Skip to content

Latest commit

 

History

History
646 lines (608 loc) · 59.9 KB

CHANGELOG.md

File metadata and controls

646 lines (608 loc) · 59.9 KB

FreshRSS changelog

See also the FreshRSS releases.

2025-1X-XX FreshRSS 1.27.2-dev

2025-09-27 FreshRSS 1.27.1

  • Features
    • Automatic database recovery: skip broken entries during CLI export/import #7949
    • Add security option for CSP frame-ancestors #7857, #8021
    • Lazy-load <track src> #7997
  • Security
    • Regenerate session ID on login #7829
    • Disallow setting non-existent language #7878, #7934
    • Safer calling of install.php #7971
    • Prevent log CR/LF injection #7883
    • Restrict allowed cURL parameters #7979, #8009
    • Fix reauthentication while updating #7989
    • Fix some CSRFs #8000
  • Bug fixing
    • Include port number for HTTP Retry-After #7875
    • Fix logic for searching labels #7863
    • Fix cURL response parsing for HTTP redirections #7866
    • Fix fetching OPML URL with special characters #7843
    • Fix validation when creating a new user label #7890
    • Fix bug in user self-deletion #7877
    • Fix displaying of current date in main statistics #7892
    • Fix default values on stat processing #7891
    • Fix UI JavaScript error when navigating to last article with keyboard #7957
    • Fix some links in anonymous mode #8011, #8012
    • Fixes for no-cache.txt #7907
    • Fix Docker Traefik .yml and SERVER_DNS example #7858
  • SimplePie
    • Upstream contribution: Normalize encoding uppercase simplepie#936, #7967
    • Sync upstream, including bump to 1.9.0 with better PHP 8.5+ support #7955
  • Deployment
    • Docker improve CMD compatibility #7861
    • Add possibility of Docker healthcheck #7945
  • UI
    • Keep sort and order after marking as read #7974
    • Improve leave validation #7830
    • Improve Origine theme visibility of toggle buttons #7956
    • Improve Dark pink theme #8020
    • Improve Mapco and Ansum themes: read all button in mobile view #7873
    • Improve Swage theme #7608
    • Use standard CSS overflow-wrap instead of word-wrap #7898
    • Various UI and style improvements: #7868, #7872, #7882, #7893, #7904, #7952
  • I18n
    • Clarify the concepts of visibility hidden vs. archived in feeds settings #7970
    • Translate the API information page #7922
    • Add a default language constant #7933
    • Label config delete label #7871
    • Add Ukrainian #7961
    • Improve Dutch #7940
    • Improve German #7833
    • Improve Hungarian #7986
    • Improve Japanese #7903, #7918
    • Improve Polish #7963
    • Improve Simplified Chinese #7943, #7944
    • Minor improvements #7881
    • Add CLI command to add i18n file #7917
    • Add make target to generate the translation progress #7905
  • Extensions
    • Add entry_before_update and entry_before_add hooks for extensions #7977
  • Misc.

2025-08-18 FreshRSS 1.27.0

  • Features
    • Implement support for HTTP 429 Too Many Requests and 503 Service Unavailable, obey Retry-After #7760
    • Add sort by category title, or by feed title #7702
    • Add search operator c: for categories like c:23,34 or !c:45,56 #7696
    • Custom feed favicons #7646, #7704, #7717, #7792
    • Rework fetch favicons for fewer HTTP requests #7767
    • Add more unicity criteria based on title and/or content #7789
    • Automatically restore user configuration from backup #7682
    • API add support for states in s parameter of streamId #7695
    • Improve sharing via Print #7728
    • Redirect to the login page from bookmarklet instead of 403 #7782
    • Clean local cache more often, when refreshing feeds #7827
  • Security
    • Implement reauthentication (sudo mode) #7753
    • Add Content-Security-Policy: frame-ancestors #7677
    • Ensure CSP everywhere #7810
    • Show warning when unsafe CSP policy is in use #7804
    • Fix access rights when creating a new user #7783
    • Improve security of form for user details #7771, #7786
    • Disallow setting non-existent theme #7722
    • Regenerate cookie ID after logging out #7762
    • Require current password when setting new password #7763
    • Add missing access checks for feed-related actions #7768
    • Strip more unsafe attributes such as referrerpolicy, ping #7770
    • Remove unneeded execution permissions #7802
  • Bug fixing
    • Fix redirections when scraping from HTML #7654, #7741
    • Fix multiple authentication HTTP headers #7703
    • Fix HTML queries with a single feed #7730
    • WebSub: only perform a redirection when coming from WebSub #7738
    • Include enclosures in entries’ hash #7719
      • Negative side-effect: users of the option to automatically mark updated articles as unread will once have some articles with enclosures re-appear as unread
    • Fix cancellation of slider exit UI #7705
    • Honor disable update on update page #7733
    • Fix no registration limit setting #7751
    • Fix XML encoding of sharing functions #7822
  • SimplePie
  • Deployment
    • Docker default image (Debian 12 Bookworm) updated to PHP 8.2.29 #7805
    • Docker alternative image updated to Alpine 3.22 with PHP 8.4.11 and Apache 2.4.65 #7740, #7740, #7803
    • Start supporting PHP 8.5+ #7787, #7826
      • Docker Alpine dev image :newest updated to PHP 8.5-alpha and Apache 2.4.65 #7773
    • Docker: interpolate FRESHRSS_INSTALL and FRESHRSS_USER variables #7725
    • Docker: Reduce how much data needs to be chown/chmod’ed on container startup #7793
    • Test for database PDO typing support during install (relevant for MySQL / MariaDB with obsolete driver) #7651
  • Extensions
    • Add API endpoint for extensions #7576
    • Expose the reading modes for extensions #7668, #7688
    • New extension hook before_login_btn #7761
  • UI
    • Improve mark as read request showing popup due to onbeforeunload #7554
    • Fix lazy-loading for <video poster="..."> and <image> #7636
    • Avoid styling <code> inside of <pre> #7797
    • Improve confirmation logic with data-auto-leave-validation #7785
    • Update chart.js to 4.5.0 #7752, #7816
    • Various UI and style improvements: #7616, #7811
  • I18n
  • Misc.

2025-06-02 FreshRSS 1.26.3

  • Features
    • Keep sort and order criteria during navigation #7585
    • Add info about PDO::ATTR_CLIENT_VERSION (relevant for MySQL / MariaDB with obsolete driver) #7591
  • Bug fixing
    • Fix SQL request for user labels with custom sort (affecting PostgreSQL) #7588
    • Fix regression for favicon in GReader and Fever APIs #7573
    • Fix newest articles (within last second) not shown #7577
    • Fix duplicate HTTP header for POST #7556
    • Fix important articles on reader view #7602
    • Fix remove last share method #7613
    • Fix API handling of default category #7610
    • Fix user self-deletion #7626
    • Move PHP minimum version check #7560
  • Security
    • Fix encoding of themes #7565
    • Fix .htaccess.dist for access to /scripts/vendor/ #7598
  • SimplePie
    • Strip more HTML deprecated styles attributes: bgcolor, text, background, link, alink, vlink #7606
  • UI
    • Implement loading spinner for marking as favourite/read #7564
    • Provide theme class for CSS #7559
  • Deployment
    • Use HTTP Cache-Control: immutable for some files #7552
    • Drop Apache 2.2 (only support Apache 2.4+) #7561
  • I18n
  • Misc.

2025-05-03 FreshRSS 1.26.2

2025-03-13 FreshRSS 1.26.1

  • Features
    • Add cURL version to page about system information #7409
  • Bug fixing
    • Fix regression with cURL HTTP headers breaking conditional HTTP requests #7403, FreshRSS/simplepie#33
    • Fix regression with saving states of user queries #7400
    • Fix regression with dynamic OPML #7394
    • Fix update of the user’s last activity on login action #7406
    • Fix setting category option Maximum number of articles to keep per feed #7416
    • Fix priority field when processing a new feed from an extension #7354
  • Deployment
    • Fix regression with 64-bit timestamps on 32-bit platforms #7375
    • Fix back-compatibility with cURL 7.51 (we require cURL 7.52+ for CURLPROXY_HTTPS) #7409
  • UI
    • Use case-insensitive sort for categories #7402
    • Improve dark mode of Origine theme #7413
    • Added API password indicator #7340
  • I18n
    • Fix (es, fa, sk): do not translate XPath code #7404
    • Fix date bug in Finish #7423
    • Add Portuguese from Portugal #7329
    • Improve Hungarian #7391
  • Misc.

2025-02-23 FreshRSS 1.26.0

  • Features
    • Add order-by options to sort articles by received date (existing, default), publication date, title, link, random #7149
    • Allow searching in all feeds, also feeds only visible at category level with &get=A, and also those archived with &get=Z #7144
      • UI accessible from user-query view
    • Add search operator intext: #7228
    • New shortcuts for adding user labels to articles #7274
    • New About page with system information #7161
  • Bug fixing
    • Fix regression denying access to app manifest #7158
    • Fix unwanted feed description updates #7269
    • Ensure no PHP buffer for SQLite download (some setups would first put the file in memory) #7230
    • Fix XML encoding regression in HTML+XPath mode #7345
    • Improve cURL proxy options and fix some constants #7231
    • Fix UI of global view unread articles counter #7247
    • Hide base theme in carrousel #7234
  • Deployment
    • Require cURL 7.52.0+ #7231
    • Reduce superfluous Docker builds #7137
    • Docker default image (Debian 12 Bookworm) updated to PHP 8.2.26 and Apache 2.4.62
    • Docker alternative image (Alpine 3.21) updated to PHP 8.3.16
  • UI
    • Add footer icons to reader view #7133
    • Remove local reference to font Open Sans to avoid bugs with some local versions #7215
    • Improve stats page layout #7243
    • Smaller mark as read button in mobile view #5220
    • Add CSS class to various types of notifications to allow custom styling #7287
    • Various UI and style improvements: #7162, #7268 Security
    • Better authorization label for OIDC in the UI #7264
    • Allow comments in force-https.txt #7259
  • I18n:
  • Misc.

2024-12-23 FreshRSS 1.25.0

  • Features
    • Add support for regex search (regular expressions) #6706, #6926
      • ⚠️ Advanced regex syntax for searches depends on the database used (SQLite, PostgreSQL, MariaDB, MySQL), but FreshRSS filter actions such as auto-mark-as-read and auto-favourite always use PHP PCRE2 syntax.
    • Allow dynamic search operator in user queries, like search:UserQueryA date:P1d #6851
    • New feed mode HTML+XPath+JSON dot notation (JSON in HTML) #6888
    • Better HTTP compliance with support for HTTP response headers Cache-Control: max-age and Expires #6812, FreshRSS/simplepie#26
    • Support custom HTTP request headers per feed (e.g. for Authorization) #6820
    • New unicity policies and heuristic for feeds with bad article IDs #4487, #6900
    • Fallback to GUID if article link is empty #7051
    • New option to automatically mark new articles as read if an identical title already exists in the same category #6922
    • New reading view option to display unread articles + favourites #7088
      • And corresponding new filter state &state=96 (no UI button yet)
    • Add ability to remove content from articles with CSS selectors, also when not using full content #6786, #6807
    • Update phpgt/cssxpath library with improved CSS selectors #6618
      • Support for :last-child, :first-of-type, :last-of-type, ^=, |=
    • New condition option to selectively retrieve full content of articles #33fd07f6f26310d4806077cc87bcdf9b8b940e35, #7082
    • Allow parentheses in quoted search #7055
    • New UI feature to download a user’ SQLite database or a database SQLite export (to be produced by CLI) #6931
    • New button to delete errored feeds from a category #7030
    • Better import of Inoreader user labels #6791
    • Rebuild feed favicon on cache clear #6961
    • New sharing with Bluesky #7116
    • New sharing with Telegram #6838
  • Bug fixing
    • Fix searches with a parenthesis before an operator like ("a b") or (!c) #6818
    • Fix auto-read tags #6790
    • Fix CSS selector for removing elements #7037, #7073, #7081, #7091, #7083
    • Fix redirection error after creating a new user #6995
    • Fix favicon error in case of wrong URL #6899
    • Use cURL to fetch extensions list (allows e.g. IPv6) #6767
    • Fix XML encoding in cURL options #6821
    • Fix initial UI scroll for some browsers #7059
    • Fix menu for article tags in some cases #6990
    • Fix share menu shortcut #6825
    • Fix HTML regex pattern during install for compatibility with v mode #7009
    • More robust creation of user data folder #7000
  • API
    • Fix API for categories and labels containing a + #7033
      • Compatibility with FocusReader
    • Supported by Capy Reader (Android, open source) capyreader#492
    • Improved UI for API #7048
    • Allow adding multiple feeds to a category via API #7017
    • API support edit multiple tags #7060
    • API return all categories also those without any feed #7020
  • Compatibility
  • Deployment
    • Docker: dev image freshrss/freshrss:oldest updated to Alpine 3.16 with PHP 8.1.22 and Apache 2.4.59 #6711
    • Docker alternative image updated to Alpine 3.21 with PHP 8.3.14 and Apache 2.4.62 #5383
    • Update Dockerfiles to newer key-value format #6819
    • Docker minor improvement of entrypoint #6827
  • SimplePie
  • Security
    • Apache protect more non-public folders and files #6881, #6893, #7008
    • Add privacy settings on extension list retrieval #4603, #7132
    • Fix login in unsafe mode when using a password with special XML characters #6797
    • Fix login in e.g. Brave browser by avoiding synchronous XHR #7023
    • Fix invalid login message #7066
    • Modernise windows.open noopener (to avoid flash of white page in dark mode) #7077, #7089
  • UI
    • Searchable My Labels field #6753
    • Add subscription management button to reading view #6946
    • New option for showing label menu in article row #6984
    • Move to next unread label on mark as read #6886
    • Improved article footer for small / mobile screens #7031
    • Improve Web accessibility: fix aria-hidden bug, and use HTML5 hidden #6910
    • Default styles for <pre> and <code> #6770
    • Refactor the sharing menu to use a <template> instead of duplicated HTML code #6751, #7113
    • Refactor the label menu to use a <template> #6864
    • Rework UI for authors #7054
      • Avoid Unicode escape of authors in HTML UI #7056
    • Improved subscription management page #6816
    • Improve user query management page #7062
    • Restore JavaScript form validation compatibility with Web browsers using older engines (SeaMonkey) #6777
    • Reorganise some options #6920
    • New shortcut ? to show shortcut page and help #6981
    • Use of consistent colours in statistics #7090
    • Various UI and style improvements #6959
  • Extensions
    • New extension hook simplepie_after_init #7007
  • I18n
  • Misc.

2024-09-06 FreshRSS 1.24.3

  • Bug fixing
    • Fix mark-as-read from user query #6738
    • Fix regression for shortcut to move between categories #6741
    • Fix feed title option #6771
    • Fix XPath for HTML documents with broken root (used by CSS selectors to fetch full content) #6774
    • Fix UI regression in Mapco/Ansum themes #6740
    • Fix minor style bug with some themes #6746
    • Fix export of OPML information for date format of JSON and HTML+XPath feeds #6779
  • Security
    • OpenID Connect better definition of session parameters #6730
  • Compatibility
    • Last version supporting PHP 7.4
  • Misc.
    • Use charset for JSON requests from the UI #6710
    • Use .html extension for the local cache of full content pages instead of .spc #6724
    • Update dev dependencies #6739, #6758, #6759, #6760

2024-08-23 FreshRSS 1.24.2

  • Features
    • New global option to automatically add articles to favourites #6648
    • New possibility to share a user query in JSON GReader format #6655
    • New fields image and description for user query share #6541
    • Show article first words when an article title is empty #6240
    • New option to share articles from the article title line #6395
    • Improve JSON Dot Notation module to access more string-friendly types #6631
    • Improve detection of image types for enclosures not providing a type #6653
    • Add sharing to archive.is #6650
  • Security
    • Force log out of users when they are disabled #6612
    • Increase default values for OpenID Connect OIDCSessionMaxDuration and OIDCSessionInactivityTimeout #6642
    • Add default API CORS HTTP headers to shareable user queries #6659
  • Bug fixing
    • Fix parentheses for complex OR Boolean search expressions #6672
    • Fix keep max unread #6632
    • Fix regression in mark as read upon gone #6663
    • Fix regression on mark duplicate titles as read for modified articles #6664
    • Fix regression for Fever API, remove dependency to Exif extension #6624
    • Fix muted feeds for WebSub #6671
    • Fix performance / deadlock of PostgreSQL and MySQL / MariaDB during schema updates #6692
    • Fix HTTP cache of main page (regression since 1.18.0) #6719
    • Fix HTTP cache of shareable user queries #6718
    • Fix HTTP cache for feeds with modified Last-Modified when content is not modified #6723
  • Extensions
    • Add core extensions, shipped by default: UserCSS and UserJS #6267
      • Replaces CustomCSS and CustomCS extensions
    • Strong type array parameter helper #6661
  • CLI
    • Add quiet option to cli/db-backup.php #6593
  • Compatibility
  • Deployment
    • Docker default image (Debian 12 Bookworm) updated to PHP 8.2.20 and Apache 2.4.61
    • Docker alternative image updated to Alpine 3.20 with PHP 8.3.10 and Apache 2.4.62 #5383
    • Docker: Alpine dev image freshrss/freshrss:newest updated to PHP 8.4.0beta3 and Apache 2.4.62 #5764
  • UI
    • Default dark mode to auto #5582
    • New option to control action icons position in reading view #6297
    • Sticky buttons at the bottom of settings #6304
    • Various UI and style improvements #6446, #6485, #6651
  • I18n
    • Czech: use correct ISO 639-1 code cs (and not cz, which is the country) #6514
    • Improve Japanese #6564
    • Improve Spanish #6634
    • Improve Traditional Chinese #6691
  • Misc.

2024-06-05 FreshRSS 1.24.1

  • Features
    • New button to export OMPL of a category #6519
    • Better git error messages in built-in Web update #6496
  • Bug fixing
    • Fix regression HTTP GET curl options #6492
    • Fix regression of mark as read if an identical title already exists #6536, #6543
    • Fix connection to PostgreSQL databases with uppercase letters #6482
    • Fix UI regression hover over title while having the navigation buttons in mobile view #6486
    • Fix UI for some drag & drops #6505, #6508
  • i18n
  • Misc.

2024-05-23 FreshRSS 1.24.0

  • Features
    • New shareable user query mechanism to share list of articles by HTML, RSS, OPML #6052
      • Deprecates RSS sharing with master token
    • New JSON scraping mode to consume JSON data #5662, #6317, #6369, #6476
    • New support for JSON Feeds #5662
    • New support for HTTP POST #5662
    • New option to automatically add labels to incoming articles #5954
    • New button to download a feed configuration as OPML #6312
    • Web scraping support more encodings such as EUC-JP #6112
    • Web scraping support password-protected queries (refactor some cURL options and use CURLOPT_USERPWD) #6177
    • Web scraping HTTP GET allow UTF-8 even when charset is far from top #6271
    • Allow manual refresh of disabled feeds #6408
    • Allow multiple authors on enclosures #6272
    • New system option in data/config.php for number of feeds to refresh in parallel from UI #6124
  • CLI
  • API
    • New compatible app Read You #4633, #6050
    • Reduce API memory consumption #6137
    • Allow negative feed IDs for future special cases #6010
    • Only return OK for requests without query parameters #6238
  • Bug fixing
    • Better account for some edge cases for cron and automatic labels during feed refresh #6117
    • Better support for thumbnails in RSS feeds #5972
    • Auto-update PostgreSQL or MariaDB / MySQL databases for column details changes since FreshRSS 1.21.0 #6279
      • For SQLite, DB update require running ./cli/db-backup.php ; ./cli/db-restore.php --force-overwrite
    • Fix SQLite import of exports produced before FreshRSS 1.20.0 #6450
    • Fix SQLite release handle to fix deleting users on Microsoft Windows #6285
    • Fix to allow admins to create user even when there are Terms Of Service #6269
    • Fix updating the uncategorized category deletes the title #6073
    • Fix disable master authentication token #6185
    • Fix CSS selector preview #6423
    • Fix CSS selector encoding #6426
    • Fix export of CSS selector in OPML of individual feeds #6435
    • Fix OPML import of CURLOPT_PROXYTYPE #6439
    • Fix favicon with protocol-relative URLs have duplicate slashes #6068
    • Fix feed TTL+muted logic #6115
    • Fix apply mark as read to updated articles too #6334
    • Fix ZIP export on systems with custom temp folder #6392
    • Fix number of posts per page during paging #6268
    • Fix clipboard sharing UI #6301
    • Fix shortcut for clipboard sharing #6277
    • Fix user-query filter display #6421
  • SimplePie
  • Security
    • Replace iframe allow attribute #6274
  • Deployment
    • Disable unused PHP modules in our Debian-based Docker image #5994
  • UI
  • i18n
  • Extensions
    • Sanitize parsing list of extensions names and version number #6016, #6155, Extensions#214, #6186
    • Apply filter actions such as mark as read after the entry_before_insert hook for extensions #6091
    • New developer command to test all third-party extensions Extensions#228, #6273
      • composer run-script phpstan-third-party
    • New function Minz_Extension::amendCsp() for extensions to modify HTTP headers for Content Security Policy #6246
    • New property FreshRSS_Entry::isUpdated() for extensions to know whether an entry is new or updated #6334
  • Compatibility
    • Fix PHP 7.4 compatibility for automated tests #6038, #6039
    • Fix PHP 8.2+ compatibility for e-mails #6130
    • Use PHP 8.3+ #[\Override] #6273
  • Misc.

Older

See older changes