Using a dedicated email address with a dedicated PGP key allows to give
multiple people access while still keeping things under wrap.
A single, private email address as security contact is such a huge bus
factor, which we should avoid. Event just a holiday or illness could
lead to escalation due to missing replies.
Also, in case of potentially severe security issues Nextcloud's security
team must have access to all details and communication. This is already
given for all issues reported via hackerone.com, and with this change is
now also enabled for issues reported by email.
In some cases, the array's keys where upper case, and the previous code
produced a warning and resulted in an empty string, even though the
name was present.
* Install requited locale in container image
One of the IMAP tests curiuosly ran successfully on Github-runners, but
failed locally. This is the pre-condition for a fix.
* Explicitly require mandatory locale for test
This test works only if executed with LC_COLLATE=en_US
* Schedule to rebuild testrunner image each week
To not have to update it every year or getting it wrong as in 1.6.8 I proposed to use the server year as copyright end year. During pull request, @alecpl suggested siply removing the years alltogether as they don't provide much value.
Co-authored-by: stefan-muc <roundcube-git_24@green-sparklet.de>
* vcard: Fix whitespace handling in line cont's
Previously, multiple whitespace characters at the start of a
continuation line would all be dropped, instead of only the first one.
Also,
- restrict line continuation characters to SPACE and TAB.
Note that, like before, this identifies the CR (`\r`) character with the
empty string, and thereby notably does not require a CRLF (`\r\n`)
sequence (which is mandated by RFCs 2426, 2425) for line termination
(i.e., `\n` suffices).
Fixes: Bug 1 of issue #9593.
* vcard: Add test for #9593/1
* Fix coding style
* Fix downloading files in tests with new Chromiums
Newer versions of chromium apparently need these flags to download files
without prompting the user.
* Expose port to watch remote browser
This allows to watch the remote controlled browser in your browser at
<http://localhost:7900/?autoconnect=1&resize=scale&password=secret>
(you have to comment out the `--headless` argument in TestCase::driver()
before).
Pablo Zmdl