Commit Graph

3068 Commits

Author SHA1 Message Date
Kevin Ansfield
c240f7afa4
Added rendering of posts.lexical to posts.html when saving (#15416)
no issue

- added `@tryghost/kg-lexical-html-renderer` dependency
- added `lexical` lib following the same pattern as our `mobiledoc` lib
- updated the Post model's `onSaving` hook to generate the `html` value from `lexical` when present
2022-09-15 16:49:14 +01:00
Daniel Lockyer
08ba5065f2
Added ARM64 prebuilt binaries for SQLite
refs https://github.com/TryGhost/node-sqlite3/releases/tag/v5.1.1

- this bumps the version of `sqlite3` to one with prebuilt ARM64
  binaries so we need less dev tooling to run Ghost
2022-09-15 15:22:19 +01:00
renovate[bot]
3d328d24e6 Update sentry-javascript monorepo to v7.13.0 2022-09-15 15:13:23 +01:00
renovate[bot]
edb8afe106
Update dependency sqlite3 to v5.1.0 2022-09-14 19:53:21 +00:00
renovate[bot]
5714dec524 Update babel monorepo to v7.19.1 2022-09-14 18:54:53 +01:00
renovate[bot]
8c172d506d Pin dependencies 2022-09-14 18:53:15 +01:00
Fabien "egg" O'Carroll
160a0f881e Added initial link-tracking package
refs https://github.com/TryGhost/Team/issues/1888
2022-09-14 13:24:17 -04:00
Fabien "egg" O'Carroll
8fe200ff45 Added initial link-redirects package
refs https://github.com/TryGhost/Team/issues/1887
2022-09-14 13:24:17 -04:00
renovate[bot]
57f2b64bf2
Update dependency knex-migrator to v5.0.5 2022-09-14 16:49:38 +00:00
renovate[bot]
a435b2c54c Update dependency date-fns to v2.29.3 2022-09-13 18:24:39 +01:00
renovate[bot]
236addf67f Update dependency @babel/plugin-proposal-decorators to v7.19.0 2022-09-13 18:24:27 +01:00
Kevin Ansfield
6fc9cd5f80
Added passthrough + saving of lexical property on posts/pages (#15403)
no issue

- bumped `@tryghost/admin-api-schema` to allow passthrough of the `lexical` property on post and page API endpoints
- prevented saving of blank document in the `mobiledoc` field if `lexical` is provided
- prevented API input containing both `mobiledoc` and `lexical` fields to avoid issues when both are present:
  - not possible to know which content is latest/has precedence
  - not possible to know which editor should be displayed in Admin
2022-09-13 17:29:37 +01:00
renovate[bot]
2a3b4908e1
Update dependency ember-cli-htmlbars to v6.1.1 (#15389)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-13 09:20:09 +01:00
renovate[bot]
1b8dbb132f
Update Test & linting packages (#15338)
* Update Test & linting packages
* Fixed new `no-quoteless-attributes` template lint errors

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Kevin Ansfield <kevin@lookingsideways.co.uk>
2022-09-13 09:19:14 +01:00
renovate[bot]
da905b1dff Update dependency @types/nodemailer to v6.4.6 2022-09-13 08:39:26 +01:00
Daniel Lockyer
a766253a78
Merged v5.14.1 into main
v5.14.1
2022-09-12 16:06:43 +01:00
Kevin Ansfield
e230370b33 🐛 Fixed Admin freeze when filtering long tag lists
closes https://github.com/TryGhost/Ghost/issues/15391

- `vertical-collection` component was throwing errors during render when the tags list was filtered down causing slowdowns or full Admin crashes
- similar regression had popped up before and fixed in https://github.com/TryGhost/Ghost/pull/15207 but the dependency had been bumped again without realising it caused an error
- added a test that triggers the error-throwing behaviour in the tags input to help catch this in future dependency updates
2022-09-12 15:49:59 +01:00
renovate[bot]
f53eac3043 Update dependency html-validate to v7.4.1 2022-09-12 09:42:13 +01:00
renovate[bot]
621956a1f3
Update dependency @html-next/vertical-collection to v3.1.0 (#15385)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-09 09:11:59 +01:00
Naz
8935f53d63
Fixed yarn command failure
refs ab0661c746

- The command was failing on non-org machines because the @tryghost/adapter-base-cache was published as private by accident.
2022-09-09 13:39:57 +08:00
Naz
ab0661c746
Fixing yarn command failure
no issue

- By bumping the version of adapter-base-cache I'm expecting `yarn` command to pick up this package. I suspect the failures on CI are due to some caching issue.
2022-09-09 13:26:51 +08:00
Naz
ff5919e86c
Extracted cache adapter base class to external package
https://github.com/TryGhost/Toolbox/issues/364

- When the adapter base class lives deep inside Ghost's codebase it is pretty hard for other developers to extend it. With the goal of making Ghost easier to use and deploy by others, this kind of functionality should be as easy to extend as possible.
- The base adapters should live in the TryGhost/SDK repository. Next ones to move are Scheduling, SSO, and Storage base adapters.
2022-09-09 12:36:49 +08:00
renovate[bot]
b377390855 Update dependency ember-concurrency to v2.3.7 2022-09-08 18:32:42 +01:00
renovate[bot]
3d4c97f8c7
Updated @tryghost dependencies (#15349)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-08 18:32:13 +01:00
renovate[bot]
be70064716
Pinned dependency html-validate to 7.3.3 (#15384)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-08 10:30:07 +01:00
Simon Backx
4534b693e4
Added test that validates output HTML of email template (#15365)
refs https://github.com/TryGhost/Team/issues/1871

This commit adds a test to the serialize method of `post-emaiserializer`. It checks whether the generated email HTML is valid and standard HTML5 and that all properties are escaped.

To do this validation, I depend on the new `html-validate` dev dependency. Just parsing the HTML with a HTML parser is not enough to guarantee that the HTML is okay.

Apart from that this fixes:
- Removed the sanitizeHTML method and replaced it with normal HTML escaping. We don't want to allow any HTML in the escaped fields. Whereas `sanitizeHTML` still allows valid HTML, but we don't want that and want the same behaviour as on the site. E.g., a post with a title `All your need to know about the <br /> tag` should actually render the same title and non-html content, being `All your need to know about the &lt;br /&gt; tag`
- The file, nft and audio card didn't (always) escape the injected HTML fields (new version @tryghost/kg-default-cards) 
- `@tryghost/string` is bumped because it contains the new escapeHtml method
2022-09-08 10:11:01 +02:00
renovate[bot]
290a5f2ceb Update dependency ember-concurrency to v2.3.6 2022-09-07 20:28:46 +01:00
renovate[bot]
4438a72095 Update dependency concurrently to v7.4.0 2022-09-07 13:44:35 +01:00
renovate[bot]
3d76c89660 Update dependency @playwright/test to v1.25.2 2022-09-07 13:10:11 +01:00
renovate[bot]
5812e491d2 Update dependency uuid to v9 2022-09-07 13:06:48 +01:00
renovate[bot]
fa1861aad3 Update dependency ember-concurrency to v2.3.5 2022-09-07 07:39:10 +01:00
Kevin Ansfield
10946a56b2
🐛 Fixed product card images causing very wide emails in Outlook (#15374)
closes https://github.com/TryGhost/Team/issues/1873

- bumps `@tryghost/kg-default-cards` which amends the product card rendering to output adjusted `width` and `height` attributes and a resized `src` attribute on the `<img>` element
2022-09-06 19:36:19 +01:00
renovate[bot]
167f2d577a
Update dependency ember-concurrency to v2.3.4 (#15357)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-05 10:56:21 +01:00
renovate[bot]
a967a8f930
Update metascraper to v5.30.4 2022-09-02 19:09:45 +00:00
renovate[bot]
8c91f7b7d4 Update sentry-javascript monorepo to v7.12.1 2022-09-02 16:27:26 +01:00
renovate[bot]
49578f0661
Update dependency reframe.js to v4.0.1 (#15346)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-02 12:35:39 +01:00
Kevin Ansfield
c220c1e288
🐛 Fixed image width/height and links not being preserved when pasting or importing html (#15350)
refs https://github.com/TryGhost/Koenig/issues/330
refs https://github.com/TryGhost/Koenig/issues/329

- bumps packages related to pasting content into the editor and importing content via the posts API with `?source=html`
2022-09-01 17:31:21 +01:00
renovate[bot]
b4ba598190
Update dependency ember-concurrency to v2.3.2 (#15300)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-01 17:12:31 +01:00
renovate[bot]
abeed13abf
Update dependency ember-fetch to v8.1.2 (#15298)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-01 17:11:54 +01:00
renovate[bot]
d0103a6b31 Update sentry-javascript monorepo to v7.12.0 2022-09-01 08:48:54 +01:00
Kevin Ansfield
41313f6993 Replaced emberx-file-input addon with in-app implementation
refs https://github.com/TryGhost/Team/issues/1734

- resolves some deprecations raised by the addon which has fallen out of regular maintenance
- we were largely overriding much of the addon so the additional code was minimal, most of the changes were from updating to modern patterns
2022-08-31 22:21:31 +01:00
renovate[bot]
36ac8ccb41
Update dependency knex to v2.3.0 2022-08-31 20:32:37 +00:00
renovate[bot]
87a97726c6
Update dependency human-number to v2.0.1 2022-08-31 19:21:36 +00:00
renovate[bot]
405d1acec5 Update dependency @tryghost/express-test to v0.11.3 2022-08-31 16:42:28 +01:00
Daniel Lockyer
7a2f766668
Added logging configuration option for timestamps to use the local timezone
fixes https://github.com/TryGhost/Ghost/issues/15190
refs https://github.com/TryGhost/framework/pull/76

- log output always uses UTC timestamps, but it may be desirable to
  configure logs to use the local machine timezone
- a new config option has been added to `@tryghost/logging` so you can
  switch the logs to the local timezone
- this commit bumps the package and sets the default config option to
  `false`, so it doesn't suddenly change the timezone of the logs
- docs will be updated soon but if you'd like to use the
  timezone-altered timestamps, you can set `logging.useLocalTime` to
  `true`
- credits to https://github.com/levee223 for the implementation and PR
2022-08-31 10:29:55 +01:00
renovate[bot]
5a359be582 Update dependency knex-migrator to v5.0.4 2022-08-31 07:36:17 +00:00
Kevin Ansfield
bc185665a4 Removed use of ember-route-action-helper
refs https://github.com/TryGhost/Ghost/issues/14101
refs https://github.com/TryGhost/Team/issues/1734

- use of the helper was generating deprecation warnings when building Admin
- removed the single usage in favor of using `{{perform}}` directly on a controller task property as there was no need to go via the route
- changed naming of task properties to include a `...Task` suffix so it's clear when dealing with a task object
2022-08-30 16:44:50 +01:00
renovate[bot]
9355c6d8fa
Update dependency mailgun.js to v8.0.1 2022-08-30 08:10:52 +00:00
renovate[bot]
619af026d6
Update dependency luxon to v3.0.3 2022-08-29 18:37:24 +00:00
renovate[bot]
ced7f41112
Update Test & linting packages 2022-08-29 15:21:11 +00:00
renovate[bot]
df2a97032d Update dependency testem to v3.9.0 2022-08-29 16:19:01 +01:00
renovate[bot]
ea5942ef3d
Update dependency luxon to v3.0.2 2022-08-29 00:09:28 +00:00
renovate[bot]
0cbaa8f73d
Update dependency tough-cookie to v4.1.2 2022-08-25 23:44:35 +00:00
Simon Backx
232882daa2 Mapped '/' attribution url to homepage
fixes https://github.com/TryGhost/Team/issues/1846

- Shows homepage instead of / for attribution values
2022-08-25 14:51:38 +02:00
renovate[bot]
966d324e7f
Update dependency eslint-plugin-react to v7.31.0 2022-08-25 01:35:14 +00:00
renovate[bot]
d8e937c635
Update dependency tough-cookie to v4.1.1 2022-08-24 21:22:24 +00:00
renovate[bot]
fce4b26601 Update dependency @types/jsonwebtoken to v8.5.9 2022-08-24 16:54:58 +02:00
Daniel Lockyer
989c1b7fb4
Removed unused matchdep dependency
- this was only needed when we used Grunt in the Admin package, which I
  removed several releases ago
2022-08-24 11:00:26 +02:00
Daniel Lockyer
ff74f04600
Removed @tryghost/members-csv external import
- this package now lives in the Ghost monorepo so we should just use that
2022-08-24 10:57:48 +02:00
renovate[bot]
c860b5b715 Update dependency @playwright/test to v1.25.1 2022-08-24 08:42:13 +02:00
renovate[bot]
456abc3ef2
Update dependency terser to v5.15.0 2022-08-23 19:47:07 +00:00
renovate[bot]
56da2a2be0
Update dependency tough-cookie to v4.1.0 2022-08-23 02:06:33 +00:00
renovate[bot]
7d5f282e14
Update metascraper to v5.30.3 2022-08-22 22:36:29 +00:00
renovate[bot]
02d66ee30a Update dependency date-fns to v2.29.2 2022-08-18 17:15:58 +02:00
renovate[bot]
16cff6d70e Lock file maintenance 2022-08-18 12:01:28 +02:00
Daniel Lockyer
f51226e5fb Organized package dependencies
- cleaned up unused dependencies
- adds missing dependencies that are used in the code
- this should help us be more explicit about the dependencies a package
  uses
2022-08-18 11:55:49 +02:00
renovate[bot]
0f998e30aa Update sentry-javascript monorepo to v7.11.1 2022-08-17 21:53:41 +02:00
renovate[bot]
79f28a82a3 Update sentry-javascript monorepo to v7.11.0 2022-08-17 21:16:25 +02:00
renovate[bot]
f348fc3223
Updated @tryghost dependencies (#15235)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-17 08:45:47 +02:00
Daniel Lockyer
3cf64a1e78 Switched Mailgun SDK from mailgun-js to mailgun.js
refs https://github.com/TryGhost/Toolbox/issues/363

- this commit switches us to using the official and maintained
  `mailgun.js` SDK, and updates the `mailgun-client` code to reflect the
  changes between the two
2022-08-17 08:45:21 +02:00
Daniel Lockyer
d7aa064e0f
🐛 Fixed adding emojis in editor
fixes https://github.com/TryGhost/Ghost/issues/11541

- due to an upstream bug, typing emojis using Safari would show square
  boxes in the editor
- the upstream patch has been fixed, so I've pulled it into our
  mobiledoc-kit fork
- this commit bumps that package to fix the issue in Ghost
2022-08-16 11:40:01 +02:00
renovate[bot]
23b37a68a6 Update metascraper to v5.30.2 2022-08-15 12:42:39 +02:00
renovate[bot]
7f5d95ffff Update @tryghost 2022-08-15 10:08:46 +02:00
renovate[bot]
7d3f5d3165 Update dependency eslint to v8.22.0 2022-08-15 10:07:34 +02:00
renovate[bot]
5250dd9a12 Update dependency cssnano to v5.1.13 2022-08-13 11:20:27 +02:00
renovate[bot]
9b7604b999 Update sentry-javascript monorepo to v7.10.0 2022-08-11 18:03:48 +02:00
renovate[bot]
74f1d9240b Update dependency @playwright/test to v1.25.0 2022-08-11 10:04:32 +02:00
renovate[bot]
4daee2a002 Update dependency csso to v5.0.5 2022-08-11 09:30:13 +02:00
Simon Backx
82a3133ace
Added replies/likes count and limited replies to comments (#15206)
refs https://github.com/TryGhost/Team/issues/1723

- Added count.replies to comments
- Added replies endpoint
- Limited returned replies to 3.
- Replaced likes_count with count.likes in comments
- Instead of fetching all the likes of a comment to determine the total count, we'll now use count.likes
- Instead of fetching all the likes of a comment to determine whether a member liked a comment, we'll now use count.liked (which returns the amount of likes of the current member, being 0 or 1). This is mapped to `liked` to make it more natural to work with.

The `members.test.snap` file changed because we no longer include `liked: false` if we didn't fetch the liked relation. And in the comments events of the activity feed the liked property is therefore removed.

These changes requires an update to the `bookshelf-include-count` plugin:
- Updated to also work for nested relations
- This moves the count queries from the `bookshelf-include-count` plugin to the `countRelations` method of each model.
- Updated to keep the counts after saving a model (crud.edit didn't return the counts before)
2022-08-10 16:12:35 +02:00
Kevin Ansfield
9b33587e73
🐛 Fixed Admin UI freezing when interacting with dropdown lists 2022-08-09 16:54:05 +02:00
Daniel Lockyer
cee420d884
Restored eslint plugin compatibility for Node 14.17.0
- `eslint-plugin-ghost` v2.15.0 bumped `eslint-plugin-unicorn` to a
  version that required Node 14.18.0
- we don't support that minimum right now so this commit bumps the Ghost
  plugin which contains a revert to that plugin
2022-08-09 16:01:52 +02:00
Daniel Lockyer
6dde5e40e3
Updated Eslint ECMAScript compatibility to 2022
refs https://github.com/TryGhost/Toolbox/issues/345

- this commit bumps `eslint-plugin-ghost`, which bumps compatiblity to
  2022
- this also removes a lot of the manually-added
  `parserOptions.ecmaVersion` that we had in imported packages, in favor
  of the value set in `eslint-plugin-ghost`
2022-08-09 15:51:40 +02:00
renovate[bot]
ac2ddee8fb Update dependency postcss to v8.4.16 2022-08-09 12:54:15 +02:00
Rishabh
98b21d18f9 Allowed null value for trial days in tiers api
refs e26c977c66

- allows trial days to be null in admin api schema when set via tiers api
2022-08-09 14:14:22 +05:30
Daniel Lockyer
c2e45b657f Removed bthreads dependency in favor of native worker_threads
fixes https://github.com/TryGhost/Toolbox/issues/370

- we no longer need `bthreads` because we can use native
  `worker_threads` now we don't have to support Node 10 any longer
- this allows us to clean up a dependency and stick with native
  libraries
- the referenced node-sqlite3 issue should be fixed (or at least, we now
  maintain it so we can fix it if not)
2022-08-09 09:04:59 +02:00
renovate[bot]
db86e21512
Update dependency juice to v8.1.0 2022-08-09 05:03:08 +00:00
Fabien 'egg' O'Carroll
e26c977c66
🐛 Fixed saving membership settings (#15196)
refs https://github.com/TryGhost/Ghost/commit/a58efd6b

The references commit updated the admin-api-schema to require the `trail_days`
property, which is not yet supported by the Admin. When saving membership
setting we also save all the Tiers, which then causes the validation to fail.

Until the Admin supports the property we should remove validation from the API
2022-08-08 19:10:54 +01:00
Daniel Lockyer
71b599b632
Removed coffeescript dev dependency
refs 82dcc042cd

- `coffeescript` was only added in the first place because of an update
  to `grunt-bg-shell`, which required it
- since then, we've removed `grunt-bg-shell`, so we don't need this
  dependency any further
2022-08-08 12:37:07 +02:00
renovate[bot]
7e2d61b64a Lock file maintenance 2022-08-07 09:44:55 +00:00
renovate[bot]
6d9a5cc28a
Update metascraper to v5.30.1 2022-08-05 19:09:11 +00:00
renovate[bot]
8733bf1bba
Update dependency ember-template-lint to v4.12.0 2022-08-05 17:00:22 +00:00
renovate[bot]
342ced452e Update sentry-javascript monorepo to v7.9.0 2022-08-05 16:05:30 +02:00
Daniel Lockyer
ad209f3a7d
Improved yarn dev development tooling
- this commit switches our `yarn dev` workflow from heavily relying on
  Grunt, to using `nodemon` and `concurrently`
- we're doing this to reduce reliance on Grunt, but also to fix several
  nits with the way `yarn dev` works in the monorepo
- we now use `nodemon` to run the Ghost backend, and it should
  auto-refresh whenever you change a file in any of the packages (except
  `admin`)
- we use `concurrently` to simultaneously run `ghost` and `admin` at
  the same time. it seems to handle process cleanup well and has nice
  colored prefixes to help with differentiating between log output
- this commit ends up removing a handful of Grunt dependencies and
  reduces the functionality stored in the Gruntfile
- on the whole, it should keep existing functionality but there may be
  some small underlying changes to get used to
2022-08-05 15:54:37 +02:00
Rishabh
a58efd6ba1 Updated admin api schema to include trial days on tiers
refs https://github.com/TryGhost/Team/issues/1724
2022-08-05 17:23:40 +05:30
Daniel Lockyer
a0dca653e7
Updated @tryghost/* packages
- these were all published from the SDK repo
2022-08-05 13:30:50 +02:00
Daniel Lockyer
dd41929251
Removed Grunt from Admin
- as part of our effort to reduce our usage of Grunt in favor of more
  maintainable (and maintained) alternatives, this commit removes Grunt
  from Admin
- the main difference here is switching from subgrunt to shell, which
  should be a nice stepping stone to removing Grunt altogether one day
2022-08-05 09:53:08 +02:00
Daniel Lockyer
5f8b448ab6
Deleted @types/node dependency
- this was originally imported to bring better types in but is no longer
  needed right now
2022-08-05 08:58:49 +02:00
renovate[bot]
ef588daa9a Update dependency @types/nodemailer to v6.4.5 2022-08-05 08:34:39 +02:00
renovate[bot]
a78925e13d
Update dependency @html-next/vertical-collection to v3.1.0 (#15170)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 21:24:40 +01:00
renovate[bot]
7cb6bcac85
Update dependency @tryghost/kg-mobiledoc-html-renderer to v5.3.6 (#15118)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 21:23:54 +01:00
renovate[bot]
f4a31aae7d
Update dependency @tryghost/kg-default-atoms to v3.1.3 (#15115)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 12:17:58 +01:00
renovate[bot]
4957298e68
Update dependency @tryghost/kg-markdown-html-renderer to v5.1.6 (#15117)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 12:17:04 +01:00
renovate[bot]
88436506f4
Update dependency @tryghost/kg-default-cards to v5.16.3 (#15116)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 11:06:18 +01:00
renovate[bot]
4868989a4a
Update dependency @tryghost/kg-card-factory to v3.1.4 (#15114)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 11:05:55 +01:00
Daniel Lockyer
b66969501c
Deleted csscomb plugin from Admin
- we're meant to be running our CSS through csscomb in order to apply
  specific code styles, but the reality is that it never gets used
- keeping csscomb around just adds to the package cruft and so this
  commit cleans up references to it in order to
2022-08-04 12:05:37 +02:00
renovate[bot]
feff2e5d26
Pinned dependencies (#15163)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-08-04 08:21:51 +02:00
renovate[bot]
30ccb45fe8
Update dependency ember-template-lint to v4.11.0 2022-08-03 20:40:50 +00:00
Daniel Lockyer
a398a0e57d
Cleaned up subgrunt usage between Ghost and Admin
refs https://github.com/TryGhost/Toolbox/issues/365

- some of this was barely used anyway, but now Admin is a package in the
  monorepo, we don't need to be installing dependencies twice
2022-08-03 17:05:57 +02:00
Daniel Lockyer
464b5ca426 Extracted html-to-plaintext shared lib into package
refs https://github.com/TryGhost/Toolbox/issues/363

- this shared library is standalone, and it used in various places of
  Ghost core, so we can pull it out to keep it easier to reason about
- we also use the `html-to-text` dependency in another package but it's
  outdated and could now switch to this new package
2022-08-03 16:51:56 +02:00
Daniel Lockyer
70b22d521d
Updated lockfile 2022-08-03 15:55:13 +02:00
renovate[bot]
81ce63f584 Pin dependency @types/common-tags to 1.8.1 2022-08-03 13:05:20 +02:00
Daniel Lockyer
02e696bd2f
Pinned dependency
- this should be pinned because Ghost is an application
2022-08-03 12:56:14 +02:00
Fabien "egg" O'Carroll
b8e3eb55cd Updated GScan to support comment_count and comments helpers
refs https://github.com/TryGhost/Team/issues/1695

Since these helpers take params now, we need to explicity add them
to the list of known helpers.
2022-08-03 11:52:08 +01:00
Fabien "egg" O'Carroll
023d85d561 Updated comment_count helper and frontend script
refs https://github.com/TryGhost/Team/issues/1695

This updates the comment_count helper from a block to inline, and the
frontend script to replace the entire element with the comment count
text. This means that theme designers will have the most flexibility
as they can choose whether or not to wrap the text in an element, as
well as which element.
2022-08-03 11:52:08 +01:00
renovate[bot]
3c47d61e68 Update dependency analytics-node to v6.2.0 2022-08-03 08:26:33 +02:00
Daniel Lockyer
82e7a0f103
Cleaned up Grunt copy plugin
refs 0a34be4012

- the admin html is no longer stored in core/server, and we don't need to
  copy the production file to default.html
- this commit cleans up the grunt command to do this, and removes the
  plugin whose only use was doing this
- this takes us another step closer to removing grunt
2022-08-02 21:14:04 +02:00
Daniel Lockyer
b9a0cc04b9
Switched out @lodder/grunt-postcss for postcss-cli
- this commit switches out the Grunt postcss plugin with the official
  postcss CLI
- this means we can remove yet another step from Grunt, which helps
  towards our goal of removing Grunt entirely
- I've confirmed the minified output is exactly the same as before
2022-08-02 20:27:44 +02:00
renovate[bot]
9652d5ab32 Update dependency luxon to v3 2022-08-02 17:17:29 +02:00
renovate[bot]
7147495f3a Update dependency @tryghost/html-to-mobiledoc to v1.8.7 2022-08-02 17:13:28 +02:00
renovate[bot]
f132475ff9
Update dependency @sentry/node to v7.8.1 2022-08-01 20:49:21 +00:00
renovate[bot]
4cbb622334 Update dependency @tryghost/image-transform to v1.2.1 2022-08-01 15:28:09 +02:00
Simon Backx
b7f3892be0
Added format option to img-url helper (#14962)
fixes https://github.com/TryGhost/Ghost/issues/14323

- Fixed support for resizing images from Unsplash using the `img-url` helper (previously the size property was ignored for images from Unsplash)
- Added support for `avif` file formats (supported by sharp out of the box)
- Added support for setting the format of images, with a new  `format` option:

E.g. to convert an image to webp (only works in combination with size for now, except for Unsplash where you can use it without size):
```
{{img_url @site.cover_image size="s" format="webp"}}
```

This can help improve the performance of a theme, by serving assets in `<picture>` elements with webp and fallback image formats.

Usage example:
```html
<picture>
    <source 
        srcset="{{img_url feature_image size="s" format="avif"}} 300w,
                {{img_url feature_image size="m" format="avif"}} 600w,
                {{img_url feature_image size="l" format="avif"}} 1000w,
                {{img_url feature_image size="xl" format="avif"}} 2000w"
        sizes="(min-width: 1400px) 1400px, 92vw" 
        type="image/avif"
    >
    <source 
        srcset="{{img_url feature_image size="s" format="webp"}} 300w,
                {{img_url feature_image size="m" format="webp"}} 600w,
                {{img_url feature_image size="l" format="webp"}} 1000w,
                {{img_url feature_image size="xl" format="webp"}} 2000w"
        sizes="(min-width: 1400px) 1400px, 92vw" 
        type="image/webp"
    >
    <img
        srcset="{{img_url feature_image size="s"}} 300w,
                {{img_url feature_image size="m"}} 600w,
                {{img_url feature_image size="l"}} 1000w,
                {{img_url feature_image size="xl"}} 2000w"
        sizes="(min-width: 1400px) 1400px, 92vw"
        src="{{img_url feature_image size="xl"}}"
        alt="{{#if feature_image_alt}}{{feature_image_alt}}{{else}}{{title}}{{/if}}"
    >
</picture>
```
2022-08-01 14:45:54 +02:00
renovate[bot]
2c27d45473 Update dependency knex-migrator to v5.0.3 2022-08-01 08:57:57 +02:00
renovate[bot]
9c65aa166f Update dependency @playwright/test to v1.24.2 2022-08-01 08:42:59 +02:00
renovate[bot]
f325241430
Update dependency eslint to v8.21.0 2022-08-01 04:27:05 +00:00
renovate[bot]
b88f989f5f
Update dependency sqlite3 to v5.0.11 2022-08-01 02:02:20 +00:00
renovate[bot]
828587378c Update dependency @sentry/node to v7.8.0 2022-07-28 21:19:39 +00:00
Daniel Lockyer
5417c9edd2
Fixed dependencies for settings-path-manager
- it was incorrectly referencing `tpl` as a dependency, which must have
  been accidentally included when the package was created
- this has been switched out for `@tryghost/tpl`
- also added the missing `@tryghost/errors` dependency
2022-07-27 08:51:44 +02:00
Daniel Lockyer
a9cffd9550
Pinned all dependencies
- we should pin all dependencies so we know what is getting shipped in
  the application
2022-07-27 08:44:50 +02:00
renovate[bot]
0270f7833f
Update dependency date-fns to v2.29.1 2022-07-27 03:32:41 +00:00
renovate[bot]
6d1e8181f8
Update dependency csso to v5.0.4 2022-07-27 01:19:54 +00:00
renovate[bot]
b33c07a5eb
Pin dependency terser to 5.14.2 2022-07-26 22:28:18 +00:00
renovate[bot]
4857b6440d Update dependency terser to v5.14.2 [SECURITY] 2022-07-26 22:27:12 +00:00
renovate[bot]
d6bdef8437
Pin dependency csso to v 2022-07-26 17:57:48 +00:00
renovate[bot]
9973b5419c Update dependency @playwright/test to v1.24.1 2022-07-26 18:18:50 +02:00
renovate[bot]
679634342a
Pinned dependencies (#15100)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-07-26 16:06:00 +02:00
Daniel Lockyer
9e8a9f4ebc
Updated lockfile 2022-07-26 14:48:17 +02:00
renovate[bot]
fd41b48f41 Update dependency @tryghost/limit-service to v1.2.2 2022-07-26 11:56:19 +02:00
Daniel Lockyer
d08144e2bf
Updated @tryghost packages
- this commit bumps all `@tryghost` packages that only contain
  dependency updates
2022-07-25 22:28:24 +02:00
Daniel Lockyer
c376587288
Moved yarn main functionality up to root yarn script
- since we've turned the repo into a monorepo, the `yarn main` scripts
  have lived in their original place under `ghost/core` package.json and
  Gruntfile.js
- for one, we want to remove grunt because it's terribly old and our use
  is hacked together
- secondly, `yarn main` applies to the monorepo + submodules as a whole,
  and not just the Ghost core folder
- this commit extracts the functionality into yarn scripts in the
  top-level and removes the dependency that was required
2022-07-25 18:30:21 +02:00
renovate[bot]
396bc865a9
Update dependency knex-migrator to v5.0.2 2022-07-25 11:11:31 +00:00
Naz
5f2967cf27 Added support for offloaded oneoff jobs
refs https://github.com/TryGhost/Toolbox/issues/357

- Adds support for persisted one off offloaded (worker thread) jobs
- To try them out run Ghost instance in "testmode" and shoo a request like so: `curl http://localhost:2368/ghost/api/oneoff/graceful-job` - this starts a one time job from graceful-job script (can only ever be executed once on the Ghost instance)
- Job's progress and runtime details are persisted in `jobs` table
- To play more with one off jobs use `addOneOffJob` method available on jobsService
2022-07-22 18:19:07 +01:00
renovate[bot]
e9132d7572
Update dependency sqlite3 to v5.0.10 2022-07-22 12:09:33 +00:00
renovate[bot]
2339577dd3 Update dependency metascraper-logo-favicon to v5.30.0 2022-07-22 08:34:07 +00:00
renovate[bot]
33b3fab663 Update dependency @playwright/test to v1.24.0 2022-07-22 09:39:38 +02:00
renovate[bot]
c34edc9f26
Pin dependency pump to 3.0.0 2022-07-21 18:04:31 +00:00
renovate[bot]
d228144c27 Pin dependencies 2022-07-21 16:27:57 +02:00
renovate[bot]
6ebe34fdf0 Update dependency @playwright/test to v1.23.4 2022-07-21 14:37:19 +02:00
Daniel Lockyer
2c59f5342b
Switched away from using @nexes packages
- we renamed the scope to `@tryghost` a while back, and published new
  versions, but these packages seem to have been missed during the
  rename
2022-07-21 12:38:09 +02:00
Daniel Lockyer
ec7dad9a52
Updated lockfile 2022-07-21 09:06:30 +02:00
renovate[bot]
6a18b50b8a
Update dependency sanitize-html to v2.7.1 2022-07-20 19:40:39 +00:00
Daniel Lockyer
273d53cf09
Updated testing & linting packages
- these weren't updated in core before the migration, so we ended up
  with two different versions in yarn.lock
2022-07-20 18:05:27 +02:00
Daniel Lockyer
08779bc977
Fixed version of email-analytics-service within email-analytics-provider-mailgun
- this was missed during the migration but needs to happen so the
  packages are linked and re-used
2022-07-20 18:00:17 +02:00
Daniel Lockyer
abdcd9a650
Switched to @tryghost/nql-lang
- we moved this from `@nexes` to the `@tryghost` organization a while
  back, and this was missed from the switchover
2022-07-20 17:54:13 +02:00
Daniel Lockyer
9fa789159c
Reset Publishing packages version and visibility
refs https://github.com/TryGhost/Toolbox/issues/354

- these packages are here for development and will be bundled when
  published, so they don't need versioning nor publishing
2022-07-20 17:20:24 +02:00
Daniel Lockyer
3d989eba23 Converted Ghost repo into a monorepo
refs https://github.com/TryGhost/Toolbox/issues/354

- this commit turns the Ghost repo into a monorepo so we can bring our
  internal packages back in, which makes life easier when working on
  Ghost
2022-07-20 16:41:05 +02:00
renovate[bot]
ecfa22efab
Update dependency metascraper to v5.29.18 2022-07-20 12:33:47 +00:00
renovate[bot]
b671504a2c
Update Test & linting packages 2022-07-19 19:25:37 +00:00
Daniel Lockyer
8be9db7bcf
Merged v5.4.1 into main
v5.4.1
2022-07-19 16:01:04 +02:00
Daniel Lockyer
445d5b4da2
🐛 Fixed new member count helpers not included in GScan helpers
- this was due to GScan not being published and bumped before the member
  count helpers were merged into Ghost and released
2022-07-19 15:41:02 +02:00
Daniel Lockyer
48194ff444
Refactored release workflow
- up until now, we've been running `grunt release` before publishing to
  NPM or pushing the canary zip
- this command runs the production asset build and generates a zip
- this zip isn't used by the NPM publishing task because that does an
  `npm pack`
- we only use it for the canary build, but this should be brought more
  inline with the NPM process to make the gaps smaller
- this commit refactors the `grunt release` task to become a lot smaller
  by removing the generated zip steps
- the expected workflow is now to just to an `npm pack`, which will run
  the `prepack` task to generate a `.tgz` archive
- this should still respect `.npmignore`, so it'll just include the
  files we expect
- the test of the canary workflow is being updated to handle this
- also cleans up a dev dependency that is no longer used, along with 2
  imports
2022-07-19 08:32:54 +02:00
renovate[bot]
94072c4a32
Update dependency knex to v2.2.0 2022-07-18 22:37:53 +00:00
renovate[bot]
fb074f6fba
Update dependency eslint to v8.20.0 2022-07-18 00:52:24 +00:00
renovate[bot]
45594680c0
Update dependency @sentry/node to v7.7.0 2022-07-15 15:01:46 +00:00
Daniel Lockyer
388c28f4b5
Updated dependency knex-migrator to v5.0.1
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-07-15 15:35:51 +01:00
renovate[bot]
7b6bf4cf67 Update dependency sqlite3 to v5.0.9 2022-07-15 12:18:48 +01:00
Fabien 'egg' O'Carroll
e60806de45
Redirected Members to previous post/page upon sign-in
refs https://github.com/TryGhost/Team/issues/1174
refs https://github.com/TryGhost/Members/pull/408

When logged out members navigate a site and want to interact with, for example
comments, they are redirected to the homepage after sign-in with the magic link,
this is disorientating, and means they then need to navigate back to the content
they were interacting with.

This change means that sign-in's will be redirected to the page from which they 
were initiated, allowing a more streamlined flow for logged out members wanting
to add comments.

We've restricted the redirect to URI's which are on the same domain as the site,
and we also do a relative redirect, this is to ensure that a malicious actor does not
send magic links which redirect off-site and leak authentication details
2022-07-15 11:55:09 +01:00
naz
6901c3c435
🐛 Fixed 'comped' flag behavior in Member API (#15030)
closes https://github.com/TryGhost/Team/issues/1674

- The comped flag in Members API unintentionally stopped working when v3 API was dropped with the release of Ghost v5. The flag is deprecated but should be back-compatible for now - we don't want to break integratons like Zapier.
- To properly deprecate the flag we need to plan it's removal and start signalling about it through the version headers

Co-authored-by: Simon Backx <simon@ghost.org>
2022-07-15 11:16:06 +01:00
Ronald Langeveld
a0c8db46fb
Member Counter template helpers (#15013)
ref https://github.com/TryGhost/Team/issues/1667

Introducing 2 new helper handlebars tags, `{{total_members}}` and `{{total_paid_members}}` ideal for Member Sites who want to display these metrics to incentivise users to upgrade.
2022-07-14 10:10:02 +02:00
renovate[bot]
b6818b77bd Update dependency @playwright/test to v1.23.3 2022-07-14 08:42:49 +01:00
renovate[bot]
000fc98f24
Update dependency analytics-node to v6.1.0 2022-07-13 20:00:15 +00:00
Simon Backx
90461c42d2
Added subscriber signup and cancellation deltas to stats API (#15023)
refs https://github.com/TryGhost/Team/issues/1673

When a user switches plan, the paid subscribers delta chart on the dashboard displays the change as a cancellation plus a new subscription. This display is misleading and confusing - instead, plan changes should be excluded from the paid subscribers delta chart.

To accomplish this, we added new properties to the API (signups and cancellations) that can be used to exclude plan changes in the statistics.

Changes in `@tryghost/stats-service`: d0dd218fc7

Related admin changes: https://github.com/TryGhost/Admin/pull/2425
2022-07-13 13:45:24 +02:00
renovate[bot]
a23cf94b60
Update dependency image-size to v1.0.2 2022-07-12 15:25:08 +00:00
Simon Backx
96504008c1 Added member API for changing enable_comment_notifications and comments_enabled setting
refs https://github.com/TryGhost/Team/issues/1664

These changes are required for Portal to be able to edit the member notification preferences for comments, and to be able to know whether comments are enabled for the site.
2022-07-12 10:24:02 +02:00
renovate[bot]
4134a6ac4c
Update dependency luxon to v2.5.0 2022-07-11 05:29:16 +00:00
renovate[bot]
780731c8a4
Update metascraper to v5.29.15 2022-07-11 02:23:49 +00:00
renovate[bot]
a07a2361d0
Update dependency @sentry/node to v7.6.0 2022-07-08 23:27:24 +00:00
renovate[bot]
1cadf85020 Update dependency @playwright/test to v1.23.2 2022-07-08 08:45:34 +02:00
renovate[bot]
3e1978fd18 Update dependency @sentry/node to v7 2022-07-07 08:58:02 +02:00
renovate[bot]
1bc6148e28
Update dependency supertest to v6.2.4 2022-07-04 17:30:52 +00:00
renovate[bot]
f24dfb409d
Update dependency eslint to v8.19.0 2022-07-04 02:12:22 +00:00
renovate[bot]
d73d9079cd Update dependency cssnano to v5.1.12 2022-07-01 07:00:33 -04:00
Renovate Bot
28eedce347 Update dependency jwks-rsa to v2.1.4 2022-07-01 07:00:03 -04:00
renovate[bot]
e7e987f298 Update dependency cli-progress to v3.11.2 2022-07-01 06:59:22 -04:00
renovate[bot]
a470ab22b8 Update dependency @playwright/test to v1.23.1 2022-07-01 06:59:08 -04:00
renovate[bot]
5bbfca01ea
Update dependency nock to v13.2.8 2022-06-30 21:27:59 +00:00
renovate[bot]
d8a27c78f5
Update metascraper to v5.29.14 2022-06-30 12:13:11 +00:00
renovate[bot]
464f4b6769
Update metascraper to v5.29.13 2022-06-29 18:09:52 +00:00
renovate[bot]
15294f4056
Update dependency metascraper to v5.29.12 2022-06-27 13:46:05 +00:00
renovate[bot]
630149e9c6
Update metascraper to v5.29.11 2022-06-21 11:45:54 +00:00
renovate[bot]
148bb7b506
Update metascraper to v5.29.10 2022-06-20 00:39:07 +00:00
renovate[bot]
b46e7deae5
Update dependency eslint to v8.18.0 2022-06-17 22:05:10 +00:00
Renovate Bot
e53bd0bfd5
Update dependency nock to v13.2.7 2022-06-15 03:00:51 +00:00
Renovate Bot
4c16cb9624
Update Test & linting packages 2022-06-06 03:00:14 +00:00
Matt Hanley
2ecb4acc85 Updated gscan 2022-06-03 16:09:34 +01:00
Naz
cb24a0d3f0 Fixed webhook snapshot test error output
refs https://github.com/TryGhost/Toolbox/issues/320

- When the snapshot test failed a misleading error was showing up. The bump fixed that bug.
2022-06-03 11:57:39 +08:00
Naz
c7e833545b Extracted webhook mock receiver into a package
refs https://github.com/TryGhost/Toolbox/issues/320

- Following the rule of having minimum code changes in the Ghost core codebase. This module belongs to "framework" along with other testing tools anyway.
- The bump includes a noteworthy changes - the "snapshotManager" was extracted into a separate exposed property of express-test API (maybe should be even it's own separate concept eventually, for now exposing it was enough). "snapshotManager" had to be exposed to be able to pass it to the webhook mock receiver - to use same instance configured with mocha hooks. snapshotManager has to be a singleton in the system to configure snapshots correctly through mochaHooks.
2022-06-03 11:57:39 +08:00
Matt Hanley
54d88cf689 Updated packages 2022-06-01 16:07:14 +01:00
Fabien 'egg' O'Carroll
6c455dc1f2
🐛 Fixed Stripe Checkout for Members w/ existing subscriptions (#14953)
refs https://github.com/TryGhost/Team/issues/1526

This adds a check for existing subscriptions for a member associated with the
email addressed used for Stripe Checkout, if any are found the Checkout Session
creation fails and responds with a 403.

We've also updated the error handling for the create-stripe-checkout-session
endpoint so that it follows the existing Ghost API patterns.
2022-06-01 15:53:05 +01:00
Renovate Bot
4feb5873b6
Update dependency express-jwt to v7.7.5 2022-05-31 21:02:21 +00:00
Renovate Bot
4ddba47b00
Update dependency express-jwt to v7.7.3 2022-05-30 18:31:17 +00:00
Renovate Bot
367ad86e24
Update dependency knex-migrator to v4.2.11 2022-05-30 15:39:08 +00:00
Renovate Bot
8c601a411f
Update metascraper 2022-05-30 01:34:06 +00:00
Simon Backx
a051ab3b69
🎨 Reduced favicon requirements and added image formatting (#14918)
fixes https://github.com/TryGhost/Team/issues/1652
fixes https://github.com/TryGhost/Ghost/issues/13319

**Image formatting**
Added support for changing the format of images via the `handle-image-sizes` middleware (e.g. format SVG to png, jpeg, webp)

This change was required:
- Not all browsers support SVG favicons, so we need to convert them to PNGs
- We can't fit image resizing and formatting in the `serve-favicon` middleware: we need to store the resized image to avoid resizing on every request. This system was already present in the `handle-image-sizes` middleware.

To format an uploaded image:
- Original URL: https://localhost/blog/content/images/2022/05/giphy.gif
- To resize: https://localhost/blog/content/images/size/w256h256/2022/05/giphy.gif (already supported)
- To resize and format to webp: https://localhost/blog/content/images/size/w256h256/format/webp/2022/05/giphy.gif
- Animations are preserved when converting Gifs to Webp and in reverse, and also when only resizing (https://github.com/TryGhost/Ghost/issues/13319)

**Favicons**
- Custom favicons are no longer served via `/favicon.png` or `/favicon.ico` (only for default favicon), but use their full path
- Added support for uploading more image extensions in Ghost as a favicon: .jpg, .jpeg, .gif, .webp and .svg are now supported (already supported .png and .ico).
- File extensions other than jpg/jpeg, png, or ico will always get transformed to the image/png format to guarantee browser support (webp and svg images are not yet supported as favicons by all browsers).

For all image formats, other than .ico files:
- Allowed to upload images larger than 1000px in width and height, they will get cropped to 256x256px.
- Allowed uploading favicons that are not square. They will get cropped automatically.
- Allowed to upload larger files, up to 20MB (will get served at a lower file size after being resized)

For .svg files:
- The minimum size of 60x60px is no longer required.

For .ico files:
- The file size limit is increased to 200kb (coming from 100kb)
2022-05-27 16:36:53 +02:00
Hannah Wolfe
f805f1637c
🐛 Fixed reading time for RTL languages
closes: https://github.com/TryGhost/Ghost/issues/14365
closes: https://github.com/TryGhost/SDK/issues/366
closes: https://github.com/TryGhost/SDK/issues/389
refs: https://github.com/TryGhost/SDK/pull/431

- our word count helper has been updated to handle RTL languages
- this should also fix the reading time as it uses the same underlying function

Co-authored-by: Emmanuel-Melon <emmanuelgatwech@gmail.com>
2022-05-27 15:15:29 +01:00
Hannah Wolfe
558f2b3d0d
🐛 Fixed gscan not detecting issues in folders
refs: https://forum.ghost.org/t/gscan-not-picking-up-some-products-incompatibilities-for-5-0/30394/4
closes: https://github.com/TryGhost/Team/issues/1653

- gscan wasn't running the new linter-based rules on anything in a folder
2022-05-27 12:52:09 +01:00
Renovate Bot
8ed2af7c3f
Update dependency knex to v2.1.0 2022-05-26 16:37:11 +00:00
Simon Backx
ad349bb3a5
Removed GA feature flags (#14915)
refs https://github.com/TryGhost/Team/issues/1616

- Removed all GA feature flags
- Removed `tweetGridCard` alpha flag
- Changes to `members-api` and `members-importer` packages: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%408.1.1...%40tryghost/members-api%408.1.2
2022-05-26 09:54:30 +02:00
Renovate Bot
0545c9d194 Update metascraper to v5.29.6 2022-05-25 18:47:00 +00:00
Hannah Wolfe
a2cab6bdde
Update dependency gscan to v4.39.0 2022-05-24 17:39:47 +01:00
Matt Hanley
46307f8a03 Fixed typo in API version email notifications 2022-05-24 17:05:11 +01:00
Renovate Bot
ffb8b36fc8 Update dependency @playwright/test to v1.22.2 2022-05-24 08:37:44 +01:00
Renovate Bot
c590a9c29c Update dependency cssnano to v5.1.9 2022-05-24 08:37:35 +01:00
Naz
fcc9daf549 🐛 Fixed signing key mismatching in members JWT/JWKS
refs https://github.com/TryGhost/Team/issues/1640

- Some the clien libraries were not able to match the signin key to verify JWT when using `GET /members/.well-knonw/jwks.json` endpoint for member token verification. This issue was due to missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
2022-05-24 11:45:20 +08:00
Renovate Bot
96956c5931
Update dependency eslint to v8.16.0 2022-05-20 23:47:22 +00:00
Renovate Bot
e8a986c61b Update dependency gscan to v4.29.2 2022-05-20 13:16:47 +01:00
Renovate Bot
180be2c0ee Update dependency postcss to v8.4.14 2022-05-20 13:07:20 +01:00
Renovate Bot
70a1b7462c Update dependency jwks-rsa to v2.1.3 2022-05-20 13:07:08 +01:00
Simon Backx
419fa24f27
Fixed bulk unsubscribe counts (#14871)
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029

- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
2022-05-20 13:40:55 +02:00
Renovate Bot
5975740d69
Update dependency express-jwt to v7.7.2 2022-05-19 16:27:29 +00:00
Simon Backx
def8f83894
Fixed missing products in members export (#14867)
refs https://github.com/TryGhost/Team/issues/1642

- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?)  package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
2022-05-19 18:26:29 +02:00
Matt Hanley
309f17fd69 Fixed missing subscription deltas for reactivated subscriptions 2022-05-19 17:21:24 +01:00
Renovate Bot
7501407c4c Update dependency gscan to v4.29.1 2022-05-19 16:56:43 +01:00
Rishabh Garg
d90add9cd5
Fixed failing checkout session creation for offers (#14855)
- checkout session creation was failing when setup with `offerId` instead of `tierId` and `cadence`
- updates `members-api` to ignore cadence check to allow creation using `offerId` present in request
2022-05-18 15:10:07 +05:30
Renovate Bot
0d8ddd3c5e Update dependency cli-progress to v3.11.1 2022-05-18 10:03:30 +01:00
Renovate Bot
efc67b1783 Update dependency @playwright/test to v1.22.1 2022-05-17 15:55:31 +01:00
Matt Hanley
236d07c90a
Added CLI command structure (#14821)
Added CLI commands for REPL and timetravel functionality

- Added TimeTravel command for updating test data with a date offset
- Added REPL command for access to models and knex in development
- Added pattern for creating new CLI commands, including
  - User input
  - Output
  - Validation of `NODE_ENV`
- TimeTravel command is in the main Ghost repo because it requires the schema
2022-05-17 15:40:12 +01:00
Daniel Lockyer
5cd9d97a07
Updated @tryghost packages
- these packages contain small code changes or dependency updates that
  we've been forced to publish because of Lerna
2022-05-17 09:17:11 +01:00
Renovate Bot
bfc2ddec84 Update dependency knex-migrator to v4.2.10 2022-05-17 08:41:25 +01:00
Renovate Bot
68512147f0 Update dependency cssnano to v5.1.8 2022-05-17 07:55:58 +01:00
Renovate Bot
d8e9cbf9db
Update dependency c8 to v7.11.3 2022-05-17 00:26:57 +00:00
Fabien 'egg' O'Carroll
d9e6dfe97e
Updated Tiers API data structure (#14795)
refs https://github.com/TryGhost/Team/issues/1575

- Updates the admin-api-schema to reflect new data structure
- Updates members-api to allow Portal to use new data structure
- Data is only mapped at the serialised level to avoid changing the underlying implementation
- Ensure only one version of domain-events present in yarn.lock
2022-05-16 19:47:18 +01:00
Hannah Wolfe
12aff14dff Removed oauth experiment
refs: https://github.com/TryGhost/Team/issues/1625

- this didn't work the way we wanted to
- removing this will free up the namespaces to start over
2022-05-16 17:37:13 +01:00
Renovate Bot
55c065df62 Update dependency @tryghost/color-utils to v0.1.17 2022-05-16 09:40:55 +01:00
Renovate Bot
a2c5993625 Update dependency @tryghost/helpers to v1.1.68 2022-05-16 09:40:46 +01:00
Hannah Wolfe
f73a84abac Update dependency html-to-text to v8
refs: https://github.com/TryGhost/Ghost/pull/13035
refs: https://github.com/TryGhost/Team/issues/1609

- Upgraded to the latest html-to-text
- Matched the options to what we had as close as we can
- The output changes slightly, but in most cases those are bugfixes
- We are going to tune this output more soon, so accept the changes for now
2022-05-16 09:38:16 +01:00
Naz
f83ceb80d6 Removed need for redundant "strip" attribute in schemas
refs https://github.com/TryGhost/Toolbox/issues/314

- Writing schema definitions will become more concise without a need to specify all valid resource properties that could be accepted by the Admin API - no need to define "strip" attribute on every known
2022-05-16 15:44:25 +08:00
Naz
3e1d206d84 Added gscan check for {{@member.products}} helper
refs https://github.com/TryGhost/Toolbox/issues/329

- Adds and improves gscan checks for use of following helpers:
  - @labs.members
  - @member.products
  - @price

@labs.members going in favour @site.members_enabled

@member.products gone in favour of @member.subscriptions

@price and it's variations gone in favour of {{price}} + {{@member.subscriptions}}
2022-05-16 13:27:22 +08:00
Renovate Bot
0c7cf97615
Update dependency glob to v8.0.3 2022-05-13 23:55:59 +00:00
Renovate Bot
0d71521b3c
Update dependency express-jwt to v7.7.1 2022-05-13 17:31:50 +00:00
Renovate Bot
0f01aa6eea Update dependency @playwright/test to v1.22.0 2022-05-13 12:21:23 +01:00
Renovate Bot
f69fb3214b Update dependency eslint-plugin-ghost to v2.14.0 2022-05-13 09:29:19 +00:00
Renovate Bot
d3f29e53de Update dependency glob to v8.0.2 2022-05-13 08:00:26 +00:00
Daniel Lockyer
1e456f7e87
Updated all @tryghost packages
- these packages have had minor code changes or dependency updates but
  needed to be published to please Lerna
2022-05-12 16:50:18 +01:00
Renovate Bot
bfb7cecc8c Update dependency express-session to v1.17.3 2022-05-12 16:45:31 +01:00
Renovate Bot
a364fc3980 Update dependency jwks-rsa to v2.1.2 2022-05-12 16:45:21 +01:00
Rishabh Garg
f321ff2760
Fixed tier monthly/yearly price admin api schema (#14805)
- schema now allows null values for tier prices
2022-05-12 20:22:26 +05:30
Simon Backx
3214186f98
Improved newsletter limit checking (#14780)
refs https://github.com/TryGhost/Team/issues/1583

- Check limits when unarchiving newsletters
- Added tests for more scenarios
- When editing/adding newsletters, the limit check happens in the same transaction.
- `limit-service` was bumped to add transactions support
- Added transaction support for edit in newsletter service
2022-05-12 14:28:45 +02:00
Naz
9236b8a397 Relaxed validation rules + removed unknown properties
refs https://github.com/TryGhost/Toolbox/issues/314

- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
2022-05-12 18:06:38 +08:00
Matt Hanley
371f9996f5
Fixed filter mapping from subscribed to newsletters for bulk operations (#14787)
closes https://github.com/TryGhost/Team/issues/1606

- Fixed filter mapping from subscribed to newsletters for bulk operations
- Updated members-api package
2022-05-12 10:54:20 +01:00
Naz
d3f432f745 🔥 Removed versioning from json schema validation
refs https://github.com/TryGhost/Toolbox/issues/314

- With versioned API concept being dropped there's no need to rely on a specific version in validations either!
2022-05-12 16:08:23 +08:00
Hannah Wolfe
b29852b012
🔥 Removed support for http/https mixed mode (#14783)
closes: https://github.com/TryGhost/Toolbox/issues/324
refs: https://github.com/TryGhost/Ghost/issues/14446

- Currently, if url is configured to http but a request is marked secure, Ghost will handle upgrading all internal URLs to https so that there are no mixed content warnings
- From 5.0 that feature is going away, in favour of strictly honouring the configured URL
- Ghost will serve URLs exactly as configured and won't upgrade http to https anymore
- This use case was common when Ghost was first built, but in 2022 the web is mostly https.
- The code needed to support the feature creates a lot of additional complexity & maintenance overhead, so removing this gives us space to do more cool and useful stuff in 2022
2022-05-11 14:53:23 +01:00
Rishabh
7ab00c8eda Updated admin api schema for tiers
- added `id` and `description` to tiers schema
- added `tiers` column to members schema
2022-05-11 16:14:10 +05:30
Naz
f10f224668 Improved version mismatch notification email copy
refs https://github.com/TryGhost/Toolbox/issues/292

- Copy improvements were done base on feedback. Makes the information in the email more concise and removes unecessary/unsecure bits like query strings.
2022-05-11 10:53:42 +08:00
Renovate Bot
c0d82122b0 Update dependency grunt to v1.5.3 2022-05-10 14:57:10 +00:00
Naz
6934595053 Added Integration Name in version mismatch emails
refs https://github.com/TryGhost/Toolbox/issues/292

- Providing user-defined Integration name instead of API client's UserAgent gives a lot more control to instance administrators identifying which integration is being used incorrectly.
- It's best practice to create an Integration with a set of API keys per API client - which should be enough to identify an outdated one.
2022-05-10 17:55:18 +08:00
Simon Backx
fb60a0199c
Fixed editing members throwing when setting avatar_image (#14751)
refs https://ghost.slack.com/archives/C02G9E68C/p1652126859737159?thread_ts=1652126765.251419&cid=C02G9E68C

When you try to edit a member in the admin frontend, the `avatar_image` property is passed. But that field is not editable and should be ignored. Currently an error is thrown, but this update from `admin-api-schema` adds it as a skipped property to remove this error.
2022-05-10 10:00:27 +02:00
Renovate Bot
c753d61be6
Update dependency sinon to v14 2022-05-09 19:14:13 +00:00
Naz
b2db80c9fe Fixed missing failed request URL if version emails
refs https://github.com/TryGhost/Toolbox/issues/292

- The version mismatch notification emails were missing a URL of the endpoint that was being accessed by an outdated integraton
- Also squeezed in a refactor simplifying APIVersionCompatibilityService initialization
2022-05-09 20:11:25 +08:00
Simon Backx
21d9d20e3e
Included newsletter relation by default in posts (#14723)
refs https://github.com/TryGhost/Team/issues/1569

**Changes in admin-api-schema:**
- https://github.com/TryGhost/SDK/compare/%40tryghost/admin-api-schema%402.14.1...%40tryghost/admin-api-schema%402.15.0
- Ignore `newsletter` when used in input

**Changes**
- Added the `newsletter` relation as a default include for posts
- Removed the newsletter_id from the API output

**Tests**
- Test the newsletter relation is always loaded for browse, read, add and edit, unless the include option is added explicitly

Co-authored-by: Matt Hanley <git@matthanley.co.uk>
2022-05-09 11:06:59 +02:00
Renovate Bot
7d951f96f0 Update dependency jwks-rsa to v2.1.1 2022-05-09 08:37:13 +01:00
Renovate Bot
f5d4174e0d
Update dependency luxon to v2.4.0 2022-05-09 03:40:41 +00:00
Renovate Bot
b3c6801352
Update dependency eslint to v8.15.0 2022-05-09 00:38:13 +00:00
renovate[bot]
abd90be910
Update dependency @tryghost/mw-error-handler to v1 (#14719)
- Replaced usage of handleJSONResponseV2 with the newly renamed handleJSONResponse

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-07 15:28:28 +01:00
Renovate Bot
fb017d496e
Update dependency express-jwt to v7.7.0 2022-05-06 17:28:38 +00:00
Renovate Bot
4019964b15
Update dependency knex-migrator to v4.2.9 2022-05-06 16:54:08 +00:00
renovate[bot]
e0ce8995a7
Update dependency @tryghost/security to v0.3.0 (#14718)
- Swapped instances of createSecret for security.secret.create

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-06 17:53:10 +01:00
Renovate Bot
d7399faa81
Update dependency sqlite3 to v5.0.8 2022-05-06 12:52:08 +00:00
Daniel Lockyer
f6fb823ce9
Updated all @tryghost packages
- these packages have had minor code changes or dependency updates that
  have forced us to publish the packages in Lerna
- this commit updates all packages in one rollup commit
2022-05-06 12:55:29 +01:00
Renovate Bot
1afe52c657
Update dependency sqlite3 to v5.0.7 2022-05-05 18:34:13 +00:00
renovate[bot]
9aa8e3e7ff
Update dependency @tryghost/url-utils to v3 (#14705)
- updated usage of url-utils.urlFor to work with v3

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 16:10:18 +01:00
Naz
648530009d Added use of email templates for version mismatch notifications
refs https://github.com/TryGhost/Toolbox/issues/292

- This change allows to reuse existing pattern present in Ghost on the version mismatch service layer, where we define the contents of the sent email through email templates instead of plain text.
- Apart form templates, there's now failed request URL present in the data passed to the email template along with site title and site url
2022-05-05 18:26:08 +08:00
renovate[bot]
45695ef2d5
Update dependency @tryghost/mw-error-handler to v0.2.4 (#14677)
- Updated accept-version error message copy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 08:57:32 +01:00
Fabien 'egg' O'Carroll
2da52130a6
Removed hasActiveStripeSubscriptions endpoint (#14689)
refs https://github.com/TryGhost/Team/issues/1147

This endpoint is no longer used in 5.0
2022-05-04 17:25:21 +01:00
Simon Backx
473ac3b5a4
Fixed updating a non-existent member internal error (#14658)
refs https://github.com/TryGhost/Team/issues/1580

- When you try to edit a member that doesn't exist, a 500 error is thrown. We should throw a 404 error instead
- This is fixed by https://github.com/TryGhost/Members/pull/395
2022-05-04 13:51:35 +02:00
Simon Backx
ad1ebe6a47
Fixed error when firing Members webhooks (#14645)
refs https://github.com/TryGhost/Team/issues/1577

The last seen at was being updated via the model rather than the
respository, which mean that the default relations were not being
loaded.

This fix updates the repository to load the newseletters relation,
updates the last seen at updated to use the repository and updates the
output serializer to handle missing newsletter relation.

We also update all packages relying on the domain-events package to
ensure that they're all using the same version.

Co-authored-by: Fabien 'egg' O'Carroll <fabien@allou.is>
2022-05-04 12:42:27 +02:00
Naz
c627779948 Extracted email-content-generator into a package
refs https://github.com/TryGhost/Toolbox/issues/292

- Following the concept of having as little code in Ghost core as possible :) The email content generation is also needed to be reused in the version mismatch handling package.
2022-05-04 17:28:09 +08:00
Renovate Bot
7c992ef099
Update dependency express-jwt to v7.6.2 2022-05-03 15:17:44 +00:00
Renovate Bot
073b1f8dad Update dependency postcss to v8.4.13 2022-05-02 06:54:31 +01:00
Renovate Bot
e418630737
Update dependency mocha to v10 2022-05-02 01:29:26 +00:00
Renovate Bot
21b0ab0a8e
Update dependency express to v4.18.1 2022-04-29 21:07:20 +00:00
Simon Backx
104a0f5181
Fixed issue with new members always subscribing to defaults (#14629)
no issue

The member was updated when setting the geolocation, but that also included setting subscribed to true.
2022-04-28 13:21:38 +02:00
Daniel Lockyer
d5e7893212
Updated all @tryghost packages
- these packages contain minor code or dependency updates but we're
  forced to publish them because of Lerna
- this commit rolls up all pending updates into one commit to save noise
2022-04-28 11:54:29 +01:00
Renovate Bot
148779b74c Update dependency knex-migrator to v4.2.8 2022-04-28 11:24:13 +01:00
Renovate Bot
b58e7af65e Updated dependency express-jwt to v7
- also requires a small change to the imports to reflect an API change
2022-04-28 11:15:04 +01:00
Simon Backx
efdc42c257
Fixed bulk unsubscribe and updated member import tests (#14610)
refs https://github.com/TryGhost/Team/issues/1567

**Changes in members-api**
- Compare changes: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.1.0...%40tryghost/members-api%406.2.2
- Fixed bulk unsubscribe
- Deletes the newsletter relations instead of setting subscribed to false

**Test fail fix**
refs https://github.com/TryGhost/Ghost/pull/14621
refs https://ghost.slack.com/archives/C02G9E68C/p1651126990299689?thread_ts=1651072733.859939&cid=C02G9E68C

- Events didn't always have the same created_at as created members
- This caused a test to fail randomly in the main repo

**Changes**
- Added required helpers for members-api package
- Version bumps of other packages are only tooling related

**Tests**
- Tests if member import still works with the legacy `subscribed` flag
- Updated member importer to use multipleNewsletters flag
- Dropped legacy members tests
2022-04-28 09:50:05 +02:00
Renovate Bot
ad2903a196
Update dependency sqlite3 to v5.0.6 2022-04-27 21:40:10 +00:00
Fabien 'egg' O'Carroll
810c3077e8
Wired up LimitService to NewsletterService (#14602)
refs https://github.com/TryGhost/Team/issues/1549

This allows us to restrict certain sites to a single newsletter
2022-04-27 17:44:16 +01:00
Simon Backx
21af34a0d4
Added mapping from member subscribed to newsletters on edit/create (#14596)
refs https://github.com/TryGhost/Team/issues/1545

**Changes (`members-api`)**
- Compare via https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.0.0...%40tryghost/members-api%406.1.0
- Added mapping from member subscribed to newsletters on edit/create
- When editing or creating a member with the subscribed property, it is mapped to the corresponding newletters value
- Defaults to all active newsletters with visibility = members and subscribe_on_signup = true

**Tests**
- Adds test that adds a member with subscribed = true
- Adds test that adds a member with subscribed = false
- Adds test that edits a member with subscribed = true
- Adds test that edits a member with subscribed = false
2022-04-27 17:04:55 +02:00
Simon Backx
2cf76cb031
Added newsletter relation to subscribe events (#14585)
refs https://github.com/TryGhost/Team/issues/1478

**Changes**
- Added the newsletter relation to subscribe events

**Changes in `members-api`**
- Compare: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.0.0-alpha.0...%40tryghost/members-api%406.0.0
- Makes sure the newsletter relation is returned in the activity feed for susbcribe events (aka newsletter events).

**Tests**
- Added first test for activity feed to check if the newsletter relation is correctly fetched
2022-04-27 16:44:27 +02:00
Fabien 'egg' O'Carroll
d94859f2e5
Added /stats/subscriptions API (#14547)
refs https://github.com/TryGhost/Team/issues/1505
refs https://github.com/TryGhost/Team/issues/1466

Exposes an API for historical counts broken down by tier and cadence.

Counts backwards from the current stats like MRR to minimize inaccruate
data due to missing/superfluous events.
2022-04-27 14:53:32 +01:00
Renovate Bot
0a5fb7166a Update dependency supertest to v6.2.3 2022-04-27 06:49:47 +01:00
Renovate Bot
eec0c502d9
Update dependency @sentry/node to v6.19.7 2022-04-26 16:27:46 +00:00
Renovate Bot
2d08324238 Update dependency grunt-contrib-clean to v2.0.1 2022-04-26 17:25:59 +01:00
Renovate Bot
863c409ca3 Update dependency @playwright/test to v1.21.1 2022-04-26 17:25:39 +01:00
Renovate Bot
2a5af9c0c5 Update dependency jwks-rsa to v2.1.0 2022-04-26 17:21:23 +01:00
Daniel Lockyer
6747f3a93a Updated @tryghost packages
- these packages contain only code changes or dependency updates but
  we're force to publish new versions due to Lerna's limitations
- this commit bulk updates the packages to save having many commits
2022-04-26 16:54:44 +01:00
Daniel Lockyer
1122ce9cc6
🐛 Fixed credentials issue with SES mail transport
refs 58ace0af76

- please see the referenced commit above for full context but this
  commit bumps `@tryghost/nodemailer`, which contains a fix for reading
  credentials when using the SES mail transport
- credits to @touzoku
2022-04-26 16:40:45 +01:00
Renovate Bot
37f17f9dca Update dependency coffeescript to v2.7.0 2022-04-26 16:29:41 +01:00
Renovate Bot
6937b637ec Update dependency eslint to v8.14.0 2022-04-26 16:29:19 +01:00