2.19

This version requires PHP 5.6 7.2 (see known regressions section) or newer. It is also likely the last version to support PHP 7.

Known regressions

• Values in config.ini containing special characters need to be quoted. Will be fixed by ba93393.
• Updating sources that already contain items will fail on PHP < 7.2.0. Will be fixed by d6e9bc8.
• Updating RSS sources without a valid date fails. Will be fixed by #1385.

New features

• Thumbnails can be disabled (#897)
• Reddit spout replaced fragile imgur heuristics with previews provided by the JSON API (#1033)
• Experimental support for using selfoss offline was added. Note that this is only available in secure contexts, that is, over HTTPS, and can be very buggy. (#1014)
• Long articles that do not fit on a single screen will no longer be arranged into columns, allowing for smoother reading experience (#1081)
• Diaspora share button was added, you can enable it with d. (#1121)
• “Copy to clipboard” share button was added, you can enable it with c. (#1142)
• Native sharer is available in secure contexts in browsers that support it. You can enable it by adding a to share key in your config. (#1035)
• Data directory can be configured (#1043)
• New spout for searching Twitter (e.g. following hashtags) was added. (#1213)
• Added option reading_speed_wpm for showing estimated reading time, set it to the number of words you can read in a minute. (#1232)
• Added option db_socket for connecting to MySQL database through UNIX domain. (#1284)
• Search query is now part of URL. (#1216)
• A page that will pre-fill a form for adding a source with URL has been added. You can find it on https://yourselfossurl.com/manage/sources/add?url=some-feed-url. (#1310, #254)
• Search will be carried out using regular expressions when the search query is wrapped in forward slashes, e.g. /regex/. The expression syntax is database specific. (#1205)
• YouTube spout now supports following playlists. (#1260)
• Confirmation is now required when leaving the setting page with unsaved source changes. (#1300)
• Add link from settings page to individual sources and vice versa. (#1329, #1340)
• Tag colour can be now changed using keyboard. (#1335)
• YouTube spout now supports all YouTube URLs that provide feeds. (#1273)
• Add open_in_background_tab option to try to make v shortcut open articles in a background tab (does not work in Chromium-based browsers). (#1354)
• GitHub sources now include author. (#1367)
• Twitter sources now indicate author using the author field rather than including in the title. (#1367)
• Translations into several new languages were added:
  • English (United Kingdom): en-GB
  • French (Canada): fr-CA
  • Galician: gl
  • Hebrew: he
  • Indonesian: id
  • Portuguese (European): pt

Bug fixes

• Reddit spout allows wider range of URLs, including absolute URLs and searches (#1033)
• Improved compatibility with newer versions of PHP (#1049, #1157, #1236, #1294)
• logger_level=NONE is now handled correctly (#1077)
• URLs containing special characters like commas in query string are now handled correctly (#1082)
• Set 60 second timeout to spout HTTP requests to prevent a single feed blocking other updates (#1104)
• Significantly improved accessibility (#1133, #1134, #1141 and #1345)
• Fixed marking more than 1000 items as read at the same time (#1182)
• Fixed loading full text on pages containing ampersands in URLs (#1188)
• Fixed missing styling in article contents (#1221)
• Golem, Lightreading and Heise spouts now use Graby for extracting article contents instead of our own defunct extraction rules. (#1245)
• The tag colour picker now pre-selects the current colour instead of a placeholder colour. (#1269)
• OPML import now correctly handles valid files. (#1366)
• OPML import will prefer title attribute over text for feed names. (#1366)
• OPML import is now able to read files when the browser sends an incorrect MIME type. (#1366)

API changes

• tags attribute is now consistently array of strings, numbers are numbers and booleans are booleans. This might break third-party clients that have not updated yet. (#948)
• API is now versioned separately from selfoss and follows semantic versioning (#1137)
• API 2.21.0: /mark now accepts list of item IDs encoded as JSON. Requests using application/x-www-form-urlencoded are deprecated. (#1182)
• Dates returned as part of items now strictly follow ISO8601 format. (#1246)
• The following are deprecated and will be removed in next selfoss version:
  • Passing credentials in query string, use cookies instead. (#1360)
  • GET /login endpoint, use POST /login. (#1360)
  • GET /logout was deprecated in favour of newly introduced (API 4.1.0) DELETE /api/session/current. (#1360)
  • POST /source/delete/:id in favour of DELETE /source/:id. (#1360)
• API 6.0.0: Makes the author field null when an item author is not known (#1367)

Customization changes

• selfoss.shares.register was removed. Instead you should set selfoss.customSharers to an object of sharer objects. The action callback is now expected to open a window on its own, instead of returning a URL. A label and a HTML code of an icon (you can use a <img> tag, inline <svg>, emoji, etc.) are now expected.

  To demonstrate, if you previously had

  selfoss.shares.register('moo', 'm', true, function(url, title) {
      return 'http://moo.foobar/share?u=' + encodeURIComponent(url) + '&t=' + encodeURIComponent(title);
  });

  in your user.js file, you will need to change it to

  selfoss.customSharers = {
      'm': {
          label: 'Share using Moo',
          icon: '🚛',
          action: ({url, title}) => {
              window.open(`http://moo.foobar/share?u=${encodeURIComponent(url)}&t=${encodeURIComponent(title)}`);
          },
      },
  };

  (#1017, #1035, #1359)

• Custom FullTextRss filter were moved to fulltextrss directory in data directory (#1043)

• Spouts can now implement getSourceIcon() instead of getIcon() when icon is associated with the feed, not individual icons. (#1190)

• Some language files have been renamed to use correct IETF language tag and you might need to change the language key in your config.ini:

  • Simplified Chinese zh-CN
  • Traditional Chinese zh-TW
  • Norwegian Bokmål nb
  • Swedish sv

• Wallabag sharer now targets Wallabag 2 by default. This is potentially breaking change but hopefully, no one uses Wallabag 1 any more. (#1261)

• defaults.ini file is no longer used, it is only provided for ...

2.18

New features

• Full-text RSS spout is now able to extract content from PDFs (#897)
• URL is no longer cleaned when changing spout (#906)
• It is possible to set tag or source to be opened after user logs in (#927)
• Displaying multiple images from tweets with galleries is supported (#934)
• Quoted tweets are supported (#934)
• Logging destination can be changed (#1004)

Bug fixes

• Fixed Full-text RSS spout (#897)
• It is now unlikely that the client browser gets outdated JS or CSS (#907) On Lighttpd, you might need to update your configuration.
• Fixed back button not working correctly on small screens (#906)
• When using PostgreSQL, vacuuming is left to the database (#906)
• Items from different spouts but with the same uid will not be ignored anymore (#906)
• GitHub spout was modified to correctly escape the data (#906)
• YouTube spout was changed to allow wider range of URLs (#915)
• The items without a date will no longer be added again after clean-up (#914)
• Changed favicon fetcher for RSS spout to be more resilient (#920)
• Tweets are no longer truncated (#934)
• Using arrow keys in photo galleries will no longer change opened item (#942)
• Facebook spout is finally working again (#936)
• PSR-4 autoloading is now used, fixing the compatibility with custom spouts. If you use custom spouts, please make sure to check compliance. (#959)

Other changes

• Fixed compatibility with PHP 7.2 (#1005)
• Improved translations (#932, #981, #985, #1003)
• Changed library for handling ico files (#926)
• Upgraded FancyBox, the gallery looks much slicker now (#942)
• For developers: JavaScript libraries now have to be obtained using NPM (#942)
• Login is now done using AJAX, a step towards progressive web app (#931)
• Guzzle is used for HTTP requests making them more reliable (#936)
• Ironed out some inconsistencies in database schema (#955)
• For developers: JavaScript client code is now checked using eslint (#951)
• Increased resolution of the favicon (#961)
• Added warning when autoloader is missing (#957)
• Removed redundant alt attribute from favicons (#978)
• Favicons are now easier to click on mobile (#992)
• Tables that do not fit into columns will now show a scrollbar (#1001)
• For developers: Coding style and other code requirements can be easily checked using grunt check. (#943)
• Warning will be logged when icon/thumbnail directories are not writeable (#1009)
• Removed readability spout and sharing (#1012)

2.17

New features

• Spout title can be fetched automatically (#851)
• selfoss is now navigable (#869)
• Refreshing the sources using the button no longer blocks the user interface (#846)
• State of the items is synced periodically (#846)
• Added option for sharing with Wallabag 2 (#887)

Notable changes

• Composer is used for dependency management, if you downloaded selfoss from git repository you will need to use composer for installing dependencies. (#845)
• Simplified detecting selfoss root URL which should fix some cookie problems (#889)
• Made the db_port configuration key optional (#843)
• Migrated to .htaccess to Apache 2.4 syntax (#833)

Bug fixes

• Fixed YouTube spout (#842)
• DeviantArt, Reddit, Golem and Twitter spouts changed to use HTTPS (#835)
• Fixed reddit spout redirects (#835)
• Fixed Wordpress emoji size on HTTPS sites (#835)
• Fixed twitter links when tweet contains < (#852)
• Fixed encoding problems caused by camo (#826)
• Fixed “$HTTP_RAW_POST_DATA is deprecated” error when updating a single source (#841)
• Fixed twitter spout error reporting (#847)
• Improved error reporting for reddit spout (#860)
• Removed the need for MySQL 5.6; MySQL 5.5.3 or greater is now required again (#863)
• Made RSS feed generated by selfoss valid (#862)
• Fixed #774 “Incorrectly calculated offset for loading new items” (#869)
• Fixed code listings overflowing to different column (#889)

2.16

• update Datebase bug on db change to version 9
• clean the Golem.de content a little bit
• allow to collapse/expand filter list
• fix a problem with "tags list" height on collapse/expand filter list
• fix styling issues
• fix read count of secondary tags
• fix and update language files
• fix php 7 bug
• link item source to source listing
• heise spout: Use HTTPS to retrieve feeds
• added the scroll_to_article_header option
• spouts\twitter: Add support for private feeds
• fetch and show emoji icons
• fix reddit spout
• prevents window.opener vulnerability

2.15

• improved handling of load list errors
• Bugfix: f3/Web: workaround CURLOPT_FOLLOWLOCATION not allowed when open_basedir is set
• Bugfix: MySQL update time default field
• improvement of translations
• Add spout "RSS Feed (with enclosures)" to support feed enclosures
• Added keyboard shortcut to refresh sources (Shift+r)
• add support for private (@) and hidden (#) tags
• Optimize SQL request to look for icon usage
• Bugfix: Restore pgsql compatibility
• Bugfix: fix tags filtering
• Remove useless debug log
• tweak browser icons
• add toolbar color from Chrome for Android
• added new auto_collapse option
• added rewrite rule for ACME well known location. (folder for lets encrypt)
• improve accesibility of selfoss
• added no-referrer meta tag
• Bugfix: fixed the search offset
• Bugfix: fixed the "active" flag in the sources list
• Rename floIcon constructors for PHP 7 support
• indicator of below the fold unread entries

2.14

• Implemented settings overwrite through prefixed ENV variables.
• Fix: F3 would not launch when "magic_quotes_gpc" is not set.
• Multiple enhancements to unread count user interface
• Allow configuration of html <title>
• inline and resize emojis to fit into text flow
• fix blockquote and pre overflow-x resetting
• Wordpress share
• add <strike/> to allowed HTML-elements
• Add functionality to show when the last post was found for a source
• Change MySQL engine to InnoDB
• fix file permissions
• fix bad failure handling when using mobile mark these read button
• fix typos
• refresh event handlers upon mark these read ajax call error
• rename CLI update script (Fix #587)
• fix db_prefix not working (#686)
• mobile: add unread count near logo at the top
• periodicaly poll for stats updates, and reload list if it is empty
• fixed "$HTTP_RAW_POST_DATA is deprecated" error
• fix bad failure handling when using mobile mark these read button
• rename CLI update script (Fix #587)
• some refactorings

2.13

• add fulltext rss spout for loading full content from any rss feed
• show unread count in the document title
• add titles to buttons
• fix the author color on smartphones
• fix reload shortcut after hitting last element of list
• enable the app behaviour on android
• add option 'auto_hide_read_on_mobile' support. Allows to hide read it when closing fullscreen view. Default to 0
• fix tag names not case sensitive in mysql
• fix bad encoding with selfoss-android app
• avoid sql syntax error for spouts with zero items
• avoid pgsql error on editing source
• fix favicon parsing
• enable secure cookie if using https and prevent cookie access from js
• fix 'trying to get property of non-object' error
• fix cannot run when base url contains a ~
• fix cannot login when not using HTTPS
• fix front-end nginx (through https:443) forward to apache2 (through http:80) the base url was http and not https
• correctly return 403 permission denied when auth is lacking
• correctly style sup and sub elements in entry content
• scroll entry into view when not completely visible
• github spout: use f3 internals and log errors in db
• improvement of UTF-8 decoding
• selfoss user agent for spouts
• fix parsing href to get icon url
• also try to use feed logo as icon
• show and log error with stacktrace
• added spout that is capable to retrieve a twitter list
• allowing strike-through tag
• new filter support for sources
• allow windows 8 start screen pinning with notifications
• pgsql upgrade to v6: please use transactions
• new translation for brazilian portuguese
• fix error during opml import
• allow code html element in feed content
• fixup feed icon in html homepage regexp
• unbreak twitter spout: allow inline HTML elements in title
• cleanup database abstraction code duplication
• optimize database access
• fix multiple database connections
• hide passwords in source edit view
• fix cookie not being set over HTTP
• convert thumbnails to jpg
• allow target attribute
• add custom javascript file: user.js
• ensure proper failure when feed url return HTTP/406
• improvement of hungarian translation
• improvement of polish translation
• improvement of japanese translation
• improvement of czech translation

2.12

• fix prefix bug on mysql
• integrate fancybox for images
• improved twitter integration
• show authors of feeds
• wallbag support added
• update third party libraries
• allow ajax based update of feeds
• fix utf8 feed title bug
• fix #405: extra spaces on login screen
• fix #518: sorting of sources

2.11

• little fix to Polish translation
• instapaper spout: use HTTPS
• A new spout to get full text for entries in the Teltarif RSS feed
• fix pgsql VACUUM ANALYZE syntax error
• A new spout to get full text for entries in the Lightreading RSS feed
• Multi-language support of search and error fix.
• Make it possible to disable auto stream more, add handy "Mark these read" button
• Use PHP to set the fore color of all tags
• itemsPerPage value is set from INI file.
• API header returns application/json
• added estonian translation
• allow sub and sup elements
• entry CSS tweaks
• REST API : Get only items updated since given time #532
• Bugfix: API REST : /login should return true if auth is disable
• Bugfix: Heise feed pull kills Update process #499
• Bugfix: https for openshift #488
• Bugfix: heise spout error handling #517

2.10

• fix error 500 on icon fetching
• add heise hardware-hacks
• reddit2 spout: fix link to return http
• reddit2 spout: add empty validation on username and password
• setting to lazy load images on mobile devices
• update fat free php framework version 3.2.0
• improve heise spout
• fix duplicate items with MySQL
• fix auto language detection
• save OPML export file with xml extension
• sqlite's "optimize()" was implemented
• sources: show sources with error first
• fix bug on base url determining using https
• support search terms with quotes to find exact phrase like "Windows 8"
• github spout fix (set user agent)
• more opml export logging