From 04730e245ed1033ca1f49d1555d4a2d461e27868 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?=
 <1005065+DeepDiver1975@users.noreply.github.com>
Date: Thu, 23 Apr 2026 20:42:14 +0200
Subject: [PATCH 1/4] feat: add smoke test inputs to CI workflow

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/workflows/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 6a66fc1..3bdd025 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -26,6 +26,12 @@ jobs:
       push: ${{ github.ref == 'refs/heads/master' }}
       trivy-ignore-files: ${{ matrix.release.trivy-ignore }}
       docker-extra-tags: ${{ matrix.release.extra-tags }}
+      smoke-test-port: "8080"
+      smoke-test-url: "http://localhost:8080/status.php"
+      smoke-test-env: |
+        OWNCLOUD_DOMAIN=localhost:8080
+        OWNCLOUD_DB_TYPE=sqlite3
+      smoke-test-version-jq: ${{ matrix.release.smoke-version-jq }}
     secrets:
       docker-hub-password: ${{ secrets.DOCKERHUB_TOKEN }}
 
@@ -40,20 +46,24 @@ jobs:
               10.16
               10
               latest
+            smoke-version-jq: ".versionstring"
           - version: 10.16.1
             tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260218.tar.bz2
             base: v22.04
             trivy-ignore: v22.04/10.16.1/.trivyignore
+            smoke-version-jq: ".versionstring"
           - version: 10.15.3
             tarball: https://download.owncloud.com/server/stable/owncloud-complete-20250703.tar.bz2
             base: v22.04
             trivy-ignore: v22.04/10.15.3/.trivyignore
             extra-tags: |
               10.15
+            smoke-version-jq: ".versionstring"
           - version: 11.0.0-prealpha
             tarball: https://download.owncloud.com/server/daily/owncloud-daily-master.tar.bz2
             base: v24.04
             trivy-ignore: v24.04/11.0.0-prealpha/.trivyignore
+            smoke-version-jq: ""
 
   update-docker-hub-description:
     needs: build

From 01b96a1f58f94cb7fc50942b1c90f81077d87d9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?=
 <1005065+DeepDiver1975@users.noreply.github.com>
Date: Thu, 23 Apr 2026 20:59:26 +0200
Subject: [PATCH 2/4] fix: correct sqlite db type and add trusted domains for
 smoke test

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/workflows/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 3bdd025..d025084 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -30,7 +30,8 @@ jobs:
       smoke-test-url: "http://localhost:8080/status.php"
       smoke-test-env: |
         OWNCLOUD_DOMAIN=localhost:8080
-        OWNCLOUD_DB_TYPE=sqlite3
+        OWNCLOUD_TRUSTED_DOMAINS=localhost:8080
+        OWNCLOUD_DB_TYPE=sqlite
       smoke-test-version-jq: ${{ matrix.release.smoke-version-jq }}
     secrets:
       docker-hub-password: ${{ secrets.DOCKERHUB_TOKEN }}

From 26fdd2246244baa1a1d5e6e2f8918429210fa6a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?=
 <1005065+DeepDiver1975@users.noreply.github.com>
Date: Thu, 7 May 2026 10:14:29 +0200
Subject: [PATCH 3/4] fix: add CVE-2026-44167 to trivyignore for 10.16.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
---
 v22.04/10.16.2/.trivyignore | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/v22.04/10.16.2/.trivyignore b/v22.04/10.16.2/.trivyignore
index cf1dbad..353aba9 100644
--- a/v22.04/10.16.2/.trivyignore
+++ b/v22.04/10.16.2/.trivyignore
@@ -3,3 +3,6 @@ CVE-2024-51736
 
 # fix requires ownCloud to update bundled aws-sdk-php (3.337.3 -> 3.371.4) in files_primary_s3
 GHSA-27qh-8cxx-2cr5
+
+# will be fixed with oc 10.16.3 or later
+CVE-2026-44167

From 9888dd71542924fad9c141f768742e497d6fa30a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?=
 <1005065+DeepDiver1975@users.noreply.github.com>
Date: Thu, 7 May 2026 10:24:14 +0200
Subject: [PATCH 4/4] fix: add CVE-2026-44167 to trivyignore for 10.16.1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
---
 v22.04/10.16.1/.trivyignore | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/v22.04/10.16.1/.trivyignore b/v22.04/10.16.1/.trivyignore
index 5157ab6..fd15115 100644
--- a/v22.04/10.16.1/.trivyignore
+++ b/v22.04/10.16.1/.trivyignore
@@ -6,3 +6,6 @@ GHSA-27qh-8cxx-2cr5
 
 # will be fixed with oc 10.16.2 - TODO: remove once 10.16.2 is available for this branch
 CVE-2026-32935
+
+# will be fixed with oc 10.16.3 or later
+CVE-2026-44167