| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* Favicon hash proxy
Content provided through a proxy may be completely different, so the feed hash must account for that
* Fix typing
* Hash of Web site in priority for favicons
* Continue
* Revert some minor changes
|
|
Regression from https://github.com/FreshRSS/FreshRSS/pull/4374
fix: https://github.com/FreshRSS/FreshRSS/issues/7514
https://github.com/FreshRSS/simplepie/pull/35
Upstream PR: https://github.com/simplepie/simplepie/pull/914
|
|
|
|
* Update Polish translation
* corrections
* make fix-all
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Sanitize buttons with a form or formaction attribute.
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/7498
Regression from https://github.com/FreshRSS/FreshRSS/pull/7495
|
|
|
|
* Secure serving of user files from extensions
fix https://github.com/FreshRSS/FreshRSS/issues/4930
* More fixes
* Typo
|
|
Prevent using `Remote-User`, `X-WebAuth-User` during Web scraping.
|
|
We do not sanitize this attribute well enough, so striped for now.
It is rarely used: I have not seen any use of it in any of my many test feeds.
Can be added back when we can handle its inherent security issues better.
|
|
* Use HTTP POST for logout
To avoid potential CSRF risks
* Fixed button font issue
* Minor whitespace
|
|
So you can see keyboard focus.
In reply to <https://github.com/FreshRSS/FreshRSS/pull/7489#issuecomment-2774759046>.
|
|
fix of https://github.com/FreshRSS/FreshRSS/pull/7489#discussion_r2023760515
Regression #7314
|
|
New check for Boolean in while conditions
Replace https://github.com/FreshRSS/FreshRSS/pull/7481
|
|
Bumps [sass](https://github.com/sass/dart-sass) from 1.85.1 to 1.86.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.85.1...1.86.1)
---
updated-dependencies:
- dependency-name: sass
dependency-version: 1.86.1
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the stylelint group with 1 update: [stylelint](https://github.com/stylelint/stylelint).
Updates `stylelint` from 16.16.0 to 16.17.0
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/16.16.0...16.17.0)
---
updated-dependencies:
- dependency-name: stylelint
dependency-version: 16.17.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: stylelint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the eslint group with 2 updates: [eslint](https://github.com/eslint/eslint) and [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js).
Updates `eslint` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.22.0...v9.23.0)
Updates `@eslint/js` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.23.0/packages/js)
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 9.23.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: eslint
- dependency-name: "@eslint/js"
dependency-version: 9.23.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: eslint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/2.0.4...2.0.6)
---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
dependency-version: 2.0.6
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [squizlabs/php_codesniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) from 3.11.3 to 3.12.0.
- [Release notes](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases)
- [Changelog](https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.11.3...3.12.0)
---
updated-dependencies:
- dependency-name: squizlabs/php_codesniffer
dependency-version: 3.12.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 2.1.8 to 2.1.11.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/2.1.8...2.1.11)
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-version: 2.1.11
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/peter-evans/dockerhub-description/releases)
- [Commits](https://github.com/peter-evans/dockerhub-description/compare/e98e4d1628a5f3be2be7c231e50981aee98723ae...0505d8b04853a30189aee66f5bb7fd1511bbac71)
---
updated-dependencies:
- dependency-name: peter-evans/dockerhub-description
dependency-version: 4.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* Fix ext.php: Restrict valid paths in ext.php for extensions
Rework https://github.com/FreshRSS/FreshRSS/pull/7474
* Fix wrong variable
|
|
* Update 10_filter.md to provide detailed explanations of the time syntax.
* Update 03_Main_view.md to provide detailed explanations of the time syntax.
* Reworded
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Catch extension exceptions in override
https://github.com/FreshRSS/Extensions/pull/300#issuecomment-2768578464
* Fix error message
|
|
The security risks look higher than the minor convinience
Modify https://github.com/FreshRSS/FreshRSS/pull/1024
|
|
* Restrict valid paths in ext.php for extensions
* Disallow absolute paths as well
|
|
https://github.com/FreshRSS/FreshRSS/pull/6303#issuecomment-2768907702
Was already implemented conditionally
https://github.com/FreshRSS/FreshRSS/pull/1198
|
|
* Referrer-Policy: same-origin
* same-origin for our own images
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Update CREDITS.md
Credit for myself
* Fix
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Improve Turkish Language
* fix
* Update gen.php
* Update app/i18n/tr/gen.php
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
* Update sub.php
* edit
* edit
* make fix-all
* Mark lines as ignored
* Typo
* Update sub.php
---------
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Fix escaping of tag search
fix https://github.com/FreshRSS/FreshRSS/issues/7466
* Minor clarity
|
|
E.g. for the case of SVGs
|
|
https://github.com/dcodeIO/bcrypt.js/releases/tag/v3.0.0
Can be updated to the latest version with:
`curl -L https://unpkg.com/bcryptjs/umd/index.js > p/scripts/vendor/bcrypt.js`
|
|
* Add JavaScript event: freshrss:globalContextLoaded
* Update docs
* Update docs: fix typo
|
|
|
|
* Support multiple JSON fragments in HTML+XPath+JSON mode
fix https://github.com/FreshRSS/FreshRSS/discussions/7352#discussioncomment-12295475
E.g. HTML with one `<script type="application/ld+json">...</script>` per item.
* Better help messages
|
|
* Clarify MINZ usage
MINZ (archived, read-only) is not a dependency
of FreshRSS, which would be very concerning.
Instead, FreshRSS copied MINZ and has evolved
it since then under the same license.
Ref: https://github.com/FreshRSS/FreshRSS/discussions/7425
* Move credits to README
* Delete credits from web UI
* Additional changes
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/6262
Changes proposed in this pull request:
- CSS: the search button was too big/not flexible enough for the height because of the padding
How to test the feature manually:
1. browser configuration: change the default font size from (`16`pt mostly) to `15` or `14`
2. go to subscription management -> `Subscription tools`
3. there should be no scroll bar (because the left hand side navigation is short and the content right hand side is short too)
Side effect: All buttons will be a bit smaller as before (because `px` -> `rem`) It should not be an issue at all
|
|
* Fix CLI flag parsing
fix https://github.com/FreshRSS/FreshRSS/issues/7428
* Fix other places
* Forgotten debugging
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/7435
|
|
* Update 02_Prerequisites.md
Line numbers have varied over time
* Same for fr
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Fixing minor breaking changes
|
|
https://github.com/FreshRSS/simplepie/pull/34
|
|
* Update admin.php
* Update conf.php
|
|
|
|
* settings
* i18n: mark_read_button
* big, small, none
* fix
* Fixes
* make fix-all
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Inspired by [JSONata syntax](https://docs.jsonata.org/expressions).
fix https://github.com/FreshRSS/FreshRSS/issues/6565
|
|
* Update .htaccess
Add check for Apache mod_filter to ensure "AddOutputFilterByType" works.
* Explicit enabling mod_filter in our Docker images
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
|
Alexandre Alapetite
Inverle
Frans de Jonge
maTh
dependabot[bot]
22cs
ππΌπΉπΆ
hkcomori
Glyn Normington
docxml
Machou
Dezponia
