Commit Graph

7972 Commits

Author SHA1 Message Date
Hannah Wolfe
c5224b4d31
🛠 Change setup tooling to use yarn setup (#9413)
no issue

1. renamed alias:
  - we have a special alias that does initial setup tasks that are only supposed to be run once
  - changing the alias to be `setup` rather than `init` otherwise it is too easy to confuse with `grunt init`
2. require globals to be installed manually
  - yarn is RUBBISH at managing globals
  - internally we use npm for this (actually we have a managed list of globals) and yarn for everything else
  - by moving this to documentation, rather than a command, we have flexibility to do this differently
  - also explicit globals are better than installing these without the user knowing IMO
3. setup includes knex-migrator
  - do this automatically instead of knex-migrator init being a separate command
  - every other time knex-migrator is needed, Ghost _should_ tell you what to do
2018-01-22 14:48:33 +00:00
Kevin Ansfield
69d5fac61e
Resurrect the old alpha Koenig editor (#9277)
requires https://github.com/TryGhost/Ghost-Admin/pull/916
- add "enableDeveloperExperiments" config flag
- allow any HTML payload through in the HTML mobiledoc card
  - same approach as taken in the markdown card, running the markup through SimpleDOM isn't necessary and is prone to breaking because of it's limited parsing and error handling abilities

To use Koenig modify your `config.development.json` file and add the following flag to the top-level object:

```
"enableDeveloperExperiments": true
```

If you restart the dev server you will then see a new section on the Labs screen with a Koenig Editor checkbox to enable/disable the editor.

⚠️ The editor is in a _very_ broken state, it's there for developer testing and on-going development. _Do not_ try to use this on any production data!
2018-01-18 15:43:22 +00:00
kirrg001
357ea3dffd 🐛 Fixed showing old release notifications in the about page
no issue

- reported in slack (https://ghost.slack.com/files/U8QV8DXQB/F8TSBQ532/image.png)
- do not expose old release notification
  - e.g. you are on 1.20.0
  - you receive a notification for 1.20.1 to update
  - you update to 1.20.1
- ensure we protect exposing the release notification (compare against blog version)
- protect against wrong formats
- @TODO: the notifications could store a `version` property
  - by that we could use `notification.version` and don't have to match the version in the message
2018-01-18 12:19:55 +01:00
kirrg001
147813c2d8 Version bump to 1.20.2 2018-01-17 18:13:44 +01:00
kirrg001
1fd9b2cbd6 Updated Ghost-Admin to 1.20.2 2018-01-17 18:13:44 +01:00
Katharina Irrgang
9a8acd5517
Downgraded dependencies (#9403)
no issue

- knex@0.12.9
- bookshelf@0.10.3
- and any dependency, which relies on knex@0.14
- we experienced an unwated behaviour where the blog keeps too many connections open
- we have to investigate
2018-01-17 17:49:07 +01:00
Peter Garland
35fbba3bcb Fixed bad references to common.i18n (#9402)
no issue

- happened during refactoring (search+replace)
2018-01-17 17:28:42 +01:00
kirrg001
0121683fd8 Version bump to 1.20.1 2018-01-16 14:36:25 +01:00
kirrg001
b5a4160578 Updated Ghost-Admin to 1.20.1 2018-01-16 14:36:25 +01:00
Katharina Irrgang
c062114e47
Increased cache-control for ghost-sdk.min.js and ghost.min.css (#9399)
no issue

- we increase the client in-memory expiry for production built assets
- as soon as there will be another release, a new asset hash is generated and the client cache is invalidated automatically (doesn't matter how long we store the file in the client)
- the next step is to get rid of having asset hashs part as query params
  - ghost-sdk.min.js?v=1234 is becoming e.g. ghost-sdk-1234.min.js
  - reasons:
    - A: performance tools complain about it
    - B: we no longer invalidate the asset hashs for built assets if the theme changes
2018-01-16 12:22:29 +01:00
Katharina Irrgang
e480c7c50d 🐛 Reload translations if active theme get's overridden (#9392)
no issue

- discovered while testing
  - activate theme
  - download theme
  - modify theme
  - upload theme
  - override? yes
  - translation files are not reloaded, because the database is up-to-date
- remove un-used events in theme api layer
- trigger event from theme service
2018-01-12 09:19:28 +00:00
kirrg001
042b18cb69 Bump dependencies
no issue

- brute-knex@4feff38ad2e4ccd8d9de05f04a2ad7a5eb3e0ac1
- knex-migrator@3.1.4
- ghost-ignition@2.8.17
2018-01-11 22:59:22 +01:00
Katharina Irrgang
4d6538fbca
Bump dependencies (#9391)
no issue

- bookshelf@0.12.1
- knex@0.14.2
- moment@2.20.1
- eslint@4.15.0
- nock@9.1.6
- sinon@4.1.4
2018-01-11 21:19:34 +01:00
Hugo Marisco
ccb5fd837e Fixed wrong status code for incorrect token requests (#9374)
closes #9346

- server returned 500, happened when you send an empty username/password
- return 400 instead
- error message is/was correct
2018-01-11 16:17:03 +01:00
David Wolfe
b69b9780a9 Backup endpoint improvements (#9365)
closes #9297

- backup endpoint returns JSON
- allows setting of export filename
- DRY up code
- the endpoint is not documented, no breaking change
2018-01-11 16:03:21 +01:00
kirrg001
b9d3f45402 Version bump to 1.20.0 2018-01-09 21:42:08 +01:00
kirrg001
bf31d562a1 Updated Ghost-Admin to 1.20.0 2018-01-09 21:42:08 +01:00
kirrg001
ccb3b3de38 Fixed 1.20 migration script
no issue

- `models.Settings.destroy` only accepts one argument
2018-01-09 21:38:13 +01:00
Katharina Irrgang
5b77f052d9
Update Notification improvements (#9123)
closes #5071

- Remove hardcoded notification in admin controller
  - NOTE: update check notifications are no longer blocking the admin rendering
  - this is one of the most import changes
  - we remove the hardcoded release message
  - we also remove adding a notification manually in here, because this will work differently from now on
    -> you receive a notification (release or custom) in the update check module and this module adds the notification as is to our database

- Change default core settings keys
  - remove displayUpdateNotification
    -> this was used to store the release version number send from the UCS
    -> based on this value, Ghost creates a notification container with self defined values
    -> not needed anymore

- rename seenNotifications to notifications
  -> the new notifications key will hold both
     1. the notification from the USC
     2. the information about if a notification was seen or not
  - this key hold only one release notification
  - and n custom notifications

- Update Check Module: Request to the USC depends on the privacy configuration
  - useUpdateCheck: true -> does a checkin in the USC (exposes data)
  - useUpdateCheck: false -> does only a GET query to the USC (does not expose any data)
  - make the request handling dynamic, so it depends on the flag
  - add an extra logic to be able to define a custom USC endpoint (helpful for testing)
  - add an extra logic to be able to force the request to the service (helpful for testing)

- Update check module: re-work condition when a check should happen
  - only if the env is not correct
  - remove deprecated config.updateCheck
  - remove isPrivacyDisabled check (handled differently now, explained in last commit)

- Update check module: remove `showUpdateNotification` and readability
  - showUpdateNotification was used in the admin controller to fetch the latest release version number from the db
  - no need to check against semver in general, the USC takes care of that (no need to double check)
  - improve readability of `nextUpdateCheck` condition

- Update check module: refactor `updateCheckResponse`
  - remove db call to displayUpdateNotification, not used anymore
  - support receiving multiple custom notifications
  - support custom notification groups
  - the default group is `all` - this will always be consumed
  - groups can be extended via config e.g. `notificationGroups: ['migration']`

- Update check module: refactor createCustomNotification helper
  - get rid of taking over notification duplication handling (this is not the task of the update check module)
  - ensure we have good fallback values for non present attributes in a notification
  - get rid of semver check (happens in the USC) - could be reconsidered later if LTS is gone

- Refactor notification API
  - reason: get rid of in process notification store
    -> this was an object hold in process
    -> everything get's lost after restart
    -> not helpful anymore, because imagine the following case
      -> you get a notification
      -> you store it in process
      -> you mark this notification as seen
      -> you restart Ghost, you will receive the same notification on the next check again
      -> because we are no longer have a separate seen notifications object
  - use database settings key `notification` instead
  - refactor all api endpoints to support reading and storing into the `notifications` object
  - most important: notification deletion happens via a `seen` property (the notification get's physically deleted 3 month automatically)
    -> we have to remember a seen property, because otherwise you don't know which notification was already received/seen

- Add listener to remove seen notifications automatically after 3 month
  - i just decided for 3 month (we can decrease?)
  - at the end it doesn't really matter, as long as the windows is not tooooo short
  - listen on updates for the notifications settings
  - check if notification was seen and is older than 3 month
  - ignore release notification

- Updated our privacy document
- Updated docs.ghost.org for privacy config behaviour
- contains a migration script to remove old settings keys
2018-01-09 15:20:00 +01:00
juan-g
f671f9d2c9 Theme translations and blog localisation (#8437)
refs #5345, refs #3801

- Blog localisation
  - default is `en` (English)
  - you can change the language code in the admin panel, see https://github.com/TryGhost/Ghost-Admin/pull/703
  - blog behaviour changes depending on the language e.g. date helper format
  - theme translation get's loaded if available depending on the language setting
  - falls back to english if not available

- Theme translation
  - complete automatic translation of Ghost's frontend for site visitors (themes, etc.), to quickly deploy a site in a non-English language
  - added {{t}} and {{lang}} helper
  - no backend or admin panel translations (!)
  - easily readable translation keys - very simple translation
  - server restart required when adding new language files or changing existing files in the theme
  - no language code validation for now (will be added soon)
  - a full theme translation requires to translate Ghost core templates (e.g. subscriber form)
  - when activating a different theme, theme translations are auto re-loaded
  - when switching language of blog, theme translations are auto re-loaded

- Bump gscan to version 1.3.0 to support more known helpers

**Documentation can be found at https://themes.ghost.org/v1.20.0/docs/i18n.**
2018-01-09 14:50:57 +01:00
Katharina Irrgang
dcb2aa9ad4
Improved forwarding model options in the API layer (#9380)
no issue

- our API layer uses a unit to combine incoming data and options
- e.g. `options.data` is the end result
- we have to take care that we don't pass data into the model layer

Credits: Olivier Arteau
2018-01-09 13:26:09 +01:00
Aileen Nowak
430973b85b 🐛 Fixed date helper timezone bug
closes #9381

Fixes a bug where the date helper would ignore any timezone settings, when called with a specific date option, e. g. `published_at`, as `timezone` was only ever assigned when called without options.
2018-01-09 13:05:54 +01:00
Aileen Nowak
b99d3bc70a Revert "🐛 Fixed date helper timezone bug (#9382)"
This reverts commit c3b0219d70.
2018-01-09 13:05:54 +01:00
汪磊
c3b0219d70 🐛 Fixed date helper timezone bug (#9382)
closes #9381

Fixes a bug where the date helper would ignore any timezone settings, when called with a specific date option, e. g. `published_at`.
2018-01-09 17:44:01 +07:00
kirrg001
a1393762f6 Lazily require modules in lib/common/index
no issue

- decreases chance of not-loaded modules or circular dependencies
- e.g. the i18n implementation will use the settings-cache and the settings-cache uses lib/common/events
2018-01-08 21:12:16 +01:00
Aileen Nowak
8ea861c496 Bump Amperize to version 0.3.7 (#9370)
no issue

- includes updated tests and usage of another user-agent for image requests
2018-01-04 14:44:33 +01:00
Aileen Nowak
19a6c8a426 Added test for images w/o extensions for image size util (#9367)
closes #9022

Images without extensions don't need to be manipulated, as we're now reading the bytes and pass those to the `image-size` lib.

This PR adds another `user-agent` to emulate multiple browser requests, as I stumbled over an example where the image without extension is protected otherwise.

Added a test, that works with above mentioned image, but is currently mocked. Nevertheless, the image worked as a PoC, that we're able to read the bytes of an image without its extension and still return the dimensions of the image.
2018-01-04 12:03:41 +01:00
Aileen Nowak
aef4597503 Version bump to 1.19.2 2018-01-04 17:21:55 +07:00
Aileen Nowak
1c07e7d903 Updated Ghost-Admin to 1.19.2 2018-01-04 17:21:55 +07:00
Kevin Ansfield
44a9e1901b 🐛 Fixed missing mail templates in npm package (#9369)
closes #9368 

- when the mail service was moved in a recent refactor the `.npmignore` was not updated resulting in the mail templates being excluded from the npm package
- updates `.npmignore` list with the new mail templates location
2018-01-04 10:38:22 +01:00
Katharina Irrgang
341f719d92
Extended ghost version utility (#9278)
refs https://github.com/TryGhost/Ghost-Release/issues/24

- differentiate between
  1. original package.json version (can contain pre and build suffix)
  2. full package.json version X.X.X-{pre} (optional)
  3. safe package.json version X.X (major+minor)
2018-01-03 20:20:18 +01:00
Kevin Ansfield
455a1879d9 Version bump to 1.19.1 2018-01-03 14:39:59 +00:00
Kevin Ansfield
cf446359db Updated Ghost-Admin to 1.19.1 2018-01-03 14:39:59 +00:00
Kevin Ansfield
fddc9a928c Upgrading Casper to 2.1.8 2018-01-03 13:49:21 +00:00
kirrg001
eb0a11d53a Fixed import test: post duplication detection within a file to import
no issue

- with 29e143fa9a import queries no longer run in parallel
- this commit simply adds a small code snippet to reflect the importer behaviour

1) duplicate slugs *within* a file are getting ignored
2) existing posts in the database and posts to import with the same slug, result in duplicates

Further improvements regarding duplication detection will happen via #8717.
2018-01-03 13:34:15 +00:00
kirrg001
428008e63d Revert "🐛 Fixed importer duplicate detection for posts"
refs #8717

- we decided to not changing the current importer behaviour
- no slug duplication detection means, importing posts can result in duplicates
2018-01-03 13:34:15 +00:00
Kevin Ansfield
f73e81d483
Merge pull request #9363 from kirrg001/big-imports
- Bump bookshelf-relations to version 0.1.4
- 🐛 Fixed large imports
- 🐛 Fixed importer duplicate detection for posts
2018-01-03 10:28:53 +00:00
kirrg001
02bd71d0f5 🐛 Fixed importer duplicate detection for posts
closes #8717

- this is now required, because we run import queries sequentiell
- this code protects two cases:
  - you have duplicate slugs in the JSON file (the first get's inserted, the second get's ignored)
  - you have an existing slug in the database and you try to import the same slug, get's ignored
2018-01-03 00:07:41 +01:00
kirrg001
29e143fa9a 🐛 Fixed large imports
closes #9348

- do not run import with `Promise.all`
- with a large import file, we run an enormous amount of queries in parallel, which does not allow Node to cleanup memory
- tested with an 13mb import file
- requires bookshelf-relations 0.1.4
2018-01-02 23:21:45 +01:00
kirrg001
fccfa7614d Bump bookshelf-relations to version 0.1.4
no issue

- patch release with two fixes:
  - 1. attach target models in batches
  - 2. ensure we detach the bookshelf model event from new targets, otherwise we can run into memory leaks
2018-01-02 23:20:04 +01:00
John O'Nolan
5cb41dbcd9 2018 2018-01-02 21:44:41 +00:00
Aileen Nowak
ae741b1a18 Removed bluebird promise wrap in request lib (#9343)
refs #9178, refs #8988

With 7353c87d7f we use Bluebird globally for Promises. Therefore, the request lib doesn't need to be wrapped in a bluebird Promise anymore.

This was originally done, so we can work with catch predicated in our image-size lib.

Updated the tests to proof, that the catch predicates work.

The tests fail, as soon as the Promise overwrite is commented out.
2018-01-02 12:18:56 +01:00
kirrg001
98dcbd72bc Bump dependencies
no issue

- bson-objectid@1.2.2
- image-size@0.6.2
- knex-migrator@3.1.3
- nconf@0.10.0
- sanitize-html@1.16.3
- superagent@3.8.2

- eslint@4.14.0
- grunt-contrib-uglify@3.3.0
- grunt-subgrunt@1.3.0
- mocha@4.1.0
- nock@9.1.5
- should@13.2.0
- sinon@4.1.3
2018-01-02 12:08:32 +01:00
汪磊
7a98c99cba Renamed BasicErorRenderer to BasicErrorRenderer (#9358)
no issue

- typo 🙊
2018-01-02 10:33:43 +01:00
Hannah Wolfe
bcf6e9f517 Fixed error trying to render 404 for missing asset
refs #8868

- Loading the admin prior to a build results in: Failed to lookup view "error-404" in views directory
- This fixes that error, by splitting the HTMLErrorRenderer and the ThemeErrorRenderer into two separate things
2017-12-22 20:08:59 +00:00
juan-g
4cca2353e0 consistency change for english translation keys: use camel case (#9347)
no issue

- required for #8437 
- one instance of hyphenated key changed; the rest of keys in file
_core/server/translations/en.json_ are already camelCase
- also converted `common.i18n.t()` calls to this key in file
_core/server/update-check.js_
- this allows to simplify i18n to an unified use of `jsonpath`
2017-12-18 15:47:55 +01:00
Katharina Irrgang
a5af7d6384 Used request lib in xmlrpc (#9333)
refs #9178, refs https://github.com/TryGhost/Ghost/pull/8980
2017-12-15 16:50:18 +07:00
Katharina Irrgang
6e94cedfa2 Ensure cors check happens for /authentication/token route (#9317)
no issue

- otherwise external browser clients run into cors problems
2017-12-15 09:35:48 +00:00
Abijeet Patro
73c0bf554a 🐛 Fixed emoji in Slack test notification not rendered by Discord (#9313)
closes #9263

- changed emoji for Slack test notification to 😄 which will be correctly rendered as emoji by both, Slack and Discord.
2017-12-15 11:19:37 +07:00
kirrg001
991ccb1d35 Moved make-absolute-urls to url service
refs #9178

- this util uses the url services (!)
- moving this file into lib would not make sense right now
  - that would mean a module requires first ../lib/url, which then requires ../services/url
- the url service definitely need a clean up 😃
2017-12-14 22:34:37 +01:00