add docs for useJsNonce

Fix single "ScopeContext" passed to "setScopes"

Merge pull request #19987 from nextcloud/bugfix/noid/disable-storage-stats-without-session_keepalive

Only do regular polling of storage statistics if session_keepalive is enabled

Default value of lookupServerEnabled should be the same everywhere

Signed-off-by: Georg Ehrke <developer@georgehrke.com>

Hide card for apps store if disabled

"setScopes" expects an array, but a single "ScopeContext" was being
passed instead.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>

Bump sinon from 9.0.0 to 9.0.1

Bump vuex from 3.1.2 to 3.1.3

Signed-off-by: Pavel Krasikov <klonishe@gmail.com>

Bumps [vuex](https://github.com/vuejs/vuex) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/vuejs/vuex/releases)
- [Commits](https://github.com/vuejs/vuex/compare/v3.1.2...v3.1.3

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>

fix safari useragent for versions with 3 digits

Bump jsdom from 16.2.0 to 16.2.1

Bumps [jsdom](https://github.com/jsdom/jsdom) from 16.2.0 to 16.2.1.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/16.2.0...16.2.1

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [sinon](https://github.com/sinonjs/sinon) from 9.0.0 to 9.0.1.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v9.0.0...v9.0.1

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Signed-off-by: Pavel Krasikov <klonishe@gmail.com>

[Security] Bump acorn from 6.3.0 to 6.4.1

properly set 'hide_download' as integer

Bumps [acorn](https://github.com/acornjs/acorn) from 6.3.0 to 6.4.1. **This update includes a security fix.**
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/6.3.0...6.4.1

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

fix external storage controller tests

the database field is a smallint, not a boolean.

fixes postgresql tests

Signed-off-by: Robin Appelman <robin@icewind.nl>

Don't allow anchors and queries in remote urls

Signed-off-by: Robin Appelman <robin@icewind.nl>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Use placeholder values for password fields in external storage webui

Do not use the instance name as user part of from mail addresses

Properly respect hide download on sharebymail

fixes #19484

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Get correct mimetype on objectstores

Merge pull request #19899 from nextcloud/force-compatible-eventdispatcher-version-in-integration-tests

Force compatible EventDispatcher version in integration tests

This prevents the password from being sent to the webui.

While an admin will always be able to retrieve the passwords (as they
can do arbitrairy code execution by design) this prevents casual
password snooping

Signed-off-by: Robin Appelman <robin@icewind.nl>

This will cause issues since the theming name can contain characters
that are not allowed in the local part of the mail address (like spaces)

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Joas Schilling <coding@schilljs.com>