Infinite Scale Server Release Notes

Infinite Scale 8.0.0 (Production) - Curie

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Summary of Notable Changes

  • The new environment variable PROXY_FORCE_STRICT_TRANSPORT_SECURITY has been added to prevent headers being sent back for insecure connections if the proxy service is connected insecurely but the client terminates securely.

  • New CLI commands have been added, in particular the Move Stuck Uploads and the Cleanup Orphaned Grants command. For details see the Migration and Upgrade section of the Infinite Scale admin documentation.

  • The user roles, along with their respective permissions and descriptions, have been streamlined. They are now more consistent, with each role with extended permissions building on the preceding one. Any existing assigned roles will automatically receive the updated definitions; no manual intervention is required.

  • Admins can use the collaboration service to prevent certain file extensions from being edited by certain collaboration apps. Disabling an extension will make it unavailable to the Office web front end.

  • The Graph Service can now be configured to reference the external ID of users during the provisioning process via an LDAP attribute. The final ID is provided by an external identity provider. If this is not set, a default attribute will be used instead. See the GRAPH_LDAP_REQUIRE_EXTERNAL_ID environment variable for details.

  • A new feature has been implemented to protect against brute-force password attacks when using public links. This feature is enabled by default. For details see the Migration and Upgrade section of the Infinite Scale admin documentation.

  • Infinite Scale can now be configured as a multi-instance application connected to the same Identity Provider (IDP).

  • Although this has no impact on the UI, all translation resources have been harmonised into a single Transifex project. This makes maintenance easier and means, that translation contributors can now find all the data in one place.

  • Several updates were made to the deployment examples:

    • Updated image versions including web-extensions.
      Please note that the provided image versions are tested to work with the deployment example that is shipped.

  • The underlaying Alpine image used for Infinite Scale has been updated to version 3.23.3, go has been updated to version 1.25.7

  • The library dependencies have been updated.

Upgrading Infinite Scale

See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

  • Since the deployment examples have been updated, you must update the configuration files, reconfigure them and pull new image versions. No data migration is necessary.

Known Issues

This section will be updated if issues are discovered.

Deprecations

See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

  • No new deprecations have been introduced.

  • Some deprecated environment variables have finally been removed.

Migrations

See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

  • If you are not using/configured the OCM service, no migration is necessary to upgrade from Infinite Scale 7.3 to 8.0.

Breaking Changes

OCM

See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

  • Breaking changes only apply when using OCM.
    These changes mean, that OCM is now fully compatible with other Open Cloud Mesh services and can be federated with them. As drawback, all OCM invitations and shares no longer work and must be resetup.

Infinite Scale 7.3.2 (Production)

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Issues Fixed

  • Enhancement: Add Strict-Transport-Security via proxy: #11896

  • Enhancement: Bump reva version: #11992

Infinite Scale 7.3.1 (Production)

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Issues Fixed

  • Upate translations: #11726

  • Do not disable sharing of resources when managing spaces via claims: #11836

Infinite Scale 7.3.0 (Production) - Balch

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Summary of Notable Feature Implementations

  • Support for Server Sent Events (SSE) has been removed for public links.

  • Allow rendering of the command: ocis graph list-unified-roles in Markdown or colorized. This command is relevant to developers and is only described in the developer documentation.

  • Added HTTP Strict Transport Security (HSTS):

    • Support for HTTP Strict Transport Security has been added. This reduces the opportunity for man-in-the-middle attacks and the leakage of sensitive information.

  • Enable scaling of the search service:

    • Previously, the search service locked the index for its entire lifetime, preventing other search services from accessing the index. With this change, however, the search service can be configured to lock the index on a per-operation basis, allowing other search services to access the index as long as no operations are ongoing.

  • Add custom labels for app tokens:

    • Once the auth-app service has been enabled and configured, tokens created previously are distinguishable by creation time and the encrypted token. Now, you can set a custom label when creating an app token.

  • Add improved rendering for WebOffice on Tablets and mobile devices:

    • A new, configurable feature has been added to improve the rendering of WebOffice on tablets and mobile phones. Previously, the desktop view was used to present data, which was not optimized for mobile devices. Please note that this feature is currently only available for OnlyOffice.

  • Display the roles in the WebUI in the language that the user has set up:

    • Previously, in the WebUI, a role was always shown in English. Now the role definitions are returned in the language set according the Accept-Language header, if present.

  • Several updates were made to the deployment examples:

    • Updated image versions including web-extensions.
      Please note that the provided image versions are tested to work with the deployment example that is shipped.

    • The definitions of the image versions for Traefik, Collabora, and OnlyOffice have been moved from their YAML files to the .env file. While this makes maintenance easier and gives more freedom for changes, it also means that you need to use the new .env file and reconfigure it with your existing settings.

    • The OnlyOffice Enterprise License Integration has been updated, introducing a new configuration environment variable. This allows you to test EE during a trial period without a license. Otherwise, the EE would not work at all.

Deprecations

  • No new deprecations have been introduced in Infinite Scale 7.3

  • Some existing deprecations have been removed from the code. See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

Migrations

  • There are no migrations necessary to upgrade from Infinite Scale 7.2 to 7.3

  • Since the deployment examples have been updated, you must update the configuration files, reconfigure them and pull new image versions. No data migration is necessary. See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

Breaking Changes

There are no breaking changes in Infinite Scale 7.3

Upgrading Infinite Scale

See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

Known Issues

This section will be updated if issues are discovered.

Infinite Scale 7.2.0 (Production) - Addams

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Summary of Notable Feature Implementations

  • You can now manage Spaces via the IDP by using the OCIS_CLAIM_MANAGED_SPACES_ENABLED setting. Once enabled, space management will only be possible via the IDP, not via the web UI. The necessary data will then be included in the claim. All services using this environment variable must be configured. See Environment Variables with Special Scopes for more details.

  • The search service can now be instantiated using the SEARCH_ENGINE_BLEVE_SCALE environment variable. See the important notes in the Search service documentation.

  • A new built-in role, SpaceEditorWithoutTrashbin, was added. It is a subset of the SpaceEditor role, but has no list/restore permissions for the trashbin.

  • When the auth-app service is enabled, authenticated endpoints will now announce WWW-Authenticate: Basic in a 401 response.

  • The ocm service has been improved for role and file editor permissions. Share and unshare notifications are now being created.

  • A new CLI command has been added to delete all nodes that are in processing state and not referenced by an upload session.

  • Error logging has been improved for the following cases:

    • Users fail to add, update, or remove another user in a space.

    • Improve postprocessing logs to make it easier to trace successful and failed uploads.

  • The collaboration service received a security update to the WOPI protocol token handling.

  • Several updates were made to the deployment examples:

    • Updated Image versions including web-extensions.

    • Web Office hardenings. The collaboration service will now remain in the Docker network and will not be exposed to the outside. If you plan to use Microsoft Web Office with the collaboration service or are already using it, note that you must expose the collaboration service to the outside, which requires reconfiguration.

    • PDF form documents are now created using the correct PDF extension instead of the DOCXF extension. This change affects collaboration with OnlyOffice. Note that a PDF form document is a Portable Document Format (PDF) file that includes fillable fields, allowing users to input data directly into the document.

  • Translations for DE, UK, RU, ES and CA have been completed and/or updated.

Deprecations

  • No new deprecations have been introduced in Infinite Scale 7.2

  • Some existing deprecations have been removed from the code. See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

Migrations

  • There are no migrations necessary to upgrade from Infinite Scale 7.1 to 7.2

  • Since the deployment examples have been updated, you must update the configuration files, reconfigure them and pull new image versions. No data migration is necessary. See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

Breaking Changes

There are no breaking changes in Infinite Scale 7.2

Upgrading Infinite Scale

See the Migration and Upgrade section of the Infinite Scale admin documentation for more details.

Known Issues

This section will be updated if issues are discovered.

Infinite Scale 7.1.4 (Production)

This release is a bugfix release for the backend and implements some enhancements for the webUI only.

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Issues Fixed

  • Fix storage-users CLI: #11290

  • Return translated role definitions: #11466

  • Fix space root handling in a sharedByMe: #11533

  • Bump Reva: #11560

  • Translations have been updated

Infinite Scale 7.1.3 (Production)

This release is a bugfix release for the backend only.

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Issues Fixed

  • Fix Share roles translation: #11241

  • Fix collaboration service LastModifiedDate: #11328

  • Fix translations in Settings: #11361

Enhancements

Infinite Scale 7.1.2 (Production)

This release is a bugfix release for the backend only.

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Issues Fixed

  • Fix pdf form creation: #11163
    Note that if you are using one of the compose deployment examples, you should update the files as well because of some related changes.

Infinite Scale 7.1.1 (Production)

This release is a bugfix release for the backend and implements some enhancements for the webUI only.

Please find the most important changes described here or refer to the changelog for a complete list of changes:

Issues Fixed

  • General translation updates sourced from both the ocis and the web repo.

  • Fix translations of editor roles: #11116

  • Several bugfixes for password protected folders and other small fixes. For details see the: webUI changelog

Infinite Scale 7.1.0 (Production)

Please find the most important changes described here or refer to the changelog for a complete list of changes:

General Information

This Infinite Scale release provides new functionalities, many bug fixes and internal dependency updates. See the Upgrading Infinite Scale documentation for details how to upgrade.

Summary of Notable Feature Implementations

  • Users can now configure notification preferences for events in the user settings of the web UI. Notifications can be sent to the browser and/or via email. When sending via email is selected, the user can define the interval emails are sent. Events triggering the emails are stored, if selected for delayed sending, in a named group like daily or weekly. To send all the emails of a group, the admin needs to trigger a configurable command line job, usually via cron.

    For configuration details see: Changed Environment Variables in Versions and the notifications service.

  • Users can now create password-protected folders. They provide an additional layer of security for sensitive or confidential information stored within Infinite Scale. For details see the password-protected-folders readme.

  • The OCM service (federated sharing, ScienceMesh) got productivity improvements.

  • The compose based deployment examples got updated images. See the Updating and Upgrading compose example description for more details.

Deprecations

No deprecations have been introduced in Infinite Scale 7.1

Migrations

There are no migrations necessary to update from Infinite Scale 7.0 to 7.1

Breaking Changes

There are no breaking changes in Infinite Scale 7.1

Known Issues

This section will be updated if issues are discovered.

Infinite Scale 7.0.1 (Production)

This release is a bugfix release only and fixes a security issue.

Issues Fixed

Infinite Scale 7.0.0 (Production)

This release brings significant enhancements in performance and stability. It is also designed to provide an optimized experience for both end users and administrators. Please find the most important changes described here or refer to the changelog for a complete list of changes:

General Information

Each rolling release of Infinite Scale provided many bugfixes. For details see the linked changelog of each release.

Summary of Notable Feature Implementations

Each rolling release of Infinite Scale has notable features added, see the following summary list
Additional features or functionalities added

  • New maintenance CLI commands have been added, see link in the migrations section for details.

  • The following services have been added:

    • activitylog
      It is responsible for storing events (activities) per resource.
      Note that the implementation of the activitylog service is a breaking change. For details see Breaking Changes section.

    • auth-app
      It provides authentication for 3rd party apps.

    • collaboration
      It connects with web office document servers such as Collabora, ONLYOFFICE or Microsoft using the WOPI protocol. Note that the collaboration service replaces the external cs3org/wopi server used before. If you have used document servers with the external wopiserver, we highly recommend using the collaboration service which is a breaking change. For details see Breaking Changes section.

  • Content Security Policy:
    When using external services like an IDP, web office document servers or web apps (like provided in our docker compose deployment examples), a Content Security Policy (CSP) has been implemented to secure the environment. For details on web office/apps see the next list item. For details on CSP see Breaking Changes section.

  • Fully customisable deployment examples ready for production use including web office, based on docker compose. See Local Production Setup and Deployment on Hetzner.
    Note that with these examples, you can easily enable additional web apps like draw-io, external-sites, json-viewer, unzip, progressbars and others.
    Though provided via the compose example setup, no support can be given for these web apps.

  • Additonal external web apps can be configured manually to the deployment examples.

    • Dicom Viewer
      The Dicom Viewer Web Extension offers an easy way to preview medical images of DICOM standard (.dcm) such as Ultrasound, X-ray, CT scan, MRI, including all their corresponding meta data. The app offers image manipulation operations such as zoom in and out, rotation, flipping, colour inversion on the image preview.

    • 3D Model Viewer
      The 3D model viewer Web Extension is an extension for ownCloud Web which offers preview of .glb, .stl, .fbx, and .obj files. The app allows zooming and rotating the model, navigating between model files, plus it supports full screen view.

    • Presentation Viewer
      The Presentation Viewer Web Extension allows rendering markdown slide presentations from .md files with reveal.js. It can be used both for preview and for sharing the slides using public links.

    Though referenced here, no support can be given for these web apps.

  • PosixFS
    With PosixFS, you can use, with some restrictions, a posix based filesystem with shared access for user data. Infinite Scale manages data as usual, but also recognizes changes on the filesystem that are not initiated by Infinite Scale. On the other hand, a user or service can read and write data directly to the filesystem like before without the need to go thru Infinite Scale. For details see the General Storage Considerations and Settings documentation.

    The PosixFS integration is an experimental feature and should not be used in production!

Known Issues

The following is a list of known issues identified in Infinite Scale rolling releases 6.x that still exist:

OCM
OCM is still in experimental phase!

Deprecations

Migrations

See the Upgrading Infinite Scale documentation for migration and upgrade steps.

Breaking Changes

Infinite Scale

  • The activitylog service has been added.
    To make it work, the Infinite Scale config must be updated. See the link in the migrations section above for details how to do so.

  • The collaboration service has been added.
    The Infinite Scale config must be updated. If you have used web office document servers with the external cs3org/wopi server, you should switch to the collaboration service. See the link in the migrations section above for details how to do so.

  • A Content Security Policy (CSP) has been implemented to secure the environment. Its configuration is described in the proxy service. Without configuration, external services like an IDP, web office document servers or web apps will refuse to work for security reasons.

Web UI

  • Deprecated config options have finally been removed, see #11256.
    Note that these config options were able to be set via the WEB_UI_CONFIG_FILE environment variable. Having one of the deprecated options set, will not have any impact.

  • The draw-io app has been removed as a default Web app. It’s now part of the web-extensions repository. See the deployment examples for how to integrate them.

  • The importer app has been removed as a default Web app. It’s now part of the web-extensions repository. See the deployment examples for how to integrate them.

Release Notes Before 7.0

For earlier versions of Infinite Scale than 7.0, see the Older Infinite Scale Server Release Notes page.