| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
* Fix file serving for symlinked extensions from ext.php
* Don't resolve symlink when deleting extension
* Minor syntax
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Updates the requirements on [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) to permit the latest version.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v6.9.3...v6.10.0)
---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
dependency-version: 6.10.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Co-authored-by: loviuz <loviuz@mailbox.org>
|
|
Bumps the stylelint group with 2 updates: [stylelint](https://github.com/stylelint/stylelint) and [stylelint-order](https://github.com/hudochenkov/stylelint-order).
Updates `stylelint` from 16.17.0 to 16.19.1
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/16.17.0...16.19.1)
Updates `stylelint-order` from 6.0.4 to 7.0.0
- [Release notes](https://github.com/hudochenkov/stylelint-order/releases)
- [Changelog](https://github.com/hudochenkov/stylelint-order/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hudochenkov/stylelint-order/compare/6.0.4...7.0.0)
---
updated-dependencies:
- dependency-name: stylelint
dependency-version: 16.19.1
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: stylelint
- dependency-name: stylelint-order
dependency-version: 7.0.0
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: stylelint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the eslint group with 2 updates: [eslint](https://github.com/eslint/eslint) and [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js).
Updates `eslint` from 9.23.0 to 9.25.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.23.0...v9.25.1)
Updates `@eslint/js` from 9.23.0 to 9.25.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.25.1/packages/js)
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 9.25.1
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: eslint
- dependency-name: "@eslint/js"
dependency-version: 9.25.1
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: eslint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* Bump phpstan/phpstan from 2.1.11 to 2.1.13
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 2.1.11 to 2.1.13.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/2.1.11...2.1.13)
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-version: 2.1.13
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump phpstan/phpstan from 2.1.11 to 2.1.13
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 2.1.11 to 2.1.13.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/2.1.11...2.1.13)
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-version: 2.1.13
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix PHPStan
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Bumps [squizlabs/php_codesniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) from 3.12.0 to 3.12.2.
- [Release notes](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases)
- [Changelog](https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.12.0...3.12.2)
---
updated-dependencies:
- dependency-name: squizlabs/php_codesniffer
dependency-version: 3.12.2
dependency-type: direct:development
update-type: version-update:semver-patch
...
|
|
Bumps [sass](https://github.com/sass/dart-sass) from 1.86.1 to 1.87.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.86.1...1.87.0)
---
updated-dependencies:
- dependency-name: sass
dependency-version: 1.87.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
|
|
Bumps [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/peter-evans/dockerhub-description/releases)
- [Commits](https://github.com/peter-evans/dockerhub-description/compare/0505d8b04853a30189aee66f5bb7fd1511bbac71...432a30c9e07499fd01da9f8a49f0faf9e0ca5b77)
---
updated-dependencies:
- dependency-name: peter-evans/dockerhub-description
dependency-version: 4.0.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
When using HTTP Auth methods (including OpenID Connect), exactly 1 HTTP header should be received, not more.
|
|
Adding myself to CREDITS.md as requested in PR #7419 comment.
|
|
|
|
* Themes fix CSS .as-link
Add missing rules.
fix https://github.com/FreshRSS/FreshRSS/pull/7489#issuecomment-2781146577
* More fixes
|
|
|
|
|
|
* Favicon hash proxy
Content provided through a proxy may be completely different, so the feed hash must account for that
* Fix typing
* Hash of Web site in priority for favicons
* Continue
* Revert some minor changes
|
|
Regression from https://github.com/FreshRSS/FreshRSS/pull/4374
fix: https://github.com/FreshRSS/FreshRSS/issues/7514
https://github.com/FreshRSS/simplepie/pull/35
Upstream PR: https://github.com/simplepie/simplepie/pull/914
|
|
|
|
* Update Polish translation
* corrections
* make fix-all
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Sanitize buttons with a form or formaction attribute.
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/7498
Regression from https://github.com/FreshRSS/FreshRSS/pull/7495
|
|
|
|
* Secure serving of user files from extensions
fix https://github.com/FreshRSS/FreshRSS/issues/4930
* More fixes
* Typo
|
|
Prevent using `Remote-User`, `X-WebAuth-User` during Web scraping.
|
|
We do not sanitize this attribute well enough, so striped for now.
It is rarely used: I have not seen any use of it in any of my many test feeds.
Can be added back when we can handle its inherent security issues better.
|
|
* Use HTTP POST for logout
To avoid potential CSRF risks
* Fixed button font issue
* Minor whitespace
|
|
So you can see keyboard focus.
In reply to <https://github.com/FreshRSS/FreshRSS/pull/7489#issuecomment-2774759046>.
|
|
fix of https://github.com/FreshRSS/FreshRSS/pull/7489#discussion_r2023760515
Regression #7314
|
|
New check for Boolean in while conditions
Replace https://github.com/FreshRSS/FreshRSS/pull/7481
|
|
Bumps [sass](https://github.com/sass/dart-sass) from 1.85.1 to 1.86.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.85.1...1.86.1)
---
updated-dependencies:
- dependency-name: sass
dependency-version: 1.86.1
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the stylelint group with 1 update: [stylelint](https://github.com/stylelint/stylelint).
Updates `stylelint` from 16.16.0 to 16.17.0
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/16.16.0...16.17.0)
---
updated-dependencies:
- dependency-name: stylelint
dependency-version: 16.17.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: stylelint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the eslint group with 2 updates: [eslint](https://github.com/eslint/eslint) and [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js).
Updates `eslint` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.22.0...v9.23.0)
Updates `@eslint/js` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.23.0/packages/js)
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 9.23.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: eslint
- dependency-name: "@eslint/js"
dependency-version: 9.23.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: eslint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/2.0.4...2.0.6)
---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
dependency-version: 2.0.6
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [squizlabs/php_codesniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) from 3.11.3 to 3.12.0.
- [Release notes](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases)
- [Changelog](https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.11.3...3.12.0)
---
updated-dependencies:
- dependency-name: squizlabs/php_codesniffer
dependency-version: 3.12.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 2.1.8 to 2.1.11.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/2.1.8...2.1.11)
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-version: 2.1.11
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/peter-evans/dockerhub-description/releases)
- [Commits](https://github.com/peter-evans/dockerhub-description/compare/e98e4d1628a5f3be2be7c231e50981aee98723ae...0505d8b04853a30189aee66f5bb7fd1511bbac71)
---
updated-dependencies:
- dependency-name: peter-evans/dockerhub-description
dependency-version: 4.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* Fix ext.php: Restrict valid paths in ext.php for extensions
Rework https://github.com/FreshRSS/FreshRSS/pull/7474
* Fix wrong variable
|
|
* Update 10_filter.md to provide detailed explanations of the time syntax.
* Update 03_Main_view.md to provide detailed explanations of the time syntax.
* Reworded
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Catch extension exceptions in override
https://github.com/FreshRSS/Extensions/pull/300#issuecomment-2768578464
* Fix error message
|
|
The security risks look higher than the minor convinience
Modify https://github.com/FreshRSS/FreshRSS/pull/1024
|
|
* Restrict valid paths in ext.php for extensions
* Disallow absolute paths as well
|
|
https://github.com/FreshRSS/FreshRSS/pull/6303#issuecomment-2768907702
Was already implemented conditionally
https://github.com/FreshRSS/FreshRSS/pull/1198
|
|
* Referrer-Policy: same-origin
* same-origin for our own images
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Update CREDITS.md
Credit for myself
* Fix
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Improve Turkish Language
* fix
* Update gen.php
* Update app/i18n/tr/gen.php
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
* Update sub.php
* edit
* edit
* make fix-all
* Mark lines as ignored
* Typo
* Update sub.php
---------
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Fix escaping of tag search
fix https://github.com/FreshRSS/FreshRSS/issues/7466
* Minor clarity
|
|
E.g. for the case of SVGs
|
|
https://github.com/dcodeIO/bcrypt.js/releases/tag/v3.0.0
Can be updated to the latest version with:
`curl -L https://unpkg.com/bcryptjs/umd/index.js > p/scripts/vendor/bcrypt.js`
|
Alexandre Alapetite
Inverle
dependabot[bot]
FabioL
Dezponia
Frans de Jonge
maTh
22cs
ππΌπΉπΆ
