increase to 13.0.3

Signed-off-by: Simon L. <szaimen@e.mail.de>
aio-interface: change session cookie SameSite from Strict to Lax to fix cross-site getlogin flow (#8064 )
2026-05-21 10:50:10 +00:00 · 2026-05-07 16:22:14 +02:00 · 2026-05-07 16:10:18 +02:00 · 2026-05-07 07:53:51 +00:00 · 2026-05-06 13:03:28 +02:00 · 2026-05-06 13:00:57 +02:00
7 changed files with 7 additions and 7 deletions
--- a/Containers/apache/Dockerfile
+++ b/Containers/apache/Dockerfile
@@ -2,7 +2,7 @@
 FROM caddy:2.11.2-alpine AS caddy

 # From https://github.com/docker-library/httpd/blob/master/2.4/alpine/Dockerfile
-FROM httpd:2.4.66-alpine3.23
+FROM httpd:2.4.67-alpine3.23

 COPY --from=caddy /usr/bin/caddy /usr/bin/caddy

--- a/Containers/docker-socket-proxy/Dockerfile
+++ b/Containers/docker-socket-proxy/Dockerfile
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM haproxy:3.3.7-alpine
+FROM haproxy:3.3.8-alpine

 # hadolint ignore=DL3002
 USER root
--- a/Containers/fulltextsearch/Dockerfile
+++ b/Containers/fulltextsearch/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Probably from here https://github.com/elastic/dockerfiles/blob/9.3/elasticsearch/Dockerfile
-FROM elasticsearch:9.3.3
+FROM elasticsearch:9.4.0

 USER root

--- a/Containers/redis/Dockerfile
+++ b/Containers/redis/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # From https://github.com/redis/docker-library-redis/blob/release/8.2/alpine/Dockerfile
-FROM redis:8.6.2-alpine
+FROM redis:8.6.3-alpine

 COPY --chmod=775 start.sh /start.sh

--- a/Containers/talk/Dockerfile
+++ b/Containers/talk/Dockerfile
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM nats:2.12.8-scratch AS nats
+FROM nats:2.14.0-scratch AS nats
 FROM eturnal/eturnal:1.12.2-alpine AS eturnal
 FROM strukturag/nextcloud-spreed-signaling:2.1.1 AS signaling
 FROM alpine:3.23.4 AS janus
--- a/php/public/index.php
+++ b/php/public/index.php
@@ -68,7 +68,7 @@ session_start([
    "use_strict_mode" => true, // Only allow initialized session IDs. See https://www.php.net/manual/en/session.configuration.php#ini.session.use-strict-mode
    "cookie_secure" => true, // Only send cookies over https (not http). See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#secure
    "cookie_httponly" => true, // Block the cookie from being read with js in the browser, will still be send for fetch request triggered by js. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#httponly
-    "cookie_samesite" => "Strict", // Only send the cookie with requests triggered by AIO itself. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value
+    "cookie_samesite" => "Lax", // Send the cookie with same-site requests and top-level cross-site navigations (e.g. redirect after token-based getlogin). "Strict" would block the session cookie on the redirect that follows a cross-site navigation, breaking the getlogin flow from Nextcloud's admin panel. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value
 ]);

 if ($wasAuthenticated) {
--- a/php/templates/includes/aio-version.twig
+++ b/php/templates/includes/aio-version.twig
@@ -1 +1 @@
-13.0.1
+13.0.3
Author	SHA1	Message	Date
Simon L.	15ae285d9f	increase to 13.0.3 Signed-off-by: Simon L. <szaimen@e.mail.de>	2026-05-07 16:22:14 +02:00
Simon L.	1fa4f3b6a3	aio-interface: change session cookie SameSite from Strict to Lax to fix cross-site getlogin flow (#8064 )	2026-05-07 16:10:18 +02:00
copilot-swe-agent[bot]	654c39ff1e	fix: change session cookie SameSite from Strict to Lax to fix cross-site getlogin flow Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/acf6148d-63c7-4ee2-a856-6de7de68118d Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>	2026-05-07 07:53:51 +00:00
Simon L.	91d59af4dc	increase to 13.0.2 Signed-off-by: Simon L. <szaimen@e.mail.de>	2026-05-06 13:03:28 +02:00
Simon L.	5091f27e87	build(deps): bump redis from 8.6.2-alpine to 8.6.3-alpine in /Containers/redis (#8061 )	2026-05-06 13:00:57 +02:00
Simon L.	c74d08902e	build(deps): bump elasticsearch from 9.3.3 to 9.4.0 in /Containers/fulltextsearch (#8060 )	2026-05-06 13:00:45 +02:00
Simon L.	216c73d3aa	build(deps): bump httpd from 2.4.66-alpine3.23 to 2.4.67-alpine3.23 in /Containers/apache (#8059 )	2026-05-06 13:00:34 +02:00
Simon L.	6c1c33e069	build(deps): bump haproxy from 3.3.7-alpine to 3.3.8-alpine in /Containers/docker-socket-proxy (#8047 )	2026-05-06 13:00:22 +02:00
Simon L.	f0949a8746	build(deps): bump nats from 2.12.8-scratch to 2.14.0-scratch in /Containers/talk (#8037 )	2026-05-06 13:00:08 +02:00
dependabot[bot]	79eccd576d	build(deps): bump redis in /Containers/redis Bumps redis from 8.6.2-alpine to 8.6.3-alpine. --- updated-dependencies: - dependency-name: redis dependency-version: 8.6.3-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-06 04:20:08 +00:00
dependabot[bot]	323a34a437	build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 9.3.3 to 9.4.0. --- updated-dependencies: - dependency-name: elasticsearch dependency-version: 9.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-06 04:19:29 +00:00
dependabot[bot]	f2076fa56b	build(deps): bump httpd in /Containers/apache Bumps httpd from 2.4.66-alpine3.23 to 2.4.67-alpine3.23. --- updated-dependencies: - dependency-name: httpd dependency-version: 2.4.67-alpine3.23 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-06 04:19:18 +00:00
dependabot[bot]	1e064fed8a	build(deps): bump haproxy in /Containers/docker-socket-proxy Bumps haproxy from 3.3.7-alpine to 3.3.8-alpine. --- updated-dependencies: - dependency-name: haproxy dependency-version: 3.3.8-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-04 04:20:18 +00:00
dependabot[bot]	bc2105d668	build(deps): bump nats in /Containers/talk Bumps nats from 2.12.8-scratch to 2.14.0-scratch. --- updated-dependencies: - dependency-name: nats dependency-version: 2.14.0-scratch dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-01 04:27:45 +00:00
@@ -1 +1 @@
 .0.1
 .0.3