* PHPstan level 6 for Category.php
* Fix a few things
* Minor fixes
* A few more fixes
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix extension freshrss_user_maintenance in actualize_script
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3440
The hook was called before registering all the extensions for the current user
* PHPStan Level 6 for extensions
And remove 5-year old legacy format of enabled extensions < FreshRSS 1.11.1
* Fix multiple bugs in extensions
* Minor typing
* Don't change signature of methods supposed to be overridden
* PHPStan Level 9 and compatibility Intelliphense
* Set as final the methods not supposed to be overriden
* PHPStan level 6 for all PDO and Exception classes
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112
* Fix type
* Now also our remaining own librairies
* Motivation for a few more files
* A few more DAO classes
* Last interface
* Modernize Constants and use new constant 'currentUser'
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Models/Auth.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update app/Models/Context.php
* Update app/Models/LogDAO.php
* Update lib/Minz/Log.php
* Update p/api/greader.php
* Update app/layout/header.phtml
* Update app/views/helpers/export/articles.phtml
* Update cli/do-install.php
* Remarque's from Alkarex
* Remarque's from Alkarex
* Refactor using new Minz_User class
* Consistent naming of public constants
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* More robust application of access permissions
We were in particular missing directory traversal `+X` in our current recommendations.
Extracted to own shell script so it can easily be invoked.
Update access permissions in Docker to account to be more robust.
#fix https://github.com/FreshRSS/FreshRSS/discussions/5037
* Minor simplification
* Restrict mkdir permissions
Default mkdir permissions are 0777, which is not good for security, so downgrade to 0770.
* API avoid logging passwords
* Strip passwords and tokens from API logs
* Only log failed requests information when in debug mode
* Remove debug SHA
* Clean also Apache logs
* Better comments
* Redact also token parameters
* shfmt
* Simplify whitespace
* redacted
* Custom logo HTML
Add option for custom HTML logo/title in the main Web UI view.
Can potentially be different per user.
#fix https://github.com/FreshRSS/FreshRSS/pull/3830/files#r850472247
* logo_html in main config
With new `./data/config.custom.php` to provide custom values before install
* Docker documentation
* whitespace
* Auto relax CSP to allow images for HTML logo
* Documentation
* Use typographic quotes
* A few fixes
* Fix
* Fix not saved
* Implement feedback
* Detail
* Revert spoken English fixes
Left for a future dedicated discussion
* More reverts
* Final reverts
* Final minor
Before, the ignore info were stored in a different file which was a bit cumbersome
for new comers. Now, this info is stored directly in the translation file as a
comment.
Before, there was no way of telling translators that a previously translated string
was in need of a new translation. Now, the dirty information is there to convey that
info.
* Improved markdownlint
* Relaxed rules slighlty
* `npm run markdownlint` for automatic tests
* `npm run markdownlint_fix` for automatic syntax fixing
* Applied the fixes on all our Markdown files
* Update Korean Translation
* Fix Korean language code following IETF BCP 47
* Fix Korean language code in i18n/*/gen.php
* Fix Korean language code in cli/i18n/*
* Fix Korean language code in docs
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Translations had quite a lot of cleaning in late:
* Removed some unused keys
* Added some ignores
* Applied a `cli/manipulate.translation.php -a format`
#fix https://github.com/FreshRSS/FreshRSS/issues/3735
Before, we were relying on an exception during the first stages of user initalisation. Now the check is explicit and cleaner, producing a more appropriate HTTP response for the API.
* Added Raindrop.io as sharing option
* Added entires to i18n ignore files
* Fix TODOs
Co-authored-by: Michael Miller <commits@rain.bz>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Remove file data/do-install.txt
This file was painful during update because we had to remember to delete
it each time. It added a security issue by allowing an attacker to
reinstall FreshRSS during the update process.
The (more powerful) file data/applied_migrations.txt has been introduced
in 8619cf6fa to replace do-install.txt. We had to wait for at least one
release in order to make sure existing instances of FreshRSS created the
migration file. It should be ok now.
* Replace i18n install.not_deleted key
* Update documentation to update FreshRSS
Before, only standard shortcuts were supported. When other shortcuts were
configured, they were filtered out.
Now, those shortcuts are stored in the configuration and an alert message
is displayed to alert the user that he is using non-standard shortcuts.
See #3481
* Hide new feed advanced options in a details tag
The form was huge and hard to process for beginners. Most of the fields
are optional 99% of time, there is no need to have them so proeminently.
* Remove sub.feed.auth.configuration i18n key
* Sync RTL css files
* Fix stylelint
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix "for" attributes in add feed form
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
