Should remove a bunch of false positive code scanning results.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Auto-wire as much as possible in the encryption app

Add Psalm Security Analysis

Also cleans up only non-classname services in the server container

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

This adds the Psalm Security Analysis, as described at
https://psalm.dev/docs/security_analysis/

It also adds a plugin for adding input into AppFramework.

The results can be viewed in the GitHub Security tab at
https://github.com/nextcloud/server/security/code-scanning

**Q&A:**

Q: Why do you not use the shipped Psalm version?
A: I do a lot of changes to the Psalm Taint behaviour. Using released
versions is not gonna get us the results we want.

Q: How do I improve false positives?
A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/

Q: How do I add custom sources?
A: https://psalm.dev/docs/security_analysis/custom_taint_sources/



Q: We should run this on apps!
A: Yes.

Q: What will change in Psalm?
A: Quite some of the PHP core functions are not yet marked to propagate
the taint. This leads to results where the taint flow is lost. That's
something that I am currently working on.

Q: Why is the plugin MIT licensed?
A: Because its the first of its kind (based on GitHub Code Search) and
I want other people to copy it if they want to. Security is for all :)

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Simple typo in comments

Update ScanLegacyFormat.php

Also lint php8

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Revert "Revert "Installation goes brrrr""

Harden EncryptionLegacyCipher a bit

Require libxml in composer

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Fixed a small typo on line 99.

Bump vimeo/psalm from 4.1.1 to 4.2.0

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Bumps [vimeo/psalm](https://github.com/vimeo/psalm) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/vimeo/psalm/releases)
- [Commits](https://github.com/vimeo/psalm/compare/4.1.1...4.2.0

)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

[Automated] Update psalm-baseline.xml

Signed-off-by: GitHub <noreply@github.com>

Make the expire shares cron job actually expire the shares

Use regex when searching on single file shares

Fix setting images through occ for theming

allow selecting multiple columns with SELECT DISTINCT

Only check path for being accessible when the storage is a object home

Allow lazy app registration

Only attempt to move to trash if a file is not in appdata

Fix DataResponse typehints

We use this already in several places where we just pass strings or
numbers.
This all works because we just convert it to a json response in the end.
So better to have the typehints reflect this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Right now we just delete the shares from the DB. Which is efficient
sure. But doesn't trigger any real cleanup. So no Admin audit entries or
any other post processing is done.

This makes sure we really trigger this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Merge pull request #24135 from medical-cloud/fix/23357-nextcloud-logo-in-email-notifications-is-misaligned-in-version-20

Fix nextcloud logo in email notifications misalignment 

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

missing level in ScopedPsrLogger

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: medcloud <42641918+medcloud@users.noreply.github.com>

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

Set frame-ancestors to none if none are filled