oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-06-27 16:36:00 +00:00
Code Wiki Activity
2287 commits 1 branch 82 tags 76 MiB
Commit graph

2287 commits

This branch
This branch
All branches
Author SHA1 Message Date
Frédéric Guillot
52b184394f fix(migrations): prevent failure at v45 with long entry URLs 
Fixes an issue where upgrading from older versions of Miniflux could fail with the following PostgreSQL error:

```
[FATAL] [Migration v45] pq: index row size 2744 exceeds btree version 4 maximum 2704 for index "entries_feed_url_idx"
```
 2025-05-23 13:27:05 -07:00
Matthaiks
7c8c7c2711 feat(locale): update Polish translation 2025-05-23 12:21:28 -07:00
Frédéric Guillot
9768eb9fb9 feat(locale): update French translations 2025-05-22 20:28:38 -07:00
Tianzhi Jin
b65373db7e feat(webauthn): perfer creation of a client-side discoverable credential 2025-05-22 20:14:00 -07:00
dependabot[bot]
596d22c02c build(deps): bump github.com/tdewolff/minify/v2 from 2.23.6 to 2.23.8 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.23.6 to 2.23.8.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.23.6...v2.23.8)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-version: 2.23.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-22 19:32:06 -07:00
Anton Larionov
4b86570b7c chore(gitignore): ignore miniflux binary in root directory 2025-05-22 19:31:52 -07:00
Anton Larionov
e99864a456 fix(locale): localize Git commit label at about page 2025-05-22 19:30:10 -07:00
Anton Larionov
225463817c
feat(locale): complete Russian translation 2025-05-20 19:37:41 -07:00
Matthaiks
3db6e822cb feat(locale): update Polish translation 2025-05-20 19:36:44 -07:00
dependabot[bot]
1c19151925 build(deps): bump github.com/tdewolff/minify/v2 from 2.23.5 to 2.23.6 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.23.5 to 2.23.6.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.23.5...v2.23.6)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-version: 2.23.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-20 19:36:20 -07:00
Anton Larionov
553c578f2e
feat(rssbridge): support auth token for RSS-Bridge 2025-05-19 20:47:12 -07:00
Tianzhi Jin
81ec32a8b6 fix(webauthn): correct arg in debug log 2025-05-14 21:01:52 -07:00
dependabot[bot]
3818a8a4fb build(deps): bump github.com/go-webauthn/webauthn from 0.12.3 to 0.13.0 
Bumps [github.com/go-webauthn/webauthn](https://github.com/go-webauthn/webauthn) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/go-webauthn/webauthn/releases)
- [Commits](https://github.com/go-webauthn/webauthn/compare/v0.12.3...v0.13.0)

---
updated-dependencies:
- dependency-name: github.com/go-webauthn/webauthn
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-13 19:17:05 -07:00
Frédéric Guillot
036704b3e4 feat(response): change error response content type to plain text and escape HTML 
Adding another layer of security in addition to the existing CSP cannot
hurt.
 2025-05-11 19:15:54 -07:00
Frédéric Guillot
327d027d38 feat(settings): replace div.panel with paragraph tags for OAuth2 links 2025-05-11 18:06:16 -07:00
Frédéric Guillot
5ae2cbd943 feat(settings): add validation for entry order and categories sorting order 2025-05-11 17:52:59 -07:00
dependabot[bot]
f15d29deb3 build(deps): bump github.com/tdewolff/minify/v2 from 2.23.3 to 2.23.5 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.23.3 to 2.23.5.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.23.3...v2.23.5)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-version: 2.23.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-08 19:03:12 -07:00
Frédéric Guillot
828a4334db fix(sanitizer): MathML tags are not fully supported by golang.org/x/net/html 
See https://github.com/golang/net/blob/master/html/atom/gen.go
and https://github.com/golang/net/blob/master/html/atom/table.go
 2025-05-06 21:18:19 -07:00
jvoisin
d1dc369bb2 feat(sanitizer): add MathML tags to the sanitizer 
This was found by reading the article pointed by https://lobste.rs/s/nobvmp/how_prime_factorizations_govern_collatz
 2025-05-06 20:19:56 -07:00
Frédéric Guillot
a8076e1891 ci: remove deprecated reviewers field from dependantbot.yml 2025-05-06 20:17:19 -07:00
dependabot[bot]
3448d6267c build(deps): bump golang.org/x/net from 0.39.0 to 0.40.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.39.0 to 0.40.0.
- [Commits](https://github.com/golang/net/compare/v0.39.0...v0.40.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 20:10:57 -07:00
dependabot[bot]
159261f2f8 build(deps): bump golang.org/x/oauth2 from 0.29.0 to 0.30.0 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.29.0 to 0.30.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 20:07:15 -07:00
jvoisin
ff2dfe977b feat: remove the ref parameter from url 
This is used by (at least) Ghost (https://forum.ghost.org/t/ref-parameter-being-added-to-links/38335)

Examples:
- https://blog.exploits.club/exploits-club-weekly-newsletter-66-mitigations-galore-dirtycow-revisited-program-analysis-for-uafs-and-more/
- https://labs.watchtowr.com/is-the-sofistication-in-the-room-with-us-x-forwarded-for-and-ivanti-connect-secure-cve-2025-22457/
 2025-05-06 19:59:55 -07:00
dependabot[bot]
a5e3719773 build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/crypto/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 08:32:46 -07:00
dependabot[bot]
cdadb87203 build(deps): bump golang.org/x/image from 0.26.0 to 0.27.0 
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/image/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/image
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 08:28:02 -07:00
dependabot[bot]
5284d61fe3 build(deps): bump golangci/golangci-lint-action from 7 to 8 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 7 to 8.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v7...v8)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-06 08:25:14 -07:00
Frédéric Guillot
3de9629a49 feat(googlereader): avoid SQL query to fetch username in streamItemContentsHandler 2025-05-04 20:38:53 -07:00
Frédéric Guillot
8d821dfc3b fix(googlereader): handle various item ID formats 
- Expected format: "tag:google.com,2005:reader/item/00000000148b9369" (hexadecimal string with prefix and padding)
- NetNewsWire uses this format: "tag:google.com,2005:reader/item/2f2" (hexadecimal string with prefix and no padding)
- Reeder uses this format: "000000000000048c" (hexadecimal string without prefix and padding)
- Liferea uses this format: "12345" (decimal string)
 2025-05-04 20:11:37 -07:00
Frédéric Guillot
cb775bc79e refactor(googlereader): move constants to separate files 2025-05-04 13:02:54 -07:00
Frédéric Guillot
6cc8d8abf1 fix(googlereader): /items/contents should accept short form item IDs 2025-05-03 21:48:41 -07:00
Frédéric Guillot
50395f13ca feat(googlereader): add mark-all-as-read endpoint 2025-05-03 18:38:54 -07:00
Frédéric Guillot
e8c3435bb9 fix(googlereader): return a 400 instead of 500 for invalid edit requests 2025-05-02 18:15:00 -07:00
Frédéric Guillot
9a8a8bdca3 refactor(googlreader): remove redundant log message 2025-05-02 17:56:21 -07:00
Frédéric Guillot
63f0a17388 fix(googlereader): avoid panic for inexisting feed or category 2025-05-02 17:42:25 -07:00
NoelNegash
81c7669945
feat(sanitized): allow Spotify iframes 2025-05-02 16:25:17 -07:00
dependabot[bot]
2b000d1022 build(deps): bump github.com/tdewolff/minify/v2 from 2.23.2 to 2.23.3 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.23.2 to 2.23.3.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.23.2...v2.23.3)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-version: 2.23.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-02 16:20:29 -07:00
dependabot[bot]
27253c8a97 build(deps): bump github.com/tdewolff/minify/v2 from 2.23.1 to 2.23.2 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.23.1 to 2.23.2.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.23.1...v2.23.2)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-version: 2.23.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-28 16:54:23 -07:00
Frédéric Guillot
f68046cce0 docs(changelog): update release notes for version 2.2.8 2025-04-22 21:01:43 -07:00
Frédéric Guillot
d33e305af9 fix(api): hide_globally categories field should be a boolean 2025-04-21 19:43:25 -07:00
Frédéric Guillot
764212f37c refactor(js): replace DomHelper methods with standalone functions 2025-04-17 18:15:08 -07:00
Tali Auster
e02b65d4bc fix: deal with navigator.share exceptions 
Navigator.share returns a promise that's executed in the background, but
unless we await it explicitly, we won't get the exceptions in the
try/catch block.
 2025-04-17 17:07:38 -07:00
Tali Auster
fe7ec25a09 chore: fix indentation 2025-04-17 17:07:38 -07:00
Tali Auster
2959a4d2bf fix: clarify share flow in UI 
Prior to this commit, to share an entry, a user has to click on the
share link and then copy the URL they are redirected to. The danger is
that they may right-click and copy the share link without actually
clicking on it, and therefore share a link that, when authenticated,
shares the entry, rather than actually sharing the entry.

Here, we avoid this misinterpretation by making sharing into a POST
request and using a form rather than a link.
 2025-04-17 17:07:38 -07:00
AiraNadih
6b70a7dc81
feat(api): add update_content query parameter to /entries/{entryID}/fetch-content endpoint 2025-04-17 12:41:58 -07:00
dependabot[bot]
495c6aacd9 build(deps): bump github.com/mattn/go-sqlite3 from 1.14.27 to 1.14.28 
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.27 to 1.14.28.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.27...v1.14.28)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-16 19:27:11 -07:00
Frédéric Guillot
bc228d0afe ci: add documentation issue template 2025-04-12 14:29:52 -07:00
Frédéric Guillot
d139d8a6ce feat(cli): add -reset-feed-next-check-at argument 2025-04-11 15:56:57 -07:00
dependabot[bot]
28d0185e79 build(deps): bump github.com/PuerkitoBio/goquery from 1.10.2 to 1.10.3 
Bumps [github.com/PuerkitoBio/goquery](https://github.com/PuerkitoBio/goquery) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/PuerkitoBio/goquery/releases)
- [Commits](https://github.com/PuerkitoBio/goquery/compare/v1.10.2...v1.10.3)

---
updated-dependencies:
- dependency-name: github.com/PuerkitoBio/goquery
  dependency-version: 1.10.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-11 15:44:47 -07:00
Frédéric Guillot
c87c93d85f feat(config): add SCHEDULER_ROUND_ROBIN_MAX_INTERVAL option 
Add option to cap maximum refresh interval when RSS TTL, Retry-After, Cache-Control, or Expires headers specify excessively high values.
 2025-04-11 15:40:32 -07:00
dependabot[bot]
0ef21e85c2 build(deps): bump github.com/prometheus/client_golang 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.21.1 to 1.22.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.21.1...v1.22.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-08 20:53:15 -07:00