pax_global_header00006660000000000000000000000064145462262600014521gustar00rootroot0000000000000052 comment=cd0b71f1371b79ab2f3a4fffcc333a2c9a26b3b6 miniflux-2.0.51/000077500000000000000000000000001454622626000134415ustar00rootroot00000000000000miniflux-2.0.51/.devcontainer/000077500000000000000000000000001454622626000162005ustar00rootroot00000000000000miniflux-2.0.51/.devcontainer/devcontainer.json000066400000000000000000000013451454622626000215570ustar00rootroot00000000000000{ "name": "Miniflux", "dockerComposeFile": "docker-compose.yml", "service": "app", "workspaceFolder": "/workspace", "remoteUser": "vscode", "forwardPorts": [ 8080 ], "features": { "ghcr.io/devcontainers/features/github-cli:1": {}, "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {} }, "customizations": { "vscode": { "settings": { "go.toolsManagement.checkForUpdates": "local", "go.useLanguageServer": true, "go.gopath": "/go" }, "extensions": [ "ms-azuretools.vscode-docker", "golang.go", "rangav.vscode-thunder-client", "GitHub.codespaces", "GitHub.copilot", "GitHub.copilot-chat" ] } } }miniflux-2.0.51/.devcontainer/docker-compose.yml000066400000000000000000000013201454622626000216310ustar00rootroot00000000000000version: '3.8' services: app: image: mcr.microsoft.com/devcontainers/go volumes: - ..:/workspace:cached command: sleep infinity network_mode: service:db environment: - CREATE_ADMIN=1 - ADMIN_USERNAME=admin - ADMIN_PASSWORD=test123 db: image: postgres:15 restart: unless-stopped volumes: - postgres-data:/var/lib/postgresql/data hostname: postgres environment: POSTGRES_DB: miniflux2 POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres POSTGRES_HOST_AUTH_METHOD: trust ports: - 5432:5432 apprise: image: caronc/apprise:latest restart: unless-stopped hostname: apprise volumes: postgres-data: null miniflux-2.0.51/.github/000077500000000000000000000000001454622626000150015ustar00rootroot00000000000000miniflux-2.0.51/.github/ISSUE_TEMPLATE/000077500000000000000000000000001454622626000171645ustar00rootroot00000000000000miniflux-2.0.51/.github/ISSUE_TEMPLATE/bug_report.md000066400000000000000000000001521454622626000216540ustar00rootroot00000000000000--- name: Bug report about: Create a bug report title: '' labels: bug, triage needed assignees: '' --- miniflux-2.0.51/.github/ISSUE_TEMPLATE/config.yml000066400000000000000000000000341454622626000211510ustar00rootroot00000000000000blank_issues_enabled: false miniflux-2.0.51/.github/ISSUE_TEMPLATE/feature_request.md000066400000000000000000000003171454622626000227120ustar00rootroot00000000000000--- name: Feature request about: Suggest an idea for this project title: '' labels: feature request assignees: '' --- - [ ] I have read this document: https://miniflux.app/opinionated.html#feature-request miniflux-2.0.51/.github/ISSUE_TEMPLATE/feed-problems.md000066400000000000000000000002051454622626000222270ustar00rootroot00000000000000--- name: Feed Problems about: Problems with a feed or a website title: '' labels: feed problems, triage needed assignees: '' --- miniflux-2.0.51/.github/ISSUE_TEMPLATE/improvement.md000066400000000000000000000002051454622626000220500ustar00rootroot00000000000000--- name: Improvement about: Do you have an idea to improve an existing feature? title: '' labels: improvements assignees: '' --- miniflux-2.0.51/.github/dependabot.yml000066400000000000000000000020401454622626000176250ustar00rootroot00000000000000version: 2 updates: - package-ecosystem: "gomod" directory: "/" schedule: interval: "daily" reviewers: - "fguillot" assignees: - "fguillot" - package-ecosystem: "docker" directory: "/packaging/docker/alpine" schedule: interval: "weekly" reviewers: - "fguillot" assignees: - "fguillot" - package-ecosystem: "docker" directory: "/packaging/docker/distroless" schedule: interval: "weekly" reviewers: - "fguillot" assignees: - "fguillot" - package-ecosystem: "docker" directory: "packaging/debian" schedule: interval: "weekly" reviewers: - "fguillot" assignees: - "fguillot" - package-ecosystem: "docker" directory: "packaging/rpm" schedule: interval: "weekly" reviewers: - "fguillot" assignees: - "fguillot" - package-ecosystem: "github-actions" directory: "/" schedule: interval: "weekly" reviewers: - "fguillot" assignees: - "fguillot" miniflux-2.0.51/.github/pull_request_template.md000066400000000000000000000002051454622626000217370ustar00rootroot00000000000000Do you follow the guidelines? - [ ] I have tested my changes - [ ] I read this document: https://miniflux.app/faq.html#pull-request miniflux-2.0.51/.github/workflows/000077500000000000000000000000001454622626000170365ustar00rootroot00000000000000miniflux-2.0.51/.github/workflows/build_binaries.yml000066400000000000000000000011051454622626000225310ustar00rootroot00000000000000name: Build Binaries on: workflow_dispatch: push: tags: - '[0-9]+.[0-9]+.[0-9]+' jobs: build: name: Build runs-on: ubuntu-latest steps: - name: Set up Golang uses: actions/setup-go@v5 with: go-version: "1.21" - name: Checkout uses: actions/checkout@v4 - name: Compile binaries run: make build - name: Upload binaries uses: actions/upload-artifact@v3 with: name: binaries path: miniflux-* if-no-files-found: error retention-days: 5 miniflux-2.0.51/.github/workflows/codeql-analysis.yml000066400000000000000000000013641454622626000226550ustar00rootroot00000000000000name: "CodeQL" permissions: read-all on: push: branches: [ main ] pull_request: # The branches below must be a subset of the branches above branches: [ main ] schedule: - cron: '45 22 * * 3' jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: [ 'go', 'javascript' ] steps: - name: Checkout repository uses: actions/checkout@v4 - name: Initialize CodeQL uses: github/codeql-action/init@v2 - name: Autobuild uses: github/codeql-action/autobuild@v2 - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 miniflux-2.0.51/.github/workflows/debian_packages.yml000066400000000000000000000027751454622626000226540ustar00rootroot00000000000000name: Debian Packages permissions: read-all on: push: tags: - '[0-9]+.[0-9]+.[0-9]+' pull_request: branches: [ main ] jobs: test-packages: if: github.event.pull_request name: Test Packages runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 id: buildx with: install: true - name: Available Docker Platforms run: echo ${{ steps.buildx.outputs.platforms }} - name: Build Debian Packages run: make debian-packages - name: List generated files run: ls -l *.deb publish-packages: if: ${{ ! github.event.pull_request }} name: Publish Packages runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 id: buildx with: install: true - name: Available Docker Platforms run: echo ${{ steps.buildx.outputs.platforms }} - name: Build Debian Packages run: make debian-packages - name: List generated files run: ls -l *.deb - name: Upload packages to repository env: FURY_TOKEN: ${{ secrets.FURY_TOKEN }} run: for f in *.deb; do curl -F package=@$f https://$FURY_TOKEN@push.fury.io/miniflux/; done miniflux-2.0.51/.github/workflows/docker.yml000066400000000000000000000106521454622626000210340ustar00rootroot00000000000000name: Docker on: schedule: - cron: '0 1 * * *' push: tags: - '[0-9]+.[0-9]+.[0-9]+' pull_request: branches: [ main ] jobs: test-docker-images: if: github.event.pull_request name: Test Images runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Build Alpine image uses: docker/build-push-action@v5 with: context: . file: ./packaging/docker/alpine/Dockerfile push: false tags: ${{ github.repository_owner }}/miniflux:alpine-dev - name: Test Alpine Docker image run: docker run --rm ${{ github.repository_owner }}/miniflux:alpine-dev miniflux -i - name: Build Distroless image uses: docker/build-push-action@v5 with: context: . file: ./packaging/docker/distroless/Dockerfile push: false tags: ${{ github.repository_owner }}/miniflux:distroless-dev - name: Test Distroless Docker image run: docker run --rm ${{ github.repository_owner }}/miniflux:distroless-dev miniflux -i publish-docker-images: if: ${{ ! github.event.pull_request }} name: Publish Images permissions: packages: write runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Generate Alpine Docker tag id: docker_alpine_tag run: | DOCKER_IMAGE=${{ github.repository_owner }}/miniflux DOCKER_VERSION=dev if [ "${{ github.event_name }}" = "schedule" ]; then DOCKER_VERSION=nightly TAGS="docker.io/${DOCKER_IMAGE}:${DOCKER_VERSION},ghcr.io/${DOCKER_IMAGE}:${DOCKER_VERSION},quay.io/${DOCKER_IMAGE}:${DOCKER_VERSION}" elif [[ $GITHUB_REF == refs/tags/* ]]; then DOCKER_VERSION=${GITHUB_REF#refs/tags/} TAGS="docker.io/${DOCKER_IMAGE}:${DOCKER_VERSION},ghcr.io/${DOCKER_IMAGE}:${DOCKER_VERSION},quay.io/${DOCKER_IMAGE}:${DOCKER_VERSION},docker.io/${DOCKER_IMAGE}:latest,ghcr.io/${DOCKER_IMAGE}:latest,quay.io/${DOCKER_IMAGE}:latest" fi echo ::set-output name=tags::${TAGS} - name: Generate Distroless Docker tag id: docker_distroless_tag run: | DOCKER_IMAGE=${{ github.repository_owner }}/miniflux DOCKER_VERSION=dev-distroless if [ "${{ github.event_name }}" = "schedule" ]; then DOCKER_VERSION=nightly-distroless TAGS="docker.io/${DOCKER_IMAGE}:${DOCKER_VERSION},ghcr.io/${DOCKER_IMAGE}:${DOCKER_VERSION},quay.io/${DOCKER_IMAGE}:${DOCKER_VERSION}" elif [[ $GITHUB_REF == refs/tags/* ]]; then DOCKER_VERSION=${GITHUB_REF#refs/tags/}-distroless TAGS="docker.io/${DOCKER_IMAGE}:${DOCKER_VERSION},ghcr.io/${DOCKER_IMAGE}:${DOCKER_VERSION},quay.io/${DOCKER_IMAGE}:${DOCKER_VERSION},docker.io/${DOCKER_IMAGE}:latest-distroless,ghcr.io/${DOCKER_IMAGE}:latest-distroless,quay.io/${DOCKER_IMAGE}:latest-distroless" fi echo ::set-output name=tags::${TAGS} - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to Quay Container Registry uses: docker/login-action@v3 with: registry: quay.io username: ${{ secrets.QUAY_USERNAME }} password: ${{ secrets.QUAY_TOKEN }} - name: Build and Push Alpine images uses: docker/build-push-action@v5 with: context: . file: ./packaging/docker/alpine/Dockerfile platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: ${{ steps.docker_alpine_tag.outputs.tags }} - name: Build and Push Distroless images uses: docker/build-push-action@v5 with: context: . file: ./packaging/docker/distroless/Dockerfile platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.docker_distroless_tag.outputs.tags }} miniflux-2.0.51/.github/workflows/linters.yml000066400000000000000000000014001454622626000212340ustar00rootroot00000000000000name: Linters permissions: read-all on: pull_request: branches: - main workflow_dispatch: jobs: jshint: name: Javascript Linter runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install jshint run: | sudo npm install -g jshint@2.13.3 - name: Run jshint run: jshint ui/static/js/*.js golangci: name: Golang Linter runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: go-version: "1.21" - uses: golangci/golangci-lint-action@v3 with: args: --timeout 10m --skip-dirs tests --disable errcheck --enable sqlclosecheck --enable misspell --enable gofmt --enable goimports --enable whitespace miniflux-2.0.51/.github/workflows/rpm_packages.yml000066400000000000000000000016351454622626000222220ustar00rootroot00000000000000name: RPM Packages permissions: read-all on: push: tags: - '[0-9]+.[0-9]+.[0-9]+' pull_request: branches: [ main ] jobs: test-package: if: github.event.pull_request name: Test Packages runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Build RPM Package run: make rpm - name: List generated files run: ls -l *.rpm publish-package: if: ${{ ! github.event.pull_request }} name: Publish Packages runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Build RPM Package run: make rpm - name: List generated files run: ls -l *.rpm - name: Upload package to repository env: FURY_TOKEN: ${{ secrets.FURY_TOKEN }} run: for f in *.rpm; do curl -F package=@$f https://$FURY_TOKEN@push.fury.io/miniflux/; done miniflux-2.0.51/.github/workflows/tests.yml000066400000000000000000000025261454622626000207300ustar00rootroot00000000000000name: Tests permissions: read-all on: pull_request: branches: - main workflow_dispatch: jobs: unit-tests: name: Unit Tests runs-on: ${{ matrix.os }} strategy: max-parallel: 4 matrix: os: [ubuntu-latest, windows-latest, macOS-latest] go-version: ["1.21"] steps: - name: Set up Go uses: actions/setup-go@v5 with: go-version: ${{ matrix.go-version }} - name: Checkout uses: actions/checkout@v4 - name: Run unit tests run: make test integration-tests: name: Integration Tests runs-on: ubuntu-latest services: postgres: image: postgres:9.5 env: POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres POSTGRES_DB: postgres ports: - 5432:5432 options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 steps: - name: Set up Go uses: actions/setup-go@v5 with: go-version: "1.21" - name: Checkout uses: actions/checkout@v4 - name: Install Postgres client run: sudo apt update && sudo apt install -y postgresql-client - name: Run integration tests run: make integration-test env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PGHOST: 127.0.0.1 PGPASSWORD: postgres miniflux-2.0.51/.gitignore000066400000000000000000000000571454622626000154330ustar00rootroot00000000000000miniflux-* ./miniflux *.rpm *.deb .idea .vscodeminiflux-2.0.51/ChangeLog000066400000000000000000001633701454622626000152250ustar00rootroot00000000000000Version 2.0.51 (December 13, 2023) ---------------------------------- * Add Omnivore integration * Fixes for the regressions introduced in version 2.0.50: * Ensure all HTML documents are encoded in UTF-8 * Send default User-Agent and HTTP caching headers when making HTTP requests * Allow Youtube links to be opened outside the `iframe` (avoid `ERR_BLOCKED_BY_RESPONSE` error) * Fix inaccessible metrics endpoint when listening on Unix socket * Allow renaming and moving feed at the same time in the Google Reader API * Log `nb_jobs` only when number of jobs is larger than 0 in background scheduler * Deduplicate feed URLs when parsing HTML document during discovery process * Calculate a virtual weekly count based on the average updating frequency (`POLLING_SCHEDULER=entry_frequency`) * Update GitHub Actions workflow to be able to run the linter and tests on-demand * Add `SCHEDULER_ROUND_ROBIN_MIN_INTERVAL` config option * Add links to GitHub for the commit hash and the version in the about page * Use "starred" rather than "bookmarked" in English translation * Update Chinese (CN & TW) translation * Bump `github.com/google/uuid` from `1.4.0` to `1.5.0` * Bump `github.com/coreos/go-oidc/v3` from `3.7.0` to `3.9.0` * Bump `github.com/tdewolff/minify/v2` from `2.20.6` to `2.20.9` * Bump `github.com/go-webauthn/webauthn` from `0.8.6` to `0.9.4` * Bump `golang.org/x/oauth2` from `0.14.0` to `0.15.0` Version 2.0.50 (November 12, 2023) ---------------------------------- * Add WebAuthn / Passkey integration * Add RSS-Bridge integration * Take RSS TTL field into consideration to schedule next check date * Show number of visible entries instead of number of read entries in feed list * OpenID Connect: Redirect to configured user home page after successful authentication * Google Reader API fixes: * `user/{userID}/state/com.google/read` is missing in categories section for read entries * Take `ExcludeTargets` into consideration in feed stream handler * Allow iframes pointing to Twitch videos * Filter feed entries based on URL or title * Take into consideration `hide_globally` property defined for categories in `/v1/entries` API endpoint * Add category ID to webhooks request body * Update date parser to parse more invalid date formats * Refactor feed discovery handler, and avoid an extra HTTP request if the URL provided is the feed * Refactor HTTP Client and `LocalizedError` packages * Refactor Batch Builder, and prevent accidental and excessive refreshes from the web UI * Refactor icon finder: - Continue the discovery process when the feed icon is invalid - Search all icons from the HTML document and do not stop on the first one * Add support for SVG icons with data URL without encoding * Expose `next_check_at` in the web ui and API * Add database indexes to improve performance * Change log level to warning for failed feeds refresh in cronjob * Do not log website without icon as warning * Add GitHub workflow to build binaries * Add GitHub extensions to devcontainer * Make sure to pull the latest base image when building the Docker image * Strip version prefix when building Debian package * Add `github-cli` and `docker-outside-of-docker` features to devcontainer * Bump `golang.org/x/*` dependencies * Bump `github.com/gorilla/mux` from `1.8.0` to `1.8.1` * Bump `github.com/tdewolff/minify/v2` from `2.19.9` to `2.20.6` * Bump `github.com/yuin/goldmark` from `1.5.6` to `1.6.0` * Bump `github.com/coreos/go-oidc/v3` from `3.6.0` to `3.7.0` Version 2.0.49 (October 15, 2023) --------------------------------- * Implement structured logging using `log/slog` package. New config options available: * `LOG_FORMAT`: `json` or `text` * `LOG_LEVEL`: `debug`, `info`, `warning`, or `error` * `LOG_FILE`: `sdterr`, `stdout`, or a file path * The `DEBUG` option is now deprecated in favor of `LOG_LEVEL` * API Improvements: * Add endpoint `/v1/version` * Add endpoint `PUT /v1/entries` to update entry title and content * Add endpoint `/v1/icons/{iconID}` * Add endpoint `/v1/flush-history` to flush history * Make the category optional when creating feeds for API clients who don't support categories * Add enclosures to `GET /v1/entries` endpoint * Add `published_after`, `published_before`, `changed_after` and `changed_before` options to `/v1/entries` endpoint * Telegram integration improvements: * Replace feed HTML link with a button to avoid page preview issues * Add the possibility to disable buttons * Add Bruno Miniflux API collection in `contrib` folder (Bruno is an open source alternative to Postman/Insomnia) * Add command line argument to export user feeds as OPML * Add new rewrite rules `add_hn_links_using_hack` and `add_hn_links_using_opener` to open HN comments with iOS apps * Fix timestamp format for `Expires` response header * Fix Javascript error when reading time option is disabled * Fix Apprise logic to handle feed service URLs * Fix missing word in force refresh message * Remove deprecated `PreferServerCipherSuites` TLS option * Replace `github.com/rylans/getlang` with `github.com/abadojack/whatlanggo` because `getlang` doesn't seems to be updated anymore * Bump `github.com/mccutchen/go-httpbin/v2` from `2.11.0` to `2.11.1` * Bump `golang.org/x/*` dependencies Version 2.0.48 (September 15, 2023) ----------------------------------- * Add generic webhook integration * Send webhook events when new entries are detected * Send wehbook events when saving an entry * Sign the outgoing requests with HMAC-SHA256 * Improve Telegram integration * Add built-in Telegram client * Remove dependency on `go-telegram-bot-api` library * Add new options: * Optional topic ID * Disable page preview * Disable notifications * Add new button to go to article * Improve Matrix integration * Add built-in Matrix client * Remove dependency on `gomatrix` library * Send HTML formatted messages to Matrix * OpenID Connect authentication improvements: * Add OAuth2 PKCE support * Add `profile` scope to OIDC integration to support accounts without email address * Prevent empty username when using the OIDC integration * Add `factor` for `entry_frequency` scheduler: * Allow the user to increase the frequency of the `entry_frequency` scheduler by a configurable factor in order to shorten the time between updates. * Fix: status bar is unreadable when using PWA in dark mode on Firefox Android * Group form fields into fieldsets to improve page layout * Update Russian translation * Make sure icon URLs are always absolute * Add Apprise service URLs per feed * Trim `username` and `password` form fields * Strip HTML tags from DublinCore Creator tags * Fix scroll up behavior on Firefox Android * Add missing `return` statement in `fetchContent` UI handler * Add `replace_title` rewrite rule to adjust entry titles * Fix Pocket integration redirect URL and Google Reader API HREF * Fix feed `hide_globally` property to use it with third-party clients. Version 2.0.47 (August 20, 2023) -------------------------------- * Update rules for `webtoons.com` * Use HTTP client from the standard library for third-party integrations * Rename internal `url` package to `urllib` to avoid overlap with `net/url` * Add Shaarli integration * Add Shiori integration * Add Apprise integration * Add Readwise Reader integration * Consider base path when generating third-party services API endpoint * Use podcast duration tag as reading time * Move internal packages to an `internal` folder * For reference: * Rename Miniflux package name to follow Go module naming convention * For reference: * Update RockyLinux image from 8 to 9 (used to build RPM package) * Add force refresh in feed edit and feed entries page * Use Odysee video duration as read time * Upgrade to Go 1.21 * Use details disclosure element to show the list of third-party services * Use Web Share API for sharing entry * Add a workaround for parsing some invalid date format * Add Thunder Client API collection into contrib folder * Add new API endpoint: `/entries/{entryID}/save` * Trigger Docker and packages workflows only for semantic tags * Go module versioning expect Git tags to start with the letter v. * The goal is to keep the existing naming convention for generated artifacts and have proper versioning for the Go module. * Bump `golang.org/x/*` dependencies * Bump `github.com/yuin/goldmark` * Bump `github.com/tdewolff/minify/v2` * Bump `github.com/mccutchen/go-httpbin/v2` Version 2.0.46 (July 21, 2023) ------------------------------ * Add scraper and rewrite rules for Webtoons * Fix regression in integration page and simplify SQL query * Wallabag integration: add more information in log messages * Add support for custom Youtube embed URL * Fix accessibility issues in modal component * Fix modal aria role * Trap focusing with tab / shift+tab inside the modal * Restore keyboard focus when closing modal * Automatically move keyboard focus to first focusable element unless specified otherwise * Keyboard shortcut help modal: move keyboard focus to modal title * Keyboard shortcut help modal: change close control from link to button * Add Notion integration * Update `golang.org/x/*` dependencies and `go-oidc` to v3.6.0 * Improve responsive design * Add user setting for marking entry as read on view * Improve Russian translation * Add the possibility to run cleanup tasks from the command line * Add the possibility to run Miniflux as a cronjob * Use `go-httpbin` to run tests locally and avoid remote calls to `httpbin.org` * Display tags when viewing entries * Update categories API endpoint to return `total_unread` and `feed_count` * Improve date parser to handle various broken date formats * Avoid `pq: time zone displacement out of range` errors * Improve entry existance check to make better use of index * Add unique index `enclosures_user_entry_url_idx` * Add mark as unread for Linkding integration * Add sub-folder support for Wallabag integration * Use RockyLinux to build RPM package * Disable CGO when building RPM package * Disable CGO when building Docker images Version 2.0.45 (June 21, 2023) ------------------------------ * Add media player to listen to audio and video podcasts with the possiblity to resume to last playback position * Add default tag names for Linkding integration * Mark only globally visible entries when marking all entries from UI * Use image included in feed as feed icon when available * Order history by `changed_at` and `published_at` * Remove title attribute from entry title links * Fix reading time that is not aligned correctly with the latest version of Safari * Use glyphs of the same size on keyboard shortcuts page * Add maskable versions of the PWA icon * Replace copyright header with SPDX identifier * Remove the "í" letter from the Portuguese "lido" word * Increase golangci-lint timeout value * Bump `github.com/tdewolff/minify/v2`, `github.com/prometheus/client_golang`, `golang.org/x/*` dependencies Version 2.0.44 (May 6, 2023) ---------------------------- * Add link to the URL rewrite rules documentation * Update scraping rules for `ilpost.it` * Update rewrite rules for `theverge.com` * Add a rewrite rule to remove clickbait titles * Make sure `PROXY_IMAGES` option is backward compatible with `PROXY_OPTION` and `PROXY_MEDIA_TYPES` * Add new rule to remove tables * Add support for searching well-known URLs in subdirectory * Add CSS `word-wrap` rule to break very long entry title into multiple lines * Add swipe as option for gesture navigation between entries. There are now 3 possible choices: `none`, `double-tap`, and `swipe`. * Prefer typographic punctuation in English translation * Process older entries first: - Feed entries are usually ordered from most to least recent. - Processing older entries first ensures that their creation timestamp is lower than that of newer entries. - This is useful when we order by creation, because then we get a consistent timeline. * Fix Grafana dashboard * Push Docker images to `Quay.io` (RedHat) * Bump `golang.org/x/*`, `github.com/lib/pq`, `mvdan.cc/xurls/v2` and `github.com/prometheus/client_golang` dependencies Version 2.0.43 (March 16, 2023) ------------------------------- * Avoid XSS when opening a broken image due to unescaped ServerError in proxy handler (CVE-2023-27592) Creating an RSS feed item with the inline description containing an `` tag with a `srcset` attribute pointing to an invalid URL like `http:a`, we can coerce the proxy handler into an error condition where the invalid URL is returned unescaped and in full. This results in JavaScript execution on the Miniflux instance as soon as the user is convinced to open the broken image. * Use `r.RemoteAddr` to check `/metrics` endpoint network access (CVE-2023-27591) HTTP headers like `X-Forwarded-For` or `X-Real-Ip` can be easily spoofed. As such, it cannot be used to test if the client IP is allowed. The recommendation is to use HTTP Basic authentication to protect the metrics endpoint, or run Miniflux behind a trusted reverse-proxy. * Add HTTP Basic authentication for `/metrics` endpoint * Add proxy support for several media types * Parse feed categories from RSS, Atom and JSON feeds * Ignore empty link when discovering feeds * Disable CGO explicitly to make sure the binary is statically linked * Add CSS classes to differentiate between category/feed/entry view and icons * Add rewrite and scraper rules for `blog.cloudflare.com` * Add `color-scheme` to themes * Add new keyboard shortcut to toggle open/close entry attachments section * Sanitizer: allow `id` attribute in `` element * Add Indonesian Language * Update translations * Update Docker Compose examples: - Run the application in one command - Bring back the health check condition to `depends_on` - Remove deprecated `version` element * Update scraping rules for `ilpost.it` * Bump `github.com/PuerkitoBio/goquery` from `1.8.0` to `1.8.1` * Bump `github.com/tdewolff/minify/v2` from `2.12.4` to `2.12.5` * Bump `github.com/yuin/goldmark` from `1.5.3` to `1.5.4` * Bump `golang.org/x/*` dependencies Version 2.0.42 (January 29, 2023) --------------------------------- * Fix header items wrapping * Add option to enable or disable double tap * Improve PWA display mode label in settings page * Bump `golang.org/x/*` dependencies * Update translations * Add scraping rule for `ilpost.it` * Update reading time HTML element after fetching the original web page * Add category feeds refresh feature Version 2.0.41 (December 10, 2022) ---------------------------------- * Reverted PR #1290 (follow the only link) because it leads to several panics/segfaults that prevent feed updates * Disable double-tap mobile gesture if swipe gesture is disabled * Skip integrations if there are no entries to push * Enable TLS-ALPN-01 challenge for ACME - This type of challenge works purely at the TLS layer and is compatible with SNI proxies. The existing HTTP-01 challenge support has been left as-is. * Preconfigure Miniflux for GitHub Codespaces * Updated `golang.org/x/net/*` dependencies Version 2.0.40 (November 13, 2022) ---------------------------------- * Update dependencies * Pin Postgres image version in Docker Compose examples to avoid unexpected upgrades * Make English and Spanish translation more consistent: - Use "Feed" everywhere instead of "Subscription" - Use "Entry" instead of "Article" * Allow Content-Type and Accept headers in CORS policy * Use dirs file for Debian package * Use custom home page in PWA manifest * Fix scraper rule that could be incorrect when there is a redirect * Improve web scraper to fetch the only link present as workaround to some landing pages * Add Matrix bot integration * Proxify images in API responses * Add new options in user preferences to configure sorting of entries in the category page * Remove dependency on `github.com/mitchellh/go-server-timing` * Add support for the `continuation` parameter and result for Google Reader API ID calls * Use automatic variable for build target file names * Add rewrite rule for `recalbox.com` * Improve Dutch translation Version 2.0.39 (October 16, 2022) --------------------------------- * Add support for date filtering in Google Reader API item ID calls * Handle RSS entries with only a GUID permalink * Go API Client: Accept endpoint URLs ending with `/v1/` * CORS API headers: Allow `Basic` authorization header * Log feed URL when submitting a subscription that returns an error * Update `make run` command to execute migrations automatically * Add option to send only the URL to Wallabag * Do not convert anchors to absolute links * Add config option to use a custom image proxy URL * Allow zoom on mobile devices * Add scraping rules for `theverge.com`, `royalroad.com`, `swordscomic.com`, and `smbc-comics.com` * Add Ukrainian translation * Update `golang.org/x/*` dependencies * Bump `github.com/tdewolff/minify/v2` from `2.12.0` to `2.12.4` * Bump `github.com/yuin/goldmark` from `1.4.13` to `1.5.2` * Bump `github.com/lib/pq` from `1.10.6` to `1.10.7` Version 2.0.38 (August 13, 2022) -------------------------------- * Rename default branch from master to main * Update GitHub Actions * Bump `github.com/prometheus/client_golang` from `1.12.2` to `1.13.0` * Fix some linter issues * Handle Atom links with a text/html type defined * Add `parse_markdown` rewrite function * Build RPM and Debian packages automatically using GitHub Actions * Add `explosm.net` scraper rule * Make default home page configurable * Add title attribute to entry links because text could be truncated * Highlight categories with unread entries * Allow option to order by title and author in API entry endpoint * Update Russian translation * Make reading speed user-configurable * Added translation for Hindi language used in India * Add rewrite rules for article URL before fetching content * Bump `github.com/tdewolff/minify/v2` from `2.11.7` to `2.12.0` * Support other repo owners in GitHub Docker Action * Proxify empty URL should not crash * Avoid stretched image if specified width is larger than Miniflux's layout * Add support for OPML files with several nested outlines * sanitizer: handle image URLs in `srcset` attribute with comma * Allow `width` and `height` attributes for `img` tags * Document that `-config-dump` command line argument shows sensitive info * Add System-V init service in contrib folder * Fix syntax error in `RequestBuilder.getCsrfToken()` method Version 2.0.37 (May 27, 2022) ----------------------------- * Add rewrite rule to decode base64 content * Add Linkding integration * Add comment button to Telegram message * Add API endpoint to fetch unread and read counters * Fixes logic bug in Google Reader API sanity check * Reduce number of CORS preflight check to save network brandwidth * Add Espial integration * Allow API search for entries which are not starred * Try to use outermost element text when title is empty * Make swipe gestures feel more natural - Removes opacity transition when swiping an article read/unread - Adds "resistance" to the swiped entry when the 75px threshold is reached - Fixes an issue in which a swiped article couldn't be moved <15px * Add support for feed streams to Google Reader API IDs API * Fix invalid parsing of icon data URL * Add Traditional Chinese translation * Add distroless Docker image variant * Add Go 1.18 to GitHub Action * Bump `github.com/tdewolff/minify/v2` from `2.10.0` to `2.11` * Bump `github.com/prometheus/client_golang` from `1.12.1` to `1.12.2` * Bump `github.com/lib/pq` from `1.10.4` to `1.10.6` Version 2.0.36 (March 8, 2022) ------------------------------ * Gray out pagination buttons when they are not applicable * Use truncated entry description as title if unavailable * Do not fallback to InnerXML if XHTML title is empty * Add `+` keyboard shortcut for new subscription page * Add `(+)` action next to Feeds to quickly add new feeds * Fix unstar not working via Google Reader API * Remove circles in front of page header list items * Fix CSS hover style for links styled as buttons * Avoid showing `undefined` when clicking on read/unread * Add new keyboard shortcut `M` to toggle read/unread, and go to previous item * Add several icons to menus according to their roles * Add missing event argument to `onClick()` function call * Add links to scraper/rewrite/filtering docs when editing feeds * Add a rewrite rule for Castopod episodes * Fix regression: reset touch-item if not in `/unread` page * Add API endpoint to fetch original article * Show the category first in feed settings * Add pagination on top of all entries * Display Go version in "About" page * Bump `mvdan.cc/xurls/v2` from 2.3.0 to 2.4.0 * Bump `github.com/prometheus/client_golang` from 1.11.0 to 1.12.1 * Bump `github.com/tdewolff/minify/v2` from 2.9.28 to 2.10.0 Version 2.0.35 (January 21, 2022) --------------------------------- * Set `read-all` permission to `GITHUB_TOKEN` for GitHub Actions * Pin `jshint` version in linter job * Fix incorrect conversion between integer types * Add new GitHub Actions workflows: CodeQL and Scorecards analysis * Handle Atom feeds with space around CDATA * Bump `github.com/tdewolff/minify/v2` from 2.9.22 to 2.9.28 * Add Documentation directive to Systemd service * Do not reset `touch-item` if successfully swiped * Add support for multiple authors in Atom feeds * Omit `User-Agent` header in image proxy to avoid being blocked * Use custom feed user agent to fetch website icon * Make default Invidious instance configurable * Add new rewrite rule `add_youtube_video_from_id` to add Youtube videos in Quanta articles * Add scrape and rewrite rules for `quantamagazine.org` * Expose entry unshare link in the entry and list views * Add Google Reader API implementation (experimental) * Add `Content-Security-Policy` header to feed icon and image proxy endpoints - SVG images could contain Javascript. This CSP blocks inline script. - Feed icons are served using `` tag and Javascript is not interpreted. * Add Finnish translation * Add scraper rule for `ikiwiki.iki.fi` * Remove `SystemCallFilter` from `miniflux.service` * Fix minor typo in French translation Version 2.0.34 (December 16, 2021) ---------------------------------- * Add rewrite rule for comics website http://monkeyuser.com * Add `` tag to OPML export * Tighten Systemd sandboxing and update comments in `miniflux.service` * Add `RuntimeDirectory` to Systemd service * Order disabled feeds at the end of the list * Add support for theme color based on preferred color scheme of OS * Bump `github.com/lib/pq` from 1.10.3 to 1.10.4 * Bump `github.com/PuerkitoBio/goquery` from 1.7.1 to 1.8.0 * Fix typos in `model/icon.go` * Add `data-srcset` support to `add_dynamic_image rewrite` rewrite rule * Fix Docker Compose example files compatibility to v3 * Added the `role="article"` to `
` elements for better accessibility with screen readers * Redact secrets shown on the about page * Handle `srcset` images with no space after comma * Hide the logout link when using auth proxy * Fix wrong CSS variable * Change `-config-dump` command to use `KEY=VALUE` format Version 2.0.33 (September 25, 2021) ----------------------------------- * Build RPM and Debian package with PIE mode enabled * Add CSS rule to hide `