Middleware Documentation deprecated

Welcome to the documentation about the inner workings of the Java-based middleware platform of OX App Suite. This technical documentation covers articles about different topics and features, grouped by different subtopics on the left.

The latest notable changes of the middleware can be found below.All notable changes to this project will be documented in this file.

8.45.48 - 2025-12-03

Added

• Added mail snooze feature - /appsuite/platform/core86 6273c171

Changed

• SCR-1625: Updated Caffeine caching library and Google Guava c8919957
• SCR-1626: Added Eclipse Collections c7f64cf4
• SCR-1627: Added possibility to specify max. days in future as limitation for the date to send of a scheduled mail e745d364 762403ae
• SCR-1628: Updated several libraries for newest fabric8 client 9071d20d
• Updated core-mw chart dependencies 6c010f1e
  • Updated Gotenberg image to v8.25.0
  • Updated Collabora image to v25.04.7.2.1
  • Updated Collabora chart to v1.1.53
• core#405: Use a description model when performing update to check what shall be changed and what not - /appsuite/platform/core#405 57155459 ea9674ac 4f13d0c9
• core#410: Orderly gather resources when handling addressbook-multiget request - /appsuite/platform/core#410 eb503fa3
• support#939: Added to "allowedProtocols" to HTML white-list JSlob entry - /appsuite/support#939 10cac27c c3ed1d5c
• support#966: Added plausibility check to issued LIST "" "*" command against IMAP server (expect at least "INBOX" to be present) - /appsuite/support#966 930fe864
• support#975: Improved returned error code for invalid parameter value - /appsuite/support#975 ed0cb8d2
• support#985: Minor improvement for the attachment storage clean-up query - /appsuite/support#985 bb91a1c1
• support#986: Don't query all attendee field when resolving event(s) by UID - /appsuite/support#986 9a593ce1
• support#994: Orderly handle possible "user not found" error when looking-up by maiul login string - /appsuite/support#994 82dc2e9c 9ae26e68
• support#1012: Proper counting of borrowed IMAP store instances - /appsuite/support#1012 c1b83d13

Fixed

• CIC-930: Orderly add newlines when having multiple secret context sets 9f8944cd
• Delete tombstone entries in chunks 28e60fe1
  • This limits the size of simultaneously loaded tombstone entries to 10k and therefore preventing overloads if the size is extremely big
• core#375: Ensure IMAP folder is really not existent through dedicated LIST commands - /appsuite/platform/core#375 fc8b14b8 1ceabe39 a85cd047
• core#381: Use retry mechanism when encountering special optimistic concurrency conflict - /appsuite/platform/core#381 e7938366 e7c5b8e6 3a47586a
• core#382: Orderly process locally held inline images to have a "Content-Id"-referencing "src" attribute - /appsuite/platform/core#382 e680eec9
• core#395: Properly recognize guest calendar user in public folder - /appsuite/platform/core#395 918f4825
• core#396: Dont delete foreign folder appsuite/platform/core#396 b733c1e5
• core#398: Also allow TLDs as specified in RFC 6761 - /appsuite/platform/core#398 365576b2 0f837d89 18887594
• core#399: Ignore failure to retrieve the metadata for a \NoSelect mailbox - /appsuite/platform/core#399 d777df68
• core#400: Do not double URL-encode valid %XX sequences - /appsuite/platform/core#400 762de379
• core#402: Use an alternative polling-based watcher for changed k8s secret - /appsuite/platform/core#402 8f9b2f22
• core#406: Introduced possibility to let liveness fail, when health/readiness check failed consecutively for more than a configured duration - /appsuite/platform/core#406 0087cda9
• core#407: Avoid auto-creation of optional default Drive folder (Documents, Videos, Music, ...) - appsuite/platform/core#407 b8803ffb a23f17e4
• core#408: Corrected invocation of legacy (PIM) event queue and adjusted its logging behavior - /appsuite/platform/core#408 6900bbdd cdec313d af56ac62 7dada2da
• core#409: Use improved hash calculation for a folder name to avoid possible collisions - /appsuite/platform/core#409 dc491b6b
• core#410: Chunk-wise output of resources in calendar- and addressbook-multiget report exceeding configured limits - /appsuite/platform/core#410 201ccccc
  • SCR-1634: Changed Semantics for 'com.openexchange.carddav.addressbookMultigetLimit' and 'com.openexchange.caldav.calendarMultigetLimit'
• core#411: Drop invalid deputy permissions from result set - /appsuite/platform/core#411 221515e5
• core#412: Read proper command-line tool parameter on secondary account creation - /appsuite/platform/core#412 31a6a582
• core#413: Enforce HTML sanitization if output view is set to "document" - /appsuite/platform/core#413 aeaa505f
• core#414: Lowered log level for annoying log message - /appsuite/platform/core#414 599579a6
• core#415: Still offer to accept party crasher from outdated REPLY - /appsuite/platform/core#415 ff2d1341
• core#417: Lowered log level to DEBUG if exception indicates an invalidly configured no-reply transport - /appsuite/platform/core#417 baf38b0b
• core#418: Use "DELETE ... JOIN" statement to drop duplicate entries from "ratelimit" table - /appsuite/platform/core#418 4739a26f
• support#983: Corrected exception message argument order when importing to an incompatible parent folder - /appsuite/support#983 f6c7bdc5

8.44.28 - 2025-10-28

Added

• SCR-1622: Added new lean property com.openexchange.mail.bodyPartReadThresholdMillis that specifies the threshold in milliseconds for the read duration of body parts from mail storage. If that threshold is exceeded a warn log message is generated f89d1944 bef3059a
• Allow setting new primary mail address during secondary account update d8473609
  • SCR-1619: New Element 'primaryAddress' in 'accountDataUpdate' for 'OXSecondaryAccountService'
  • SCR-1620: New Option '--new-primary-address' for 'updatesecondaryaccount'
• Checksum configuration in helm chart for rolling upgrades 6233f1b1
• support#902: New scenarios and custom login sources for manual drive client onboarding b122b945
  • SCR-1617: New Scenarios for Manual Drive Client Onboarding Configuration
  • SCR-1618: New Properties to Enable Custom Login Source for Drive Client Onboarding

Changed

• SCR-1623: Introduced property "com.openexchange.snippet.preferredSnippetService" to specify preferred snippet service to use 82605d2f fb9e1e24
• Updated core-mw chart dependencies a5750420
  • Updated Collabora image to v25.04.6.2.1
  • Updated Collabora chart to v1.1.51
• Remove explicit cluster domain e386ba76

Fixed

• INU-4853: Do not set a second invalidation cookie if no domain is configured eed9c664 d95e55e8
• core#386: Detect harmful content in CSS fragment 45ff81bf
• core#364: Improved handling for failed transport of a scheduled mail with mail notification be9c6094
• core#388: More robust validation of deputy metadata in folder attributes 8165d446
• Handle every contextSet and UI property as string so they will be orderly processed by oxprops 1caea19c 9cad1815
• core#382: Orderly process locally held inline images to have a "Content-Id"-referencing "src" attribute e9ba6091 6134ad3f
• core#389: Restore RFC 1123 compliant formatting of {DAV:}creationdate and {DAV:}getlastmodified 1f26b309
• core#390: Allow applying iMIP manually after organizer changed 0c83bb73
  • SCR-1621: New Property 'com.openexchange.calendar.allowChangeOfOrganizerWithExternals'
• core#391: Omit iOS version from device display name if not reliably detectable 606bc947
• core#392: Corrected formatting of bullet-point list in markdown for secondary accounts documentation core#393: Handle IMAP ACLs according to RFC 4314 as recommended: ignore the virtual "d" and "c" rights b000b557
• support#926: Allow a "reject" only or a "reject + stop" combination fb548b04 7ca8ce60

8.43.52 - 2025-10-02

Added

• SCR-1605: New property to limit maximum attendees per conflict check (SCR-1605) a8ab6a50
• SCR-1606: New property 'com.openexchange.caldav.calendarMultigetLimit' 9ebafff9
• SCR-1607: New property 'com.openexchange.calendar.lookupPeerAttendeesEnabled' d60b22db 92b413fc
• Support to disable TLS for mariadb-client 8fa9a1aa
• core#378: Introduced options to limit reminder range requests ff01b6c6
  • SCR-1608: New Configuration Property 'com.openexchange.reminder.reminderLookbackDays'
  • SCR-1609: New Configuration Property 'com.openexchange.reminder.maxRemindersPerRequest'
  • SCR-1610: Implicitly Delete Alarms when Declining a Task
• support#850: Documentation for 'com.openexchange.undo.enabled' 1d60817f
• support#888: Indicate configured value of 'maxAttendeesPerConflictCheck' via JSlob API 13e27b0f

Changed

• Added no-op mappings for orphaned user properties links/number_of_links (columns 591 and 595) 696a2e00
• INU-4985: Consolidated parsing/writing of BDAY and ANNIVERSARY without year part in vCards fa640454
• support#883: Query attendees chunk-wise fa6b1237
• SCR-1599: Changed typo in property name and now properly use "com.openexchange.mail.proxyExternalImageUrls" instead of "com.openexchange.mail.proxyExternalImagerUrls" b3e3f26d
• SCR-1604: Updated OSGi target platform bundles 8d2042e9
• SCR-1611: Added possibility to enable round-robin on IP address selection e5170e58 cbd03571 7cbb4d40 e4038669
• SCR-1612: Updated Spring Framework libraries from v5.3.32 to v5.3.39 2f79d5d3
• Updated core-mw chart dependencies 1df9308f
  • Updated Gotenberg image to v8.23.2
  • Updated Collabora image to v25.04.5.3.1
  • Updated Collabora chart to v1.1.49
• Check number of recipients against configured limit ("com.openexchange.mail.maxToCcBcc") as well as validate recipients' addresses b87f2b2b
• Do not need to explicitly pass mysql args to initconfigdb script 69f04b2a
• Updated integrated timezone definitions to tzdata2025a 29585c43
• core#358: Delete previously scheduled mail data along with associated message when re-editing as draft 0a47882d 8b5e5baf
• core#364: Cope with "Domain ends with dot" address parse exception on message transport e5629919
• core#378: Only load data for limited amount of attendees during conflict checks af1beadf

Fixed

• Also consider