no issue
This commit removes the `memberAttribution` feature flag from the
codebase. Some CSS classes are not removed as removing them and updating
the associated CSS files have side effects sadly.
- I switched over `build` to run in production mode because we now do
`lerna run build` during the release process, but this was bundling
development assets
- this adds `build:dev` and switches the browser test to use that, so
they should use the development assets moving forwards
refs TryGhost/Team#3122
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 87727d9</samp>
Added `data-testid` attributes to various elements in the announcement
bar settings feature to enable Playwright testing. Fixed a potential bug
with the `visibilitySettings` getter in the `visibility.js` component.
Added Playwright tests for the announcement bar settings feature in
`announcement-bar-settings.spec.js`.
refs 27e4523aec
- we no longer use `oembed-parser`, so we can remove it from
package.json
- also pins the `@extractus/oembed-extractor` package and adds it into
`@tryghost/oembed-service` where it was missing
no issue
The post/page bulk actions weren't logged in the history log / actions
table.
This change adds support for logging bulk actions.
- New `addActions` static method on models. It creates an action log in
the database for multiple models at once. If only one model was edited,
deleted or added, it will fallback to `addAction`
- `addAction` can also be called statically now
- `actionName` option is now supported when using `addActions`,
`addAction`, and as a result also in all bulk manipulation methods, and
CRUD methods. This allows you to replace the default '5 posts edited'
into something more specific like '5 posts featured'
- Fixed support for null resource_id in the parse-history-event helper
- Removed the default 'published' status requirement when using
Post.findOne for internal queries.
refs TryGhost/Ghost#16048
- When attempting to embed a Youtube video that has had embedding
disabled by its owner/author, Ghost displayed a generic error message
that didn't indicate the reason for the failed emebed.
- This change updated the error message when Youtube (or any provider)
returns 401: Unauthorized to indicate that the owner of the resource has
explicitly disabled embedding.
no issue
This pull request removes the `suppressionList` feature flag and all its
dependencies from the codebase. It makes the suppression list feature
the default and consistent behavior for all email events and
newsletters. It simplifies the UI, logic, and data related to email
events and newsletters. It affects several files in the
`ghost/admin/app`, `ghost/core/core`, and `ghost/members-api`
directories.
fixes https://github.com/TryGhost/Team/issues/2404
This change introduces a new 'post' query parameter to the members and member routes.
Previously, the members route would check if the previous route was the analytics page, and then show the breadcrumbs to go back to the analytics page. But when navigating to the members page from the menu, we don't want to show the breadcrumbs. To accomplish this, the routes that point to the members page from the analytics page now specifically pass on the post id in the query parameters. The query parameter is then passed on from the members page to the member page.
`directlyFromAnalytics` is still used in the member route, to know wheter we came from the members page or from the analytics page (changes the breadcrumbs). This doesn't need to go via a query parameter (figured that would make the url too long/complex).
The resetController method is now implemented and resets the filter and/or fromAnalytics post id if required (when going from members to member, we don't want to reset it because the we would lose the filter going back).
refs TryGhost/Team#3133
- the backend previously had logic to save a revision if more than 10
mins had elapsed since the last revision
- however, the frontend would autosave after 3 seconds of inactivity
(which doesn't trigger a revision), and never send another save request
at 10 minutes, so the backend logic to save a revision was never
triggered
- this change will save the current contents of the editor every 10
minutes, even if nothing has changed since the last save
This is an initial start to using TypeScript in our non-core Ghost packages.
- Adds a prepare script to build the project after installing deps
- Adds an initial tsconfig.json which is compatible with our node env
- Migrates all of the code to TypeScript, including tests
- Updates tests to use ts-node so that we don't need to compile the tests
- ts-node is installed at the top level because the env is weird with lerna and
doesn't work otherwise
- Updates the yarn dev script to build the project with the --all and --revisions flag
- Updates the prepare script in the top level to run prepare on packages, so
that packages can be built when running `yarn`
- Updates the build script in ghost/core to run build on packages, so that
packages are built before being monobundled
- Updates monobundle to be a dependency and use the new TryGhost repo, which
includes some minor fixes and improvements, such as supporting devDeps
- Updates the GitHub workflows to run the build command in the top level
directory rather than ghost/core so that other packages are built, too.
refs https://ghost.slack.com/archives/C025584CA/p1683105468216909
When holding cmd,ctrl or shift when clicking a post list item, it would try to select it. But that meant some user flows were broken where users would open multiple posts at the same time in a new tab.
This change allows you to cmd/ctrl/shift/right click on the edit button again.
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9
Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9
Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
no issue
There was an error when generating the snapshot for this test. It never ran, so the snapshot was never committed. On top of that, the generated snapshot would change every time because the email verification token was not replaced with a static value.
closes https://github.com/TryGhost/Team/issues/3137
We have now included the ability to display an "Unpublished" tag for revisions that have been unpublished. The tag is only displayed when the revision's reason property is set to "unpublished". A new revision is triggered when a post is unpublished, regardless whether there's a change in the content.
refs https://github.com/TryGhost/Team/issues/3129
This has copied the same pattern from the gh-user-list-item component.
Co-authored-by: Sanne de Vries <sannedv@protonmail.com>
fixes https://github.com/TryGhost/Team/issues/2385
The Sentry version has been locked to v7.11.1 for some time because Sentry still used a legacy Node feature, called domains. Due to a bug or change in in Noide 16+, those domains broke handling uncaught promise execptions. So Ghost crashed when a promise exception wasn't caught. But that shouldn't be the case because we have a global uncaught exception handler.
Luckily Sentry switched to AsyncLocalStorage in v7.48.0. This fixes the issue as demonstrated in c0cd62184c
no issue
- Hide post preview select if there is no published posts yet.
---
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
copilot:summary
- we have calls to the metrics library so we can measure the time it
takes the Mailgun API to return a response
- however, there's a bug in the code whereby if the `batchHandler`
takes a long time and then throws an error, this time will be reported
to metrics
- this is misleading because it looks like Mailgun is taking a long time
if the databases are slow
- this pulls the specific SDK call out into a function so it's easier to
wrap with timing code
refs https://ghost.slack.com/archives/C02G9E68C/p1682941387256079?thread_ts=1682507718.761429&cid=C02G9E68Chttps://github.com/TryGhost/Team/issues/3123
This commit modifies the revisionList method to sort the revisions array by createdAt property in descending order, instead of reversing the order of the array. This makes the code more intuitive and easier to follow for future developers.
Additionally, the published_latest key-value pair is renamed to initial_publish to better reflect its meaning. This key-value pair is added to the revision object at the index where the post status changed from 'draft' to 'published', indicating the initial publication of the post.
refs https://github.com/TryGhost/Team/issues/3123
This commit modifies the revisionList method to add a new key-value pair published_latest: true to the object if the current index matches with the index of the latest published revision with the reason 'published'. The change only affects the latest published revision and doesn't modify any existing data. This update improves the display of post revisions by highlighting the latest published revision in the list.
refs TryGhost/Team#3122
- Fixed that preview takes data from user input before saving on
backend.
---
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 54d5b2d</samp>
This pull request adds the ability to preview the announcement bar in
the Ghost admin panel and the theme settings. It also adds a
confirmation dialog to discard or save unsaved changes before leaving
the announcement bar settings. It refactors some components and methods
to remove unnecessary or redundant calls to save the settings. It
modifies the `ghost_head` helper, the `theme-management` service, and
the `announcement-bar/src` files to support the preview feature.
https://github.com/TryGhost/Team/issues/3121
- Because the announcement data has to be available with member's context, it's only possible to have it in cross-origin requests in the Members API.
- Exposed the announcement bar data through `GET /members/api/announcement` endpoint
no issue.
- In dark mode the text and the text selection color in the announcement bar's input field were the same. This made the selected text unreadable
refs. https://github.com/TryGhost/Team/issues/3112
- the font color in the announcement input field was not prepared for dark mode
- the first background swatch had an unwanted border setting
no issue
After making a change to a post via the bulk action menu, the filter checks if the post should still be included on the page. If not, it is removed.
There were two bugs here:
- Expansions were not applied
- Relation checks were not working because the model was not serialized
Now the posts correctly stay on the page if needed, or are removed if not.
refs https://github.com/TryGhost/Team/issues/3112
- When members features are disabled on the site, there is no point to show member-specific filters for the announcement bar. The only option available should be to show or not to show the announcement.
refs https://github.com/TryGhost/Team/issues/3010
- Having all possible values in within single packages will make it easier to look for "source of truth" and is more maintainable rather than having values scattered all over the codebase
refs https://github.com/TryGhost/Team/issues/2887
Images could sometimes be pasted into the editor (noticed especially with Google Docs) with `data:` URLs rather than typical `https:` URLs. That causes problems because data URLs are large binary blobs that get stored in the `posts` table and passed through many areas of the system that doesn't expect large binary blobs, causing knock-on effects.
- added handling to our editor's image card to detect when the card is displayed in the editor with a `data:` URL and if it was then it converts it to a file and uploads it so the image can be stored and displayed the same way as any other image
- handles uploads on both paste and opening a post in the editor that was previously saved with a `data:` URL
We no longer need a reference to the previous version, instead we can use the
latest revision, this makes it easier to compare "off table" data such as the
feature image caption stored in posts_meta.
no issue
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at ebd1973</samp>
This pull request adds support for storing and tracking the status of
posts in revisions. It introduces a new `post_status` column and
property in the `post` and `PostRevision` models, and updates the
`PostRevisions.formatInput` method to handle it.
refs https://github.com/TryGhost/Team/issues/3051
- The filter was not working properly when there was no logged in member, but the announcement filter was set to "paid_members" only
refs TryGhost/Team#3095
We should show the announcement bar again in the following case:
- User closes the bar
- Publisher updates announcement content
- We show the bar again even if the user closed it previously in the
same session
refs https://github.com/TryGhost/Team/issues/3104
When a post revision author has been deleted, or there is no author
associated with a post revision, the label "Anonymous" is used for the
revision author
refs https://github.com/TryGhost/Team/issues/3099
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 83140b5</samp>
This pull request adds a new column `post_status` to the
`post_revisions` table to store the status of the post revision. It also
updates the schema definition, the migration file, and the integrity
test to reflect the new column.
refs https://github.com/TryGhost/Team/issues/3102
Post revision restoration was failing due a few failing edge cases that
occurred during the refactor of the post history modal
refs @TryGhost/Team#3076
- added `save_revision` option to edit post endpoint
- this change covers the following cases:
1. we will not save a `post_revision` on every background autosave that
occurs after 3 seconds of inactivity in the editor
2. we will save a `post_revision` when the user hits `cmd+s` in the
editor to explicitly save
3. we will save a `post_revision` when the user navigates away from the
editor (e.g. by clicking the 'Posts' breadcrumb in the editor)
4. we will save a `post_revision` when the user publishes a post
5. we will save a `post_revision` when a user updates an already
published post
closes https://github.com/TryGhost/Team/issues/3077
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 27c2916</samp>
This pull request refactors the modal-post-history component from a
classic Ember component to a glimmer component, using the latest APIs
and syntax. This improves the code quality and aligns with the Octane
edition of Ember. The changes affect the
`ghost/admin/app/components/modal-post-history.js` and
`ghost/admin/app/components/modal-post-history.hbs` files.
refs https://github.com/TryGhost/Ghost/pull/14264
- With a requirement change we need to transform `announcement_visibility` setting to be an "array" instead of a "string". Array structure will allow us to hold multiple filters at once giving more coverage to the audience targetting usecases.
- Example filter variations we'll support are:
[ ] Logged out visitors
[ ] Members
[ ] Free members
[ ] Paid members
refs https://github.com/TryGhost/Team/issues/3034
- adds new integration page for Pintura in Admin
- allows site owners to enable/disable the image editor integration
- allows self-hosters to upload the files for enabling Pintura image
editor
---------
Co-authored-by: Sodbileg Gansukh <sodbileg.gansukh@gmail.com>
refs https://github.com/TryGhost/Team/issues/3034
- adds 3 new settings for managing pintura image editor integration in
admin
- `pintura` setting controls the enabling of the feature
- `pintura_css_url` is used to store path to pintura css file uploaded
on integration page
- `pintura_js_url` is used to store path to pintura js file uploaded on
integration page
refs https://github.com/TryGhost/Team/issues/3009
- It's best to pull in as much data from the API as the app's state will ever use. Makes it explicit about what fields the app depends on instead of requesting a whole of "settings"
refs https://github.com/TryGhost/Team/issues/3009
- The change hooks up the announcement bar script to use "announcement" and "announcement_background" values coming from the Content Settings API
Rather than displaying changes inside cards, we want to show a complete
replacement of the card. The current html diffing library is not capable of
supporting this so we have to use the approach here. First we find all cards
with changes in them, and then pull out the changes into two duplicated version
of the card, once for removals and one for additions.
refs https://github.com/TryGhost/Team/issues/3041
- Added a 10k search limit in Admin reserouce search. The limit prevents the search component from crashing when there are way too many resources to fetch.
- The default ordering is preserved for the fetched resources.
refs TryGhost/Team#3052
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 7173288</samp>
This pull request adds new components and settings for the announcement
bar feature, which allows the user to customize the content, background,
and visibility of a banner that appears on the site.
refs https://github.com/TryGhost/Team/issues/3034
- while fetching the image from source for editing in the image editor, it throws cors error when the image is returned from cache instead of ghost server
- the cached image response causes cors to trip over if admin url is different from frontend url for site as it doesn't has the right header
- adds a dynamic `v=...` query param while fetching image in editor to bypass cache and fetch image from server directly
Because we're using the old style components we need to make this a computed
property for changes to it to cause a rerender. We also add a latest property
to the first revision so that it can be rendered differently
no issue
When a user is deleted any post revisions created by the user are set to
be owned by nobody (null) rather than deleting the post revisions
associated with the user
The Lexical editor isn't passed the editor state it's passed the _initial_
editor state, which means that subsequent renders will not use an updated
state. To work around this we store a reference to the editor api and manually
set the state ourselves when the selected revision is changed.
refs https://github.com/TryGhost/Team/issues/3011
- This is a data structure needed to support Announcement Bar feature -
allows to create custom site-wide announcements tailored to the
audience.
- The `announcement_content` is meant to hold displayed HTML content of
the announcement and will be exposed through unauthenticated Content
Site API
- The `announcement_visibility` sets the target audience to display the
Announcement Bart to:
- `public` - Everyone
- `visitors` - Logged out visitors only
- `members` - Members only
- `paid` - Paid members only
- The `announcement_background` sets the CSS class that should be
applied to the Announcement Bar. and will be exposed through
unauthenticated Content Site API. Three styles are available:
- `accent` - matches the color of the site accent
- `dark` - dark style
- `light` - light style
refs 3b90b1f335
refs https://github.com/TryGhost/Team/issues/3011
- The "flags" property was missing from the allowed parameters in addSettings migrations utility method. Passing in "flags" is needed to complete a refed issue where we add a new "announcement" group of settings and two of these settings have a "PUBLIC" flag
no issue
- added full author object to the post_revisions array on the /posts endpoint
- to be used in the post history modal to display who authored each revision
refs https://github.com/TryGhost/Team/issues/3034
- adds new alpha feature flag for image editing in Admin
- allows new config for Pintura files that enable the image editing in
Admin
- adds new ember component for triggering image editing for post feature
images
---------
Co-authored-by: Sodbileg Gansukh <sodbileg.gansukh@gmail.com>
When we request all members, what happens is that the amount of data is
so great that Ghost is completely overwhelmed - database connections
are hanging open, spanners are thrown in the works, half the team are
staying up half the night!
no issue
- maxlength for author_id was errantly set to 2000 instead of 24
- migration was failing with:
ERROR Field length of `author_id` in `post_revisions` is too long!
Field length of `author_id` in `post_revisions` is too long!
"This usually happens if your database encoding is utf8mb4.\nAll unique
fields and indexes must be lower than 191 characters.\nPlease correct
your field length and reset your database with `yarn knex-migrator
reset`.\n" "Read more here:
https://github.com/TryGhost/knex-migrator/issues/51\n"
no issue
- the members stats service was being used for the total member count
when checking member limits for publishing but the stats service is not
always correct which could result in publishing being blocked
unexpectedly
- switched to using the total count from a `/members/` query which
should always be correct/match other counts within the UI
- the autogenerated constraint name was too long for MySQL, yielding the
error below (although it seems to be fine for sqlite)
- this change adds an explicit, shorthand name for the constraint to
stay under the limit on MySQL8
Error: alter table `post_revisions` add constraint
`post_revisions_author_id_foreign` foreign key (`author_id`) references
`users` (`id`), algorithm=copy - Specified key was too long; max key
length is 3072 bytes
We want the diff to be based on what the editor looks like, so we render two
hidden koenig instances and diff the html output, as opposed to using lexical
to render the "frontend" HTML. We also have some weirdness with the last
revision being the same content as the current state of the post. We can look
to fix that at the storage or API level in future
no issue
- post_revisions will now be included in any request to the /posts
endpoint
- updated admin models to include post_revisions
- post revisions can now be accessed in the modal-portal-history via
this.post.post_revisions
refs TryGhost/Team#3008
---
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 2a60623</samp>
This pull request adds a new experimental feature for displaying an
announcement bar at the top of the site. It introduces a new component
template and class for the announcement bar, a new feature flag and its
UI controls, and some CSS adjustments for the editor input and the
announcement bar.
no issue
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 2839ca2</samp>
This pull request adds a feature to show the HTML diff of the post
content changes in the post history modal. It uses the `node-htmldiff`
module to generate the diff and updates the `modal-post-history`
component and its template and style files.
---------
Co-authored-by: Fabien "egg" O'Carroll <fabien@allou.is>
refs TryGhost/Team#3008
---
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at f785fd8</samp>
This change adds a new component `koenig-lexical-editor-input` that
renders a React component using the `@tryghost/koenig-lexical` package,
which provides a new editor for Ghost that supports rich text and
markdown editing. The component can be used to edit HTML content using
the Lexical editor, and syncs the HTML content with the `html` argument
and the `onChangeHtml` callback. The component also handles dynamic
import, loading, error, and dark mode scenarios.
- We also fix the name of the feature flag
- We also correctly await the result of revision generation
- We pass the HTML string so we can potentially do an easier word count diff
no issue
- added modal-post-history component and wired it up to the
lexical-editor
### <samp>🤖 Generated by Copilot at b726dd5</samp>
> _`Post history` is the key to the past_
> _Unveil the changes in a modal so vast_
> _But beware of the doom that lurks in the edits_
> _The lexical-editor is a portal to the abyss_
This is behind the postHistory flag so that we leave alone the very import
revision generation code. The new package attempts to replicate the existing
strategy but gives us room to easily change it in future
refs TryGhost/Team#2904
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 2ba5e2a</samp>
This pull request adds the lexical editor feature to the Ghost admin
app, which allows users to create and edit snippets in a natural
language format. It modifies the `snippet` model, adapter, and
controller, and the `lexical-editor` template and component to support
the new feature.
no issue
- with this change, you can access a post's lexical revisions via the
api (e.g. `/posts/:id/?include=post_revisions`)
> _We are the post revisions, we won't be erased_
> _We rise from the ashes of the mobiledoc waste_
> _We join the API response, we claim our rightful place_
> _We are the post revisions, we show the truth of your face_
This package will be used to contain the logic for determining when a
revisions should be generated for a post. It will be used by the Post
model during saving and will not handle the storage of revisions
refs TryGhost/Team#2904
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at b3f5423</samp>
This pull request adds support for multiple formats of snippet content,
especially the `lexical` format, to the Ghost CMS. It modifies the
snippets API, model, and test files to handle the format conversion,
filtering, and serialization of snippets.
refs https://github.com/TryGhost/Team/issues/2677
- This extends the bulk editing UI to pages.
- New endpoints for editing pages in bulk
- Support for type in bulk edit UI
- Fixed empty messages for lists
- Minor bugfixes (e.g. save button when adding tags became red because
task didn't return true)
---
This pull request adds support for bulk editing and deleting of pages in
the admin UI and the API. It refactors the context menu component and
the list templates to handle different types of content (posts or pages)
dynamically. It also updates the selection list utility and the no posts
box component to work with the new feature. It modifies the `posts.js`
and `pages.js` API files and the corresponding input and output
serializers and routes.
refs TryGhost/Team#2904
<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 04a6b06</samp>
This pull request adds a new `lexical` column to the `snippets` table to
store lexical information for snippets. It includes a migration script,
a schema update, and a schema hash update.
