| Age | Commit message (Collapse) | Author |
|---|
|
See https://github.com/FreshRSS/FreshRSS/pull/8376
|
|
|
|
- contirbutions → contributions
- runable → runnable
|
|
CURLOPT_ENCODING (#8376)
* Replace deprecated CURLOPT_ENCODING
The CURLOPT_ENCODING setting has been deprecated in favor of
CURLOPT_ACCEPT_ENCODING.
Signed-off-by: Michael Meier <mmeier1986@gmail.com>
* Sync with our SimplePie fork PR
https://github.com/FreshRSS/simplepie/pull/67
https://github.com/simplepie/simplepie/pull/960
https://github.com/simplepie/simplepie/pull/962
* Our SimplePie PR merged
---------
Signed-off-by: Michael Meier <mmeier1986@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Fix Path Traversal vulnerability in UserDAO methods
* Add tests and changelog for UserDAO path traversal fix
* make fix-all
* Fix PHPStan
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* API: add remote user in Apache logs
fix https://github.com/FreshRSS/FreshRSS/discussions/8385
Example:
```
2026-01-01T18:38:28.645486326Z 0.0.0.0 - alex [01/Jan/2026:19:38:28 +0100] "GET /api/greader.php/reader/api/0/subscription/list?output=json HTTP/1.1" 200 9798 "-" "curl/8.14.1"
```
* Fallback mod_rewrite
* Log remote user with same priority as FreshRSS_http_Util::httpAuthUser()
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8378
|
|
|
|
Bumps [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) from 0.46.0 to 0.47.0.
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.46.0...v0.47.0)
---
updated-dependencies:
- dependency-name: markdownlint-cli
dependency-version: 0.47.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps the eslint group with 2 updates in the / directory: [eslint](https://github.com/eslint/eslint) and [globals](https://github.com/sindresorhus/globals).
Updates `eslint` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.39.1...v9.39.2)
Updates `@eslint/js` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js)
Updates `globals` from 16.5.0 to 17.0.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v16.5.0...v17.0.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: eslint
- dependency-name: "@eslint/js"
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: eslint
- dependency-name: globals
dependency-version: 17.0.0
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: eslint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* Bump ruby/setup-ruby from 1.268.0 to 1.278.0
Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.268.0 to 1.278.0.
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/8aeb6ff8030dd539317f8e1769a044873b56ea71...4c24fa5ec04b2e79eb40571b1cee2a0d2b705771)
---
updated-dependencies:
- dependency-name: ruby/setup-ruby
dependency-version: 1.278.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Remove comment with link to release tag
Not worth updating every time dependabot makes a commit
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Inverle <inverle@proton.me>
|
|
Bumps the stylelint group with 1 update: [stylelint-order](https://github.com/hudochenkov/stylelint-order).
Updates `stylelint-order` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/hudochenkov/stylelint-order/releases)
- [Changelog](https://github.com/hudochenkov/stylelint-order/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hudochenkov/stylelint-order/compare/7.0.0...7.0.1)
---
updated-dependencies:
- dependency-name: stylelint-order
dependency-version: 7.0.1
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: stylelint
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.10 to 2.0.11.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/2.0.10...2.0.11)
---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
dependency-version: 2.0.11
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
* changelog: Add entry for updated .gitignore
Adds an entry for https://github.com/FreshRSS/FreshRSS/pull/8372
* Fix Markdown
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Have the `extensions/.gitignore` ignore all installed extensions so that they don't show up in `git status`
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/8369
Regression from https://github.com/FreshRSS/FreshRSS/pull/8165
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8367
Forgotten from https://github.com/FreshRSS/FreshRSS/pull/8324
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8347
|
|
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8342
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8345
|
|
* Handle fetch of text/plain as <pre>
fix https://github.com/FreshRSS/FreshRSS/issues/8328
* class="text-plain"
|
|
Some [misconfigured instances](https://github.com/FreshRSS/FreshRSS/issues/7835) may be stripping out the CSP header that `f.php` sends, which can be mitigated by forcing the browser to download the image instead of displaying it and executing JS code from unsanitized SVGs for example.
Contributes to https://github.com/FreshRSS/FreshRSS/pull/8263 and https://github.com/FreshRSS/FreshRSS/pull/7924
(improving security when CSP is not present)
|
|
|
|
|
|
Dates should not be expanded/resolved in string serialisations of search expressions, as it otherwise break relative user queries such as `P30D`.
Fix of https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8184
One more ⭐ for synchronisation, which has become better.
✔️ User labels properly implemented https://github.com/jocmp/capyreader/issues/786#issuecomment-3685125608
First client to pass all my criteria since defunct News+.
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/7879
|
|
|
|
Add a distinction between recommended and required extensions.
Add check for recommended php-intl extension as follow-up of https://github.com/FreshRSS/FreshRSS/pull/8329#issuecomment-3677686581
Improve related checks such as ZIP.
Reduce duplicated translations and tests.
|
|
Missed in #8335 because I was testing without having the navigation bar enabled.
<img width="674" height="198" alt="image" src="https://github.com/user-attachments/assets/a1db7f95-f1d9-47e5-a572-20892e6c7abc" />
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/7801
|
|
* More uniform SQL search and PHP search
The behaviour depends though on the database.
Improve https://github.com/FreshRSS/FreshRSS/discussions/8265#discussioncomment-15278980
* Try to use transliterator_transliterate function instead
|
|
https://github.com/FreshRSS/FreshRSS/pull/8330#issuecomment-3667491619
|
|
Closes https://github.com/FreshRSS/FreshRSS/issues/8304
Remove the min=1 attribute so negative numbers can be used to force categories to the bottom
|
|
https://php.watch/versions/8.4/Deprecated
And enfore it with PHPUnit + PHPStan.
Especially useful for extensions.
|
|
Rework:
* https://github.com/FreshRSS/FreshRSS/pull/8222
now that we have:
* https://github.com/FreshRSS/FreshRSS/pull/8293
Follow-up of:
* https://github.com/FreshRSS/FreshRSS/pull/8311
* More simplification
* Deprecate getRawInput
|
|
* Handle null in base64_encode
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15269370
* PHPDoc
|
|
https://github.com/FreshRSS/FreshRSS/discussions/8265#discussioncomment-15270212
|
|
|
|
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15261119
|
|
* Bump to API level 4 for Fever; add with_ids so we can mass-change read/unread/saved/unsaved on lists of articles.
As discussed in https://github.com/FreshRSS/FreshRSS/issues/8305
A small enhancement to the Fever API to vastly increase efficiency when bulk marking items.
-
How to test the feature manually:
The client at:
https://sources.vsta.org:7100/FeedMonkey/file?name=js/Fever.js&ci=tip
has code to talk to this API enhancement (when the API level says it's supported). In particular walkArticles().
* Update indentation per PR check on Github
* make fix-all
* Line length
* Fix many typing issues
* is_numeric
* Update comment
---------
Co-authored-by: Andy Valencia <ajv-899-334-8894@vsta.org>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Safer password evaluation
|
|
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8281
todo:
* [x] Include labels (prefix `t_`) too
* [x] Keep sidebar scrollTop when using the nav menu
* [ ] ~~Make this work in the reader view's sidebar too~~ for separate PR
* [x] Prevent whole page from scrolling on `scrollIntoView()` call, just scroll in the sidebar (probably related: https://github.com/FreshRSS/FreshRSS/pull/8306#issuecomment-3647414618)
This TODO will be done in a separate PR since it requires optimizing the sidebar toggle code.
edit: it does work on Chrome already though, but only if `#stream` isn't too large / breaks randomly (Firefox is slower it seems)
|
|
* Improve simplified chinese translation
* Update translation progress
* Add yzx9 to contributors
|
|
Easier to explain graphically:
<img width="408" height="266" alt="image" src="https://github.com/user-attachments/assets/0e3724a1-155b-4a87-89b3-cfe8a18cb100" />
The jump to next section ⏭ works when the sorting criterion is a date.
Need https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
Revised the encoding approach for searches: the HTML encoding is done just before its use for DB search.
Fix also some cases with wrong quoting.
Fix https://github.com/FreshRSS/FreshRSS/pull/8306#issuecomment-3643865439
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
* Better comments in our Docker images
* Make `cli/access-permissions.sh` compatible with other Apache groups such as `http` for Linux Arch
* Better `/Docker/entrypoint.sh` supporting various Apache configuration paths (and slightly faster).
* Add test image for Linux Arch (not sure we will keep it)
See
* https://github.com/FreshRSS/FreshRSS/pull/8279#issuecomment-3620674818
|
Michael Meier
Alexandre Alapetite
Bartłomiej Dmitruk
Michael Meier
dependabot[bot]
Rob Loach
Inverle
stag
stag
Andy Valencia
Zexin Yuan
