10.0.8RC1/2/3 - Changelog Testing

[patrickjahns]

Changelog for 10.0.8. Summary

Summary of the complete Changelog: https://github.com/owncloud/core/blob/stable10/CHANGELOG.md

This summary has a QA purpose.

Added

• Share personal cleanup + note - [[stable10] Share personal cleanup + note #30486] ([stable10] Share personal cleanup + note #30486) - Share personal cleanup + note #29935 (comment) was fixed in RC2 @SergioBertolinSG
• Add option to disable link share password enforcement for write-only shares - #30408 @SergioBertolinSG
• Make syslog output configurable, introduce new default that includes the request id - #30346 @PVince81 - works
• Added new API event for zip file download - #30067 @SergioBertolinSG not testable, just improvements for future enhancements
• Added new API event for public link creation - #30067 @SergioBertolinSG not testable, just improvements for future enhancements
• Added command to verify and fix checksums - #31008 - @SergioBertolinSG Bugs found - Command files:checksums:verify doesn't print that the verification went well when showing output. #31133 and Command files:checksums:verify should inform that it is not prepared to work with encryption instead of fail. #31136
• Introduce seen and single user sync command line features - #31025 #31032 - @jvillafanez ❌ 0.11.0 release checklist user_ldap#174 (comment)
• Added config setting to specify minimum characters for sharing autocomplete - #30994 #31067 @SergioBertolinSG - works but tooltip is confusing Tooltip in sharing autocomplete doesn't mention it is autocompleting #31137
• Added personal note field for link share email - #30486 #30571 #30813 #31057 @SergioBertolinSG
• Add conditional Logging target logfile for shared_secret and users - #30443 @SergioBertolinSG - Missing conditional logging target logfile for users #31200 It was a configuration problem on my side.
• Add Webdav-Location header in private link redirect - [[stable10] Add Webdav-Location header in private link redirect #30387] ([stable10] Add Webdav-Location header in private link redirect #30387) #30595 @SergioBertolinSG
• Added "uid" parameter to "validatePassword" events - #30334 @SergioBertolinSG
• Added log entry when the "data-fingerprint" command was run - #30281 @PVince81 - works (note: needs loglevel <= 1)
• Added "heic" and "heif" as image mime types for thumbnails - [[stable10] Add heic and heif as image mime types #30108] -([stable10] Add heic and heif as image mime types #30108) @SergioBertolinSG Thumbnails are not generated, only detected as pictures in the web ui (not iOS app).
• Added new API events for commenting actions - #30142 @SergioBertolinSG
• Added "register notifier" event for use with the notification emails feature - #30613 @SergioBertolinSG
• Added group option to files:scan command - #30615 @PVince81
• Added warning if no files to process in occ files:transfer-ownership command - #30612 @patrickjahns + 🤖 (acceptance tests)
• Added user:modify command to core - #30652 @PVince81 => works changing display name and email
• Added config switch to enable fallback to http scheme when creating fed shares - #30646 @patrickjahns @DeepDiver1975 ❌ - see 10.0.8RC1/2/3 - Changelog Testing #31098 (comment)
• Added repair step for orphaned sub-shares - #30695 @jvillafanez - ❌ [stable10] Adding repair step for sub share #30695 (comment) => deferred to 10.0.9, no revert as it causes no issues
• Added repair step to fix orphaned reshares - #31004 @jvillafanez (Checked with mysql and postgresql, untested with sqlite and oracle)
• Added Symfony event to let apps resolve private links - [[stable10] Add symfony event for resolving private links by apps #30911] ([stable10] Add symfony event for resolving private links by apps #30911) => test that private link of file in trash can open (trashbin uses this event) @SergioBertolinSG
• Added Symfony events for delete and create share - #31026 @SergioBertolinSG
• Added Symfony events for group membership events - #31003 @SergioBertolinSG
• Added config.php option to select apps to ignore missing signature file (mostly for themes) - #30891 #31066 Confirmed by @thommierother [stable10] Add a config option to ignore missing signature #30891 (comment)
• Added ability for full-page frontend-only apps in info.xml - #30918 @PVince81 - tested with phoenix build in "apps/phoenix", app can be enabled and opened full screen
• Files app UI now retries chunk uploads in web UI on stalled uploads - #31005 @PVince81 - 🚫 when simulating chunk failure, the upload finishes with error about sum of chunks sizes not matching => reverted in RC3
• More user-friendly email address input in link share dialog - #30945 @PVince81 - select2 input appears and autocomplete works (seen in [stable10] Email autocomplete for link shares without local users #30998 (comment))

[patrickjahns]

Changed

• Renamed SMB logging config.php settings from "wnd" to "smb" - #30244 @patrickjahns
• Improved error messages in user:delete command - #30164 @patrickjahns
• Allow avatars to be visible publicly for public calendar - #30228 @patrickjahns
  ❌ - decision was to revert this: No public avatars #30961
• Validate email address in mail settings section - #30315 @patrickjahns
• Only decrypt users who have already logged in with decrypt-all occ command - #30640 @patrickjahns
• Replace usage of "create_function" in PHP - #30714 NOT QA relevat
• Provisioning API can now properly set default or zero quota - #30755 @patrickjahns
• User quota setting can be queried through provisioning API - #30850 @patrickjahns

Library updates

• Bump PHP to 5.6.33 in composer - #30403
• Bump phpseclib/phpseclib from 2.0.3 to 2.0.10 - #30052 #30537
• Bump phpunit and symfony/translation to match master - #30410
• Bump guzzlehttp/guzzle from 5.3.1 to 5.3.2 - #30217
• Bump lukasreschke/id3parser from 0.0.1 to 0.0.3 - #30085
• Bump symfony to 3.4.5 - #30689
• Bump symfony/translation from 3.2.4 to 3.3.16 - #30380
• Bump latest symfony and sabre/vobject point versions - #30266
• Bump karma from 1.5.0 to 2.0.0 in /build - #30050
• Bump punic/punic from 1.6.5 to 3.1.0 - #30550
• Bump symfony to 3.4.6 and Sabre vobject to 4.1.5 - #30768
• Bump sabre/http from 4.2.3 to v4.2.4 - #30599
• Bump jakub-onderka/php-parallel-lint from 0.9.2 to 1.0.0 - #30626
• Bump behat/mink-extension from 2.3.0 to 2.3.1 - #30706
• Bump league/flysystem from 1.0.42 to 1.0.43 - #30704
• Update composer in stable10 with versions as at 2018-02-07 - #30390

[patrickjahns]

Fixes

• Fix wording if you are not a member of any groups - #30558 @patrickjahns

• Fix for error when querying non present log_secret - #30470 @patrickjahns

• Free resources in preview providers - #30533

  • not testable by QA @patrickjahns

• Make theming work when theme app is outside the ownCloud root - #30477 @PVince81 - Enabled theme app outside of OC folder doesn't work #31170 => works in RC3

• Don't try decrypting federated shares in decrypt-all command - #30155 @sharidas link => [stable10] Don't try decrypting federated shares in decrypt-all command #30155 (comment)

• Keep null in getMetaData in Checksum storage wrapper, fixes some files:scan scenarios - #30302

  • @IljaN

• Fix failure of shares which are already moved with transfer ownership - #30161 @PVince81 => 🚫 link share of recipient on sub-entry is lost after transfer, raised Lost share when transferring files to recipient #31150 => deferred to 10.0.9

• Return 403 instead of 503 to resume syncing of desktop client - #30353

  • help from desktop team for testing - Encryption: When a file cannot be decrypted, the GET returns an error 503 which aborts the sync #29794 (by @patrickjahns ) - @SamuAlfageme -> Encryption: When a file cannot be decrypted, the GET returns an error 503 which aborts the sync #29794 (comment)

• Fix validation for new encryption storage key location - #30357

  • will summon @pako81 Server-side encryption: issue after moving key storage root, validation missing #27660

• Prevent share icon from shrinking with long texts - #30352 @PVince81 - only partially fixed, see Long public share name hides share options and deforms icon #29821 (comment) confirmed fixed in 10.0.8RC2

• Fixed regression where a user could not set own email address in the settings page - #30319 @PVince81 10.0.8RC1/2/3 - Changelog Testing #31098 (comment)

• Check trashbin permissions before moving to trash, fixes deletion as guest user - #30240

  • tested via guests app / trashbin icon still visible for guests

• Handle no read access to skeleton - #30241 @patrickjahns

• Fix file name escaping in error messages in web UI related to file operations - #30193 @patrickjahns

  • covered by 🤖 (automated tests)

• Show new basename and extension while waiting for rename operation to finish in web UI - #30040 @patrickjahns

• Fix deletion of group with special characters in web UI - #30111 @patrickjahns

• Fix missing preview in file upload conflict window - #30125 @patrickjahns

• Convert null to empty string for Oracle in file cache accessor - #30224 @patrickjahns

• Filter sender display name in mail notification handler - #31056 @patrickjahns

• Filter file name when sending internal mail - #31046 @patrickjahns

• Email autocomplete in link share dialog will not return local/federated users any more, only contacts - #30998 @PVince81 - tested with [stable10] Email autocomplete for link shares without local users #30998 (comment)

• Fix settings page where elements are inline when they shouldn't - #30988 @PVince81 - visual test on settings page with multiple resolutions

• Do not log errors when uploading forbidden file format - [[stable10] A new exception to suppress exception logs #30991]
  ([stable10] A new exception to suppress exception logs #30991)

  • @patrickjahns : ❌ partially working - but is it the expected behavior?

• Fix upload issue by replacing emittingCall with separate before and after events - #30986 @SergioBertolinSG

• Fix Symfony event emittingCall by adding return - #31045 @SergioBertolinSG

• Remove unsupported "enable for groups" field for theme apps - #30948 @patrickjahns

• Added OneNote 2016 user agent string to make it work with Webdav - #30965

  • @patrickjahns: pinged @mmattel

• Fix repair command and added more files:scan unit tests - #30618 #30959 @PVince81 - repair command runs with "all" or specific user (note: the only broken part was because of the fix "Continue in case of rare error" which introduced a bug which was fixed by [stable10] Fix repair command + more scan unit tests #30618 and [stable10] Fix repair constructor for single user repair #30959)

• Mask "marketplace.key" in config list as it is sensitive - #30917 @patrickjahns

• Set empty authtoken names to 'none' as empty is not allowed any more - #30908 @PVince81 10.0.8RC1/2/3 - Changelog Testing #31098 (comment)

• Treat any unknown app version as 0.0.1 - [[Stable10] Treat any unknown app version as 0.0.1 #30890] ([Stable10] Treat any unknown app version as 0.0.1 #30890) @PVince81 - works, tested with steps from the PR

• Ignore multiple slashes in http path - #30854 - @PVince81 tested in browser

• Use storage specific move operation for object store - #30817 @IljaN

• Fix webUI display of group containing numeric username - #30811 - @PVince81 🤖 spotted

• Fix calendar changes limit - #30816

• Properly use error exit code for unsupported PHP version - #30780 @patrickjahns

• Unbrand Personal security sessions message - #30754 @patrickjahns

• Propagate move exception messages to the frontend - #30791 @PVince81 - works. Throw exception in View::rename() and its message is displayed

• Fix chunk size comparison for big values on 32-bit systems - #30772

  • @patrickjahns : not further tested as we do officially do not support 32 bit systems

• Make error origin more distinguishable in some filesystem code paths - #30682 @PVince81 => not testable as not reproducible

• Don't send emails when importing calendar/events - #30666 @DeepDiver1975 - works as before

• [Fix file mtime issue on 32-bit systems - #30546

  • @patrickjahns : not further tested as we do officially do not support 32 bit systems

• Continue in case of rare error in files:scan repair command - #30494 @PVince81 - 🚗 not testable because not reproducible

• Modals dialogs can now scroll, improves link share dialog UX - #30424 @PVince81 - public link share dialog scrollable when vertical space is narrow

• Adjust link share wording and fix translations - #31036

• @patrickjahns + 🤖

• Guide users to also check spelling for typos in federated share id - #30355 => ⛔ missing code path Hint to users to check spelling when they type in wrong fed cloud ids #30159 (comment) (would consider "known issue" as it's minor)

• Fixed issue with number of hidden files not updating on renaming a file - #30359 @PVince81 - rename "test" to ".test" updates file count when hide mode is enabled in web UI

• Fix deleted items auto expiration for users with no quota - #30163

  • fix alone @PVince81 - confirmed broken in 10.0.5 and fixed in 10.0.8 RC2
  • regression test retention / trashbin expiration

• Fix caldav and carddav syncing when dealing with lots of data - #30252

• Don't restrain width of icon-logo - #30282 @PVince81 - visual test with example theme as per [stable10] Don't restrain width of icon-logo #30282 (comment) (confirmed broken on 10.0.5 and fixed in 10.0.8 RC1)

• Proper error message when trying to add user to a group they are already member of in web UI - #30194 @patrickjahns

• Fix app author parsing in apps page - #30043 @patrickjahns

  • tested with polls and qwnotes app 10.0.7 vs 10.0.8

• Fix files endpoint bug when downloading vCard - #30149 @PVince81, confirmed broken in 10.0.7 and fixed in 10.0.8 RC2 using steps from Malformed vCard downloads trough the new webDAV endpoint result in a server error #30078

• Use LargeFileHelper to calculate log file size - fixes Estimated log size is way off #30227 - #30234 @PVince81 - log file size still looks ok. Not testing on 32-bit system.

[patrickjahns]

Removed

• Removed private oc_current_user Javascript variable - #30486 #30556
  @PVince81 - evaluate "oc_current_user" in 10.0.5 and 10.0.8 RC1

• Remove app store config values from config.sample.php - #30422 @patrickjahns

• Remove documentation of the theme option in config.sample.php - #30350 @patrickjahns

• Remove unused config.sample.php parameters - #30933 #30812 @patrickjahns

• Remove "Unlimited" word from quota report in personal page - #31041 @patrickjahns

[IljaN]

To test checksum repair command, upload a file and then manually modify checksum column in oc_filecache to something else.

More notes here: owncloud-archive/documentation#4014

[patrickjahns]

⚠️ Critical / Auth / Security related ⚠️

Fixxed

• Refactored metadata sync code to unify behavior across all login methods - #30638
  • Properly create a session for a pure token based request, fixed oauth2 issues - #30542
• Catch session unavailable exception - #30347 #30623
• Fixing logout for app password scenario - #30591 [*] @IljaN [ ] @patrickjahns
  • Test with app-password login via client with ldap [*] @IljaN [ ] @patrickjahns
• Proper HTTP status code on login exception - #30639 @patrickjahns + 🤖 (api tests cover this scenario as well )
• Fix some CSRF issues on Webdav endpoint by only checking for POST method - #30358 @IljaN
• Adding a system configuration for global CORS domains - #30906
  • @IljaN
• Better label for CORS in settings section - #30663
  • @IljaN
• Allow regular users to change their CORS domains - #30649
  • @IljaN
• Remove implicit login in base.php to remove bogus "Login failed" logs - #30814
  • @patrickjahns / @SamuAlfageme -> confirmed it is fixed in 10.0.8
• Initialize root folder service later to fix user backend registration order issue - #30810
  • @voroyam has tested it with the initial issue that caused the error and confirmed it is now fixed
• Check apache auth on login form - #31074
  @patrickjahns - checked and tested with upcoming user_ldap app
• Check basic auth credentials periodically after a timeout instead of … - #31076 @patrickjahns
• Polish totp middleware a little - #30849 @phil-davis
• Fix CORS OPTIONS request for unauthenticated requests - #30912
  • @IljaN
• Validate system path data used in findBinaryPath - #30061 @settermjd unit tests are enough
• Properly filter link share email parameters - #30165
  • @patrickjahns confirmed fixed on RC1

[DeepDiver1975]

Removed private oc_current_user Javascript variable - #30486 #30556

We had a regression in calendar which was resolved already owncloud/calendar#884

[patrickjahns]

@DeepDiver1975 @PVince81
Can we put this in "developer" release notes - so third party developers will know about this change ?

[pako81]

@patrickjahns Tested:

Fix validation for new encryption storage key location - #30357

Works perfectly. Please go ahead and tick the checkbox

[jvillafanez]

Added repair step to fix orphaned reshares

Currently untested with oracle... any chance to test it with it? I haven't found easy support to test it with oracle.
I'm marking as passed as it works fine for mysql and postgresql, although the performance looks scary for large datasets on first sight. I'm not sure how fast it will behave or if we can do something about it.

[patrickjahns]

@jvillafanez
docker run -p 1521:1521 deepdiver/docker-oracle-xe-11g - then you have oracle.

If you need a container with oracle php modules - you can use https://hub.docker.com/r/owncloudci/php/tags

Note:

with the oracle container above - database username is autotest - database password is owncloud and database is XE - ref: https://github.com/owncloud/core/blob/master/tests/drone/install-server.sh

[PVince81]

Can we put this in "developer" release notes - so third party developers will know about this change ?

This was never supposed to be public API but people still used this.

We can add a note in the regular release notes as we don't have developer release notes.

[PVince81]

Tested "Fixed regression where a user could not set own email address in the settings page - #30319"

• TEST: email can be saved when opening confirmation link while being logged in
• TEST: email can be saved when opening confirmation link while being logged out then logging in
• TEST: correct error when opening confirmation link as the wrong user

[PVince81]

Tested "Set empty authtoken names to 'none' as empty is not allowed any more - #30908"

• TEST: Setup OC 10.0.4, created two app tokens, one with no name and one with a name, upgrade to 10.0.8RC1 => both tokens still work => DB contains "(none)" for the formerly unnamed token

[PVince81]

Ticked "Added config.php option to select apps to ignore missing signature file (mostly for themes)" as Confirmed by @thommierother #30891 (comment)

[PVince81]

Tested "Guide users to also check spelling for typos in federated share id - #30355" => with failure: no_entry missing code path #30159 (comment) (would consider "known issue" as it's minor)

[PVince81]

Tested "Added user:modify command to core - #30652" => works changing display name and email

[PVince81]

Tested "Fix failure of shares which are already moved with transfer ownership - #30161", not working 100% as expected, raised bug #31150

[mmattel]

Added:
Configurable minimum characters before autocomplete user searches #30798

[PVince81]

Found bug "Public link share name length check is inaccurate": #31157

[IljaN]

Tested: Better label for CORS in settings section - #30663 -> OK!

[IljaN]

Tested: Allow regular users to change their CORS domains - #30649 -> OK!

Tested by setting custom Origin header in curl for ocs requests. If origin matched the whitelisted origin, correct CORS headers are present. CORS-Whitelists are isolated between different users.

[IljaN]

Tested: Adding a system configuration for global CORS domains - #30906 -> OK!

[IljaN]

Tested: Fix CORS OPTIONS request for unauthenticated requests - #30912 -> OK!

OPTIONS with "Access-Control-Request-Method" header returns 200 on un-authenticated ocs-api request.

[PVince81]

Failed Test "Make theming work when theme app is outside the ownCloud root - #30477" and failed, raised #31170

[PVince81]

Added "regression test retention / trashbin expiration" checkbox as the fix of the matching item moves more code around and does more than just fixing the issue.

[IljaN]

Tested: Keep null in getMetaData in Checksum storage wrapper, fixes some files:scan scenarios #30302 -> OK!

Filescan does not crash on unreadable local and ext-storage files.

[IljaN]

Tested: Fixing logout for app password scenario - #30591 -> OK!

No login failed messages in log when logging in with app password.

@voroyam Can you please test app-password login in combination with ldap? No "Login-Failed" Messages should appear in the log.

[IljaN]

Added "test app-pasword login with ldap"

[PVince81]

Missing items and items to add since RC1:

10.0.8 RC2 items

Added

• Added option for user:sync to reenable formerly disabled users - #31124 @jvillafanez - reenable works

• Ability to log extra JSON fields - #31121 @PVince81 - tested with custom app

• Trigger event when logging - #31121 @PVince81 - tested with custom app

• Added Symfony events for configuration changes (config.php and appconfig) - #30788 #30937 #31107 @SergioBertolinSG

• Added Symfony events for updating share attributes (expiration, password, name) - #31120 @SergioBertolinSG

• Added Symfony events for feature change in group admin - #31132 @SergioBertolinSG

Changed

• Set minimum php version to 5.6 in composer.json - #31100 @PVince81 => dev only, no libs were updated, nothing to test

Fixes

• Properly align three button dialogs - #31147 @PVince81 - works
• Many documentation improvements in config.sample.php - #31114 #31127 #31128 #31068 => docs only
• Fix some documentation paths in config.sample.php - #30431 => docs only
• Fix App Framework ApiContoller initialization to fix thumbnail access - #31104 - @SergioBertolinSG Thumbnails not fetched in clients, depending on the auth method #29914 (comment) => fixed in RC3
• Properly trigger file-related Symfony events when chunking - #31087 @PVince81 - works

[IljaN]

Tested: Fix some CSRF issues on Webdav endpoint by only checking for POST method - #30358 -> OK!

PROPFIND via Postman works without CSRF-Token

[patrickjahns]

Testing "Do not log errors when uploading forbidden file format"

❌

Tested with files_antivirus master:

• No more error message is in the logs - but the server replies with a 500
  

Behavior with old antivirus-app:
10.0.8RC3 + files_antivirus from marketplace

10.0.7 + files_antivirus from marketplace

[PVince81]

Tested "Make syslog output configurable, introduce new default that includes the request id ", works

[patrickjahns]

Testing: Added config switch to enable fallback to http scheme when creating fed shares

Receiving side just sees this error message when going via http

[PVince81]

Failed: Files app UI now retries chunk uploads in web UI on stalled uploads, will be reverted: #31185

[PVince81]

Retested "Make theming work when theme app is outside the ownCloud root - #30477", works in RC3

[PVince81]

Notifications items to test

From owncloud/notifications#180

• Allow CORS requests to list notifications - #176 => @DeepDiver1975 ignore, only relevant for Phoenix
• Add support for email notifications - #156 #162 #175 #171 @PVince81 - tested with federated share notification
• Add occ command arguments for link and link text - #172 @PVince81 works
• Fix occ command for group notification - #146 @PVince81 works

[PVince81]

Tested "Properly trigger file-related Symfony events when chunking" with old chunking, new chunking and no chunking: events are triggered

[IljaN]

Tested "Use storage specific move operation for object store - #30817" => OK!

[SergioBertolinSG]

Retested Fix App Framework ApiContoller initialization to fix thumbnail access - #31104 - @SergioBertolinSG #29914 (comment) Not working in RC2, Works in RC3.

[pako81]

Tested "regression test retention / trashbin expiration" - works fine (at least no regression). Need however to clarify what is the expected behavior about the min retention period. Will open a separate issue for that.

[PVince81]

Failed: "Added config switch to enable fallback to http scheme when creating fed shares - #30646", tested by @DeepDiver1975. It seems the code is not triggered / the fix is in the wrong location.

@DeepDiver1975 will fix it. Ticket: #31194

[IljaN]

Tested: Catch session unavailable exception - #30347 #30623 -> OK!

Additional codereview because hard to reproduce, automated tests should be enough

[jvillafanez]

❗️ Confusing behaviour with single user syncing if the user doesn't exists (Ticket opened in #31207 for 10.0.9)

root@3b450a98bad4:/opt/owncloud# sudo -u www-data ./occ user:sync -u miimi "OC\User\Database"
If unknown users are found, what do you want to do with their accounts? (removing the account will also remove its data)
  [0] disable
  [1] remove
  [2] ask later
 > 2
Syncing miimi ...
These accounts that are no longer available in the backend:
miimi, ,  (no longer exists in the backend)
What do you want to do with their accounts? (removing the account will also remove its data)
  [0] disable
  [1] remove
 > 0
Disabling accounts
miimi, ,  (no longer exists in the backend)

From a behavioural point of view, this doesn't look good. Asking first what to do was thought in order to sync a large number of users so you can set the appropiate action before start the syncing. With just one user this seems a bit pointless.
What really bothers me is that we should know at some point that the account doesn't exists. Asking what to do with a missing account is pointless, and then disabling or removing a missing account is misleading.

I'm not sure if there is an easy enough fix for this to include it in 10.0.8. Otherwise we'll likely have to delay the solution for 10.0.9.

[PVince81]

10.0.8 RC4 items to test

• Federation fallback to http config switch: [stable10] Respect sharing.federation.allowHttpFallback in FederatedShareProvider #31196 @patrickjahns to test
• Expiration date missing in link share email: [stable10] Use correct expiration variable for link share mail #31201 @PVince81 - to test 🚫 the date is here but it's always the one from today, not the actual expiration date, fix here [stable10] Fix share email with wrong expiration date #31212 => fixed and works in final
• Prevent background scan to scan homes of users who never logged in - #31189 @PVince81 - works, no more message (I made sure to have loglevel 0)

[patrickjahns]

-> tested "Prevent background scan to scan homes of users who never logged in"
tested during other test -> message not appearing

[patrickjahns]

Tested "Federation fallback to http config switch" -> works as expected

[PVince81]

RC testing is done, thanks a lot everybody for the big effort!

final smoke test here: #31096 (comment)

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.