Commit graph

17932 commits

Author SHA1 Message Date
Álvaro Brey Vilas
05371be6d7
FileContentProvider: prevent injection through Uri arguments
For this, ensure query arguments are used instead of segment concatenation

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-20 17:53:55 +01:00
tobiasKaminsky
72937cf341
FileContentProvider: prevent injection via ContentValues arguments
For this, verify all column names for ContentValues keys. Values are safe by default.

Co-authored-by: Tobias Kaminsky <tobias.kaminsky@nextcloud.com>
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-20 17:40:11 +01:00
Álvaro Brey Vilas
87e859858b
SettingsActivityIT: fix showMnemonic running on wrong thread
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-20 15:24:21 +01:00
Tobias Kaminsky
7fba2042dc
Merge pull request #9589 from nextcloud/setupLibInfo
Adjust instruction how to link library in app
2021-12-20 10:51:35 +01:00
tobiasKaminsky
0680c105b5
Adjust instruction how to link library in app
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
2021-12-20 10:47:09 +01:00
Nextcloud bot
4183ee59f8
[tx-robot] updated from transifex
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-20 03:56:38 +00:00
Nextcloud bot
14a6324c05
[tx-robot] updated from transifex
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-19 03:59:20 +00:00
Nextcloud bot
26f80ddcbf
[tx-robot] updated from transifex
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-18 03:53:54 +00:00
Álvaro Brey Vilas
37dfb5eb2c
Player: don't try to pause a non-running media player
Fixes an issue triggered by pausing, and then minimizing and coming back to the app.

Right now state is still lost (file returns to the beginning) but as a stopgap it's OK.
In the future, the state machine and how it interacts with the fragment should be reworked.

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-17 16:22:39 +01:00
dependabot[bot]
b3fa1e3262
Bump ical4j from 1.0.6 to 1.0.8
Bumps [ical4j](https://github.com/ical4j/ical4j) from 1.0.6 to 1.0.8.
- [Release notes](https://github.com/ical4j/ical4j/releases)
- [Changelog](https://github.com/ical4j/ical4j/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ical4j/ical4j/compare/ical4j-1.0.6...ical4j-1.0.8)

---
updated-dependencies:
- dependency-name: org.mnode.ical4j:ical4j
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-17 02:05:30 +00:00
Andy Scherzinger
b4ecf2c9cc
Merge pull request #9546 from nextcloud/update-AGP
Bump Android Gradle Plugin to 7.0.4
2021-12-16 17:02:16 +01:00
Álvaro Brey Vilas
b1aa3dcdaf
Centralize creation of ACTION_SEND intents and explicitly grant READ_URI permission to them
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-16 15:22:16 +01:00
Álvaro Brey
3de9432651
Merge pull request #9534 from gabmert/naming-conflicts
Change naming in conflicts to location instead of date
2021-12-16 09:35:43 +01:00
Álvaro Brey
51d632b0ad
Merge pull request #9568 from nextcloud/dependabot/gradle/byteBuddyVersion-1.12.4
Bump byteBuddyVersion from 1.12.3 to 1.12.4
2021-12-16 08:54:24 +01:00
Nextcloud bot
d3db0af0f5
[tx-robot] updated from transifex
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2021-12-16 03:53:43 +00:00
dependabot[bot]
38a2449f5c
Bump byteBuddyVersion from 1.12.3 to 1.12.4
Bumps `byteBuddyVersion` from 1.12.3 to 1.12.4.

Updates `byte-buddy` from 1.12.3 to 1.12.4
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.3...byte-buddy-1.12.4)

Updates `byte-buddy-android` from 1.12.3 to 1.12.4
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.3...byte-buddy-1.12.4)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: net.bytebuddy:byte-buddy-android
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-16 02:07:04 +00:00
gabriel
5500585c1a naming in conflicts by location instead of date
Signed-off-by: gabriel <74419649+gabmert@users.noreply.github.com>
2021-12-15 23:13:42 +01:00
Álvaro Brey
b6a2e6d8f1
Merge pull request #9567 from nextcloud/dependabot/gradle/org.greenrobot-eventbus-3.3.1
Bump eventbus from 3.2.0 to 3.3.1
2021-12-15 20:09:31 +01:00
Álvaro Brey
10a7570cc2
Merge pull request #9565 from nextcloud/dependabot/gradle/org.json-json-20211205
Bump json from 20210307 to 20211205
2021-12-15 20:09:06 +01:00
Álvaro Brey
e939a6f015
Merge pull request #9564 from nextcloud/dependabot/gradle/kotlin_version-1.6.10
Bump kotlin_version from 1.6.0 to 1.6.10
2021-12-15 20:08:26 +01:00
Álvaro Brey
6fc583b4cd
Merge pull request #9362 from nextcloud/dependabot/gradle/workRuntime-2.7.1
Bump workRuntime from 2.5.0 to 2.7.1
2021-12-15 19:49:17 +01:00
Álvaro Brey
369f62fc92
Merge pull request #9162 from nextcloud/dependabot/gradle/androidx.lifecycle-lifecycle-viewmodel-ktx-2.4.0
Bump lifecycle-viewmodel-ktx from 2.3.1 to 2.4.0
2021-12-15 19:23:03 +01:00
Álvaro Brey Vilas
be5cdc4169
dependabot: Disable autorebase
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 19:18:29 +01:00
dependabot[bot]
b70ebdb68f
Bump kotlin_version from 1.6.0 to 1.6.10
Bumps `kotlin_version` from 1.6.0 to 1.6.10.

Updates `kotlin-gradle-plugin` from 1.6.0 to 1.6.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.6.10/ChangeLog.md)
- [Commits](https://github.com/JetBrains/kotlin/compare/v1.6.0...v1.6.10)

Updates `kotlin-stdlib` from 1.6.0 to 1.6.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/v1.6.10/ChangeLog.md)
- [Commits](https://github.com/JetBrains/kotlin/compare/v1.6.0...v1.6.10)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlin:kotlin-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.jetbrains.kotlin:kotlin-stdlib
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 18:16:42 +00:00
Álvaro Brey
f517ae1e05
Merge pull request #9563 from nextcloud/dependabot/gradle/com.pinterest-ktlint-0.43.2
Bump ktlint from 0.43.1 to 0.43.2
2021-12-15 19:16:15 +01:00
Álvaro Brey
e6208b45c7
Merge pull request #9562 from nextcloud/dependabot/gradle/com.github.spotbugs.snom-spotbugs-gradle-plugin-5.0.3
Bump spotbugs-gradle-plugin from 4.8.0 to 5.0.3
2021-12-15 19:15:46 +01:00
Álvaro Brey
d5e84caf2b
Merge pull request #9357 from nextcloud/dependabot/gradle/mockitoVersion-4.1.0
Bump mockitoVersion from 3.12.4 to 4.1.0
2021-12-15 19:04:49 +01:00
dependabot[bot]
e06f15f887
Bump eventbus from 3.2.0 to 3.3.1
Bumps [eventbus](https://github.com/greenrobot/EventBus) from 3.2.0 to 3.3.1.
- [Release notes](https://github.com/greenrobot/EventBus/releases)
- [Commits](https://github.com/greenrobot/EventBus/compare/V3.2.0...V3.3.1)

---
updated-dependencies:
- dependency-name: org.greenrobot:eventbus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 18:04:25 +00:00
dependabot[bot]
b59195ca8d
Bump spotbugs-gradle-plugin from 4.8.0 to 5.0.3
Bumps [spotbugs-gradle-plugin](https://github.com/spotbugs/spotbugs-gradle-plugin) from 4.8.0 to 5.0.3.
- [Release notes](https://github.com/spotbugs/spotbugs-gradle-plugin/releases)
- [Commits](https://github.com/spotbugs/spotbugs-gradle-plugin/compare/4.8.0...5.0.3)

---
updated-dependencies:
- dependency-name: com.github.spotbugs.snom:spotbugs-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 18:03:59 +00:00
Álvaro Brey
d394743aee
Merge pull request #9561 from nextcloud/dependabot/gradle/daggerVersion-2.40.5
Bump daggerVersion from 2.40.4 to 2.40.5
2021-12-15 19:03:33 +01:00
Álvaro Brey
cfe72adae0
Merge pull request #9299 from nextcloud/dependabot/gradle/androidx.appcompat-appcompat-1.4.0
Bump appcompat from 1.3.1 to 1.4.0
2021-12-15 19:03:16 +01:00
Álvaro Brey Vilas
8a445be869
Manifest: update code to disable WorkManagerInitializer
See: https://developer.android.com/jetpack/androidx/releases/work#version_260_3

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 19:01:36 +01:00
dependabot[bot]
8a2c1bf253
Bump json from 20210307 to 20211205
Bumps [json](https://github.com/douglascrockford/JSON-java) from 20210307 to 20211205.
- [Release notes](https://github.com/douglascrockford/JSON-java/releases)
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md)
- [Commits](https://github.com/douglascrockford/JSON-java/commits)

---
updated-dependencies:
- dependency-name: org.json:json
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:52:15 +00:00
dependabot[bot]
15d42369cb
Bump workRuntime from 2.5.0 to 2.7.1
Bumps `workRuntime` from 2.5.0 to 2.7.1.

Updates `work-runtime` from 2.5.0 to 2.7.1

Updates `work-runtime-ktx` from 2.5.0 to 2.7.1

---
updated-dependencies:
- dependency-name: androidx.work:work-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: androidx.work:work-runtime-ktx
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:51:54 +00:00
Álvaro Brey
b1ea6c9bc6
Merge pull request #9361 from nextcloud/dependabot/gradle/androidx.fragment-fragment-ktx-1.4.0
Bump fragment-ktx from 1.3.6 to 1.4.0
2021-12-15 18:51:22 +01:00
Álvaro Brey Vilas
3775e13b5c
Increase lint due to dependencies
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 18:50:46 +01:00
dependabot[bot]
1b7516c203
Bump ktlint from 0.43.1 to 0.43.2
Bumps [ktlint](https://github.com/pinterest/ktlint) from 0.43.1 to 0.43.2.
- [Release notes](https://github.com/pinterest/ktlint/releases)
- [Changelog](https://github.com/pinterest/ktlint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pinterest/ktlint/commits/0.43.2)

---
updated-dependencies:
- dependency-name: com.pinterest:ktlint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:46:31 +00:00
Álvaro Brey
93bf180a35
Merge pull request #8442 from nextcloud/dependabot/gradle/com.github.tobiaskaminsky-qrcodescanner-0.1.2.4
Bump qrcodescanner from 0.1.2.2 to 0.1.2.4
2021-12-15 18:46:05 +01:00
Álvaro Brey Vilas
14fbc2ab78
ViewModelFactory: fix compile errors for viewmodel-ktx changes
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 18:45:06 +01:00
Álvaro Brey Vilas
f5132af345
Fix mockito imports
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 16:08:36 +01:00
dependabot[bot]
aa6ff667cb
Bump mockitoVersion from 3.12.4 to 4.1.0
Bumps `mockitoVersion` from 3.12.4 to 4.1.0.

Updates `mockito-core` from 3.12.4 to 4.1.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v3.12.4...v4.1.0)

Updates `mockito-android` from 3.12.4 to 4.1.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v3.12.4...v4.1.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-android
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 16:02:17 +01:00
dependabot[bot]
2cf0d5dd76
Bump daggerVersion from 2.40.4 to 2.40.5
Bumps `daggerVersion` from 2.40.4 to 2.40.5.

Updates `dagger` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5)

Updates `dagger-android` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5)

Updates `dagger-android-support` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5)

Updates `dagger-compiler` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5)

Updates `dagger-android-processor` from 2.40.4 to 2.40.5
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.40.4...dagger-2.40.5)

---
updated-dependencies:
- dependency-name: com.google.dagger:dagger
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-android
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-android-support
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.google.dagger:dagger-android-processor
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 15:01:48 +00:00
Álvaro Brey
0a977fbc5e
Merge pull request #9429 from nextcloud/dependabot/gradle/org.bouncycastle-bcpkix-jdk15to18-1.70
Bump bcpkix-jdk15to18 from 1.69 to 1.70
2021-12-15 16:00:53 +01:00
Álvaro Brey
a256c210ce
Merge pull request #9438 from nextcloud/dependabot/gradle/byteBuddyVersion-1.12.3
Bump byteBuddyVersion from 1.12.2 to 1.12.3
2021-12-15 15:59:54 +01:00
Álvaro Brey
eab83a06e6
Merge pull request #9437 from nextcloud/dependabot/gradle/daggerVersion-2.40.4
Bump daggerVersion from 2.40.3 to 2.40.4
2021-12-15 15:58:57 +01:00
dependabot[bot]
56230f3163
Bump fragment-ktx from 1.3.6 to 1.4.0
Bumps fragment-ktx from 1.3.6 to 1.4.0.

---
updated-dependencies:
- dependency-name: androidx.fragment:fragment-ktx
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:57:51 +00:00
dependabot[bot]
0f23147e36
Bump appcompat from 1.3.1 to 1.4.0
Bumps appcompat from 1.3.1 to 1.4.0.

---
updated-dependencies:
- dependency-name: androidx.appcompat:appcompat
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:56:31 +00:00
dependabot[bot]
8cb866a474
Bump lifecycle-viewmodel-ktx from 2.3.1 to 2.4.0
Bumps lifecycle-viewmodel-ktx from 2.3.1 to 2.4.0.

---
updated-dependencies:
- dependency-name: androidx.lifecycle:lifecycle-viewmodel-ktx
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:56:01 +00:00
dependabot[bot]
bd0caf15ea
Bump qrcodescanner from 0.1.2.2 to 0.1.2.4
Bumps [qrcodescanner](https://github.com/tobiasKaminsky/QRCodeScanner) from 0.1.2.2 to 0.1.2.4.
- [Release notes](https://github.com/tobiasKaminsky/QRCodeScanner/releases)
- [Commits](https://github.com/tobiasKaminsky/QRCodeScanner/compare/0.1.2.2...0.1.2.4)

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 14:55:43 +00:00
Álvaro Brey Vilas
edb1e9c369
fastlane: Check some basic requirements before starting release phase 2
This prevents late crashes in some instances.

Of course, we should technically have a more structured way of handling dependencies, but this
is a simple improvement for now.

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2021-12-15 15:40:14 +01:00