feat: add ownCloud 10.16.2RC1 release candidate build (#595)

DeepDiver1975 · claude · web-flow · commit 9b002641138b · 2026-04-14T15:20:05.000+02:00
* feat: add ownCloud 10.16.2RC1 release candidate build Adds 10.16.2RC1 to the CI matrix using the daily testing tarball and comments out CVE-2026-32935 and GHSA-27qh-8cxx-2cr5 in .trivyignore as they will be fixed in 10.16.2. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore: re-enable GHSA-27qh-8cxx-2cr5 ignore for php7.4 No fixed version is available for php7.4, so the CVE must remain ignored. Add a clarifying comment explaining the reason. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore: restore CVE-2026-32935 ignore with TODO reminder Re-enables the CVE-2026-32935 ignore entry and adds a TODO comment to remove it once ownCloud 10.16.2 is released. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -33,6 +33,9 @@ jobs:
           - version: 11.0.0-prealpha
             tarball: https://download.owncloud.com/server/daily/owncloud-daily-master.tar.bz2
             base: v24.04
+          - version: 10.16.2RC1
+            tarball: https://download.owncloud.com/server/testing/owncloud-complete-20260414.tar.bz2
+            base: v22.04
           - version: 10.16.1
             tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260218.tar.bz2
             base: v22.04
diff --git a/.trivyignore b/.trivyignore
@@ -6,7 +6,10 @@ CVE-2024-51736
 
 CVE-2025-45769
 
-# will be fixed with oc 10.16.2 and 11.0.0
+# will be fixed with oc 10.16.2 and 11.0.0 - TODO: remove once 10.16.2 is out
 
 CVE-2026-32935
+
+# with php7.4 there is no version available which fixes the following
+
 GHSA-27qh-8cxx-2cr5
