Sirichai Chulee
58ca6f3d95
Updated uuid to crypto.randomUUID() ( #20821 )
...
The uuid package README suggests using the node builtin `crypto` library if
we're only using uuid.v4, which we are.
2024-09-12 09:09:30 +07:00
renovate[bot]
60a3b5a913
Update TryGhost packages
2024-05-01 08:49:04 +02:00
renovate[bot]
057d9599f5
Update TryGhost packages
2023-10-31 20:54:17 +01:00
Daniel Lockyer
85098e07d4
Configured all unit tests to use dot reporter
...
refs https://ghost.slack.com/archives/C02G9E68C/p1696490748701419
- this configures mocha to use the dot reporter because the default is
way too verbose in CI
2023-10-05 12:24:24 +02:00
renovate[bot]
7ffb3206a8
Update dependency uuid to v9.0.1
2023-09-12 12:29:51 +02:00
Daniel Lockyer
c6cb35074a
Updated linting and testing packages
2023-09-01 15:51:17 +02:00
renovate[bot]
7dce046786
Update Test & linting packages
2023-07-11 15:26:07 +02:00
Hannah Wolfe
b80b90229f
Added consistent linting pattern to all packages
...
refs: https://github.com/TryGhost/Toolbox/issues/188
- some of our older packages used a pattern for linting which missed using test config for linting tests
- we need this to be consistent so that we can add more eslint rules for testing
- two packages also didn't use the lib pattern, which made the lint pattern error - so this was fixed as well
2023-06-13 10:43:29 +01:00
renovate[bot]
07545541a8
Update @tryghost
2023-04-07 13:47:12 +02:00
renovate[bot]
83373e1751
Update Test & linting packages
2023-04-05 15:16:08 +02:00
renovate[bot]
2223db5379
Update Test & linting packages
2023-03-13 02:36:20 +00:00
renovate[bot]
b93b38a8e8
Update @tryghost
2023-03-10 09:52:02 +01:00
Daniel Lockyer
6b1966ad9b
Updated sinon
dependency
...
- this is being done manually instead of merging the Renovate PR because
the PR bundles another bump which doesn't pass yet
2023-03-02 12:43:42 +01:00
renovate[bot]
cf7ecb492c
Update dependency c8 to v7.13.0
2023-02-16 22:15:50 +00:00
Daniel Lockyer
6f4e663d74
Updated @tryghost dependencies ( #16005 )
...
- also includes `knex-migrator` with a simple `sqlite3` bump
2022-12-14 11:18:55 +07:00
renovate[bot]
13abcf6c9d
Update dependency mocha to v10.2.0
2022-12-12 13:20:22 +00:00
renovate[bot]
8fa9f1e7e6
Update Test & linting packages
2022-11-07 20:39:48 +00:00
renovate[bot]
e9587e02d0
Update dependency mocha to v10.1.0
2022-10-17 08:41:28 +00:00
renovate[bot]
2c2ee81adb
Update Test & linting packages
2022-10-05 00:36:08 +00:00
renovate[bot]
3d4c97f8c7
Updated @tryghost dependencies ( #15349 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-08 18:32:13 +01:00
Simon Backx
4534b693e4
Added test that validates output HTML of email template ( #15365 )
...
refs https://github.com/TryGhost/Team/issues/1871
This commit adds a test to the serialize method of `post-emaiserializer`. It checks whether the generated email HTML is valid and standard HTML5 and that all properties are escaped.
To do this validation, I depend on the new `html-validate` dev dependency. Just parsing the HTML with a HTML parser is not enough to guarantee that the HTML is okay.
Apart from that this fixes:
- Removed the sanitizeHTML method and replaced it with normal HTML escaping. We don't want to allow any HTML in the escaped fields. Whereas `sanitizeHTML` still allows valid HTML, but we don't want that and want the same behaviour as on the site. E.g., a post with a title `All your need to know about the <br /> tag` should actually render the same title and non-html content, being `All your need to know about the <br /> tag`
- The file, nft and audio card didn't (always) escape the injected HTML fields (new version @tryghost/kg-default-cards)
- `@tryghost/string` is bumped because it contains the new escapeHtml method
2022-09-08 10:11:01 +02:00
renovate[bot]
5812e491d2
Update dependency uuid to v9
2022-09-07 13:06:48 +01:00
Daniel Lockyer
f51226e5fb
Organized package dependencies
...
- cleaned up unused dependencies
- adds missing dependencies that are used in the code
- this should help us be more explicit about the dependencies a package
uses
2022-08-18 11:55:49 +02:00
Daniel Lockyer
ae336f19cd
Protected against missing NODE_ENV variable
...
- in the event NODE_ENV isn't set, this would throw an error because
`startsWith` is a function call on `undefined`
2022-08-18 08:34:53 +02:00
Daniel Lockyer
54aa9f016b
Fixed full Admin test suite running during unit tests
...
- because of how the npm scripts were set up, we were running the full
Admin integration tests during the unit tests phase of CI
- this commit renames the majority of `test` to `test:unit` in the
package.json files, and aliases `test` to `test:unit`
- special packages like Admin have no-op'd `test:unit` scripts so we
don't end up running its tests
2022-08-15 15:34:52 +02:00
Daniel Lockyer
0a68ea88fb
Reduced number of hashing rounds during tests
...
- one of the reasons our tests are so slow is because we're running 10
rounds of bcrypt hashing on shared hardware, nearly 300 times during
the database tests
- we don't particularly care about password hash strength during tests
so this commit reduces the number of rounds to 1 if we're running in a
test environment
- this drops the time to produce an individual hash from ~140ms to ~3ms,
saving us a lot of time overall
2022-08-15 12:38:42 +02:00
Daniel Lockyer
a0dca653e7
Updated @tryghost/*
packages
...
- these were all published from the SDK repo
2022-08-05 13:30:50 +02:00
Vikas Potluri
bcafb84c44
refactored security.string to be more readable ( #15127 )
...
refs #15126
- Logic can be simplified
- Add JSDoc types
2022-08-02 12:49:17 +01:00
Vikas Potluri
59f4570ee7
refactored security.password to use native bcrypt promises ( #15126 )
...
refs: https://github.com/TryGhost/Ghost/issues/14882
* refactored security.password to use native bcrypt promises
* refactored security.string to use more modern es features
2022-08-01 16:21:19 +01:00
renovate[bot]
679634342a
Pinned dependencies ( #15100 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-07-26 16:06:00 +02:00
Daniel Lockyer
08abfcafd1
Remove linting as posttest step
...
- linting is handled separately (in CI and locally, as it's a git
pre-push hook) so we shouldn't also be running it after tests
2022-07-26 15:26:21 +02:00
Daniel Lockyer
0a5f600dfe
Tidied up package README and LICENSE files
...
- we shouldn't need individual LICENSE files because these packages
won't be published, so the top-level one applies
- also cleaned up README files to remove mentions of Lerna monorepos and
install instructions
2022-07-26 15:22:10 +02:00
Daniel Lockyer
255eb0726b
Cleaned up package metadata
...
refs https://github.com/TryGhost/Toolbox/issues/354
- set packages to `private: true`
- removed repository link - these packages won't be published so this
link won't be seen anywhere
- removed `publishConfig`
2022-07-26 15:08:05 +02:00
Daniel Lockyer
5fc7ba59d3
Reset package versions back to 0.0.0
...
refs https://github.com/TryGhost/Toolbox/issues/354
- these packages won't be published from now on, so setting the versions
back to 0.0.0 keeps them clean
2022-07-26 14:57:43 +02:00
Daniel Lockyer
1f9d9b1185
Fixed flaky test
...
- the test wants to assert that the output contains 0-9 a-z characters,
but it actually asserts the output is a number followed by alphabet
characters
- this commit updates the regex to allow any combination of letters and
numbers
2022-07-26 12:51:37 +02:00
Naz
d5e38e6fc7
Published new versions
...
- @tryghost/adapter-manager@0.2.33
- @tryghost/api-version-compatibility-service@0.4.4
- @tryghost/bootstrap-socket@0.2.22
- @tryghost/config-url-helpers@1.0.2
- @tryghost/constants@1.0.7
- @tryghost/database-info@0.3.8
- @tryghost/email-content-generator@0.1.4
- @tryghost/image-transform@1.2.1
- @tryghost/job-manager@0.9.0
- @tryghost/limit-service@1.2.2
- @tryghost/minifier@0.1.17
- @tryghost/moleculer-service-from-class@0.2.28
- @tryghost/mw-api-version-mismatch@0.2.3
- @tryghost/mw-error-handler@1.0.5
- @tryghost/mw-session-from-token@0.1.34
- @tryghost/mw-update-user-last-seen@0.1.8
- @tryghost/package-json@1.0.23
- @tryghost/pretty-cli@1.2.29
- @tryghost/promise@0.1.20
- @tryghost/release-utils@0.8.1
- @tryghost/security@0.3.3
- @tryghost/session-service@0.1.44
- @tryghost/settings-path-manager@0.1.9
- @tryghost/version-notifications-data-service@0.2.2
- @tryghost/vhost-middleware@1.0.28
- @tryghost/zip@1.1.27
2022-07-22 16:46:56 +01:00
renovate[bot]
11d0ab9605
Update dependency c8 to v7.12.0
2022-07-19 18:33:27 +00:00
Daniel Lockyer
d8af7189e7
Published new versions
...
- @tryghost/adapter-manager@0.2.32
- @tryghost/api-version-compatibility-service@0.4.2
- @tryghost/bootstrap-socket@0.2.21
- @tryghost/config-url-helpers@1.0.1
- @tryghost/constants@1.0.6
- @tryghost/database-info@0.3.6
- @tryghost/email-content-generator@0.1.3
- @tryghost/image-transform@1.0.33
- @tryghost/job-manager@0.8.25
- @tryghost/limit-service@1.2.1
- @tryghost/minifier@0.1.16
- @tryghost/moleculer-service-from-class@0.2.27
- @tryghost/mw-api-version-mismatch@0.2.2
- @tryghost/mw-error-handler@1.0.2
- @tryghost/mw-session-from-token@0.1.33
- @tryghost/mw-update-user-last-seen@0.1.7
- @tryghost/package-json@1.0.22
- @tryghost/pretty-cli@1.2.28
- @tryghost/promise@0.1.19
- @tryghost/release-utils@0.8.0
- @tryghost/security@0.3.2
- @tryghost/session-service@0.1.43
- @tryghost/settings-path-manager@0.1.8
- @tryghost/version-notifications-data-service@0.2.1
- @tryghost/vhost-middleware@1.0.26
- @tryghost/zip@1.1.26
2022-05-24 13:06:28 +02:00
Renovate Bot
74ff5d48de
Update dependency c8 to v7.11.3
2022-05-16 04:56:38 +00:00
Naz
c5b8d073d7
Published new versions
...
- @tryghost/adapter-manager@0.2.31
- @tryghost/api-version-compatibility-service@0.3.0
- @tryghost/bootstrap-socket@0.2.20
- @tryghost/config-url-helpers@0.1.8
- @tryghost/constants@1.0.5
- @tryghost/database-info@0.3.5
- @tryghost/email-content-generator@0.1.2
- @tryghost/image-transform@1.0.32
- @tryghost/job-manager@0.8.24
- @tryghost/limit-service@1.1.3
- @tryghost/minifier@0.1.15
- @tryghost/moleculer-service-from-class@0.2.26
- @tryghost/mw-api-version-mismatch@0.1.4
- @tryghost/mw-error-handler@1.0.1
- @tryghost/mw-session-from-token@0.1.32
- @tryghost/mw-update-user-last-seen@0.1.6
- @tryghost/package-json@1.0.21
- @tryghost/pretty-cli@1.2.27
- @tryghost/promise@0.1.18
- @tryghost/release-utils@0.7.15
- @tryghost/security@0.3.1
- @tryghost/session-service@0.1.42
- @tryghost/settings-path-manager@0.1.7
- @tryghost/update-check-service@0.3.4
- @tryghost/version-notifications-data-service@0.1.2
- @tryghost/zip@1.1.25
2022-05-09 18:25:48 +08:00
Renovate Bot
82b83743a7
Update dependency sinon to v14
2022-05-09 00:14:50 +00:00
Hannah Wolfe
7b6b8192e3
Published new versions
...
- @tryghost/mw-error-handler@1.0.0
- @tryghost/security@0.3.0
2022-05-06 15:46:34 +01:00
Hannah Wolfe
3a7613a46e
Added secret.create util to security package
...
- this utility existed twice in the ghost codebase:
- f6fb823ce9/core/server/models/api-key.js (L24)
- f6fb823ce9/core/server/data/migrations/versions/4.0/22-solve-orphaned-webhooks.js (L7)
- We also potentially need it for a second migration use case
- so moved it here, made it slightly more generic and also deprecated identifier.uid in favour of using this method as they do the same thing, but secret.create uses crypto properly
2022-05-06 15:15:40 +01:00
Naz
e5d097fbae
Published new versions
...
- @tryghost/adapter-manager@0.2.30
- @tryghost/api-version-compatibility-service@0.1.2
- @tryghost/bootstrap-socket@0.2.19
- @tryghost/config-url-helpers@0.1.7
- @tryghost/constants@1.0.4
- @tryghost/database-info@0.3.4
- @tryghost/email-content-generator@0.1.0
- @tryghost/image-transform@1.0.31
- @tryghost/job-manager@0.8.23
- @tryghost/limit-service@1.1.1
- @tryghost/minifier@0.1.14
- @tryghost/moleculer-service-from-class@0.2.25
- @tryghost/mw-api-version-mismatch@0.1.2
- @tryghost/mw-error-handler@0.2.3
- @tryghost/mw-session-from-token@0.1.31
- @tryghost/mw-update-user-last-seen@0.1.5
- @tryghost/package-json@1.0.20
- @tryghost/pretty-cli@1.2.26
- @tryghost/promise@0.1.17
- @tryghost/release-utils@0.7.14
- @tryghost/security@0.2.17
- @tryghost/session-service@0.1.41
- @tryghost/settings-path-manager@0.1.6
- @tryghost/update-check-service@0.3.3
- @tryghost/version-notifications-data-service@0.1.1
- @tryghost/vhost-middleware@1.0.25
- @tryghost/zip@1.1.24
2022-05-04 17:21:51 +08:00
Renovate Bot
6f93c82c5a
Update Test & linting packages
2022-05-02 14:01:35 +00:00
Renovate Bot
9589755925
Update Test & linting packages
2022-05-02 13:58:34 +00:00
Naz
014fafbafb
Published new versions
...
- @tryghost/adapter-manager@0.2.29
- @tryghost/api-version-compatibility-service@0.1.0
- @tryghost/bootstrap-socket@0.2.18
- @tryghost/config-url-helpers@0.1.6
- @tryghost/constants@1.0.3
- @tryghost/database-info@0.3.2
- @tryghost/image-transform@1.0.30
- @tryghost/job-manager@0.8.22
- @tryghost/limit-service@1.0.11
- @tryghost/minifier@0.1.13
- @tryghost/moleculer-service-from-class@0.2.24
- @tryghost/mw-api-version-mismatch@0.1.0
- @tryghost/mw-error-handler@0.2.1
- @tryghost/mw-session-from-token@0.1.29
- @tryghost/mw-update-user-last-seen@0.1.4
- @tryghost/package-json@1.0.19
- @tryghost/pretty-cli@1.2.25
- @tryghost/promise@0.1.16
- @tryghost/release-utils@0.7.13
- @tryghost/security@0.2.16
- @tryghost/session-service@0.1.39
- @tryghost/settings-path-manager@0.1.5
- @tryghost/vhost-middleware@1.0.23
- @tryghost/zip@1.1.23
2022-04-21 20:58:17 +08:00
Renovate Bot
430608c9c3
Update dependency c8 to v7.11.2
2022-04-20 18:23:57 +00:00
Daniel Lockyer
3324ffc788
Published new versions
...
- @tryghost/adapter-manager@0.2.28
- @tryghost/bootstrap-socket@0.2.17
- @tryghost/config-url-helpers@0.1.5
- @tryghost/constants@1.0.2
- @tryghost/database-info@0.2.0
- @tryghost/image-transform@1.0.28
- @tryghost/job-manager@0.8.20
- @tryghost/limit-service@1.0.10
- @tryghost/minifier@0.1.11
- @tryghost/moleculer-service-from-class@0.2.23
- @tryghost/mw-error-handler@0.1.3
- @tryghost/mw-session-from-token@0.1.28
- @tryghost/mw-update-user-last-seen@0.1.3
- @tryghost/package-json@1.0.16
- @tryghost/pretty-cli@1.2.24
- @tryghost/promise@0.1.15
- @tryghost/release-utils@0.7.12
- @tryghost/security@0.2.15
- @tryghost/session-service@0.1.38
- @tryghost/settings-path-manager@0.1.4
- @tryghost/vhost-middleware@1.0.22
- @tryghost/zip@1.1.20
2022-03-01 08:40:52 +01:00
Daniel Lockyer
3259994e4f
Added --all
flag to c8 commands
...
refs https://github.com/TryGhost/Toolbox/issues/203
- without `--all`, c8 will ignore files that aren't covered in tests, so
they won't pull the test coverage down
- this means we have artificially high coverage scores
- this commit adds `--all` where previously missing
2022-02-21 12:50:26 +01:00