Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.18.1 2021-03-26T18:41:33+00:00 2021-03-26T18:41:33+00:00 berumuron dev@marienfressinaud.fr 2021-03-26T18:41:33+00:00 urn:sha1:cc6c529562ef5751133d97e3fec067c0072f215b * Remove file data/do-install.txt This file was painful during update because we had to remember to delete it each time. It added a security issue by allowing an attacker to reinstall FreshRSS during the update process. The (more powerful) file data/applied_migrations.txt has been introduced in 8619cf6fa to replace do-install.txt. We had to wait for at least one release in order to make sure existing instances of FreshRSS created the migration file. It should be ok now. * Replace i18n install.not_deleted key * Update documentation to update FreshRSS 2020-07-08T10:11:55+00:00 Marien Fressinaud dev@marienfressinaud.fr 2020-07-08T10:11:55+00:00 urn:sha1:8619cf6fa65bbd90871e7b7fe29816092a9d6c33 * Add a Minz_Migrator class Until now, we updated the database structure somewhere in the code but it wasn't always consistent and somehow complicated to find. Also, this code was always checked for nothing. The Migrator aims to improve and ease the creation of migrations. It should improve the way we apply the updates, making the update server almost useless. References: - example of migration (before Migrator): https://github.com/FreshRSS/FreshRSS/commit/cc0db9af4f980829faa4bf0960617807b32fb4fa#diff-11a53443fa81512b128c66b065df0679R10 - update server: https://github.com/FreshRSS/update.freshrss.org - PR moving the code of the update server to the core: https://github.com/FreshRSS/FreshRSS/pull/1760 * Automatically apply migrations For now, administrators are used to have nothing to do during an update else than getting the new code. I suggest to keep this behaviour and automatically apply migrations if we detect new ones. Another solution would be to create a CLI command and ask admins to call it after getting the new code. It could hide migrations errors to end users, but admin can forget to apply migrations since there are not used to it. * Add documentation for Minz Migrator * Execute migrations even if next ones are applied * Change mechanism to prevent multiple update at once * Use mkdir to create the lock and to test it exists Reference: https://stackoverflow.com/a/731634 * Append .lock to applied_migrations_path There are no needs to define another file to serve as a lock. * Change migrations naming convention * Apply suggestions from code review Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr> * Perform a low-cost migration versions comparaison * Clarify version numbers concerning the migration system Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2019-11-04T17:24:08+00:00 Marien Fressinaud dev@marienfressinaud.fr 2019-11-04T17:24:08+00:00 urn:sha1:90cb9a2162a5a6c9f4ea2fde6cd4a3df899025e3 This file is used to add default feeds to new users. It was added in 7819a43197d34ef7a6c5626e9e48d7db075c37c9 Problem is that the file is not ignored by Git and risk to be deleted during a git update. 2019-09-17T07:21:23+00:00 Marien Fressinaud dev@marienfressinaud.fr 2019-09-13T15:33:18+00:00 urn:sha1:a2ed6626c2f4e85878f775abcac897a1fd3a1f42 This feature is optional. It is based on the presence of a `data/tos.html` file that an administrator can create. If this file exists, FreshRSS will automatically add a "ToS" checkbox on the registration page that users must check to be able to create their account. 2019-09-16T19:18:42+00:00 Joris Kinable j.kinable@gmail.com 2019-09-16T19:18:42+00:00 urn:sha1:80590daeb3627e5712be15fdc4bd98f0e2c40ea5 * new users inherit defaults from config-user.php * installer creates ./data/config-user.php * fixed typo * .gitignore fix * fixed style issues * Fixed comments * Update according to feedback - rename file into `data/config-user.custom.php` - make it optional (and so, don't copy it during installation) * fixup! Update according to feedback 2019-07-31T11:48:06+00:00 koocotte seb.github@koocotte.org 2019-07-31T11:48:06+00:00 urn:sha1:f5fbc0c7f08efd616a4d24985916d88a846d1723 * Update .htaccess * Update htaccess for apache2.4 * Update htaccess for apache2.4 * Update htaccess for apache2.4 2019-01-02T20:36:33+00:00 Alexandre Alapetite alexandre@alapetite.fr 2019-01-02T20:36:33+00:00 urn:sha1:a6623b7b2fa3f026a0ea30e49b1a221f7a4a8e55 * Apache performance API: Use SetEnvIf if available and fallback to RewriteRule Docker: Disable unused modules. Docker: Hard-include .htaccess to avoid having to scan for changes in that file. Docker: Disable security check of symlinks, which we do not use ayway. * Apache readme * Docker/Apache tuning Run cron job with correct www-data user instead of root Remove PHP GMP module uneeded for 64-bit Docker image Add option to mount custom .htaccess for HTTP authentication Re-add Apache module for HTTP authentication Move Alpine-specific instructions to Docker file (instead of Apache conf) to make it easier to have other base images than Alpine 2018-09-30T16:04:49+00:00 Alexandre Alapetite alexandre@alapetite.fr 2018-09-30T16:04:49+00:00 urn:sha1:83756c657fbfaeb39f51e412521bd5c80df63a19 * git clean before git auto-update To avoid https://github.com/FreshRSS/FreshRSS/issues/2012 in the future * More generic SQLite file filter * Another -f https://git-scm.com/docs/git-clean 2018-06-18T20:56:58+00:00 Marien Fressinaud dev@marienfressinaud.fr 2018-06-18T20:56:58+00:00 urn:sha1:767ac77ee26316b183955c8bfd132df8ff11dfe1 These files must exist for security reasons: they hide contents of their directories if the webserver isn't well configured and redirect to the home page. They were automatically created by `./cli/prepare.php` script so it was annoying to have them in the working tree. Also, the files created by the script were empty. 2018-05-24T19:53:47+00:00 Kevin Papst kevinpapst@users.noreply.github.com 2018-05-24T19:53:47+00:00 urn:sha1:8f1bad60d0b7bd0d0a05bcdcf3c6834e39c0c6eb * added fever api and documentation * spaces to tabs * fixed code format * added links * added utf8 to header * removed XML support * removed before check, as we have to convert it afterwards * added sandboxed setting (currently disabled) added support for extensions using entry_before_display * listFeedsOrderUpdate LIMIT https://github.com/FreshRSS/FreshRSS/pull/1836/files#r175287881 * removed custom sql by using FreshRSS_FeedDAO::listFeedsOrderUpdate() * fixed mark all as read * replaced custom sql for getUnread() and getStarred() with dao functions * removed sanitization functions * Rework fever login * Fix config bug Plus documentation * Fix array syntax For compatibility with PHP 5.3 * Disable cookies and session for API * Fix currentUser * added response header and error log * adjusted phpdoc to match new authentication * Mechanism to delete old keys * replace PHP_INT_MAX with zero to disable limit * replace method_exists with check for explicit methods * removed Press support and smaller refactoring + updated docu * Rewrite bindParamArray Avoid one of the SQL injection risks * Docs and readme * Fix API link * Simplify reverse key check Using userConfig