| Age | Commit message (Collapse) | Author |
|---|
|
* Update phpmailer/phpmailer requirement from 7.0.1 to 7.0.2 in /lib
Updates the requirements on [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) to permit the latest version.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v7.0.1...v7.0.2)
---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
dependency-version: 7.0.2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update PHPMailer
* Update changelog
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2630 now that we have PHP 7.3+ (even PHP 8.1+).
* The new syntax natively supports `samesite`, and also avoids the need of re-setting all parameters.
* Use automatic path instead of own function `getCookieDir()`.
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8446
* Sanitize lifetime of session cookies from PHP ini to avoid likely invalid/misunderstood values
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/8430
Fix case when `session.cookie-lifetime` is not using the default value of 0 in PHP ini.
Co-authored-by: rioky <rioky@users.noreply.github.com>
|
|
https://github.com/simplepie/simplepie/pull/957
|
|
* https://github.com/FreshRSS/simplepie/pull/68
* https://github.com/FreshRSS/simplepie/pull/69
fix https://github.com/FreshRSS/FreshRSS/issues/8441
|
|
CURLOPT_ENCODING (#8376)
* Replace deprecated CURLOPT_ENCODING
The CURLOPT_ENCODING setting has been deprecated in favor of
CURLOPT_ACCEPT_ENCODING.
Signed-off-by: Michael Meier <mmeier1986@gmail.com>
* Sync with our SimplePie fork PR
https://github.com/FreshRSS/simplepie/pull/67
https://github.com/simplepie/simplepie/pull/960
https://github.com/simplepie/simplepie/pull/962
* Our SimplePie PR merged
---------
Signed-off-by: Michael Meier <mmeier1986@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Add a distinction between recommended and required extensions.
Add check for recommended php-intl extension as follow-up of https://github.com/FreshRSS/FreshRSS/pull/8329#issuecomment-3677686581
Improve related checks such as ZIP.
Reduce duplicated translations and tests.
|
|
https://php.watch/versions/8.4/Deprecated
And enfore it with PHPUnit + PHPStan.
Especially useful for extensions.
|
|
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15261119
|
|
Easier to explain graphically:
<img width="408" height="266" alt="image" src="https://github.com/user-attachments/assets/0e3724a1-155b-4a87-89b3-cfe8a18cb100" />
The jump to next section ⏭ works when the sorting criterion is a date.
Need https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
Revised the encoding approach for searches: the HTML encoding is done just before its use for DB search.
Fix also some cases with wrong quoting.
Fix https://github.com/FreshRSS/FreshRSS/pull/8306#issuecomment-3643865439
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8293
|
|
|
|
* Improve anonymous authentication logic
* forgot to git add
* Fix incorrect token check
Because an empty parameter could be just passed if token for the user wasn't set: `&token=`
|
|
* Update phpmailer/phpmailer requirement from 7.0.0 to 7.0.1 in /lib
Updates the requirements on [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) to permit the latest version.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v7.0.0...v7.0.1)
---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
dependency-version: 7.0.1
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* composer update --no-autoloader
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
I was tired of having to handle the SCSS themes differently.
fix https://github.com/FreshRSS/FreshRSS/issues/7611
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8200
Convert Ansum and Mapco themes from SCSS to native CSS.
The changes are actually quite limited (mostly changing the syntax of the variables and a few other things)
Require support for:
* https://developer.mozilla.org/en-US/docs/Web/CSS/Guides/Nesting
* https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Selectors/Nesting_selector
* https://developer.mozilla.org/en-US/docs/Web/CSS/color_value/color-mix
SCSS and SAAS tools and references are also removed.
Tests welcome.
The styles are left as individual CSS files as designed originally in SCSS. I expect proper HTTP caching and HTTP/2 to be sufficient instead of aggregating back to a single CSS, but might be done in another PR if needed.
At the same time, fixed the fact that we had various whitespace styles in our JSON files, in particular in those themes, sometimes with 2 spaces, or 4 spaces, or tabs. Use tabs everywhere as defined in editorconfig.
I would like to merge this one first to complete https://github.com/FreshRSS/FreshRSS/pull/8230
* RTLCSS stringMap
https://github.com/FreshRSS/FreshRSS/pull/8241#discussion_r2553175514
https://github.com/MohammadYounes/rtlcss/issues/108#issuecomment-347033134
|
|
* Attempt to restore user config if `file_put_contents()` fails
* Second approach
* Minor preference: `.tmp.php`
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Change boolean compare syntax
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* fix?
|
|
* Exclude local networks for domain-wide Retry-After
Retry-After will be applied by URL and not by domain for local networks.
fix https://github.com/FreshRSS/FreshRSS/issues/7880
* Improved logic for detection of local domains
* Support ip6-localhost and a couple more variants
* On more: .lan
* Resolve IP address
* Add .intranet
|
|
* Housekeeping lib_rss.php
`lib_rss.php` had become much too large, especially after https://github.com/FreshRSS/FreshRSS/pull/7924
Moved most functions to other places.
Mostly no change of code otherwise (see comments).
* Extension: composer run-script phpstan-third-party
|
|
* Create separate `Retry-After` files for proxies
Bad proxies are able to send a false `Retry-After` header and affect the availability of feeds (domain-wide) for other users.
This PR starts including the address of the proxy if present in filenames for `Retry-After` to mitigate the issue.
* Reduce code changes
* Sync SimplePie fork
https://github.com/FreshRSS/simplepie/pull/62
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Implement whitelist for SimplePie sanitizer
ref: https://github.com/FreshRSS/FreshRSS/pull/7770#issuecomment-3140334326
https://github.com/FreshRSS/simplepie/pull/53
https://github.com/simplepie/simplepie/pull/947
* Remove `<plaintext>` from whitelist
* Improve order
* Remove some tags from whitelist
* Revert partially
* sync
* Display contents of `<noscript>` and `<noembed>`
* sync
* Allow use of `<track>`
* sync again
* Sync to SimplePie fork
https://github.com/FreshRSS/simplepie/pull/53
* Alphabetic order
* Reduce list of stripped attributes
* Temporarily strip some attributes
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Update phpmailer/phpmailer requirement from 6.11.1 to 7.0.0 in /lib
Updates the requirements on [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) to permit the latest version.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v6.11.1...v7.0.0)
---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
dependency-version: 7.0.0
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* composer update
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
## Feed configuration slider:
### Before:
<img width="747" height="346" alt="grafik" src="https://github.com/user-attachments/assets/37056ef8-1163-48d1-a3dd-99e745418b2d" />
### After:
<img width="743" height="473" alt="grafik" src="https://github.com/user-attachments/assets/388a0ef6-633e-43ee-8ea5-5cbe7b40e6e4" />
## CustomCSS, CustomJS extensions
### Before:
<img width="762" height="504" alt="grafik" src="https://github.com/user-attachments/assets/279801fb-06a7-477a-81e7-c681087595a5" />
### After:
<img width="767" height="922" alt="grafik" src="https://github.com/user-attachments/assets/ca4cf304-03c7-4028-89d0-1c3094086176" />
And cleaning some CSS
* UserCSS+JS: w100 h50
* clean textarea width height
* feed config slider
* Update base.rtl.css
* fix class="valid-json"
* padding + vertical-align
* fix ansum mapco
|
|
* CssXPath: Implement ~ Subsequent-sibling
fix https://github.com/FreshRSS/FreshRSS/issues/8143
Upstream PR https://github.com/phpgt/CssXPath/pull/231
* Use CssXPath release v1.4.0
https://github.com/phpgt/CssXPath/releases/tag/v1.4.0
|
|
* Bump phpstan/phpstan from 2.1.29 to 2.1.31
Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan-phar-composer-source) from 2.1.29 to 2.1.31.
- [Commits](https://github.com/phpstan/phpstan-phar-composer-source/commits)
---
updated-dependencies:
- dependency-name: phpstan/phpstan
dependency-version: 2.1.31
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fixes
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
The compatibility does support only a minimum version of FreshRSS. If we need
something a bit more clever in the future, it is possible to handle a rule
with a bit more complexity.
See https://github.com/FreshRSS/FreshRSS/issues/5903
* Update app/Controllers/extensionController.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update app/i18n/pl/admin.php
Co-authored-by: Inverle <inverle@proton.me>
* Minor move phpstan-type
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: Inverle <inverle@proton.me>
|
|
Example: `userdate:PT1H` to select only articles modified by user during the last hour
Fix https://github.com/FreshRSS/FreshRSS/issues/4280#issuecomment-3393078024
Useful for instance to bulk mark as unread recently marked articles by error:
1. Click on the toggle button to show the read articles (making sure the toggle for the unread articles is off)
2. Sort by *User modified 9→1*
3. Filter by *user modified date*, for instance to the last 3 hours by typing `userdate:PT3H`
4. Click in the drop-down menu *Mark selection as unread*
P.S.: I have added at the same time a bunch of unit tests for date-related logic
|
|
* Add UI for advanced search
To help users with the seach operators.
Obviously not as powerful as a manually-written search query.
Lack in particular negation and logical *and* for now, but I might try to do something about it.
<img width="939" height="1438" alt="image" src="https://github.com/user-attachments/assets/0bcad39b-eff3-4f44-876b-a2552af2af00" />
* Consistency: allow multiple user queries like S:1,2
* Fix user query and add tests
|
|
* Fix drag&drop of user query losing information
Information about RSS sharing was lost after a drag&drop
* Fix related type cast
|
|
For login, tokens, nonces
|
|
* Add a new hook in the UI
The new hook allows extension to add their own tool bar to navigate between
entries. For instance, if the user wants less or more buttons that what's
available by default.
See #7912
See #7913
* add link data to ease navigation
|
|
* SimplePie: apply HTTPS policy also on GUIDs and permalinks
Fix WordPress duplicates HTTP vs. HTTPS
fix https://github.com/FreshRSS/FreshRSS/issues/5151
* Move code upstream
* https://github.com/simplepie/simplepie/pull/951
* https://github.com/FreshRSS/simplepie/pull/59
|
|
* Fix SimplePie support of HTTP trailer headers
fix https://github.com/FreshRSS/FreshRSS/discussions/7981
https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Trailer
https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Server-Timing
We need to use content-length to know where the body stops, but content-length is wrong is any compression was used.
So let cURL perform the separation of HTTP headers and body instead of using the SimplePie parser.
* Minor whitespace
* Same change for lib_rss
* Move changes to SimplePie repo
https://github.com/FreshRSS/simplepie/pull/55
https://github.com/FreshRSS/simplepie/pull/57
|
|
* Update phpmailer/phpmailer requirement from 6.10.0 to 6.11.1 in /lib
Updates the requirements on [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) to permit the latest version.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v6.10.0...v6.11.1)
---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
dependency-version: 6.11.1
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* composer update --no-autoloader
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Extension can now define their hook priority. This will allow to define the order in which hooks are triggered.
See #7110
Closes #7110
Changes proposed in this pull request:
- Add support for extension priority
How to test the feature manually:
1. Create an extension with 2 hooks on the same hook type but different priority
2. The hooks must be prepending the title with different values
3. Validate that changing the hook priority changes the final title accordingly.
|
|
Ref #7931
Ref #5466
Ref #6409
added configuration in "Display"
<img width="636" height="167" alt="grafik" src="https://github.com/user-attachments/assets/7bbc9f26-d91b-4dd2-b715-1d3f9b7a9ad3" />
* i18n: fr
* Update app/i18n/pl/conf.php
Co-authored-by: Inverle <inverle@proton.me>
* make fix-all
* max()
* Minor whitespace
(I am not a fan of excessive vertical indenting)
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: Inverle <inverle@proton.me>
|
|
- add an enum to handle hook types (enum are available since PHP 8.1)
- change hook calls from string value to enum value
|
|
Rework #7979
Forgot to change `httpGet()`, which is used in multiple places
|
|
Follow-up of #7636
I found it's the only missing element that needs to be lazy loaded by putting HTML of https://github.com/cure53/HTTPLeaks/blob/main/leak.html into a feed
|
|
A couple of places, which have been forgotten when we moved to using `str_starts_with()` instead of `strpos()`.
|
|
* Add option for CSP frame-ancestors
https://github.com/FreshRSS/FreshRSS/discussions/7856
* Revert contentSelectorPreviewAction
* Same for f.php and api
* Fix double init in f.php
* No sandbox for API page
|
|
Discussion: https://github.com/FreshRSS/FreshRSS/discussions/7973
Changes proposed in this pull request:
- Add new extension hook "entry_before_add"
- Add new extension hook "entry_before_update"
How to test the feature manually:
1. Create extension that uses the hooks and confirm they are invoked correctly.
Extension to use for testing
https://github.com/rnkln/freshrss-xExtension-Discord/pull/2
|
|
For additional safety, also making sure in this PR that [`CURLOPT_COOKIEFILE`](https://curl.se/libcurl/c/CURLOPT_COOKIEFILE.html) is only allowed as an empty string during import.
|
|
* https://github.com/simplepie/simplepie/pull/936 (Normalize encoding uppercase)
|
|
Main change is https://github.com/simplepie/simplepie/pull/937 (PHP 8.5: Conditionally call deprecated functions)
P.S. a sync with SimplePie upstream was already done recently, hence the limited changes:
* https://github.com/FreshRSS/FreshRSS/pull/7775
|
|
This replace the use of `en` through out the code.
|
|
1. `include`, `include_once`, `require` and `require_once` are expressions not functions, parentheses are not necessary.
2. to move up the directory tree, it's better to use the `dirname` function instead of relying on `/..`.
|
|
* Fix log CRLF injection
* empty -> space
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Follow-up to #7762
* Regenerate session ID on login
* Send only one cookie
* Improvements
* Delete old session file
* Simplify
* Make function consistent with others
|
|
The set language is used inside paths and can lead to issues by including PHP files from other locations
|
|
* Fix curl response parsing
* Specify redirect count with `\SimplePie\HTTP\Parser::prepareHeaders()` instead
Simply notify SimplePie of the redirect count before parsing
* Better error check
* Simplify
|
dependabot[bot]
Alexandre Alapetite
Michael Meier
Inverle
maTh
Alexis Degrugillier
KleinMann
