Skip to main content

Share Audit Dashboard - Releases

← App details

Nextcloud 33

Share Audit Dashboard 0.3.0
Release Details
UpdatedJuly 15, 2026, 9:52 p.m.
Changelog

Security

  • Share deletion — single, bulk, orphan revoke and recipient revoke-all — now always goes through IShareManager instead of a raw SQL DELETE, so federated unshare (OCM), ShareDeletedEvent and provider-specific cleanup run; a direct DB delete is now only a documented fallback (owner account gone, provider app disabled), and a genuinely retryable failure (a locked file, an unreachable storage backend) is reported back as failed instead of being forced through that fallback.
  • Bulk endpoints (revoke, orphan revoke, revoke-all for a recipient) are capped and chunked so an unbounded selection can no longer tie up a PHP worker for minutes; revoke-all for a recipient with a very large number of shares now runs in server-side batches of 500 instead of one synchronous request.
  • The security-alerts cache is now invalidated as soon as a link is fixed or revoked, instead of only expiring after its normal TTL — the alerts view no longer shows an already-fixed item as still insecure right after acting on it.
  • Minimum supported Nextcloud version raised to 31 — orphan-share revoke relies on IShareManager::getShareById()'s $onlyValid parameter, which does not exist on Nextcloud 30.
  • The exposure score no longer treats a share type this version of the app doesn't recognize (e.g. one added in a future Nextcloud release) as safe — it's now weighted the same as an external share instead of falling back to internal, and shown as its own "Other" slice (with an explanatory tooltip) in the exposure breakdown whenever it's non-zero.
  • The recipient drill-down's shares/revoke-all endpoints are now rate-limited, matching the same endpoint's search action.

Added

  • Portuguese (Portugal) translation of the whole interface, plus build/l10n.py to regenerate the frontend l10n/*.js bundles from the .json sources and report missing or orphaned strings; l10n.py --check now also gates krankerl package.
  • Security alerts: copy/open-in-Files actions on individual alerts, and a clearable active-filter indicator.
  • All shares: a table caption describing the view.
  • Personal view: an option to include link tokens in CSV export, with an explicit warning about what that means.
  • Admin setting to turn the personal "My shares audit" page and its dashboard widget off instance-wide, for admins who want sharing audits to stay an admin-only concern.
  • Two new configurable security-alert rules: a public link open for anonymous upload without a password (file drop, or full create+update access), and a native group share granting edit or reshare permission to a group above a configurable member-count threshold (default 20).
  • The exposure/type "Other" bucket (share types this version doesn't recognize) now shows an explanatory tooltip on the dashboard's "Shares by type" chart and stat cards too, not just the exposure map.

Changed

  • Personal view header, summary cards and table captions restyled to match the admin dashboard's look (icon cards, ·-separated header, consistent table styling).

Fixed

  • Several UI strings introduced alongside the above were missing from l10n/*.json, so pt_PT users saw English text on the newest features.
  • The "with expiration" / "without expiration" filter (All shares column filter, and the underlying flag used by exports) now treats an already-expired date as "without expiration" instead of counting it as still protected.
Licenses GNU Affero General Public License v3.0 or later
Certificate-----BEGIN CERTIFICATE-----
MIIEEDCCAvgCAhOZMA0GCSqGSIb3DQEBCwUAMHsxCzAJBgNVBAYTAkRFMRswGQYD
VQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxFzAVBgNVBAoMDk5leHRjbG91ZCBHbWJI
MTYwNAYDVQQDDC1OZXh0Y2xvdWQgQ29kZSBTaWduaW5nIEludGVybWVkaWF0ZSBB
dXRob3JpdHkwHhcNMjYwNzE1MTAyMzI4WhcNMzYxMDIwMTAyMzI4WjAgMR4wHAYD
VQQDDBVzaGFyZV9hdWRpdF9kYXNoYm9hcmQwggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQCx308O8jTgDadfFtycc9pb4gAyYxIhDeLPO2hGyabdcwTTq3wM
GEQ+2O3OvPk3BTOswBBhNyOT5qkay7t3F12Q6K0E4C80dqk4Wg5mEd35FnBTkzaA
42502E7REGrIR6ec93sVA3Nl1QNgxjqKPsjyBEAsRjNqFyMuCu+xCn0OjVcTE99b
DnQogSbAdpHWbTDNaqaG82h2w2iB9xWmFNCrBrtbNjo5OQTTcjdavJkF59dmDlEg
WrFy/DWkEN98hwvCfSRoz87CTe2GdMJYwXaosF9Ms97ze9tRNqJZxqwAqRWRX7uF
hzETXDOt9JJRSllEUwGDPlrv15lCOPdcsdZKu1HJH7Cgn0qMpU5+FbOZAGt5x1Ab
J+V09jz4oTOJcEH0QL5kK1jtlYbtxMfd0e2tiZp3xZ0jR0T/Lnh2caq/HzN6TZvi
ouvBrTYG7sTQfXhpvFLwm55uNLQws9eawmh+JIHHtFdX7yIaNCVc/Pa7wb4eZ3ji
lX1oS/dQMF++7g3CFNfB2LcM2JrHj6yztMCz2Qhp22d8iWAhZNCvPZIA09Z+D0t1
Ax+PKPsbhT02D5lwEqnKWu3OTPOsUs5FmE+oztYZhBPgXUm97Ws8NVzdJcq5Q/by
OpiejUcZT/JDSqrV14QDzsjzx6Qpgi8fVXYJ6PV39m2Y3vL4Jssa62SsbwIDAQAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAlI8eUs8ctTUVZ5jT2h8Rk2O8wOSSOnIZqkXx/
QAa7fmtZZMRMYYzj3cU1dpvSl6TmryiJt504n/BqG4mFCsX4Wm0BW/9ASlu4CTyJ
Njc71R1glqlAMGw9fyLecQqF7ohbwJHQkGrqrm74e8yT7xa3YatlGbYNIXRKirFf
zjxY+ZrWAusNv8c30isE7Kxv5GILJyDq+LemaFj1a+CFm4jZvHUlGn7M50KwdvyW
VaZB9Rqm0H1bdQF5l1kzNOmej6TdQ4SBGttDBu93MmJMKjvkRA0mR+56lF33ZSfQ
EDNVN0giFQWoJG2dyMLRoXxC5Q0IIAHGj+FtIh9PdmQKMDyS
-----END CERTIFICATE-----
Signatureid/3VMmj3WJ5F/yg7Vw2iYWaeyYyfwCIHixypQyluTopm0wHsiA7CH+yCE+J5Qv7g04+9RwrSTdO3A2k+y9uBdgvLjXcMm3psyeveQqTowemX8wES78Y4XzJgcYXsABs1ls1nqrt/mpQW3ZxUTr4ch/W063s4mnW+R+Kb+QCmCDo04ho6Mg4s9QQtlGbjyQfau7cvmNnHiW47y2udNHarXATwrq4I4sRtMRPKJ4vUCp2G4LOq49NiiLnSjA5tLbZaMZieI1CxaOZFc45FJgqJgVzYfgEGcfagAsyUbVg1oBd5hTTU4JdLDG3qcxh5kv0XRdssDUKWJiSJUSYFxgYPHFDIqWvxemUnBkaVxqmHdZsSyunBfD4/pw4/KPRywzpxiPb/RVFryFQqjWwPwP4CnWanAsT8GZC/oQM8seKbkiZdsl4vRdxf6n/zAXUA6FLVtZl8Ik7sDbrV13YGWdJshkyhXjRdh33Al/CqV7o73ua3wIQaOhIYyfU5yHs5eKTLGEPNUbG1y/lfb/XnWSgCOWBKb3t4plhV00Ik2EPxIMFzhrPVRqFZjAaHxzK3EshGi3Jrz5mnhWijV57V7z2Soc/5147uuKDMW4O18B56rJfXqba9szeSBg5Wl3R1WbHIbbv/2eSL642zNmo6WujaWtX9R7FBClQsfTMuYfwWA0=
Signature digestsha512
Dependencies
Required Nextcloud versions >=31.0.0,<34.0.0
Minimum Integer bits32
PHP>=8.1.0

Nextcloud 32

Share Audit Dashboard 0.3.0
Release Details
UpdatedJuly 15, 2026, 9:52 p.m.
Changelog

Security

  • Share deletion — single, bulk, orphan revoke and recipient revoke-all — now always goes through IShareManager instead of a raw SQL DELETE, so federated unshare (OCM), ShareDeletedEvent and provider-specific cleanup run; a direct DB delete is now only a documented fallback (owner account gone, provider app disabled), and a genuinely retryable failure (a locked file, an unreachable storage backend) is reported back as failed instead of being forced through that fallback.
  • Bulk endpoints (revoke, orphan revoke, revoke-all for a recipient) are capped and chunked so an unbounded selection can no longer tie up a PHP worker for minutes; revoke-all for a recipient with a very large number of shares now runs in server-side batches of 500 instead of one synchronous request.
  • The security-alerts cache is now invalidated as soon as a link is fixed or revoked, instead of only expiring after its normal TTL — the alerts view no longer shows an already-fixed item as still insecure right after acting on it.
  • Minimum supported Nextcloud version raised to 31 — orphan-share revoke relies on IShareManager::getShareById()'s $onlyValid parameter, which does not exist on Nextcloud 30.
  • The exposure score no longer treats a share type this version of the app doesn't recognize (e.g. one added in a future Nextcloud release) as safe — it's now weighted the same as an external share instead of falling back to internal, and shown as its own "Other" slice (with an explanatory tooltip) in the exposure breakdown whenever it's non-zero.
  • The recipient drill-down's shares/revoke-all endpoints are now rate-limited, matching the same endpoint's search action.

Added

  • Portuguese (Portugal) translation of the whole interface, plus build/l10n.py to regenerate the frontend l10n/*.js bundles from the .json sources and report missing or orphaned strings; l10n.py --check now also gates krankerl package.
  • Security alerts: copy/open-in-Files actions on individual alerts, and a clearable active-filter indicator.
  • All shares: a table caption describing the view.
  • Personal view: an option to include link tokens in CSV export, with an explicit warning about what that means.
  • Admin setting to turn the personal "My shares audit" page and its dashboard widget off instance-wide, for admins who want sharing audits to stay an admin-only concern.
  • Two new configurable security-alert rules: a public link open for anonymous upload without a password (file drop, or full create+update access), and a native group share granting edit or reshare permission to a group above a configurable member-count threshold (default 20).
  • The exposure/type "Other" bucket (share types this version doesn't recognize) now shows an explanatory tooltip on the dashboard's "Shares by type" chart and stat cards too, not just the exposure map.

Changed

  • Personal view header, summary cards and table captions restyled to match the admin dashboard's look (icon cards, ·-separated header, consistent table styling).

Fixed

  • Several UI strings introduced alongside the above were missing from l10n/*.json, so pt_PT users saw English text on the newest features.
  • The "with expiration" / "without expiration" filter (All shares column filter, and the underlying flag used by exports) now treats an already-expired date as "without expiration" instead of counting it as still protected.
Licenses GNU Affero General Public License v3.0 or later
Certificate-----BEGIN CERTIFICATE-----
MIIEEDCCAvgCAhOZMA0GCSqGSIb3DQEBCwUAMHsxCzAJBgNVBAYTAkRFMRswGQYD
VQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxFzAVBgNVBAoMDk5leHRjbG91ZCBHbWJI
MTYwNAYDVQQDDC1OZXh0Y2xvdWQgQ29kZSBTaWduaW5nIEludGVybWVkaWF0ZSBB
dXRob3JpdHkwHhcNMjYwNzE1MTAyMzI4WhcNMzYxMDIwMTAyMzI4WjAgMR4wHAYD
VQQDDBVzaGFyZV9hdWRpdF9kYXNoYm9hcmQwggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQCx308O8jTgDadfFtycc9pb4gAyYxIhDeLPO2hGyabdcwTTq3wM
GEQ+2O3OvPk3BTOswBBhNyOT5qkay7t3F12Q6K0E4C80dqk4Wg5mEd35FnBTkzaA
42502E7REGrIR6ec93sVA3Nl1QNgxjqKPsjyBEAsRjNqFyMuCu+xCn0OjVcTE99b
DnQogSbAdpHWbTDNaqaG82h2w2iB9xWmFNCrBrtbNjo5OQTTcjdavJkF59dmDlEg
WrFy/DWkEN98hwvCfSRoz87CTe2GdMJYwXaosF9Ms97ze9tRNqJZxqwAqRWRX7uF
hzETXDOt9JJRSllEUwGDPlrv15lCOPdcsdZKu1HJH7Cgn0qMpU5+FbOZAGt5x1Ab
J+V09jz4oTOJcEH0QL5kK1jtlYbtxMfd0e2tiZp3xZ0jR0T/Lnh2caq/HzN6TZvi
ouvBrTYG7sTQfXhpvFLwm55uNLQws9eawmh+JIHHtFdX7yIaNCVc/Pa7wb4eZ3ji
lX1oS/dQMF++7g3CFNfB2LcM2JrHj6yztMCz2Qhp22d8iWAhZNCvPZIA09Z+D0t1
Ax+PKPsbhT02D5lwEqnKWu3OTPOsUs5FmE+oztYZhBPgXUm97Ws8NVzdJcq5Q/by
OpiejUcZT/JDSqrV14QDzsjzx6Qpgi8fVXYJ6PV39m2Y3vL4Jssa62SsbwIDAQAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAlI8eUs8ctTUVZ5jT2h8Rk2O8wOSSOnIZqkXx/
QAa7fmtZZMRMYYzj3cU1dpvSl6TmryiJt504n/BqG4mFCsX4Wm0BW/9ASlu4CTyJ
Njc71R1glqlAMGw9fyLecQqF7ohbwJHQkGrqrm74e8yT7xa3YatlGbYNIXRKirFf
zjxY+ZrWAusNv8c30isE7Kxv5GILJyDq+LemaFj1a+CFm4jZvHUlGn7M50KwdvyW
VaZB9Rqm0H1bdQF5l1kzNOmej6TdQ4SBGttDBu93MmJMKjvkRA0mR+56lF33ZSfQ
EDNVN0giFQWoJG2dyMLRoXxC5Q0IIAHGj+FtIh9PdmQKMDyS
-----END CERTIFICATE-----
Signatureid/3VMmj3WJ5F/yg7Vw2iYWaeyYyfwCIHixypQyluTopm0wHsiA7CH+yCE+J5Qv7g04+9RwrSTdO3A2k+y9uBdgvLjXcMm3psyeveQqTowemX8wES78Y4XzJgcYXsABs1ls1nqrt/mpQW3ZxUTr4ch/W063s4mnW+R+Kb+QCmCDo04ho6Mg4s9QQtlGbjyQfau7cvmNnHiW47y2udNHarXATwrq4I4sRtMRPKJ4vUCp2G4LOq49NiiLnSjA5tLbZaMZieI1CxaOZFc45FJgqJgVzYfgEGcfagAsyUbVg1oBd5hTTU4JdLDG3qcxh5kv0XRdssDUKWJiSJUSYFxgYPHFDIqWvxemUnBkaVxqmHdZsSyunBfD4/pw4/KPRywzpxiPb/RVFryFQqjWwPwP4CnWanAsT8GZC/oQM8seKbkiZdsl4vRdxf6n/zAXUA6FLVtZl8Ik7sDbrV13YGWdJshkyhXjRdh33Al/CqV7o73ua3wIQaOhIYyfU5yHs5eKTLGEPNUbG1y/lfb/XnWSgCOWBKb3t4plhV00Ik2EPxIMFzhrPVRqFZjAaHxzK3EshGi3Jrz5mnhWijV57V7z2Soc/5147uuKDMW4O18B56rJfXqba9szeSBg5Wl3R1WbHIbbv/2eSL642zNmo6WujaWtX9R7FBClQsfTMuYfwWA0=
Signature digestsha512
Dependencies
Required Nextcloud versions >=31.0.0,<34.0.0
Minimum Integer bits32
PHP>=8.1.0

Nextcloud 31

Share Audit Dashboard 0.3.0
Release Details
UpdatedJuly 15, 2026, 9:52 p.m.
Changelog

Security

  • Share deletion — single, bulk, orphan revoke and recipient revoke-all — now always goes through IShareManager instead of a raw SQL DELETE, so federated unshare (OCM), ShareDeletedEvent and provider-specific cleanup run; a direct DB delete is now only a documented fallback (owner account gone, provider app disabled), and a genuinely retryable failure (a locked file, an unreachable storage backend) is reported back as failed instead of being forced through that fallback.
  • Bulk endpoints (revoke, orphan revoke, revoke-all for a recipient) are capped and chunked so an unbounded selection can no longer tie up a PHP worker for minutes; revoke-all for a recipient with a very large number of shares now runs in server-side batches of 500 instead of one synchronous request.
  • The security-alerts cache is now invalidated as soon as a link is fixed or revoked, instead of only expiring after its normal TTL — the alerts view no longer shows an already-fixed item as still insecure right after acting on it.
  • Minimum supported Nextcloud version raised to 31 — orphan-share revoke relies on IShareManager::getShareById()'s $onlyValid parameter, which does not exist on Nextcloud 30.
  • The exposure score no longer treats a share type this version of the app doesn't recognize (e.g. one added in a future Nextcloud release) as safe — it's now weighted the same as an external share instead of falling back to internal, and shown as its own "Other" slice (with an explanatory tooltip) in the exposure breakdown whenever it's non-zero.
  • The recipient drill-down's shares/revoke-all endpoints are now rate-limited, matching the same endpoint's search action.

Added

  • Portuguese (Portugal) translation of the whole interface, plus build/l10n.py to regenerate the frontend l10n/*.js bundles from the .json sources and report missing or orphaned strings; l10n.py --check now also gates krankerl package.
  • Security alerts: copy/open-in-Files actions on individual alerts, and a clearable active-filter indicator.
  • All shares: a table caption describing the view.
  • Personal view: an option to include link tokens in CSV export, with an explicit warning about what that means.
  • Admin setting to turn the personal "My shares audit" page and its dashboard widget off instance-wide, for admins who want sharing audits to stay an admin-only concern.
  • Two new configurable security-alert rules: a public link open for anonymous upload without a password (file drop, or full create+update access), and a native group share granting edit or reshare permission to a group above a configurable member-count threshold (default 20).
  • The exposure/type "Other" bucket (share types this version doesn't recognize) now shows an explanatory tooltip on the dashboard's "Shares by type" chart and stat cards too, not just the exposure map.

Changed

  • Personal view header, summary cards and table captions restyled to match the admin dashboard's look (icon cards, ·-separated header, consistent table styling).

Fixed

  • Several UI strings introduced alongside the above were missing from l10n/*.json, so pt_PT users saw English text on the newest features.
  • The "with expiration" / "without expiration" filter (All shares column filter, and the underlying flag used by exports) now treats an already-expired date as "without expiration" instead of counting it as still protected.
Licenses GNU Affero General Public License v3.0 or later
Certificate-----BEGIN CERTIFICATE-----
MIIEEDCCAvgCAhOZMA0GCSqGSIb3DQEBCwUAMHsxCzAJBgNVBAYTAkRFMRswGQYD
VQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxFzAVBgNVBAoMDk5leHRjbG91ZCBHbWJI
MTYwNAYDVQQDDC1OZXh0Y2xvdWQgQ29kZSBTaWduaW5nIEludGVybWVkaWF0ZSBB
dXRob3JpdHkwHhcNMjYwNzE1MTAyMzI4WhcNMzYxMDIwMTAyMzI4WjAgMR4wHAYD
VQQDDBVzaGFyZV9hdWRpdF9kYXNoYm9hcmQwggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQCx308O8jTgDadfFtycc9pb4gAyYxIhDeLPO2hGyabdcwTTq3wM
GEQ+2O3OvPk3BTOswBBhNyOT5qkay7t3F12Q6K0E4C80dqk4Wg5mEd35FnBTkzaA
42502E7REGrIR6ec93sVA3Nl1QNgxjqKPsjyBEAsRjNqFyMuCu+xCn0OjVcTE99b
DnQogSbAdpHWbTDNaqaG82h2w2iB9xWmFNCrBrtbNjo5OQTTcjdavJkF59dmDlEg
WrFy/DWkEN98hwvCfSRoz87CTe2GdMJYwXaosF9Ms97ze9tRNqJZxqwAqRWRX7uF
hzETXDOt9JJRSllEUwGDPlrv15lCOPdcsdZKu1HJH7Cgn0qMpU5+FbOZAGt5x1Ab
J+V09jz4oTOJcEH0QL5kK1jtlYbtxMfd0e2tiZp3xZ0jR0T/Lnh2caq/HzN6TZvi
ouvBrTYG7sTQfXhpvFLwm55uNLQws9eawmh+JIHHtFdX7yIaNCVc/Pa7wb4eZ3ji
lX1oS/dQMF++7g3CFNfB2LcM2JrHj6yztMCz2Qhp22d8iWAhZNCvPZIA09Z+D0t1
Ax+PKPsbhT02D5lwEqnKWu3OTPOsUs5FmE+oztYZhBPgXUm97Ws8NVzdJcq5Q/by
OpiejUcZT/JDSqrV14QDzsjzx6Qpgi8fVXYJ6PV39m2Y3vL4Jssa62SsbwIDAQAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAlI8eUs8ctTUVZ5jT2h8Rk2O8wOSSOnIZqkXx/
QAa7fmtZZMRMYYzj3cU1dpvSl6TmryiJt504n/BqG4mFCsX4Wm0BW/9ASlu4CTyJ
Njc71R1glqlAMGw9fyLecQqF7ohbwJHQkGrqrm74e8yT7xa3YatlGbYNIXRKirFf
zjxY+ZrWAusNv8c30isE7Kxv5GILJyDq+LemaFj1a+CFm4jZvHUlGn7M50KwdvyW
VaZB9Rqm0H1bdQF5l1kzNOmej6TdQ4SBGttDBu93MmJMKjvkRA0mR+56lF33ZSfQ
EDNVN0giFQWoJG2dyMLRoXxC5Q0IIAHGj+FtIh9PdmQKMDyS
-----END CERTIFICATE-----
Signatureid/3VMmj3WJ5F/yg7Vw2iYWaeyYyfwCIHixypQyluTopm0wHsiA7CH+yCE+J5Qv7g04+9RwrSTdO3A2k+y9uBdgvLjXcMm3psyeveQqTowemX8wES78Y4XzJgcYXsABs1ls1nqrt/mpQW3ZxUTr4ch/W063s4mnW+R+Kb+QCmCDo04ho6Mg4s9QQtlGbjyQfau7cvmNnHiW47y2udNHarXATwrq4I4sRtMRPKJ4vUCp2G4LOq49NiiLnSjA5tLbZaMZieI1CxaOZFc45FJgqJgVzYfgEGcfagAsyUbVg1oBd5hTTU4JdLDG3qcxh5kv0XRdssDUKWJiSJUSYFxgYPHFDIqWvxemUnBkaVxqmHdZsSyunBfD4/pw4/KPRywzpxiPb/RVFryFQqjWwPwP4CnWanAsT8GZC/oQM8seKbkiZdsl4vRdxf6n/zAXUA6FLVtZl8Ik7sDbrV13YGWdJshkyhXjRdh33Al/CqV7o73ua3wIQaOhIYyfU5yHs5eKTLGEPNUbG1y/lfb/XnWSgCOWBKb3t4plhV00Ik2EPxIMFzhrPVRqFZjAaHxzK3EshGi3Jrz5mnhWijV57V7z2Soc/5147uuKDMW4O18B56rJfXqba9szeSBg5Wl3R1WbHIbbv/2eSL642zNmo6WujaWtX9R7FBClQsfTMuYfwWA0=
Signature digestsha512
Dependencies
Required Nextcloud versions >=31.0.0,<34.0.0
Minimum Integer bits32
PHP>=8.1.0