* PHPStan 2.0
fix https://github.com/FreshRSS/FreshRSS/issues/6989https://github.com/phpstan/phpstan/releases/tag/2.0.0https://github.com/phpstan/phpstan/blob/2.0.x/UPGRADING.md
* More
* More
* Done
* fix i18n CLI
* Restore a PHPStan Next test
For work towards PHPStan Level 10
* 4 more on Level 10
* fix getTagsForEntry
* API at Level 10
* More Level 10
* Finish Minz at Level 10
* Finish CLI at Level 10
* Finish Controllers at Level 10
* More Level 10
* More
* Pass bleedingEdge
* Clean PHPStan options and add TODOs
* Level 10 for main config
* More
* Consitency array vs. list
* Sanitize themes get_infos
* Simplify TagDAO->getTagsForEntries()
* Finish reportAnyTypeWideningInVarTag
* Prepare checkBenevolentUnionTypes and checkImplicitMixed
* Fixes
* Refix
* Another fix
* Casing of __METHOD__ constant
* Apache protect more non-public folders
* Also protect root
* Do the same for /p/
* Simplify Require all denied
In case of Apache 2.2, it will just make an error 500 instead of 403
* .htaccess.dist
* Simplify
* Better comment
* Minor update whitespace PHPCS rules
To simplify our configuration, apply more rules, and be clearer about what is added or removed compared with PSR12.
Does not change our current conventions, but just a bit more consistent.
* Forgotten *.phtml
* Sort exclusion patterns + add a few for Extensions repo
* Relaxed some rules
* CLI database backup and restore
Can also be used to migrate from one database to another (e.g. MySQL to PostgreSQL) or to ease upgrade to a major PostgreSQL version (e.g. 15 to 16).
* +x
* Fix some cases
* Update to docker-compose-v2
* More documentation
* Fix CLI install with prefix
It was not possible to pass a blank prefix
* Fix regression EXIT_CODE_ALREADY_EXISTS
The dedicated exit code was not sent anymore when a user already exists
* Adds logic for validation
* Adds validation to do-install
* Adds help to do-install
* Adds validation & help to reconfigure
* Adds validation to check.translation
* Adds validation to manipulate.translation
* Small fixes to help texts
* Refactors language option validation
* Adds default options to validation
* Fixes validation with regex
* Refactors readAs functions
* Updates to new regex validation format
* Fixes typing around default values
* Adds file extension validation
* Restandardises validation & parsing typing around array of strings
* Adds NotOneOf validation
* Adds ArrayOfString read as
* Refactors existing validation
* Adds validation throughout cli
* Removes unused file
* Adds new CL parser with goal of wrapping CLI behaviour
* Hides parsing and validation
* Rewites CL parser to make better use of classes
* Rolls out new parser across CL
* Fixes error during unknown option check
* Fixes misnamed property calls
* Seperates validations into more appropriate locations
* Adds common boolean forms to validation
* Moves CommandLineParser and Option classes into their own files
* Fixes error when validating Int type
* Rewrites appendTypedValues -> appendTypedValidValues now filters invalid values from output
* Renames -> for clarity
* Adds some docs clarifying option defaults and value taking behaviour
* Refactors getUsageMessage for readability
* Minor formatting changes
* Adds tests for CommandLineParser
* Adds more tests
* Adds minor fixs
* Reconfigure now correctly updates config
* More fixes to reconfigure
* Fixes required files for CommandLineParserTest
* Use .php extension for PHP file
* PHPStan ignore instead of wrong typing
* Refactors to support php 7.4
* Moves away from dynamic properties by adding 'Definintions' to all commands
* Renames target to definition for clarity
* Stops null from being returned as a valid value in a certain edge case
* Adds PHPStan ignore instead of incorrect typing
* Refactors tests to take account of new typing solution
* Marks file as executable
* Draft CLI rework
* Finish rewrite as object-oriented
* Fix PHPStan ignore and make more strongly typed
* Rename class Option to CliOption
* Light renaming + anonymous classes
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Pass PHPStan level 8
And prepare for PHPStan level 9 https://phpstan.org/user-guide/rule-levels
* Revert wrong replace in comment
* Fix PHPStan level 8
* Update PHPStan and other dev dependencies
* Remove obsolete comment
* noVariableVariables and towards bleedingEdge
https://github.com/phpstan/phpstan-strict-ruleshttps://phpstan.org/blog/what-is-bleeding-edge
* More bleedingEdge
* A bit more PHPStan level 9
* More PHPStan level 9
* Prepare for booleansInConditions
Ignore int and null
* Revert wrong line
* More fixes
* Fix keep_max_n_unread
* Stricter attribute functions
* Stricter callHooks and more PHPStan level 9
* More typing
* A tiny more
* Little's optimisations and booleans in conditions
* Apply strict type
* Apply strict type
* Apply strict type
* Fix multiple bugs with PHP 8.2 and 8.3
* Many declares missing, more errors fixed
* Apply strict type
* Another approach
* Stronger typing for Minz_Session
* Fix case of SQLite
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* fix many "Only booleans are allowed in an if condition"
* Update cli/create-user.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Update cli/i18n/I18nUsageValidator.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix several regressions and other minor things
* Fix another regression
* Update lib/http-conditional.php
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Complete PHPStan Level 6
Fix https://github.com/FreshRSS/FreshRSS/issues/4112
And initiate PHPStan Level 7
* PHPStan Level 6 for tests
* Use phpstan/phpstan-phpunit
* Update to PHPStan version 1.10
* Fix mixed bug
* Fix mixed return bug
* Fix paginator bug
* Fix FreshRSS_UserConfiguration
* A couple more Minz_Configuration bug fixes
* A few trivial PHPStan Level 7 fixes
* A few more simple PHPStan Level 7
* More files passing PHPStan Level 7
Add interface to replace removed class from https://github.com/FreshRSS/FreshRSS/pull/5251
* A few more PHPStan Level 7 preparations
* A few last details
* PHPstan level 6 for Category.php
* Fix a few things
* Minor fixes
* A few more fixes
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix extension freshrss_user_maintenance in actualize_script
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3440
The hook was called before registering all the extensions for the current user
* PHPStan Level 6 for extensions
And remove 5-year old legacy format of enabled extensions < FreshRSS 1.11.1
* Fix multiple bugs in extensions
* Minor typing
* Don't change signature of methods supposed to be overridden
* PHPStan Level 9 and compatibility Intelliphense
* Set as final the methods not supposed to be overriden
* PHPStan level 6 for all PDO and Exception classes
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112
* Fix type
* Now also our remaining own librairies
* Motivation for a few more files
* A few more DAO classes
* Last interface
* Modernize Constants and use new constant 'currentUser'
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Add FreshRSS_Context::currentUser() function and use
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Controllers/userController.php
* Update app/Models/Auth.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update p/api/greader.php
* Update app/Models/Context.php
* Update app/Models/LogDAO.php
* Update lib/Minz/Log.php
* Update p/api/greader.php
* Update app/layout/header.phtml
* Update app/views/helpers/export/articles.phtml
* Update cli/do-install.php
* Remarque's from Alkarex
* Remarque's from Alkarex
* Refactor using new Minz_User class
* Consistent naming of public constants
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* More robust application of access permissions
We were in particular missing directory traversal `+X` in our current recommendations.
Extracted to own shell script so it can easily be invoked.
Update access permissions in Docker to account to be more robust.
#fix https://github.com/FreshRSS/FreshRSS/discussions/5037
* Minor simplification
* Restrict mkdir permissions
Default mkdir permissions are 0777, which is not good for security, so downgrade to 0770.
* API avoid logging passwords
* Strip passwords and tokens from API logs
* Only log failed requests information when in debug mode
* Remove debug SHA
* Clean also Apache logs
* Better comments
* Redact also token parameters
* shfmt
* Simplify whitespace
* redacted
