Commit Graph

38761 Commits

Author SHA1 Message Date
Sag
7617759ae6
Added Sentry Session Replay in Ghost Admin (2/2) (#20263)
ref https://linear.app/tryghost/issue/SLO-128

- Sentry will record session replays when errors happen in Admin (Settings, Editor) to facilitate debugging
- The recorded sessions mask sensitive information (input fields, media items, content in the editor, metrics in the dashboard)
2024-05-28 17:25:38 +02:00
Sanne de Vries
3ad77bd2c2
Updated email newsletter spacing and font sizes (#20273)
REF MOM-146

- These styling changes are a general newsletter template improvement,
and are also laying the groundwork for including a subhead in the
newsletter header. Both the newsletter template as well as the
newsletter preview in settings have been updated.
2024-05-28 14:29:49 +00:00
Steve Larson
e6fcbf45a1
Added sanitization for svg uploads (#20264)
ref https://linear.app/tryghost/issue/ENG-856
- svgs were not previously sanitized and could contain scripts
2024-05-28 08:58:16 -05:00
timemanagementsk
d5cf717437
Corrected typos and wrong translations in SK language (#20241)
Got some code for us? Awesome 🎊!

Please include a description of your change & check your PR against this
list, thanks!

- [ ] There's a clear use-case for this code change, explained below
- [ ] Commit message has a short title & references relevant issues
- [ ] The build will pass (run `yarn test:all` and `yarn lint`)

We appreciate your contribution!

---------

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-05-28 09:22:19 -04:00
Ronald Langeveld
d799f2ecb1
Added show_subhead column to newsletters table (#20268)
refs MOM-152

Adds `show_subhead` column to newsletter table. False by default.
2024-05-28 16:29:20 +07:00
Fabien 'egg' O'Carroll
6a8ae57a24
Used a base64 encoded string for hmac secret (#20269)
We want to use a randomly generated 64 byte secret for the hmac, and
utf8 encoding isn't nice to work with for this, so we're going to use a
base64 string and decode it into a buffer for the secret.
2024-05-28 14:12:48 +07:00
renovate[bot]
5c5ec9da9f Update dependency ember-auto-import to v2.7.3 2024-05-28 08:55:23 +02:00
renovate[bot]
4b059e1654 Pin dependencies 2024-05-28 08:53:24 +02:00
renovate[bot]
6792261f05 Pin dependency @tryghost/kg-unsplash-selector to 0.1.17 2024-05-27 18:47:45 +02:00
renovate[bot]
ba7c659b35 Pin dependency @codemirror/lang-html to 6.4.9 2024-05-27 18:47:30 +02:00
renovate[bot]
6ea2b8f658 Pin dependency @types/node to 20.12.12 2024-05-27 18:46:47 +02:00
renovate[bot]
c472a3ac4b
Pinned dependencies (#20257) 2024-05-27 15:29:32 +00:00
renovate[bot]
f52adcc54f Update dependency @uiw/react-codemirror to ^4.22.1 2024-05-27 15:12:14 +00:00
renovate[bot]
90d571b03a Update dependency lint-staged to v15.2.5 2024-05-27 16:58:49 +02:00
renovate[bot]
3ebe206ea7 Update TryGhost packages 2024-05-27 16:58:32 +02:00
Sam Lord
618c4b9623 Data generator: Reduced limit on importer to prevent test crashes
ref: ENG-955

Tested with a static number, using 35 causes failures, 30 seems safe
2024-05-27 15:41:02 +01:00
renovate[bot]
c2b250fe53 Update dependency lint-staged to v15.2.4 2024-05-27 15:11:33 +02:00
Sag
ed0a76e985
Added Sentry Session Replay for in Ghost Admin (#20255)
refs
https://linear.app/tryghost/issue/SLO-128/enable-sentry-replay-in-admin-adminx-editor

- this option lets us replay a session in Sentry when an error happens
2024-05-27 12:59:43 +00:00
renovate[bot]
6ff08c5c14 Update dependency mysql2 to v3.9.8 2024-05-27 08:04:34 +00:00
Daniel Lockyer
ecc6053e5d Cleaned up jsdom dependency usage
- we don't need this in `ghost/core` as it's not used in there
- we need to declare this dependency for the apps, as they use it for
  running tests
- this doesn't change the lockfile but it means we're declaring the
  dependency in the right places now
2024-05-27 09:49:43 +02:00
renovate[bot]
f0c8be59a8 Update dependency @types/react to v18.3.3 2024-05-27 09:37:46 +02:00
renovate[bot]
78dbbe2294 Update dependency html-validate to v8.19.1 2024-05-27 09:33:26 +02:00
renovate[bot]
3e3bcb81fd Update dependency jsdom to v24 2024-05-27 09:07:18 +02:00
Ghost CI
43e25f44dc v5.82.12 2024-05-27 06:39:20 +00:00
Chris Raible
98d49f57d5
Added experimental headers to allow caching members content (#20200)
ref
https://linear.app/tryghost/issue/KTLO-45/deploy-members-caching-solution-to-a-single-site-to-validate-and-test

Currently we only cache publicly available content. Any content that is
accessed by a logged in member is only cached for that specific member
based on their cookie. As a result, almost all requests from logged in
members bypass our caching layer and reach Ghost, which adds unnecessary
load to Ghost and its database.

This change adds experimental headers that allow our CDN to understand
which tier to cache the content against, and securely tell the CDN which
tier a logged in member has access to. With these changes, we can cache
the member content against the tier, rather than the individual member,
which should result in a higher cache HIT ratio and reduce the load on
Ghost.

For requests to the frontend of the site, Ghost will set a custom
`X-Member-Cache-Tier` header to the ID of the tier of the member who is
accessing the content. This tells the CDN which tier to cache the
content against.

For requests to either `/members/?token=...` endpoint (the magic link
endpoint) or `/members/api/member`, Ghost will set a `ghost-access` and
`ghost-access-hmac` cookie with the ID of the tier of the logged in
member. With these two pieces of information, our CDN can serve cached
content to logged in members.

These headers are experimental, and can only be enabled via Ghost's
config. To enable these headers, set `cacheMembersContent:enabled` to
`true` and provide an HMAC key in `cacheMembersContent:hmacSecret`.
2024-05-23 19:06:45 -07:00
renovate[bot]
d302d4049c Update Koenig packages 2024-05-23 19:13:38 +01:00
Amir
7a045ded00
Adding Persian/Farsi to supported languages (#20219)
Fixes #20214
2024-05-23 09:54:28 -04:00
Ronald Langeveld
99232de6ee
Fixed Settings not working in offline dev locally (#20246)
ref
https://forum.ghost.org/t/access-settings-of-local-ghost-install-when-offline/47590

- Fixed a React Query configuration that would only load Settings when
you're connected to the internet.
- Setting `networkMode: 'always'`, ensures that queries are executed
regardless of the network status, bypassing any checks for internet
connectivity.
2024-05-23 10:58:14 +00:00
Daniel Lockyer
4a02938774 Reverted "Enabled includeLocalVariables option in Sentry"
refs https://app.incident.io/ghost/incidents/73
refs https://blog.sentry.io/local-variables-for-nodejs-in-sentry/

- this reverts commit cc76fda3e8
- it turns out that enabling this causes the entire program to pause
  whilst it collects local variables
- this was only added to aid with debugging, so it's not critical to
  have and can be disabled
2024-05-23 12:04:10 +02:00
Peter Zimon
d9390d2262
Improve discoverability of unsaved settings (#20153)
DES-195

The purpose of this change is to (1) reduce the overwhelming use of green on the settings UI in general and (2) to make unsaved sections more focused and discoverable and focused when trying to quit Settings without saving so that it's easier to find.

---------

Co-authored-by: Daniël van der Winden <danielvanderwinden@ghost.org>
2024-05-23 10:20:27 +02:00
Peter Zimon
277e169f7b
Fixed static copy in newsletter preview (#20238)
DES-342

A static site title ("The Local Host") was displayed in the newsletter
preview instead of the actual site title. Also, moved over the "Support
independent publishing" button to design tab in newsletter settings.
2024-05-22 11:14:28 +00:00
Peter Zimon
184457b33f
Fixed tooltip for scheduled posts in postlist (#20237)
DES-194

The tooltip of scheduled posts always showed subscribers even if it was
not sent as a newsletter.
2024-05-22 09:02:53 +00:00
Peter Zimon
fb44c2393c
Fixed schedule date formatting (#20236)
DES-355

There's been an orphan in the schedule toast notification and the date
format was non-standard.
2024-05-22 08:29:03 +00:00
Peter Zimon
8bc035ccb7
Update twitter.com to x.com (#20234)
DES-351

There's a frontend validation in Settings that rewrites the Twitter (X)
URL in social accounts to match the format: twitter.com. As of May 17, X
officially changed their domain to x.com so this validation is outdated.

---------

Co-authored-by: Ronald Langeveld <hi@ronaldlangeveld.com>
2024-05-22 10:00:13 +02:00
renovate[bot]
ad48d8eb25 Update sentry-javascript monorepo to v7.116.0 2024-05-21 14:24:23 +01:00
Peter Zimon
0c2f59e0a8
Update post/page status change copy (#20233)
DES-354

Minor copy improvements when a post or page changes status. E.g. instead
of "Updated" show "Post updated"
2024-05-21 15:08:55 +02:00
Peter Zimon
5bb945e89b
What's new popup (#20112)
DES-192

We often hear that people are not aware of the new features we ship.
Ways in which people can find out are social media/changelog/dashboard –
all of these are easy to miss. We'd like to introduce a template for a
simple notification in the sidebar that can be used any time a new and noteworthy feature has
shipped. The purpose of this is simply to notify and will
disappear forever after it's been dismissed.
2024-05-21 12:36:28 +02:00
renovate[bot]
f01e06153f Update dependency i18next to v23.11.5 2024-05-20 21:41:46 +00:00
Steve Larson
9d9a421b54
Added a column disallow list in the content API posts serializer (#20207)
ref https://linear.app/tryghost/issue/CFR-29
- Removed the mobiledoc and lexical columns from the posts input
serializer, meaning they will no longer be queried for.

Get helpers are essentially a gateway to the Content API. We already
strip out the mobiledoc and lexical fields in the output
serializer/returned response, but this means we're passing the mobiledoc
and lexical fields back from the db. This is pointless and these fields
are substantial in size - by far the largest fields in the whole ghost
db - leading to slowed performance.

I've updated the posts input serializer to strip out the lexical and mobiledoc
columns so we stop doing a `select *` with every query.
2024-05-20 08:25:20 -05:00
Ronald Langeveld
e5056d8d9d
🐛 Fixed External Image URLs being incorrectly prefixed (#20226)
ref ENG-824

- the bug is causing resize prefixes being added to images served from
outside of Ghost.
- this now would only append the prefex to images served by Ghost and
other images urls' would get served as is.
- we can determine that by checking whether imageName doesn't exist,
meaning the source is a third party.
- this mostly affect edge case users, eg where a feature image url was
passed in via the API and doesn't get served by Ghost.
2024-05-20 18:06:03 +08:00
renovate[bot]
a4dc6c5cf6 Update dependency i18next-parser to v8.13.0 2024-05-20 10:40:32 +01:00
renovate[bot]
54bd9a1ab4 Update benchmark-action/github-action-benchmark action to v1.20.3 2024-05-20 10:39:02 +01:00
renovate[bot]
7f4da080a2 Update dependency html-validate to v8.19.0 2024-05-20 10:37:52 +01:00
Ronald Langeveld
9a60254cd2
🐛 Fixed redundant member data loading for static assets (#20031)
refs CFR-21

Reorganised middleware execution so that member data is not redundantly loaded for static assets or the sitemap.

---------

Co-authored-by: Michael Barrett <mike@ghost.org>
2024-05-20 13:55:45 +08:00
Ghost CI
589793f0c5 v5.82.11 2024-05-17 16:04:53 +00:00
Sanne de Vries
c157619e3e
Fixed error message of the date-time-picker not breaking onto next line (#20221)
REF DES-261

- Also updated error message copy of both the date-time-picker and the
date-picker to be friendlier.
2024-05-16 14:59:07 +00:00
renovate[bot]
239b5b6369
🐛 Fixed certain snippets not inserting correctly (#20129)
ref https://linear.app/tryghost/issue/ONC-26/support-escalation-template-bug
ref https://github.com/TryGhost/Ghost/issues/18948

- bumps `@tryghost/koenig-lexical` to version that doesn't crash during snippet insertion when last node doesn't match expectations for inserting a trailing paragraph
- bumps all Koenig packages to ensure internal dependencies are pinned to prevent potential issues from mixed versions caused by yarn resolution
2024-05-16 11:39:03 +00:00
Fabien O'Carroll
fd8bbeebcf Added support for GET /inbox/:owner
ref https://linear.app/tryghost/issue/MOM-127

We're gonna want auth & filtering on this long term, but for now whilst in
development it's fine as is.
2024-05-16 17:22:45 +07:00
Fabien O'Carroll
a70afcd117 Fixed reconstruction of Activity from JSONLD
The use of Article and Actor in Activity meant that we got way more data in the
JSONLD representation, but it wasn't be picked up when reconstructing from data
over the wire. This makes sure that we can recreate the object from the JSONLD.
2024-05-16 16:39:25 +07:00
Fabien O'Carroll
17fe2395bd Fixed bug with converting URI to value
Subdomains weren't working because of the missing trailing slash
2024-05-16 16:39:25 +07:00