no refs
- Updated the css classes from `kg-card-callout*` to `kg-callout-card*` for the callout card. This improves consistency with the other cards' css.
refs https://github.com/TryGhost/Team/issues/1202
We were storing all possible columns for a member, rather than the ones
sent up in the CSV - this was causing updates to existing members to
have their data removed. This fix means that we only store the columns
that were sent up in the CSV - so that missing columns are not affected.
closesTryGhost/Team#1238
- previously returned 500 errors when a subscription had invalid number of prices due to external tampering on Stripe directly
- instead now returns 400 Bad Request error when subscriptions don't have right number of prices
refs: TryGhost/Toolbox#147
* Replaces all references to isIgnitionError with isGhostError
* Switches use of GhostError to InternalServerError - as GhostError is no longer public
There are places where InternalServerError is not the valid error, and new errors should be added to the @tryghost/errors package to ensure that we can use semantically correct errors in those cases.
no refs
- In the custom theme settings, the `color` default error was saying `null` and empty string values were allowed. They weren't. The description is now fixed
refs https://github.com/TryGhost/Team/issues/1243
When invalid subscriptions without any price data are included in the
API, we are faced with errors due to the data being in an undefined
state. This updates the API to not respond with these invalid
subscriptions.
refs https://github.com/TryGhost/Team/issues/1001
We fall back to existing behaviour if no API key is present, or if there
is an error communicating with the Twitter API. We're also currently
requesting all the data, which will be thinned down once we understand
what we need.
This also includes a custom renderer for embeds of type "twitter" which
will be used to output the custom HTML for emails
refs: https://github.com/TryGhost/Toolbox/issues/105
Lint rules prevent:
* Invalid naming conventions for new migrations
* Loop constructs in migrations - these should be used with caution
and are therefore a warning rule, use `// eslint-disable-next-line
no-restricted-syntax` to prevent this rule from firing where a loop is
required
* Returing within a loop - this is usually meant to be a
continue/break
* Multiple joins - these can be badly performing migrations, so should
be treated with caution, disable the rule for the line if the risk is
understood / the migration cannot be written without it
refs https://github.com/TryGhost/Team/issues/1239
- bumps `@tryghost/html-to-mobiledoc` that uses a new parser plugin for transforming `<blockquote class="kg-blockquote-alt">` to an `aside` section in mobiledoc as that's what we use as a workaround for storing alternative blockquote style
refs https://github.com/TryGhost/Team/issues/1206
- This add a warning when the `card_asset` config is set so that Ghost doesn't include the callout card css AND the callout card css isn't in the theme
- The update also contains a fix to correctly detect partials named `fill`
- The update also improves the error content when gscan finds an unkown partial
refs https://github.com/TryGhost/Team/issues/1236
We want to ensure that Offers share a name with the correspondent coupon
in Stripe, which have a max length of 40 characters, so we are applying
the same restriction to Offers.
refs https://github.com/TryGhost/Team/issues/1235
- we are seeing `oembed-parser` 1.5.2 have intermittent issues when
fetching oembed data
- we're not sure of the reason but reverting the dependency to 1.4.9 seems to fix
the issue
- this commit reverted the bump in Ghost and adds it to Renovate's ignore
list so it isn't automatically bumped in the future
refs https://github.com/TryGhost/Team/issues/1232
- Only require the right css rules depending on the `card_assets` configuration
- 🐛 removed `kg-width-wide` and `kg-width-full` from being considered as card asset, as they should always be defined in themes (it was only a problem in v4.11.x)
- Upgrading the version of minifier to a patched version that ensures the dir exists before writing a file
- This is needed because although the content/public directory is present in the repo, it is not present in production installs
made with Ghost-CLI or Pro until changes there are merged. Other production setups will likely miss it too.
- Ensuring the dir means no one is suprised by this not working
refs d4b10323b7
- as mentioned in the referenced commit, there was another optimization
regarding batching the inserts
- this seems good to me in the end, so I've updated knex-migrator to do this
- this commit bumps knex-migrator to the updated version
- after this change, a `knex-migrator init` goes from 5.5s to 5s locally
and we've removed ~470 DB queries
refs 8d9a561cab
- see referenced commit for context but we were doing unnecessary SELECT
queries when initializing the DB and the commit reduces this by half
- this commit updates `knex-migrator` to that containing the commit
refs https://github.com/TryGhost/Team/issues/1211
This adds the payload as a data attribute to the rendered card so that
we can transform the card form HTML back to mobiledoc easily.
refs https://github.com/TryGhost/framework/pull/41
- see the referenced PR for context but Ghost could not authenticate to
SES in containers using IAM because of a missing dependency
- this has been updated in the Nodemailer docs and added in the PR
- the `@tryghost/nodemailer` package has been updated so this commit
bumps it in Ghost
- credits to https://github.com/touzoku for the fix
refs https://github.com/TryGhost/Team/issues/1211
This adds custom rendering for nft cards in emails, using tables instead
of flexbox for alignment.
This also updates the button card to add the missing `kg-card` class to
it.
refs https://github.com/TryGhost/Team/issues/1211
The nft card rendering has been updated to correctly handle the switch
from card_type to type, and the removal of the html property from the
NFT embed API
refs https://github.com/TryGhost/Team/issues/1209
- bumps koenig default cards to include support for toggle card
- bumps html to mobiledoc library to add support for toggle card
refs https://github.com/TryGhost/Toolbox/issues/120
- When a file name with an .mp4 extension was passed in it was mistakenly taken as an invalid extension. It is pretty valid!
- Fixing this bug allows for for duplicate file detection when uploading valid valies with extensions containing numbers
- Extensions that consiste only from numbers are still treated as invalid
refs https://github.com/TryGhost/Toolbox/issues/114
- This adapter is meant to power Files API
- The files will be stored under `/files/` in the configured content path and under `/content/files/` URL.
refs 03d24ea4fe
- see the referenced commit for the full explanation but in short, Sharp
has an internal cache it uses when optimizing images and it defaults
to 50MB. This cache is not needed for our use-case because we never
optimize images twice
- `@tryghost/image-transform` has been updated to disable the cache and
this commit bumps the package in Ghost
refs https://github.com/TryGhost/Team/issues/1067
The auto-login behaviour obliterates the concept of a success URL,
because the Member is redirected in a logged in state, to the welcome
URL - rather than a logged out state to the success URL.
In order to not disrupt existing flows, we disable auto login if a
success URL is provided.
- Requires the new @tryghost/minifier package
- Adds a new service that will handle taking config from the theme and optionally including assets for Koenig editor cards
- It supports both css and js as cards may need one or both
- For any given config, the tool can find the matching files to include and concat and minify them into one file per type
- Currently has an override in place so that this is not yet customisable in the theme - will remove this override when we're ready for the feature
refs https://github.com/TryGhost/Team/issues/1115
This feature is now GA, and the flag has been hardcoded to `true`, here we clean up the
remaining references as they're no longer needed.
refs https://github.com/TryGhost/Team/issues/1067
When the `membersAutoLogin` labs flag is enabled this will override the
successful redirect URL from Stripe Checkout - and instead use a magic
link, which will log the Member in.
Note that this will only work for brand new members. This is to stop
unauthorized access of Member accounts.
refs https://github.com/TryGhost/knex-migrator/issues/241
Previous to this bump if a migration was occuring across multiple
versions and a migration was to error, we would incorrectly rollback
migrations which had not run yet.
For example - assume we are on v1.0.0 and migrating to v1.3.0, and there are
migrations for v1.1.0, v1.2.0 & v1.3.0. In the case that a migration in
v1.2.0 fails, we will still attempt to rollback migrations from v1.3.0.
This is no longer the case, and we will only roll back migrations which
have already been run.
refs https://github.com/TryGhost/Team/issues/887
This updates our webhook handling to ignore invoices which are not
associated with a subscriptions. This stops us from throwing 500 errors
when a Stripe account is used for more than just Member subscriptions,
for example - selling products, or taking one-off payments.
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter
- Uploading large files is costly and might cause DDoS. Limits would allow fair use of the site instance.
- The configureation in hostSettings to enable an "uploads" limit would look like following:
```
"hostSettings": {
"limits": {
"uploads": {
"max": 5,
"error": "Your plan supports uploads of max size up to {{max}}MB. Please upgrade to reenable uploading."
}
}
}
```
- Read more at ba37890be4/packages/limit-service (usage)
refs https://github.com/TryGhost/Team/issues/1197
We were always sending the 'signin' email, rather than respecting the
email_type param passed to the API. This updates our email sending when
creating members to force the requested type if it's present.
refs https://github.com/TryGhost/Toolbox/issues/71
- Node 16 is now LTS so we're adding support in Ghost
- we're also bumping the minimum Node 14 version to 14.17.0 so we can merge
dependencies who have higher Node 14 requirements than current
- this commit adds Node 16 to the `package.json` engines and to CI
- also bumps all dependencies that needed new versions to add Node 16
support
no issue
- bumped `@tryghost/custom-theme-settings-service`
- contains a fix for invalid filter strings being generated for theme names that contain `.` by wrapping the name in quotes, eg `theme:'4.1.1-my-theme'`
no issue
- bumped `@tryghost/custom-theme-settings-service`
- contains a fix for invalid filter strings being generated for theme names that contain `.` by wrapping the name in quotes, eg `theme:'4.1.1-my-theme'`
refs https://github.com/TryGhost/Team/issues/885
This webhook was not used to populate data, and was causing 404's when
checkout sessions were completed, but payment had failed. Removing it
should fix these 404's.
no-issue
This removes logic from the Members API controller, and into the Members
BREAD service, this allows our controllers to be simpler and easier to
maintain, as well as keeping the important logic all together.
no-issue
The error messages for duplicate Offer name and code were not
particularly helpful. This includes an update to them based on feedback
from Peter.
refs https://github.com/TryGhost/Team/issues/1135
This adds Offer information to Subscriptions for which the Offer is
valid. This means that if a Subscription has changed its Tier/Cadence
from the what the Offers supports - it will not be attached. The data
however is still stored in the db.
This also fixes a bug with creating Stripe Checkout Sessions without an
Offer.
refs https://github.com/TryGhost/Team/issues/1166
This updates the Members & Offers modules to correctly handle
disconnecting from Stripe, this includes:
- Deleting Stripe data on disconnect (coupons for Offers)
- Recreating missing Stripe Coupons after disconnect/reconnect
refs linear.app/tryghost/issue/CORE-74/improve-the-test-situation
- this commit adds the codecov GitHub Action into CI so we can upload
coverage reports
- the coverage files need to be in XML for them to work with
codecov, so this commit also adds cobertura (XML) as a reporter
refs https://github.com/TryGhost/Team/issues/1149
Ghost allows different themes to have the same `name` value in `package.json` but gives them a custom name based on the zip file used to upload it. The custom theme settings service however was always using the package.json name meaning that when syncing a theme with a duplicate name it was overwriting the settings for all other themes.
- bumped `@tryghost/custom-theme-settings-service` which changes the `.activateTheme()` signature to accept a theme name as the first argument
- updated our calls to `.activateTheme()` to pass Ghost's known theme name as the first argument so we're always syncing with the correct `theme` field value in the `custom_theme_settings` table
no-issue
We were only updating the Offer description if it was truthy - rather
than if it existing, this resulting in empty strings or null not working
correctly.
refs https://github.com/TryGhost/Team/issues/1132
This adds redemption_count to the Offers API so that we can display how
many times an Offer has been used. This also adds the storage mechanism
for Offer Redemptions - which ensure that everytime a Checkout Session
is completed - we will create the Offer Redemption in the database.
This means that manual usage of the underlying will not count toward the
Offer redemption count, this is considered an edge case.
refs https://github.com/TryGhost/Team/issues/1156
When a payment fails but Stripe Checkout succeeds, a subscription is
created in the "incomplete" status. This would result in a Member not
being linked to the Product. When the subscription was later updated to
"active" or trialing - the Product would still not be added!
This updates the members-api to always link the Product to the Member
for active subscriptions - regardless of if they're new or not.
- we have the `@tryghost/logging` library to manage logging across all
our code
- this package is intended to be a singleton, otherwise we have multiple
versions of logging loaded
- we sometimes have problems where dependencies also use
`@tryghost/logging` but Ghost's yarn.lock is not regenerated to update
this
- this means we have multiple versions of `@tryghost/logging` running
- this commit updates the dependency @tryghost/update-check-service to
v0.2.4 to clean up the yarn.lock of multiple versions
no issue
- right now, we mount all API endpoints (v2, v3 and canary), alongside some
other routes, when Ghost is booting. This is wasteful because we don't
necessarily need any of the endpoints to get Ghost up and running
- even when Admin is used, it uses `canary` so `v2` and `v3` sit in memory
- the better approach here is to lazy load these endpoints, so they only
get mounted when needed
- this commit adds the `lazyUse` function into our Express lib,
which takes a mount path and a module function to execute down the
line. This gets passed to the wonderful `express-lazy-router` lib which
detects when we're calling an unmounted module and will mount it for
us
- from local testing, this speeds up boot time by about 18% and reduces
initial memory usage by about 6% 🚀
no-issue
An update in the MembersAPI meant that coupons were not correctly being
passed to Stripe Checkout. This bump contains the fix to ensure they
are.
refs https://github.com/TryGhost/Team/issues/1133
This updates the MembersAPI Checkout Session handling to 403 if an
attempt is made to create a Checkout Session using an archived Offer.
no-issue
The MembersAPI using the OfferRepository coupled it to the internals of
the Offers Module - instead we pass the "external" API - so that we can
change the internals, and not have to update the MembersAPI's usage.
refs https://github.com/TryGhost/Team/issues/1131
This will allow Ghost Admin to display separate lists of active and
archived Offers! We must pass the options through so that the
OffersService is able to handle the filter passed in the request.
refs https://github.com/TryGhost/Team/issues/1131
This updates the Offers Service to include the `status` of an Offer,
which will be either 'active' or 'archived'. It also allows setting the
`status` of an Offer to one of these two values when adding & editing
Offers.
no issue
Boot-time metrics are really valuable for understanding how releases affect the performance of Ghost. The new @tryghost/metrics package lets us ship these metrics to different sources using the same configuration framework as @tryghost/logging introduced.
closes https://linear.app/tryghost/issue/CORE-91/add-email-analytics-job-unstalling-mechanism
- Additional debug stagements should give better visibility into what's going on with the internal services fetching email events.
- To see all email analytics related outputs use following DEBUG value:
DEBUG=@tryghost/email-analytics-provider-mailgun:email-analytics*
refs https://github.com/TryGhost/Team/issues/1104
- bumped `@tryghost/custom-theme-settings-service` so it throws a more appropriate `ValidationError` when setting keys don't exist or a select value is not known
- changed the custom theme settings service to have a `.init()` method which creates an instance of the service under `.api` so that we're able to create the instance at a particular point in the boot process when we know the models have been initialised
- there were problems in tests because the service was being initialised through the require chain before models were initialised through the boot process
- fixed incorrect `camelCase` of resource name in API responses
refs 838fe54628
- see referenced commit for majority of context but in short,
knex-migrator was doing a DB query per migration folder
- in Ghost, we currently have 79 folders, which results in 79
queries during boot... owch
- the bump to knex-migrator in this commit uses a smarter method of
grouping together the DB entries in 1 query, resulting in a drop of 79
queries -> 1 query
refs https://github.com/TryGhost/Team/issues/1083
This field is not required but was previously causing API errors when
missing, the bump to members-offers removes this requirement.
refs https://github.com/TryGhost/Team/issues/1083
Offers with a "repeating" duration will repeat for a number of months.
These offers are restricted to the monthly Cadence. This updates the
members-offers module to add support for them.
refs https://github.com/TryGhost/Team/issues/1083
The @tryghost/members-offers package has been updated to add support for
more Offer durations and types
Co-authored-by: Renovate Bot <bot@renovateapp.com>
refs https://github.com/TryGhost/Team/issues/1090
This updates the Members & Offers modules to provide support for using
Offers in Stripe Checkout.
Members module now needs a handle to the Offers module repository, and
as such we have had to reorder the services boot order.
- some tests are necessarily driven from the db
- these are like unit tests, except they only make sense if using the db - else you have to stub too much to make them worthwhile
- for these rare but important cases, we have the clear concept of integration tests
- We have a bunch of important server-related e2e tests
- Make these clear in their own folder
- "server" is everything that isn't the api or the frontend - kind of a catch-all concept
refs https://github.com/TryGhost/Team/issues/1083
This adds the Offers service which will allow us to build out an Admin
API to communicate with it. As well as wiring up the redirects to the
site app.
refs https://github.com/TryGhost/Team/issues/1083
The Offers service is going to need access to the StripeAPIService too,
so we need to move it out of the @tryghost/members-api module and make
it accessible to both.
no issue
- bumped `@tryghost/custom-theme-settings-service`
- fixes errors when a previously seen theme setting has been removed from the theme when syncing
- fixes settings for non-active theme being deleted/updated instead of just settings for the current theme
refs https://github.com/TryGhost/Team/issues/1075
This includes changes to how we handle upgrading subscriptions to ensure
that members are immediately charged for upgrades. This fixes a flaw
where upgrading would not be charged until the end of the current
billing cycle, essentially giving free upgraded access for a period of
time.
refs https://github.com/TryGhost/Team/issues/1070
- bumped `@tryghost/custom-theme-settings-service` for access to `.updateSettings()`
- added `PUT /custom_theme_settings` route that delegates to `customThemeSettingsService.updateSettings()` to perform the db and cache updates
- invalidates the cache in Ghost because a theme setting change will mean the front-end output will change
refs https://forum.ghost.org/t/un-noticed-email-config-change-in-4-15-16/25869/6
refs https://linear.app/tryghost/issue/CORE-66/fixed-secureconnection-alias-for-nodemailer
- `secureConnection` was removed in Nodemailer 1.0.2 in favor of
`secure` but we're locked into supporting it because a lot of
our users will have it in their config
- I attempted to alias it to keep compatibility but I did this
incorrectly and only handled the cases where it was set to `true`
- this meant users who had disabled secure connections were seeing SSL
warnings because the library was trying to connect via SSL to a
non-SSL endpoint
- the aliasing is fixed in `@tryghost/nodemailer` 0.3.3 and so this
commit bumps the package in Ghost