Commit Graph

38078 Commits

Author SHA1 Message Date
renovate[bot]
57c5e24f5b Update dependency jose to v4.15.5 2024-03-07 12:55:02 +00:00
renovate[bot]
3301332253 Update dependency express to v4.18.3 2024-03-07 13:42:27 +01:00
Ghost CI
624168ead5 Merged v5.80.1 into main 2024-03-07 09:04:51 +00:00
Ghost CI
0a8716b0ae v5.80.1 2024-03-07 09:04:50 +00:00
Sag
ae95e8de8c Fixed tiers paywall selecting all paid tiers (#19817)
refs INC-36

- oversight in parent commit 00cff0a
2024-03-06 22:35:43 +01:00
Sag
69466ecab9 🐛 Fixed free tier showing in the tiers-only paywall in posts (#19807)
refs INC-36
fixes https://github.com/TryGhost/Ghost/issues/19796

- The tiers-only paywall was incorrectly rendering "Free". Example:
"This post is for subscribers of the Free, Silver and Gold tiers only"
- Steps to reproduce the issue:
    1. Create a post with public visibility, publish it
    2. Then swap the visibility to specific tiers. The default selects all
paid tiers. Leave it like that
    3. Update the post. The paywall show Free, even though it should be
showing only the paid tiers
- This fix filters out the "free" tier when visibility is set to tiers,
before updating a Post or a Page. The fix includes bulk updates from the
list of Posts and Pages (right-click on a Post/Page > Change Access).
2024-03-06 22:35:33 +01:00
Sag
656846018a
Fixed tiers paywall selecting all paid tiers (#19817)
refs INC-36

- oversight in parent commit 00cff0a
2024-03-06 22:14:17 +01:00
Sag
00cff0aece
🐛 Fixed free tier showing in the tiers-only paywall in posts (#19807)
refs INC-36
fixes https://github.com/TryGhost/Ghost/issues/19796

- The tiers-only paywall was incorrectly rendering "Free". Example:
"This post is for subscribers of the Free, Silver and Gold tiers only"
- Steps to reproduce the issue:
    1. Create a post with public visibility, publish it
    2. Then swap the visibility to specific tiers. The default selects all
paid tiers. Leave it like that
    3. Update the post. The paywall show Free, even though it should be
showing only the paid tiers
- This fix filters out the "free" tier when visibility is set to tiers,
before updating a Post or a Page. The fix includes bulk updates from the
list of Posts and Pages (right-click on a Post/Page > Change Access).
2024-03-06 21:30:00 +01:00
Thibault Malfoy
5f80e9f7db
Fix a French translation error in portal.json (#19803)
In this context, "save" should be translated as "économiser".
2024-03-06 11:41:27 -05:00
Ronald Langeveld
8a67901355
Updated test to check for Unsplash button in Admin (#19814)
ref DES-167

https://linear.app/tryghost/issue/DES-167/🐛-unsplash-in-admin-x-not-styled-correctly
2024-03-06 14:54:37 +00:00
Steve Larson
ae5df293c3
Fixed button spacing in Portal unsubscribe popup footer (#19815)
no ref
- The 'Get help' button was only adding margin on the left when accessed
through account management even though it is also shown on the
unsubscribe page accessed via link.
2024-03-06 14:53:02 +00:00
renovate[bot]
b205214247 Update dependency terser to v5.29.1 2024-03-06 14:45:31 +00:00
Steve Larson
7a36917c6a
Released Portal v2.37.5 (#19812)
ref ENG-677
- Improved unsubscribe from url workflow staying in sync with logged in
user.
- Added tests covering the unsubscribe from url workflow.
2024-03-06 14:37:04 +00:00
renovate[bot]
1c7868b362 Update dependency terser to v5.29.0 2024-03-06 10:45:30 +00:00
Kevin Ansfield
3090f8ec95
🎨 Improved lazy-loading of comments data (#19809)
no issue

Bumps `Comments-UI` app version that contains an improvement to data loading:

- within the comments block we only use Admin auth to show moderation options on each displayed comment but we were always pre-emptively loading the `admin-auth` frame and making the associated Admin API user request. That loading has now been deferred until at least one comment has been displayed cutting down unnecessary requests on each post view
2024-03-06 10:29:55 +00:00
Sodbileg Gansukh
bac35d9028
Fixed various Unsplash design bugs (#19806)
ref DES-167

- fixed visibility of Unsplash button in publication cover setting
- fixed gallery image ratio
- fixed search input border style
- fixed icon fill color issue of the download button
- fixed insert image alignment
- fixed author thumbnail pixelation
2024-03-06 10:29:42 +00:00
Kevin Ansfield
78aba5b22a
🎨 Improved lazy-loading of comments data (#19809)
no issue

Bumps `Comments-UI` app version that contains an improvement to data loading:

- within the comments block we only use Admin auth to show moderation options on each displayed comment but we were always pre-emptively loading the `admin-auth` frame and making the associated Admin API user request. That loading has now been deferred until at least one comment has been displayed cutting down unnecessary requests on each post view
2024-03-06 10:17:32 +00:00
Kevin Ansfield
b704530d74
🐛 Fixed unexpected conversion of single-quoted attributes in HTML cards (#19727)
closes ENG-627

We were using `cheerio` to parse+modify+serialize our rendered HTML to modify links for member attribution. Cheerio's serializer has a [long-standing issue](https://github.com/cheeriojs/cheerio/issues/720) (that we've [had to deal with before](https://github.com/TryGhost/SDK/issues/124)) where it replaces single-quote attributes with double-quote attributes. That was resulting in broken rendering when content used single-quotes such as in HTML cards that have JSON data inside a `data-` attribute or otherwise used single-quotes to avoid escaping double-quotes in an attribute value.

- swapped the implementation that uses `cheerio` for one that uses `html5parser` to tokenize the html string, from there we can loop over the tokens and replace the href attribute values in the original string without touching any other part of the content. Avoids a full parse+serialize process which is both more costly and can result unexpected content changes due to serializer opinions.
  - fixes the quote change bug
  - uses tokenization directly to avoid cost of building a full AST
- updated Content API Posts snapshot
  - one of our fixtures has a missing closing tag which we're no longer "fixing" with a full parse+serialize step in the link replacer (keeps modified src closer to original and better matches behaviour elsewhere in the app / without member-attribution applied)
  - the link replacer no longer converts `attr=""` to `attr` (these are equivalent in the HTML spec so no change in behaviour other than preserving the original source html)
- added a benchmark test file comparing the two implementations because the link replacer runs on render so it's used in a hot path
  - new implementation has a 3x performance improvement
  - the separate files with the old/new implementations have been cleaned up but I've left the benchmark test file in place for future reference

Benchmark results comparing implementations:

```
❯ node test/benchmark.js

LinkReplacer
├─ cheerio: 5.03K /s ±2.20%
├─ html5parser: 16.5K /s ±0.43%

Completed benchmark in 0.9976526670455933s
┌─────────────┬─────────┬────────────┬─────────┬───────┐
│   (index)   │ percent │ iterations │ current │  max  │
├─────────────┼─────────┼────────────┼─────────┼───────┤
│   cheerio   │   ''    │ '5.03K/s'  │  5037   │ 5037  │
│ html5parser │   ''    │ '16.5K/s'  │  16534  │ 16534 │
└─────────────┴─────────┴────────────┴─────────┴───────┘
```
2024-03-06 09:11:49 +00:00
Sodbileg Gansukh
b90d66a846
Fixed various Unsplash design bugs (#19806)
ref DES-167

- fixed visibility of Unsplash button in publication cover setting
- fixed gallery image ratio
- fixed search input border style
- fixed icon fill color issue of the download button
- fixed insert image alignment
- fixed author thumbnail pixelation
2024-03-06 16:48:13 +08:00
Steve Larson
cbb27c2d53
Fixed TZ dependency in Portal helpers test (#19804)
no refs
- Tests run locally (US TZ) often always failed because the dates are
pushed to the en-GB locale. The test now forces the same TZ onto the
compared to date.
2024-03-05 15:44:07 -06:00
Steve Larson
2bb566f18f
Added Portal tests for newsletter subscriptions (#19802)
refs https://linear.app/tryghost/issue/ENG-677

- Portal was completely missing tests for `UnsubscribePage`
- `UnsubscribePage` is unique for Portal in that it needs to be able to
handle logged in and not-logged-in member state/interactions
- Various parts of Portal don't use a shared `GhostApi` instance, making
mocking all functionality impossible
- `UnsubscribePage` was updated to use `onAction` to bring it in line
with other Portal interactions while logged in
- Added checks for UI components for more precision in tests checking subscriptions within the UI

---------

Co-authored-by: Ronald Langeveld <hi@ronaldlangeveld.com>
2024-03-05 19:22:50 +00:00
Kevin Ansfield
857588ed60
Released comments-ui 0.16.0 (#19800)
no issue

- defers loading of `admin-auth` frame and it's API request until we are displaying some comments
  - defers the frame load and API request until the comments box is scrolled into view
  - eliminates the requests altogether for posts that have no comments
2024-03-05 16:20:19 +00:00
Kevin Ansfield
92a8a53a95
Added lazy-loading of admin auth in Comments UI (#19799)
closes ENG-711

When an Admin is authenticated in Comments-UI we only add moderation options to the displayed comments so we don't need to pre-emptively load the `admin-auth` iframe and make the `/ghost/api/admin/users/me/` request until some comments are actually visible.

- used `state.comments.length` property to defer rendering of the admin auth frame until comments have been fetched (after box is scrolled into view) and the count is > 0
2024-03-05 15:57:20 +00:00
Djordje Vlaisavljevic
50770d20b1
Reorganized and improved meta data settings so it's easier to parse DES-159
refs DES-159
2024-03-05 11:23:42 +00:00
Sodbileg Gansukh
e3d01e0b1f
Decreased header spacing for newsletters on mobile screen (#19690)
ref DES-115
2024-03-05 14:01:58 +08:00
Fabien O'Carroll
d9fb4787ec Removed whitelist of JWT errors
refs https://linear.app/tryghost/issue/ENG-712/

I don't think we ever need to respond with a 500 here, if the verify call
fails, we know that the token is unauthorized for use.
2024-03-05 03:04:34 +07:00
Fabien O'Carroll
dcbd168585 🐛 Fixed 500 error for premature api token use
refs https://linear.app/tryghost/issue/ENG-712

We weren't handling the NotBeforeError and instead responing with a 500 which
is not correct.
2024-03-05 03:04:34 +07:00
renovate[bot]
b6b2e2ea31 Update dependency newrelic to v11.12.0 2024-03-04 18:35:26 +00:00
Peter Zimon
6d6969f4b0
Portal signup page spacing fixes (#19791)
refs.
https://linear.app/tryghost/issue/DES-161/portal-signup-window-spacing-problem

The products section is returned even if there's only a free product in
the publication. This results in an extra, unnecessary space between the
signup form inputs and the signup button.
2024-03-04 16:27:30 +01:00
Ronald Langeveld
8582462619
🐛 Fixed emojis not updating in Announcement Bar (#19792)
refs
https://linear.app/tryghost/issue/ENG-358/🐛-emojis-created-with-lexicals-emoji-picker-are-not-displayed

- Changed the update method from onBlur to a 500ms denounce instead
since the onBlur would update before the emoji plugin for the koenig
editor input field manages to create the emoji.
- Switching to denouncing would ensure the preview only updates once the
input field stopped being modified.
2024-03-04 13:17:42 +00:00
Ronald Langeveld
2816c2c128
Added try/catch to iFrame buffering in Settings (#19790)
refs https://ghost.slack.com/archives/CTH5NDJMS/p1709230854358779

- Customer reported that some code they injected via the Code Injection
crashed the Preview in Ghost Settings.
- This wraps the function where the crash took place (according to
Sentry) in a try/catch to attempt to handle it gracefully.
- Added an additional Sentry log to better understand the situation
should it happen again.
2024-03-04 11:11:03 +02:00
Ghost CI
9df5148427 v5.80.0 2024-03-01 16:04:20 +00:00
renovate[bot]
69459e9b42 Update dependency yjs to v13.6.14 2024-03-01 11:32:05 +00:00
renovate[bot]
81f1b63cca Update dependency yjs to v13.6.13 2024-02-29 19:32:37 +00:00
Peter Zimon
8f3617aaa8
Content card design improvements (#19737)
refs. https://linear.app/tryghost/issue/DES-122/bookmark-card-issues

This PR addresses the following content card related problems:

1. The design of the following cards are more self-contained so it makes
more sense to use `px` for their font-sizes and spacings so it looks the
same regardless of the theme. Of course themes still can override these
values.

Updated cards to use `px` for font sizing:
- audio
- bookmark
- file
- product

2. So far header and signup cards had been using `rem` for font-sizes
and some sizing. This commit updates these to use `em` instead so that
it's consistent with all other cards.

3. The favicon sometimes is not available for bookmark cards. This PR also
fixes that by providing a default favicon for these cases.
2024-02-29 17:09:34 +01:00
Sanne de Vries
c7e475feb0
Remove comment icon at the top of email template (#19771)
Refs
https://linear.app/tryghost/issue/DES-80/newsletter-view-in-browser-breaking-to-next-line-with-incorrect
2024-02-29 14:45:38 +01:00
Kevin Ansfield
e0d8e18785
Added lazy-loading of comments data (#19778)
no issue

Bumps `Comments-UI` app version that contains a few changes:

- comments data is now lazy-loaded with API requests being deferred until the comments block is scrolled into view, saving up-front visitor data usage as well as reducing server-load for page views where the comments are never seen
- comments data is now fetched from `/members/api/comments/{post_id}/` rather than using the post_id in the `filter` param to enable cache bucketing and cache invalidation
- `created_at` timestamp has been dropped from the initial comments data request so the results can be cached, on pagination requests the timestamp has been improved to use the created_at data from the response so it remains consistent and can also be cached
- `order` param has been dropped from API requests as the API has been updated to include our default ordering
2024-02-29 10:21:05 +00:00
renovate[bot]
bfe291042c Update dependency nodemailer to v6.9.11 2024-02-29 09:28:12 +00:00
Ronald Langeveld
6c624d12a2
🎨 Include archived offers in members filter (#19756)
refs
https://linear.app/tryghost/issue/ENG-19/allow-archived-offers-to-be-used-in-member-filtering

- Removed the filter to only include Active Offers so that we can also
filter memebers that previously redeemed archived offers.
2024-02-29 08:31:23 +02:00
Fabien 'egg' O'Carroll
a489d5a3d8
Added /comments/:id/replies/ to X-Cache-Invalidate
refs https://linear.app/tryghost/issue/ENG-682/

This should allow us to bust both endpoints cache when write operations
are made to comments.
2024-02-28 23:15:02 +00:00
Steve Larson
c2f3ffaca7
🐛 Prevented newsletter subscriptions from getting out of sync in Portal (#19768)
refs https://linear.app/tryghost/issue/ENG-677
- UnsubscribePage is intended to be able to be used without logging in
to Portal. The app context (member state) was not synchronized when
logged in, causing conflicts in the client data vs. database.
- Now when a logged in member is found, the member object is manually
updated to reflect the API response(s).
2024-02-28 13:57:19 -06:00
Kevin Ansfield
c365972aa8
Released Comments-UI 0.15.0 (#19775)
no issue

- switches post browse requests to`/members/api/comments/post/:post_id/` to enable better cache bucketing
and invalidation
- removes `order` param from browse and replies requests
2024-02-28 18:59:01 +00:00
Kevin Ansfield
44e602b447
Switched to default ordering for comments API requests (#19774)
closes ENG-681

There's no need to provide an `order` param with every request in Comments-UI if the API has default ordering that matches our requirements. The order param makes logs more noisy/harder to read than they need to be so we want to get rid of it.

- modified comments API input serializer to add a default order param to the browse and replies endpoints when none is provided
- removed order param from the requests that Comments-UI makes
2024-02-28 18:42:02 +00:00
Fabien O'Carroll
4c6f7715ef Cleaned up comments controller
no-issue

This removes some redundant calls to `get` and makes refactoring
easier in future.
2024-02-29 00:24:34 +07:00
Fabien O'Carroll
001f2b0b91 Invalidated post comments cache on like&unlike
refs https://linear.app/tryghost/issue/ENG-676/

We want to make sure that we're not serving stale liked counts for
comments, which means we need to cache bust when they're liked/unliked

Unfortuantely this means we need to fetch the comment from the db so
that we have access to the post id.
2024-02-29 00:24:34 +07:00
Fabien O'Carroll
58dd79ccb4 Invalidated the new comments endpoint cache on add & edit
refs https://linear.app/tryghost/issue/ENG-676/

This is the meat of the change and actually causes the cache to be
invalidated on adds and edits to the comments endpoints.

It doesn't currently include the liked/unliked actions at the moment
as we don't have easy access to the post id from those endpoints.
2024-02-28 22:40:56 +07:00
Fabien O'Carroll
a291914fc4 Updated Comments UI to use new endpoint
refs https://linear.app/tryghost/issue/ENG-676/

Now we have the case that there is no filter param, the simple string
approach fails. Instead we build up a URLSearchParams object which
makes it easier to handle conditional params & stringify it at the end.
2024-02-28 22:40:56 +07:00
Fabien O'Carroll
2c6321472c Added endpoint for comments/post/:post_id
refs https://linear.app/tryghost/issue/ENG-676/

This is pretty simple as we can reuse the existing browse method
on the CommentsController, but we need to add support for the post_id
option to the endpoint, for it to be added to the frame.

We also need to update the browse method to enforce the post_id on the
NQL filter. I initially tried this with string concatenation, but ran
into way too many bugs, so we're using a mongo transformer instead.
2024-02-28 22:40:56 +07:00
Djordje Vlaisavljevic
f032f11d8a Added hrefs to paywall links for improved SEO
refs DES-150
2024-02-28 15:28:41 +00:00
Fabien O'Carroll
93263fa7be Ensured that endpoint header config is not modified in future
refs https://linear.app/tryghost/issue/ENG-674/

This will cause errors to be thrown if developers attempt to modify the shared
header config in future.
2024-02-28 21:31:04 +07:00