rdelaage
/
miniflux-v2
mirror of https://github.com/miniflux/v2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,243 Commits 2 Branches 65 Tags 63 MiB
Commit Graph

1243 Commits

Author SHA1 Message Date
Ryan Cao c4e2eaa609 Add default tag names for Linkding integration 2023-05-30 21:02:27 -07:00
Romain de Laage 118e18190d Mark only globally visible entries when marking all entries from UI 2023-05-30 20:29:44 -07:00
Jonatas Baldin 31c4172540 Remove the "í" letter from the portuguese "lido" word 2023-05-28 19:13:36 -07:00
dependabot[bot] 93b43d37df Bump github.com/tdewolff/minify/v2 from 2.12.5 to 2.12.6 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.12.5 to 2.12.6.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.12.5...v2.12.6)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-26 16:13:54 -07:00
Frédéric Guillot 3987a2ce8a Reading time is not aligned correctly with the latest Safari 
Fixes #1873
 2023-05-10 20:38:18 -07:00
Frédéric Guillot fe039b3c55 Use glyphs of the same size on keyboard shortcuts page 2023-05-10 20:09:13 -07:00
dependabot[bot] 7537932154 Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-09 19:21:59 -07:00
dependabot[bot] 902f6cb9c0 Bump golang.org/x/crypto from 0.8.0 to 0.9.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-09 19:15:13 -07:00
Frédéric Guillot 790ce5be6d Increase golangci-lint timeout value 2023-05-09 19:06:36 -07:00
dependabot[bot] bcfc7a883c Bump golang.org/x/net from 0.9.0 to 0.10.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/golang/net/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-08 17:14:56 -07:00
Pontus Jensen Karlsson 9fdbd180df Added maskable versions of the PWA icon. 
Recent versions of Android allows the user to choose their own
homescreen icons shape. This introduces the concept of maskable PWA
icons, which without the "purpose" tag and properly padded icons makes
the homescreen icon look really boxy and weird.

This adds a new version of the icon with more padding in three sizes, as
well as the "purpose" attribute in the manifest.json file. The three old
icons are retained for compatibility with desktop and iOS.
 2023-05-08 16:35:37 -07:00
Frédéric Guillot 4c0c658152 Update ChangeLog 2023-05-06 14:09:45 -07:00
dependabot[bot] 88062ab9f9 Bump golang.org/x/term from 0.7.0 to 0.8.0 
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/term/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-04 17:04:42 -07:00
Adriano Di Luzio 85856baf13 fix: Point to docs for URL rewrite rules too 2023-05-04 17:04:21 -07:00
dependabot[bot] 2d33b7df6e Bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.15.0 to 1.15.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.15.0...v1.15.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-03 17:58:32 -07:00
Davide Masserut 5d8a8878d5 Update scraping rules for ilpost.it 2023-05-02 17:07:25 -07:00
dependabot[bot] 8d2dab44d8 Bump github.com/lib/pq from 1.10.8 to 1.10.9 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.8 to 1.10.9.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.8...v1.10.9)

---
updated-dependencies:
- dependency-name: github.com/lib/pq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-02 16:19:33 -07:00
dependabot[bot] d435e67a36 Bump mvdan.cc/xurls/v2 from 2.4.0 to 2.5.0 
Bumps [mvdan.cc/xurls/v2](https://github.com/mvdan/xurls) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/mvdan/xurls/releases)
- [Commits](https://github.com/mvdan/xurls/compare/v2.4.0...v2.5.0)

---
updated-dependencies:
- dependency-name: mvdan.cc/xurls/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-17 16:58:42 -07:00
Romain de Laage 33c4b5188c Add a rewrite rule to remove clickbait titles 2023-04-15 18:25:43 -07:00
dependabot[bot] 8161085714 Bump github.com/lib/pq from 1.10.7 to 1.10.8 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.7 to 1.10.8.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.7...v1.10.8)

---
updated-dependencies:
- dependency-name: github.com/lib/pq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-14 19:13:51 -07:00
dependabot[bot] 6493239484 Bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-13 20:48:57 -07:00
dependabot[bot] a143681af3 Bump golang.org/x/crypto from 0.7.0 to 0.8.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-07 16:12:41 -07:00
Emiel Wiedijk 5a88e0465e Update rewrite rules for theverge.com 
Articles on The Verge sometimes contain a section for related articles.
This section can be distracting in reader mode. Therefore, filter the
related article section using the scraper rules.
 2023-04-07 16:12:19 -07:00
dependabot[bot] 30bb901d7c Bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-07 16:02:42 -07:00
dependabot[bot] 40418fcf6f Bump golang.org/x/net from 0.8.0 to 0.9.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-06 17:42:43 -07:00
dependabot[bot] ad85e5be80 Bump golang.org/x/term from 0.6.0 to 0.7.0 
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/term/releases)
- [Commits](https://github.com/golang/term/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-05 20:06:59 -07:00
Frédéric Guillot aa9b18a8d6 Make sure PROXY_IMAGES option is backward compatible 
Bug introduced in PR #1610

Fixes #1753
 2023-04-02 18:35:43 -07:00
Jake Walker 8b6dd3e599 Keep other table rows and columns 2023-04-02 17:50:19 -07:00
Jake Walker 49d2596fc6 Basic table removal rule 2023-04-02 17:50:19 -07:00
rook1e 9a826bbe6f feat: support searching well-known urls in subdirectory 2023-04-02 17:44:14 -07:00
rook1e acc9186a59 fix: extra-long title overflow 2023-04-02 17:37:25 -07:00
dzaikos 7d252ea45b Add swipe as option for gesture navigation between entries. 
* Refactor `TouchHandler` to handle double-tap and swipe gestures.
  * Renamed existing `onTouch` JavaScript methods to `onItemTouch` and
    added `onContentTouch` methods for swipe gesture.
  * Refactor double-tap. It's now a method in `TouchHandler` versus
    anonymous functions in `listen()` method.
* Updated CSS classes.
  * Added `touch-action` CSS for `.entry-content`.
  * Renamed CSS classes for adding events in `TouchHandler`.
* Updated users settings to replace checkbox for double tap with select
  for none, double tap, or swipe.
* Added database migrations for new gesture_nav option.
  * Rename `users.double_tap` to `users.gesture_nav` and migrate
    existing user settings.
* Updated translation files. (Non-English updated with Google
  Translate.)

Resolves #1449, closes #1495
 2023-03-28 18:00:57 -07:00
Frédéric Guillot 140a40acaf Use secrets.GITHUB_TOKEN to push images instead of a PAT 2023-03-27 21:29:33 -07:00
toastal 56efba66f5 Prefer typographic punctuation 
For a long time, we’ve not been limited to ASCII and have machines that
can properly render the typographically-correct punctuation symbols for
our languages. This leads to a better, clearer reading experience and
also matches the `<meta charset="utf-8">` and the the use of such
punctuation on FAQs.

Changes:
• Ellipsis: `...` → `…` (https://en.wikipedia.org/wiki/Ellipsis)
• Apostrophe: `'` → `’` (https://en.wikipedia.org/wiki/Apostrophe)

While I could try to do research on other languages, I’m not a native
speaker in them and wouldn’t feel comfortable making any adjustments
outside of English.
 2023-03-27 20:55:25 -07:00
Frédéric Guillot 7e612cddd3
Update issue templates 2023-03-26 19:13:53 -07:00
Davide Masserut 034e46700c Process older entries first 
Feed entries are usually ordered from most to least recent.

Processing older entries first ensures that their creation timestamp
is lower than that of newer entries.

This is useful when we order by creation, because then we get a
consistent timeline.
 2023-03-25 16:19:07 -07:00
Daniel Jakots ac8f64d7a1 Set Prometheus as datasource everywhere 
Requested by @lnicola.
 2023-03-24 20:12:13 -07:00
Daniel Jakots b536e05fee Fix grafana dashboard 2023-03-24 20:12:13 -07:00
dependabot[bot] 6eed037186 Bump actions/setup-go from 3 to 4 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-20 20:20:59 -07:00
Frédéric Guillot 5912400dee Push Docker images to Quay.io (RedHat) 2023-03-19 21:25:05 -07:00
Frédéric Guillot ab209df78f Update ChangeLog 2023-03-16 19:34:20 -07:00
dependabot[bot] 11a352dcfd Bump github.com/tdewolff/minify/v2 from 2.12.4 to 2.12.5 
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.12.4 to 2.12.5.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.12.4...v2.12.5)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-16 18:04:23 -07:00
Frédéric Guillot 9ae6922bdc Fix null reference in toggle entry attachments shortcut 
Fixes #1723
 2023-03-13 20:20:35 -07:00
Frédéric Guillot ea8c3c801a Update Security policy 2023-03-13 19:56:47 -07:00
Frédéric Guillot eb9508502c Avoid XSS when opening a broken image due to unescaped ServerError in proxy handler 
Creating an RSS feed item with the inline description containing an `<img>` tag
with a `srcset` attribute pointing to an invalid URL like
`http:a<script>alert(1)</script>`, we can coerce the proxy handler into an error
condition where the invalid URL is returned unescaped and in full.

This results in JavaScript execution on the Miniflux instance as soon as the
user is convinced to open the broken image.
 2023-03-12 22:36:03 -07:00
Frédéric Guillot b46b5dfb2a Use r.RemoteAddr to check /metrics endpoint network access 
HTTP headers like X-Forwarded-For or X-Real-Ip can be easily spoofed. As
such, it cannot be used to test if the client IP is allowed.

The recommendation is to use HTTP Basic authentication to protect the
metrics endpoint, or run Miniflux behind a trusted reverse-proxy.
 2023-03-11 20:53:12 -08:00
Frédéric Guillot 877dbed5e8 Add HTTP Basic authentication for /metrics endpoint 2023-03-11 20:13:52 -08:00
fructurj 79ff381c4c Update es_ES.json 2023-03-11 17:38:07 -08:00
dependabot[bot] f6a672738a Bump golang.org/x/crypto from 0.6.0 to 0.7.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 20:38:55 -08:00
dependabot[bot] e4964d6933 Bump golang.org/x/oauth2 from 0.5.0 to 0.6.0 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 20:27:58 -08:00