owncloud/ocis/pull/12321

  • Enhancement - Update web-extension images in ocis_fuill: #12324

    The imgages for web-extensions have been updated for the ocis_full deployment example.

    https://github.com/owncloud/ocis/pull/12324

  • Enhancement - Bump dependencies: #12325

    Bumped Go and npm dependencies, including security fixes:

    • github.com/owncloud/reva/v2 to v2.0.0-20260519092700-9da01c6fb954 - github.com/shamaton/msgpack/v2 v2.4.0 → v2.4.1 (CVE: denial of service) - filippo.io/edwards25519 v1.1.0 → v1.1.1 - github.com/cloudflare/circl v1.6.1 → v1.6.3 - github.com/russellhaering/goxmldsig v1.5.0 → v1.6.0 - postcss, fast-uri, @babel/plugin-transform-modules-systemjs (npm, via pnpm lock regen) - GitHub Actions: actions/upload-artifact 4→7, actions/download-artifact 4→8, pnpm/action-setup 5→6, fpicalausa/remove-stale-branches 2.4→2.6

    https://github.com/owncloud/ocis/pull/12325

  • Enhancement - Add VaultMode permission: #12328

    Add a new VaultMode.ReadWriteEnabled permission that gates the visibility of the vault mode switcher in the web UI. The permission is assigned to the admin, space admin and user roles. The user light role does not receive it.

    https://github.com/owncloud/ocis/pull/12328

  • Enhancement - Add vault themes: #12329

    We’ve added new themes that are available in the vault. These new themes are intended to make a clear distinction between regular drives and vault.

    https://github.com/owncloud/ocis/pull/12329

  • Enhancement - Bump Web to 12.4.2: #12450

    https://github.com/owncloud/ocis/pull/12450 https://github.com/owncloud/web/releases/tag/v12.4.2

  • Enhancement - Deprecate the owncloudsql storage driver option: #12486

    The value owncloudsql in the STORAGE_USERS_DRIVER environment variable is no longer a valid option and has been marked for deprecation.

    https://github.com/owncloud/ocis/pull/12486

  • Enhancement - Bump Web to 12.3.3: #13705

    https://github.com/owncloud/web/pull/13705 https://github.com/owncloud/web/releases/tag/v12.3.3

  • Enhancement - Bump Web to 12.4.0: #13809

    https://github.com/owncloud/web/pull/13809 https://github.com/owncloud/web/releases/tag/v12.4.0