increase to v13.1.0

Signed-off-by: Simon L. <szaimen@e.mail.de>

.editorconfig

@@ -0,0 +1,20 @@
+# https://editorconfig.org
+
+# Tip: to find files violating the rules set out here, run `docker run --rm --volume=$PWD:/check mstruebing/editorconfig-checker`
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 4
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.yaml]
+indent_size = 2
+
+
+[*.yml]
+indent_size = 2

Containers/mastercontainer/Dockerfile

@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Docker CLI is a requirement
-FROM docker:29.5.0-cli AS docker
+FROM docker:29.5.2-cli AS docker
 
 ARG CADDY_REMOTE_HOST_HASH=e80a9931765a8dbcbb47db415863387f0df0e1b3
 

Containers/mastercontainer/supervisord.conf

@@ -54,7 +54,7 @@ stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
 command=/session-deduplicator.sh
-user=root
+user=www-data
 
 [program:domain-validator]
 # Logging is disabled as otherwise all attempts will be logged which spams the logs

Containers/nextcloud/config/server.config.php

@@ -1,4 +1,4 @@
 <?php
 $CONFIG = array (
-  'serverid' => crc32(gethostname()) % 512,
+  'serverid' => hexdec(hash('xxh32', gethostname())) & 0x1FF,
 );

Containers/notify-push/start.sh

@@ -42,6 +42,15 @@ if ! [ -f /var/www/html/custom_apps/notify_push/bin/"$CPU_ARCH"/notify_push ] &&
     exit 1
 fi
 
+# Logic for ipv6 disabled servers
+BIND="::"
+if grep -q "1" /sys/module/ipv6/parameters/disable \
+|| grep -q "1" /proc/sys/net/ipv6/conf/all/disable_ipv6 \
+|| grep -q "1" /proc/sys/net/ipv6/conf/default/disable_ipv6; then
+    BIND="0.0.0.0"
+fi
+export BIND
+
 echo "notify-push was started"
 
 

Containers/talk/Dockerfile

@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM nats:2.14.0-scratch AS nats
+FROM nats:2.14.1-scratch AS nats
 FROM eturnal/eturnal:1.12.2-alpine AS eturnal
 FROM strukturag/nextcloud-spreed-signaling:2.1.1 AS signaling
 FROM alpine:3.23.4 AS janus

app/.editorconfig

@@ -1,19 +1,12 @@
 # https://editorconfig.org
 
+# note: the files in ./composer actually use 4 spaces instead of tabs
+
 root = true
 
 [*]
 charset = utf-8
 end_of_line = lf
-indent_size = 4
 indent_style = tab
 insert_final_newline = true
 trim_trailing_whitespace = true
-
-[*.feature]
-indent_size = 2
-indent_style = space
-
-[*.yml]
-indent_size = 2
-indent_style = space

app/readme.md

@@ -1,7 +1,10 @@
+# AIO app for Nextcloud
+
+This folder contains a Nextcloud app, which will be automatically installed within the Nextcloud instance.
+It adds a link to the admin settings page that gives access to the AIO interface.
+
 ## How to develop the app?
 
-Please note that in order to check if an app is already downloaded
-Nextcloud will look for a folder with the same name as the app.
+Please note that in order to check if an app is already downloaded Nextcloud will look for a folder with the same name as the app.
 
-Therefore you need to add the app to one of the app directories
-naming the directory `nextcloud-aio`.
+Therefore you need to add the app to one of the app directories naming the directory `nextcloud-aio`.

php/composer.lock

@@ -64,16 +64,16 @@
         },
         {
             "name": "guzzlehttp/guzzle",
-            "version": "7.10.0",
+            "version": "7.10.3",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/guzzle.git",
-                "reference": "b51ac707cfa420b7bfd4e4d5e510ba8008e822b4"
+                "reference": "47ba23c7a55247e2e1b7407aca90e9bbed0d9d86"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/b51ac707cfa420b7bfd4e4d5e510ba8008e822b4",
-                "reference": "b51ac707cfa420b7bfd4e4d5e510ba8008e822b4",
+                "url": "https://api.github.com/repos/guzzle/guzzle/zipball/47ba23c7a55247e2e1b7407aca90e9bbed0d9d86",
+                "reference": "47ba23c7a55247e2e1b7407aca90e9bbed0d9d86",
                 "shasum": ""
             },
             "require": {
@@ -91,8 +91,9 @@
                 "bamarni/composer-bin-plugin": "^1.8.2",
                 "ext-curl": "*",
                 "guzzle/client-integration-tests": "3.0.2",
+                "guzzlehttp/test-server": "^0.3.2",
                 "php-http/message-factory": "^1.1",
-                "phpunit/phpunit": "^8.5.39 || ^9.6.20",
+                "phpunit/phpunit": "^8.5.52 || ^9.6.34",
                 "psr/log": "^1.1 || ^2.0 || ^3.0"
             },
             "suggest": {
@@ -170,7 +171,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/guzzle/issues",
-                "source": "https://github.com/guzzle/guzzle/tree/7.10.0"
+                "source": "https://github.com/guzzle/guzzle/tree/7.10.3"
             },
             "funding": [
                 {
@@ -186,20 +187,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2025-08-23T22:36:01+00:00"
+            "time": "2026-05-20T22:59:19+00:00"
         },
         {
             "name": "guzzlehttp/promises",
-            "version": "2.3.0",
+            "version": "2.4.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/promises.git",
-                "reference": "481557b130ef3790cf82b713667b43030dc9c957"
+                "reference": "09e8a212562fb1fb6a512c4156ed71525969d6c2"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/promises/zipball/481557b130ef3790cf82b713667b43030dc9c957",
-                "reference": "481557b130ef3790cf82b713667b43030dc9c957",
+                "url": "https://api.github.com/repos/guzzle/promises/zipball/09e8a212562fb1fb6a512c4156ed71525969d6c2",
+                "reference": "09e8a212562fb1fb6a512c4156ed71525969d6c2",
                 "shasum": ""
             },
             "require": {
@@ -207,7 +208,7 @@
             },
             "require-dev": {
                 "bamarni/composer-bin-plugin": "^1.8.2",
-                "phpunit/phpunit": "^8.5.44 || ^9.6.25"
+                "phpunit/phpunit": "^8.5.52 || ^9.6.34"
             },
             "type": "library",
             "extra": {
@@ -253,7 +254,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/promises/issues",
-                "source": "https://github.com/guzzle/promises/tree/2.3.0"
+                "source": "https://github.com/guzzle/promises/tree/2.4.1"
             },
             "funding": [
                 {
@@ -269,20 +270,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2025-08-22T14:34:08+00:00"
+            "time": "2026-05-20T22:57:30+00:00"
         },
         {
             "name": "guzzlehttp/psr7",
-            "version": "2.9.0",
+            "version": "2.10.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/guzzle/psr7.git",
-                "reference": "7d0ed42f28e42d61352a7a79de682e5e67fec884"
+                "reference": "73ab136360b5dfd858006eae9795e8fe43c80361"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/guzzle/psr7/zipball/7d0ed42f28e42d61352a7a79de682e5e67fec884",
-                "reference": "7d0ed42f28e42d61352a7a79de682e5e67fec884",
+                "url": "https://api.github.com/repos/guzzle/psr7/zipball/73ab136360b5dfd858006eae9795e8fe43c80361",
+                "reference": "73ab136360b5dfd858006eae9795e8fe43c80361",
                 "shasum": ""
             },
             "require": {
@@ -297,9 +298,9 @@
             },
             "require-dev": {
                 "bamarni/composer-bin-plugin": "^1.8.2",
-                "http-interop/http-factory-tests": "0.9.0",
+                "http-interop/http-factory-tests": "1.1.0",
                 "jshttp/mime-db": "1.54.0.1",
-                "phpunit/phpunit": "^8.5.44 || ^9.6.25"
+                "phpunit/phpunit": "^8.5.52 || ^9.6.34"
             },
             "suggest": {
                 "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
@@ -370,7 +371,7 @@
             ],
             "support": {
                 "issues": "https://github.com/guzzle/psr7/issues",
-                "source": "https://github.com/guzzle/psr7/tree/2.9.0"
+                "source": "https://github.com/guzzle/psr7/tree/2.10.1"
             },
             "funding": [
                 {
@@ -386,7 +387,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2026-03-10T16:41:02+00:00"
+            "time": "2026-05-20T09:27:36+00:00"
         },
         {
             "name": "http-interop/http-factory-guzzle",
@@ -1784,16 +1785,16 @@
         },
         {
             "name": "twig/twig",
-            "version": "v3.25.0",
+            "version": "v3.26.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "0dade995be754556af4dcbf8721d45cb3271f9b4"
+                "reference": "1fcae487b180d78e6351f4e0afa91f9eab96a2bc"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/0dade995be754556af4dcbf8721d45cb3271f9b4",
-                "reference": "0dade995be754556af4dcbf8721d45cb3271f9b4",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/1fcae487b180d78e6351f4e0afa91f9eab96a2bc",
+                "reference": "1fcae487b180d78e6351f4e0afa91f9eab96a2bc",
                 "shasum": ""
             },
             "require": {
@@ -1848,7 +1849,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.25.0"
+                "source": "https://github.com/twigphp/Twig/tree/v3.26.0"
             },
             "funding": [
                 {
@@ -1860,7 +1861,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2026-05-17T07:41:26+00:00"
+            "time": "2026-05-20T07:31:59+00:00"
         }
     ],
     "packages-dev": [
@@ -4898,16 +4899,16 @@
         },
         {
             "name": "webmozart/assert",
-            "version": "2.3.0",
+            "version": "2.4.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/webmozarts/assert.git",
-                "reference": "eb0d790f735ba6cff25c683a85a1da0eadeff9e4"
+                "reference": "9007ea6f45ecf352a9422b36644e4bfc039b9155"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/webmozarts/assert/zipball/eb0d790f735ba6cff25c683a85a1da0eadeff9e4",
-                "reference": "eb0d790f735ba6cff25c683a85a1da0eadeff9e4",
+                "url": "https://api.github.com/repos/webmozarts/assert/zipball/9007ea6f45ecf352a9422b36644e4bfc039b9155",
+                "reference": "9007ea6f45ecf352a9422b36644e4bfc039b9155",
                 "shasum": ""
             },
             "require": {
@@ -4923,7 +4924,11 @@
             },
             "type": "library",
             "extra": {
+                "psalm": {
+                    "pluginClass": "Webmozart\\Assert\\PsalmPlugin"
+                },
                 "branch-alias": {
+                    "dev-master": "2.0-dev",
                     "dev-feature/2-0": "2.0-dev"
                 }
             },
@@ -4954,9 +4959,9 @@
             ],
             "support": {
                 "issues": "https://github.com/webmozarts/assert/issues",
-                "source": "https://github.com/webmozarts/assert/tree/2.3.0"
+                "source": "https://github.com/webmozarts/assert/tree/2.4.0"
             },
-            "time": "2026-04-11T10:33:05+00:00"
+            "time": "2026-05-20T13:07:01+00:00"
         }
     ],
     "aliases": [],

php/psalm.xml

@@ -1,29 +1,29 @@
 <?xml version="1.0"?>
 <psalm
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns="https://getpsalm.org/schema/config"
-	xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
-	errorBaseline="psalm-baseline.xml"
-	findUnusedBaselineEntry="true"
-	findUnusedCode="false"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns="https://getpsalm.org/schema/config"
+    xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
+    errorBaseline="psalm-baseline.xml"
+    findUnusedBaselineEntry="true"
+    findUnusedCode="false"
 >
-	<projectFiles>
-		<directory name="templates"/>
-		<directory name="src"/>
-		<file name="public/index.php"/>
-		<ignoreFiles>
-			<directory name="vendor" />
-		</ignoreFiles>
-	</projectFiles>
-	<extraFiles>
-		<directory name="vendor" />
-	</extraFiles>
-	<issueHandlers>
-  		<ClassMustBeFinal errorLevel="suppress" />
+    <projectFiles>
+        <directory name="templates"/>
+        <directory name="src"/>
+        <file name="public/index.php"/>
+        <ignoreFiles>
+            <directory name="vendor" />
+        </ignoreFiles>
+    </projectFiles>
+    <extraFiles>
+        <directory name="vendor" />
+    </extraFiles>
+    <issueHandlers>
+        <ClassMustBeFinal errorLevel="suppress" />
         <MissingConstructor>
             <errorLevel type="suppress">
                 <file name="src/Data/ConfigurationManager.php" />  <!-- We're using property hooks with virtual properties in that file, which Psalm wrongly complains about. See <https://github.com/vimeo/psalm/issues/11435>.  -->
             </errorLevel>
         </MissingConstructor>
-	</issueHandlers>
+    </issueHandlers>
 </psalm>

php/public/index.php

@@ -181,8 +181,10 @@ $app->get('/containers', function (Request $request, Response $response, array $
         'community_containers' => $configurationManager->listAvailableCommunityContainers(),
         'community_containers_enabled' => $configurationManager->aioCommunityContainers,
         'bypass_container_update' => $bypass_container_update,
-    ]);
+    // Do not cache the page as it shows credentials
+    ])->withHeader('Cache-Control', 'no-store');
 })->setName('profile');
+
 $app->get('/login', function (Request $request, Response $response, array $args) use ($container) {
     $view = Twig::fromRequest($request);
     /** @var \AIO\Docker\DockerActionManager $dockerActionManager */
@@ -191,6 +193,7 @@ $app->get('/login', function (Request $request, Response $response, array $args)
         'is_login_allowed' => $dockerActionManager->isLoginAllowed(),
     ]);
 });
+
 $app->get('/setup', function (Request $request, Response $response, array $args) use ($container) {
     $view = Twig::fromRequest($request);
     /** @var \AIO\Data\Setup $setup */
@@ -209,8 +212,10 @@ $app->get('/setup', function (Request $request, Response $response, array $args)
         [
             'password' => $setup->Setup(),
         ]
-    );
+    // Do not cache the page as it shows credentials
+    )->withHeader('Cache-Control', 'no-store');
 });
+
 $app->get('/log', function (Request $request, Response $response, array $args) use ($container) {
     $params = $request->getQueryParams();
     $id = $params['id'] ?? '';
@@ -218,7 +223,13 @@ $app->get('/log', function (Request $request, Response $response, array $args) u
         throw new DI\NotFoundException();
     }
     $view = Twig::fromRequest($request);
-    return $view->render($response, 'log.twig', ['id' => $id]);
+    return $view->render(
+        $response, 'log.twig', 
+        [
+            'id' => $id
+        ]
+    // Do not cache the page as it might shows credentials
+    )->withHeader('Cache-Control', 'no-store');
 });
 
 // Auth Redirector

php/src/ContainerDefinitionFetcher.php

@@ -52,14 +52,18 @@ readonly class ContainerDefinitionFetcher {
         $standardContainerNames = array_column($data['aio_services_v1'], 'container_name');
 
         $additionalContainerNames = [];
+        $additionalTopLevelContainerNames = [];
         foreach ($this->configurationManager->aioCommunityContainers as $communityContainer) {
             if ($communityContainer !== '') {
                 $path = DataConst::GetCommunityContainersDirectory() . '/' . $communityContainer . '/' . $communityContainer . '.json';
                 $additionalData = json_decode((string)file_get_contents($path), true, 512, JSON_THROW_ON_ERROR);
                 $data = array_merge_recursive($data, $additionalData);
+                foreach ($additionalData['aio_services_v1'] as $additionalEntry) {
+                    $additionalContainerNames[] = $additionalEntry['container_name'];
+                }
                 if (isset($additionalData['aio_services_v1'][0]['display_name']) && $additionalData['aio_services_v1'][0]['display_name'] !== '') {
-                    // Store container_name of community containers in variable for later
-                    $additionalContainerNames[] = $additionalData['aio_services_v1'][0]['container_name'];
+                    // Store main container_name of community containers in variable for later
+                    $additionalTopLevelContainerNames[] = $additionalData['aio_services_v1'][0]['container_name'];
                 }
             }
         }
@@ -176,7 +180,7 @@ readonly class ContainerDefinitionFetcher {
                 if ($entry['container_name'] === 'nextcloud-aio-apache') {
                     // Add community containers first and default ones last so that aio_variables works correctly
                     $valueDependsOnTemp = [];
-                    foreach ($additionalContainerNames as $containerName) {
+                    foreach ($additionalTopLevelContainerNames as $containerName) {
                         $valueDependsOnTemp[] = $containerName;
                     }
                     $valueDependsOn = array_merge_recursive($valueDependsOnTemp, $valueDependsOn);

php/src/Docker/DockerHubManager.php

@@ -3,8 +3,6 @@ declare(strict_types=1);
 
 namespace AIO\Docker;
 
-use AIO\ContainerDefinitionFetcher;
-use AIO\Data\ConfigurationManager;
 use GuzzleHttp\Client;
 
 readonly class DockerHubManager {
@@ -15,6 +13,16 @@ readonly class DockerHubManager {
         $this->guzzleClient = new Client();
     }
 
+
+    // Official Docker Hub images need the library/ prefix when using the registry API directly.
+    private function normalizeImageName(string $name): string {
+        if (!str_contains($name, '/')) {
+            return 'library/' . $name;
+        }
+        return $name;
+    }
+
+
     public function GetLatestDigestOfTag(string $name, string $tag) : ?string {
         $cacheKey = 'dockerhub-manifest-' . $name . $tag;
 
@@ -24,6 +32,7 @@ readonly class DockerHubManager {
         }
 
         // If one of the links below should ever become outdated, we can still upgrade the mastercontainer via the webinterface manually by opening '/api/docker/getwatchtower'
+        $name = $this->normalizeImageName($name);
 
         try {
             $authTokenRequest = $this->guzzleClient->request(

php/templates/includes/aio-version.twig

@@ -1 +1 @@
-13.0.4
+13.1.0