Skip to content

Tags

Tags give the ability to mark specific points in history as being important

  • 2.0.44

    4c0c6581 · Update ChangeLog · 
    Miniflux 2.0.44

* Add link to the URL rewrite rules documentation
* Update scraping rules for `ilpost.it`
* Update rewrite rules for `theverge.com`
* Add a rewrite rule to remove clickbait titles
* Make sure `PROXY_IMAGES` option is backward compatible with `PROXY_OPTION` and `PROXY_MEDIA_TYPES`
* Add new rule to remove tables
* Add support for searching well-known URLs in subdirectory
* Add CSS `word-wrap` rule to break very long entry title into multiple lines
* Add swipe as option for gesture navigation between entries. There are now 3 possible choices: `none`, `double-tap`, and `swipe`.
* Prefer typographic punctuation in English translation
* Process older entries first:
    - Feed entries are usually ordered from most to least recent.
    - Processing older entries first ensures that their creation timestamp
    is lower than that of newer entries.
    - This is useful when we order by creation, because then we get a
    consistent timeline.
* Fix Grafana dashboard
* Push Docker images to `Quay.io` (RedHat)
* Bump `golang.org/x/*`, `github.com/lib/pq`, `mvdan.cc/xurls/v2` and `github.com/prometheus/client_golang` dependencies
    Unverified

  • 2.0.43

    ab209df7 · Update ChangeLog · 
    Miniflux 2.0.43

* Avoid XSS when opening a broken image due to unescaped ServerError in proxy handler (CVE-2023-27592)

    Creating an RSS feed item with the inline description containing an `<img>` tag
    with a `srcset` attribute pointing to an invalid URL like
    `http:a<script>alert(1)</script>`, we can coerce the proxy handler into an error
    condition where the invalid URL is returned unescaped and in full.

    This results in JavaScript execution on the Miniflux instance as soon as the
    user is convinced to open the broken image.

* Use `r.RemoteAddr` to check `/metrics` endpoint network access (CVE-2023-27591)

    HTTP headers like `X-Forwarded-For` or `X-Real-Ip` can be easily spoofed. As
    such, it cannot be used to test if the client IP is allowed.

    The recommendation is to use HTTP Basic authentication to protect the
    metrics endpoint, or run Miniflux behind a trusted reverse-proxy.

* Add HTTP Basic authentication for `/metrics` endpoint
* Add proxy support for several media types
* Parse feed categories from RSS, Atom and JSON feeds
* Ignore empty link when discovering feeds
* Disable CGO explicitly to make sure the binary is statically linked
* Add CSS classes to differentiate between category/feed/entry view and icons
* Add rewrite and scraper rules for `blog.cloudflare.com`
* Add `color-scheme` to themes
* Add new keyboard shortcut to toggle open/close entry attachments section
* Sanitizer: allow `id` attribute in `<sup>` element
* Add Indonesian Language
* Update translations
* Update Docker Compose examples:
    - Run the application in one command
    - Bring back the health check condition to `depends_on`
    - Remove deprecated `version` element
* Update scraping rules for `ilpost.it`
* Bump `github.com/PuerkitoBio/goquery` from `1.8.0` to `1.8.1`
* Bump `github.com/tdewolff/minify/v2` from `2.12.4` to `2.12.5`
* Bump `github.com/yuin/goldmark` from `1.5.3` to `1.5.4`
* Bump `golang.org/x/*` dependencies
    Unverified

  • 2.0.42

    b2fd84e0 · Update ChangeLog · 
    Miniflux 2.0.42

* Fix header items wrapping
* Add option to enable or disable double tap
* Improve PWA display mode label in settings page
* Bump `golang.org/x/*` dependencies
* Update translations
* Add scraping rule for `ilpost.it`
* Update reading time HTML element after fetching the original web page
* Add category feeds refresh feature
    Unverified

  • 2.0.41

    e12c263f · Update Changelog · 
    Miniflux 2.0.41

* Reverted PR #1290 (follow the only link) because it leads to several panics/segfaults that prevent feed updates
* Disable double-tap mobile gesture if swipe gesture is disabled
* Skip integrations if there are no entries to push
* Enable TLS-ALPN-01 challenge for ACME
    - This type of challenge works purely at the TLS layer and is compatible
    with SNI proxies. The existing HTTP-01 challenge support has been left
    as-is.
* Preconfigure Miniflux for GitHub Codespaces
* Updated `golang.org/x/net/*` dependencies
    Unverified

  • 2.0.40

    bfebf946 · Update ChangeLog · 
    Miniflux 2.0.40

* Update dependencies
* Pin Postgres image version in Docker Compose examples to avoid unexpected upgrades
* Make English and Spanish translation more consistent:
    - Use "Feed" everywhere instead of "Subscription"
    - Use "Entry" instead of "Article"
* Allow Content-Type and Accept headers in CORS policy
* Use dirs file for Debian package
* Use custom home page in PWA manifest
* Fix scraper rule that could be incorrect when there is a redirect
* Improve web scraper to fetch the only link present as workaround to some landing pages
* Add Matrix bot integration
* Proxify images in API responses
* Add new options in user preferences to configure sorting of entries in the category page
* Remove dependency on `github.com/mitchellh/go-server-timing`
* Add support for the `continuation` parameter and result for Google Reader API ID calls
* Use automatic variable for build target file names
* Add rewrite rule for `recalbox.com`
* Improve Dutch translation
    Unverified

  • 2.0.39

    95e125df · Update ChangeLog · 
    Miniflux 2.0.39

* Add support for date filtering in Google Reader API item ID calls
* Handle RSS entries with only a GUID permalink
* Go API Client: Accept endpoint URLs ending with `/v1/`
* CORS API headers: Allow `Basic` authorization header
* Log feed URL when submitting a subscription that returns an error
* Update `make run` command to execute migrations automatically
* Add option to send only the URL to Wallabag
* Do not convert anchors to absolute links
* Add config option to use a custom image proxy URL
* Allow zoom on mobile devices
* Add scraping rules for `theverge.com`, `royalroad.com`, `swordscomic.com`, and `smbc-comics.com`
* Add Ukrainian translation
* Update `golang.org/x/*` dependencies
* Bump `github.com/tdewolff/minify/v2` from `2.12.0` to `2.12.4`
* Bump `github.com/yuin/goldmark` from `1.4.13` to `1.5.2`
* Bump `github.com/lib/pq` from `1.10.6` to `1.10.7`
    Unverified

  • 2.0.38

    1ca35e93 · Update ChangeLog · 
    Version 2.0.38
    Unverified

  • 2.0.37

    6bf89f4b · Update Changelog · 
    Version 2.0.37
    Unverified

  • 2.0.36

    ca60f3cf · Update ChangeLog · 
    * Gray out pagination buttons when they are not applicable
* Use truncated entry description as title if unavailable
* Do not fallback to InnerXML if XHTML title is empty
* Add `+` keyboard shortcut for new subscription page
* Add `(+)` action next to Feeds to quickly add new feeds
* Fix unstar not working via Google Reader API
* Remove circles in front of page header list items
* Fix CSS hover style for links styled as buttons
* Avoid showing `undefined` when clicking on read/unread
* Add new keyboard shortcut `M` to toggle read/unread, and go to previous item
* Add several icons to menus according to their roles
* Add missing event argument to `onClick()` function call
* Add links to scraper/rewrite/filtering docs when editing feeds
* Add a rewrite rule for Castopod episodes
* Fix regression: reset touch-item if not in `/unread` page
* Add API endpoint to fetch original article
* Show the category first in feed settings
* Add pagination on top of all entries
* Display Go version in "About" page
* Bump `mvdan.cc/xurls/v2` from 2.3.0 to 2.4.0
* Bump `github.com/prometheus/client_golang` from 1.11.0 to 1.12.1
* Bump `github.com/tdewolff/minify/v2` from 2.9.28 to 2.10.0
    Unverified

  • 2.0.35

    93277f43 · Update ChangeLog · 
    * Set `read-all` permission to `GITHUB_TOKEN` for GitHub Actions
* Pin `jshint` version in linter job
* Fix incorrect conversion between integer types
* Add new GitHub Actions workflows: CodeQL and Scorecards analysis
* Handle Atom feeds with space around CDATA
* Bump `github.com/tdewolff/minify/v2` from 2.9.22 to 2.9.28
* Add Documentation directive to Systemd service
* Do not reset `touch-item` if successfully swiped
* Add support for multiple authors in Atom feeds
* Omit `User-Agent` header in image proxy to avoid being blocked
* Use custom feed user agent to fetch website icon
* Make default Invidious instance configurable
* Add new rewrite rule `add_youtube_video_from_id` to add Youtube videos in Quanta articles
* Add scrape and rewrite rules for `quantamagazine.org`
* Expose entry unshare link in the entry and list views
* Add Google Reader API implementation (experimental)
* Add `Content-Security-Policy` header to feed icon and image proxy endpoints
    - SVG images could contain Javascript. This CSP blocks inline script.
    - Feed icons are served using `<img>` tag and Javascript is not interpreted.
* Add Finnish translation
* Add scraper rule for `ikiwiki.iki.fi`
* Remove `SystemCallFilter` from `miniflux.service`
* Fix minor typo in French translation
    Unverified

  • 2.0.34

    686dd92c · Update ChangeLog · 
    Version 2.0.34
    Unverified

  • 2.0.33

    72fbbe31 · Update ChangeLog · 
    Version 2.0.33
    Unverified

  • 2.0.32

    8bc06a5d · Update ChangeLog · 
    Version 2.0.32
    Unverified

  • 2.0.31

    93fd98f8 · Update ChangeLog · 
    Version 2.0.31
    Unverified

  • 2.0.30

    0c56b4d5 · Update ChangeLog · 
    Version 2.0.30
    Unverified

  • 2.0.29

    1aec8d72 · Update ChangeLog · 
    Version 2.0.29
    Unverified

  • 2.0.28

    dde2ca06 · Update ChangeLog · 
    Version 2.0.28
    Unverified

  • 2.0.27

    a6017a84 · Update ChangeLog · 
    Version 2.0.27
    Unverified

  • 2.0.26

    351d1575 · Update ChangeLog · 
    Version 2.0.26
    Unverified

  • 2.0.25

    b539eb85 · Fix auto-generated version (git describe) · 
    Version 2.0.25
    Unverified