| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
* Add an email field to the profile page
I reuse the `mail_login` from the configuration. I'm not sure if it's
useful today (I would say it was used when Persona login was available).
A good improvement would be to rename `mail_login` into `email` so it
would be more intuitive to use.
* Add boolean to the conf to force email validation
This commit only adds a configuration item.
* Add email during registration if email must be validated
* Set email token to validate when email changes
* Block access to FreshRSS if email is not validated
* Send email when address is changed
* Allow to resend the validation email
* Allow the user to change its email while blocked
* Document the email validation feature
* fixup! Allow the user to change its email while blocked
* tec: Autoload PHPMailer lib
* Validate email address format
* Add feedback on validation email resend action
* Allow to logout when user is blocked
* fix: Change default email "from"
* Reorganize i18n keys
* Complete all the locales with default english
* Hide sidebar (profile page) if email is not validated
* Check email requirements on registration
* Allow admin to specify email when creating users
* Don't check email format if value is empty
* Remove trailing comma in userController
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Set PHPMailer validator to html5 before sending email
* fixup! Remove trailing comma in userController
|
|
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
https://github.com/FreshRSS/FreshRSS/pull/2506#issuecomment-523544684
|
|
* New environment variable to control development mode
Suggestion of new enviromnent variable, as discussed
https://github.com/FreshRSS/FreshRSS/pull/2492#issuecomment-523613920
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Declare ENV in Dockerfile
Tested
|
|
|
|
https://alpinelinux.org/posts/Alpine-3.10.2-released.html
|
|
* Prevent window opener vulnerability with space shortcut
This change fixes a vulnerability introduced by `window.open()` on untrusted sources. It reproduces the effect of `rel="noreferrer"` with JS.
Cross browser solution from: https://stackoverflow.com/a/40593743
## Reproduction
> tested with Firefox 68
1. Add this RSS feed
2. Open the 2nd link "À propos de la faille de sécurité liée à target="_blank" **using the space key shortcut**.
3. Click on the first of three links "http://bookmarks.ecyseo.net"
Current behaviour: the FreshRSS tab changes.
Expected behaviour: no effect on FreshRSS
* Test for popup blockers
|
|
Add a couple of new strings, minor grammar and style improvements, and ignore everything that should be ignored for 100 %.
|
|
Follow-up to <https://github.com/FreshRSS/FreshRSS/pull/2500>. The languages aren't translated, so they don't need to be there.
|
|
|
|
|
|
https://github.com/FreshRSS/FreshRSS/pull/2495#discussion_r315662184
https://php.net/ref.opcache
We need to retest the performances
https://github.com/FreshRSS/FreshRSS/pull/2205
|
|
* Require PHP 5.5+
https://github.com/FreshRSS/FreshRSS/issues/2469#issuecomment-522255093
I think it would be reasonable to require PHP 5.5+ for the core of
FreshRSS after all.
As Frenzie said, WordPress currently requires PHP 5.6.20+, and it is the
most popular PHP application.
We would loose about 20% of the PHP servers according to
https://w3techs.com/technologies/details/pl-php/5/all but I expect this
number to drop fast after the release of CentOS 8 (CentOS accounts for
17% of Linux servers
https://w3techs.com/technologies/details/os-linux/all/all ).
Distributions:
* no impact on Ubuntu, Fedora, Alpine, OpenWRT, FreeBSD, OpenSuze,
Mageia, as all active versions have PHP > 7
* no impact on OpenSuze, Synology, as all active versions have PHP > 5.5
* we drop Debian 8 Jessie (-2020) - we keep supporting Debian 9 Stretch
(2017-06) - current is Debian 10 Buster
* we drop Red Hat 7 (-2024) - we keep supporting RHEL 8 (2019-05)
* we drop CentOS 7 (-2024) - we will support CentOS 8 (to be released
soonish)
When dropping older versions, I can better like when it is for a good
reason, and there is actually one with PHP 5.5, namely generators
(yield) https://php.net/language.generators.overview which I consider
using.
* Version note for JSON.php
* hex2bin
* Update .travis.yml
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
|
|
|
|
* Don't manually pull the base image
* Remove sudo before each docker
cause the user is usually added to the docker group
If not you can read it up here:
https://docs.docker.com/install/linux/linux-postinstall/
* Simplify cd
|
|
* Add Minz_View::_path method (replace change_view)
The `_path` method is more powerful since it allows to choose the file
extension. It is also Minz_Request-agnostic, which is useful to reuse
the Minz_View class in other places.
`change_view` is now deprecated and a warning is logged if we use it.
* Provide a Minz_Mailer to send emails
It uses PHPMailer under the hood and only supports PHP >= 5.5
|
|
* [CI] Run stylelint
Perform some basic CSS sanity checking and style enforcement.
I removed vendor prefixed linear-gradient and transform because those are from the IE9 era. With IE11 as a minimum and soon obsolete requirement it doesn't make much sense anymore.
* Remove as-link override
* Don't require newline after comment
* Also apply those newline rules to SCSS
* refine opening/closing braces, allow for single-line
|
|
Hooks allow to:
- add items in menus
- perform new actions at the end of FreshRSS initialization
|
|
Bug introduced in https://github.com/FreshRSS/FreshRSS/pull/2461
|
|
This feature is particularly useful to display authors underneath scientific articles.
|
|
The `_useLayout` function is marked as deprecated, replaced by a more
powerful `_layout` function.
|
|
The access was checked several times in some actions and had incoherent
behaviours. Also, the `firstAction` condition was a bit tricky to
understand.
This PR duplicates conditions across all the controller actions and
remove the `firstAction` which becomes useless.
|
|
|
|
* Update .htaccess
* Update htaccess for apache2.4
* Update htaccess for apache2.4
* Update htaccess for apache2.4
|
|
The PHP 5.4 and 5.5 archives recently started failing, also see https://travis-ci.community/t/php-5-4-and-5-5-archives-missing/3723
Setting them to use the Trusty images restores their functionality.
|
|
|
|
|
|
FreshRSS 1.14.3
|
|
|
|
See https://github.com/FreshRSS/FreshRSS/pull/2454#discussion_r306174996
|
|
https://github.com/FreshRSS/FreshRSS/pull/2454
https://github.com/FreshRSS/FreshRSS/pull/2455
https://github.com/FreshRSS/FreshRSS/pull/2456
+hadolint remove PIP warning
|
|
Avoid cron sending email in case of success command
|
|
|
|
|
|
|
|
* [CI] Run shellcheck and shfmt
Cf. https://github.com/FreshRSS/FreshRSS/pull/2436#discussion_r305640019
* rename
* no need for disable anymore
* also remove leftover indentation flags even if it makes no difference to syntax checking
* define colors and reset before exit for local use
|
|
Closes #2453
|
|
And adjust slightly the HEALTHCHECK parameters for faster start in
Træfik
|
|
|
|
https://github.com/FreshRSS/FreshRSS/issues/2446
https://github.com/FreshRSS/FreshRSS/pull/2449
https://github.com/FreshRSS/FreshRSS/issues/2381
https://github.com/FreshRSS/FreshRSS/pull/2442
|
|
* Fix user self registration
Fix https://github.com/FreshRSS/FreshRSS/issues/2381
* CSRF for admin
|
|
* Issue #2446 : Fix passing authentication headers. Use CGIPassAuth is version is high enough
* Issue #2446 : Remove CGIPassAuth due to potential issues with AllowOverride rights.
* Tabs
|
|
* Add FreshRSS-Notify in Clients compatibles section
* Add FreshRSS-Notify in Compatible clients section
* Use language-neutral link
https://addons.mozilla.org/firefox/addon/freshrss-notify-webextension/
|
|
Move SQLite as first option in install instead of MySQL. Lower barrier
to entry.
|
|
* Change to fix issues 2251
This is a proposed change to fix issue https://github.com/FreshRSS/FreshRSS/issues/2251
* Remove comments
|
|
* Docker Hub readme
Try to use anothe readme.
And update info for
https://alpinelinux.org/posts/Alpine-3.10.1-released.html
* Test another variant
* /tmp/ did not work
|
|
Workaround strange bug: When building on Docker Hub with QEMU, the
symlinks for the CA certificates are not created properly, although it
is the case when building for ARM locally.
Manually calling `update-ca-certificates -f` fixes the problem.
Note for later: Maybe we should call this update in our entrypoint.sh.
|
|
https://github.com/FreshRSS/FreshRSS/issues/2429
https://github.com/FreshRSS/FreshRSS/pull/2431
https://github.com/FreshRSS/FreshRSS/issues/2437
https://github.com/FreshRSS/FreshRSS/pull/2439
|
Marien Fressinaud
wtoscer
Alexandre Alapetite
ArthurHoaro
Frans de Jonge
Tibor Repček
Sandro
Joris Kinable
koocotte
Gaurav Thakur
Leepic
Nick Cross
Purexo
Uncovery
