- Updating our config to have `--check-coverage` enforces that the coverage meets a certain level.
- The default is 95 I believe, but our coverage is lower.
- I've set the levels to our current levels, so any drop below these numbers will cause the build to fail.
- I've also set the reporters to be text, html and cobertura so we always have a mini report, the full HTML files to navigate and cobertura for CI
- Cleaned up CI so we don't use the cov:unit command as we're now using codecov
- This also means we can remove the cov:unit command which was weird to use because it uses the last test run, which can be confusing
refs https://github.com/TryGhost/Team/issues/1313
Rather than removing the /products API we're adding a /tiers API as
a first step towards renaming "products" to "tiers". The initial idea was
to alias the URL's but out API framework doesn't easily allow for this so
we've duplicated it instead.
refs https://github.com/TryGhost/Toolbox/issues/215
- Ghost tests had difficulty running sometimes when the versions for jest-snapshot package did not match in Ghost and @tryghost/express-test
- This is the error that was showing up: `IncorrectUsageError: Unable to run snapshot tests, current test was not configured`
- The reason why snapshot tests were misconfigured was multiple instances of SnapshotManager, which broke the singleton pattern
- Having jest-snapshot embeded within express-test makes sure the versions stay the same across the clients
- The version bump also introduces passing "queryParams" parameter into the Agent constructor - enables configuring query parameters that would appear in each agent's request. Example usecase - Content API authentication parameter "key" would be nice to "remember" and add to every request URL
- I recently added a bunch of strict rules to our eslint plugin around returns: ca9af37866
- These mostly are issues that occur whilst writing code, that you spot and fix as you're developing, but they're annoying to notice/find and eslint can be used to flag them quickly
- There are of course, edge cases where you don't need to return from array fns, but this rule also suggests better patterns might be available
- For our excert helper and new assertEvent helper, I've updated the code to use simpler patterns that are easier to read, so as to avoid the warnings
- For our old API I've simply disabled the rule as we're about to delete this code
refs https://github.com/TryGhost/Toolbox/issues/214
- After calling `DELETE /settings/stripe/connect/` Admin API endpoint, stripe did not fully disconnect causing other Member API endpoints to behave as if Stripe was still configured
https://github.com/TryGhost/Team/issues/1374
When we receive a web hook to update payment details for a customer
which is not associated with a Member, instead of proceeding and erroring
we now return early and respond to Stripe with a 200. A test has been
added to ensure this
refs https://github.com/TryGhost/Toolbox/issues/207
- we want to start writing some E2E tests that involve automated
pointing and clicking around the frontend of Ghost to test that
members of Ghost sites can still do what we expect
- we've decided to look in to Playwright for this - it looks __really__
nice
- this is a VERY basic first test - it'll check for a 200 on the
homepage of whatever we provide as the TEST_URL env variable, or
default to a (manually-run) Ghost instance on port 2368
- also adds a `yarn test:browser` command to run the tests using the
Playwright CLI, and a sample GitHub Action workflow which we can
manually run with a site URL
- there's a lot more to add here in terms of test framework but this
gets us started
refs https://github.com/TryGhost/Toolbox/issues/210
- After updating to the newest `@tryghost/express-test`, it's dependency `@tryghost/jest-snapshot` was missmatched with the one used in Ghost itself. This caused multiple instances of SnapshotManager class in the system, which is meant to be a singleton!
- The issue was causing following error to appear: "IncorrectUsageError: Unable to run snapshot tests, current test was not configured"
refs https://github.com/TryGhost/Toolbox/issues/210
- Having assertions executed in the declaration order using superagent has lead to many frustrating developer experiences. For example when status code assertion fails there was usually no additional context to investigate the failure further. In this situation having a "response body" assertion executed usually would give many more clues on the actual problem at hand.
- The order of the assertions has been changed from the order in which they were declared to the following one based on assertion type:
1. `exect`
2. `expectHeader`
3. `expectStatus`
- For more on this topic check the documentation: cfd6e88fe2/packages/express-test (assertion-execution-order)
refs https://github.com/TryGhost/Toolbox/issues/208
- we currently run all test commands separately in CI and this can make
it harder to replicate any issues we see in CI because we have to
manually go and copy the order of the tests
- it's also nicer if there's just one command that runs so we can make
changes globally to CI
- this commit adds a test:ci yarn command which will run the tests in
order of speed/importance, with the -b AKA fail-fast flag so we
don't have to wait for all tests to run before finding out about
issues
- this also cleans up running unit tests in the DB matrix
refs https://github.com/TryGhost/Team/issues/1377
- bumped all packages that have a dependency on `@tryghost/kg-utils` to fix a bug in the `slugify()` utility that was throwing errors when the header or subheader was left blank in a header card
refs https://github.com/TryGhost/Team/issues/1377
- bumped all packages that have a dependency on `@tryghost/kg-utils` to fix a bug in the `slugify()` utility that was throwing errors when the header or subheader was left blank in a header card
- we've just fixed up the use of `@tryghost/errors` and bumped some
dependencies in all of our packages in Members
- this commit bumps all of those packages in Ghost so we can stay
up-to-date
refs https://github.com/TryGhost/Toolbox/issues/209
refs https://github.com/TryGhost/Toolbox/issues/210
- Fixed request header processing by the e2e-framework where it failed to lowercase incoming header keys. This bug made it harder to test code paths which involve header checking, e.g. following code: `req.headers['stripe-signature']` would not get a correct value if the header was specified as Stripe-Signature
- Additional output to the status code assertions was added - this allows to have more context when an invalid response code comes back in a test.
refs https://github.com/TryGhost/Team/issues/1322
Since the Members service is no longer started when Stripe is
reconfigured the url config used for checkout sessions was not updated.
This moves all of the default Stripe urls into the Stripe service, where
they will be updated as/when Stripe is connected/disconnected.
refs: https://github.com/TryGhost/Toolbox/issues/158
- We only use chai in a handful of places now, and it seems totally unnecessary
- Use assert instead
- Made other minor changes with a view to this being a reference aka "perfect" test suite
no-issue
If Stripe subscriptions have manually been modified to contain more than
one price, then cancellation would fail, as Ghost/Members relies on
subscriptions only containing one price. This adds some handling so that
we do not error when cancelling.
refs TryGhost/Toolbox#158
refs TryGhost/Toolbox#129 (comment)
We now have @tryghost/jest-snapshot - a suite of utilities for using snapshots with mocha, should, etc
The @tryghost/express-test lib also uses it to provide chained snapshot assertions
This library was created because all the existing implementations I could find, including the in use @ethanresnick/chai-jest-snapshot
didn't properly support property matching. @ethanresnick/chai-jest-snapshot supposedly supported it, but the implementation was incorrect
and frequently lead to false test passes.
This library also has (after some back and forth) path resolution so that snapshots can live in a local __snapshots__ folder
refs https://github.com/TryGhost/Team/issues/1316
Updates header card renderer so the `<h2>` and `<h3>` elements have slugified titles set on their `id` attributes to allow in-page and external #header-title anchor links.
- bumps `@tryghost/kg-default-cards` including the header card id fix
- bumps other `@tryghost/kg-*` packages that were released simultaneously - contains dependency updates and switch to `slugify()` from `@tryghost/kg-utils`
no-issue
Due to a bug with the event filtering logic verification triggers were
happening when they shouldn't - for now we are disabling the trigger
until the bug is fixed
no-issue
refs https://github.com/TryGhost/Members/commit/6860e3c1
refs https://github.com/TryGhost/Members/commit/03a6d694
This adds an e2e tests for the regression we had with comping members.
The stripe service imports the members service, which will instantiate
members-ssr once it is loaded, which will use the uninstantiated
settings cache resulting in errors due to a missing theme_session_secret.
For this reason we require the stripe service inside of the test function,
rather than at the top level of the file
refs https://github.com/TryGhost/Team/issues/1299
- The email_delivered_event, email_opened_event and email_failed_event events weren't correctly ordered
- This has caused some of these events to not show
refs https://github.com/TryGhost/Team/issues/1289
The default Tier name is "Default Product" - this adds a check on
startup for this name, and will update it to the site title. This is so
that when Tiers is enabled, the user is presented with an expected value
for the Tier name.
refs TryGhost/Team#1071
- new `tiers` key is now attached to posts/pages API response to include tiers visibility
- updates expected response for post/page in tests to include `tiers`
refs https://github.com/TryGhost/Ghost/issues/14079
The stripe_prices API whilst not used publicly is still used for handling
complimentary subscriptions in the old (pre-tiers) system. This was mistakenly
removed, and has been reinstated with this commit.
refs https://github.com/TryGhost/Team/issues/1168
This updates the JSON API Schema to allow for the welcome_page_url
property, as well as including the new column in API responses, so that
we can both read and write the value via the API.
refs: TryGhost/Toolbox#166
The new VerificationTrigger listens to events form the members repository, and will cause the verification workflow to be triggered if the number of events is greater than the configured threshold in a rolling 30 day window.
The importer also no longer depends on the import threshold, so the threshold testing is now done in the processImport method in Ghost - seems sensible since we already had this wrapper and the logic is now tiny, since it's just relying on @tryghost/verification-trigger to handle the real stuff.
refs https://github.com/TryGhost/Team/issues/1293
A mistake in the email sending code when handling webhooks meant that
emails were not sent to new paid signups - however the member would
still be logged in afterwards, so no loss of access was incurred.
refs https://github.com/TryGhost/Team/issues/1277
- When a user signs-up, two events are created, the api route was only returning one of these events.
- This was introduce in commit 120116e8a2 when the only usage of the api route was to extract the 5 most recent events. Any duplication was creating too much noise.
- This was creating issues now that we introduced event filtering. Some `newsletter_event` events would appear from nowhere we we were filtering-out `signup_event` events.
- We removed the deduplication when the `membersActivityFeed` flag is enabled.
no-issue
Handling Stripe Checkout webhooks was failing to send emails to customers
because of a faulty reference. This updates the Webhook Controller to fix
that.
refs https://github.com/TryGhost/Team/issues/1252
In order to ensure that archived Tiers are not selected to be shown in
Portal, both after they archived, and after they've been un-archived -
we need to persist this information to storage. This is currently done
via the `portal_products` setting.
The reasoning behind this is so that un-archiving a Tier doesn't modify
Portal settings without the user being aware.
refs https://github.com/TryGhost/Team/issues/1252
Although Archived Tiers cannot be signed up to via Stripe, we also need
to stop them from being assigned through a complementary subscription.
refs https://github.com/TryGhost/Team/issues/1277
- Enabled the `filter` attribute on the route.
- The events are now filtered in-memory instead of in the database.
- This fixes a wrong logic where the API user would have to know the internal event structure.
refs https://github.com/TryGhost/Team/issues/1252
This allows us to archive and unarchive tiers, but does not implement
any of the background behaviour like modifying portal settings. Or
disabling archived tiers from being used.
The two packages now allow the `active` flag to be passed, and will
update that in the database.
no-issue
We were missing default parameters for webhook creation which cause an
error to throw if we attempted to read from them. This bumps the members
& stripe packages to add default params.
refs https://github.com/TryGhost/Team/issues/1277
- The new events types are: `email_delivered_event`, `email_opened_event` and `email_failed_event`.
- This makes existing data accessible to the admin dashboard
refs https://github.com/TryGhost/Team/issues/1257
Offer Redemptions were being overcounted due to the way we were updating
Stripe configuration for the Members service. We would create a new
instance of the members-api, which would have event handlers for
creating Offer Redemptions - by creating a new instance each time Stripe
config changed, we would overcount them.
Here we've pulled out Stripe related logic into the Stripe service, and
updated it internally - rather than creating a new instance. This means
that we've been able to remove all of the logic for re-instantiating the
members-api.
- Bumped members-api & stripe-service
- Removed reinstantiation of members-api
- Used stripe service to execute migrations
- Updated Stripe Service to handle webhooks & migrations
- Used webhook controller from stripe service
- Used disconnect method from stripe service
- Removed unused stripe dependency
- Removed Stripe webhook config from members-api
refs https://github.com/TryGhost/Toolbox/issues/175
- we're going to be making some changes in v5 wrt supported databases
- we needed a way of detecting the difference between MySQL 5 + 8,
MariaDB etc
- I've created `@tryghost/database-info`, which is a small wrapper
around `knex`, which returns this information
- this commit:
- adds the library to Ghost
- initializes the DB info library upon boot
- updates the Admin API /config/ endpoint and UpdateCheck to return
the new string - `mysql5`, `mysql8` etc
refs https://github.com/TryGhost/Team/issues/1037
- updates `members-api` to handle new free product and `type` column
- updates `members-importer` to handle default product usage as we have both free and paid default products now
refs TryGhost/Team#1242
refs TryGhost/Team#1266
- Both inline and dynamic partials haven't been supported since gscan v4.
- You can now use [inline partials](https://handlebarsjs.com/guide/partials.html#inline-partials) in themes.
- One limitation is that the inline partials aren't available in the execution of other partials.
- You can now use [dynamic partials](https://handlebarsjs.com/guide/partials.html#dynamic-partials) in themes.
- When using dynamic partials, you can only use them as a partial block so that there is a fallback.
- Dynamic partial defined inline like `{{> (dynamicPartial) }}` are considered invalid by gscan to make sure a fallback is present.
no-issue
Due to a bug in the members-csv package we were losing information about
the subscribed_to_emails flag and effectively ignoring it, resulting in
all members beign imported with the default value of true.
refs https://github.com/TryGhost/Team/issues/1257
refs https://github.com/TryGhost/Team/issues/1261
Certain event listens are being added twice due to the way we "reload"
the MembersAPI which can cause duplicate counts of Offer Redemptions.
Rather than creating multiple instances of the MembersAPI we're moving
toward being able to reload the config in place or passing getters for
the config which will allows us to use the MembersAPI as a singleton,
and remove any bugs which come from creating multiple instances.
This also fixes a bug with the allowSelfSignup config not refreshing when
the portal_plans setting was changed.
no-issue
Due to a bug in the members-csv package we were losing information about
the subscribed_to_emails flag and effectively ignoring it, resulting in
all members beign imported with the default value of true.
refs https://github.com/TryGhost/Team/issues/1257
refs https://github.com/TryGhost/Team/issues/1261
Certain event listens are being added twice due to the way we "reload"
the MembersAPI which can cause duplicate counts of Offer Redemptions.
Rather than creating multiple instances of the MembersAPI we're moving
toward being able to reload the config in place or passing getters for
the config which will allows us to use the MembersAPI as a singleton,
and remove any bugs which come from creating multiple instances.
This also fixes a bug with the allowSelfSignup config not refreshing when
the portal_plans setting was changed.
refs https://github.com/TryGhost/Team/issues/1268
- bumps `@tryghost/kg-mobiledoc-html-renderer` which changes email rendering for rich-text blockquote sections so the contents is wrapped in `<p>`. E.g. `<blockquote>Text</blockquote>` becomes `<blockquote><p>Text</p></blockquote>`
- in iOS Mail which has hardcoded/un-overridable `blockquote` styles that remove all margins it lets the `p` margins take effect to add back the missing vertical spacing. The change had no noticeable effect on other clients when testing
Co-authored-by: Renovate Bot <bot@renovateapp.com>
refs https://github.com/TryGhost/Team/issues/1258
- members auto login after Stripe checkout feature is GA so labs flag is no longer necessary
- bumps `@tryghost/members-api` to version that does not use the labs flag
refs https://github.com/TryGhost/Team/issues/1259
- We don't correctly handle Nodemailer's EENVELOPE error, which is thrown when Mailgun returns an error due to an invalid email recipient
- We don't want to default to returning a 400 for all mail exceptions because this would mask genuine errors - for example if Mailgun is unavailable
- We should catch `code: EENVELOPE` errors and return a 400 response
refs https://github.com/TryGhost/Team/issues/1231
refs a7ef81bf95
- the referenced commit adds the `download` property to File cards
- this commit bumps the `@tryghost/kg-default-cards` package to include
that change
no-issue
This includes updates to the html parsers for creating mobiledoc cards
and now works for the before/after cards, as well as fixes for
classnames of existing cards
refs https://github.com/TryGhost/Team/issues/1249
Using an input as the slider handle meant setting a width of 100% + px,
which could push width over the size of the screen - not good! This
takes the same approach as the CodePen linked below and uses a separate
element, which has the position of it updated by JS in realtime.
https://codepen.io/josephwong2004/pen/NWRGxdR
refs https://github.com/TryGhost/Team/issues/1245
- Ensures a warning is displayed when the theme doesn't include the default product card css and also doesn't style style the product card.
no issue
- we've been battling an issue where we have multiple versions of the
logging library running, which causes a problem with file rotation
- this package adds a resolution to v2 so we force the use of a single
version within Ghost
refs https://github.com/TryGhost/Team/issues/1249
- Initial version of rendering for the Before/After card from moi
- Updates to the audio cards class names from Sanne
- Fixes to the audio card thumbnail in emails from Sanne
- Refactor of product card rendering from Thibaut
refs https://github.com/TryGhost/gscan/issues/417
- The `@partial-block` handlebars directive was allowed in previous gscan versions until a regression
- Always allow using `@partial-block` as it never breaks the handlebars rendering
Co-authored-by:
- Thibaut Patel @tpatel
- Renovate Bot <bot@renovateapp.com>
refs https://github.com/TryGhost/Team/issues/1229
- bumped `@tryghost/kg-default-cards` with improved handling of thumbnail aspect ratio and a bugfix for the `loop` attribute on the `<video>` element
refs https://github.com/TryGhost/Team/issues/1230
- updates payload attributes set by audio card in frontend template
- updates use of duration and post url link on audio card in email template
- updates parser plugin for audio card
- updates tests
refs https://github.com/TryGhost/Toolbox/issues/158
- Allows for much smaller amount of code to configure a test to work with chai-jest-snapshots. They now work automatically for all regression tests and could be enabled for other suites by adding the "--require=./test/utils/snapshots.js" parameter in respective test:* package script
- Regenerated snapshot for authentication test as the naming structure
changed a little with the snapshot metadata being taken on a higher
level in the test (uses the suite name instead of a specific describe it
used to be called from)
refs https://github.com/TryGhost/Team/issues/1229
- bumped @tryghost/kg-default-cards that contains initial video card rendering
- added video card CSS file with basic style that prevents video element rendering larger than the content width (similar to default image styles in most themes)
refs: https://github.com/TryGhost/Toolbox/issues/146
Switched to @tryghost/logging instead of passing around the library. The main sticking points of this change are jobs. When jobs are launched we don't want them to use a separate @tryghost/logging instance because they would start parallel rotation jobs. @tryghost/logging v2.x passes all logs to the parent process if run in a child process, so that we can use the same patterns in jobs and the rest of the codebase.
refs https://github.com/TryGhost/Team/issues/1239
- bumped the mobiledoc-to-html renderer so it doesn't add the `kg-width-wide` class when rendering `aside` sections to `<blockquote>`
refs https://github.com/TryGhost/Team/issues/789
We are still having issues with duplicate subscriptiosn being inserted
and are unable to determine why. We are now catching these DB errors and
responding with a 409 Conflict rather than 500 Internal Server Error.
This buys us some time to solve the underlying problem, whilst not
alerting on-call engineers.
no refs
- Updated the css classes from `kg-card-callout*` to `kg-callout-card*` for the callout card. This improves consistency with the other cards' css.
refs https://github.com/TryGhost/Team/issues/1202
We were storing all possible columns for a member, rather than the ones
sent up in the CSV - this was causing updates to existing members to
have their data removed. This fix means that we only store the columns
that were sent up in the CSV - so that missing columns are not affected.
closesTryGhost/Team#1238
- previously returned 500 errors when a subscription had invalid number of prices due to external tampering on Stripe directly
- instead now returns 400 Bad Request error when subscriptions don't have right number of prices
refs: TryGhost/Toolbox#147
* Replaces all references to isIgnitionError with isGhostError
* Switches use of GhostError to InternalServerError - as GhostError is no longer public
There are places where InternalServerError is not the valid error, and new errors should be added to the @tryghost/errors package to ensure that we can use semantically correct errors in those cases.
no refs
- In the custom theme settings, the `color` default error was saying `null` and empty string values were allowed. They weren't. The description is now fixed
refs https://github.com/TryGhost/Team/issues/1243
When invalid subscriptions without any price data are included in the
API, we are faced with errors due to the data being in an undefined
state. This updates the API to not respond with these invalid
subscriptions.
refs https://github.com/TryGhost/Team/issues/1001
We fall back to existing behaviour if no API key is present, or if there
is an error communicating with the Twitter API. We're also currently
requesting all the data, which will be thinned down once we understand
what we need.
This also includes a custom renderer for embeds of type "twitter" which
will be used to output the custom HTML for emails
refs: https://github.com/TryGhost/Toolbox/issues/105
Lint rules prevent:
* Invalid naming conventions for new migrations
* Loop constructs in migrations - these should be used with caution
and are therefore a warning rule, use `// eslint-disable-next-line
no-restricted-syntax` to prevent this rule from firing where a loop is
required
* Returing within a loop - this is usually meant to be a
continue/break
* Multiple joins - these can be badly performing migrations, so should
be treated with caution, disable the rule for the line if the risk is
understood / the migration cannot be written without it
refs https://github.com/TryGhost/Team/issues/1239
- bumps `@tryghost/html-to-mobiledoc` that uses a new parser plugin for transforming `<blockquote class="kg-blockquote-alt">` to an `aside` section in mobiledoc as that's what we use as a workaround for storing alternative blockquote style
refs https://github.com/TryGhost/Team/issues/1206
- This add a warning when the `card_asset` config is set so that Ghost doesn't include the callout card css AND the callout card css isn't in the theme
- The update also contains a fix to correctly detect partials named `fill`
- The update also improves the error content when gscan finds an unkown partial
refs https://github.com/TryGhost/Team/issues/1236
We want to ensure that Offers share a name with the correspondent coupon
in Stripe, which have a max length of 40 characters, so we are applying
the same restriction to Offers.
refs https://github.com/TryGhost/Team/issues/1235
- we are seeing `oembed-parser` 1.5.2 have intermittent issues when
fetching oembed data
- we're not sure of the reason but reverting the dependency to 1.4.9 seems to fix
the issue
- this commit reverted the bump in Ghost and adds it to Renovate's ignore
list so it isn't automatically bumped in the future
refs https://github.com/TryGhost/Team/issues/1232
- Only require the right css rules depending on the `card_assets` configuration
- 🐛 removed `kg-width-wide` and `kg-width-full` from being considered as card asset, as they should always be defined in themes (it was only a problem in v4.11.x)
- Upgrading the version of minifier to a patched version that ensures the dir exists before writing a file
- This is needed because although the content/public directory is present in the repo, it is not present in production installs
made with Ghost-CLI or Pro until changes there are merged. Other production setups will likely miss it too.
- Ensuring the dir means no one is suprised by this not working
refs d4b10323b7
- as mentioned in the referenced commit, there was another optimization
regarding batching the inserts
- this seems good to me in the end, so I've updated knex-migrator to do this
- this commit bumps knex-migrator to the updated version
- after this change, a `knex-migrator init` goes from 5.5s to 5s locally
and we've removed ~470 DB queries
refs 8d9a561cab
- see referenced commit for context but we were doing unnecessary SELECT
queries when initializing the DB and the commit reduces this by half
- this commit updates `knex-migrator` to that containing the commit
refs https://github.com/TryGhost/Team/issues/1211
This adds the payload as a data attribute to the rendered card so that
we can transform the card form HTML back to mobiledoc easily.
refs https://github.com/TryGhost/framework/pull/41
- see the referenced PR for context but Ghost could not authenticate to
SES in containers using IAM because of a missing dependency
- this has been updated in the Nodemailer docs and added in the PR
- the `@tryghost/nodemailer` package has been updated so this commit
bumps it in Ghost
- credits to https://github.com/touzoku for the fix
refs https://github.com/TryGhost/Team/issues/1211
This adds custom rendering for nft cards in emails, using tables instead
of flexbox for alignment.
This also updates the button card to add the missing `kg-card` class to
it.
refs https://github.com/TryGhost/Team/issues/1211
The nft card rendering has been updated to correctly handle the switch
from card_type to type, and the removal of the html property from the
NFT embed API
refs https://github.com/TryGhost/Team/issues/1209
- bumps koenig default cards to include support for toggle card
- bumps html to mobiledoc library to add support for toggle card
refs https://github.com/TryGhost/Toolbox/issues/120
- When a file name with an .mp4 extension was passed in it was mistakenly taken as an invalid extension. It is pretty valid!
- Fixing this bug allows for for duplicate file detection when uploading valid valies with extensions containing numbers
- Extensions that consiste only from numbers are still treated as invalid