| Age | Commit message (Collapse) | Author |
|---|
|
The notification about wrong login was not working. Noticed while working on https://github.com/FreshRSS/FreshRSS/pull/5955
This was due to timing of when the notification is retrieved.
Simplified code to make the logic easier and more robust.
|
|
* Pass PHPStan level 8
And prepare for PHPStan level 9 https://phpstan.org/user-guide/rule-levels
* Revert wrong replace in comment
* Fix PHPStan level 8
* Update PHPStan and other dev dependencies
* Remove obsolete comment
* noVariableVariables and towards bleedingEdge
https://github.com/phpstan/phpstan-strict-rules
https://phpstan.org/blog/what-is-bleeding-edge
* More bleedingEdge
* A bit more PHPStan level 9
* More PHPStan level 9
* Prepare for booleansInConditions
Ignore int and null
* Revert wrong line
* More fixes
* Fix keep_max_n_unread
* Stricter attribute functions
* Stricter callHooks and more PHPStan level 9
* More typing
* A tiny more
|
|
* Little's optimisations and booleans in conditions
* Apply strict type
* Apply strict type
* Apply strict type
* Fix multiple bugs with PHP 8.2 and 8.3
* Many declares missing, more errors fixed
* Apply strict type
* Another approach
* Stronger typing for Minz_Session
* Fix case of SQLite
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* processing of depreciations and updating of code to php7.2 minimum
* Autoformat many strange array indenting
And revert a few unwanted changes
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* PHPStan Level 7 for Minz_Request
* PHPStan Level 7 for FreshRSS_Feed
* PHPStan Level 7 for Minz_Error
|
|
* Typed view model classes
* Add ability to provide a typed view model class to a controller
* Use `::class` instead of string for referring to classes
* Examplified with `stats` and `javascript` controllers / views (more to do)
* Also useful for extensions (my usecase today), which did not have the ability to define own view model attributes before.
* Typo
|
|
* Use typed access to request parameters
This was a big source of mixed datatypes in many places
* Fix notifications
* Fix bookmarkAction
|
|
* Fix extension freshrss_user_maintenance in actualize_script
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3440
The hook was called before registering all the extensions for the current user
* PHPStan Level 6 for extensions
And remove 5-year old legacy format of enabled extensions < FreshRSS 1.11.1
* Fix multiple bugs in extensions
* Minor typing
* Don't change signature of methods supposed to be overridden
* PHPStan Level 9 and compatibility Intelliphense
* Set as final the methods not supposed to be overriden
|
|
* implemented
* themes' metadata.json
* fix
* fix
* retrigger tests
* Update lib/Minz/View.php
Co-authored-by: Luc SANCHEZ <4697568+ColonelMoutarde@users.noreply.github.com>
* Update lib/Minz/View.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update lib/Minz/View.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update lib/Minz/View.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* fix
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: Luc SANCHEZ <4697568+ColonelMoutarde@users.noreply.github.com>
|
|
And app/FreshRSS.php
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112
|
|
* Safer timezone set
Add missing tzdata in Docker :newest
Fallback to UTC if no timezone is defined at all
#fix https://github.com/FreshRSS/FreshRSS/pull/4906#issuecomment-1386747169
* Better refactoring
Show fallback timezone everywhere
|
|
* User-defined time zone
#fix https://github.com/FreshRSS/FreshRSS/issues/2754
* Update app/i18n/nl/conf.php
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
* Timezone when creating a new user
Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>
|
|
* Custom logo HTML
Add option for custom HTML logo/title in the main Web UI view.
Can potentially be different per user.
#fix https://github.com/FreshRSS/FreshRSS/pull/3830/files#r850472247
* logo_html in main config
With new `./data/config.custom.php` to provide custom values before install
* Docker documentation
* whitespace
* Auto relax CSP to allow images for HTML logo
* Documentation
|
|
* Use typographic quotes
* A few fixes
* Fix
* Fix not saved
* Implement feedback
* Detail
* Revert spoken English fixes
Left for a future dedicated discussion
* More reverts
* Final reverts
* Final minor
|
|
* Add PHPStan
#fix https://github.com/FreshRSS/FreshRSS/issues/4016
https://phpstan.org/
```sh
composer run-script phpstan
```
* More fixes
* Fix global variables
* Add .phtml
* Fix merge
https://github.com/FreshRSS/FreshRSS/pull/4090
* Fix more warnings
* Fix view errors and enable in CI
* ReturnTypeWillChange
* Dynamic view type
* Fix Minz static/self bug
|
|
* it works
* optimized
|
|
* Update Travis line length
* Also check whitespace in CSS files
* Fix line length ext.php
* More syntax, string templates
* Fix exclude-pattern
* Test JS files as well
|
|
csrf tokens) (#3432)
|
|
* Avoid manual intialisations of system or user configuration
More consistent use of Context
* Simplify FreshRSS_Context::initUser
* Remove a few manual get_user_configuration
* A bit of debugging
* Fix context user init
* Fix install
* Fix concurrency
Concurrent requests could lead to bad race condition
* Fix actualize cron
Fix case when system i initialised several times
|
|
* Fix bugs in anomymous mode
Login bug (submit button not working) and refresh bug (JS null
exception, and then 403).
* Take advantage of existing variable
|
|
* Fix initI18n
#fix
https://github.com/FreshRSS/FreshRSS/issues/3246#issuecomment-725463337
#fix https://github.com/FreshRSS/FreshRSS/issues/3136
It was due to calling `initI18n()` before `FreshRSS_Context` is
intialised in some situations
Introduced by https://github.com/FreshRSS/FreshRSS/pull/3022
Will be better fixed when https://github.com/FreshRSS/FreshRSS/pull/3070
lands
* Fallback condition
|
|
* Minz: Attach a notification to a request
Notifications should be attached to a request, not to a global session.
Fix
https://github.com/FreshRSS/FreshRSS/pull/3096#issuecomment-654891906
Prepare https://github.com/FreshRSS/FreshRSS/pull/3096
* Rename array
* Avoid string constants
Implement
https://github.com/FreshRSS/FreshRSS/pull/3208#issuecomment-703243863
* Improved logic
* Simplify storage
https://github.com/FreshRSS/FreshRSS/pull/3208#discussion_r499511213
* Fix notification bug in configuration/system
|
|
Before, when the user was not logged in, pages where translated with the '_' user language.
Now, they are translated with the user preferred language if there is one supported by FreshRSS or with the system default language.
|
|
|
|
* Add dir info to gen.php & install.php!
* Add `make rtl` command
Using rtlcss because it has actually has a command-line application!
|
|
For an extension, I needed to call a script from an external domain.
Unfortunately, the CSP headers didn't allow this domain and I had to
patch manually the FreshRSS FrontController for my extension. It's
obviously not a long-term solution since it has nothing to do in the
core of FRSS, and I don't want to apply this patch manually at each
update.
With this patch, I allow changing the CSP header from inside the
controller actions. It allows extensions to modify headers. It's also an
opportunity to remove a bit of code from the FrontController. I wasn't
happy with the previous implementation anyhow.
Reference: https://github.com/flusio/xExtension-Flus/commit/ed12d56#diff-ff12e33ed31b23bda327499fa6e84eccR143
|
|
While I was looking at the number of articles of my users, I discovered
some of them had none, while having a bunch of feeds though. I took a
look at the logs generated by `app/actualize_script.php` and discovered
that the script stopped strangely (in this example, "OK" for denise is
expected, and more users too):
```
FreshRSS[1681]: FreshRSS Start feeds actualization...
Starting feed actualization at 2019-11-29T16:37:19+00:00
Actualize alice...
Actualize denise...
Results:
alice OK
denise
```
After digging a bit, I quickly realized the script stopped always on
users who didn't validate their emails. And indeed, we trigger a
`Minz_Request::forward(..., true)` for these users, in the `FreshRSS`
class. This function calls the `exit` function, which stops the script.
This patch only allows the feed#actualize action to be executed for
unverified users in order to avoid an early-`exit`. This is a quick-win
solution, but I don't think it's a good one on the long term. I'll
propose an alternative in another patch, later.
|
|
* fix: Make sure $disable_aside is initialized
There was a warning for an uninitialized variable, hidden in production
but visible in development mode.
* fix: Allow to delete account when email isn't validated
|
|
* Add an email field to the profile page
I reuse the `mail_login` from the configuration. I'm not sure if it's
useful today (I would say it was used when Persona login was available).
A good improvement would be to rename `mail_login` into `email` so it
would be more intuitive to use.
* Add boolean to the conf to force email validation
This commit only adds a configuration item.
* Add email during registration if email must be validated
* Set email token to validate when email changes
* Block access to FreshRSS if email is not validated
* Send email when address is changed
* Allow to resend the validation email
* Allow the user to change its email while blocked
* Document the email validation feature
* fixup! Allow the user to change its email while blocked
* tec: Autoload PHPMailer lib
* Validate email address format
* Add feedback on validation email resend action
* Allow to logout when user is blocked
* fix: Change default email "from"
* Reorganize i18n keys
* Complete all the locales with default english
* Hide sidebar (profile page) if email is not validated
* Check email requirements on registration
* Allow admin to specify email when creating users
* Don't check email format if value is empty
* Remove trailing comma in userController
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Set PHPMailer validator to html5 before sending email
* fixup! Remove trailing comma in userController
|
|
Hooks allow to:
- add items in menus
- perform new actions at the end of FreshRSS initialization
|
|
* Fix user self registration
Fix https://github.com/FreshRSS/FreshRSS/issues/2381
* CSRF for admin
|
|
* Rework CSRF interaction with sessions
Fix https://github.com/FreshRSS/FreshRSS/issues/2288
Improve security in some edge cases
Maybe relevant for
https://github.com/FreshRSS/FreshRSS/issues/2125#issuecomment-474992671
* Forgotten mime type
|
|
It's been probably long enough since
https://github.com/FreshRSS/FreshRSS/pull/1099
|
|
* Less jQuery
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2199
* Even less jQuery + global view unread title fix
* Even less jQuery
* Yet even less jQuery
* Even less jQuery
* Reduce some events
* Even less jQuery
* jQuery gone from main view
+Fixed English i18n
* Fix feed folded view
* Remove Firefox 64 workaround
Remove workaround for Gecko bug 1514498 in Firefox 64, fixed in Firefox
65
* Split to extra.js
Avoid loading unneeded JavaScript code for the main view.
+ several adjustements
* Improve CSS transition fold category
* Rewrite shortcuts
Remove library. Much faster, shorter, one listener instead of many.
Control of the shortcut context.
Fix https://github.com/FreshRSS/FreshRSS/issues/2215
* Remove debug
* Minor syntax
* Filter out unwanted shortcut modifiers
* Menu overflow fix
* Typo
* Fix unfolding in mobile view
* Remove jQuery from category.js
* Remove jQuery from Global view
|
|
* Remove next prefetch
This approach was only efficient in the specific case when no change was
made (no mark-as-read, favourites, tags), and useless in the other
situations.
Removed to reduce server load.
* Remove next prefetch from JavaScript too
* Remove some preload / prefetch
While useful for the first request, those preload / prefetch hints are
slightly negative for the following requets, especially server-side,
e.g. generating one log entry in Apache, and a bit more network traffic.
* Revert mistake
* Remove comment
https://github.com/FreshRSS/FreshRSS/pull/2040#discussion_r223214915
|
|
* Explicit quotes decoding
* Explicit htmlspecialchars_decode and htmlspecialchars
|
|
From ./data/ to ./app/
Fix manual updates like
https://github.com/FreshRSS/FreshRSS/issues/1803#issuecomment-369371907
Left for later: support a ./data/shares.local.php for user-defined
shares.
|
|
$a['method'] can be undefined.
https://github.com/FreshRSS/FreshRSS/pull/1674
https://github.com/FreshRSS/FreshRSS/issues/1521
|
|
See #1521
|
|
https://github.com/FreshRSS/Extensions/issues/13
|
|
https://github.com/FreshRSS/FreshRSS/issues/1531
|
|
https://github.com/FreshRSS/FreshRSS/issues/1257#issuecomment-248111169
|
|
And set correct parent option
https://github.com/FreshRSS/FreshRSS/pull/1172
|
|
https://github.com/FreshRSS/FreshRSS/pull/1172
|
|
https://www.w3.org/TR/referrer-policy/#referrer-policy-no-referrer
https://github.com/FreshRSS/FreshRSS/issues/570
https://github.com/FreshRSS/FreshRSS/issues/955
https://github.com/FreshRSS/FreshRSS/issues/1198
https://github.com/FreshRSS/FreshRSS/issues/565
https://github.com/FreshRSS/FreshRSS/issues/554
|
|
https://github.com/FreshRSS/FreshRSS/issues/1052
|
|
|
|
|
|
|
|
Fast flush HTTP headers, push promise CSS.
Requires PHP 5.3+ due to anonymous function.
Do not load syles, scripts, and notifications for Ajax requests.
https://github.com/FreshRSS/FreshRSS/issues/1089
|
Alexandre Alapetite
Luc SANCHEZ
maTh
hesch
Alexis Degrugillier
Marien Fressinaud
Frans de Jonge
romibi
