| Age | Commit message (Collapse) | Author |
|---|
|
CURLOPT_ENCODING (#8376)
* Replace deprecated CURLOPT_ENCODING
The CURLOPT_ENCODING setting has been deprecated in favor of
CURLOPT_ACCEPT_ENCODING.
Signed-off-by: Michael Meier <mmeier1986@gmail.com>
* Sync with our SimplePie fork PR
https://github.com/FreshRSS/simplepie/pull/67
https://github.com/simplepie/simplepie/pull/960
https://github.com/simplepie/simplepie/pull/962
* Our SimplePie PR merged
---------
Signed-off-by: Michael Meier <mmeier1986@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Fix Path Traversal vulnerability in UserDAO methods
* Add tests and changelog for UserDAO path traversal fix
* make fix-all
* Fix PHPStan
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* API: add remote user in Apache logs
fix https://github.com/FreshRSS/FreshRSS/discussions/8385
Example:
```
2026-01-01T18:38:28.645486326Z 0.0.0.0 - alex [01/Jan/2026:19:38:28 +0100] "GET /api/greader.php/reader/api/0/subscription/list?output=json HTTP/1.1" 200 9798 "-" "curl/8.14.1"
```
* Fallback mod_rewrite
* Log remote user with same priority as FreshRSS_http_Util::httpAuthUser()
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8378
|
|
|
|
Bumps [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) from 0.46.0 to 0.47.0.
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.46.0...v0.47.0)
---
updated-dependencies:
- dependency-name: markdownlint-cli
dependency-version: 0.47.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the eslint group with 2 updates in the / directory: [eslint](https://github.com/eslint/eslint) and [globals](https://github.com/sindresorhus/globals).
Updates `eslint` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.39.1...v9.39.2)
Updates `@eslint/js` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js)
Updates `globals` from 16.5.0 to 17.0.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v16.5.0...v17.0.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: eslint
- dependency-name: "@eslint/js"
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: eslint
- dependency-name: globals
dependency-version: 17.0.0
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: eslint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* Bump ruby/setup-ruby from 1.268.0 to 1.278.0
Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.268.0 to 1.278.0.
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/8aeb6ff8030dd539317f8e1769a044873b56ea71...4c24fa5ec04b2e79eb40571b1cee2a0d2b705771)
---
updated-dependencies:
- dependency-name: ruby/setup-ruby
dependency-version: 1.278.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Remove comment with link to release tag
Not worth updating every time dependabot makes a commit
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Inverle <inverle@proton.me>
|
|
Bumps the stylelint group with 1 update: [stylelint-order](https://github.com/hudochenkov/stylelint-order).
Updates `stylelint-order` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/hudochenkov/stylelint-order/releases)
- [Changelog](https://github.com/hudochenkov/stylelint-order/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hudochenkov/stylelint-order/compare/7.0.0...7.0.1)
---
updated-dependencies:
- dependency-name: stylelint-order
dependency-version: 7.0.1
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: stylelint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.10 to 2.0.11.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/2.0.10...2.0.11)
---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
dependency-version: 2.0.11
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* changelog: Add entry for updated .gitignore
Adds an entry for https://github.com/FreshRSS/FreshRSS/pull/8372
* Fix Markdown
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Have the `extensions/.gitignore` ignore all installed extensions so that they don't show up in `git status`
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/8369
Regression from https://github.com/FreshRSS/FreshRSS/pull/8165
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8367
Forgotten from https://github.com/FreshRSS/FreshRSS/pull/8324
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8347
|
|
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8342
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8345
|
|
* Handle fetch of text/plain as <pre>
fix https://github.com/FreshRSS/FreshRSS/issues/8328
* class="text-plain"
|
|
Some [misconfigured instances](https://github.com/FreshRSS/FreshRSS/issues/7835) may be stripping out the CSP header that `f.php` sends, which can be mitigated by forcing the browser to download the image instead of displaying it and executing JS code from unsanitized SVGs for example.
Contributes to https://github.com/FreshRSS/FreshRSS/pull/8263 and https://github.com/FreshRSS/FreshRSS/pull/7924
(improving security when CSP is not present)
|
|
|
|
|
|
Dates should not be expanded/resolved in string serialisations of search expressions, as it otherwise break relative user queries such as `P30D`.
Fix of https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8184
One more ⭐ for synchronisation, which has become better.
✔️ User labels properly implemented https://github.com/jocmp/capyreader/issues/786#issuecomment-3685125608
First client to pass all my criteria since defunct News+.
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/7879
|
|
|
|
Add a distinction between recommended and required extensions.
Add check for recommended php-intl extension as follow-up of https://github.com/FreshRSS/FreshRSS/pull/8329#issuecomment-3677686581
Improve related checks such as ZIP.
Reduce duplicated translations and tests.
|
|
Missed in #8335 because I was testing without having the navigation bar enabled.
<img width="674" height="198" alt="image" src="https://github.com/user-attachments/assets/a1db7f95-f1d9-47e5-a572-20892e6c7abc" />
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/7801
|
|
* More uniform SQL search and PHP search
The behaviour depends though on the database.
Improve https://github.com/FreshRSS/FreshRSS/discussions/8265#discussioncomment-15278980
* Try to use transliterator_transliterate function instead
|
|
https://github.com/FreshRSS/FreshRSS/pull/8330#issuecomment-3667491619
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/8304
Remove the min=1 attribute so negative numbers can be used to force categories to the bottom
|
|
https://php.watch/versions/8.4/Deprecated
And enfore it with PHPUnit + PHPStan.
Especially useful for extensions.
|
|
Rework:
* https://github.com/FreshRSS/FreshRSS/pull/8222
now that we have:
* https://github.com/FreshRSS/FreshRSS/pull/8293
Follow-up of:
* https://github.com/FreshRSS/FreshRSS/pull/8311
* More simplification
* Deprecate getRawInput
|
|
* Handle null in base64_encode
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15269370
* PHPDoc
|
|
https://github.com/FreshRSS/FreshRSS/discussions/8265#discussioncomment-15270212
|
|
|
|
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15261119
|
|
* Bump to API level 4 for Fever; add with_ids so we can mass-change read/unread/saved/unsaved on lists of articles.
As discussed in https://github.com/FreshRSS/FreshRSS/issues/8305
A small enhancement to the Fever API to vastly increase efficiency when bulk marking items.
-
How to test the feature manually:
The client at:
https://sources.vsta.org:7100/FeedMonkey/file?name=js/Fever.js&ci=tip
has code to talk to this API enhancement (when the API level says it's supported). In particular walkArticles().
* Update indentation per PR check on Github
* make fix-all
* Line length
* Fix many typing issues
* is_numeric
* Update comment
---------
Co-authored-by: Andy Valencia <ajv-899-334-8894@vsta.org>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Safer password evaluation
|
|
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8281
todo:
* [x] Include labels (prefix `t_`) too
* [x] Keep sidebar scrollTop when using the nav menu
* [ ] ~~Make this work in the reader view's sidebar too~~ for separate PR
* [x] Prevent whole page from scrolling on `scrollIntoView()` call, just scroll in the sidebar (probably related: https://github.com/FreshRSS/FreshRSS/pull/8306#issuecomment-3647414618)
This TODO will be done in a separate PR since it requires optimizing the sidebar toggle code.
edit: it does work on Chrome already though, but only if `#stream` isn't too large / breaks randomly (Firefox is slower it seems)
|
|
* Improve simplified chinese translation
* Update translation progress
* Add yzx9 to contributors
|
|
Easier to explain graphically:
<img width="408" height="266" alt="image" src="https://github.com/user-attachments/assets/0e3724a1-155b-4a87-89b3-cfe8a18cb100" />
The jump to next section ⏭ works when the sorting criterion is a date.
Need https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
Revised the encoding approach for searches: the HTML encoding is done just before its use for DB search.
Fix also some cases with wrong quoting.
Fix https://github.com/FreshRSS/FreshRSS/pull/8306#issuecomment-3643865439
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
* Better comments in our Docker images
* Make `cli/access-permissions.sh` compatible with other Apache groups such as `http` for Linux Arch
* Better `/Docker/entrypoint.sh` supporting various Apache configuration paths (and slightly faster).
* Add test image for Linux Arch (not sure we will keep it)
See
* https://github.com/FreshRSS/FreshRSS/pull/8279#issuecomment-3620674818
|
|
* Translate English phrases to Chinese in gen.php
* make fix-all
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
https://github.com/FreshRSS/FreshRSS/pull/8193#issuecomment-3642094344
|
|
Previously if you were to go to for example *Subscription management* and filter a feed, the feed wouldn't be visible in a sidebar with lots of feeds, since you'd have to scroll to it first. Now, this is no longer the case.
Note that if the navigation comes from the sidebar itself, the original behavior remains. (scroll into previous `scrollTop` value of sidebar)
Also improves experience of using shift+j/k (see https://github.com/FreshRSS/FreshRSS/pull/8057)
|
Michael Meier
Bartłomiej Dmitruk
Alexandre Alapetite
dependabot[bot]
Rob Loach
Inverle
stag
stag
Andy Valencia
Zexin Yuan
X.
