Commit Graph

4187 Commits

Author SHA1 Message Date
Alexandre Alapetite
4fb52988ee Merge branch 'FreshRSS/dev' into export_sqlite 2019-08-22 20:19:18 +02:00
Alexandre Alapetite
125a83efc9 IE11 / Edge keyboard compatibility (#2507)
https://github.com/FreshRSS/FreshRSS/pull/2506#issuecomment-523544684
2019-08-22 20:13:40 +02:00
Alexandre Alapetite
6cedeeeae5 Minz: New environment variable to control development mode (#2508)
* New environment variable to control development mode

Suggestion of new enviromnent variable, as discussed
https://github.com/FreshRSS/FreshRSS/pull/2492#issuecomment-523613920

* Update Docker/README.md

Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>

* Update Docker/README.md

Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>

* Update Docker/README.md

Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>

* Declare ENV in Dockerfile

Tested
2019-08-22 20:04:26 +02:00
Alexandre Alapetite
48dda9a803 Changelog 2019-08-21 22:52:18 +02:00
Alexandre Alapetite
d37032121b Docker Alpine 3.10.2
https://alpinelinux.org/posts/Alpine-3.10.2-released.html
2019-08-21 22:33:06 +02:00
ArthurHoaro
3f8804f54f Prevent window opener vulnerability with space shortcut (#2506)
* Prevent window opener vulnerability with space shortcut

This change fixes a vulnerability introduced by `window.open()` on untrusted sources. It reproduces the effect of `rel="noreferrer"` with JS.

Cross browser solution from: https://stackoverflow.com/a/40593743

## Reproduction

> tested with Firefox 68

  1. Add this RSS feed
  2. Open the 2nd link "À propos de la faille de sécurité liée à target="_blank" **using the space key shortcut**.
  3. Click on the first of three links "http://bookmarks.ecyseo.net"

Current behaviour: the FreshRSS tab changes.
Expected behaviour: no effect on FreshRSS

* Test for popup blockers
2019-08-21 21:14:22 +02:00
Frans de Jonge
0ec7f53153 [i18n] Finish Dutch translation (#2503)
Add a couple of new strings, minor grammar and style improvements, and ignore everything that should be ignored for 100 %.
2019-08-21 09:27:32 +02:00
Frans de Jonge
6d0bd2c41b [i18n] Minor cleanup in Slovak (#2502)
Follow-up to <https://github.com/FreshRSS/FreshRSS/pull/2500>. The languages aren't translated, so they don't need to be there.
2019-08-21 09:26:43 +02:00
Tibor Repček
8afaf42ff4 Update CREDITS.md (#2501) 2019-08-20 22:31:32 +02:00
Tibor Repček
520676893f [i18n] Slovak (slovenčina) - added new language (#2497) 2019-08-20 21:20:57 +02:00
Alexandre Alapetite
d09826c145 Docker Alpine opcache (#2498)
https://github.com/FreshRSS/FreshRSS/pull/2495#discussion_r315662184
https://php.net/ref.opcache
We need to retest the performances
https://github.com/FreshRSS/FreshRSS/pull/2205
2019-08-20 15:48:54 +02:00
Alexandre Alapetite
fd33d92d41 Require PHP 5.5+ (#2495)
* Require PHP 5.5+

https://github.com/FreshRSS/FreshRSS/issues/2469#issuecomment-522255093
I think it would be reasonable to require PHP 5.5+ for the core of
FreshRSS after all.

As Frenzie said, WordPress currently requires PHP 5.6.20+, and it is the
most popular PHP application.

We would loose about 20% of the PHP servers according to
https://w3techs.com/technologies/details/pl-php/5/all but I expect this
number to drop fast after the release of CentOS 8 (CentOS accounts for
17% of Linux servers
https://w3techs.com/technologies/details/os-linux/all/all ).

Distributions:
* no impact on Ubuntu, Fedora, Alpine, OpenWRT, FreeBSD, OpenSuze,
Mageia, as all active versions have PHP > 7
* no impact on OpenSuze, Synology, as all active versions have PHP > 5.5
* we drop Debian 8 Jessie (-2020) - we keep supporting Debian 9 Stretch
(2017-06) - current is Debian 10 Buster
* we drop Red Hat 7 (-2024) - we keep supporting RHEL 8 (2019-05)
* we drop CentOS 7 (-2024) - we will support CentOS 8 (to be released
soonish)

When dropping older versions, I can better like when it is for a good
reason, and there is actually one with PHP 5.5, namely generators
(yield) https://php.net/language.generators.overview which I consider
using.

* Version note for JSON.php

* hex2bin

* Update .travis.yml

Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
2019-08-20 14:55:43 +02:00
Alexandre Alapetite
05065910a4 Fix count on progression 2019-08-18 23:35:39 +02:00
Alexandre Alapetite
ad4d3f76ec Fix MySQL bad default buffering
https://stackoverflow.com/questions/6895098/pdo-mysql-memory-consumption-with-large-result-set/6935271#6935271
https://php.net/manual/ref.pdo-mysql
2019-08-18 23:28:29 +02:00
Alexandre Alapetite
50edceeb04 Fix wrong static fields 2019-08-18 22:52:05 +02:00
Alexandre Alapetite
89d706f5b0 Execution rights 2019-08-18 22:34:34 +02:00
Alexandre Alapetite
d50ceb0811 Travis 2019-08-18 22:31:41 +02:00
Alexandre Alapetite
a7bd8aec7d CLI to export/import any database to/from SQLite
Require PHP 5.5+ https://github.com/FreshRSS/FreshRSS/pull/2495
2019-08-18 22:18:42 +02:00
Alexandre Alapetite
38a4b22f7b Doc MariaDB (#2494) 2019-08-17 13:07:30 +02:00
Sandro
544fcc4500 Docker readme cleanups (#2483)
* Don't manually pull the base image

* Remove sudo before each docker

cause the user is usually added to the docker group

If not you can read it up here:
https://docs.docker.com/install/linux/linux-postinstall/

* Simplify cd
2019-08-16 08:18:34 +02:00
Marien Fressinaud
de26531178 tec: Provide a Minz_Mailer class (#2476)
* Add Minz_View::_path method (replace change_view)

The `_path` method is more powerful since it allows to choose the file
extension. It is also Minz_Request-agnostic, which is useful to reuse
the Minz_View class in other places.

`change_view` is now deprecated and a warning is logged if we use it.

* Provide a Minz_Mailer to send emails

It uses PHPMailer under the hood and only supports PHP >= 5.5
2019-08-15 17:19:12 +02:00
Frans de Jonge
20c38d7083 [CI] Run stylelint (#2477)
* [CI] Run stylelint

Perform some basic CSS sanity checking and style enforcement.

I removed vendor prefixed linear-gradient and transform because those are from the IE9 era. With IE11 as a minimum and soon obsolete requirement it doesn't make much sense anymore.

* Remove as-link override

* Don't require newline after comment

* Also apply those newline rules to SCSS

* refine opening/closing braces, allow for single-line
2019-08-14 22:29:28 +02:00
Marien Fressinaud
7fd88adeb0 Add hooks to ExtensionManager (#2482)
Hooks allow to:

- add items in menus
- perform new actions at the end of FreshRSS initialization
2019-08-14 22:19:24 +02:00
Marien Fressinaud
c82aff177e fix: Generate correct htaccess in cli/prepare (#2480)
Bug introduced in https://github.com/FreshRSS/FreshRSS/pull/2461
2019-08-14 15:25:28 +02:00
Joris Kinable
cb31874085 Added option to display authors under article titles (#2487)
This feature is particularly useful to display authors underneath scientific articles.
2019-08-14 15:16:06 +02:00
Marien Fressinaud
49e1a2c579 Allow to change the view layout (#2467)
The `_useLayout` function is marked as deprecated, replaced by a more
powerful `_layout` function.
2019-08-02 11:40:57 +02:00
Marien Fressinaud
89427e45e5 Clean access checks on userController (#2471)
The access was checked several times in some actions and had incoherent
behaviours. Also, the `firstAction` condition was a bit tricky to
understand.

This PR duplicates conditions across all the controller actions and
remove the `firstAction` which becomes useless.
2019-07-31 13:52:20 +02:00
Marien Fressinaud
7533676ae7 Add support for images to the ext.php endpoint (#2465) 2019-07-31 13:49:29 +02:00
koocotte
f5fbc0c7f0 Patch for #2460: Run on Apache 2.4+ without mod_access_compat (#2461)
* Update .htaccess

* Update htaccess for apache2.4

* Update htaccess for apache2.4

* Update htaccess for apache2.4
2019-07-31 13:48:06 +02:00
Frans de Jonge
005b77e076 [CI] Fix PHP 5.4 and 5.5 (#2470)
The PHP 5.4 and 5.5 archives recently started failing, also see https://travis-ci.community/t/php-5-4-and-5-5-archives-missing/3723

Setting them to use the Trusty images restores their functionality.
2019-07-30 20:47:52 +02:00
Gaurav Thakur
e99e4353d4 Remove Google+ support as it is dead. (#2464) 2019-07-30 16:34:04 +02:00
Alexandre Alapetite
70d06ca759 Start 1.14.4-dev 2019-07-25 16:55:27 +02:00
Alexandre Alapetite
042b40eeee Release FreshRSS 1.14.3 2019-07-25 16:01:00 +02:00
Frans de Jonge
b12d261407 tests: add shellchecks and shfmt to README (#2458)
See https://github.com/FreshRSS/FreshRSS/pull/2454#discussion_r306174996
2019-07-24 05:26:51 +02:00
Alexandre Alapetite
61af33a6f5 Readme 2454-2456
https://github.com/FreshRSS/FreshRSS/pull/2454
https://github.com/FreshRSS/FreshRSS/pull/2455
https://github.com/FreshRSS/FreshRSS/pull/2456
+hadolint remove PIP warning
2019-07-23 10:01:52 +02:00
Leepic
48ad3059e4 Adding a note about cron and stderr informations (#2457)
Avoid cron sending email in case of success command
2019-07-23 09:34:42 +02:00
Sandro Jäckel
4e0acf5296 Ignore JSON notation 2019-07-23 08:49:41 +02:00
Sandro Jäckel
2b50909fb5 Move shellcheck to lint job 2019-07-23 08:49:41 +02:00
Sandro Jäckel
f5a93e32b4 [CI] Run hadolint 2019-07-23 08:49:41 +02:00
Frans de Jonge
ad92518fe4 [CI] Run shellcheck and shfmt (#2454)
* [CI] Run shellcheck and shfmt

Cf. https://github.com/FreshRSS/FreshRSS/pull/2436#discussion_r305640019

* rename

* no need for disable anymore

* also remove leftover indentation flags even if it makes no difference to syntax checking

* define colors and reset before exit for local use
2019-07-22 16:07:40 +02:00
Sandro Jäckel
71270e4d5c Replace curl healthcheck with pure php, apply haodlint suggestions (#2455)
Closes #2453
2019-07-22 15:26:55 +02:00
Alexandre Alapetite
0a297addc0 Add php-gmp for API in Ubuntu 32-bit (#2450)
And adjust slightly the HEALTHCHECK parameters for faster start in
Træfik
2019-07-21 12:49:29 +02:00
Alexandre Alapetite
9623665913 Contributors in alphabetic order 2019-07-21 12:02:50 +02:00
Alexandre Alapetite
7197c76e09 Changelog 2381, 2446
https://github.com/FreshRSS/FreshRSS/issues/2446
https://github.com/FreshRSS/FreshRSS/pull/2449
https://github.com/FreshRSS/FreshRSS/issues/2381
https://github.com/FreshRSS/FreshRSS/pull/2442
2019-07-21 12:01:23 +02:00
Alexandre Alapetite
caeeeb52ca Fix user self registration (#2442)
* Fix user self registration

Fix https://github.com/FreshRSS/FreshRSS/issues/2381

* CSRF for admin
2019-07-21 11:05:51 +02:00
Nick Cross
1aa2af9752 Issue #2446 : Fix passing authentication headers (#2449)
* Issue #2446 : Fix passing authentication headers. Use CGIPassAuth is version is high enough

* Issue #2446 : Remove CGIPassAuth due to potential issues with AllowOverride rights.

* Tabs
2019-07-20 23:23:24 +02:00
Purexo
e09cf3fc71 Promote FreshRSS-Notify in user documentation (#2445)
* Add FreshRSS-Notify in Clients compatibles section

* Add FreshRSS-Notify in Compatible clients section

* Use language-neutral link

https://addons.mozilla.org/firefox/addon/freshrss-notify-webextension/
2019-07-15 15:44:50 +02:00
Alexandre Alapetite
f5fb8e8d2a Default to SQLite (#2443)
Move SQLite as first option in install instead of MySQL. Lower barrier
to entry.
2019-07-14 14:37:46 +02:00
Uncovery
25eada5bda Change to fix issues 2251 (#2301)
* Change to fix issues 2251

This is a proposed change to fix issue https://github.com/FreshRSS/FreshRSS/issues/2251

* Remove comments
2019-07-13 21:06:18 +02:00
Alexandre Alapetite
a394d7ab10 Docker Hub readme (#2441)
* Docker Hub readme

Try to use anothe readme.
And update info for
https://alpinelinux.org/posts/Alpine-3.10.1-released.html

* Test another variant

* /tmp/ did not work
2019-07-13 15:19:39 +02:00