I made a bunch of improvements and added a bit of documentation. I think it's now ready to be reviewed, but it's still blocking by #2476 (from which the two first commits come). Also added the "nice to have" improvements that I didn't implement in the first message.

Just to let you know @Alkarex, I saw you merged dev into my branch but I prefer to rebase my branches to keep the history clean (easier to read, easier to find a bug in a specific commit)

@marienfressinaud I just used GitHub's built-in tool to resolve the conflict :-)
In general, I think forced pushes and other forms of history rewriting should be kept to rare occasions to fix errors. They make collaboration quite difficult. For instance, if I merge this branch in my own Alkarex/dev branch to test it (where I also simultaneously test other PRs), and your branch history is rewritten, then I cannot pull your new changes anymore and there is a big work to do to get a working branch again (potentially having to reset my test branch and re-merge all the ones I want to test at the same time). Even when testing a single branch, a rewritten history is annoying as it breaks simple pulls to get newer updates.
It also breaks reviews, make some commits disappear (e.g. my conflict resolution is gone), make some comments on old commits disappear, breaks the ability to see the changes since the last review, etc.
Finally, I do not think the clean history is an issue at all: all git clients that I know distinguish commits made in the active branch from commits made in other branches (e.g. merged), and we can then squash & merge when the PR is ready anyway :-)

Btw, perhaps you already know but I recently discovered that on GitHub you can do this:

# assuming your own fork is origin and the one here is upstream
git fetch upstream pull/2481/head
git checkout FETCH_HEAD

That's interesting and I strongly agree with some of your arguments. In the mean time, I consider my branches as my personal workspaces and nobody should base their work on it nor modify them. In this context, force-push should not be a problem. I would not recommend to test different work-in-progress branches at the same time neither, but I can understand that can be useful.

I'm not a huge fan of squash because you lose how the feature has been constructed. I always try to build my PRs logically and they are reviewable commit by commit. I personally prefer a merge with no fast-forward to keep the history. It can also help a lot to understand why and how a bug got introduced.

In the mean time, GitHub is definitely not adapted to this workflow: as you said, comments are lost, it's difficult to see the last changes, commits are not ordered correctly in the "Commits" tab, etc.

Considering that, I'll try an "in-between": I'll commit my fixes with commit --fixup=<commit to fix> and don't rebase until the PR is approved. I'll have to refrain myself because I worked this way for the three last years ^^ I found it powerful and it helped me to understand better how Git works and how to fix an error… but it's definitely advanced usage of Git and collaboration is more important than some technical tricks :)

It is not a big deal in any case :-) A bit more feedbacks:
Regarding the squash & merge, the history is kept in the PR itself, together with the discussions, reviews, etc.
Rewriting history makes a branch more difficult to test (pull is not working anymore), even when you are the only one making changes.
Rewriting history also makes the exact construction progress disappear (e.g. missing commits, out of context commits).
By the way, when you submit the PR, you can decide whether you allow changes to your branch by others or not.

I think it's all good now!

And still have the following error, preventing any e-mail from being sent:

[error] --- Minz_Mailer cannot send a message: Invalid address:  (From): root@localhost
AH01071: Got error 'PHP message: Invalid address:  (From): root@localhost\n'

P.S.: No difference between root and noreply. But changing for postmaster@[.....].fr worked

It is because PHPMailer calls PHP's FILTER_VALIDATE_EMAIL which does not accept @dotless

I suggest adding:

PHPMailer::$validator = 'pcre8';

Just after
https://github.com/flusio/FreshRSS/blob/2cde74db503adf581ece09a17924da378edcb660/lib/Minz/Mailer.php#L77

With the syntax fix, and the validator fix, it should be good for me.

I used html5 validator, like in the rest of the code. It should work now!

Uh,

I see on fediverse that FreshRSS has been updated, so i the update from web admin interface has alway !

1. after update (complete I hope) redirect to https://<my instance>/i/?c=error
2. on network navigator debugger many https://<my instance>/i/?c=user&a=validateEmail
3. I try to log with my email instead username, classic error login page
4. I connect to my VPS, configs seems OK
5. Little search on github issue / pr I fall here
6. Inspect some code and found this line : https://github.com/flusio/FreshRSS/blob/a3031d21bf7ffbeae10683ad333dc5c355fa09bb/app/Controllers/userController.php#L128
7. check my account config file : no key email_validation_token in this file (not found in example user config file too but i'm on a terminal maybe i don't see it)
8. So i add this key with '' value
9. Yeah i'm able to connect

I recommend you to use php empty function instead strongly typed equality :

$email_not_verified = !empty(FreshRSS_Context::$user_conf->email_validation_token);

Check https://www.php.net/manual/en/function.empty.php
maybe if you support very old php version you should store FreshRSS_Context::$user_conf->email_validation_token in a variable and use this var in empty

More safe in context of checking config that can be from very old version of app my instance running without update issue from many years (4-5years I think)

At this time, I'm happy to be a Developper or I will not hase solve my issue without help ^^.

Best regards

@Purexo Yes, this line is indeed bad, especially the strict inequality. Could you please send a pull request to fix it? I have not checked much the e-mail flow ( ping @marienfressinaud ), but couldn't you log with your normal username? Please open another issue if that was not the case.
Even when the parameters are not in your own account config file, default parameters are supposed to be loaded from https://github.com/FreshRSS/FreshRSS/blob/dev/config-user.default.php so I am not entirely sure of what the exact problem was.

I confirm that the email_validation_token should be taken from the default user config if not set in your own config file. I also checked that config-user.default.php is updated during a ZIP update (it should but maybe it failed?) Could you post the content of this file to check if it's actually up-to-date?

Side note about empty function: it's probably what should be used here in PHP, but I'm really annoyed with this kind of solution since it basically says: I don't really know what's the value of this variable. Here, it would even have hidden a real bug.

When some data comes from somewhere that is not fully controlled, the code should allow for some typical variations. In this case, I do not think it makes sense to strictly test for an empty string and fail for the other nullable values. In this case, I would argue for != ''. Not empty() though, because the value comes back from a wrapper (which might return null):

(Which I think we should remove at some point in favour of native code, but that is another story :-))

but couldn't you log with your normal username? Please open another issue if that was not the case.

I was not able to connect with my username nor email.
Since I've add email_validation_token in my user config file, I am able to connect with my username. Not with my email but I don't care.
I think when tried to login with username before modify the config, the form works well, and I was connected but the system was checking validateEmail rule, the rules did not passed so redirect (badly infinite, Firefox was detect the redirect loop and abort it.)
Should I create an issue ?

Even when the parameters are not in your own account config file, default parameters are supposed to be loaded from https://github.com/FreshRSS/FreshRSS/blob/dev/config-user.default.php

I've looked into the config-user.default.php file (on my server): no email_validation_token key in.

Yes I've update with zip (available in web-admin interface), it work well from many years and really convenient.

I can make a fast PR from github if you wan't. Should I checkout from dev branch ?

@Purexo Yes please, /dev branch 👍