Álvaro Brey Vilas
05371be6d7
FileContentProvider: prevent injection through Uri arguments
...
For this, ensure query arguments are used instead of segment concatenation
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-20 17:53:55 +01:00
tobiasKaminsky
72937cf341
FileContentProvider: prevent injection via ContentValues arguments
...
For this, verify all column names for ContentValues keys. Values are safe by default.
Co-authored-by: Tobias Kaminsky <tobias.kaminsky@nextcloud.com>
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-20 17:40:11 +01:00
Álvaro Brey Vilas
87e859858b
SettingsActivityIT: fix showMnemonic running on wrong thread
...
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-20 15:24:21 +01:00
Tobias Kaminsky
7fba2042dc
Merge pull request #9589 from nextcloud/setupLibInfo
...
Adjust instruction how to link library in app
2021-12-20 10:51:35 +01:00
tobiasKaminsky
0680c105b5
Adjust instruction how to link library in app
...
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
2021-12-20 10:47:09 +01:00
Nextcloud bot
4183ee59f8
[tx-robot] updated from transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-20 03:56:38 +00:00
Nextcloud bot
14a6324c05
[tx-robot] updated from transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-19 03:59:20 +00:00
Nextcloud bot
26f80ddcbf
[tx-robot] updated from transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-18 03:53:54 +00:00
Álvaro Brey Vilas
37dfb5eb2c
Player: don't try to pause a non-running media player
...
Fixes an issue triggered by pausing, and then minimizing and coming back to the app.
Right now state is still lost (file returns to the beginning) but as a stopgap it's OK.
In the future, the state machine and how it interacts with the fragment should be reworked.
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-17 16:22:39 +01:00
dependabot[bot]
b3fa1e3262
Bump ical4j from 1.0.6 to 1.0.8
...
Bumps [ical4j](https://github.com/ical4j/ical4j ) from 1.0.6 to 1.0.8.
- [Release notes](https://github.com/ical4j/ical4j/releases )
- [Changelog](https://github.com/ical4j/ical4j/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ical4j/ical4j/compare/ical4j-1.0.6...ical4j-1.0.8 )
---
updated-dependencies:
- dependency-name: org.mnode.ical4j:ical4j
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-17 02:05:30 +00:00
Andy Scherzinger
b4ecf2c9cc
Merge pull request #9546 from nextcloud/update-AGP
...
Bump Android Gradle Plugin to 7.0.4
2021-12-16 17:02:16 +01:00
Álvaro Brey Vilas
b1aa3dcdaf
Centralize creation of ACTION_SEND intents and explicitly grant READ_URI permission to them
...
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-16 15:22:16 +01:00
Álvaro Brey
3de9432651
Merge pull request #9534 from gabmert/naming-conflicts
...
Change naming in conflicts to location instead of date
2021-12-16 09:35:43 +01:00
Álvaro Brey
51d632b0ad
Merge pull request #9568 from nextcloud/dependabot/gradle/byteBuddyVersion-1.12.4
...
Bump byteBuddyVersion from 1.12.3 to 1.12.4
2021-12-16 08:54:24 +01:00
Nextcloud bot
d3db0af0f5
[tx-robot] updated from transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-16 03:53:43 +00:00
dependabot[bot]
38a2449f5c
Bump byteBuddyVersion from 1.12.3 to 1.12.4
...
Bumps `byteBuddyVersion` from 1.12.3 to 1.12.4.
Updates `byte-buddy` from 1.12.3 to 1.12.4
- [Release notes](https://github.com/raphw/byte-buddy/releases )
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md )
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.3...byte-buddy-1.12.4 )
Updates `byte-buddy-android` from 1.12.3 to 1.12.4
- [Release notes](https://github.com/raphw/byte-buddy/releases )
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md )
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.3...byte-buddy-1.12.4 )
---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: net.bytebuddy:byte-buddy-android
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-16 02:07:04 +00:00
gabriel
5500585c1a
naming in conflicts by location instead of date
...
Signed-off-by: gabriel <74419649+gabmert@users.noreply.github.com>
2021-12-15 23:13:42 +01:00
Álvaro Brey
b6a2e6d8f1
Merge pull request #9567 from nextcloud/dependabot/gradle/org.greenrobot-eventbus-3.3.1
...
Bump eventbus from 3.2.0 to 3.3.1
2021-12-15 20:09:31 +01:00
Álvaro Brey
10a7570cc2
Merge pull request #9565 from nextcloud/dependabot/gradle/org.json-json-20211205
...
Bump json from 20210307 to 20211205
2021-12-15 20:09:06 +01:00
Álvaro Brey
e939a6f015
Merge pull request #9564 from nextcloud/dependabot/gradle/kotlin_version-1.6.10
...
Bump kotlin_version from 1.6.0 to 1.6.10
2021-12-15 20:08:26 +01:00
Álvaro Brey
6fc583b4cd
Merge pull request #9362 from nextcloud/dependabot/gradle/workRuntime-2.7.1
...
Bump workRuntime from 2.5.0 to 2.7.1
2021-12-15 19:49:17 +01:00
Álvaro Brey
369f62fc92
Merge pull request #9162 from nextcloud/dependabot/gradle/androidx.lifecycle-lifecycle-viewmodel-ktx-2.4.0
...
Bump lifecycle-viewmodel-ktx from 2.3.1 to 2.4.0
2021-12-15 19:23:03 +01:00
Álvaro Brey Vilas
be5cdc4169
dependabot: Disable autorebase
...
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 19:18:29 +01:00
dependabot[bot]
b70ebdb68f
Bump kotlin_version from 1.6.0 to 1.6.10
...
Bumps `kotlin_version` from 1.6.0 to 1.6.10.
Updates `kotlin-gradle-plugin` from 1.6.0 to 1.6.10
- [Release notes](https://github.com/JetBrains/kotlin/releases )
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.6.10/ChangeLog.md )
- [Commits](https://github.com/JetBrains/kotlin/compare/v1.6.0...v1.6.10 )
Updates `kotlin-stdlib` from 1.6.0 to 1.6.10
- [Release notes](https://github.com/JetBrains/kotlin/releases )
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.6.10/ChangeLog.md )
- [Commits](https://github.com/JetBrains/kotlin/compare/v1.6.0...v1.6.10 )
---
updated-dependencies:
- dependency-name: org.jetbrains.kotlin:kotlin-gradle-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.jetbrains.kotlin:kotlin-stdlib
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 18:16:42 +00:00
Álvaro Brey
f517ae1e05
Merge pull request #9563 from nextcloud/dependabot/gradle/com.pinterest-ktlint-0.43.2
...
Bump ktlint from 0.43.1 to 0.43.2
2021-12-15 19:16:15 +01:00
Álvaro Brey
e6208b45c7
Merge pull request #9562 from nextcloud/dependabot/gradle/com.github.spotbugs.snom-spotbugs-gradle-plugin-5.0.3
...
Bump spotbugs-gradle-plugin from 4.8.0 to 5.0.3
2021-12-15 19:15:46 +01:00
Álvaro Brey
d5e84caf2b
Merge pull request #9357 from nextcloud/dependabot/gradle/mockitoVersion-4.1.0
...
Bump mockitoVersion from 3.12.4 to 4.1.0
2021-12-15 19:04:49 +01:00
dependabot[bot]
e06f15f887
Bump eventbus from 3.2.0 to 3.3.1
...
Bumps [eventbus](https://github.com/greenrobot/EventBus ) from 3.2.0 to 3.3.1.
- [Release notes](https://github.com/greenrobot/EventBus/releases )
- [Commits](https://github.com/greenrobot/EventBus/compare/V3.2.0...V3.3.1 )
---
updated-dependencies:
- dependency-name: org.greenrobot:eventbus
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 18:04:25 +00:00
dependabot[bot]
b59195ca8d
Bump spotbugs-gradle-plugin from 4.8.0 to 5.0.3
...
Bumps [spotbugs-gradle-plugin](https://github.com/spotbugs/spotbugs-gradle-plugin ) from 4.8.0 to 5.0.3.
- [Release notes](https://github.com/spotbugs/spotbugs-gradle-plugin/releases )
- [Commits](https://github.com/spotbugs/spotbugs-gradle-plugin/compare/4.8.0...5.0.3 )
---
updated-dependencies:
- dependency-name: com.github.spotbugs.snom:spotbugs-gradle-plugin
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 18:03:59 +00:00
Álvaro Brey
d394743aee
Merge pull request #9561 from nextcloud/dependabot/gradle/daggerVersion-2.40.5
...
Bump daggerVersion from 2.40.4 to 2.40.5
2021-12-15 19:03:33 +01:00
Álvaro Brey
cfe72adae0
Merge pull request #9299 from nextcloud/dependabot/gradle/androidx.appcompat-appcompat-1.4.0
...
Bump appcompat from 1.3.1 to 1.4.0
2021-12-15 19:03:16 +01:00
Álvaro Brey Vilas
8a445be869
Manifest: update code to disable WorkManagerInitializer
...
See: https://developer.android.com/jetpack/androidx/releases/work#version_260_3
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 19:01:36 +01:00
dependabot[bot]
8a2c1bf253
Bump json from 20210307 to 20211205
...
Bumps [json](https://github.com/douglascrockford/JSON-java ) from 20210307 to 20211205.
- [Release notes](https://github.com/douglascrockford/JSON-java/releases )
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md )
- [Commits](https://github.com/douglascrockford/JSON-java/commits )
---
updated-dependencies:
- dependency-name: org.json:json
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:52:15 +00:00
dependabot[bot]
15d42369cb
Bump workRuntime from 2.5.0 to 2.7.1
...
Bumps `workRuntime` from 2.5.0 to 2.7.1.
Updates `work-runtime` from 2.5.0 to 2.7.1
Updates `work-runtime-ktx` from 2.5.0 to 2.7.1
---
updated-dependencies:
- dependency-name: androidx.work:work-runtime
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: androidx.work:work-runtime-ktx
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:51:54 +00:00
Álvaro Brey
b1ea6c9bc6
Merge pull request #9361 from nextcloud/dependabot/gradle/androidx.fragment-fragment-ktx-1.4.0
...
Bump fragment-ktx from 1.3.6 to 1.4.0
2021-12-15 18:51:22 +01:00
Álvaro Brey Vilas
3775e13b5c
Increase lint due to dependencies
...
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 18:50:46 +01:00
dependabot[bot]
1b7516c203
Bump ktlint from 0.43.1 to 0.43.2
...
Bumps [ktlint](https://github.com/pinterest/ktlint ) from 0.43.1 to 0.43.2.
- [Release notes](https://github.com/pinterest/ktlint/releases )
- [Changelog](https://github.com/pinterest/ktlint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/pinterest/ktlint/commits/0.43.2 )
---
updated-dependencies:
- dependency-name: com.pinterest:ktlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:46:31 +00:00
Álvaro Brey
93bf180a35
Merge pull request #8442 from nextcloud/dependabot/gradle/com.github.tobiaskaminsky-qrcodescanner-0.1.2.4
...
Bump qrcodescanner from 0.1.2.2 to 0.1.2.4
2021-12-15 18:46:05 +01:00
Álvaro Brey Vilas
14fbc2ab78
ViewModelFactory: fix compile errors for viewmodel-ktx changes
...
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 18:45:06 +01:00
Álvaro Brey Vilas
f5132af345
Fix mockito imports
...
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 16:08:36 +01:00
dependabot[bot]
aa6ff667cb
Bump mockitoVersion from 3.12.4 to 4.1.0
...
Bumps `mockitoVersion` from 3.12.4 to 4.1.0.
Updates `mockito-core` from 3.12.4 to 4.1.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v3.12.4...v4.1.0 )
Updates `mockito-android` from 3.12.4 to 4.1.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v3.12.4...v4.1.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-android
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 16:02:17 +01:00
dependabot[bot]
2cf0d5dd76
Bump daggerVersion from 2.40.4 to 2.40.5
...
Bumps `daggerVersion` from 2.40.4 to 2.40.5.
Updates `dagger` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5 )
Updates `dagger-android` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5 )
Updates `dagger-android-support` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5 )
Updates `dagger-compiler` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5 )
Updates `dagger-android-processor` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5 )
---
updated-dependencies:
- dependency-name: com.google.dagger:dagger
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-android
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-android-support
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-compiler
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-android-processor
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 15:01:48 +00:00
Álvaro Brey
0a977fbc5e
Merge pull request #9429 from nextcloud/dependabot/gradle/org.bouncycastle-bcpkix-jdk15to18-1.70
...
Bump bcpkix-jdk15to18 from 1.69 to 1.70
2021-12-15 16:00:53 +01:00
Álvaro Brey
a256c210ce
Merge pull request #9438 from nextcloud/dependabot/gradle/byteBuddyVersion-1.12.3
...
Bump byteBuddyVersion from 1.12.2 to 1.12.3
2021-12-15 15:59:54 +01:00
Álvaro Brey
eab83a06e6
Merge pull request #9437 from nextcloud/dependabot/gradle/daggerVersion-2.40.4
...
Bump daggerVersion from 2.40.3 to 2.40.4
2021-12-15 15:58:57 +01:00
dependabot[bot]
56230f3163
Bump fragment-ktx from 1.3.6 to 1.4.0
...
Bumps fragment-ktx from 1.3.6 to 1.4.0.
---
updated-dependencies:
- dependency-name: androidx.fragment:fragment-ktx
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:57:51 +00:00
dependabot[bot]
0f23147e36
Bump appcompat from 1.3.1 to 1.4.0
...
Bumps appcompat from 1.3.1 to 1.4.0.
---
updated-dependencies:
- dependency-name: androidx.appcompat:appcompat
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:56:31 +00:00
dependabot[bot]
8cb866a474
Bump lifecycle-viewmodel-ktx from 2.3.1 to 2.4.0
...
Bumps lifecycle-viewmodel-ktx from 2.3.1 to 2.4.0.
---
updated-dependencies:
- dependency-name: androidx.lifecycle:lifecycle-viewmodel-ktx
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:56:01 +00:00
dependabot[bot]
bd0caf15ea
Bump qrcodescanner from 0.1.2.2 to 0.1.2.4
...
Bumps [qrcodescanner](https://github.com/tobiasKaminsky/QRCodeScanner ) from 0.1.2.2 to 0.1.2.4.
- [Release notes](https://github.com/tobiasKaminsky/QRCodeScanner/releases )
- [Commits](https://github.com/tobiasKaminsky/QRCodeScanner/compare/0.1.2.2...0.1.2.4 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:55:43 +00:00
Álvaro Brey Vilas
edb1e9c369
fastlane: Check some basic requirements before starting release phase 2
...
This prevents late crashes in some instances.
Of course, we should technically have a more structured way of handling dependencies, but this
is a simple improvement for now.
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 15:40:14 +01:00