mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-03-29 19:51:20 -04:00
Code Issues Packages Projects Releases Wiki Activity
6,534 Commits 3 Branches 84 Tags
b401f152ca6256b19995e4e5e0e030961663ecc5
Commit Graph

6534 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Inverle
b401f152ca i18n: pl (#7587) 2025-05-13 20:47:40 +02:00
Alexandre Alapetite
5fcfb31a85 Changelog 2025-05-10 23:36:07 +02:00
Alexandre Alapetite
532d229d33 Fix newest articles not shown (#7577) 
* Fix newest articles not shown
Case when processing was faster than 1 second.
fix https://github.com/FreshRSS/FreshRSS/issues/7412
Regression from https://github.com/FreshRSS/FreshRSS/pull/7149

* Simplify uTimeString()
PHPStan has become a bit smarter
 2025-05-10 23:17:25 +02:00
Inverle
84d4aeb9e6 Implement loading spinner for marking as favorite/read, read/unread (#7564) 
* Implement loading spinner for marking as favorite

* Ensure that the correct previous icon gets set

* Remove delay

* Improve compatibility with various parsers

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>

* Support multiple icons (top, bottom)

* Remove preload for now

* Fix CSS, remove !important

* Implement read/unread and alt

* Ensure correct bookmark icon gets set after error

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-05-10 21:06:58 +02:00
CarelessCaution
5f74634c83 Update CREDITS.md (#7575) 
Add myself as a contributor for #7573.

Co-authored-by: CarelessCaution <189675655+CarelessCaution@users.noreply.github.com>
 2025-05-10 01:52:33 +02:00
CarelessCaution
c6f09e1ae4 Fix favicon hashing in GReader API (#7573) 
* Fix favicon hashing in GReader API (#7570)

This allows the correct iconUrl to be returned from the GReader API for
a given feed.

* Fix method signature

* Fix Fever API

---------

Co-authored-by: CarelessCaution <189675655+CarelessCaution@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-05-09 23:41:31 +02:00
Inverle
4968ff7ccc Provide theme class for CSS (#7559) 
* Provide theme class for CSS

* Replace more common characters with -

* Fix test error

* Make requested changes

* Make more requested changes

* Use htmlspecialchars_decode instead

* Replace whitespace

* One more whitespace character

* Simplify and move class to <html>

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-05-07 20:43:28 +02:00
Alexandre Alapetite
25f57beb90 Fix encoding of themes (#7565) 
* Fix encoding of themes
Several HTML and URL encoding issues in the case of special chars in theme directory or in metadata.
Also usefull to simplify https://github.com/FreshRSS/FreshRSS/pull/7559

* Minor simplification

* Stricter decoding
 2025-05-07 19:55:28 +02:00
Alexandre Alapetite
f2a7af03e8 Remove Apache 2.2 (only support Apache 2.4+) (#7561) 
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/7552
I cannot find any distribution still supporting Apache 2.2
 2025-05-07 14:45:43 +02:00
Alexandre Alapetite
91d32acfdc HTTP Cache-Control immutable (#7552) 
Start using `Cache-Control: immutable` for some resources served with a timestamp.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Cache-Control#immutable
The `<If>` directive requires Apache 2.4+
 2025-05-07 10:53:59 +02:00
Alexandre Alapetite
3f187395ea Move PHP minimum version check (#7560) 
It is too late to check for minimum version check in `lib_rss.php` because that file already contains some relatively new PHP language constructs, which will lead to a syntax error - when running with an old PHP version - instead of the expected error message.
Moved to `constants.php` for now.

Example of syntax error with PHP 7.4:
```
PHP Parse error:  syntax error, unexpected '|', expecting '{' in /var/www/FreshRSS/lib/lib_rss.php on line 166
```

Should help users like in:
* https://github.com/FreshRSS/FreshRSS/discussions/7539
* https://github.com/FreshRSS/FreshRSS/issues/7557
 2025-05-07 10:47:09 +02:00
Alexandre Alapetite
b2f80ad00a Fix duplicate HTTP header for POST (#7556) 
Using POST with JSON would add `Content-Type: application/json` again and again everytime the feed's settings were saved
 2025-05-05 18:55:43 +02:00
Alexandre Alapetite
2063e445af PHPMailer 6.10.0 (#7542) 
Supplement to https://github.com/FreshRSS/FreshRSS/pull/7541
 2025-05-03 22:34:39 +02:00
Alexandre Alapetite
b09fa7a4e2 Start FreshRSS 1.26.3-dev 2025-05-03 22:33:26 +02:00
Alexandre Alapetite
4c5e8e77b3 Release FreshRSS 1.26.2 1.26.2 2025-05-03 22:11:42 +02:00
Alexandre Alapetite
b38a8d86a0 Changelog 2025-05-03 22:11:00 +02:00
Inverle
4568111c00 Fix file serving for symlinked extensions (#7545) 
* Fix file serving for symlinked extensions from ext.php

* Don't resolve symlink when deleting extension

* Minor syntax

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-05-02 09:47:57 +02:00
dependabot[bot]
df6e57c289 Update phpmailer/phpmailer requirement from 6.9.3 to 6.10.0 in /lib (#7541) 
Updates the requirements on [phpmailer/phpmailer](https://github.com/PHPMailer/PHPMailer) to permit the latest version.
- [Release notes](https://github.com/PHPMailer/PHPMailer/releases)
- [Changelog](https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md)
- [Commits](https://github.com/PHPMailer/PHPMailer/compare/v6.9.3...v6.10.0)

---
updated-dependencies:
- dependency-name: phpmailer/phpmailer
  dependency-version: 6.10.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-01 21:54:20 +02:00
FabioL
f562b4ebff Updated italian translations (#7540) 
Co-authored-by: loviuz <loviuz@mailbox.org>
 2025-05-01 16:42:56 +02:00
dependabot[bot]
464254075b Bump the stylelint group with 2 updates (#7537) 
Bumps the stylelint group with 2 updates: [stylelint](https://github.com/stylelint/stylelint) and [stylelint-order](https://github.com/hudochenkov/stylelint-order).


Updates `stylelint` from 16.17.0 to 16.19.1
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/16.17.0...16.19.1)

Updates `stylelint-order` from 6.0.4 to 7.0.0
- [Release notes](https://github.com/hudochenkov/stylelint-order/releases)
- [Changelog](https://github.com/hudochenkov/stylelint-order/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hudochenkov/stylelint-order/compare/6.0.4...7.0.0)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-version: 16.19.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: stylelint
- dependency-name: stylelint-order
  dependency-version: 7.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: stylelint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-01 12:06:06 +02:00
dependabot[bot]
39c8631f5f Bump the eslint group with 2 updates (#7536) 
Bumps the eslint group with 2 updates: [eslint](https://github.com/eslint/eslint) and [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js).


Updates `eslint` from 9.23.0 to 9.25.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.23.0...v9.25.1)

Updates `@eslint/js` from 9.23.0 to 9.25.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.25.1/packages/js)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.25.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: "@eslint/js"
  dependency-version: 9.25.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-01 12:05:51 +02:00
dependabot[bot]
0cd23cca7c Bump phpstan/phpstan from 2.1.11 to 2.1.13 (#7534) 
* Bump phpstan/phpstan from 2.1.11 to 2.1.13

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 2.1.11 to 2.1.13.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/2.1.11...2.1.13)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-version: 2.1.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump phpstan/phpstan from 2.1.11 to 2.1.13

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 2.1.11 to 2.1.13.
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/2.1.11...2.1.13)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-version: 2.1.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix PHPStan

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-05-01 11:50:12 +02:00
dependabot[bot]
3ac5a60bed Bump squizlabs/php_codesniffer from 3.12.0 to 3.12.2 (#7533) 
Bumps [squizlabs/php_codesniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) from 3.12.0 to 3.12.2.
- [Release notes](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases)
- [Changelog](https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.12.0...3.12.2)

---
updated-dependencies:
- dependency-name: squizlabs/php_codesniffer
  dependency-version: 3.12.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
 2025-05-01 11:37:36 +02:00
dependabot[bot]
b6a6a5e785 Bump sass from 1.86.1 to 1.87.0 (#7538) 
Bumps [sass](https://github.com/sass/dart-sass) from 1.86.1 to 1.87.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.86.1...1.87.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-version: 1.87.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
 2025-05-01 11:34:54 +02:00
dependabot[bot]
059166cc8b Bump peter-evans/dockerhub-description from 4.0.1 to 4.0.2 (#7535) 
Bumps [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/peter-evans/dockerhub-description/releases)
- [Commits](0505d8b048...432a30c9e0)

---
updated-dependencies:
- dependency-name: peter-evans/dockerhub-description
  dependency-version: 4.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-01 11:23:55 +02:00
Alexandre Alapetite
6bb8680ae0 HTTP Auth disallow multiple headers (#7528) 
When using HTTP Auth methods (including OpenID Connect), exactly 1 HTTP header should be received, not more.
 2025-04-28 22:51:54 +02:00
Dezponia
b20dd771d6 Update CREDITS.md with myself (#7527) 
Adding myself to CREDITS.md as requested in PR #7419 comment.
 2025-04-28 09:09:02 +02:00
Alexandre Alapetite
26c5809d6b Changelog 2025-04-27 23:05:19 +02:00
Alexandre Alapetite
9374b7745f Themes fix CSS .as-link (#7526) 
* Themes fix CSS .as-link
Add missing rules.
fix https://github.com/FreshRSS/FreshRSS/pull/7489#issuecomment-2781146577

* More fixes
 2025-04-27 22:30:52 +02:00
Alexandre Alapetite
c2ccdf2d1b Changelog minor 2025-04-26 21:46:31 +02:00
Alexandre Alapetite
0ea21806eb Changelog 2025-04-26 21:44:46 +02:00
Alexandre Alapetite
3776e1e48f Improve favicon hash (#7505) 
* Favicon hash proxy
Content provided through a proxy may be completely different, so the feed hash must account for that

* Fix typing

* Hash of Web site in priority for favicons

* Continue

* Revert some minor changes
 2025-04-26 14:19:54 +02:00
Alexandre Alapetite
d1f9b6c232 SimplePie: Fix support for feeds with XML preample + DTD (#7515) 
Regression from https://github.com/FreshRSS/FreshRSS/pull/4374
fix: https://github.com/FreshRSS/FreshRSS/issues/7514
https://github.com/FreshRSS/simplepie/pull/35
Upstream PR: https://github.com/simplepie/simplepie/pull/914
 2025-04-18 14:59:46 +02:00
Inverle
30b3180ed4 Update CREDITS.md (#7509) 2025-04-14 00:26:08 +02:00
Inverle
4dbd98b1d5 Update Polish translation (#7508) 
* Update Polish translation

* corrections

* make fix-all

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
 2025-04-13 23:45:30 +02:00
Alexandre Alapetite
f58dea6a5a SimplePie forbit formaction attribute (#7506) 
Sanitize buttons with a form or formaction attribute.
 2025-04-13 00:01:09 +02:00
Alexandre Alapetite
be73c6d669 Fix regression ext.php (#7499) 
fix https://github.com/FreshRSS/FreshRSS/issues/7498
Regression from https://github.com/FreshRSS/FreshRSS/pull/7495
 2025-04-08 10:25:42 +02:00
Alexandre Alapetite
a585b935d5 Changelog 2025-04-07 10:15:03 +02:00
Alexandre Alapetite
0c33d27139 Secure serving of user files from extensions (#7495) 
* Secure serving of user files from extensions
fix https://github.com/FreshRSS/FreshRSS/issues/4930

* More fixes

* Typo
 2025-04-07 08:47:42 +02:00
Alexandre Alapetite
d3d9acca9f Web scraping forbid security headers in cURL (#7496) 
Prevent using `Remote-User`, `X-WebAuth-User` during Web scraping.
 2025-04-07 08:33:13 +02:00
Alexandre Alapetite
54e2f9107d Disallow iframe srcdoc for now (#7494) 
We do not sanitize this attribute well enough, so striped for now.
It is rarely used: I have not seen any use of it in any of my many test feeds.
Can be added back when we can handle its inherent security issues better.
 2025-04-06 00:47:45 +02:00
Alexandre Alapetite
d858053a7c Use HTTP POST for logout (#7489) 
* Use HTTP POST for logout
To avoid potential CSRF risks

* Fixed button font issue

* Minor whitespace
 2025-04-05 23:15:37 +02:00
Frans de Jonge
711a14fd9c Add :focus style to .dropdown-menu .item (#7491) 
So you can see keyboard focus.

In reply to <https://github.com/FreshRSS/FreshRSS/pull/7489#issuecomment-2774759046>.
 2025-04-05 22:23:54 +02:00
maTh
92c9293865 fix regression mapco/ansum theme (#7490) 
fix of https://github.com/FreshRSS/FreshRSS/pull/7489#discussion_r2023760515

Regression #7314
 2025-04-03 22:50:29 +02:00
Alexandre Alapetite
78dfb44060 Pass phpstan-strict-rules 2.0.4 (#7488) 
New check for Boolean in while conditions
Replace https://github.com/FreshRSS/FreshRSS/pull/7481
 2025-04-02 00:46:28 +02:00
dependabot[bot]
ca2693441c Bump sass from 1.85.1 to 1.86.1 (#7487) 
Bumps [sass](https://github.com/sass/dart-sass) from 1.85.1 to 1.86.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.85.1...1.86.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-version: 1.86.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-01 21:18:05 +02:00
dependabot[bot]
632c545b96 Bump stylelint from 16.16.0 to 16.17.0 in the stylelint group (#7486) 
Bumps the stylelint group with 1 update: [stylelint](https://github.com/stylelint/stylelint).


Updates `stylelint` from 16.16.0 to 16.17.0
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/16.16.0...16.17.0)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-version: 16.17.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: stylelint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-01 21:14:38 +02:00
dependabot[bot]
647b79b645 Bump the eslint group with 2 updates (#7485) 
Bumps the eslint group with 2 updates: [eslint](https://github.com/eslint/eslint) and [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js).


Updates `eslint` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v9.22.0...v9.23.0)

Updates `@eslint/js` from 9.22.0 to 9.23.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.23.0/packages/js)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: "@eslint/js"
  dependency-version: 9.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-01 21:14:19 +02:00
dependabot[bot]
d1c2ab3d86 Bump phpstan/phpstan-phpunit from 2.0.4 to 2.0.6 (#7484) 
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](https://github.com/phpstan/phpstan-phpunit/compare/2.0.4...2.0.6)

---
updated-dependencies:
- dependency-name: phpstan/phpstan-phpunit
  dependency-version: 2.0.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-01 21:14:01 +02:00
dependabot[bot]
f7be03d56a Bump squizlabs/php_codesniffer from 3.11.3 to 3.12.0 (#7483) 
Bumps [squizlabs/php_codesniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) from 3.11.3 to 3.12.0.
- [Release notes](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases)
- [Changelog](https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.11.3...3.12.0)

---
updated-dependencies:
- dependency-name: squizlabs/php_codesniffer
  dependency-version: 3.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-01 21:13:46 +02:00