Commit Graph

1303 Commits

Author SHA1 Message Date
Fabien O'Carroll
4563999352 🐛 Fixed password submission for private blogging
no-issue

This bump to members-ssr includes an update which no longer consumes the
request stream when calling getMemberDataFromSession. Previously, this
method was called on every request to the theme layer, and the
private-blogging middleware was unable to parse the body as the request
stream had already been consumed.
2019-05-06 12:38:38 +02:00
Kevin Ansfield
75ae3f8736 Added parsing of html cards when using ?source=html with the v2 Admin API
no issue

- when sending `html` with `?source=html` to the v2 Admin API it's now possible to include blocks of HTML that will be extracted to html cards rather than going through the normal lossy html-to-mobiledoc conversion

Example usage would be sending HTML in the following format:

```html
<p>Some standard content...</p>

<!--kg-card-begin: html-->
<div class="my-custom-html">...</div>
<!--kg-card-end: html-->

<p>Some more content...</p>
```

In this case an html card will be created in the mobiledoc with the content `<div class="my-custom-html">...</div>`.
2019-05-04 11:30:59 +01:00
Kevin Ansfield
9f9dde3107 Added caption and language extraction for code blocks when converting HTML via API
no issue
- update @tryghost/html-to-mobiledoc to v0.3.0
- uses updated @tryghost/kg-parser-plugins that is now shared with Ghost-Admin
2019-05-03 11:55:38 +01:00
Fabien O'Carroll
66f96d0a37 Updated yarn.lock
no-issue

There was a mismatch between exact version and caret version between
package.json and yarn.lock
2019-05-01 22:13:33 +02:00
Fabien O'Carroll
cade823ba7 🐛 Fixed postinstall script when running on Windows
no-issue

The previous postinstall script used the unix specific `cp` command,
which caused installing on Windows to break. This replaces it with an
npm module which handles copying files agnostic to platform.
2019-05-01 18:09:04 +02:00
Nazar Gargol
17cc70b94b Bumped bookshelf-relations version to 1.1.1 2019-04-30 17:11:40 +02:00
Fabien O'Carroll
5d02d1999c Installed @tryghost/members-theme-bindings@0.1.0
no-issue
2019-04-24 12:46:00 +02:00
Rish
4d0643fb49 🐛 Fixed crash in calculating reading time for empty posts
no issue

- Updated helpers package to fix `null` html cases in case of empty post content
2019-04-17 15:12:01 +05:30
Fabien O'Carroll
f9899cb8c4
Updated theme layer to use members-ssr (#10676)
* Removed support for cookies in members auth middleware

no-issue

The members middleware will no longer be supporting cookies, the cookie
will be handled by a new middleware specific for serverside rendering,
more informations can be found here:

https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5

* Removed members auth middleware from site app

no-issue

The site app no longer needs the members auth middleware as it doesn't
support cookies, and will be replaced by ssr specific middleware.

https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5

* Added comment for session_secret setting

no-issue

We are going to have multiple concepts of sessions, so adding a comment
here to be specific that this is for the Ghost Admin client

* Added theme_session_secret setting dynamic default

no-issue

Sessions for the theme layer will be signed, so we generate a random hex
string to use as a signing key

* Added getPublicConfig method

* Replaced export of httpHandler with POJO apiInstance

no-issue

This is mainly to reduce the public api, so it's easier to document.

* Renamed memberUserObject -> members

no-issue

Simplifies the interface, and is more inline with what we would want to export as an api library.

* Removed use of require options inside members

no-issue

This was too tight of a coupling between Ghost and Members

* Simplified apiInstance definition

no-issue

* Added getMember method to members api

* Added MembersSSR instance to members service

* Wired up routes for members ssr

* Updated members auth middleware to use getPublicConfig

* Removed publicKey static export from members service

* Used real session secret

no-issue

* Added DELETE /members/ssr handler

no-issue

This allows users to log out of the theme layer

* Fixed missing code property

no-issue

Ignition uses the statusCode property to forward status codes to call sites

* Removed superfluous error middleware

no-issue

Before we used generic JWT middleware which would reject, now the
middleware catches it's own error and doesn't error, thus this
middleware is unecessary.

* Removed console.logs

no-issue

* Updated token expirty to hardcoded 20 minutes

no-issue

This returns to our previous state of using short lived tokens, both for
security and simplicity.

* Removed hardcoded default member settings

no-issue

This is no longer needed, as defaults are in default-settings.json

* Removed stripe from default payment processor

no-issue

* Exported `getSiteUrl` method from url utils

no-issue

This keeps inline with newer naming conventions

* Updated how audience access control works

no-issue

Rather than being passed a function, members api now receives an object
which describes which origins have access to which audiences, and how
long those tokens should be allowed to work for. It also allows syntax
for default tokens where audience === origin requesting it. This can be
set to undefined or null to disable this functionality.

{
    "http://site.com": {
        "http://site.com": {
            tokenLength: '5m'
        },
        "http://othersite.com": {
            tokenLength: '1h'
        }
    },
    "*": {
        tokenLength: '30m'
    }
}

* Updated members service to use access control feature

no-issue

This also cleans up a lot of unecessary variable definitions, and some
other minor cleanups.

* Added status code to auth pages html response

no-issue

This was missing, probably default but better to be explicit

* Updated gateway to have membersApiUrl from config

no-issue

Previously we were parsing the url, this was not very safe as we can
have Ghost hosted on a subdomain, and this would have failed.

* Added issuer to public config for members

no-issue

This can be used to request SSR tokens in the client

* Fixed path for gateway bundle

no-issue

* Updated settings model tests

no-issue

* Revert "Removed stripe from default payment processor"

This reverts commit 1d88d9b6d73a10091070bcc1b7f5779d071c7845.

* Revert "Removed hardcoded default member settings"

This reverts commit 9d899048ba7d4b272b9ac65a95a52af66b30914a.

* Installed @tryghost/members-ssr

* Fixed tests for settings model
2019-04-16 16:50:25 +02:00
Rishabh Garg
62f5bdac4c
Updated to use count words/images helpers from SDK (#10686)
refs #10618

- Added @tryghost/helpers dependency to use Ghost-SDK helpers
- Updated countWords, countImages helpers and removed local copy
2019-04-16 08:00:01 +05:30
Fabien O'Carroll
5460de9c58 Updated gscan to 2.5.0
no-issue

This includes a bump to handlebars -> 4.1.2, which fixes a potential RCE
https://github.com/wycats/handlebars.js/blob/v4.1.2/release-notes.md#v412---april-13th-2019
2019-04-15 14:30:37 +02:00
Fabien O'Carroll
0f5ca616b8 Updated express-hbs to 1.1.1
no-issue

This includes a bump to handlebars -> 4.1.2, which fixes a potential RCE
https://github.com/wycats/handlebars.js/blob/v4.1.2/release-notes.md#v412---april-13th-2019
2019-04-15 14:30:37 +02:00
Fabien O'Carroll
3f52c404d4 Removed coverage tasks from Gruntfile
refs #9441
2019-04-08 18:23:35 +02:00
Fabien O'Carroll
c461c66b38 Added support for local template options
no-issue

This bumps express-hbs to 1.1.0 which includes the change for local
template options.

https://github.com/barc/express-hbs/releases/tag/v1.1.0
2019-04-03 11:31:20 +02:00
Nazar Gargol
7d6436f9bf Bumped gscan version to 2.4.0
no issue

- Updated theme fixtures to be in line with new deprecation rules
for {{lang}} and {{@blog.*}} helpers introduced with https://github.com/TryGhost/gscan/pull/180
2019-04-02 13:47:59 +08:00
Fabien O'Carroll
e99db0ee2d Revert "🐛 Fixed AMP output when there is a trailing '$'" (#10642)
This reverts commit 0c77033d51.

See https://github.com/TryGhost/Ghost/issues/10643 for an explanation.
2019-03-27 17:20:21 +00:00
Fabien O'Carroll
0c77033d51 🐛 Fixed AMP output when there is a trailing '$'
closes #9716

This was caused by a bug in express-hbs, which has more explanation
here:
https://github.com/TryGhost/Ghost/issues/9716#issuecomment-414863553
2019-03-26 12:19:30 +08:00
Nazar Gargol
b95547c3a2 Bumped ghost-ignition version to 3.0.4 2019-03-11 12:01:14 +08:00
Nazar Gargol
363d10cc29 Bumped ghost-ignition version to 3.0.3
no issue
2019-03-07 14:29:03 +08:00
Vikas Potluri
42c472feff Removed superagent dependency (#10535)
no issue

- Migrated default scheduling adapter to use Got via the request proxy
- SchedulingDefault is the only module that was using superagent so removed it as a dependency
2019-03-04 15:59:38 +08:00
Nazar Gargol
4db2eb7ce1 Bumped @tryghost/html-to-mobiledoc version
refs #10471
2019-02-25 10:25:56 +07:00
Nazar Gargol
f394eaa7b8 Added optional support for HTML source
closes TryGhost/Ghost-SDK/issues/51

- Due to JSDOM not supporting Node v6 the support for HTML conversion is now optional
2019-02-21 13:27:47 +07:00
Nazar Gargol
4e12b73c8a Bumped and pinned version for @tryghost/html-to-mobiledoc
no issue
2019-02-15 19:07:01 +00:00
Nazar Gargol
9020293e61 Added posibility to accept html as an input source for post
closes #10471

- Allows accepting HTML input for /posts endpoint when `?source=html` is
present in query parameter along with `html` in request payload
2019-02-15 18:58:46 +00:00
Fabien O'Carroll
bdd57b36cf
Moved grunt-eslint to npm script executing eslint (#10474)
refs #9441

* Updated top-level ids to use const
* Removed one layer of indentation
* Added .eslintignore files for server and test tasks
* Added npm scripts for eslint
* Fixed lint command in w/ grunt
* Uninstalled grunt-eslint
* Added eslint config
2019-02-11 13:26:06 +01:00
Nazar Gargol
6e0409d6db Bumped ghost-ignition version
no issue
2019-02-11 12:18:29 +00:00
Fabien O'Carroll
986c6d1f07
Removed minimist dev dependency (#10475)
refs #9441
2019-02-11 13:16:09 +01:00
Kevin Ansfield
aa1b9574ab Updated oembed providers list
no issue
- switch away from forked version of `oembed-parser` - our changes are merged upstream
- latest `oembed-parser` has a newer version of the providers list
2019-02-11 12:13:33 +00:00
Naz Gargol
19643c75dd
Added JSON Schema validation for /posts endpoint (#10468)
refs #10438

- Added  validation helper based on JSON schema
- Added schema validation for POST/PUT in /posts endpoints
- Refactored existing authors validation test suite
- Extended test coverage with a minimally required structure of post.add validator
2019-02-08 10:40:58 +00:00
kirrg001
6616cfe617 Fixed triggering bookshelf event twice
no issue

- bumped bookshelf-relations
- IMO this bug is not critical, because our event listeners should be protected to run twice
2019-02-07 22:10:12 +01:00
Kevin Ansfield
68d73d31b2 Bumped express-hbs dependency
no issue
- express-hbs has been updated to depend on handlebars@4.0.13 which protects against a potential RCE
- Ghost itself was not vulnerable to the RCE due to protection by gscan which does not allow themes using unknown helpers to be installed/activated
2019-02-07 14:16:37 +00:00
Fabien O'Carroll
46bf5270df
Added initial subscription support with stripe to Members API (#10460)
These changes introduce a new "service" to the members api, which handles getting and creating subscriptions.

This is wired up to get subscription information when creating tokens, and attaching information to the token, so that the Content API can allow/deny access. 

Behind the subscription service we have a Stripe "payment processor", this holds the logic for creating subscriptions etc... in Stripe.

The logic for getting items out of stripe uses a hash of the relevant data as the id to search for, this allows us to forgo keeping stripe data in a db, so that this feature can get out quicker.
2019-02-07 10:41:39 +01:00
Fabien O'Carroll
6dc47f2ff2 🐛 Fixed errors for missing sharp install
closes #10421
2019-02-05 10:14:05 +01:00
kirrg001
3289dc7619 Introduced model._changed
refs #9248

- Bookshelf gives access to ".changed" before the update
  - Discussion: https://github.com/bookshelf/bookshelf/issues/1943
- We also need to know what has changed after the update to be able to decide if we should trigger events
- Furthermore: Bookshelf cannot handle relation updates, it always marks relations as changed even though they did not change
- Bumped bookshelf-relations to be able to
  - know if relations were updated
  - ensure we unset relations on bookshelf's ".changed"
2019-02-03 13:02:26 +01:00
Fabien O'Carroll
12a265b500
🐛 Fixed error for missing sharp install (#10423)
closes #10421
refs #10181

This bumbs the ghost-ignition dep, so that the code passed to errors
takes priority over any code the error is inheriting from.
2019-01-28 12:37:27 +01:00
kirrg001
d017cf32a0 🐛 Fixed eslint installation error when using node version < 8.10 and < 6.14
closes #10420

- bumped brute-knex

> error eslint@5.12.1: The engine “node” is incompatible with this module. Expected version “^6.14.0 || ^8.10.0 || >=9.10.0”. Got “8.9.1”
2019-01-27 18:29:40 +01:00
kirrg001
baa8a6a1d4 Bumped moment to version 2.24.0
no issue
2019-01-22 09:12:43 +01:00
kirrg001
c862110cc4 Respected peer dependency for bookshelf
no issue

- need to use knex 0.14.x for now
- Bookshelf already bumped the peer dependency in master, but was not released yet
2019-01-22 09:12:43 +01:00
Katharina Irrgang
4acc375fb6
Bumped knex & bookshelf dependencies (#10404)
refs #9389, refs #9248

- https://github.com/bookshelf/bookshelf/releases/tag/0.14.0
- Bookshelf has fixed it's previous attr handling, see https://github.com/bookshelf/bookshelf/pull/1848
- SQlite3 double slashes was merged into knex and released 👻tgriesser/knex@c746dea
2019-01-21 21:53:11 +01:00
Katharina Irrgang
d0687da3a3
Bumped major test dependencies (#10403)
refs #9389

- eslint@5.12.1, eslint-plugin-ghost@0.1.0, grunt-contrib-clean@2.0.0, grunt-contrib-uglify@4.0.0, grunt-eslint@21.0.0, grunt-mocha-cli@4.0.0, grunt-shell@3.0.1, mocha@5.2
.0, nock@10.0.6, rewire@4.0.1

All of them dropped Node v4. I was not able to find any other big breaking changes, which affect us right now.
2019-01-21 18:28:44 +01:00
Katharina Irrgang
fb044e6d88
Bumped sinon from 4.4.6 to 7.3.2 (#10400)
refs #9389

- https://github.com/sinonjs/sinon/blob/master/CHANGELOG.md

Breaking changes for Ghost:

- no need to create a sandbox anymore, each file get's it's own sandbox
- just require sinon and use this sandbox
- you can still create separate sandboxes with .createSandbox
- reset single stubs: use .resetHistory instead of .reset

This is a global replace for any sandbox creation.

---

From https://sinonjs.org/releases/v7.2.3/sandbox/

> Default sandbox
> Since sinon@5.0.0, the sinon object is a default sandbox. Unless you have a very advanced setup or need a special configuration, you probably want to just use that one.
2019-01-21 17:53:44 +01:00
kirrg001
c20ff9afb8 Bumped superagent from 3.8.3 to 4.1.0
refs #9389

- https://github.com/visionmedia/superagent/blob/master/History.md#400-2018-11-17
- breaking changes don't really affect us
  - .end(…) returns undefined instead of the request. If you need the request object after calling .end() (and you probably don't), save it in a variable and call request.end(…). Consider not using .end() at all, and migrating to promises by calling .then() instead.
  - this could be changed, but it's not required
2019-01-21 15:19:07 +01:00
kirrg001
742aef77f2 Bumped html-to-text from 3.3.0 to 4.0.0
refs #9389

- https://github.com/werk85/node-html-to-text/blob/master/CHANGELOG.md#version-400
- breaking change does not affect us
2019-01-21 15:02:52 +01:00
kirrg001
1705e8575f Bumped csv-parser from 1.12.1 to 2.1.0
refs #9389

- breaking change does not affect use
- https://github.com/mafintosh/csv-parser/releases/tag/v2.0.0
2019-01-21 14:40:30 +01:00
kirrg001
eedf0dae02 Bumped chalk from version 1.1.3 to 2.4.2
refs #9389

- i was not able to find a breaking change, which affects us
- https://github.com/chalk/chalk/releases/tag/v2.0.0
2019-01-21 14:31:26 +01:00
kirrg001
8174a5cce7 Bumped archiver from version 1.3.0 to 3.0.0
refs #9389

- i wasn't able to find a breaking change which affect us
- https://github.com/archiverjs/node-archiver/blob/master/CHANGELOG.md
- we use it for downloading themes. this feature still works
2019-01-21 14:16:00 +01:00
kirrg001
7681199135 Bumped analytics-node from version 2.4.1 to 3.3.0
refs #9389

- breaking changes do not affect us
- https://github.com/segmentio/analytics-node/releases/tag/v3.0.0
2019-01-21 13:36:46 +01:00
kirrg001
f17d134759 Bumped dependencies
no issue
2019-01-21 13:33:20 +01:00
Fabien O'Carroll
1c56221d80 Added API Key auth middleware to v2 Admin API (#10006)
refs #9865

- Added `auth.authenticate.authenticateAdminApiKey` middleware
  - accepts signed JWT in an `Authorization: Ghost [token]` header
  - sets `req.api_key` if the token is valid
- Updated `authenticatePrivate` middleware stack for v2 admin routes
2019-01-18 12:45:06 +00:00
Hannah Wolfe
846a94728f
🐛 Fixed uncaught exceptions from image fetches
closes #10383

- Upgrades got to 8.3.2, which contains better error handling and resolves the issue with uncaught exceptions
- Note: Got 9.x stream doesn't support Node v6
- Requires us to hardcode http:// for xmlrpc because there is a breaking change where got now defaults to https instead of http
2019-01-15 20:35:46 +00:00
Katharina Irrgang
9d7c3bd726
🐛 Fixed all known filter limitations (#10159)
refs #10105, closes #10108, closes https://github.com/TryGhost/Ghost/issues/9950, refs https://github.com/TryGhost/Ghost/issues/9923, refs https://github.com/TryGhost/Ghost/issues/9916, refs https://github.com/TryGhost/Ghost/issues/9574, refs https://github.com/TryGhost/Ghost/issues/6345, refs https://github.com/TryGhost/Ghost/issues/6309, refs https://github.com/TryGhost/Ghost/issues/6158, refs https://github.com/TryGhost/GQL/issues/16

- removed GQL dependency
- replaced GQL with our brand new NQL implementation
- fixed all known filter limitations
- GQL suffered from some underlying filter bugs, which NQL tried to fix
- the bugs were mostly in how we query the database for relation filtering
- the underlying problem was caused by a too simple implementation of querying the relations
- mongo-knex has implemented a more robust and complex filtering mechanism for relations
- replaced logic in our bookshelf filter plugin
- we pass the custom, default and override filters from Ghost to NQL, which then are getting parsed and merged into a mongo JSON object. The mongo JSON is getting attached by mongo-knex.

NQL: https://github.com/NexesJS/NQL
mongo-knex: https://github.com/NexesJS/mongo-knex
2018-12-11 11:53:40 +01:00
Fabien O'Carroll
38c631eaf7 Installed deps required for members
refs #10213
2018-12-11 11:53:55 +07:00
Nazar Gargol
28a686a936 🐛 Fixed image optimisation for input image being smaller than optimized one
closes #10144

- When the input image is well optimized and has smaller byte size than the processed one it's still being used
- Bumped sharp version to have access to `size` property
2018-11-13 13:19:31 +01:00
kirrg001
fb3c375e74 Bumped knex-migrator to version 3.2.4
refs https://github.com/TryGhost/Ghost/issues/10155
2018-11-13 12:00:40 +01:00
Fabien O'Carroll
e0f31c67ba Installed jsonwebtoken@8.3.0 2018-11-08 13:32:09 +07:00
Katharina Irrgang
4bd211b42a Added Node v10 Support (#10058)
* Added Node v10 Support

no issue

Signed-off-by: kirrg001 <katharina.irrgang@googlemail.com>

* Bump amperize to version 0.3.8

no issue

* Bump mysql to version 2.16.0

no issue

- mysql 2.15.0 uses a deprecated notation for timers
- e.g. timers.unenroll()

* Bump sub dependencies

no issue

- e.g. knex-migrator used mysql 2.15.0

* Bump dependencies

no issue

* Replaced `new Buffer` with `Buffer.from`

no issue

- Buffer() is deprecated due to security and usability issues.
- https://nodejs.org/en/docs/guides/buffer-constructor-deprecation/
2018-10-30 15:45:51 +07:00
Katharina Irrgang
a7b0029471 Added mobiledoc revisions functionality
closes #9927

- Added post model implementation to be able to store up to 10 versions of mobiledoc
- Bumped GQL to support filtering on the mobiledoc revision table
- Added tests ensuring new functionality works
2018-10-09 15:31:09 +02:00
Katharina Irrgang
db1d2f62dd
Removed api integration tests (#9940)
refs #9866 

- moved the tests either to unit tests or routing tests
- or removed test case (a lot)
- this commit is very big 🤪, it was not rly possible to create clean commits for this
- it only changes the test env, no real code is touched

Next steps:
- optimise folder structure + make v2 testing possible
- reduce some more tests from routing and model integeration tests
2018-10-06 22:13:52 +02:00
Fabien O'Carroll
cb0c5dc582
Session auth service (#9910)
refs #9865

* This service handles the session store and exporting middleware to be
used for creating and managing sessions

* Updates the auth service index.js file in line with how we do things elsewhere

* After wrapping the exports in a getter, the usage of rewire had broken
the authenticate tests, this commit _removes_ rewire from the tests, calls `init` on
the models before the tests (needed because rewire isn't there) and also
cleans up the use of var.
2018-10-02 15:35:23 +07:00
Nazar Gargol
082dec7507 Bumped ghost-ignition to version 2.9.6 2018-09-25 11:41:37 +02:00
Nazar Gargol
57271127f4 Added v2 api endpoints (#9874)
refs #9866

- Registered Content API under /ghost/api/v2/content/
- Registered Admin API under /ghost/api/v2/admin/
- Moved API v0.1 implementation to web/api/v0.1
- Created web/api/v2 for the new api endpoints
- Started with reducing the implementation for the new Content API (the Content api does not serve admin api endpoints, that's why it was reducible)
- Covered parent-app module with basic test checking correct applications/routes are being mounted
- Added a readme file, which contains a warning using v2, because it's under active development!
- This PR does only make the new endpoints available, we have not:
  - optimised the web folder (e.g. res.isAdmin)
  - started with different API controllers
  - reason: we want to do more preparation tasks before we copy the api controllers
2018-09-18 15:59:06 +02:00
Kevin Ansfield
2eada22282 Bump forked oembed-parser dependency
no issue
- removes bellajs sub-dependency that wasn't pinned because it's latest version restricts the usable node version
2018-09-18 10:33:04 +01:00
Sumedh Nimkarde
efd1587ee9 Switched to eslint-plugin-ghost (#9835)
refs #9834

- @TODO: the test env eslint needs to use the plugin, not part of this PR
2018-09-17 20:49:30 +02:00
Nazar Gargol
b36490b6e7 Bump gscan to version 2.2.1
closes #9851
2018-09-06 12:24:17 +02:00
Fabien O'Carroll
c9b8ddde4b 🎨Added absolute_url flag to public api (#9833)
closes #9832

The API _should_ be returning absolute URLs for everything, 3rd party applications require absolute urls to read and display ghost data correctly. Currently they have to concat the blog url and the resource url, which is very uncomfortable.

Changing the public api like this would be considered a breaking change however so we've opted to put it behind a query parameter named `absolute_urls`.
2018-08-31 11:02:39 +01:00
Rish
5f49d9090a Update gscan version 2018-08-30 17:59:47 +01:00
Nazar Gargol
0faf89b5ab Added ability to resize and compress images on upload (#9837)
refs #4453

* On by default

* Added config to disable resizing

* Added basic image optimization processing

* Added dep: sharp (optional dep)

* Added resize middleware

* Take care of rotation based on EXIF information

* Removed all meta data from optimised image

* Added handling if sharp could not get installed

* Do not read ext twice - optimisation

* Do not call sharp if config is disabled

* Do not remove the original image which was uploaded (store 2 images)

* Support of `req.files` for internal logic

* Disabled cache to enable file removal on Windows
2018-08-30 17:30:36 +01:00
Katharina Irrgang
47e9eb48f7 Changed oembed-parser git link in package.json (#9806)
no issue
- git links require git to be installed which isn't likely on servers
- use tarball instead
2018-08-21 09:30:19 +01:00
Kevin Ansfield
c186347f0c
🐛 Koenig - Fixed Vimeo, Hulu, and Facebook Post embeds (#9803)
refs https://github.com/TryGhost/Ghost/issues/9786
- bumped `oembed-parser` dependency to a forked version
  - contains fix for oembed.com providers that include `{format}` in the `url`
  - contains updated `providers.json` file including the `Facebook (Post)` provider (thanks @lunaticmonk)
2018-08-20 11:52:40 +01:00
kirrg001
5d42767bfd Bump knex-migrator to version 3.2.3
no issue
2018-08-16 12:13:24 +02:00
kirrg001
59d9f1867d Bump gscan to version 2.0.0
no issue
2018-08-16 12:13:24 +02:00
kirrg001
ee7814cb1f Bump knex-migrator to version 3.2.2
no issue
2018-08-16 12:13:24 +02:00
kirrg001
dc96d2d451 Bump gscan to tarball link
no issue

- GScan 2.0 is in progress
- it's helpful to use a latest tarball already for testing
- https://github.com/TryGhost/gscan/commits/2.0
2018-08-16 12:13:24 +02:00
kirrg001
65b5ccfe54 Bump gscan to tarball link
no issue

- GScan 2.0 is in progress
- it's helpful to use a latest tarball already for testing
2018-08-16 12:13:24 +02:00
kirrg001
f574507214 Bump knex-migrator to version 3.2.1
no issue
2018-08-16 12:13:24 +02:00
Hannah Wolfe
290f74f815 Added advanced filtering to Dynamic Routing (#9757)
refs #9601, refs #9742

- Upgraded NQL to 0.1.0
- The new version of NQL supports aliases e.g. `tag: tags.slug`, which makes it possible to define `filter=tag:support`
- Furthermore, this allows us to support advanced filtering like tag:[a,b]
- In dynamic routing, we use mingo via NQL which has a slightly different feature set to GQL in the API:
   - AND NOT, OR and other advanced logic combos DO work on joined tables
   - Counts are not yet supported
- The Dynamic Routing beta docs should describe that API filtering and Dynamic Routing filtering is different
2018-08-16 12:13:24 +02:00
kirrg001
ef5dd6b878 Bump knex-migrator to version 3.2.0
no issue
2018-08-16 12:13:24 +02:00
kirrg001
23b4fd26c6 Moved knex-migrator execution into Ghost
refs #9742, refs https://github.com/TryGhost/Ghost-CLI/issues/759

- required a reordering of Ghost's bootstrap file, because:
  - we have to ensure that no database queries are executed within Ghost during the migrations
  - make 3 sections: check if db needs initialisation, bootstrap Ghost with minimal components (db/models, express apps, load settings+theme)
- create a new `migrator` utility, which tells you which state your db is in and offers an API to execute knex-migrator based on this state
- ensure we still detect an incompatible db: you connect your 2.0 blog with a 0.11 database
- enable maintenance mode if migrations are missing
- if the migration have failed, knex-migrator roll auto rollback
  - you can automatically switch to 1.0 again
- added socket communication for the CLI
2018-08-16 12:13:24 +02:00
kirrg001
8c1061cd30 Bump dependencies
no issue

- ghost-ignition@2.9.4
  - fixed log rotation (c8f256430a)
- multer@1.3.1
- uuid@3.3.2
- nock@9.4.0
2018-07-02 12:39:58 +02:00
Katharina Irrgang
7027980ad2
Dynamic Routing Beta: Filter collections with NQL (#9704)
refs #9601

- replace jsonpath with [NQL](https://github.com/NexesJS/NQL)
- jsonpath was just a temporary solution (a short-term fix)
- with NQL we are able to filter collections more powerful in the near future
- NQL is not feature complete
- we still support `featured:true` for collections
2018-06-26 01:54:51 +02:00
Katharina Irrgang
fc9da07025
Dynamic Routing Beta: Added ability to disable+override rss (#9693)
refs #9601

- you can now use `rss:false`
- ability to define a custom rss url with a target template (+ content_type)
- ability to disable rss for channel or collection
2018-06-26 01:33:29 +02:00
kirrg001
11b61aebce Bump dependencies
no issue

- image-size@0.6.3
- moment-timezone@0.5.21
- oembed-parser@1.1.1
- simple-html-tokenizer@0.5.5
- nock@9.3.3
- sqlite3@4.0.1
2018-06-25 18:43:08 +02:00
Katharina Irrgang
835fd6c45b
Removed knex mock (#9685)
no issue

- this mock eat already too much of my/our time
- the idea of adding a knex mock was definitely a failed approach/try
- it's too much to maintaince and have not found a module which does this already
  - we have to support any query format
  - this is too crazy
- the idea was to use the knex mock for model unit tests, because if we want to unit test models we have to
  run through bookshelf, because the whole model layer depends on bookshelf e.g. events
- for now we simply use the real database
  - we could use the sqlite3 memory mode, but that would mean every unit test runs on sqlite3
  - something to consider for later e.g. run unit tests on one matrix
  - run the rest on another matrix for sqlite + mysql
2018-06-12 20:26:16 +02:00
Kevin Ansfield
ca20f3a6b0 Added /oembed API endpoint
refs https://github.com/TryGhost/Ghost/issues/9623
- add `oembed-parser` module for checking provider availability for a url and fetching data from the provider
  - require it in the `overrides.js` file before the general Promise override so that the `promise-wrt` sub-dependency doesn't attempt to extend the Bluebird promise implementation
- add `/oembed` authenticated endpoint
  - takes `?url=` query parameter to match against known providers
  - adds safeguard against oembed-parser's providers list not recognising http+https and www+non-www
  - responds with `ValidationError` if no provider is found
  - responds with oembed response from matched provider's oembed endpoint if match is found
2018-06-12 16:18:01 +01:00
kirrg001
2f69e51018 Bump dependencies
no issue

- ghost-ignition@2.9.3
- simple-html-tokenizer@0.5.3
2018-06-06 14:00:43 +02:00
kirrg001
fdde9f7c5d Bump dependencies
no issue

- body-parser@1.18.3
- extract-zip@1.6.7
- js-yaml@3.12.0
- moment@2.22.2
- moment-timezone@0.5.17
- grunt@1.0.3
- grunt-contrib-watch@1.1.0
- nock@9.3.0
- supertest@3.1.0
2018-06-04 15:48:07 +02:00
Aileen Nowak
2cc032524e Bump gscan to version 1.4.3
no issue

- fixes a bug, that didn't catch errors caused by corrupt zip files
- uses a fork of the `extract-zip` dependency with a bug fix for https://github.com/maxogden/extract-zip/issues/65
2018-05-16 10:20:30 +08:00
kirrg001
45b3d50ced Bump dependencies
no issue

bookshelf-relations@0.2.1, bson-objectid@1.2.3, csv-parser@1.12.1, ghost-gql@0.0.10, ghost-ignition@2.9.2, ghost-storage-base@0.0.3, gscan@1.4.2, knex@0.14.6, knex-mig
rator@3.1.6, lodash@4.17.10, moment@2.22.1, moment-timezone@0.5.16, simple-html-tokenizer@0.5.1, superagent@3.8.3, eslint@4.19.1, grunt-contrib-watch@1.0.1, nock@9.2.5
2018-05-01 14:06:18 +02:00
kirrg001
932d5f4c60 Bump brute-knex to version 3.0.0
no issue

- drop node 4 support
- i finally got full access to brute-knex
- see https://github.com/llambda/brute-knex
2018-05-01 14:06:18 +02:00
Aileen Nowak
63642fd8ad YAML settings loader and parser
closes #9528

These code changes introduce a YAML parser which will load and parse YAML files from the `/content/settings` directory. There are three major parts involved:

1. `ensure-settings.js`: this fn takes care that on bootstrap, the supported files are present in the `/content/settings` directory. If the files are not present, they get copied back from our default files. The default files to copy from are located in `core/server/services/settings`.

2. `loader.js`: the settings loader reads the requested `yaml` file from the disk and passes it to the yaml parser, which returns a `json` object of the file. The settings loader throws an error, if the file is not accessible, e. g. because of permission errors.

3. `yaml-parser`: gets passed a `yaml` file and returns a `json` object. If the file is not parseable, it returns a clear error that contains the information, what and where the parsing error occurred (e. g. line number and reason).

- added a `get()` fn to settings services, that returns the settings object that's asked for. e. g. `settings.get('routes').then(()...` will return the `routes` settings.
- added a `getAll()` fn to settings services, that returns all available settings in an object. The object looks like: `{routes: {routes: {}, collections: {}, resources: {}}, globals: {value: {}}`, assuming that we have to supported settings `routes` and `globals`.

Further additions:
- config `contentPath` for `settings`
- config overrides for default `yaml` files location in `/core/server/services/settings`

**Important**: These code changes are in preparation for Dynamic Routing and not yet used. The process of copying the supported `yaml` files (in this first step, the `routes.yaml` file) is not yet activated.
2018-04-15 19:40:22 +02:00
kirrg001
e986ce4af7 Bump ghost-ignition to version 2.9.1
no issue

- fixes a bug, which can slow down the process when using loggly transport
2018-04-02 21:05:16 +02:00
Katharina Irrgang
40d0a745df Multiple authors (#9426)
no issue

This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion)

### key notes

- `authors` are not fetched by default, only if we need them
- the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid)
- ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release
- the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation)
- if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author)
- we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors
- `authors` helper available (same as `tags` helper)
- `primary_author` computed field available
- `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 15:16:15 +01:00
Katharina Irrgang
7c6f690eb5 🐛 Fixed updated_at not being updated (#9532)
closes #9520

- it contains a dependency bump of the latest Bookshelf release
- Bookshelf introduced a bug in the last release
  - see https://github.com/bookshelf/bookshelf/pull/1583
  - see https://github.com/bookshelf/bookshelf/pull/1798
- this has caused trouble in Ghost
  - the `updated_at` attribute was not automatically set anymore

---

The bookshelf added one breaking change: it's allow to pass custom `updated_at` and `created_at`.
We already have a protection for not being able to override the `created_at` date on update.
We had to add another protection to now allow to only change the `updated_at` property.
You can only change `updated_at` if you actually change something else e.g. the title of a post.

To be able to implement this check i discovered that Bookshelfs `model.changed` object has a tricky behaviour.
It remembers **all** attributes, which where changed, doesn't matter if they are valid or invalid model properties.
We had to add a line of code to avoid remembering none valid model attributes in this object.

e.g. you change `tag.parent` (no valid model attribute). The valid property is `tag.parent_id`.
     If you pass `tag.parent` but the value has **not** changed (`tag.parent` === `tag.parent_id`), it will output you `tag.changed.parent`. But this is wrong.
     Bookshelf detects `changed` attributes too early. Or if you think the other way around, Ghost detects valid attributes too late.
     But the current earliest possible stage is the `onSaving` event, there is no earlier way to pick valid attributes (except of `.forge`, but we don't use this fn ATM).
     Later: the API should transform `tag.parent` into `tag.parent_id`, but we are not using it ATM, so no need to pre-optimise.
     The API already transforms `post.author` into `post.author_id`.
2018-03-26 14:12:02 +01:00
Katharina Irrgang
fa1cc76e15
Bump dependencies (#9516)
no issue

- compression@1.7.2
- express@4.16.3
- ghost-ignition@2.9.0
- gscan@1.3.4
- knex-migrator@3.1.5
- lodash@4.17.5
- moment@2.21.0
- netjet@1.3.0
- sanitize-html@1.18.2
- sqlite@4.0.0
- eslint@4.19.0
- grunt@1.0.2
- sinon@4.4.6
- nock@9.2.3
- grunt-express-server@0.5.4

This commit resolves https://hackerone.com/reports/310439.
2018-03-21 18:49:42 +01:00
Katharina Irrgang
95423ea8fa
Bump dependencies (#9513)
no issue

- knex@0.14.4
- bookshelf@0.13.0
- knex-migrator@3.1.4
- brute-knex@4feff38ad2
- bookshelf-relations@0.2.0

### Fixes for Bookshelf 0.13

- they introduced some breaking changes
- https://github.com/bookshelf/bookshelf/blob/master/CHANGELOG.md#breaking-changes
- adapt event handling in Ghost and in bookshelf-relations
2018-03-19 16:27:06 +01:00
Silvio Fernández
043370d84e Bump markdown-it to version 8.4.1 (#9484)
no issue

- which bumps the sub-dependency "uc.micro" to 1.0.5 
- this version is now MIT licensed
2018-03-05 10:03:24 +01:00
kirrg001
68d8154d4f Imported nested tags by foreign key
no issue

- replace logic for preparing nested tags
- if you have nested tags in your file, we won't update or update the target tag
- we simply would like to add the relationship to the database
- use same approach as base class
  - add `posts_tags` to target post model
  - update identifiers
  - insert relation by foreign key `tag_id`
- bump bookshelf-relations to 0.1.10
2018-02-20 09:56:45 +01:00
kirrg001
0b5cfd933f Added knex mock for unit testing
no issue

- added https://github.com/colonyamerican/mock-knex as dev dependency
- the mock serves our data generator test data by default
  - but you can define your own if you want
- we need a proper mock for unit testing
- we should not mock bookshelf if possible, otherwise we can't test event flows
2018-02-15 22:11:49 +01:00
Katharina Irrgang
80a1128016
Bump dependencies (#9421)
no issue

- bookshelf-relations@0.1.5
- ghost-ignition@2.8.18
- sanitize-html@1.17.0
- semver@5.5.0
- uuid@3.2.1
- eslint@4.16.0
- should@13.2.1
- sinon@4.2.1
2018-01-24 22:50:20 +01:00
Katharina Irrgang
9a8acd5517
Downgraded dependencies (#9403)
no issue

- knex@0.12.9
- bookshelf@0.10.3
- and any dependency, which relies on knex@0.14
- we experienced an unwated behaviour where the blog keeps too many connections open
- we have to investigate
2018-01-17 17:49:07 +01:00
kirrg001
042b18cb69 Bump dependencies
no issue

- brute-knex@4feff38ad2e4ccd8d9de05f04a2ad7a5eb3e0ac1
- knex-migrator@3.1.4
- ghost-ignition@2.8.17
2018-01-11 22:59:22 +01:00
Katharina Irrgang
4d6538fbca
Bump dependencies (#9391)
no issue

- bookshelf@0.12.1
- knex@0.14.2
- moment@2.20.1
- eslint@4.15.0
- nock@9.1.6
- sinon@4.1.4
2018-01-11 21:19:34 +01:00
juan-g
f671f9d2c9 Theme translations and blog localisation (#8437)
refs #5345, refs #3801

- Blog localisation
  - default is `en` (English)
  - you can change the language code in the admin panel, see https://github.com/TryGhost/Ghost-Admin/pull/703
  - blog behaviour changes depending on the language e.g. date helper format
  - theme translation get's loaded if available depending on the language setting
  - falls back to english if not available

- Theme translation
  - complete automatic translation of Ghost's frontend for site visitors (themes, etc.), to quickly deploy a site in a non-English language
  - added {{t}} and {{lang}} helper
  - no backend or admin panel translations (!)
  - easily readable translation keys - very simple translation
  - server restart required when adding new language files or changing existing files in the theme
  - no language code validation for now (will be added soon)
  - a full theme translation requires to translate Ghost core templates (e.g. subscriber form)
  - when activating a different theme, theme translations are auto re-loaded
  - when switching language of blog, theme translations are auto re-loaded

- Bump gscan to version 1.3.0 to support more known helpers

**Documentation can be found at https://themes.ghost.org/v1.20.0/docs/i18n.**
2018-01-09 14:50:57 +01:00
Aileen Nowak
8ea861c496 Bump Amperize to version 0.3.7 (#9370)
no issue

- includes updated tests and usage of another user-agent for image requests
2018-01-04 14:44:33 +01:00
kirrg001
fccfa7614d Bump bookshelf-relations to version 0.1.4
no issue

- patch release with two fixes:
  - 1. attach target models in batches
  - 2. ensure we detach the bookshelf model event from new targets, otherwise we can run into memory leaks
2018-01-02 23:20:04 +01:00
kirrg001
98dcbd72bc Bump dependencies
no issue

- bson-objectid@1.2.2
- image-size@0.6.2
- knex-migrator@3.1.3
- nconf@0.10.0
- sanitize-html@1.16.3
- superagent@3.8.2

- eslint@4.14.0
- grunt-contrib-uglify@3.3.0
- grunt-subgrunt@1.3.0
- mocha@4.1.0
- nock@9.1.5
- should@13.2.0
- sinon@4.1.3
2018-01-02 12:08:32 +01:00
kirrg001
1ac7c00d4a Bump knex-migrator to version 3.1.2
no issue

- patch update
2017-12-05 10:04:23 +01:00
Katharina Irrgang
0bb81bb3c4
Bump knex-migrator to version 3.1.1 (#9199)
no issue

- adapt major changes of knex-migrator v3
- adapt migration scripts, simplify and add `down` (rollback) hook if possible
- clear Ghost cache after init hook (because of `knex-migrator migrate --init`)
- ensure db migrations work with the CLI
- updated troubleshooting guide (https://docs.ghost.org/v1/docs/troubleshooting#section-task-execute-is-not-a-function)

**For development only: Please ensure you run `npm i -g knex-migrator@latest` to update your global installation to v3. We always prefer the local installation, but v3 has modified and added binaries.**
2017-12-05 09:14:55 +01:00
kirrg001
d58f7ae22b Bump grunt-mocha-cli to version 3.0.0
no issue

- https://github.com/Rowno/grunt-mocha-cli/blob/master/CHANGELOG.md#300--2016-11-07
- no major changes to adapt
2017-11-29 10:34:36 +01:00
kirrg001
53e7789d6d Bump grunt-shell to version 2.1.0
no issue

- no major changes to adapt
- 3b379e718a
2017-11-29 10:34:36 +01:00
kirrg001
5e370bc5ce Bump matchdep to version 2.0.0
no issue

- no major changes to adapt
2017-11-29 10:34:36 +01:00
kirrg001
71f6068aa6 Bump grunt-contrib-uglify to version 3.2.1
no issue

- we only use the `sourceMap` option, which is still supported
2017-11-29 10:34:36 +01:00
kirrg001
9ce20fb043 Removed run-sequence dev dependency
no issue

- not used
2017-11-29 10:34:36 +01:00
kirrg001
ee7710ba68 Bump mocha to version 4.0.1
no issue

- https://github.com/mochajs/mocha/blob/master/CHANGELOG.md#400--2017-10-02
- the new `--exit` flag might be interesting at some point

> In Mocha v3.0.0 and newer, returning a Promise and calling done() will result in an exception.

- adapt teardown/setup test utility
- adapt other mixed usages of callback && Promise usage
2017-11-29 10:34:36 +01:00
kirrg001
404d045461 Bump rewire to version 3.0.2
no issue

- nothing to adapt for the major jump
2017-11-29 10:34:36 +01:00
Katharina Irrgang
b9a44bacf6
Bump should to version 13.1.3 (#9284)
refs https://github.com/TryGhost/Ghost/issues/9178

- adapt major changes
- see https://github.com/shouldjs/should.js/blob/master/History.md
- should.have.enumerable was removed
2017-11-28 19:41:16 +01:00
Katharina Irrgang
b4b5da2a75
Bump sinon to version 4.1.2 (#9283)
refs #9178

- adapt major changes
2017-11-28 18:19:23 +01:00
kirrg001
2f23cd32bb Bump dependencies
no issue

- gscan@1.2.3
- sanitize-html@1.16.1
- eslint@4.12.0
- nock@9.1.3
- sqlite3@3.1.13
2017-11-28 14:02:47 +01:00
Aileen Nowak
a4cf29dc7d Bump amperize to version 0.3.6 (#9264)
no issue

New version contains
- dependency updates
- Node v8 support
- Eslint refactoring
2017-11-21 15:00:04 +01:00
Katharina Irrgang
dfd4afea19 Add bookshelf-relations (#9252)
no issue

- added https://github.com/TryGhost/bookshelf-relations as dependency
- remove existing tag handling

--- 

* Important: Ensure we trigger parent initialize function

- otherwise the plugin is unable to listen on model events
- important: event order for listeners is Ghost -> Plugin
- Ghost should be able to listen on the events as first instance
- e.g. be able to modify/validate relationships

* Fix tag validation

- we detect lower/update case slugs for tags manually
- this can't be taken over from the plugin obviously
- ensure we update the target model e.g. this.set('tags', ...)

* override base fn: `permittedAttributes`

- ensure we call the base
- put relations on top
- each relation is allowed to be passed
- the plugin will auto-unset any relations to it does not reach the database

* Ensure we run add/edit/delete within a transaction

- updating nested relationships requires sql queries
- all sql statements have to run in a single transaction to ensure we rollback everything if an error occurs
- use es6
2017-11-21 13:28:05 +00:00
kirrg001
eba100d965 Bump dependencies
no issue

- bluebird@3.5.1
- csv-parser@1.12.0
- gscan@1.2.2
- moment@2.19.2
- nconf@0.9.1
- oauth2orize@1.11.0
- superagent@3.8.1
- eslint@4.11.0
- nock@9.1.0
2017-11-17 17:33:29 +01:00
kirrg001
2e521791b8 Optimised dependency tree
no issue
2017-11-17 17:33:29 +01:00
Hannah Wolfe
bcf5a1bc34
Switch to Eslint (#9197)
refs #9178

* Add eslint deps, remove old lint deps
* Add eslint config, remove old lint configs
* Config for server and tests are different
* Tweaked rules to suit us
* Fix linting in codebase - lots of indent changes.
* Fix a real broken test
2017-11-01 13:44:54 +00:00
kirrg001
949d33b1db Bump jsonpath to version 1.0.0
no issue

- major bump
- we only use jsonpath inside the `get` helper
- the functionality still works as expected
- includes security fix, see 98464aa5fe
2017-10-31 12:21:48 +01:00
kirrg001
9d4ed8c61c Replaced extract-zip-fork by extract-zip
no issue

- we had to fork the original repository at one point, because of slow maintenance
- maintenance is back now
- https://github.com/maxogden/extract-zip/pull/52 was merged and released
2017-10-31 12:11:59 +01:00
kirrg001
cfca111493 Bump dependencies
no issue

- bson-objectid@1.2.1
- compression@1.7.1
- express@4.16.2
- moment-timezone@0.5.14
- mysql@2.15.0
- nconf@0.8.5
- sanitize-html@1.15.0
- simple-html-tokenizer@0.4.3
- superagent@3.8.0

IMPORTANT:
- we are unable to bump moment and bluebird at the moment, because in both releases there is a bug which breaks our tests
- i didn't investigate a lot, but there is https://github.com/petkaantonov/bluebird/issues/1468
- and for moment, a couple of reports came in for .19 regarding a wrong date behaviour
2017-10-31 11:53:16 +01:00
Katharina Irrgang
07dcbb0d53 Support for Node v8 (#9183)
no issue

- bump dependencies because of failing tests
- added package-lock.json to gitignore, because we use yarn
- run v8 on travis
- support v8 engine in package.json
2017-10-26 11:37:58 +01:00
kirrg001
984aeffeb6 Bump knex-migrator to version 2.1.8
no issue

- Fixed migration order on db initialisation
2017-10-25 10:44:27 +02:00
Hannah Wolfe
7262c9e465 Upgrading knex-migrator to 2.1.7 (#9154) 2017-10-17 16:06:46 +01:00
Katharina Irrgang
594b0c2d14 Custom post templates (#9073)
closes #9060

- Update `gscan` - it now extracts custom templates and exposes them to Ghost
- Add `custom_template` field to post schema w/ 1.13 migration
- Return `templates` array for the active theme in `/themes/` requests
- Users with Author/Editor roles can now request `/themes/`
- Front-end will render `custom_template` for posts if it exists, template priority is now:
  1. `post/page-{{slug}}.hbs`
  2. `{{custom_template}}.hbs`
  3. `post/page.hbs`
2017-10-10 13:36:35 +01:00
Hannah Wolfe
7999c38fa2 Support filtering based on primary_tag (#9124)
closes #8668, refs #8920

- Updated tests to include internal tags
  - Tests had no example of an internal tag
  - Need this to show that the new filtering works as expected
- primary_tag is a calculated field
- This ensures that we can alias the field to equivalent logic in API filters
- By replacing primary_tag by a lookup based on a tag which has order 0
- bump ghost-gql to 0.0.8

**NOTE:**
Until GQL is refactored, there are limitations on what else can be filtered when using primary_tag in a filter e.g. it wont be possible to do a filter based on primary_tag AND/OR other tag filters.
2017-10-10 14:07:44 +02:00
Aileen Nowak
7be165da07 Fixed not updated yarn.lock
no issue

PR #9087 was updated with a new `yarn.lock` file after changing from using the caret in the `package.json` file for the dependency to not using it.
2017-10-04 17:09:18 +07:00
Aileen Nowak
d7e0770a7b Bump Amperize to version 0.3.5 (#9087)
no issue

- bump `amperize` to 0.3.5 which fixes issues with images-size requests not following redirects, and image-size requests that caused errors leading to stop transforming the rest of the passed HTML.
2017-10-04 11:12:03 +02:00
Kevin Ansfield
ec6e25674c Removed markdown-it-named-headers and unused string deps (#8994)
refs https://github.com/TryGhost/Ghost-Admin/pull/856

- moves `markdown-it-named-headers` functionality into our own app code without requiring the [`string.js`](http://stringjs.com) sub-dependency
- matches Ghost-Admin markdown-it code
2017-09-25 16:36:34 +02:00
Katharina Irrgang
55bf5997b9 Bump dependencies (#9050)
no issue

- body-parser@1.18.2
- cookie-session@1.3.2
- knex-migrator@2.1.6
- markdown-it@8.4.0
- netjet@1.1.4
- oauth2orize@1.10.0
- passport@0.4.0
- superagent@3.6.0
- mocha@3.5.3
- nock@9.0.20
- tmp@0.0.33
2017-09-25 13:27:14 +01:00
Katharina Irrgang
7b4c3fc085 Removed defunct Ghost OAuth code (#9014)
closes #8342

- no need to add a migration, because when we'released 1.0, OAuth was never an option
- it was disabled in April, 1.0-beta was released in June
- remove all remote authentication code
2017-09-18 13:01:58 +01:00
Kevin Ansfield
47322e4239 Re-instate mobiledoc dom rendering with bypass of SimpleDOM parsing (#8937)
closes #8757

- update the markdown card render method to use SimpleDOM's `createRawHtmlSection`. This avoids SimpleDOM parsing and tokenization of broken or unsupported free-form HTML that markdown allows
- replace markdown extraction/render with mobiledoc's renderer in the `Post` model
- removes `jsdom` as it's no longer necessary
2017-08-31 12:09:02 +02:00
Aileen Nowak
30bee115fe Used got to handle requests for image-size (#8892)
refs #8589, refs #8868

- swap `request` with `got` in `getImageSizeFromUrl` util
- less handling for request cases e.g. timeouts, follow redirects
2017-08-31 11:39:37 +02:00
David Wolfe
be54da265b Add segment analytics for blog data (#8912)
no issue
- adds data to track such as post published
- adds ability to add custom data and event prefix via config file
2017-08-22 12:23:23 +01:00
Aileen Nowak
b086b432ad Dumped icojs and use image-size for .ico (#8888)
refs #8868

The `image-size` library supports now `.ico` files, which means there is no longer need to use the `icojs` library.
- removes unnecessary `icojs` dependency
- refactors `getIconDimensions` fn in blog icon util to fetch image sizes synchronus
- removes unnecessary `getIconDimensions` fn in blog icon validation, as there is no longer need to use different image size fn for different file extensions, and uses `getIconDimensions` from blog util fn instead.
- updates and adds more tests
2017-08-17 17:44:05 +01:00
Hannah Wolfe
b6b299a8f7 Used ghost-ignition.debug, removed debug dep (#8881)
no issue

- Upgraded ghost-ignition
- Use debug from ghost-ignition everywhere in the code base
- Remove debug dependency
- Fixed random typo in Gruntfile.js
2017-08-15 18:29:27 +07:00
kirrg001
bb6b58cae7 ⬆️ Bump dependencies
no issue

- cookie-session@1.3.0
- ghost-ignition@2.8.13
- gscan@1.1.7
- image-size@0.6.1
- markdown-it@8.3.2
- mysql@2.14.1
- mocha@3.5.0
- nock@9.0.14
2017-08-08 14:57:10 +02:00
kirrg001
ffecf87551 ⬆️ Bumb dependencies
no issue

- compression@1.7.0
- cors@2.8.4
- gscan@1.1.6
- jsonpath@0.2.12
- knex-migrator@2.1.5
- semver@5.4.1
2017-08-03 11:09:03 +04:00
kirrg001
68803ae250 ⬆️ Bump dependencies
no issue

- knex-migrator@2.1.4
2017-08-01 17:20:01 +04:00
kirrg001
acfb0d31ea ⬆️ Bump dependencies
no issue

- ghost-ignition@2.8.12
2017-08-01 13:40:50 +04:00
Katharina Irrgang
7845617607 Custom Post Excerpt Feature (#8792)
closes #8793

- 1.3 post excerpt migration
  - add 1.3 migration to add `excerpt` to post schema

NOTE:
    - knex-migrator relies on the package.json safe version
    - so right now Ghost is on 1.2
    - the migration script is for 1.3
    - if you pull down the PR (or if we merge this PR into master), you have to run `knex-migrator migrate --v 1.3 --force`
    - knex-migrator will tell you what you have todo

- Bump dependencies
  - knex-migrator@2.1.3
- Soft limit for custom_excerpt
- Extended {{excerpt}} to use custom excerpt
   - when a `custom_excerpt` field exists, the `{{excerpt}}` helper will output this and fall back to autogenerated excerpt if not.
- Refactored behaviour of (meta) description
   - html tag `<meta name="description" />` for posts, tags and author doesn't get rendered if not provided.
        - fallback for `author.bio` removed
        - fallback for `tag.description` removed
   - structured data and schema.org for `post` context takes the following order to render description fields:
        1. custom excerpt
        2. meta description
        3. automated excerpt (50 words)
    - updated and added tests to reflect the changes
2017-08-01 12:39:34 +04:00
Katharina Irrgang
b11ffd976b ⬆️ bump dependencies (#8761)
no issue

- gscan@1.1.5
2017-07-27 11:47:27 +04:00
kirrg001
f4ecd65853 ⬆️ bump dependencies
no issue

- gscan@1.1.4
2017-07-18 15:31:12 +02:00
kirrg001
07e35e3d0b ⬆️ bump dependencies
no issue

- gscan@1.1.3
- grunt-contrib-clean@1.1.0
- grunt-contrib-compress@1.4.3
- grunt-contrib-jshint@1.1.0
- jshint@2.9.5
- mocha@3.4.2
2017-07-11 10:45:43 +02:00
kirrg001
6a589f7878 ⬆️ bump dependencies
no issue

- gscan@1.1.2
- body-parser@1.17.2
- debug@2.6.8
- express@4.15.3
- html-to-text@3.3.0
- image-size@0.5.5
- uuid@3.1.0
2017-06-22 19:40:56 +02:00
kirrg001
d823412987 ⬆️ bump dependencies
no issue

- gscan 1.1.1
2017-06-08 16:14:51 +02:00
kirrg001
85ed078df8 ⬆️ gscan 1.1.0 2017-06-06 13:07:50 +07:00
kirrg001
8680099765 🎨 gscan 1.1.0 & optimisations
refs #8222

- differentiate between errors and fatal errors
- use gscan errors in theme middleware
- Adds a new `error()` method to `currentActiveTheme` constructor which will return the errors we receive from gscan
- In middleware, if a theme couldn't be activated because it's invalid, we'll fetch the erros and send them to our error handler. We also use a new property `hideStack` to control, if the stack (in dev mode and if available) should be shown or the gscan errors (in prod mode, or in dev if no stack error)
- In our error handler we use this conditional to send a new property `gscan` to our error theme
- In `error.hbs` we'll iterate through possible `gscan` error objects and render them.
- remove stack printing
- stack for theme developers in development mode doesn't make sense
- stack in production doesn't make sense
- the stack is usually hard to read
- if you are developer you can read the error stack on the server log
- utils.packages: transform native error into Ghost error
- use `onlyFatalErrors` for gscan format and differeniate fatal errors vo.2
- optimise bootstrap error handling
- transform theme is missing into an error
- add new translation key
- show html tags for error.hbs template: rule
2017-06-06 13:07:50 +07:00
Ryan McCarvill
957f51e677 🐝 Allow unbalanced HTML in markdown card. (#8320)
no issue

The simpledom interpreter that the Mobiledoc DOM renderer uses does not allow for unbalanced or incorrect HTML such as that which is entered by a user.

This PR adds a step where the HTML is sanitised and balanced before being passed to simpledom.

- use latest jsdom (+pin version), update yarn.lock, add comments
- don't use node-4 incompatible shorthand method definition
- grab <body> content rather than document content
- update markdown card specs to match markdown-it behaviour
- revert to jsdom 9.12.0 for node 4.x support, close window to free memory
- moved 3rd party libs into render function
2017-05-23 16:15:32 +02:00
kirrg001
b20fb26061 ⬇️️ revert dependencies: knex@0.13.0 to knex@0.12.9
no issue

We have recently merged `knex:0.13.0` into Ghost master.

It was absolutely fine and it works, because yarn is smart. but...
- in case you use `npm` for the installation, the installation of the Ghost dependency fails because of a peer dependency error
- we install 2x knex, which isn't really useful
- bookshelf doesn't actually support knex 0.13.0 yet, see https://github.com/tgriesser/bookshelf/issues/1566
2017-05-22 14:59:21 +02:00
Kevin Ansfield
5d868d14ad replace custom showdown fork with markdown-it (#8451)
refs https://github.com/TryGhost/Ghost-Admin/pull/690, closes #1501, closes #2093, closes #4592, closes #4627, closes #4659, closes #5039, closes #5237, closes #5587, closes #5625, closes #5632, closes #5822, closes #5939, closes #6840, closes #7183, closes #7536

- replace custom showdown fork with markdown-it
- swaps showdown for markdown-it when rendering markdown
- match existing header ID behaviour
- allow headers without a space after the #s
- add duplicate header ID handling
- remove legacy markdown spec
- move markdown-it setup into markdown-converter util
- update mobiledoc specs to match markdown-it newline behaviour
- update data-generator HTML to match markdown-it newline behaviour
- fix Post "converts html to plaintext" test
- update rss spec to match markdown-it newline behaviour
- close almost all related showdown bugs
2017-05-15 18:48:14 +02:00
kirrg001
33c95f4523 ⬆️ bump dependencies
no issue

- express@4.15.2
- body-parser@1.17.1
- uuid@3.0.1
2017-05-12 08:59:09 +01:00
Greenkeeper
df8e7f873e Update fs-extra to version 3.0.1 🚀 (#8440)
* chore(package): update fs-extra to version 3.0.1

https://greenkeeper.io/

* chore: yarn.lock
2017-05-10 09:51:54 +02:00
Greenkeeper
a3e74b305a Update debug to version 2.6.6 🚀 (#8425)
* chore(package): update debug to version 2.6.6

https://greenkeeper.io/

* chore: yarn.lock
2017-05-10 09:47:23 +02:00
Greenkeeper
7a4d76c57d Update image-size to version 0.5.2 🚀 (#8446)
* chore(package): update image-size to version 0.5.2

https://greenkeeper.io/

* chore: yarn.lock
2017-05-10 09:46:54 +02:00
Greenkeeper
8704cc9169 Update knex to version 0.13.0 🚀 (#8428)
* chore(package): update knex to version 0.13.0

https://greenkeeper.io/

* chore: yarn.lock
2017-05-02 13:43:50 +02:00
Greenkeeper
53cc834cd1 Update mocha to version 3.3.0 🚀 (#8376)
* chore(package): update mocha to version 3.3.0

https://greenkeeper.io/

* chore: yarn.lock
2017-05-02 13:33:47 +02:00
Katharina Irrgang
76bd4fdef6 🙀 Image field naming & new img_url helper (#8364)
* 🙀  change database schema for images
    - rename user/post/tag images
    - contains all the required changes from the schema change

* Refactor helper/meta data
    - rename cover to cover_image
    - also rename default settings to match the pattern
    - rename image to profile_image for user
    - rename image to feature_image for tags/posts

* {{image}} >>> {{img_url}}
    - rename
    - change the functionality
    - attr is required
    - e.g. {{img_url feature_image}}

* gscan 1.0.0
    - update yarn.lock

* Update casper reference: 1.0-changes
    - see 5487b4da8d
2017-04-24 18:21:47 +01:00
Greenkeeper
df26e38ccf Update debug to version 2.6.4 🚀 (#8367)
* chore(package): update debug to version 2.6.4

https://greenkeeper.io/

* chore: yarn.lock
2017-04-24 16:37:02 +02:00
Greenkeeper
c3403d581a Update ghost-ignition to version 2.8.11 🚀 (#8377)
* chore(package): update ghost-ignition to version 2.8.11

https://greenkeeper.io/

* chore: yarn.lock
2017-04-24 13:21:00 +02:00
Greenkeeper
b4c70677d8 Update gscan to version 0.2.4 🚀 (#8368)
* chore(package): update gscan to version 0.2.4

https://greenkeeper.io/

* chore: yarn.lock
2017-04-21 01:26:56 +02:00
Greenkeeper
1ccea56370 Update gscan to version 0.2.3 🚀 (#8344)
* chore(package): update gscan to version 0.2.3

https://greenkeeper.io/

* chore: yarn.lock
2017-04-17 16:04:31 +02:00
Hannah Wolfe
e9a537004b Added pre-commit hook to handle submodules (#8302)
refs #8235

Usage:
- for existing development setups: `grunt symlink` (will create the pre-commit symlink)
- for fresh development setups: `npm run init` (symlinking happens as part of the typical set up)

-  Added pre-commit hook to handle submodules
  - Checks to see if there are any submodules about to be committed
  - Output matches closely to `git st` to make it easy to read
  - Requires interaction from the committer to accept that this really should be committed
-  Use grunt symlink to register githooks
  - Grunt symlink will make a link to the pre-commit hook
  - It ONLY does this if there isn't already a pre-commit hook, so won't overwrite anything
  - It does this as part of npm run init, not grunt init, because a release repo would NEVER want this
  - This is a dev tool, that configures the repo for development
2017-04-13 08:26:48 +01:00
Greenkeeper
6a7879d4f8 Update nock to version 9.0.13 🚀 (#8306)
* chore(package): update nock to version 9.0.13

https://greenkeeper.io/

* chore: yarn.lock
2017-04-11 10:26:31 +02:00
Hannah Wolfe
a413d70313 Asset amends (#8294)
refs #8221

🔥 Remove ghost=true concept from asset url helper

 💯 Introduce CSS minification with cssnano
- add new grunt-cssnano dependency
- wire up grunt task to minify public/ghost.css

🎨 Rename minification config & hash params
- Change minifyInProduction -> hasMinFile
  - this means this asset should have a .min file available
- Change minifyAssets -> useMinFiles
  - this means that in this env we want to serve .min files if available

🎨 Update public/ghost.css to serve .min for prod
- add the new `hasMinFile` property

🎨 Move minified asset handling to asset_url util
- this logic should be in the util, not the asset helper
- updated tests

📖 Error handler always needs asset helper
- this removes the TODO and adds a more sensible comment
- we also need to update our theme documentation around error templates

🔥 Don't use asset helper in ghost head
- use getAssetUrl util instead!
- removed TODO

📖 Update proxy docs
🎨 Simplify asset helper & add tests
- this refactor is a step prior to moving this from metadata to being a url util
- needed to skip some new tests

🐛 Add missing handler for css file
2017-04-10 11:30:21 +02:00
Greenkeeper
791f1b55df Update gscan to version 0.2.2 🚀 (#8281)
* chore(package): update gscan to version 0.2.2

https://greenkeeper.io/

* chore: yarn.lock
2017-04-06 13:55:10 +02:00
Greenkeeper
9d020c93fc Update icojs to version 0.7.2 🚀 (#8278)
* chore(package): update icojs to version 0.7.2

https://greenkeeper.io/

* chore: yarn.lock
2017-04-05 19:11:09 +02:00
Katharina Irrgang
817b8d09ca 😱 🎨 Refactor storage adapter (#8229)
refs #7687

There are four main changes in this PR:

we have outsourced the base storage adapter to npm, because for storage developers it's annoying to inherit from a script within Ghost
we hacked theme storage handling into the default local storage adapter - this was reverted, instead we have added a static theme storage here
use classes instead of prototyping
optimise the storage adapter in general - everything is explained in each commit

----

* rename local-file-store to LocalFileStorage

I would like to keep the name pattern i have used for scheduling.
If a file is a class, the file name reflects the class name.
We can discuss this, if concerns are raised.

* Transform LocalFileStorage to class and inherit from new base

- inherit from npm ghost-storage-base
- rewrite to class
- no further refactoring, happens later

* Rename core/test/unit/storage/local-file-store_spec.js -> core/test/unit/storage/LocalFileStorage_spec.js

* Fix wrong require in core/test/unit/storage/LocalFileStorage_spec.js

* remove base storage and test

- see https://github.com/kirrg001/Ghost-Storage-Base
- the test has moved to this repo as well

* Use npm ghost-storage-base in storage/index.js

* remove the concept of getStorage('themes')

This concept was added when we added themes as a feature.
Back then, we have changed the local storage adapter to support images and themes.
This has added some hacks into the local storage adapters.
We want to revert this change and add a simple static theme storage.

Will adapt the api/themes layer in the next commits.

* Revert LocalFileStorage

- revert serve
- revert delete

* add storagePath as property to LocalFileStorage

- define one property which holds the storage path
- could be considered to pass from outside, but found that not helpful, as other storage adapters do not need this property
- IMPORTANT: save has no longer a targetDir option, because this was used to pass the alternative theme storage path
- IMPORTANT: exists has now an alternative targetDir, this makes sense, because
  - you can either ask the storage exists('my-file') and it will look in the base storage path
  - or you pass a specific path where to look exists('my-file', /path/to/dir)

* LocalFileStorage: get rid of store pattern

- getUniqueFileName(THIS)
- this doesn't make sense, instances always have access to this by default

* Add static theme storage

- inherits from the local file storage, because they both operate on the file system
- IMPORTANT: added a TODO to consider a merge of themes/loader and themes/storage
- but will be definitely not part of this PR

* Use new static theme storage in api/themes

- storage functions are simplified!

* Add https://github.com/kirrg001/Ghost-Storage-Base as dependency

- tarball for now, as i am still testing
- will release if PR review get's accepted

* Adapt tests and jscs/jshint

* 🐛  fix storage.read in favicon utility

- wrong implementation of error handling

* 🎨  optimise error messages for custom storage adapter errors

* little renaming in the storage utlity

- purpose is to have access to the custom storage instance and to the custom storage class
- see next commit why

* optimise instanceof base storage

- instanceof is always tricky in javascript
- if multiple modules exist, it can happen that instanceof is false

* fix getTargetDir

- the importer uses the `targetDir` option to ensure that images land in the correct folder

* ghost-storage-base@0.0.1 package.json dependency
2017-04-05 15:10:34 +01:00
Greenkeeper
b9563ab6af Update moment-timezone to version 0.5.13 🚀 (#8272)
* chore(package): update moment-timezone to version 0.5.13

https://greenkeeper.io/

* chore: yarn.lock
2017-04-05 09:56:39 +02:00
kirrg001
9b73949e35 bump yarn.lock sub-dependencies
no issue

- run `yarn upgrade` to bump sub-dependencies
2017-04-04 14:13:26 +02:00
Katharina Irrgang
a42b233b04 Revert: Update sinon to version 2.1.0 (#8262)
no issue

- https://greenkeeper.io/
- revert because sinon has changed their API obviously and it shows lots of depreaction warnings right now
- as sinon is "just" a testing dependency, i wouldn't spend this time right now and add sinon to the ignore list

* Revert: Update sinon to version 2.1.0
* yarn update
2017-04-04 11:54:48 +01:00
Greenkeeper
e348303337 Update bluebird to version 3.5.0 🚀 (#8096)
* chore(package): update bluebird to version 3.5.0

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:48:39 +02:00
Greenkeeper
a78ee40f63 Update should to version 11.2.1 🚀 (#8117)
* chore(package): update should to version 11.2.1

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:48:05 +02:00
Greenkeeper
f0abb25611 Update debug to version 2.6.3 🚀 (#8151)
* chore(package): update debug to version 2.6.3

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:28:37 +02:00
Greenkeeper
68efdfa4e7 Update moment to version 2.18.1 🚀 (#8207)
* chore(package): update moment to version 2.18.1

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:27:57 +02:00
Greenkeeper
c1a67df9e1 Update superagent to version 3.5.2 🚀 (#8208)
* chore(package): update superagent to version 3.5.2

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:19:42 +02:00
Greenkeeper
d689559975 Update ghost-ignition to version 2.8.10 🚀 (#8177)
* chore(package): update ghost-ignition to version 2.8.10

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:13:19 +02:00
Greenkeeper
ea2afd1823 Update should-http to version 0.1.1 🚀 (#8209)
* chore(package): update should-http to version 0.1.1

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 10:12:37 +02:00
Greenkeeper
157d48588d Update fs-extra to version 2.1.2 🚀 (#8181)
* chore(package): update fs-extra to version 2.1.2

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:49:58 +02:00
Greenkeeper
e2b7aead2f Update simple-html-tokenizer to version 0.4.1 🚀 (#8232)
* chore(package): update simple-html-tokenizer to version 0.4.1

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:47:57 +02:00
Greenkeeper
c25eff732d Update knex to version 0.12.9 🚀 (#8224)
* chore(package): update knex to version 0.12.9

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:47:09 +02:00
Greenkeeper
11afbbaf41 Update nock to version 9.0.11 🚀 (#8239)
* chore(package): update nock to version 9.0.11

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:46:16 +02:00
Greenkeeper
faecc485da Update cors to version 2.8.3 🚀 (#8240)
* chore(package): update cors to version 2.8.3

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:45:42 +02:00
Greenkeeper
373865a641 Update moment-timezone to version 0.5.12 🚀 (#8247)
* chore(package): update moment-timezone to version 0.5.12

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:37:25 +02:00
Greenkeeper
230da89e66 Update sinon to version 2.1.0 🚀 (#8198)
* chore(package): update sinon to version 2.1.0

https://greenkeeper.io/

* chore: yarn.lock
2017-04-04 09:01:26 +02:00
Greenkeeper
b8e46137c8 Update icojs to version 0.7.1 🚀 (#8233)
* chore(package): update icojs to version 0.7.1

https://greenkeeper.io/

* chore: yarn.lock
2017-03-26 20:08:24 +02:00
Greenkeeper
a7d5682d16 Update icojs to version 0.7.0 🚀 (#8178)
* chore(package): update icojs to version 0.7.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-23 11:19:18 +01:00
Greenkeeper
2419c0ff2e Update knex-migrator to version 2.0.16 🚀 (#8174)
* chore(package): update knex-migrator to version 2.0.16

https://greenkeeper.io/

* chore: yarn.lock
2017-03-15 23:44:56 +01:00
Greenkeeper
c8cc492252 Update knex to version 0.12.8 🚀 (#8173)
* chore(package): update knex to version 0.12.8

https://greenkeeper.io/

* chore: yarn.lock
2017-03-15 23:15:19 +01:00
Greenkeeper
c289508c4c Update knex-migrator to version 2.0.14 🚀 (#8167)
* chore(package): update knex-migrator to version 2.0.14

https://greenkeeper.io/

* chore: yarn.lock
2017-03-15 09:36:59 +01:00
Ryan McCarvill
f61aa662c1 Removed ghost editor dependency (#8137)
refs #7429
- ☢️ 👷🏻‍♀️ This PR removes the dependency on Ghost-Editor and replaces it with the Mobiledoc DOM renderer. It includes new DOM based default cards and atoms.
2017-03-14 18:07:33 +00:00
Katharina Irrgang
f4a68a2e52 🔥 remove gulp (#8159)
* remove gulpfile
* remove gulp dependencies
* Update README.md
2017-03-14 14:20:53 +00:00
Greenkeeper
234e27ff87 Update ghost-ignition to version 2.8.9 🚀 (#8139)
* chore(package): update ghost-ignition to version 2.8.9

https://greenkeeper.io/

* chore: yarn.lock
2017-03-13 09:44:21 +01:00
Greenkeeper
0d2f9c6aa8 Update passport-ghost to version 2.3.1 🚀 (#8125)
* chore(package): update passport-ghost to version 2.3.1

https://greenkeeper.io/

* chore: yarn.lock
2017-03-10 19:56:02 +01:00
Greenkeeper
45127d4b0a Update knex-migrator to version 2.0.13 🚀 (#8124)
* chore(package): update knex-migrator to version 2.0.13

https://greenkeeper.io/

* chore: yarn.lock
2017-03-10 19:35:23 +01:00
Greenkeeper
feaa25dad2 Update knex-migrator to version 2.0.12 🚀 (#8118)
* chore(package): update knex-migrator to version 2.0.12

https://greenkeeper.io/

* chore: yarn.lock
2017-03-09 19:08:06 +01:00
Greenkeeper
29511bf61a Update passport-ghost to version 2.3.0 🚀 (#8108)
* chore(package): update passport-ghost to version 2.3.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-08 15:41:36 +01:00
Greenkeeper
1909e0c730 Update knex-migrator to version 2.0.9 🚀 (#8092)
* chore(package): update knex-migrator to version 2.0.9

https://greenkeeper.io/

* chore: yarn.lock
2017-03-08 15:41:21 +01:00
Greenkeeper
0fd0807f7b Update knex to version 0.12.7 🚀 (#8014)
* chore(package): update knex to version 0.12.7

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 17:29:04 +01:00
Greenkeeper
b79df0e89a Update jsonpath to version 0.2.11 🚀 (#8004)
* chore(package): update jsonpath to version 0.2.11

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 15:24:00 +01:00
Greenkeeper
f74dbc47a6 Update superagent to version 3.5.0 🚀 (#8043)
* chore(package): update superagent to version 3.5.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 15:14:45 +01:00
Greenkeeper
499a2c846b Update validator to version 6.3.0 🚀 (#8049)
* chore(package): update validator to version 6.3.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 15:04:38 +01:00
Greenkeeper
d3954b7833 Update nock to version 9.0.9 🚀 (#8073)
* chore(package): update nock to version 9.0.9

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 14:54:49 +01:00
Greenkeeper
a9612f33be Update oauth2orize to version 1.8.0 🚀 (#8074)
* chore(package): update oauth2orize to version 1.8.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 14:48:44 +01:00
Greenkeeper
4fef487070 Update html-to-text to version 3.2.0 🚀 (#8075)
* chore(package): update html-to-text to version 3.2.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 14:44:02 +01:00
Greenkeeper
3c0adfaa28 Update body-parser to version 1.17.0 🚀 (#8083)
* chore(package): update body-parser to version 1.17.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 14:39:37 +01:00
Greenkeeper
1c45368150 Update express to version 4.15.0 🚀 (#8084)
* chore(package): update express to version 4.15.0

https://greenkeeper.io/

* chore: yarn.lock
2017-03-03 14:35:03 +01:00
Greenkeeper
75ba25db3f Update ghost-ignition to version 2.8.8 🚀 (#8089)
* chore(package): update ghost-ignition to version 2.8.8

https://greenkeeper.io/

* chore: yarn.lock
2017-03-02 17:54:05 +01:00
kirrg001
23c0d691df Update brute-knex 🚀
- chore: yarn.lock
2017-02-28 18:35:58 +01:00
Greenkeeper
415d091578 Update passport-ghost to version 2.2.4 🚀 (#8072)
* chore(package): update passport-ghost to version 2.2.4

https://greenkeeper.io/

* chore: yarn.lock
2017-02-28 18:10:59 +01:00
Greenkeeper
0e11ec90de Update gscan to version 0.2.1 🚀 (#8071)
* chore(package): update gscan to version 0.2.1

https://greenkeeper.io/

* chore: yarn.lock
2017-02-28 17:23:29 +01:00
Greenkeeper
7e0262aaf4 Update knex-migrator to version 2.0.8 🚀 (#8070)
* chore(package): update knex-migrator to version 2.0.8

https://greenkeeper.io/

* chore: yarn.lock
2017-02-28 16:13:56 +01:00
Greenkeeper
2e824f351c Update ghost-editor to version 0.1.10 🚀 (#8039)
* chore(package): update ghost-editor to version 0.1.10

https://greenkeeper.io/

* chore: yarn.lock
2017-02-23 18:39:33 +00:00
kirrg001
6880199767 Update ghost-ignition to version 2.8.7 🚀 2017-02-18 16:17:57 +01:00
Greenkeeper
29d04fd6a2 Update ghost-editor to version 0.1.9 🚀 (#8019)
* chore(package): update ghost-editor to version 0.1.9

https://greenkeeper.io/

* chore: yarn.lock
2017-02-17 15:31:28 +01:00
Greenkeeper
7866579feb Update ghost-ignition to version 2.8.6 🚀 (#8010)
* chore(package): update ghost-ignition to version 2.8.6

https://greenkeeper.io/

* chore: yarn.lock
2017-02-16 15:40:47 +01:00
Greenkeeper
fbea875e6b Update passport-ghost to version 2.2.3 🚀 (#8008)
* chore(package): update passport-ghost to version 2.2.3

https://greenkeeper.io/

* chore: yarn.lock
2017-02-16 12:59:54 +01:00
Greenkeeper
69d42feb4f Update ghost-ignition to version 2.8.5 🚀 (#8002)
* chore(package): update ghost-ignition to version 2.8.5

https://greenkeeper.io/

* chore: yarn.lock
2017-02-15 12:14:43 +01:00
Greenkeeper
4a36dbcba9 Update passport-ghost to version 2.2.2 🚀 (#7999)
* chore(package): update passport-ghost to version 2.2.2

https://greenkeeper.io/

* chore: yarn.lock
2017-02-14 18:19:39 +01:00
Greenkeeper
ead92cbd59 Update passport-ghost to version 2.2.1 🚀 (#7993)
* chore(package): update passport-ghost to version 2.2.1

https://greenkeeper.io/

* chore: yarn.lock
2017-02-13 19:16:49 +01:00
Greenkeeper
196d6d02c0 Update knex-migrator to version 2.0.7 🚀 (#7974)
* chore(package): update knex-migrator to version 2.0.7

https://greenkeeper.io/

* chore: yarn.lock
2017-02-10 16:25:10 +01:00
Greenkeeper
39ec35627b Update knex-migrator to version 2.0.6 🚀 (#7968)
* chore(package): update knex-migrator to version 2.0.6

https://greenkeeper.io/

* chore: yarn.lock
2017-02-09 10:54:56 +01:00
Greenkeeper
ff995f204d Update should-http to version 0.1.0 🚀 (#7944)
* chore(package): update should-http to version 0.1.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 20:14:49 +01:00
Katharina Irrgang
bf7c76b294 Update amperize to version 0.3.4 🚀 (#7964)
closes #7864

- manual PR is needed, because master is on amperize 1.0.0
- but 1.0.0 was not published on purpose
- the latest release is 0.3.4

* chore: yarn.lock
2017-02-08 19:50:58 +01:00
Greenkeeper
44655f6f3d Update superagent to version 3.4.1 🚀 (#7913)
* chore(package): update superagent to version 3.4.1

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 19:36:00 +01:00
Greenkeeper
bc77d05183 Update bson-objectid to version 1.1.5 🚀 (#7863)
* chore(package): update bson-objectid to version 1.1.5

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 18:56:35 +01:00
Greenkeeper
63d9bc7bc5 Update bcryptjs to version 2.4.3 🚀 (#7949)
* chore(package): update bcryptjs to version 2.4.3

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 18:54:16 +01:00
Greenkeeper
16579982f0 Update should to version 11.2.0 🚀 (#7909)
* chore(package): update should to version 11.2.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 18:46:57 +01:00
Greenkeeper
2f4da86574 Update body-parser to version 1.16.0 🚀 (#7859)
* chore(package): update body-parser to version 1.16.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 18:21:14 +01:00
Greenkeeper
4b31aa2988 Update mysql to version 2.13.0 🚀 (#7882)
* chore(package): update mysql to version 2.13.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 17:48:59 +01:00
Greenkeeper
ba377676d0 Update sanitize-html to version 1.14.1 🚀 (#7846)
* chore(package): update sanitize-html to version 1.14.1

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 17:06:09 +01:00
Greenkeeper
b7f4ff8fdb Update multer to version 1.3.0 🚀 (#7896)
* chore(package): update multer to version 1.3.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 17:00:11 +01:00
Greenkeeper
cc01547eef Update express to version 4.14.1 🚀 (#7912)
* chore(package): update express to version 4.14.1

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 16:33:15 +01:00
Greenkeeper
5c08f5fd87 Update fs-extra to version 2.0.0 🚀 (#7851)
* chore(package): update fs-extra to version 2.0.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 16:27:34 +01:00
Greenkeeper
b85bff6bfa Update supertest to version 3.0.0 🚀 (#7917)
* chore(package): update supertest to version 3.0.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 15:42:31 +01:00
Greenkeeper
72e58c6035 Update html-to-text to version 3.1.0 🚀 (#7933)
* chore(package): update html-to-text to version 3.1.0

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 15:36:28 +01:00
Greenkeeper
0159600ae0 Update nock to version 9.0.4 🚀 (#7957)
* chore(package): update nock to version 9.0.4

https://greenkeeper.io/

* chore: yarn.lock
2017-02-08 14:59:46 +01:00
Greenkeeper
867cce09e3 Update ghost-ignition to version 2.8.4 🚀 (#7953)
* chore(package): update ghost-ignition to version 2.8.4

https://greenkeeper.io/

* chore: yarn.lock
2017-02-07 19:41:41 +01:00
Greenkeeper
e9a9963fa3 Update ghost-editor to version 0.1.6 🚀 (#7903)
* chore(package): update ghost-editor to version 0.1.6

https://greenkeeper.io/

* chore: yarn.lock
2017-02-04 15:03:44 +01:00
Greenkeeper
35199a1bce Update knex-migrator to version 2.0.5 🚀 (#7939)
* chore(package): update knex-migrator to version 2.0.5

https://greenkeeper.io/

* chore: yarn.lock
2017-02-04 13:30:21 +01:00
Kevin Ansfield
1eafe25bc6 Update yarn.lock 2017-01-26 18:04:09 +00:00
Greenkeeper
ca4f827945 Update knex-migrator to version 2.0.4 🚀 (#7902)
* chore(package): update knex-migrator to version 2.0.4

https://greenkeeper.io/

* chore: yarn.lock
2017-01-26 00:46:59 +01:00
Greenkeeper
ee3033cde5 Update knex-migrator to version 2.0.3 🚀 (#7897)
* chore(package): update knex-migrator to version 2.0.3

https://greenkeeper.io/

* chore: yarn.lock
2017-01-25 20:11:45 +01:00
Greenkeeper
5f3b5a1c93 Update ghost-ignition to version 2.8.3 🚀 (#7895)
* chore(package): update ghost-ignition to version 2.8.3

https://greenkeeper.io/

* chore: yarn.lock
2017-01-25 19:27:24 +01:00
Greenkeeper
cce3194983 Update knex-migrator to version 2.0.1 🚀 (#7883)
* chore(package): update knex-migrator to version 2.0.1

https://greenkeeper.io/

* chore: yarn.lock
2017-01-24 23:56:37 +01:00
Austin Burdine
bc6980c4ac Update yarn.lock on greenkeeper PR's (#7885)
* update yarn.lock on greenkeeper prs
* chore: yarn.lock
2017-01-24 23:33:10 +01:00
Kevin Ansfield
20efa6fcbb sync yarn.lock file (#7876)
no issue

- between https://github.com/TryGhost/Ghost/pull/7853 being committed and being merged there were changes in `package.json` meaning that the `yarn.lock` file was out of date
2017-01-24 12:07:06 +01:00
Austin Burdine
4dad5ae742 add yarn.lock file and cleanup .travis.yml (#7853)
no issue

- add yarn.lock with latest dependencies
- remove unused travis cache lines and install deps via yarn
2017-01-23 16:32:49 +01:00