Commit Graph

19034 Commits

Author SHA1 Message Date
Daniel Lockyer
796961329a
Fixed yarn test from top-level repo
- we probably don't want it to be this long term but it allows us to
  enable tests on the new packages
2022-07-20 17:41:11 +02:00
Daniel Lockyer
b65816f421
Disabled Ghost-CLI test
- this is broken for now until I have dependency bundling working for
  the monorepo
2022-07-20 17:30:48 +02:00
Daniel Lockyer
9fa789159c
Reset Publishing packages version and visibility
refs https://github.com/TryGhost/Toolbox/issues/354

- these packages are here for development and will be bundled when
  published, so they don't need versioning nor publishing
2022-07-20 17:20:24 +02:00
Daniel Lockyer
685b270013
Deleted .gitkeep file
- this was leftover from the Publishing packages migration
2022-07-20 17:19:04 +02:00
Daniel Lockyer
75d8a29642
Migrated Publishing packages into Ghost repo
refs https://github.com/TryGhost/Toolbox/issues/354

- now we've turned the Ghost repo into a monorepo, we can migrate
  packages back in to make development easier
2022-07-20 17:18:08 +02:00
Daniel Lockyer
70110a39cc
Deleted Release GitHub Action
- I don't want it accidentally triggering whilst I'm importing packages,
  and it's likely to change anyway in the near future
2022-07-20 17:16:07 +02:00
Daniel Lockyer
6f1e7fc40f
Fixed migration review action target paths
- now we've moved to a monorepo, the paths have changed
2022-07-20 16:50:33 +02:00
Daniel Lockyer
3d989eba23 Converted Ghost repo into a monorepo
refs https://github.com/TryGhost/Toolbox/issues/354

- this commit turns the Ghost repo into a monorepo so we can bring our
  internal packages back in, which makes life easier when working on
  Ghost
2022-07-20 16:41:05 +02:00
Simon Backx
516b527c65 Fixed comment notification emails for replying on your own comment
fixes https://github.com/TryGhost/Team/issues/1697

- Don't send a notification email when you reply on your own comment
- Added some tests for comment emails (requires some async waiting, maybe we can improve this in the future)
2022-07-20 15:50:08 +02:00
renovate[bot]
ecfa22efab
Update dependency metascraper to v5.29.18 2022-07-20 12:33:47 +00:00
Simon Backx
3b9f9524f1 Updated comments helper tests
refs 0c5c1abb1a

- Fixes broken test
- Added some extra tests for the new behaviour
2022-07-20 10:37:06 +02:00
Simon Backx
0c5c1abb1a Added data-comments-enabled attribute to comments helper
refs https://github.com/TryGhost/Team/issues/1693

- The comments section needs to know the access settings for comments
- Updated the comments helper to also double check access settings (comments enabled + member has access to the post)
2022-07-20 10:21:19 +02:00
renovate[bot]
0fdbba9dbd Update Test & linting packages 2022-07-19 20:05:27 +00:00
renovate[bot]
b671504a2c
Update Test & linting packages 2022-07-19 19:25:37 +00:00
renovate[bot]
bc4aebf163 Update Test & linting packages 2022-07-19 18:55:22 +00:00
renovate[bot]
11d0ab9605 Update dependency c8 to v7.12.0 2022-07-19 18:33:27 +00:00
Daniel Lockyer
8be9db7bcf
Merged v5.4.1 into main
v5.4.1
2022-07-19 16:01:04 +02:00
Daniel Lockyer
e39937ae21 v5.4.1 2022-07-19 14:57:42 +01:00
Daniel Lockyer
445d5b4da2
🐛 Fixed new member count helpers not included in GScan helpers
- this was due to GScan not being published and bumped before the member
  count helpers were merged into Ghost and released
2022-07-19 15:41:02 +02:00
Kevin Ansfield
682e051840
Added editor.url config (#15045)
no issue

- used for an ongoing react based editor experiment
- by exposing `editor.url` in public config it lets Admin dynamically fetch the external module and allows for independent releases of the editor without needing to have a full Ghost release
- follows the same pattern as portal and comments
2022-07-19 14:23:29 +01:00
Simon Backx
309ead6108
🐛 Fixed sending multiple support email verification emails (#15044)
refs https://github.com/TryGhost/Team/issues/1686

- When the settings are updated with the `members_support_address` key present, it would always send a verification email
- Root cause is that the service failed to check if the email was changed or not. Due to a bug it always thought the email was changed, triggering the verification flow.
- The admin app will always send all the settings keys when changing some other value. This causes a lot of email verification emails.
- Added tests and email count checks in tests
2022-07-19 15:21:53 +02:00
Daniel Lockyer
1ba2988e98
Added v5.* to workflow triggers
- this is needed so we run CI tests on release branches
2022-07-19 15:21:42 +02:00
Simon Backx
2e1a756213
🐛 Fixed sending multiple support email verification emails (#15044)
refs https://github.com/TryGhost/Team/issues/1686

- When the settings are updated with the `members_support_address` key present, it would always send a verification email
- Root cause is that the service failed to check if the email was changed or not. Due to a bug it always thought the email was changed, triggering the verification flow.
- The admin app will always send all the settings keys when changing some other value. This causes a lot of email verification emails.
- Added tests and email count checks in tests
2022-07-19 15:13:29 +02:00
Daniel Lockyer
d1f2040d8a
Added content/settings to .npmignore
- this folder should be clean of non-README files in the published package
  so we need to add it to `.npmignore` to ignore any other files
2022-07-19 11:05:29 +02:00
Daniel Lockyer
578b405afc
Deleted deprecated Grunt commands
- these have been deprecated and undocumented for a long time so we can
  now clear them up as `yarn main` and `yarn test ...` are the official
  ways to do the same thing
2022-07-19 08:38:02 +02:00
Daniel Lockyer
48194ff444
Refactored release workflow
- up until now, we've been running `grunt release` before publishing to
  NPM or pushing the canary zip
- this command runs the production asset build and generates a zip
- this zip isn't used by the NPM publishing task because that does an
  `npm pack`
- we only use it for the canary build, but this should be brought more
  inline with the NPM process to make the gaps smaller
- this commit refactors the `grunt release` task to become a lot smaller
  by removing the generated zip steps
- the expected workflow is now to just to an `npm pack`, which will run
  the `prepack` task to generate a `.tgz` archive
- this should still respect `.npmignore`, so it'll just include the
  files we expect
- the test of the canary workflow is being updated to handle this
- also cleans up a dev dependency that is no longer used, along with 2
  imports
2022-07-19 08:32:54 +02:00
renovate[bot]
d6d6be1327 Update dependency knex to v2.2.0 2022-07-19 00:27:50 +00:00
renovate[bot]
94072c4a32
Update dependency knex to v2.2.0 2022-07-18 22:37:53 +00:00
Naz
f240aa60ff Added test to versioned Content API response
no issue

- The test adds clarity to how Content API handles 404 error where the resource was not found. The need came from a suspicion we do not handle this scenario well on production.
2022-07-18 13:45:00 +01:00
renovate[bot]
fb074f6fba
Update dependency eslint to v8.20.0 2022-07-18 00:52:24 +00:00
renovate[bot]
45594680c0
Update dependency @sentry/node to v7.7.0 2022-07-15 15:01:46 +00:00
Daniel Lockyer
2ff53ef0da v5.4.0 2022-07-15 16:00:33 +01:00
Daniel Lockyer
1137e3093e Updated Admin to v5.4.0 2022-07-15 16:00:33 +01:00
Daniel Lockyer
9524f9de88 🎨 Updated Casper to v5.2.1 2022-07-15 16:00:32 +01:00
Daniel Lockyer
388c28f4b5
Updated dependency knex-migrator to v5.0.1
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-07-15 15:35:51 +01:00
Fabien 'egg' O'Carroll
feaf5d0c91
🐛 Fixed tag url field when explicitly querying fields
refs https://github.com/TryGhost/Ghost/issues/14983

The url field of tags is read dynamically from the url service, rather than
from the database. The lookup requires the id of the tag, which was missing
from the model when asking for explicit fields which didn't include id. By
adding the id as a default column to fetch, we know for sure that we will always
have the necessary data to read the url.
2022-07-15 15:11:24 +01:00
Simon Backx
05d82b35c7 Published new versions
- @tryghost/image-transform@1.2.0
 - @tryghost/mw-error-handler@1.0.4
 - @tryghost/vhost-middleware@1.0.27
2022-07-15 15:16:47 +02:00
Simon Backx
6cc92fac9a Added support for transforming AVIF files
no issue

- This adds the possibility to format AVIF files in Ghost if requested.
- This format is supported in Sharp
- Provides smaller file sizes than webp
2022-07-15 15:12:56 +02:00
Simon Backx
c6621dc17d
🐛 Updated support email verification flow (#15029)
refs https://github.com/TryGhost/Team/issues/584

The current support email verification flow uses an API endpoint as verification URL inside the emails. This is a bad pattern, and also has the side effect that it shows a JSON error if something goes wrong.

To fix this, this commit updates the whole flow to use the same pattern as newsletters:
- You can update the `members_support_address` setting directly via the edit endpoint of settings.
- Changes to that (and future 'guarded' email properties) are blocked and generate verification emails automatically.
- When an email verification has been sent, the meta property `sent_email_verification` is set.

Other changes:
- Underlying, the implementation of email verificaton has moved from the (old) members service to the settings BREAD service. This makes it easier to add extra email addresses in settings later on that are not related to 'members'.
- Now you can update the `members_support_address` by updating the settings directly, so the `updateMembersEmail` endpoint has been deprecated and is mapped to the new behaviour.
- The SingleUseTokenProvider threw a `UnauthorizedError` error if a token was expired or invalid. Those errors are caught by the admin app, and causes it to do a page reload (making the error message and modals invisible). To fix that, I've swapped it with a validation error.

Future changes:
- Existing emails that have been sent 24h before this change is applied, still use the `validateMembersEmailUpdate` API endpoint. This endpoint has not been removed for now, to not break those emails. In a future release, we should remove this.

Changes to admin: https://github.com/TryGhost/Admin/pull/2426
2022-07-15 14:43:52 +02:00
renovate[bot]
7b6bf4cf67 Update dependency sqlite3 to v5.0.9 2022-07-15 12:18:48 +01:00
Fabien 'egg' O'Carroll
e60806de45
Redirected Members to previous post/page upon sign-in
refs https://github.com/TryGhost/Team/issues/1174
refs https://github.com/TryGhost/Members/pull/408

When logged out members navigate a site and want to interact with, for example
comments, they are redirected to the homepage after sign-in with the magic link,
this is disorientating, and means they then need to navigate back to the content
they were interacting with.

This change means that sign-in's will be redirected to the page from which they 
were initiated, allowing a more streamlined flow for logged out members wanting
to add comments.

We've restricted the redirect to URI's which are on the same domain as the site,
and we also do a relative redirect, this is to ensure that a malicious actor does not
send magic links which redirect off-site and leak authentication details
2022-07-15 11:55:09 +01:00
naz
6901c3c435
🐛 Fixed 'comped' flag behavior in Member API (#15030)
closes https://github.com/TryGhost/Team/issues/1674

- The comped flag in Members API unintentionally stopped working when v3 API was dropped with the release of Ghost v5. The flag is deprecated but should be back-compatible for now - we don't want to break integratons like Zapier.
- To properly deprecate the flag we need to plan it's removal and start signalling about it through the version headers

Co-authored-by: Simon Backx <simon@ghost.org>
2022-07-15 11:16:06 +01:00
Fabien "egg" O'Carroll
0ff47d4b51 Published new versions
- @tryghost/magic-link@1.1.0
 - @tryghost/members-api@8.3.0
 - @tryghost/members-stripe-service@0.10.6
2022-07-15 11:03:57 +01:00
Fabien 'egg' O'Carroll
f3130d9538 Passed request referrer to magic link service (#408)
refs https://github.com/TryGhost/Team/issues/1174

This paves the way for Ghost to be able to redirect to the referrer
page when dealign with signup magic links. We pass the referrer for
all types of magic links however, to allow extension of this
functionality in the future.

We've also removed the concept of `requestSrc` which has been unused
for a while now.
2022-07-15 11:02:58 +01:00
renovate[bot]
5fc7a90bf9 Lock file maintenance 2022-07-14 20:04:41 +00:00
Rishabh Garg
e91beb72e8
Replaced offer serializer with mapper (#15028)
closes https://github.com/TryGhost/Team/issues/1623

The offers API endpoint had it's own custom serializer pattern, which didn't fit well with how the API is meant to work.

- refactored the offer data format returned by internal api controller to match other controllers
- removed custom serializer for offers, instead adds a mapper to follow consistent pattern for all apis
- adds explicit allowlist for offers content API data
2022-07-14 21:40:33 +05:30
Naz
ef1c4764d3 Published new versions
- @tryghost/members-api@8.2.1
2022-07-14 16:15:02 +01:00
Naz
08b49a3475 Updated method signatures and added JSDocs
refs https://github.com/TryGhost/Team/issues/1674

- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
2022-07-15 03:12:35 +12:00
Naz
05105e1173 Updated method signatures and added JSDocs
refs https://github.com/TryGhost/Team/issues/1674

- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
2022-07-14 12:54:58 +01:00
Naz
2a7166ffc3 Fixed typo 2022-07-14 12:10:18 +01:00