Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.18.0 2021-01-02T20:20:19+00:00 2021-01-02T20:20:19+00:00 Alexandre Alapetite alexandre@alapetite.fr 2021-01-02T20:20:19+00:00 urn:sha1:9c6682e7edf8cbad828088cbeeef66c7ecefdd9a * Avoid manual intialisations of system or user configuration More consistent use of Context * Simplify FreshRSS_Context::initUser * Remove a few manual get_user_configuration * A bit of debugging * Fix context user init * Fix install * Fix concurrency Concurrent requests could lead to bad race condition * Fix actualize cron Fix case when system i initialised several times 2020-12-28T15:44:32+00:00 Alexis Degrugillier aledeg@users.noreply.github.com 2020-12-28T15:44:32+00:00 urn:sha1:465b40f52d758a959747d4d6d6671cb776784e2c It's a follow-up of what was started in #3297. 2020-12-28T12:09:57+00:00 Alexandre Alapetite alexandre@alapetite.fr 2020-12-28T12:09:57+00:00 urn:sha1:ac0d90c1008bce32c56e49cb642d40391e45e0a5 #fix https://github.com/FreshRSS/FreshRSS/issues/3169#issuecomment-685983797 Supplement https://github.com/FreshRSS/FreshRSS/pull/3170 When we get the long-term login cookie (i.e. when starting a new session), renew it at the same time for the same duration 2020-12-26T22:40:24+00:00 Martin spleefer90@gmail.com 2020-12-26T22:40:24+00:00 urn:sha1:6ecfc01c1f3f37491b184711cb29cd9a839f4a9c * bump default logout from 30 to 365 days * * Change cookie duration to constant * Change cookie duration to three months * use class * use 90 days (otherwise login form says 91.3 days) * change class * also this works now Co-authored-by: Martin Rys <martin@rys.pw> Co-authored-by: Frans de Jonge <fransdejonge@gmail.com> 2020-10-06T21:19:45+00:00 Alexandre Alapetite alexandre@alapetite.fr 2020-10-06T21:19:45+00:00 urn:sha1:0319cc9d234e107109d988f36f2361b25f9f0777 * Minz allow parallel sessions #fix https://github.com/FreshRSS/FreshRSS/issues/3093 * Array optimisation * Array optimisation missing * Reduce direct access to $_SESSION except in install process * Fix session start headers warning * Use cookie only the first time the session is started: `PHP Warning: session_start(): Cannot start session when headers already sent in /var/www/FreshRSS/lib/Minz/Session.php on line 39` * New concept of volatile session for API calls Optimisation: do not use cookies or local storage at all for API calls without a Web session Fix warning: ``` PHP Warning: session_destroy(): Trying to destroy uninitialized session in Unknown on line 0 ``` * Only call Minz_Session::init once in our index It was called twice (once indirectly via FreshRSS->init()) * Whitespace * Mutex for notifications Implement mutex for notifications https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499509809 * Typo * Install script is not ready for using Minz_Session 2020-06-19T21:01:19+00:00 bpatath 62777491+bpatath@users.noreply.github.com 2020-06-19T21:01:19+00:00 urn:sha1:5c9d6a5396eb43739eb1c17540228c20a16f4554 * Add auto-registration when using http_auth * Document HTTP auth auto-registration * Check email variable for HTTP auth auto-registration * Auto-create HTTP users by default * Fix Context init (I will provide in another PR a better fix requiring a bit of global refactoring) * Init language Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2020-04-17T08:56:06+00:00 Alexandre Alapetite alexandre@alapetite.fr 2020-04-17T08:56:06+00:00 urn:sha1:a49db010e4a5e48017d8583c374210242a680ddd * A wrong login must produce HTTP 403 #fix https://github.com/FreshRSS/FreshRSS/issues/2901 https://github.com/FreshRSS/FreshRSS/pull/2794/files#r389319248 * Just for consistency 2020-01-16T13:25:51+00:00 Marien Fressinaud dev@marienfressinaud.fr 2020-01-16T13:25:51+00:00 urn:sha1:d7ac234036a10f575a902af6fc63bb890f85c7b1 The `FreshRSS_Auth::hasAccess` method is called during auth initialization (`app/FreshRSS.php:78`), only for `user#create` action. However, at this step, the `user` configuration namespace hasn't be initialized yet, and so users weren't able to register because of the exception... quite critical! 2020-01-06T19:28:04+00:00 Alexis Degrugillier aledeg@users.noreply.github.com 2020-01-06T19:28:04+00:00 urn:sha1:3c099c78537020eae3b6fe060fbe86088e996c83 Now FRSS supports more than one admin. Admins have the same rights as the default user. Admins can promote or demote other users. The default user is considered as an admin even if it does not have the admin flag enabled. See #2096 2019-08-20T12:55:43+00:00 Alexandre Alapetite alexandre@alapetite.fr 2019-08-20T12:55:43+00:00 urn:sha1:fd33d92d413acb5ee48e04d8a78f251e35ef06c5 * Require PHP 5.5+ https://github.com/FreshRSS/FreshRSS/issues/2469#issuecomment-522255093 I think it would be reasonable to require PHP 5.5+ for the core of FreshRSS after all. As Frenzie said, WordPress currently requires PHP 5.6.20+, and it is the most popular PHP application. We would loose about 20% of the PHP servers according to https://w3techs.com/technologies/details/pl-php/5/all but I expect this number to drop fast after the release of CentOS 8 (CentOS accounts for 17% of Linux servers https://w3techs.com/technologies/details/os-linux/all/all ). Distributions: * no impact on Ubuntu, Fedora, Alpine, OpenWRT, FreeBSD, OpenSuze, Mageia, as all active versions have PHP > 7 * no impact on OpenSuze, Synology, as all active versions have PHP > 5.5 * we drop Debian 8 Jessie (-2020) - we keep supporting Debian 9 Stretch (2017-06) - current is Debian 10 Buster * we drop Red Hat 7 (-2024) - we keep supporting RHEL 8 (2019-05) * we drop CentOS 7 (-2024) - we will support CentOS 8 (to be released soonish) When dropping older versions, I can better like when it is for a good reason, and there is actually one with PHP 5.5, namely generators (yield) https://php.net/language.generators.overview which I consider using. * Version note for JSON.php * hex2bin * Update .travis.yml Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>