mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-02-15 07:51:14 -05:00
Code Issues Packages Projects Releases Wiki Activity
7,003 Commits 3 Branches 84 Tags
6b5304b8258fa12e2aecf28e5b99111bd94de288
Commit Graph

7003 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexandre Alapetite
0202c29301 Remove wrong deprecation (#8399) 
This OPML method is the one used when exporting a single feed as OPML. Not deprecated.
 2026-01-04 20:40:55 +01:00
Inverle
4739bcc62e Allow styling entries by category in User CSS (#8397) 
* Allow styling entries by category in User CSS

Since we have `data-feed`, it is useful to have `data-category` too.

Example of usage to hide titles in all entries that belong to a specific category ID:
```css
[data-category="6"] {
	.title { display: none !important }
	.summary {
		position: relative;
		bottom: 2rem;
	}
}
```

* Add `data-link` to entries in `reader.phtml`
 2026-01-04 12:03:59 +01:00
Michael Meier
ed632bb5c4 Add myself to the credits file (#8398) 
See https://github.com/FreshRSS/FreshRSS/pull/8376
 2026-01-04 12:02:30 +01:00
Alexandre Alapetite
02131a83ac Changelog 2026-01-03 22:51:36 +01:00
Bartłomiej Dmitruk
0119c3e0ea Fix typos in CREDITS.md and configureController.php (#8396) 
- contirbutions → contributions
- runable → runnable
 2026-01-03 18:44:24 +01:00
Michael Meier
b07ec816b0 Switch to using CURLOPT_ACCEPT_ENCODING instead of the deprecated CURLOPT_ENCODING (#8376) 
* Replace deprecated CURLOPT_ENCODING

The CURLOPT_ENCODING setting has been deprecated in favor of
CURLOPT_ACCEPT_ENCODING.

Signed-off-by: Michael Meier <mmeier1986@gmail.com>

* Sync with our SimplePie fork PR
https://github.com/FreshRSS/simplepie/pull/67
https://github.com/simplepie/simplepie/pull/960
https://github.com/simplepie/simplepie/pull/962

* Our SimplePie PR merged

---------

Signed-off-by: Michael Meier <mmeier1986@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2026-01-03 18:43:15 +01:00
Bartłomiej Dmitruk
26c1102567 Merge commit from fork 
* Fix Path Traversal vulnerability in UserDAO methods

* Add tests and changelog for UserDAO path traversal fix

* make fix-all

* Fix PHPStan

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2026-01-03 18:09:44 +01:00
Alexandre Alapetite
15814cfd35 Add remote user in Apache logs, also for API (#8392) 
* API: add remote user in Apache logs
fix https://github.com/FreshRSS/FreshRSS/discussions/8385

Example:
```
2026-01-01T18:38:28.645486326Z 0.0.0.0 - alex [01/Jan/2026:19:38:28 +0100] "GET /api/greader.php/reader/api/0/subscription/list?output=json HTTP/1.1" 200 9798 "-" "curl/8.14.1"
```

* Fallback mod_rewrite

* Log remote user with same priority as FreshRSS_http_Util::httpAuthUser()
 2026-01-03 17:48:33 +01:00
Alexandre Alapetite
2527033057 Fix unwanted expansion of user queries in some cases (#8395) 
fix https://github.com/FreshRSS/FreshRSS/issues/8378
 2026-01-03 16:52:33 +01:00
Alexandre Alapetite
f0769d6e55 Changelog 2026-01-02 15:45:27 +01:00
dependabot[bot]
8aae2f6365 Bump markdownlint-cli from 0.46.0 to 0.47.0 (#8388) 
Bumps [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) from 0.46.0 to 0.47.0.
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.46.0...v0.47.0)

---
updated-dependencies:
- dependency-name: markdownlint-cli
  dependency-version: 0.47.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 20:12:02 +01:00
dependabot[bot]
eb1ebf1b6f Bump the eslint group across 1 directory with 3 updates (#8393) 
Bumps the eslint group with 2 updates in the / directory: [eslint](https://github.com/eslint/eslint) and [globals](https://github.com/sindresorhus/globals).


Updates `eslint` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v9.39.1...v9.39.2)

Updates `@eslint/js` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js)

Updates `globals` from 16.5.0 to 17.0.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v16.5.0...v17.0.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
- dependency-name: "@eslint/js"
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: eslint
- dependency-name: globals
  dependency-version: 17.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 19:50:35 +01:00
dependabot[bot]
cc1457ea2c Bump ruby/setup-ruby from 1.268.0 to 1.278.0 (#8390) 
* Bump ruby/setup-ruby from 1.268.0 to 1.278.0

Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.268.0 to 1.278.0.
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](8aeb6ff803...4c24fa5ec0)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.278.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Remove comment with link to release tag

Not worth updating every time dependabot makes a commit

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Inverle <inverle@proton.me>
 2026-01-01 19:48:18 +01:00
dependabot[bot]
f91f582698 Bump stylelint-order from 7.0.0 to 7.0.1 in the stylelint group (#8387) 
Bumps the stylelint group with 1 update: [stylelint-order](https://github.com/hudochenkov/stylelint-order).


Updates `stylelint-order` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/hudochenkov/stylelint-order/releases)
- [Changelog](https://github.com/hudochenkov/stylelint-order/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hudochenkov/stylelint-order/compare/7.0.0...7.0.1)

---
updated-dependencies:
- dependency-name: stylelint-order
  dependency-version: 7.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: stylelint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 19:47:16 +01:00
dependabot[bot]
99078d503b Bump phpstan/phpstan-phpunit from 2.0.10 to 2.0.11 (#8389) 
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.10 to 2.0.11.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/2.0.10...2.0.11)

---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
  dependency-version: 2.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 19:46:57 +01:00
dependabot[bot]
353025719e Bump actions/cache from 4 to 5 (#8391) 
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-01 19:46:22 +01:00
Rob Loach
1e5ab5d7b7 changelog: Add entry for updated .gitignore (#8380) 
* changelog: Add entry for updated .gitignore

Adds an entry for https://github.com/FreshRSS/FreshRSS/pull/8372

* Fix Markdown

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-12-31 20:45:48 +01:00
Rob Loach
0754b4a53a gitignore: Ignore all the installed extensions (#8372) 
Have the `extensions/.gitignore` ignore all installed extensions so that they don't show up in `git status`
 2025-12-31 11:51:02 +01:00
Inverle
19bdfc0267 Fix refreshing feeds with token while anonymous refresh is disabled (#8371) 
Closes https://github.com/FreshRSS/FreshRSS/issues/8369
Regression from https://github.com/FreshRSS/FreshRSS/pull/8165
 2025-12-30 23:41:09 +01:00
Alexandre Alapetite
579f945af7 Fix encoding of filter actions for labels (#8368) 
fix https://github.com/FreshRSS/FreshRSS/issues/8367
Forgotten from https://github.com/FreshRSS/FreshRSS/pull/8324
 2025-12-29 15:29:46 +01:00
Alexandre Alapetite
7c0370b4ea Do not include hidden feeds when counting unread articles in categories (#8357) 
fix https://github.com/FreshRSS/FreshRSS/issues/8347
 2025-12-27 16:26:02 +01:00
Alexandre Alapetite
40533684bb Changelog 2025-12-26 20:27:31 +01:00
Alexandre Alapetite
b8c955583c Speed: disable labels count for Ajax requests (#8352) 
fix https://github.com/FreshRSS/FreshRSS/issues/8342
 2025-12-26 09:47:36 +01:00
Alexandre Alapetite
6fb5263633 DB: auto-add lastUserModified column also during markRead (#8346) 
fix https://github.com/FreshRSS/FreshRSS/issues/8345
 2025-12-25 11:31:07 +01:00
Alexandre Alapetite
ae2ab45266 Handle fetch of text/plain as <pre> (#8340) 
* Handle fetch of text/plain as <pre>
fix https://github.com/FreshRSS/FreshRSS/issues/8328

* class="text-plain"
 2025-12-24 21:38:38 +01:00
Inverle
7e5d2d0727 Change Content-Disposition: inline to attachment in f.php (#8344) 
Some [misconfigured instances](https://github.com/FreshRSS/FreshRSS/issues/7835) may be stripping out the CSP header that `f.php` sends, which can be mitigated by forcing the browser to download the image instead of displaying it and executing JS code from unsanitized SVGs for example.

Contributes to https://github.com/FreshRSS/FreshRSS/pull/8263 and https://github.com/FreshRSS/FreshRSS/pull/7924
(improving security when CSP is not present)
 2025-12-24 21:35:34 +01:00
Alexandre Alapetite
3b7ce27be4 Start 1.28.1-dev 🎄 2025-12-24 20:28:59 +01:00
Alexandre Alapetite
fdd82820f1 Release 1.28.0 🎄 1.28.0 2025-12-24 20:01:47 +01:00
Alexandre Alapetite
00c61cf34c Fix serialisation of dates in searches (#8341) 
Dates should not be expanded/resolved in string serialisations of search expressions, as it otherwise break relative user queries such as `P30D`.
Fix of https://github.com/FreshRSS/FreshRSS/pull/8293
 2025-12-24 01:19:06 +01:00
Alexandre Alapetite
3cd7168612 Capy Reader update (#8339) 
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8184
One more  for synchronisation, which has become better.
✔️ User labels properly implemented https://github.com/jocmp/capyreader/issues/786#issuecomment-3685125608
First client to pass all my criteria since defunct News+.
 2025-12-23 11:59:36 +01:00
Alexandre Alapetite
6d57a9de47 Fix parsing of literal "or" in regex (#8338) 
fix https://github.com/FreshRSS/FreshRSS/issues/7879
 2025-12-23 11:58:51 +01:00
Alexandre Alapetite
cf3ca70765 Changelog 2025-12-21 21:29:34 +01:00
Alexandre Alapetite
1a3912f25a Improve configuration checks (#8334) 
Add a distinction between recommended and required extensions.
Add check for recommended php-intl extension as follow-up of https://github.com/FreshRSS/FreshRSS/pull/8329#issuecomment-3677686581
Improve related checks such as ZIP.
Reduce duplicated translations and tests.
 2025-12-21 19:26:08 +01:00
Inverle
672411ca70 Fix dropdown menus in sidebar going under the navigation bar (#8336) 
Missed in #8335 because I was testing without having the navigation bar enabled.

<img width="674" height="198" alt="image" src="https://github.com/user-attachments/assets/a1db7f95-f1d9-47e5-a572-20892e6c7abc" />
 2025-12-21 15:37:23 +01:00
Inverle
f387abe2c4 Display sidebar dropdowns above if no space below (#8335) 
Closes https://github.com/FreshRSS/FreshRSS/issues/7801
 2025-12-21 14:02:27 +01:00
Alexandre Alapetite
af1e5cb9bc More uniform SQL search and PHP search (#8329) 
* More uniform SQL search and PHP search
The behaviour depends though on the database.
Improve https://github.com/FreshRSS/FreshRSS/discussions/8265#discussioncomment-15278980

* Try to use transliterator_transliterate function instead
 2025-12-20 11:06:39 +01:00
stag
f71636955f Add stag-enterprises to credits (#8331) 
https://github.com/FreshRSS/FreshRSS/pull/8330#issuecomment-3667491619
 2025-12-18 15:17:52 +01:00
stag
43a8e1e2d9 Allow negative category sort numbers (#8330) 
Closes https://github.com/FreshRSS/FreshRSS/issues/8304
Remove the min=1 attribute so negative numbers can be used to force categories to the bottom
 2025-12-17 23:46:03 +01:00
Alexandre Alapetite
00cd5df294 Use native PHP #[Deprecated] (#8325) 
https://php.watch/versions/8.4/Deprecated
And enfore it with PHPUnit + PHPStan.
Especially useful for extensions.
 2025-12-17 10:11:18 +01:00
Alexandre Alapetite
4bd5035914 Rework encoding of search filters (#8324) 
Rework:
* https://github.com/FreshRSS/FreshRSS/pull/8222

now that we have:
* https://github.com/FreshRSS/FreshRSS/pull/8293

Follow-up of:
* https://github.com/FreshRSS/FreshRSS/pull/8311

* More simplification

* Deprecate getRawInput
 2025-12-17 10:07:52 +01:00
Alexandre Alapetite
6952a13958 Handle null in base64_encode (#8321) 
* Handle null in base64_encode
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15269370

* PHPDoc
 2025-12-16 18:53:00 +01:00
Alexandre Alapetite
1c50193644 Fix array unique gaps (#8322) 
https://github.com/FreshRSS/FreshRSS/discussions/8265#discussioncomment-15270212
 2025-12-16 17:52:16 +01:00
Alexandre Alapetite
73debc1a31 Changelog 2025-12-16 11:34:59 +01:00
Alexandre Alapetite
493bb88535 Safer handling of DB null content (#8319) 
https://github.com/FreshRSS/FreshRSS/discussions/8314#discussioncomment-15261119
 2025-12-16 10:48:20 +01:00
Andy Valencia
19666d70ed Bump to API level 4 for Fever; add with_ids so we can mass-change rea… (#8312) 
* Bump to API level 4 for Fever; add with_ids so we can mass-change read/unread/saved/unsaved on lists of articles.
As discussed in https://github.com/FreshRSS/FreshRSS/issues/8305

A small enhancement to the Fever API to vastly increase efficiency when bulk marking items.
-

How to test the feature manually:

The client at:

https://sources.vsta.org:7100/FeedMonkey/file?name=js/Fever.js&ci=tip

has code to talk to this API enhancement (when the API level says it's supported).  In particular walkArticles().

* Update indentation per PR check on Github

* make fix-all

* Line length

* Fix many typing issues

* is_numeric

* Update comment

---------

Co-authored-by: Andy Valencia <ajv-899-334-8894@vsta.org>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-12-16 08:36:29 +01:00
Alexandre Alapetite
476e57b046 Reverse hash and nonce (#8320) 
Safer password evaluation
 2025-12-15 22:06:05 +01:00
Alexandre Alapetite
00f2f043ac GitHub Actions: --no-progress (#8315) 2025-12-15 15:12:36 +01:00
Inverle
36118117f0 Improve scrolling into filter in sidebar (#8307) 
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8281

todo:
* [x] Include labels (prefix `t_`) too
* [x] Keep sidebar scrollTop when using the nav menu
* [ ] ~~Make this work in the reader view's sidebar too~~ for separate PR
* [x] Prevent whole page from scrolling on `scrollIntoView()` call, just scroll in the sidebar (probably related: https://github.com/FreshRSS/FreshRSS/pull/8306#issuecomment-3647414618)

This TODO will be done in a separate PR since it requires optimizing the sidebar toggle code.
edit: it does work on Chrome already though, but only if `#stream` isn't too large / breaks randomly (Firefox is slower it seems)
 2025-12-15 15:12:12 +01:00
Zexin Yuan
e6cb6e65a4 Improve simplified chinese translation (#8313) 
* Improve simplified chinese translation

* Update translation progress

* Add yzx9 to contributors
 2025-12-13 12:25:14 +01:00
Alexandre Alapetite
4b6127ee04 New links in transitions and jump to next transition (#8294) 
Easier to explain graphically:

<img width="408" height="266" alt="image" src="https://github.com/user-attachments/assets/0e3724a1-155b-4a87-89b3-cfe8a18cb100" />

The jump to next section ⏭ works when the sorting criterion is a date.

Need https://github.com/FreshRSS/FreshRSS/pull/8293
 2025-12-13 11:38:33 +01:00