Romain de Laage
118e18190d
Mark only globally visible entries when marking all entries from UI
2023-05-30 20:29:44 -07:00
Jonatas Baldin
31c4172540
Remove the "í" letter from the portuguese "lido" word
2023-05-28 19:13:36 -07:00
dependabot[bot]
93b43d37df
Bump github.com/tdewolff/minify/v2 from 2.12.5 to 2.12.6
...
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify ) from 2.12.5 to 2.12.6.
- [Release notes](https://github.com/tdewolff/minify/releases )
- [Commits](https://github.com/tdewolff/minify/compare/v2.12.5...v2.12.6 )
---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-26 16:13:54 -07:00
Frédéric Guillot
3987a2ce8a
Reading time is not aligned correctly with the latest Safari
...
Fixes #1873
2023-05-10 20:38:18 -07:00
Frédéric Guillot
fe039b3c55
Use glyphs of the same size on keyboard shortcuts page
2023-05-10 20:09:13 -07:00
dependabot[bot]
7537932154
Bump golang.org/x/oauth2 from 0.7.0 to 0.8.0
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.7.0...v0.8.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-09 19:21:59 -07:00
dependabot[bot]
902f6cb9c0
Bump golang.org/x/crypto from 0.8.0 to 0.9.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-09 19:15:13 -07:00
Frédéric Guillot
790ce5be6d
Increase golangci-lint timeout value
2023-05-09 19:06:36 -07:00
dependabot[bot]
bcfc7a883c
Bump golang.org/x/net from 0.9.0 to 0.10.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/golang/net/compare/v0.9.0...v0.10.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-08 17:14:56 -07:00
Pontus Jensen Karlsson
9fdbd180df
Added maskable versions of the PWA icon.
...
Recent versions of Android allows the user to choose their own
homescreen icons shape. This introduces the concept of maskable PWA
icons, which without the "purpose" tag and properly padded icons makes
the homescreen icon look really boxy and weird.
This adds a new version of the icon with more padding in three sizes, as
well as the "purpose" attribute in the manifest.json file. The three old
icons are retained for compatibility with desktop and iOS.
2023-05-08 16:35:37 -07:00
Frédéric Guillot
4c0c658152
Update ChangeLog
2023-05-06 14:09:45 -07:00
dependabot[bot]
88062ab9f9
Bump golang.org/x/term from 0.7.0 to 0.8.0
...
Bumps [golang.org/x/term](https://github.com/golang/term ) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/term/compare/v0.7.0...v0.8.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/term
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-04 17:04:42 -07:00
Adriano Di Luzio
85856baf13
fix: Point to docs for URL rewrite rules too
2023-05-04 17:04:21 -07:00
dependabot[bot]
2d33b7df6e
Bump github.com/prometheus/client_golang from 1.15.0 to 1.15.1
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.15.0 to 1.15.1.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.15.0...v1.15.1 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-03 17:58:32 -07:00
Davide Masserut
5d8a8878d5
Update scraping rules for ilpost.it
2023-05-02 17:07:25 -07:00
dependabot[bot]
8d2dab44d8
Bump github.com/lib/pq from 1.10.8 to 1.10.9
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.8 to 1.10.9.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.8...v1.10.9 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-02 16:19:33 -07:00
dependabot[bot]
d435e67a36
Bump mvdan.cc/xurls/v2 from 2.4.0 to 2.5.0
...
Bumps [mvdan.cc/xurls/v2](https://github.com/mvdan/xurls ) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/mvdan/xurls/releases )
- [Commits](https://github.com/mvdan/xurls/compare/v2.4.0...v2.5.0 )
---
updated-dependencies:
- dependency-name: mvdan.cc/xurls/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 16:58:42 -07:00
Romain de Laage
33c4b5188c
Add a rewrite rule to remove clickbait titles
2023-04-15 18:25:43 -07:00
dependabot[bot]
8161085714
Bump github.com/lib/pq from 1.10.7 to 1.10.8
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.7 to 1.10.8.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.7...v1.10.8 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-14 19:13:51 -07:00
dependabot[bot]
6493239484
Bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-13 20:48:57 -07:00
dependabot[bot]
a143681af3
Bump golang.org/x/crypto from 0.7.0 to 0.8.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.7.0...v0.8.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 16:12:41 -07:00
Emiel Wiedijk
5a88e0465e
Update rewrite rules for theverge.com
...
Articles on The Verge sometimes contain a section for related articles.
This section can be distracting in reader mode. Therefore, filter the
related article section using the scraper rules.
2023-04-07 16:12:19 -07:00
dependabot[bot]
30bb901d7c
Bump golang.org/x/oauth2 from 0.6.0 to 0.7.0
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/oauth2/releases )
- [Commits](https://github.com/golang/oauth2/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 16:02:42 -07:00
dependabot[bot]
40418fcf6f
Bump golang.org/x/net from 0.8.0 to 0.9.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-06 17:42:43 -07:00
dependabot[bot]
ad85e5be80
Bump golang.org/x/term from 0.6.0 to 0.7.0
...
Bumps [golang.org/x/term](https://github.com/golang/term ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/term/releases )
- [Commits](https://github.com/golang/term/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/term
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-05 20:06:59 -07:00
Frédéric Guillot
aa9b18a8d6
Make sure PROXY_IMAGES option is backward compatible
...
Bug introduced in PR #1610
Fixes #1753
2023-04-02 18:35:43 -07:00
Jake Walker
8b6dd3e599
Keep other table rows and columns
2023-04-02 17:50:19 -07:00
Jake Walker
49d2596fc6
Basic table removal rule
2023-04-02 17:50:19 -07:00
rook1e
9a826bbe6f
feat: support searching well-known urls in subdirectory
2023-04-02 17:44:14 -07:00
rook1e
acc9186a59
fix: extra-long title overflow
2023-04-02 17:37:25 -07:00
dzaikos
7d252ea45b
Add swipe as option for gesture navigation between entries.
...
* Refactor `TouchHandler` to handle double-tap and swipe gestures.
* Renamed existing `onTouch` JavaScript methods to `onItemTouch` and
added `onContentTouch` methods for swipe gesture.
* Refactor double-tap. It's now a method in `TouchHandler` versus
anonymous functions in `listen()` method.
* Updated CSS classes.
* Added `touch-action` CSS for `.entry-content`.
* Renamed CSS classes for adding events in `TouchHandler`.
* Updated users settings to replace checkbox for double tap with select
for none, double tap, or swipe.
* Added database migrations for new gesture_nav option.
* Rename `users.double_tap` to `users.gesture_nav` and migrate
existing user settings.
* Updated translation files. (Non-English updated with Google
Translate.)
Resolves #1449 , closes #1495
2023-03-28 18:00:57 -07:00
Frédéric Guillot
140a40acaf
Use secrets.GITHUB_TOKEN to push images instead of a PAT
2023-03-27 21:29:33 -07:00
toastal
56efba66f5
Prefer typographic punctuation
...
For a long time, we’ve not been limited to ASCII and have machines that
can properly render the typographically-correct punctuation symbols for
our languages. This leads to a better, clearer reading experience and
also matches the `<meta charset="utf-8">` and the the use of such
punctuation on FAQs.
Changes:
• Ellipsis: `...` → `…` (https://en.wikipedia.org/wiki/Ellipsis )
• Apostrophe: `'` → `’` (https://en.wikipedia.org/wiki/Apostrophe )
While I could try to do research on other languages, I’m not a native
speaker in them and wouldn’t feel comfortable making any adjustments
outside of English.
2023-03-27 20:55:25 -07:00
Frédéric Guillot
7e612cddd3
Update issue templates
2023-03-26 19:13:53 -07:00
Davide Masserut
034e46700c
Process older entries first
...
Feed entries are usually ordered from most to least recent.
Processing older entries first ensures that their creation timestamp
is lower than that of newer entries.
This is useful when we order by creation, because then we get a
consistent timeline.
2023-03-25 16:19:07 -07:00
Daniel Jakots
ac8f64d7a1
Set Prometheus as datasource everywhere
...
Requested by @lnicola.
2023-03-24 20:12:13 -07:00
Daniel Jakots
b536e05fee
Fix grafana dashboard
2023-03-24 20:12:13 -07:00
dependabot[bot]
6eed037186
Bump actions/setup-go from 3 to 4
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-20 20:20:59 -07:00
Frédéric Guillot
5912400dee
Push Docker images to Quay.io (RedHat)
2023-03-19 21:25:05 -07:00
Frédéric Guillot
ab209df78f
Update ChangeLog
2023-03-16 19:34:20 -07:00
dependabot[bot]
11a352dcfd
Bump github.com/tdewolff/minify/v2 from 2.12.4 to 2.12.5
...
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify ) from 2.12.4 to 2.12.5.
- [Release notes](https://github.com/tdewolff/minify/releases )
- [Commits](https://github.com/tdewolff/minify/compare/v2.12.4...v2.12.5 )
---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-16 18:04:23 -07:00
Frédéric Guillot
9ae6922bdc
Fix null reference in toggle entry attachments shortcut
...
Fixes #1723
2023-03-13 20:20:35 -07:00
Frédéric Guillot
ea8c3c801a
Update Security policy
2023-03-13 19:56:47 -07:00
Frédéric Guillot
eb9508502c
Avoid XSS when opening a broken image due to unescaped ServerError in proxy handler
...
Creating an RSS feed item with the inline description containing an `<img>` tag
with a `srcset` attribute pointing to an invalid URL like
`http:a<script>alert(1)</script>`, we can coerce the proxy handler into an error
condition where the invalid URL is returned unescaped and in full.
This results in JavaScript execution on the Miniflux instance as soon as the
user is convinced to open the broken image.
2023-03-12 22:36:03 -07:00
Frédéric Guillot
b46b5dfb2a
Use r.RemoteAddr to check /metrics endpoint network access
...
HTTP headers like X-Forwarded-For or X-Real-Ip can be easily spoofed. As
such, it cannot be used to test if the client IP is allowed.
The recommendation is to use HTTP Basic authentication to protect the
metrics endpoint, or run Miniflux behind a trusted reverse-proxy.
2023-03-11 20:53:12 -08:00
Frédéric Guillot
877dbed5e8
Add HTTP Basic authentication for /metrics endpoint
2023-03-11 20:13:52 -08:00
fructurj
79ff381c4c
Update es_ES.json
2023-03-11 17:38:07 -08:00
dependabot[bot]
f6a672738a
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 20:38:55 -08:00
dependabot[bot]
e4964d6933
Bump golang.org/x/oauth2 from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/oauth2/releases )
- [Commits](https://github.com/golang/oauth2/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-06 20:27:58 -08:00
Davide Masserut
755c9af47d
Update scraping rules for ilpost.it
2023-03-01 20:04:25 -08:00