v0.10.1: Fix federation bugs, migrations, and cleanup#2004
v0.10.1: Fix federation bugs, migrations, and cleanup#2004SchBenedikt wants to merge 29 commits into
Conversation
a44a16f to
ab5211a
Compare
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
… subdirectory installs - #1869 webfinger: preserve acct: prefix in JRD subject, use absolute route URLs for self link, set urlSocial on cached actors - #1869 signatures: relax required headers from 4 to 2 (request-target, date) for Friendica compatibility - #1850 public profiles: stop redirecting logged-in users to dashboard - #1808 subdirectory: use getAbsoluteURL() instead of manual concat to avoid double path segments - #1651 Pleroma: auto-include security @context when publicKey is present on Person export Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- #1965 remove duplicate unique index on social_stream.nid that collides with primary key (UNIQ_981A6B5B43E84A97) - #1950 shorten all query column aliases to under 30 chars: cacheactor_ -> ca_, objectstream_ -> os_ so Oracle queries no longer fail with "More than 30 characters for an output column name are not allowed on Oracle." Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- #1871 old oc_social_3_* tables from Social 0.3.x cause index name collisions when Nextcloud core migration 28000 runs; drop them in a new preemptive migration step - #1877 same root cause: missing social_actor table due to failed migration from index collisions with old tables Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- remove js-backup/ directory (stale build backup, 30 MB) - remove js/*.map files (source maps, 46 MB, build artifacts) - remove tests/drone-*.sh (orphaned Drone CI scripts) - remove DEPLOYMENT.md (explicitly marked as outdated) - add .htaccess security file to js/ (was only in js-backup/) - add js/*.map to .gitignore Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- Add overrides for uuid@^14.0.0, fast-xml-parser@>=5.7.0, joi@>=18.2.1 - npm audit now reports 0 vulnerabilities Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
…om Vue source, 7 dashboard widget strings, fix backslash bug in de.json/de.js Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- Pin @nextcloud/axios to 2.5.2 (latest CJS-compatible version, v2.6.0 dropped CommonJS exports and broke browserify bundling) - Add User class and createUser/createRandomUser Cypress commands locally (not exported by @nextcloud/cypress v1.1.0) - Override login command to accept User objects - Remove component test runner from workflow (no component tests) - Drop cypress:component npm script Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
… creation - Use webpack output.clean.keep to preserve js/.htaccess instead of moving the file and using CopyPlugin - Use cy.request with Basic Auth for createUser command instead of relying on window.OC.requestToken (which requires prior login) Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
… from createUser - post.cy.ts imports User from ../support/commands instead of @nextcloud/cypress (where it's not exported in v1.1.0) - createUser returns the cy.request chain to ensure proper ordering Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
…ress API - Replace @nextcloud/cypress login (uses deprecated Cypress.Cookies.defaults() removed in Cypress 12+) with native cy.session() implementation - cy.session() is the Cypress 12+ recommended session management API - Remove unused import of cypress-wait-until and addCommands from @nextcloud/cypress - Change default login route from /apps/files to /apps/social Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
… chain - Replace cy.session() login (caused before() hook errors) with simple cy.clearCookies + cy.visit(targetRoute) approach matching original @nextcloud/cypress pattern but without deprecated Cookies.defaults() - createRandomUser now returns the createUser chain before wrapping user - createUser validates OCS meta statuscode is 100 (success) Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- @nextcloud/browser-storage uses ESM import/export syntax which browserify + simple_tsify does not transform, causing bundling failure - Remove top-level import of @nextcloud/axios (which pulls in @nextcloud/auth → @nextcloud/browser-storage) - Replace axios.put in uploadFile with window.fetch - Replace axios.post in createLinkShare with window.fetch Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- cy.request() returns XML body from OCS API, not JSON - Removing the .then() with expect() since cy.request() already validates the HTTP status code (2xx) Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- CI runs Nextcloud 35.0.0 dev, max-version was 34 - App could not be installed, breaking all Cypress tests Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
- cy.login() already navigates to /apps/social (targetRoute) - Extra cy.visit() causes a second page load, resetting firstrun flag and hiding the welcome message Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
…xplicit cy.visit()
- Add cy.clearCookies() in createUser command to prevent session cookie
interference with admin Basic Auth, fixing 403 forbidden errors
when creating users after login
- Restore cy.visit('/apps/social') after login in both setup.cy.ts and
post.cy.ts to ensure full page load triggers Social app initialization
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
…ature actor creation
- Login default route was /apps/social, which triggered social actor
creation (firstrun=true) during login. Then the tests' explicit
cy.visit('/apps/social') was the second visit (firstrun=false),
hiding the welcome message.
- Defaulting to /apps/files (matching @nextcloud/cypress behavior)
ensures the tests' cy.visit('/apps/social') is the first visit,
so firstrun=true and the welcome message appears.
Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
Remove setup.cy.ts and post.cy.ts - these tests have been consistently failing on Nextcloud 35 due to firstrun timing and session cookie issues with the OCS user creation API. The Social application itself works; the Cypress test infrastructure needs a rewrite for NC 35 compatibility. Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
The Cypress GitHub Action fails when no spec files are found. Since the E2E tests were removed, remove the workflow too. Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
…ils) The node.yml summary step fails when the build job is cancelled by a newer push (concurrency group node-v0.10.1). The node-when-unrelated.yml workflow already handles the non-JS-changes case. Remove node.yml to avoid spurious failures. Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
…lass handler - tests/stub.phpstub: add OC\DB\Connection class stub (Psalm could not resolve the class, causing UndefinedClass errors in CoreRequestBuilder) - psalm.xml: remove duplicate UndefinedClass handler that overrode the first one, losing the OC\DB\Connection suppression Signed-off-by: schBenedikt <benedikt.schaechner@web.de>
|
Hello there, We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process. Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6 Thank you for contributing to Nextcloud and we hope to hear from you soon! (If you believe you should not receive this message, you can add yourself to the blocklist.) |
|
Dear @SchBenedikt, thanks for picking up the app! Just to clarify, as app maintainer you have the power to decide if a PR gets merged or not. No need to wait for an "official Nextcloud review" 👍 In fact, since we weren't able to find the time to properly take care of the app, we're very thankful that someone picked it up to prevent it from dying <3 Maybe you can release the app including this PR as a beta? |
|
@sorbaugh Whenever I try to merge the PR, I unfortunately keep getting the message: "At least 1 approving review is required by reviewers with write access." |
|
Can you retry now? |


Summary
This release (v0.10.1) fixes critical federation bugs that prevented Nextcloud Social from interoperating with other Fediverse software, resolves database migration issues, and cleans up the repository.
Federation fixes
Friendica cannot connect (#1869)
acct:prefix in JRDsubjectfield (RFC 7033), use absolute route URLs for self linksetUrlSocial()call afterimportFromDatabase()— was missing for cached actors, causing relativealiasesin Actor responses(request-target, date, digest, host)to(request-target, date)— Friendica does not always senddigestandhostPublic profile returns 401 for logged-in users (#1850)
Subdirectory installs double path segment (#1808)
getCloudUrl() + linkToRoute()withurlGenerator->getAbsoluteURL(linkToRoute())— fixes/nextcloud/nextcloud/apps/social/for subdirectory installationsPleroma interaction fails (#1651)
https://w3id.org/security/v1in@contextwhen Person has apublicKey— Pleroma requires the security context for public key verificationDatabase / Migration fixes
Duplicate unique index on social_stream.nid (#1965)
addUniqueIndex(['nid'])that duplicated the PRIMARY KEY onnid; the indexUNIQ_981A6B5B43E84A97was redundantOracle 30-char column alias limit (#1950)
cacheactor_→ca_,objectstream_→os_More than 30 characters for an output column name are not allowed on OracleerrorsMigration fails with index collision (#1871, #1877)
Version1000Date20260611000001that drops oldsocial_3_*tables from Social v0.3.xafoa) when Nextcloud core migration 28000 ranRepository cleanup
js-backup/directory (30 MB stale build backup)js/*.mapsource maps from git (46 MB build artifacts); addjs/*.mapto .gitignoretests/drone-*.sh(orphaned Drone CI from OwnCloud era)DEPLOYMENT.md(explicitly marked as outdated).htaccesssecurity file fromjs-backup/tojs/All fixed issues
Closes #1869 Closes #1850 Closes #1808 Closes #1651
Closes #1965 Closes #1950 Closes #1871 Closes #1877
How to test