FressRSS/CHANGELOG.md

# FreshRSS changelog

See also the FreshRSS releases.

2026-0X-XX FreshRSS 1.29.0-dev

• Features
  • New sort order preferences at global, category, and feed levels #8234
  • New filtering by date of Server modification date #8131, #8576
    • Corresponding search operator, e.g. mdate:P1D for finding articles modified by the author / server during the past day.
    • Especially useful for optimising the API synchronisation.
  • Automatic feed visibility/priority during search #8609
  • Add feed visibility filter to statistics view unread dates #8489
  • Add option to enable/disable notifications, also for PWA #8458
  • Allow WebSub hub push from same private network #8450
• Bug fixing
  • Fix wrong search toString in case of regex-looking string #8479
  • Fix search expansion with backslash #8497
  • Fix user query parsing #8543
  • Fix redirect to wrong view after mark as read in reader and global views #8552
  • Fix SQLite paging when sorting by article length #8594
  • Fix SQL keyset pagination when sorting by category name #8597
  • Update user modify date when changing UserJS/UserCSS #8607
  • Non-strict OPML export #eedefb
• Security
  • Fix email validation and allow error page for unverified email users #8582
  • Add allowfullscreen to <iframe> #8467
  • Rewrite Set-Cookie using native PHP support of SameSite #8447
    • Sanitize lifetime of session cookies from session.cookie-lifetime in php.ini
• UI
  • Add option to hide sidebar by default #8528
  • Improve slider behaviour when using navigate back button #8496, #8524
  • Improve consistency of slider behaviour after submitting form #8612
  • Create dynamic favicons from SVG instead of PNG canvas #8577, #8588
  • Only display scrollbar everywhere if there's an overflow (especially for Chromium) #8542
  • Fix CSS padding of .content pre code #8620
  • Fix wrong navigation buttons layout on Chromium #8606
  • More robust JS #8595
  • Various UI and style improvements: #8537, #8538, #8541
• Deployment
  • Improve support of PHP 8.5+ using Pdo\Mysql #8526
  • Add support for Podman in Makefile #8456
  • Re-add database status in installation check #8510
• Extensions
  • Add new hook: Minz_HookType::ActionExecute #8599, #8603
  • Allow passing Minz_HookType as hook name in registerHook() #8600
• I18n
  • Improve German #8491, #8557
  • Improve Italian #8517, #8519, #8554, #8555, #8556, #8566
  • Improve Polish #8536
  • Improve Simplified Chinese #8474, #8475, #8476
  • Improve Spanish #8572
• Misc.
  • Initial conventions for AI agents and humans: AGENTS.md, SKILLS.md, instructions.md #8478
  • Update to PHPMailer 7.0.2 #8483
  • SQL improve PHP syntax uniformity #8604
  • Trim SQL whitespace before parenthesis #8522
  • Update dev dependencies #8469, #8480, #8499, #8545, #8546, #8547, #8617

2026-01-25 FreshRSS 1.28.1

• Features
  • Handle Web scraping of text/plain as <pre class="text-plain"> #8340
  • New customisable message for closed registrations #8462
• Bug fixing
  • Fix unwanted expansion of user queries (saved searches) applied to filters #8395
  • Fix encoding of filter actions for labels #8368
  • Fix searching of tags #8425
  • Fix refreshing feeds with token while anonymous refresh is disabled #8371
  • Fix RSS and OPML access by token #8434
  • Fix MySQL/MariaDB transliterator_transliterate fallback (when the php-intl extension is unavailable) #8427
  • Fix regression with MySQL/MariaDB index hint #8460
  • Auto-add lastUserModified database column also during mark-as-read action #8346
  • Do not include hidden feeds when counting unread articles in categories #8357
  • Remove wrong PHP deprecation of OPML export action #8399
  • Fix shortcut for next unread article #8466
  • Fix custom session.cookie-lifetime #8446
  • Fix feed validator button when changing the feed URL #8436
• Performance
  • Disable counting articles in user labels for Ajax requests (unused) #8352
• Security
  • Change Content-Disposition: inline to attachment in f.php #8344
  • Hardened user methods exists, mtime, ctime #26c1102
• Deployment
  • Add username in Apache access logs (also in Docker logs): for GReader API, and for HTTP Basic Auth from reverse proxy #8392
• SimplePie
  • Update of CURLOPT_ACCEPT_ENCODING #8376, simplepie#960, simplepie#962
  • Fix don’t preserve children inside disallowed <template> element #8443
  • Fixes before PHPStan 2 #8445, simplepie#957
• Extensions
  • Update .gitignore to ignore installed extensions #8372
• UI
  • Add data-category="3" to ease custom CSS styling of articles #8397
  • Fix space between By: and the author’s name #8422
• I18n
  • Improve Brazilian Portuguese #8411
  • Improve Dutch #8403
  • Improve German #8402
  • Improve Polish #8408
  • Improve Spanish #8464
• Misc.
  • Update dev dependencies #8387, #8388, #8389, #8390, #8391, #8393, #8453

2025-12-24 FreshRSS 1.28.0

• Features
  • New sorting and filtering by User modification date #7886, #8090, #8105, #8118, #8130
    • Corresponding search operator, e.g. userdate:PT1H for the past hour #8093
    • Allows finding articles marked by the local user as read/unread or starred/unstarred at specific dates for e.g. undo action.
  • New sorting by article length #8119
  • New advanced search form #8103, #8122, #8226
  • Add compatibility with PCRE word boundary \b and \B for regex search using PostgreSQL #8141
  • More uniform SQL search and PHP search for accents and case-sensitivity (e.g. for automatically marking as read) #8329
  • New overview of dates with most unread articles #8089
  • Allow marking as read articles older than 1 or 7 days also when sorting by publication date #8163
  • New option to show user labels instead of tags in RSS share #8112
  • Add new feed visibility (priority) Show in its feed #7972
  • New ability to share feed visibility through API (implemented by e.g. Capy Reader) #7583, #8158
  • Configurable notification timeout #7942
  • OPML export/import of unicity criteria #8243
  • Ensure stable IDs (categories, feeds, labels) during export/import #7988
  • Add username and timestamp to SQLite export from Web UI #8169
  • Add option to apply filter actions to existing articles #7959, #8259
  • Support CSS selector ~ subsequent-sibling #8154
    • Upstream PR phpgt/CssXPath#231
  • Rework saving of configuration files for more reliability in case of e.g. full disk #8220
  • Web scraping support date format as milliseconds for Unix epoch #8266
  • Allow negative category sort numbers #8330
• Performance
  • Improve SQL speed for updating cached information #6957, #8207, #8255, #8254, #8255
  • Fix SQL performance issue with MySQL, using an index hint #8211
  • Scaling of user statistics in Web UI and CLI, to help instances with 1k+ users #8277
  • API streaming of large responses for reducing memory consumption and increasing speed #8041
• Security
  • 💥 Move unsafe autologin to an extension #7958
  • Fix some CSRFs #8035
  • Strengthen some crypto (login, tokens, nonces) #8061, #8320
  • Create separate HTTP Retry-After rules for proxies #8029, #8218
  • Add data: to CSP in subscription controller #8253
  • Improve anonymous authentication logic #8165
  • Enable GitHub release immutability #8205
• Bug fixing
  • Exclude local networks for domain-wide HTTP Retry-After #8195
  • Fix OpenID Connect with Debian 13 #8032
  • Fix MySQL / MariaDB bug wrongly sorting new articles #8223
  • Fix MySQL / MariaDB database size calculation #8282
  • Fix SQLite bind bug when adding user label #8101
  • Fix SQL auto-update of field f.kind to ease migrations from FreshRSS versions older than 1.20.0 #8148
  • Fix search encoding and quoting #8311, #8324, #8338
  • Fix handling of database unexpected null content (during migrations) #8319, #8321
  • Fix drag & drop of user query losing information #8113
  • Fix DOM error while filtering retrieved full content #8132, #8161
  • Fix config.custom.php during install #8033
  • Fix do not mark important feeds as read from category #8067
  • Fix regression of warnings in Web browser console due to lack of window.bcrypt object #8166
  • Fix chart resize regression due to chart.js v4 update #8298
  • Fix CLI user creation warning when language is not given #8283
  • Fix merging of custom HTTP headers #8251
  • Fix bug in the case of duplicated mark-as-read filters #8322
• SimplePie
  • Fix support of HTTP trailer headers #7983, simplepie#943
  • Apply HTTPS policy also on GUIDs and permalinks #8037, simplepie#951
    • Fix WordPress.com HTTP duplicates with WebSub Automattic/pushpress#16
  • Implement HTML whitelist for SimplePie sanitizer #7924, simplepie#947
  • Various upstream contributions simplepie#940, simplepie#944
• Deployment
  • Docker default image updated to Debian 13 Trixie with PHP 8.4.11 and Apache 2.4.65 #8032
  • Docker alternative image updated to Alpine 3.23 with PHP 8.4.15 and Apache 2.4.65 #8285
  • Fix Docker healthcheck cli/health.php compatibility with OpenID Connect #8040
  • Improve Docker for compatibility with other base images such as Arch Linux #8299
    • Improve cli/access-permissions.sh to detect the correct permission Web group such as www-data, apache, or http
  • Update PostgreSQL volume for Docker #8216, #8224
  • Catch lack of exec() function for git update #8228
  • Work around DOMDocument::saveHTML() scrambling charset encoding in some versions of libxml2 #8296
  • Improve configuration checks for PHP extensions (in Web UI and CLI), including recommending e.g. php-intl #8334
• UI
  • New button for toggling sidebar on desktop view #8201, #8286
  • Better transitions between groups of articles #8174
  • New links in transitions and jump ⏭ to next transition #8294
  • More visible selected article #8230
  • Show the parsed search query instead of the original user input #8293, #8306, #8341
  • Show search query in the page title #8217
  • Scroll into filtered feed/category on page load in the sidebar #8281, #8307
  • Fix autocomplete issues in change password form #7812
  • Fix navigating between read feeds using shortcut shift+j/k #8057
  • Dark background in Web app manifest to avoid white flash when opening #8140
  • Increase button visibility in UI to change theme #8149
  • Replace arrow navigation in theme switcher with <select> #8190
  • Improve scroll of article after load of user labels #7962
  • Keep scroll state of page when closing the slider #8295, #8301
  • Scroll into filtered feed/category on page load #8281
  • Display sidebar dropdowns above if no space below #8335, #8336
  • Use native CSS instead of SCSS #8200, #8241
    • Using CSS nesting and relative colours.
  • Various UI and style improvements: #8171, #8185, #8196
  • JavaScript finalise migration from Promise to async/await: #8182
• API
  • API performance optimisation: streaming of large responses #8041
  • Fever API: Add with_ids parameter to mass-change read/unread/saved/unsaved on lists of articles #8312
  • Misc API: better REST error semantics #8232
• Extensions
  • Add support for extension priority #8038
  • Add support for extension compatibility #8081
  • Improve PHP code with hook enums #8036
  • New hook nav_entries #8054
  • Rename Extensions default branch from master to main #8194
• I18n
  • Translation status as text in README #7842
  • Add new translate CLI commands move #8214
  • Change some regional language codes to comply with RFC 5646 / IETF BCP 47 / ISO 3166 / ISO 639-1 #8065
  • Improve German #8028
  • Improve Greek #8146
  • Improve Finnish #8073, #8092
  • Improve Hungarian #8244
  • Improve Italian #8115, #8186
  • Improve Polish #8134, #8135
  • Improve Russian #8155, #8197
  • Improve Simplified Chinese #8308, #8313
• Misc.
  • Add code to modify a search expression #8293
  • Remove Pocket sharing service #8127, #8128
  • Update to PHPMailer 7.0.1 #8048, #8180, #8272
  • 💥 Housekeeping of lib_rss.php with potential breaking changes for some extensions #8193,
  • Use native PHP #[Deprecated] #8325
  • Improve PHP code #8156, #8203, #8284, #8292, #8297
  • GitHub Actions: --no-progress #8315
  • Update dev dependencies #8043, #8044, #8045, #8046, #8047, #8052, #8176, #8177, #8178, #8179, #8210, #8270, #8271, #8273, #8274, #8275, #8276

2025-09-27 FreshRSS 1.27.1

• Features
  • Automatic database recovery: skip broken entries during CLI export/import #7949
  • Add security option for CSP frame-ancestors #7857, #8021
  • Lazy-load <track src> #7997
• Security
  • Regenerate session ID on login #7829
  • Disallow setting non-existent language #7878, #7934
  • Safer calling of install.php #7971
  • Prevent log CR/LF injection #7883
  • Restrict allowed cURL parameters #7979, #8009
  • Fix reauthentication while updating #7989
  • Fix some CSRFs #8000
• Bug fixing
  • Include port number for HTTP Retry-After #7875
  • Fix logic for searching labels #7863
  • Fix cURL response parsing for HTTP redirections #7866
  • Fix fetching OPML URL with special characters #7843
  • Fix validation when creating a new user label #7890
  • Fix bug in user self-deletion #7877
  • Fix displaying of current date in main statistics #7892
  • Fix default values on stat processing #7891
  • Fix UI JavaScript error when navigating to last article with keyboard #7957
  • Fix some links in anonymous mode #8011, #8012
  • Fixes for no-cache.txt #7907
  • Fix Docker Traefik .yml and SERVER_DNS example #7858
• SimplePie
  • Upstream contribution: Normalize encoding uppercase simplepie#936, #7967
  • Sync upstream, including bump to 1.9.0 with better PHP 8.5+ support #7955
• Deployment
  • Docker improve CMD compatibility #7861
  • Add possibility of Docker healthcheck #7945
• UI
  • Keep sort and order after marking as read #7974
  • Improve leave validation #7830
  • Improve Origine theme visibility of toggle buttons #7956
  • Improve Dark pink theme #8020
  • Improve Mapco and Ansum themes: read all button in mobile view #7873
  • Improve Swage theme #7608
  • Use standard CSS overflow-wrap instead of word-wrap #7898
  • Various UI and style improvements: #7868, #7872, #7882, #7893, #7904, #7952
• I18n
  • Clarify the concepts of visibility hidden vs. archived in feeds settings #7970
  • Translate the API information page #7922
  • Add a default language constant #7933
  • Label config delete label #7871
  • Add Ukrainian #7961
  • Improve Dutch #7940
  • Improve German #7833
  • Improve Hungarian #7986
  • Improve Japanese #7903, #7918
  • Improve Polish #7963
  • Improve Simplified Chinese #7943, #7944
  • Minor improvements #7881
  • Add CLI command to add i18n file #7917
  • Add make target to generate the translation progress #7905
• Extensions
  • Add entry_before_update and entry_before_add hooks for extensions #7977
• Misc.
  • Improve make #7901
  • Improve PHP code #7906, #7916, #7939, #7941, #7960, #7991
  • Upgrade to PHP_CodeSniffer 4 #7993
  • Update dev dependencies #7902, #7895, #7896, #7899, #7966, #7969

2025-08-18 FreshRSS 1.27.0

• Features
  • Implement support for HTTP 429 Too Many Requests and 503 Service Unavailable, obey Retry-After #7760
  • Add sort by category title, or by feed title #7702
  • Add search operator c: for categories like c:23,34 or !c:45,56 #7696
  • Custom feed favicons #7646, #7704, #7717, #7792
  • Rework fetch favicons for fewer HTTP requests #7767
  • Add more unicity criteria based on title and/or content #7789
  • Automatically restore user configuration from backup #7682
  • API add support for states in s parameter of streamId #7695
  • Improve sharing via Print #7728
  • Redirect to the login page from bookmarklet instead of 403 #7782
  • Clean local cache more often, when refreshing feeds #7827
• Security
  • Implement reauthentication (sudo mode) #7753
  • Add Content-Security-Policy: frame-ancestors #7677
  • Ensure CSP everywhere #7810
  • Show warning when unsafe CSP policy is in use #7804
  • Fix access rights when creating a new user #7783
  • Improve security of form for user details #7771, #7786
  • Disallow setting non-existent theme #7722
  • Regenerate cookie ID after logging out #7762
  • Require current password when setting new password #7763
  • Add missing access checks for feed-related actions #7768
  • Strip more unsafe attributes such as referrerpolicy, ping #7770
  • Remove unneeded execution permissions #7802
• Bug fixing
  • Fix redirections when scraping from HTML #7654, #7741
  • Fix multiple authentication HTTP headers #7703
  • Fix HTML queries with a single feed #7730
  • WebSub: only perform a redirection when coming from WebSub #7738
  • Include enclosures in entries’ hash #7719
    • Negative side-effect: users of the option to automatically mark updated articles as unread will once have some articles with enclosures re-appear as unread
  • Fix cancellation of slider exit UI #7705
  • Honor disable update on update page #7733
  • Fix no registration limit setting #7751
  • Fix XML encoding of sharing functions #7822
• SimplePie
  • Fix propagation of HTTP error codes #7670
  • Fix support for XML feeds with HTML entities #7689, simplepie#915
  • Fix feeds encoded in UTF-16LE #7691, simplepie#916
  • Various upstream contributions simplepie#917, simplepie#924, simplepie#926, simplepie#932, simplepie#933
  • Sync upstream #7706, FreshRSS/simplepie#45, #7775, FreshRSS/simplepie#50, #7824, #7825,
  • Fix regex Backtrack limit was exhausted in clean_hash() #7813, FreshRSS/simplepie#48
• Deployment
  • Docker default image (Debian 12 Bookworm) updated to PHP 8.2.29 #7805
  • Docker alternative image updated to Alpine 3.22 with PHP 8.4.11 and Apache 2.4.65 #7740, #7740, #7803
  • Start supporting PHP 8.5+ #7787, #7826
    • Docker Alpine dev image :newest updated to PHP 8.5-alpha and Apache 2.4.65 #7773
  • Docker: interpolate FRESHRSS_INSTALL and FRESHRSS_USER variables #7725
  • Docker: Reduce how much data needs to be chown/chmod’ed on container startup #7793
  • Test for database PDO typing support during install (relevant for MySQL / MariaDB with obsolete driver) #7651
• Extensions
  • Add API endpoint for extensions #7576
  • Expose the reading modes for extensions #7668, #7688
  • New extension hook before_login_btn #7761
• UI
  • Improve mark as read request showing popup due to onbeforeunload #7554
  • Fix lazy-loading for <video poster="..."> and <image> #7636
  • Avoid styling <code> inside of <pre> #7797
  • Improve confirmation logic with data-auto-leave-validation #7785
  • Update chart.js to 4.5.0 #7752, #7816
  • Various UI and style improvements: #7616, #7811
• I18n
  • Show translation status in README #7715
  • Improve Indonesian #7654, #7721
  • Improve Persian #7795
• Misc.
  • Improve PHP code #7642, #7665, #7761, #7781, #7794
  • Update dev dependencies #7708, #7709, #7710, #7711, #7776, #7777

2025-06-02 FreshRSS 1.26.3

• Features
  • Keep sort and order criteria during navigation #7585
  • Add info about PDO::ATTR_CLIENT_VERSION (relevant for MySQL / MariaDB with obsolete driver) #7591
• Bug fixing
  • Fix SQL request for user labels with custom sort (affecting PostgreSQL) #7588
  • Fix regression for favicon in GReader and Fever APIs #7573
  • Fix newest articles (within last second) not shown #7577
  • Fix duplicate HTTP header for POST #7556
  • Fix important articles on reader view #7602
  • Fix remove last share method #7613
  • Fix API handling of default category #7610
  • Fix user self-deletion #7626
  • Move PHP minimum version check #7560
• Security
  • Fix encoding of themes #7565
  • Fix .htaccess.dist for access to /scripts/vendor/ #7598
• SimplePie
  • Strip more HTML deprecated styles attributes: bgcolor, text, background, link, alink, vlink #7606
• UI
  • Implement loading spinner for marking as favourite/read #7564
  • Provide theme class for CSS #7559
• Deployment
  • Use HTTP Cache-Control: immutable for some files #7552
  • Drop Apache 2.2 (only support Apache 2.4+) #7561
• I18n
  • Improve Indonesian #7622
  • Improve Polish #7587
• Misc.
  • Update to PHPMailer 6.10.0 #7542
  • Update dev dependencies #7630, #7631, #7632 #7633, #7634, #7635

2025-05-03 FreshRSS 1.26.2

• Features
  • Implement JSON string concatenation with & operator #7414
  • Support multiple JSON fragments in HTML+XPath+JSON mode #7369
• Bug fixing
  • Fix escaping of tag search #7468
  • Fix CLI parsing of Boolean flags #7430
  • Fix API for labels with slash #7437
• SimplePie
  • Fix support for feeds with XML preamble + DTD #7515, simplepie#914
  • Merged upstream #7434
    • Upstream fix simplepie#912
• Security
  • Disallow <iframe srcdoc=""> #7494, CVE-2025-32015
  • Disallow <button formaction=""> #7506
  • Improve favicons hash to avoid favicon pollution #7505, CVE-2025-46339
  • Add Content-Security-Policy HTTP headers to favicons #7471, CVE-2025-31136
  • Web scraping forbid security HTTP headers in cURL #7496, CVE-2025-46341
  • Add some HTTP headers Referrer-Policy: same-origin #6303, #7478
  • Use HTTP POST for logout #7489, CVE-2025-31482
  • Make update URL read-only #7477
  • Fix for extensions: Restrict valid paths in ext.php #7479, CVE-2025-31134
  • Fix for extensions: Secure serving of user files #7495
• Extensions
  • Fix file serving for symlinked extensions #7545
  • Catch extension exceptions in override #7475
  • JavaScript: new event to detect context loaded #7452
• Deployment
  • Apache: add check for mod_filter to ensure that AddOutputFilterByType works #7419
• UI
  • Accessibility: Add :focus style to some dropdown menus #7491
  • New size option for the Mark as read button #7314
  • Update bcrypt.js from 2.4.4 to 3.0.2 #7449
  • Various UI and style improvements: #7168, #7526
• I18n
  • Rework credits #7426
  • Improve French #7432
  • Improve Italian #7540
  • Improve Polish #7508
  • Improve Turkish #7442
• Misc.
  • Improve PHP code #7431, #7488, #7534
  • Update dev dependencies #7480, #7482, #7483, #7484, #7485, #7486, #7487, #7533, #7535, #7536, #7537, #7538

2025-03-13 FreshRSS 1.26.1

• Features
  • Add cURL version to page about system information #7409
• Bug fixing
  • Fix regression with cURL HTTP headers breaking conditional HTTP requests #7403, FreshRSS/simplepie#33
  • Fix regression with saving states of user queries #7400
  • Fix regression with dynamic OPML #7394
  • Fix update of the user’s last activity on login action #7406
  • Fix setting category option Maximum number of articles to keep per feed #7416
  • Fix priority field when processing a new feed from an extension #7354
• Deployment
  • Fix regression with 64-bit timestamps on 32-bit platforms #7375
  • Fix back-compatibility with cURL 7.51 (we require cURL 7.52+ for CURLPROXY_HTTPS) #7409
• UI
  • Use case-insensitive sort for categories #7402
  • Improve dark mode of Origine theme #7413
  • Added API password indicator #7340
• I18n
  • Fix (es, fa, sk): do not translate XPath code #7404
  • Fix date bug in Finish #7423
  • Add Portuguese from Portugal #7329
  • Improve Hungarian #7391
• Misc.
  • Improve PHP code #7339
  • Update dev dependencies #7386, #7387, #7388

2025-02-23 FreshRSS 1.26.0

• Features
  • Add order-by options to sort articles by received date (existing, default), publication date, title, link, random #7149
  • Allow searching in all feeds, also feeds only visible at category level with &get=A, and also those archived with &get=Z #7144
    • UI accessible from user-query view
  • Add search operator intext: #7228
  • New shortcuts for adding user labels to articles #7274
  • New About page with system information #7161
• Bug fixing
  • Fix regression denying access to app manifest #7158
  • Fix unwanted feed description updates #7269
  • Ensure no PHP buffer for SQLite download (some setups would first put the file in memory) #7230
  • Fix XML encoding regression in HTML+XPath mode #7345
  • Improve cURL proxy options and fix some constants #7231
  • Fix UI of global view unread articles counter #7247
  • Hide base theme in carrousel #7234
• Deployment
  • Require cURL 7.52.0+ #7231
  • Reduce superfluous Docker builds #7137
  • Docker default image (Debian 12 Bookworm) updated to PHP 8.2.26 and Apache 2.4.62
  • Docker alternative image (Alpine 3.21) updated to PHP 8.3.16
• UI
  • Add footer icons to reader view #7133
  • Remove local reference to font Open Sans to avoid bugs with some local versions #7215
  • Improve stats page layout #7243
  • Smaller mark as read button in mobile view #5220
  • Add CSS class to various types of notifications to allow custom styling #7287
  • Various UI and style improvements: #7162, #7268 Security
  • Better authorization label for OIDC in the UI #7264
  • Allow comments in force-https.txt #7259
• I18n:
  • Improve German #7177, #7275, #7278
  • Improve Japanese #7187, #7195, #7332
• Misc.
  • Improve PHP code #7191, #7204
    • Upgrade to PHPStan 2 #7131, #7164, #7224, #7270, #7281, #7282
  • Update to CssXPath 1.3.0 (no change) #7211
  • Update dev dependencies #7165, #7166, #7167, #7279, #7280, #7283, #7284, #7285, #7347
  • Update GitHub Actions to Ubuntu 24.04 #7207

2024-12-23 FreshRSS 1.25.0

• Features
  • Add support for regex search (regular expressions) #6706, #6926
    • ⚠️ Advanced regex syntax for searches depends on the database used (SQLite, PostgreSQL, MariaDB, MySQL), but FreshRSS filter actions such as auto-mark-as-read and auto-favourite always use PHP PCRE2 syntax.
  • Allow dynamic search operator in user queries, like search:UserQueryA date:P1d #6851
  • New feed mode HTML+XPath+JSON dot notation (JSON in HTML) #6888
  • Better HTTP compliance with support for HTTP response headers Cache-Control: max-age and Expires #6812, FreshRSS/simplepie#26
  • Support custom HTTP request headers per feed (e.g. for Authorization) #6820
  • New unicity policies and heuristic for feeds with bad article IDs #4487, #6900
  • Fallback to GUID if article link is empty #7051
  • New option to automatically mark new articles as read if an identical title already exists in the same category #6922
  • New reading view option to display unread articles + favourites #7088
    • And corresponding new filter state &state=96 (no UI button yet)
  • Add ability to remove content from articles with CSS selectors, also when not using full content #6786, #6807
  • Update phpgt/cssxpath library with improved CSS selectors #6618
    • Support for :last-child, :first-of-type, :last-of-type, ^=, |=
  • New condition option to selectively retrieve full content of articles #33fd07f6f26310d4806077cc87bcdf9b8b940e35, #7082
  • Allow parentheses in quoted search #7055
  • New UI feature to download a user’ SQLite database or a database SQLite export (to be produced by CLI) #6931
  • New button to delete errored feeds from a category #7030
  • Better import of Inoreader user labels #6791
  • Rebuild feed favicon on cache clear #6961
  • New sharing with Bluesky #7116
  • New sharing with Telegram #6838
• Bug fixing
  • Fix searches with a parenthesis before an operator like ("a b") or (!c) #6818
  • Fix auto-read tags #6790
  • Fix CSS selector for removing elements #7037, #7073, #7081, #7091, #7083
  • Fix redirection error after creating a new user #6995
  • Fix favicon error in case of wrong URL #6899
  • Use cURL to fetch extensions list (allows e.g. IPv6) #6767
  • Fix XML encoding in cURL options #6821
  • Fix initial UI scroll for some browsers #7059
  • Fix menu for article tags in some cases #6990
  • Fix share menu shortcut #6825
  • Fix HTML regex pattern during install for compatibility with v mode #7009
  • More robust creation of user data folder #7000
• API
  • Fix API for categories and labels containing a + #7033
    • Compatibility with FocusReader
  • Supported by Capy Reader (Android, open source) capyreader#492
  • Improved UI for API #7048
  • Allow adding multiple feeds to a category via API #7017
  • API support edit multiple tags #7060
  • API return all categories also those without any feed #7020
• Compatibility
  • 💥 Require PHP 8.1+ (drop PHP 7.4) #6711
  • Improved support of PHP 8.4+ #6618, PhpGt/CssXPath#227, #6781, #4374
  • 💥 Require PostgreSQL 10+ (drop PostgreSQL 9.5) #6705
  • 💥 Require MariaDB 10.0.5+ (drop MariaDB 5.5) #6706
  • 💥 Require MySQL 8+ (drop MySQL 5.5.3) #6706
• Deployment
  • Docker: dev image freshrss/freshrss:oldest updated to Alpine 3.16 with PHP 8.1.22 and Apache 2.4.59 #6711
  • Docker alternative image updated to Alpine 3.21 with PHP 8.3.14 and Apache 2.4.62 #5383
  • Update Dockerfiles to newer key-value format #6819
  • Docker minor improvement of entrypoint #6827
• SimplePie
  • Refactor our embedding of SimplePie #4374
    • Our fork is maintained in its own repository.
  • Remove HTTP Referer #6822, FreshRSS/simplepie#27
    • If some sites require it, add Referer: https://example.net/ to the custom HTTP headers of the feed #6820
  • Upstream fixes simplepie#878, simplepie#883
  • Sync upstream #6840, #7067
• Security
  • Apache protect more non-public folders and files #6881, #6893, #7008
  • Add privacy settings on extension list retrieval #4603, #7132
  • Fix login in unsafe mode when using a password with special XML characters #6797
  • Fix login in e.g. Brave browser by avoiding synchronous XHR #7023
  • Fix invalid login message #7066
  • Modernise windows.open noopener (to avoid flash of white page in dark mode) #7077, #7089
• UI
  • Searchable My Labels field #6753
  • Add subscription management button to reading view #6946
  • New option for showing label menu in article row #6984
  • Move to next unread label on mark as read #6886
  • Improved article footer for small / mobile screens #7031
  • Improve Web accessibility: fix aria-hidden bug, and use HTML5 hidden #6910
  • Default styles for <pre> and <code> #6770
  • Refactor the sharing menu to use a <template> instead of duplicated HTML code #6751, #7113
  • Refactor the label menu to use a <template> #6864
  • Rework UI for authors #7054
    • Avoid Unicode escape of authors in HTML UI #7056
  • Improved subscription management page #6816
  • Improve user query management page #7062
  • Restore JavaScript form validation compatibility with Web browsers using older engines (SeaMonkey) #6777
  • Reorganise some options #6920
  • New shortcut ? to show shortcut page and help #6981
  • Use of consistent colours in statistics #7090
  • Various UI and style improvements #6959
• Extensions
  • New extension hook simplepie_after_init #7007
• I18n
  • Add Finnish #6954
  • Improve English #7049, #7053
  • Improve German #6847, #7068, #7128
  • Improve Italian #6872, #7069, #7086
  • Improve Spanish #6894, #6908
  • Improve Turkish #6960
• Misc.
  • Better cache name for JSON feeds #6768
  • Fix inversed encoding logic in Minz_Request::paramArray() #6800
  • Pass PHPStan booleansInConditions #6793
  • Rename PHPStan configuration file to phpstan.dist.neon to allow custom configuration in phpstan.neon #6892
  • Code improvements #6800, #6809, #6983
  • Makefile improvements #6913
  • Fix PHPCS ControlSignature #6896
  • Update PHPMailer #6968, #7046
  • Code updates to PHP 8.1 syntax #6748
  • Update dev dependencies #6780, #6964, , #6965, #6966, #6967, #6970, #7042, #7043, #7044, #7045, #7047, #7052

2024-09-06 FreshRSS 1.24.3

• Bug fixing
  • Fix mark-as-read from user query #6738
  • Fix regression for shortcut to move between categories #6741
  • Fix feed title option #6771
  • Fix XPath for HTML documents with broken root (used by CSS selectors to fetch full content) #6774
  • Fix UI regression in Mapco/Ansum themes #6740
  • Fix minor style bug with some themes #6746
  • Fix export of OPML information for date format of JSON and HTML+XPath feeds #6779
• Security
  • OpenID Connect better definition of session parameters #6730
• Compatibility
  • Last version supporting PHP 7.4
• Misc.
  • Use charset for JSON requests from the UI #6710
  • Use .html extension for the local cache of full content pages instead of .spc #6724
  • Update dev dependencies #6739, #6758, #6759, #6760

2024-08-23 FreshRSS 1.24.2

• Features
  • New global option to automatically add articles to favourites #6648
  • New possibility to share a user query in JSON GReader format #6655
  • New fields image and description for user query share #6541
  • Show article first words when an article title is empty #6240
  • New option to share articles from the article title line #6395
  • Improve JSON Dot Notation module to access more string-friendly types #6631
  • Improve detection of image types for enclosures not providing a type #6653
  • Add sharing to archive.is #6650
• Security
  • Force log out of users when they are disabled #6612
  • Increase default values for OpenID Connect OIDCSessionMaxDuration and OIDCSessionInactivityTimeout #6642
  • Add default API CORS HTTP headers to shareable user queries #6659
• Bug fixing
  • Fix parentheses for complex OR Boolean search expressions #6672
  • Fix keep max unread #6632
  • Fix regression in mark as read upon gone #6663
  • Fix regression on mark duplicate titles as read for modified articles #6664
  • Fix regression for Fever API, remove dependency to Exif extension #6624
  • Fix muted feeds for WebSub #6671
  • Fix performance / deadlock of PostgreSQL and MySQL / MariaDB during schema updates #6692
  • Fix HTTP cache of main page (regression since 1.18.0) #6719
  • Fix HTTP cache of shareable user queries #6718
  • Fix HTTP cache for feeds with modified Last-Modified when content is not modified #6723
• Extensions
  • Add core extensions, shipped by default: UserCSS and UserJS #6267
    • Replaces CustomCSS and CustomCS extensions
  • Strong type array parameter helper #6661
• CLI
  • Add quiet option to cli/db-backup.php #6593
• Compatibility
  • Initial support for PHP 8.4+ #6615
    • With upstream contributions php/php-src#14873, PhpGt/CssXPath#227
  • Fix SQLite on FreeBSD due to DQS #6701, #6702
• Deployment
  • Docker default image (Debian 12 Bookworm) updated to PHP 8.2.20 and Apache 2.4.61
  • Docker alternative image updated to Alpine 3.20 with PHP 8.3.10 and Apache 2.4.62 #5383
  • Docker: Alpine dev image freshrss/freshrss:newest updated to PHP 8.4.0beta3 and Apache 2.4.62 #5764
• UI
  • Default dark mode to auto #5582
  • New option to control action icons position in reading view #6297
  • Sticky buttons at the bottom of settings #6304
  • Various UI and style improvements #6446, #6485, #6651
• I18n
  • Czech: use correct ISO 639-1 code cs (and not cz, which is the country) #6514
  • Improve Japanese #6564
  • Improve Spanish #6634
  • Improve Traditional Chinese #6691
• Misc.
  • Pass PHPStan Level 9 #6544
  • Migrate to ESLint 9 #6685
  • Minor update of PHPCS whitespace / formatting rules #6666
  • Markdownlint no-trailing-spaces #6668
  • Removed sharing with Blogotext #6225
  • Code improvements #6043
  • Update dev dependencies #6606, #6614, #6679, #6681, #6682, #6683, #6684

2024-06-05 FreshRSS 1.24.1

• Features
  • New button to export OMPL of a category #6519
  • Better git error messages in built-in Web update #6496
• Bug fixing
  • Fix regression HTTP GET curl options #6492
  • Fix regression of mark as read if an identical title already exists #6536, #6543
  • Fix connection to PostgreSQL databases with uppercase letters #6482
  • Fix UI regression hover over title while having the navigation buttons in mobile view #6486
  • Fix UI for some drag & drops #6505, #6508
• i18n
  • Improve Czech #6504
  • Improve Turkish #6506
• Misc.
  • Update dev dependencies #6525, #6526, #6528, #6529, #6530

2024-05-23 FreshRSS 1.24.0

• Features
  • New shareable user query mechanism to share list of articles by HTML, RSS, OPML #6052
    • Deprecates RSS sharing with master token
  • New JSON scraping mode to consume JSON data #5662, #6317, #6369, #6476
  • New support for JSON Feeds #5662
  • New support for HTTP POST #5662
  • New option to automatically add labels to incoming articles #5954
  • New button to download a feed configuration as OPML #6312
  • Web scraping support more encodings such as EUC-JP #6112
  • Web scraping support password-protected queries (refactor some cURL options and use CURLOPT_USERPWD) #6177
  • Web scraping HTTP GET allow UTF-8 even when charset is far from top #6271
  • Allow manual refresh of disabled feeds #6408
  • Allow multiple authors on enclosures #6272
  • New system option in data/config.php for number of feeds to refresh in parallel from UI #6124
• CLI
  • New CLI for database backup & restore #6387
    • Can also be used to migrate from one database to another, or to upgrade SQLite schema
    • ./cli/db-backup.php ; ./cli/db-restore.php
  • Improve CLI parameters #6028, #6036, #6099, #6214
  • Fix i18n cli/manipulate.translation.php ignore behaviour #6041
• API
  • New compatible app Read You #4633, #6050
  • Reduce API memory consumption #6137
  • Allow negative feed IDs for future special cases #6010
  • Only return OK for requests without query parameters #6238
• Bug fixing
  • Better account for some edge cases for cron and automatic labels during feed refresh #6117
  • Better support for thumbnails in RSS feeds #5972
  • Auto-update PostgreSQL or MariaDB / MySQL databases for column details changes since FreshRSS 1.21.0 #6279
    • For SQLite, DB update require running ./cli/db-backup.php ; ./cli/db-restore.php --force-overwrite
  • Fix SQLite import of exports produced before FreshRSS 1.20.0 #6450
  • Fix SQLite release handle to fix deleting users on Microsoft Windows #6285
  • Fix to allow admins to create user even when there are Terms Of Service #6269
  • Fix updating the uncategorized category deletes the title #6073
  • Fix disable master authentication token #6185
  • Fix CSS selector preview #6423
  • Fix CSS selector encoding #6426
  • Fix export of CSS selector in OPML of individual feeds #6435
  • Fix OPML import of CURLOPT_PROXYTYPE #6439
  • Fix favicon with protocol-relative URLs have duplicate slashes #6068
  • Fix feed TTL+muted logic #6115
  • Fix apply mark as read to updated articles too #6334
  • Fix ZIP export on systems with custom temp folder #6392
  • Fix number of posts per page during paging #6268
  • Fix clipboard sharing UI #6301
  • Fix shortcut for clipboard sharing #6277
  • Fix user-query filter display #6421
• SimplePie
  • Fix absolutize URL for several cases #6270, simplepie#861
• Security
  • Replace iframe allow attribute #6274
• Deployment
  • Disable unused PHP modules in our Debian-based Docker image #5994
• UI
  • No warning for muted feeds #6114
  • Various UI and style improvements #6055, #6074, #6241, #6242, #6289, #6299, #6314, #6357, #6373, #6376, #6385, #6390, #6444, #6445
  • Improve theme Origine compact #6197
• i18n
  • Improve Brazilian Portuguese #6067
  • Improve Czech #6344
  • Improve Dutch #6343
  • Improve German #6313
  • Improve Hungarian #6005, #6377, #6464
  • Improve Indonesian #6473
  • Improve Italian #6018, #6060, #6329
  • Improve Japanese #6108, #6294
  • Improve Korean #6342
  • Improve Polish #6358
  • Improve Portuguese #6345
  • Improve Russian #6467
  • Improve Simplified Chinese #6336
  • Improve Slovakian #6356
  • Improve Spanish #6471
  • Improve Traditional Chinese #6350
  • Improve Turkish #6328
  • Misc. #6460
• Extensions
  • Sanitize parsing list of extensions names and version number #6016, #6155, Extensions#214, #6186
  • Apply filter actions such as mark as read after the entry_before_insert hook for extensions #6091
  • New developer command to test all third-party extensions Extensions#228, #6273
    • composer run-script phpstan-third-party
  • New function Minz_Extension::amendCsp() for extensions to modify HTTP headers for Content Security Policy #6246
  • New property FreshRSS_Entry::isUpdated() for extensions to know whether an entry is new or updated #6334
• Compatibility
  • Fix PHP 7.4 compatibility for automated tests #6038, #6039
  • Fix PHP 8.2+ compatibility for e-mails #6130
  • Use PHP 8.3+ #[\Override] #6273
• Misc.
  • Improve PHPStan #6037, #6459
  • Update PHPMailer #6022
  • Remove noisy name parameters in user-query URL #6371
  • Code improvements #6046, #6075, #6132
  • Add Dependabot for GitHub Actions #6164
  • Allow Ctrl+C for make start #6239
  • Update dev dependencies #6023, #6265

Older

See older changes