[00:00.000 --> 00:09.680]  Okay, so we are going to start the next course.
[00:09.680 --> 00:14.800]  The next course is about optimizing your co-applications for integration, learnings from integrating
[00:14.800 --> 00:18.240]  of the project with NextCloud.
[00:18.240 --> 00:19.240]  Thank you.
[00:19.240 --> 00:20.240]  Hello, everyone.
[00:20.240 --> 00:21.480]  My name is Wieland Lindenthal.
[00:21.480 --> 00:27.040]  I'm one of the lucky co-founders of OpenProject, and today I'm here because I'm also the managing
[00:27.040 --> 00:33.000]  engineer of the OpenProject NextCloud integration.
[00:33.000 --> 00:37.480]  Just to get the first things of the most important messages out right now, I assume that here
[00:37.480 --> 00:42.160]  are more core developers of open source software, collaboration software, and also product measures
[00:42.160 --> 00:43.640]  here in the room.
[00:43.640 --> 00:49.960]  For you, please take home this message, prioritize integrations on your roadmap.
[00:49.960 --> 00:56.040]  Right now is a great moment where the public sector, not only the public sector, but many
[00:56.040 --> 01:04.520]  people ask for integrations that we integrate our open source software together to provide
[01:04.520 --> 01:11.560]  an alternative to the Office 365, to the Google Cloud, to Google applications, and so on.
[01:11.560 --> 01:18.520]  Right now, people ask us that we join together forces, so together that we are stronger and
[01:18.520 --> 01:23.600]  become stronger in each single application so that we provide an alternative to the
[01:23.600 --> 01:24.600]  big tags.
[01:24.600 --> 01:28.520]  Okay, so integrations are really important.
[01:28.520 --> 01:33.520]  And with that, every single application, if we integrate, every single application doesn't
[01:33.520 --> 01:39.320]  need to do what the other application does, so we can focus on our own stuff and get better
[01:39.320 --> 01:47.400]  in our own silo, on our own puzzle piece of the big picture.
[01:47.400 --> 01:53.400]  Another bad news, building integrations is unnecessarily hard.
[01:53.400 --> 01:59.040]  The good news is, you always encounter the same problems again and again.
[01:59.040 --> 02:04.720]  So that's kind of predictable what is going to fail when you do an integration.
[02:04.720 --> 02:10.240]  So my call out here is, please drink your own champagne and participate as core developers
[02:10.240 --> 02:15.720]  in the integration projects that integrate into your system, because then you see the
[02:15.720 --> 02:19.880]  issues that people face when integrating.
[02:19.880 --> 02:21.800]  Because integrations are amazing, right?
[02:21.800 --> 02:26.120]  Just imagine what the web would be without a link or a browser would be without extension
[02:26.120 --> 02:28.240]  or a mobile phone without application.
[02:28.240 --> 02:30.160]  It would be boring, right?
[02:30.160 --> 02:36.200]  And it's just unpredictable what integrations come out if you just let people do.
[02:36.200 --> 02:37.960]  And people have great ideas.
[02:37.960 --> 02:44.640]  So the one example of such a great idea was the public sector, the city of Cologne and
[02:44.640 --> 02:51.440]  the University of Duisburg-Essen approached us with the idea of, hey, you had open project,
[02:51.440 --> 02:57.160]  we like you really, really much for organizing work, organizing tasks, organizing our teams.
[02:57.160 --> 03:03.400]  And we also use NextCloud for organizing our files to share the files with our people.
[03:03.400 --> 03:08.520]  And we always can find the same problem again and again, where are the files for our tasks?
[03:08.520 --> 03:10.640]  So when you do some work, you do a real job.
[03:10.640 --> 03:15.160]  You usually need some files as input to work on the task.
[03:15.160 --> 03:20.120]  And then at the end, you need to deliver some files and put them somewhere, and you need
[03:20.120 --> 03:22.920]  to communicate someone where the files are.
[03:22.920 --> 03:29.280]  So why not tracking that at the same entity, which is the ticket, we call it a work package,
[03:29.280 --> 03:34.320]  and solve that problem and have some real integrity between the two systems, like work
[03:34.320 --> 03:40.160]  package and real ID linking to the files in NextCloud.
[03:40.160 --> 03:44.240]  So for the last year, roughly eight people were working on this deep integration, a lot
[03:44.240 --> 03:46.640]  of people, because it's pretty hard.
[03:46.640 --> 03:54.440]  But anyway, so what we got is what you can see here is like an open project with a work
[03:54.440 --> 03:55.440]  package.
[03:55.440 --> 04:00.080]  And you can see there's some tasks, like second fermentation dough, you want to do this, you
[04:00.080 --> 04:02.040]  want to have a nice pizza.
[04:02.040 --> 04:07.680]  And on the right hand side, you have the files tab, where you see all the files that are
[04:07.680 --> 04:08.680]  related.
[04:08.680 --> 04:12.280]  And now it's not only that you have attachments, which were there already not open project
[04:12.280 --> 04:13.280]  before.
[04:13.280 --> 04:20.040]  You can also add multiple NextCloud instances to your open project and say, OK, these files
[04:20.040 --> 04:24.880]  should be stored here, with that contributor, these files should be stored there with this
[04:24.880 --> 04:28.880]  client, with this subcontractor.
[04:28.880 --> 04:33.760]  So you can have multiple NextCloud instances connected to OpenProject.
[04:33.760 --> 04:42.280]  And you will always see which files are relevant for finishing a task and where you should
[04:42.280 --> 04:44.080]  put the files when you're ready and done.
[04:44.080 --> 04:48.600]  And you hand over the task to the next one, the next design, let's say, and you follow
[04:48.600 --> 04:53.600]  a workflow process with an open project.
[04:53.600 --> 04:58.960]  And on the other side, or NextCloud, when you're on a file or you're on a folder, you
[04:58.960 --> 05:04.480]  can see where these files or folders are relevant and which tasks, which business processes
[05:04.480 --> 05:05.480]  they come up.
[05:05.480 --> 05:09.320]  So you can see here on the right hand side, we have this OpenProject tab.
[05:09.320 --> 05:16.440]  They can see, OK, this file is relevant in two places and two work packages.
[05:16.440 --> 05:22.120]  You can quickly see what status they are in so that the problem of where the files for
[05:22.120 --> 05:27.360]  my task are finally solved.
[05:27.360 --> 05:32.560]  Now I want to get a little bit deeper into the architecture of that thing because we
[05:32.560 --> 05:37.200]  want to talk about problems that come with integrations.
[05:37.200 --> 05:40.320]  So it's a very, very high-level architecture picture.
[05:40.320 --> 05:44.520]  As you can see, there's an OpenProject server, there's an NextCloud server, there's an OpenProject
[05:44.520 --> 05:48.720]  front-end that runs in the browser and the same browser that runs the NextCloud front-end,
[05:48.720 --> 05:50.960]  same different browser windows.
[05:50.960 --> 05:56.280]  And for this integration, we extended the OpenProject core so it's not a plugin, it's
[05:56.280 --> 06:00.200]  right in the OpenProject core, which extends the OpenProject front-end.
[06:00.200 --> 06:06.800]  And on the NextCloud side, we put everything into a NextCloud app, which is basically a
[06:06.800 --> 06:14.160]  bundle of code that you execute within NextCloud, or you could call it a plugin or extension.
[06:14.160 --> 06:20.120]  So that plugin extends the NextCloud server and also the NextCloud front-end.
[06:20.120 --> 06:25.560]  What we chose for the communication between the two systems is that we want that every
[06:25.560 --> 06:29.840]  user, because users have permissions on the one system and users have permissions on the
[06:29.840 --> 06:34.800]  other system, we wanted to make sure that these things match up, OK, so that an OpenProject
[06:34.800 --> 06:41.520]  user that is looking for a file can only see files, can only select files to link them
[06:41.520 --> 06:45.320]  that he or she has access to.
[06:45.320 --> 06:49.920]  But on the same time, we wanted to make sure that all linked files are visible to all users
[06:49.920 --> 06:53.640]  because someone says, like, this is the relevant file, maybe you don't have access, but you
[06:53.640 --> 06:55.080]  should know that these files exist.
[06:55.080 --> 07:02.040]  So we have these references by file ID from OpenProject to NextCloud.
[07:02.040 --> 07:06.000]  And the other way around, of course, as well, when you're in NextCloud and you saw these
[07:06.000 --> 07:11.360]  files linked, the work packages linked, you also should only link those work packages
[07:11.360 --> 07:12.800]  that you have access to.
[07:12.800 --> 07:17.480]  So work packages are organized in projects, you're a member of a project or not, so depending
[07:17.480 --> 07:18.960]  on this, you have access or not.
[07:18.960 --> 07:21.640]  So we need to have some one-on-one matching between the users.
[07:21.640 --> 07:25.800]  So we use OAuth for this one-on-one matching.
[07:25.800 --> 07:30.400]  So users are always authenticated and don't need to re-authenticate every time they log
[07:30.400 --> 07:31.400]  in.
[07:31.400 --> 07:34.200]  OK.
[07:34.200 --> 07:40.200]  But there's one thing on this architecture you can already spot, maybe, that it smells
[07:40.200 --> 07:42.080]  like trouble.
[07:42.080 --> 07:47.440]  That is the arrow in the middle that goes from the OpenProject front directly to NextCloud
[07:47.440 --> 07:52.800]  because that is a request, a cross-site request, in the browser between two domains.
[07:52.800 --> 07:54.280]  And here's where trouble starts.
[07:54.280 --> 07:57.960]  We'll come to this later.
[07:57.960 --> 08:02.560]  So clipping.
[08:02.560 --> 08:06.800]  So yeah, from this work, I just want to come up with a couple of things that lessons learned
[08:06.800 --> 08:11.600]  and I would just point them out for you to think and digest a little bit what it means
[08:11.600 --> 08:14.240]  to your project.
[08:14.240 --> 08:19.920]  So of course, OK, if you want to have integrations, of course, provide an API, that's obvious.
[08:19.920 --> 08:22.280]  NextCloud and OpenProject does that pretty well, I think.
[08:22.280 --> 08:25.400]  We have docs and examples.
[08:25.400 --> 08:28.600]  But then the tiny things start, like, OK, you have an API.
[08:28.600 --> 08:30.440]  You think it's cool and safe.
[08:30.440 --> 08:38.400]  But in the example of this direct access that I set on the architecture image, this is about
[08:38.400 --> 08:41.320]  direct file upload and downloads.
[08:41.320 --> 08:45.640]  So this is something that is kind of obvious, that you don't want to send the data through
[08:45.640 --> 08:50.720]  the OpenProject server, like, let's say if you want to go buy a movie, and then to NextCloud,
[08:50.720 --> 08:57.720]  you want to upload this directly or download this directly to the OpenProject front-end.
[08:57.720 --> 09:08.320]  So it turns out the API that NextCloud provides for this thing is working-ish, but not, you
[09:08.320 --> 09:13.520]  know, in a way that it did not work, OK?
[09:13.520 --> 09:19.320]  It didn't work, but it was really unfortunate because they had everything in place, but
[09:19.320 --> 09:25.840]  I bet they never had the scenario in their own company to use that in a cross-site domain
[09:25.840 --> 09:26.840]  environment.
[09:26.840 --> 09:35.360]  And so they didn't come across, like, twice a course problems, you know, your course security
[09:35.360 --> 09:41.520]  on the browser that prevents you to do stuff that you shouldn't do in the browsers, like,
[09:41.520 --> 09:43.920]  browser security features.
[09:43.920 --> 09:48.600]  And if you just have non-browser clients, these things don't show up.
[09:48.600 --> 09:52.200]  If you just have a NextCloud client on your desktop, these things don't show up.
[09:52.200 --> 09:54.040]  They are not browser context.
[09:54.040 --> 09:59.880]  So my lessons learned is here, also for us OpenProject, we are not saving these fields
[09:59.880 --> 10:02.040]  neither.
[10:02.040 --> 10:06.280]  Make sure that if you provide an API, also test it in a browser setting, right, and not
[10:06.280 --> 10:08.200]  just write it and hope it works.
[10:08.200 --> 10:10.080]  You have these course preflights.
[10:10.080 --> 10:16.400]  You need to check if the course preflight itself doesn't fail, right, there can be issues.
[10:16.400 --> 10:17.680]  OK.
[10:17.680 --> 10:22.840]  Another one, a tiny one, but I need to say this, you know, we as OpenProject, we want
[10:22.840 --> 10:23.840]  to link files.
[10:23.840 --> 10:28.480]  And these files we don't reference by path because the path is different for every user
[10:28.480 --> 10:30.320]  or can be different for every user.
[10:30.320 --> 10:34.120]  Because if you get a file shared with you and you save it in your NextCloud with a different
[10:34.120 --> 10:38.080]  file name, the path is completely different and it doesn't work for the other user.
[10:38.080 --> 10:41.840]  They say, another user, there's an OpenProject project.
[10:41.840 --> 10:44.360]  So we need to reference the file.
[10:44.360 --> 10:52.080]  But there's no API for getting files, thanks, for getting files by ID, especially not if
[10:52.080 --> 10:58.120]  you want to know what is the original file name that the owner of the file gave to the
[10:58.120 --> 11:04.560]  file or if you want to know if the file was already deleted, if it was trashed, it was
[11:04.560 --> 11:07.120]  in the trash bin.
[11:07.120 --> 11:11.520]  Information like this, we want to ask them frequently in order to update our knowledge
[11:11.520 --> 11:13.800]  about the file on OpenProject.
[11:13.800 --> 11:14.800]  It wasn't there.
[11:14.800 --> 11:16.920]  Probably never needed on the NextCloud side.
[11:16.920 --> 11:17.920]  So that's cool.
[11:17.920 --> 11:18.920]  They don't need it.
[11:18.920 --> 11:20.160]  But, yeah, kind of obvious.
[11:20.160 --> 11:26.480]  There's main objects of NextCloud and we need them, we need the information.
[11:26.480 --> 11:31.440]  And, yeah, this problem became visible here.
[11:31.440 --> 11:38.760]  If you want to build, allow, if you want to allow integrations into your system while
[11:38.760 --> 11:41.640]  creating a plug-in interface is a great idea.
[11:41.640 --> 11:43.760]  OpenProject has a plug-in interface.
[11:43.760 --> 11:47.000]  You can extend OpenProject code as you like.
[11:47.000 --> 11:50.600]  You need to be with server admin in order to make it run.
[11:50.600 --> 11:52.680]  NextCloud is much ahead in that sense.
[11:52.680 --> 11:53.680]  They have the app store.
[11:53.680 --> 11:58.960]  You just can click from a catalog and as a, not as a server administrator, but as an
[11:58.960 --> 12:03.440]  application administrator who doesn't like to talk to server administrators.
[12:03.440 --> 12:09.600]  You can simply download, download, install extensions to NextCloud.
[12:09.600 --> 12:13.040]  It's in the core of NextCloud and that's really, really cool.
[12:13.040 --> 12:14.040]  It's amazing.
[12:14.040 --> 12:16.040]  And I'm jealous I would love to have this OpenProject.
[12:16.040 --> 12:17.040]  Yeah.
[12:17.040 --> 12:20.040]  What about the source, you know, you have four of them.
[12:20.040 --> 12:21.040]  It's all PHP, you know.
[12:21.040 --> 12:22.040]  Actually, no.
[12:22.040 --> 12:24.040]  The app store, I think, is Ruby.
[12:24.040 --> 12:25.040]  Is it?
[12:25.040 --> 12:26.040]  Yeah.
[12:26.040 --> 12:27.040]  Okay.
[12:27.040 --> 12:28.040]  Tomorrow it's done.
[12:28.040 --> 12:29.040]  No.
[12:29.040 --> 12:30.040]  It could also be Python.
[12:30.040 --> 12:31.040]  I just know something.
[12:31.040 --> 12:32.040]  Okay.
[12:32.040 --> 12:33.040]  Okay.
[12:33.040 --> 12:34.040]  Thank you.
[12:34.040 --> 12:37.040]  I don't know how much you care about whether it's either of these.
[12:37.040 --> 12:38.040]  Okay.
[12:38.040 --> 12:45.920]  So you have this plug-in interface built in your application and that the typical things
[12:45.920 --> 12:53.600]  that every person that is implementing this interface comes across.
[12:53.600 --> 12:59.880]  For example, if you want to have cross-site fetching, cross-site calls, you need to allow
[12:59.880 --> 13:08.200]  in that application, extend the content security policy for cross-site requests.
[13:08.200 --> 13:12.760]  There's something, for example, that we discovered that OpenProject did not allow or make easy
[13:12.760 --> 13:14.320]  in the first place.
[13:14.320 --> 13:15.600]  So we had to extend that.
[13:15.600 --> 13:17.080]  It's a typical one.
[13:17.080 --> 13:20.560]  It only, you know, in the theory everything is working and then you run it in your browser
[13:20.560 --> 13:26.600]  and in the very last moment of implementing all the features, you see it's not working
[13:26.600 --> 13:30.040]  because of content security policy.
[13:30.040 --> 13:31.040]  Okay.
[13:31.040 --> 13:32.040]  This is a nice one.
[13:32.040 --> 13:36.480]  So when you're like an application administrator in OpenProject and you're also an application
[13:36.480 --> 13:40.840]  administrator in NextCloud and you want to set up the connection, the integration, the
[13:40.840 --> 13:45.120]  first thing that you do is you put in the URL of the other system, right?
[13:45.120 --> 13:50.800]  And you want to know if you put, or you should get some feedback if the, actually, if the
[13:50.800 --> 13:51.800]  URL is valid.
[13:51.800 --> 13:56.280]  Let's say you're next, you want to know that OpenProject is actually responding.
[13:56.280 --> 14:00.360]  OpenProject is responding in the necessary version.
[14:00.360 --> 14:01.880]  We don't have that.
[14:01.880 --> 14:04.320]  We don't expose that information.
[14:04.320 --> 14:09.200]  You want to know if the setup is complete.
[14:09.200 --> 14:10.400]  There's more about the other way.
[14:10.400 --> 14:14.920]  Like, let's say from OpenProject you want to connect to NextCloud.
[14:14.920 --> 14:19.320]  Of course, we also want to know if our extension is installed.
[14:19.320 --> 14:25.320]  So it would be great if you have an API endpoint that gives you information and saying, nah,
[14:25.320 --> 14:28.840]  it's not installed, so the validation of the URL is failing.
[14:28.840 --> 14:33.800]  There's something that is very, very useful for the administrators to get a relevant
[14:33.800 --> 14:36.640]  feedback for why things is not working.
[14:36.640 --> 14:39.760]  Because if you just put in a URL, you don't have any idea why it's not working.
[14:39.760 --> 14:41.000]  You need to get feedback.
[14:41.000 --> 14:46.360]  And this is something I think every core developer should think of as providing as a super nice
[14:46.360 --> 14:50.160]  candy for developers.
[14:50.160 --> 14:54.640]  Another one that is, that's a topic.
[14:54.640 --> 14:56.520]  So we're working a lot with OAuth.
[14:56.520 --> 15:02.920]  And setting up OAuth, I don't know if you know what, it has basically a lot of features
[15:02.920 --> 15:07.720]  like a secret, an ID, it has the redirect URL, and so on and so on.
[15:07.720 --> 15:12.880]  And if you are a host or a tester, you would like to script that stuff.
[15:12.880 --> 15:17.160]  So you would like to have an API to set this stuff up.
[15:17.160 --> 15:21.440]  And it's great if you provide an API for setting up OAuth.
[15:21.440 --> 15:26.800]  Also, if you have an API, you can do stuff like having one button and some setting and
[15:26.800 --> 15:30.480]  say, disconnect the integration all over the place.
[15:30.480 --> 15:31.480]  Delete it.
[15:31.480 --> 15:32.480]  I want to start again.
[15:32.480 --> 15:33.480]  I screwed up.
[15:33.480 --> 15:36.480]  I don't know what is going on.
[15:36.480 --> 15:41.720]  I screwed up.
[15:41.720 --> 15:47.920]  So for this, you need an API so that you can do this.
[15:47.920 --> 15:53.360]  And if you had actually deleted an OAuth connection, then please also make sure that the tokens
[15:53.360 --> 15:54.860]  are deleted.
[15:54.860 --> 16:00.680]  So that was something that we discovered with NextCloud, that the tokens were still around
[16:00.680 --> 16:02.720]  for quite some time.
[16:02.720 --> 16:11.480]  And the good thing is it came up and we could provide tickets and this thing could get solved.
[16:11.480 --> 16:14.840]  That's also another one, nice one.
[16:14.840 --> 16:21.080]  Just imagine you do the OAuth connection, so there's one user in NextCloud and connects
[16:21.080 --> 16:26.720]  as the user in an open project and that user happens to be admin in an open project.
[16:26.720 --> 16:31.240]  Suddenly the access as an admin comes to NextCloud.
[16:31.240 --> 16:32.240]  So there's a lot of powers.
[16:32.240 --> 16:33.240]  You can create projects.
[16:33.240 --> 16:35.240]  You can delete users.
[16:35.240 --> 16:38.640]  And maybe for the integration, that is not needed and vice versa.
[16:38.640 --> 16:43.760]  The open project might not need complete administrator rights on NextCloud.
[16:43.760 --> 16:54.280]  So it's like opening the surface for attacks or the opening for problems to vulnerabilities
[16:54.280 --> 16:55.280]  by a lot.
[16:55.280 --> 17:02.560]  And I think open project and NextCloud, we could do better in having scoped OAuth access
[17:02.560 --> 17:09.120]  control so that you don't allow creating or deleting projects or that you don't allow
[17:09.120 --> 17:11.240]  deleting users and so on.
[17:11.240 --> 17:16.760]  So limiting just for the user scope actions.
[17:16.760 --> 17:20.720]  We can do better, we'll come.
[17:20.720 --> 17:25.400]  Also what is nice, what I really enjoyed about working with NextCloud is that they provide
[17:25.400 --> 17:26.400]  a design system.
[17:26.400 --> 17:32.600]  They have frontend components that allowed us to have more consistent UI that look and
[17:32.600 --> 17:38.480]  feel like the NextCloud and also increase the development speed for us.
[17:38.480 --> 17:41.600]  At OpenProject, we also are working on a design system and UI components.
[17:41.600 --> 17:46.720]  So if you want to have a talk, listen to a talk about this, Parimal, where are you tomorrow?
[17:46.720 --> 17:47.720]  Same time?
[17:47.720 --> 17:48.720]  Yeah.
[17:48.720 --> 17:49.720]  Okay.
[17:49.720 --> 17:50.720]  Have fun.
[17:50.720 --> 17:51.720]  Yeah.
[17:51.720 --> 18:02.680]  Then also what is really handy for developers that develop integrations for your system
[18:02.680 --> 18:11.520]  is if you have containerized development environments already at hand, so it's easier
[18:11.520 --> 18:16.960]  to check out your code with the latest supported versions.
[18:16.960 --> 18:20.360]  For example, NextCloud has some multiple versions you need to support, you need to check, you
[18:20.360 --> 18:22.280]  want to find out if it's still working.
[18:22.280 --> 18:26.480]  And of course, the current main branch to see what is actually changing in the main
[18:26.480 --> 18:31.920]  branch is my code still live or it's already dying.
[18:31.920 --> 18:36.480]  So it's really nice to have, for example, Docker compose files that help you setting
[18:36.480 --> 18:43.760]  up and lower the barrier to get started in developing an integration for your application.
[18:43.760 --> 18:45.760]  Yeah.
[18:45.760 --> 18:53.320]  Also as a bonus on this, if you can provide examples how to set up your CI quickly so
[18:53.320 --> 18:58.520]  that you don't need to fiddle around with that, if you just have good standard practices,
[18:58.520 --> 19:05.200]  how to have CI running with that core image and with the plug-in, it would be also very,
[19:05.200 --> 19:08.280]  very handy for developers to have.
[19:08.280 --> 19:17.920]  I think we could sneak into other integrations and we could see how they did it in NextCloud.
[19:17.920 --> 19:24.640]  So it wasn't such a big trouble, but if you have a good example, that is really, really
[19:24.640 --> 19:25.640]  helpful.
[19:25.640 --> 19:33.920]  So with all these small spots of lessons learned that we have had in the last year, I just
[19:33.920 --> 19:41.160]  want to send you home, let it sink in, and just remember, integrated, we're stronger.
[19:41.160 --> 19:42.160]  Thank you.
[19:42.160 --> 19:56.400]  Thank you, we have six minutes for questions.
[19:56.400 --> 20:22.160]  So the question is why we need to deal with multiple NextCloud versions.
[20:22.160 --> 20:30.800]  I think NextCloud has multiple versions in production, like supported, so it's like I
[20:30.800 --> 20:39.960]  think 23, 24, 25, maybe 22 still, I'm not sure, and they have different code, but we
[20:39.960 --> 20:47.040]  just provide one, currently, we just provide one piece of code that is the NextCloud app,
[20:47.040 --> 20:50.800]  our NextCloud app, and we don't want to provide three different ones.
[20:50.800 --> 20:56.760]  So we want to make sure that in that app, all versions are supported.
[20:56.760 --> 20:57.760]  It's different for OpenProject.
[20:57.760 --> 21:01.880]  OpenProject always has just one running, one up-to-date version, so you'd always need
[21:01.880 --> 21:07.600]  to update to the latest version unless you want to get into trouble.
[21:07.600 --> 21:13.840]  So this is why you need multiple versions.
[21:13.840 --> 21:14.840]  More questions?
[21:14.840 --> 21:15.840]  Okay.
[21:15.840 --> 21:16.840]  Thank you.
[21:16.840 --> 21:17.840]  Ah, Ben.
[21:17.840 --> 21:29.280]  I want to add on to this that I think declarative configuration is always better than scripting,
[21:29.280 --> 21:36.760]  so if you can, if it's possible, the application, for example, provides OAuth configuration statically
[21:36.760 --> 21:41.360]  instead of via the script, I think that's always better because it allows you to basically
[21:41.360 --> 21:48.360]  do status-deploy all your applications, including the whole OAuth context.
[21:48.360 --> 21:56.800]  Yeah, so the comment was just, if you can provide it as a, let's say, a YAML file or
[21:56.800 --> 22:00.960]  something like this, a declaration, it's better than to have an API.
[22:00.960 --> 22:06.280]  I'm not so sure about OAuth in that moment because then you would need to have a center
[22:06.280 --> 22:09.720]  when you set up both systems at the same time, you wouldn't need to have a center that decides
[22:09.720 --> 22:17.000]  on the OAuth client ID and client secret and make it configurable from a center.
[22:17.000 --> 22:25.760]  Yeah, if these IDs and secrets there get actually generated by the applications itself because
[22:25.760 --> 22:29.240]  they get updated and maybe your center is not getting updated, maybe you create just
[22:29.240 --> 22:31.000]  a vulnerability here, right?
[22:31.000 --> 22:36.280]  So we were discussing this forth and back, but we believe that, you know, next time an
[22:36.280 --> 22:41.720]  OAuth project that continuously update and maybe some central distribution software might
[22:41.720 --> 22:46.000]  not get touched in three years and then it's outdated in the algorithm, so it's not secure
[22:46.000 --> 22:47.000]  anymore or whatever.
[22:47.000 --> 22:48.000]  Yeah.
[22:48.000 --> 22:57.000]  So, Trey, yeah, I'm not sure maybe you talked about it or I probably was not listening.
[22:57.000 --> 23:01.000]  I think you mentioned files as an example for the actual what is integrated between
[23:01.000 --> 23:02.000]  both systems.
[23:02.000 --> 23:06.920]  Was the scope broader than that or was it primarily set and was that any discussion
[23:06.920 --> 23:11.520]  because there were multiple things that could be integrated in the sense, right?
[23:11.520 --> 23:17.440]  Yeah, I mean, this integration basically focuses on files and folders, right?
[23:17.440 --> 23:23.000]  Because you want to, it's about integrating digital assets into work packages, right?
[23:23.000 --> 23:24.960]  So you have these links.
[23:24.960 --> 23:27.960]  So that's the example I chose.
[23:27.960 --> 23:33.400]  It would be interesting to have some standards also for API standards.
[23:33.400 --> 23:34.400]  Why not?
[23:34.400 --> 23:36.960]  Let's say every system has users.
[23:36.960 --> 23:40.240]  Why does a user need to be represented different in every system?
[23:40.240 --> 23:44.520]  Why can't we have a standard on that or the avatar or, you know, it's like there's stuff
[23:44.520 --> 23:45.520]  of permissions.
[23:45.520 --> 23:50.240]  Why can't we have permission standard somehow for all open source vendors?
[23:50.240 --> 23:51.240]  I don't know.
[23:51.240 --> 23:56.880]  Let's think about it, but I didn't see a reason why it needs to be so different.
[23:56.880 --> 24:00.160]  Users have been around for so long.
[24:00.160 --> 24:01.160]  Yeah.
[24:01.160 --> 24:02.160]  More questions?
[24:02.160 --> 24:03.160]  How do you mind?
[24:03.160 --> 24:04.160]  No one asked the technical question.
[24:04.160 --> 24:05.160]  There was a lovely portion of pizza.
[24:05.160 --> 24:06.160]  Did you make that yourself?
[24:06.160 --> 24:07.160]  Yes, that's my pizza.
[24:07.160 --> 24:08.160]  Oh, lovely pizza.
[24:08.160 --> 24:09.160]  Pizza Napolitana.
[24:09.160 --> 24:10.160]  Milan style.
[24:10.160 --> 24:11.160]  Okay.
[24:11.160 --> 24:12.160]  Thank you very much.
[24:12.160 --> 24:13.160]  Thank you.
[24:13.160 --> 24:14.160]  Thank you.
[24:14.160 --> 24:15.160]  Thank you.
[24:15.160 --> 24:16.160]  Thank you.
[24:16.160 --> 24:17.160]  Thank you.
[24:17.160 --> 24:18.160]  Thank you.
[24:18.160 --> 24:19.160]  Thank you.
[24:19.160 --> 24:20.160]  Thank you.
[24:20.160 --> 24:21.160]  Thank you.
[24:21.160 --> 24:22.160]  Thank you.
[24:22.160 --> 24:23.160]  Thank you.
[24:23.160 --> 24:24.160]  Thank you.
[24:24.160 --> 24:25.160]  Thank you.
[24:25.160 --> 24:26.160]  Thank you.
[24:26.160 --> 24:27.160]  Thank you.
[24:27.160 --> 24:28.160]  Thanks.
[24:28.160 --> 24:29.160]  Thank you.
[24:29.160 --> 24:30.160]  Thank you.
[24:30.160 --> 24:31.160]  Thank you.
[24:31.160 --> 24:32.160]  Bye.
[24:32.160 --> 24:33.160]  Bye bye.
[24:33.160 --> 24:34.160]  Bye bye.
[24:34.160 --> 24:35.160]  Bye bye.
[24:35.160 --> 24:36.160]  Bye bye.
[24:36.160 --> 24:37.160]  Bye by with two.
[24:37.160 --> 24:38.160]  Bye bye.