Commit Graph

3921 Commits

Author SHA1 Message Date
renovate[bot]
1bc6148e28
Update dependency supertest to v6.2.4 2022-07-04 17:30:52 +00:00
renovate[bot]
f24dfb409d
Update dependency eslint to v8.19.0 2022-07-04 02:12:22 +00:00
renovate[bot]
d73d9079cd Update dependency cssnano to v5.1.12 2022-07-01 07:00:33 -04:00
Renovate Bot
28eedce347 Update dependency jwks-rsa to v2.1.4 2022-07-01 07:00:03 -04:00
renovate[bot]
e7e987f298 Update dependency cli-progress to v3.11.2 2022-07-01 06:59:22 -04:00
renovate[bot]
a470ab22b8 Update dependency @playwright/test to v1.23.1 2022-07-01 06:59:08 -04:00
renovate[bot]
5bbfca01ea
Update dependency nock to v13.2.8 2022-06-30 21:27:59 +00:00
renovate[bot]
d8a27c78f5
Update metascraper to v5.29.14 2022-06-30 12:13:11 +00:00
renovate[bot]
464f4b6769
Update metascraper to v5.29.13 2022-06-29 18:09:52 +00:00
renovate[bot]
15294f4056
Update dependency metascraper to v5.29.12 2022-06-27 13:46:05 +00:00
renovate[bot]
630149e9c6
Update metascraper to v5.29.11 2022-06-21 11:45:54 +00:00
renovate[bot]
148bb7b506
Update metascraper to v5.29.10 2022-06-20 00:39:07 +00:00
renovate[bot]
b46e7deae5
Update dependency eslint to v8.18.0 2022-06-17 22:05:10 +00:00
Renovate Bot
e53bd0bfd5
Update dependency nock to v13.2.7 2022-06-15 03:00:51 +00:00
Daniel Lockyer
bf264c15e5 v5.2.3 2022-06-15 03:59:47 +01:00
Renovate Bot
4c16cb9624
Update Test & linting packages 2022-06-06 03:00:14 +00:00
Daniel Lockyer
c6dabf13a3 v5.2.2 2022-06-03 17:50:37 +01:00
Matt Hanley
2ecb4acc85 Updated gscan 2022-06-03 16:09:34 +01:00
Naz
cb24a0d3f0 Fixed webhook snapshot test error output
refs https://github.com/TryGhost/Toolbox/issues/320

- When the snapshot test failed a misleading error was showing up. The bump fixed that bug.
2022-06-03 11:57:39 +08:00
Naz
c30a8b82d1 Added webhooks tests to test:e2e command
refs https://github.com/TryGhost/Toolbox/issues/320

- Webhook tests are becoming a special type of tests and needed their own "home" to live in. Adding them to be a part of the e2e test command, so they are run the same way as the rest of e2e test suites
2022-06-03 11:57:39 +08:00
Naz
c7e833545b Extracted webhook mock receiver into a package
refs https://github.com/TryGhost/Toolbox/issues/320

- Following the rule of having minimum code changes in the Ghost core codebase. This module belongs to "framework" along with other testing tools anyway.
- The bump includes a noteworthy changes - the "snapshotManager" was extracted into a separate exposed property of express-test API (maybe should be even it's own separate concept eventually, for now exposing it was enough). "snapshotManager" had to be exposed to be able to pass it to the webhook mock receiver - to use same instance configured with mocha hooks. snapshotManager has to be a singleton in the system to configure snapshots correctly through mochaHooks.
2022-06-03 11:57:39 +08:00
Daniel Lockyer
fbcdacbd83 v5.2.1 2022-06-02 12:34:53 +01:00
Daniel Lockyer
a6efdbf1db v5.2.0 2022-06-01 16:28:51 +01:00
Matt Hanley
54d88cf689 Updated packages 2022-06-01 16:07:14 +01:00
Fabien 'egg' O'Carroll
6c455dc1f2
🐛 Fixed Stripe Checkout for Members w/ existing subscriptions (#14953)
refs https://github.com/TryGhost/Team/issues/1526

This adds a check for existing subscriptions for a member associated with the
email addressed used for Stripe Checkout, if any are found the Checkout Session
creation fails and responds with a 403.

We've also updated the error handling for the create-stripe-checkout-session
endpoint so that it follows the existing Ghost API patterns.
2022-06-01 15:53:05 +01:00
Renovate Bot
4feb5873b6
Update dependency express-jwt to v7.7.5 2022-05-31 21:02:21 +00:00
Renovate Bot
4ddba47b00
Update dependency express-jwt to v7.7.3 2022-05-30 18:31:17 +00:00
Renovate Bot
367ad86e24
Update dependency knex-migrator to v4.2.11 2022-05-30 15:39:08 +00:00
Daniel Lockyer
438526641b v5.1.1 2022-05-30 13:54:29 +01:00
Renovate Bot
8c601a411f
Update metascraper 2022-05-30 01:34:06 +00:00
Daniel Lockyer
302c257560 v5.1.0 2022-05-27 16:10:20 +01:00
Simon Backx
a051ab3b69
🎨 Reduced favicon requirements and added image formatting (#14918)
fixes https://github.com/TryGhost/Team/issues/1652
fixes https://github.com/TryGhost/Ghost/issues/13319

**Image formatting**
Added support for changing the format of images via the `handle-image-sizes` middleware (e.g. format SVG to png, jpeg, webp)

This change was required:
- Not all browsers support SVG favicons, so we need to convert them to PNGs
- We can't fit image resizing and formatting in the `serve-favicon` middleware: we need to store the resized image to avoid resizing on every request. This system was already present in the `handle-image-sizes` middleware.

To format an uploaded image:
- Original URL: https://localhost/blog/content/images/2022/05/giphy.gif
- To resize: https://localhost/blog/content/images/size/w256h256/2022/05/giphy.gif (already supported)
- To resize and format to webp: https://localhost/blog/content/images/size/w256h256/format/webp/2022/05/giphy.gif
- Animations are preserved when converting Gifs to Webp and in reverse, and also when only resizing (https://github.com/TryGhost/Ghost/issues/13319)

**Favicons**
- Custom favicons are no longer served via `/favicon.png` or `/favicon.ico` (only for default favicon), but use their full path
- Added support for uploading more image extensions in Ghost as a favicon: .jpg, .jpeg, .gif, .webp and .svg are now supported (already supported .png and .ico).
- File extensions other than jpg/jpeg, png, or ico will always get transformed to the image/png format to guarantee browser support (webp and svg images are not yet supported as favicons by all browsers).

For all image formats, other than .ico files:
- Allowed to upload images larger than 1000px in width and height, they will get cropped to 256x256px.
- Allowed uploading favicons that are not square. They will get cropped automatically.
- Allowed to upload larger files, up to 20MB (will get served at a lower file size after being resized)

For .svg files:
- The minimum size of 60x60px is no longer required.

For .ico files:
- The file size limit is increased to 200kb (coming from 100kb)
2022-05-27 16:36:53 +02:00
Hannah Wolfe
f805f1637c
🐛 Fixed reading time for RTL languages
closes: https://github.com/TryGhost/Ghost/issues/14365
closes: https://github.com/TryGhost/SDK/issues/366
closes: https://github.com/TryGhost/SDK/issues/389
refs: https://github.com/TryGhost/SDK/pull/431

- our word count helper has been updated to handle RTL languages
- this should also fix the reading time as it uses the same underlying function

Co-authored-by: Emmanuel-Melon <emmanuelgatwech@gmail.com>
2022-05-27 15:15:29 +01:00
Hannah Wolfe
558f2b3d0d
🐛 Fixed gscan not detecting issues in folders
refs: https://forum.ghost.org/t/gscan-not-picking-up-some-products-incompatibilities-for-5-0/30394/4
closes: https://github.com/TryGhost/Team/issues/1653

- gscan wasn't running the new linter-based rules on anything in a folder
2022-05-27 12:52:09 +01:00
Renovate Bot
8ed2af7c3f
Update dependency knex to v2.1.0 2022-05-26 16:37:11 +00:00
Matt Hanley
2a84712d85 Merged v5.0.2 into main
v5.0.2
2022-05-26 15:24:09 +01:00
Daniel Lockyer
68b563e5be v5.0.2 2022-05-26 15:17:25 +01:00
Simon Backx
ad349bb3a5
Removed GA feature flags (#14915)
refs https://github.com/TryGhost/Team/issues/1616

- Removed all GA feature flags
- Removed `tweetGridCard` alpha flag
- Changes to `members-api` and `members-importer` packages: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%408.1.1...%40tryghost/members-api%408.1.2
2022-05-26 09:54:30 +02:00
Renovate Bot
0545c9d194 Update metascraper to v5.29.6 2022-05-25 18:47:00 +00:00
Daniel Lockyer
f7496880f0 v5.0.1 2022-05-24 18:21:41 +01:00
Hannah Wolfe
a2cab6bdde
Update dependency gscan to v4.39.0 2022-05-24 17:39:47 +01:00
Matt Hanley
46307f8a03 Fixed typo in API version email notifications 2022-05-24 17:05:11 +01:00
Renovate Bot
ffb8b36fc8 Update dependency @playwright/test to v1.22.2 2022-05-24 08:37:44 +01:00
Renovate Bot
c590a9c29c Update dependency cssnano to v5.1.9 2022-05-24 08:37:35 +01:00
Naz
fcc9daf549 🐛 Fixed signing key mismatching in members JWT/JWKS
refs https://github.com/TryGhost/Team/issues/1640

- Some the clien libraries were not able to match the signin key to verify JWT when using `GET /members/.well-knonw/jwks.json` endpoint for member token verification. This issue was due to missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
2022-05-24 11:45:20 +08:00
Daniel Lockyer
c001865e7c v5.0.0 2022-05-23 13:20:53 +01:00
Renovate Bot
96956c5931
Update dependency eslint to v8.16.0 2022-05-20 23:47:22 +00:00
Renovate Bot
e8a986c61b Update dependency gscan to v4.29.2 2022-05-20 13:16:47 +01:00
Renovate Bot
180be2c0ee Update dependency postcss to v8.4.14 2022-05-20 13:07:20 +01:00
Renovate Bot
70a1b7462c Update dependency jwks-rsa to v2.1.3 2022-05-20 13:07:08 +01:00
Simon Backx
419fa24f27
Fixed bulk unsubscribe counts (#14871)
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029

- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
2022-05-20 13:40:55 +02:00
Renovate Bot
5975740d69
Update dependency express-jwt to v7.7.2 2022-05-19 16:27:29 +00:00
Simon Backx
def8f83894
Fixed missing products in members export (#14867)
refs https://github.com/TryGhost/Team/issues/1642

- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?)  package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
2022-05-19 18:26:29 +02:00
Matt Hanley
309f17fd69 Fixed missing subscription deltas for reactivated subscriptions 2022-05-19 17:21:24 +01:00
Renovate Bot
7501407c4c Update dependency gscan to v4.29.1 2022-05-19 16:56:43 +01:00
Rishabh Garg
d90add9cd5
Fixed failing checkout session creation for offers (#14855)
- checkout session creation was failing when setup with `offerId` instead of `tierId` and `cadence`
- updates `members-api` to ignore cadence check to allow creation using `offerId` present in request
2022-05-18 15:10:07 +05:30
Renovate Bot
0d8ddd3c5e Update dependency cli-progress to v3.11.1 2022-05-18 10:03:30 +01:00
Renovate Bot
efc67b1783 Update dependency @playwright/test to v1.22.1 2022-05-17 15:55:31 +01:00
Matt Hanley
236d07c90a
Added CLI command structure (#14821)
Added CLI commands for REPL and timetravel functionality

- Added TimeTravel command for updating test data with a date offset
- Added REPL command for access to models and knex in development
- Added pattern for creating new CLI commands, including
  - User input
  - Output
  - Validation of `NODE_ENV`
- TimeTravel command is in the main Ghost repo because it requires the schema
2022-05-17 15:40:12 +01:00
Daniel Lockyer
5cd9d97a07
Updated @tryghost packages
- these packages contain small code changes or dependency updates that
  we've been forced to publish because of Lerna
2022-05-17 09:17:11 +01:00
Hannah Wolfe
8ec8a21b71
Renamed "client" references to "admin"
refs: https://github.com/TryGhost/Toolbox/issues/299

- renamed lots of things that reference Ghost admin as "client"
- these things make even less sense in a post core/client world
2022-05-17 09:05:44 +01:00
Renovate Bot
bfc2ddec84 Update dependency knex-migrator to v4.2.10 2022-05-17 08:41:25 +01:00
Hannah Wolfe
64fd6f21fa
Renamed core/client to core/admin (#14837)
closes: https://github.com/TryGhost/Toolbox/issues/299

- core/client doesn't really make sense any more now that we don't have just a client and server folder
- this folder contains ghost admin, so admin makes waaaay more sense
2022-05-17 08:27:13 +01:00
Renovate Bot
68512147f0 Update dependency cssnano to v5.1.8 2022-05-17 07:55:58 +01:00
Renovate Bot
d8e9cbf9db
Update dependency c8 to v7.11.3 2022-05-17 00:26:57 +00:00
Fabien 'egg' O'Carroll
d9e6dfe97e
Updated Tiers API data structure (#14795)
refs https://github.com/TryGhost/Team/issues/1575

- Updates the admin-api-schema to reflect new data structure
- Updates members-api to allow Portal to use new data structure
- Data is only mapped at the serialised level to avoid changing the underlying implementation
- Ensure only one version of domain-events present in yarn.lock
2022-05-16 19:47:18 +01:00
Hannah Wolfe
12aff14dff Removed oauth experiment
refs: https://github.com/TryGhost/Team/issues/1625

- this didn't work the way we wanted to
- removing this will free up the namespaces to start over
2022-05-16 17:37:13 +01:00
Renovate Bot
55c065df62 Update dependency @tryghost/color-utils to v0.1.17 2022-05-16 09:40:55 +01:00
Renovate Bot
a2c5993625 Update dependency @tryghost/helpers to v1.1.68 2022-05-16 09:40:46 +01:00
Hannah Wolfe
f73a84abac Update dependency html-to-text to v8
refs: https://github.com/TryGhost/Ghost/pull/13035
refs: https://github.com/TryGhost/Team/issues/1609

- Upgraded to the latest html-to-text
- Matched the options to what we had as close as we can
- The output changes slightly, but in most cases those are bugfixes
- We are going to tune this output more soon, so accept the changes for now
2022-05-16 09:38:16 +01:00
Naz
f83ceb80d6 Removed need for redundant "strip" attribute in schemas
refs https://github.com/TryGhost/Toolbox/issues/314

- Writing schema definitions will become more concise without a need to specify all valid resource properties that could be accepted by the Admin API - no need to define "strip" attribute on every known
2022-05-16 15:44:25 +08:00
Naz
3e1d206d84 Added gscan check for {{@member.products}} helper
refs https://github.com/TryGhost/Toolbox/issues/329

- Adds and improves gscan checks for use of following helpers:
  - @labs.members
  - @member.products
  - @price

@labs.members going in favour @site.members_enabled

@member.products gone in favour of @member.subscriptions

@price and it's variations gone in favour of {{price}} + {{@member.subscriptions}}
2022-05-16 13:27:22 +08:00
Renovate Bot
0c7cf97615
Update dependency glob to v8.0.3 2022-05-13 23:55:59 +00:00
Renovate Bot
0d71521b3c
Update dependency express-jwt to v7.7.1 2022-05-13 17:31:50 +00:00
Renovate Bot
0f01aa6eea Update dependency @playwright/test to v1.22.0 2022-05-13 12:21:23 +01:00
Renovate Bot
f69fb3214b Update dependency eslint-plugin-ghost to v2.14.0 2022-05-13 09:29:19 +00:00
Renovate Bot
d3f29e53de Update dependency glob to v8.0.2 2022-05-13 08:00:26 +00:00
Daniel Lockyer
1e456f7e87
Updated all @tryghost packages
- these packages have had minor code changes or dependency updates but
  needed to be published to please Lerna
2022-05-12 16:50:18 +01:00
Renovate Bot
bfb7cecc8c Update dependency express-session to v1.17.3 2022-05-12 16:45:31 +01:00
Renovate Bot
a364fc3980 Update dependency jwks-rsa to v2.1.2 2022-05-12 16:45:21 +01:00
Rishabh Garg
f321ff2760
Fixed tier monthly/yearly price admin api schema (#14805)
- schema now allows null values for tier prices
2022-05-12 20:22:26 +05:30
Simon Backx
3214186f98
Improved newsletter limit checking (#14780)
refs https://github.com/TryGhost/Team/issues/1583

- Check limits when unarchiving newsletters
- Added tests for more scenarios
- When editing/adding newsletters, the limit check happens in the same transaction.
- `limit-service` was bumped to add transactions support
- Added transaction support for edit in newsletter service
2022-05-12 14:28:45 +02:00
Naz
9236b8a397 Relaxed validation rules + removed unknown properties
refs https://github.com/TryGhost/Toolbox/issues/314

- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
2022-05-12 18:06:38 +08:00
Matt Hanley
371f9996f5
Fixed filter mapping from subscribed to newsletters for bulk operations (#14787)
closes https://github.com/TryGhost/Team/issues/1606

- Fixed filter mapping from subscribed to newsletters for bulk operations
- Updated members-api package
2022-05-12 10:54:20 +01:00
Naz
d3f432f745 🔥 Removed versioning from json schema validation
refs https://github.com/TryGhost/Toolbox/issues/314

- With versioned API concept being dropped there's no need to rely on a specific version in validations either!
2022-05-12 16:08:23 +08:00
Hannah Wolfe
b29852b012
🔥 Removed support for http/https mixed mode (#14783)
closes: https://github.com/TryGhost/Toolbox/issues/324
refs: https://github.com/TryGhost/Ghost/issues/14446

- Currently, if url is configured to http but a request is marked secure, Ghost will handle upgrading all internal URLs to https so that there are no mixed content warnings
- From 5.0 that feature is going away, in favour of strictly honouring the configured URL
- Ghost will serve URLs exactly as configured and won't upgrade http to https anymore
- This use case was common when Ghost was first built, but in 2022 the web is mostly https.
- The code needed to support the feature creates a lot of additional complexity & maintenance overhead, so removing this gives us space to do more cool and useful stuff in 2022
2022-05-11 14:53:23 +01:00
Rishabh
7ab00c8eda Updated admin api schema for tiers
- added `id` and `description` to tiers schema
- added `tiers` column to members schema
2022-05-11 16:14:10 +05:30
Naz
f10f224668 Improved version mismatch notification email copy
refs https://github.com/TryGhost/Toolbox/issues/292

- Copy improvements were done base on feedback. Makes the information in the email more concise and removes unecessary/unsecure bits like query strings.
2022-05-11 10:53:42 +08:00
Renovate Bot
c0d82122b0 Update dependency grunt to v1.5.3 2022-05-10 14:57:10 +00:00
Naz
6934595053 Added Integration Name in version mismatch emails
refs https://github.com/TryGhost/Toolbox/issues/292

- Providing user-defined Integration name instead of API client's UserAgent gives a lot more control to instance administrators identifying which integration is being used incorrectly.
- It's best practice to create an Integration with a set of API keys per API client - which should be enough to identify an outdated one.
2022-05-10 17:55:18 +08:00
Simon Backx
fb60a0199c
Fixed editing members throwing when setting avatar_image (#14751)
refs https://ghost.slack.com/archives/C02G9E68C/p1652126859737159?thread_ts=1652126765.251419&cid=C02G9E68C

When you try to edit a member in the admin frontend, the `avatar_image` property is passed. But that field is not editable and should be ignored. Currently an error is thrown, but this update from `admin-api-schema` adds it as a skipped property to remove this error.
2022-05-10 10:00:27 +02:00
Renovate Bot
c753d61be6
Update dependency sinon to v14 2022-05-09 19:14:13 +00:00
Naz
b2db80c9fe Fixed missing failed request URL if version emails
refs https://github.com/TryGhost/Toolbox/issues/292

- The version mismatch notification emails were missing a URL of the endpoint that was being accessed by an outdated integraton
- Also squeezed in a refactor simplifying APIVersionCompatibilityService initialization
2022-05-09 20:11:25 +08:00
Simon Backx
21d9d20e3e
Included newsletter relation by default in posts (#14723)
refs https://github.com/TryGhost/Team/issues/1569

**Changes in admin-api-schema:**
- https://github.com/TryGhost/SDK/compare/%40tryghost/admin-api-schema%402.14.1...%40tryghost/admin-api-schema%402.15.0
- Ignore `newsletter` when used in input

**Changes**
- Added the `newsletter` relation as a default include for posts
- Removed the newsletter_id from the API output

**Tests**
- Test the newsletter relation is always loaded for browse, read, add and edit, unless the include option is added explicitly

Co-authored-by: Matt Hanley <git@matthanley.co.uk>
2022-05-09 11:06:59 +02:00
Renovate Bot
7d951f96f0 Update dependency jwks-rsa to v2.1.1 2022-05-09 08:37:13 +01:00
Renovate Bot
f5d4174e0d
Update dependency luxon to v2.4.0 2022-05-09 03:40:41 +00:00
Renovate Bot
b3c6801352
Update dependency eslint to v8.15.0 2022-05-09 00:38:13 +00:00
renovate[bot]
abd90be910
Update dependency @tryghost/mw-error-handler to v1 (#14719)
- Replaced usage of handleJSONResponseV2 with the newly renamed handleJSONResponse

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-07 15:28:28 +01:00
Renovate Bot
fb017d496e
Update dependency express-jwt to v7.7.0 2022-05-06 17:28:38 +00:00
Renovate Bot
4019964b15
Update dependency knex-migrator to v4.2.9 2022-05-06 16:54:08 +00:00