Commit Graph

38627 Commits

Author SHA1 Message Date
Fabien 'egg' O'Carroll
e607556913
Stopped us from rendering no html when error occurs
no-issue

We need to make sure that we return, otherwise we'll end up skipping the
error handler middleware and trying to render.
2024-03-14 16:34:13 +00:00
Fabien 'egg' O'Carroll
aaa19a535a
🐛 Fixed 500 errors for invalid theme layouts (#19848)
ref ENG-742
ref https://linear.app/tryghost/issue/ENG-742

We don't do any parsing of layouts in gscan, which means themes can be
uploaded which use non-existent files for their layout.

We can catch the error in the res.render call, and wrap it, just like we
do for missing templates (e.g. the StaticRoutesRouter)
2024-03-14 23:12:26 +07:00
Aileen Booker
f16d9802d0 Added ability to pass minThreshold for Milestone Slack notifications
closes ENG-632

- This listens to a new property in the `milestones` config to set a minimum value of Milestones we wanna use the Slack notification service for
2024-03-14 12:06:43 -04:00
Michael Barrett
60d81b2003
🐛 Fixed /p/ redirects not being indexed by search engines (#19864)
ref
[ENG-741](https://linear.app/tryghost/issue/ENG-741/🐛-our-robotstxt-config-causes-indexing-issues-for-customers-who-have)

`/p/` has been dropped from the `robots.txt` file so that search engines
can index the pages at these locations. In the event that the page at
the location is a preview page, the existing robots meta tag on the page
will prevent indexing.
2024-03-14 14:44:54 +00:00
Fabien O'Carroll
39da5a1f88 Revert "Optimised queries made by get helper for posts"
no-issue

This was incorrectly merged - reverting until the work is complete
2024-03-14 20:26:01 +07:00
renovate[bot]
a309a29ef6 Update dependency terser to v5.29.2 2024-03-14 13:09:36 +00:00
renovate[bot]
c8ea87ba83 Update dependency typescript to v5.4.2 2024-03-14 13:55:11 +01:00
Sag
7a40ab52fb
🐛 Fixed adding recommendation when oembed fails (#19861)
refs https://linear.app/tryghost/issue/ENG-750

- when adding a recommendation, we fetch the recommended site's metadata
- before this change, if the metadata fetch failed for some reason, we'd show an error and block the recommendation from being added
- after this change, we use fallback values if the metadata fails to fetch, instead of blocking the recommendation from being added. We use the site domain as the title and leave the rest empty (no favicon, no description)
- this change also means we are not checking whether a site exists or not for the publisher anymore. It’s then up to the publisher to make sure they don’t enter broken URLs
2024-03-14 11:36:28 +01:00
Sodbileg Gansukh
04c9bf0197
Fixed empty state flashing issue on offers list (#19863)
ref DES-101, DES-105
2024-03-14 09:25:48 +00:00
Sodbileg Gansukh
2029a5846a
Fixed Portal preview flashing issue in Offers (#19862)
ref DES-101
2024-03-14 14:29:17 +08:00
Fabien 'egg' O'Carroll
52a28c0059
Optimised queries made by get helper for posts (#19859)
ref ENG-747
ref https://linear.app/tryghost/issue/ENG-747

H'okay - so what we're trying to do here is make get helper queries more
cacheable. The way we're doing that is by modifying the filter used when
we're trying to remove a single post from the query.

The idea is that we can remove that restriction on the filter, increase
the number of posts fetched by 1 and then filter the fetched posts back
down, this means that the same query, but filtering different posts,
will be updated to make _exactly_ the same query, and so share a cache!

We've been purposefully restrictive in the types of filters we
manipulate, so that we only deal with the simplest cases and the code is
easier to understand.
2024-03-13 19:27:27 +00:00
renovate[bot]
48782df301 Update dependency newrelic to v11.13.0 2024-03-13 17:14:53 +00:00
Kevin Ansfield
47e6911ca0
Added cache-control header back to /auth-frame/ response (#19858)
ref https://linear.app/tryghost/issue/ENG-721

- when changing the response to a `204` for requests with no cookie we'd lost the `Cache-Control: public, max-age: 0` header which meant some cache systems weren't caching as efficiently as possible
2024-03-13 16:00:46 +00:00
renovate[bot]
2c7253edd7 Update dependency ts-node to v10.9.2 2024-03-13 16:31:48 +01:00
renovate[bot]
7f6bc16df8 Update nest monorepo to v10.3.3 2024-03-13 16:31:35 +01:00
Sag
9869d9adb6
Added referral tracking to the powered-by-ghost newsletter badge (#19850)
ref https://linear.app/tryghost/issue/TRI-65

In the context of referrals, we want to understand how useful our
“Powered by Ghost” badges are.

There are currently a few places where the “Powered by Ghost” badge can
be rendered:
- in newsletters (enabled/disabled by publisher, on a newsletter basis)
- in Portal popups, e.g. member signup/signin/account settings
- in the footer of some themes, including Source & Casper

We're adding the query param ?via to evaluate the usage of the badge in
newsletters.
2024-03-13 16:03:13 +01:00
Fabien "egg" O'Carroll
0fb0c6c2b5 Added NestJS Playground
no-issue

This adds the barebones of a NestJS application wired up to the Admin API
behind a feature flag, so that we can experiement with how to use Nest in the
context of Ghost
2024-03-13 19:44:06 +07:00
Fabien "egg" O'Carroll
d2620171ea Refactored auth services so they can be used in Nest
no-issue

This decouples the business logic from the express middleware so that it can be
used inside of a NestJS application.
2024-03-13 19:44:06 +07:00
Daniel Lockyer
d810c0ea38 Updated lockfile 2024-03-13 13:17:16 +01:00
Sag
59bbade630
Fixed browser tests (#19852)
no issue

- browser tests were failing due to the renaming of a button
2024-03-13 12:54:19 +01:00
Peter Zimon
9d9707e6f4
Settings keyboard shortcuts (#19836)
ref DES-166

Accessing settings via a keyboard shortcut is a great productivity
booster for advanced users and it is missing from Ghost today.
2024-03-13 08:46:22 +01:00
Ronald Langeveld
19da5c6af4
Extracted Unsplash Selector from AdminX (#19849)
no issue

- Adds the unsplash selector as a standalone typescript package inside
the Koenig monorepo.
- Currently we have 3 versions of the Unsplash Selector. One in
Koenig-Lexical, one in AdminX and the original Ember version.
- We can now start phasing out the application coupled version of the
selector and replace it with the reusable version.
- We can now import it via npm to any React application.
- This commit removes the Unsplash components from AdminX and imports it
instead.

This is the second commit for this as the previous commit broke styles
due to normalise styles leaking into the Ember app. Disabling preflight
(https://github.com/TryGhost/Koenig/pull/1169) in Tailwind fixed it.
2024-03-12 22:40:33 +02:00
Kevin Ansfield
9203eea673
Released comments-ui 0.16.1 (#19847)
no issue

- includes fix for IFrame modal throwing errors and making comments block disappear when performing certain actions
2024-03-12 18:04:20 +00:00
Kevin Ansfield
dd3bc06761
🐛 Fixed comments block disappearing when performing certain actions (#19846)
closes https://linear.app/tryghost/issue/ENG-739

- `props.innerRef` in `<IFrame>` was inadvertently assumed to always exist, sometimes throwing an error on render when certain popups like the profile settings modal were opened resulting in the app crashing and the whole comments block disappearing
- added a guard to ensure the ref exists before trying to set it
- updated tests so the profile modal route is tested
2024-03-12 17:39:36 +00:00
Fabien 'egg' O'Carroll
5a5ddcb609
🐛 Fixed Tiers API erroring when invalid filter passed (#19845)
closes ENG-730
closes https://linear.app/tryghost/issue/ENG-730/

We've updated the input serializer to parse the filter, and responded
with an error if it cannot be parsed correctly.

Now that it's parsed, we can pass a mongo query object through the
stack, which will lend itself to better typing for this code, which is a
direction we want to go in anyway. We've had to update all the internal
usages of the `browse` method to use mongo query objects.
2024-03-13 00:25:42 +07:00
Ronald Langeveld
36f11a65a0
Revert "Extracted Unsplash Selector from AdminX (#19838)" (#19844)
no issue

- caused a styling regression, making changes then will merge again.
2024-03-12 15:35:09 +00:00
Daniel Lockyer
55791a8c64 Switched to throwing error upon failed image processing
ref https://linear.app/tryghost/issue/ENG-740/http-500-error-when-image-processing-fails
refs 4aad551c72

- upon further discussion, we've decided it's better to throw an error
  in this case because the uploaded image is deemed invalid and storing
  it on the filesystem might cause more issues with resizing/further
  processing in the future
- this commit implements that and alters the tests
2024-03-12 16:24:29 +01:00
Daniel Lockyer
4aad551c72 🐛 Fixed HTTP 500 error when image processing fails during upload
fixes ENG-740
fixes https://linear.app/tryghost/issue/ENG-740/http-500-error-when-image-processing-fails

- in the event the image transform library throws (which can happen for
  many reasons; sharp/libvips can come across a number of errors), we
  currently return this as a HTTP 500 error to the user
- in this case, we should just try-catch the call and jump to the
  non-processing flow where it just saves the original image
- also added breaking test
2024-03-12 15:33:17 +01:00
Kevin Ansfield
ef143978e7
🎨 Reduced requests and 403 responses for comments auth check (#19840)
closes https://linear.app/tryghost/issue/ENG-721
ref https://linear.app/tryghost/issue/ENG-708

Comments-UI loads `/ghost/admin-frame/` in an iframe to check if a Staff User is authenticated in order to  show moderation options. That iframe request loads a HTML page which in turn contains a script that fires off an API request that attempts to fetch the logged-in user details, resulting in a 403 "error" showing up when not authenticated. In the vast majority of cases there will be no staff user authenticated so lots of extra requests and "errors" are seen unnecessarily.

- adjusted the `/ghost/auth-frame/` endpoint to check if the request contains an Admin session cookie
  - if it does, continue as before with rendering the HTML page so the script is loaded
  - if it doesn't, return an empty 204 response avoiding the script request and subsequent 403-generating API request
- eliminates the 403 error being generated for all typical visitor traffic, the error should only be seen when an Admin was previously logged in but their cookie is no longer valid (either from logging out, or going past the 6month validity period)
2024-03-12 12:27:18 +00:00
Daniel Lockyer
dea639e3f6 🐛 Fixed returning HTTP 500 response when recommendations check fails
ref ENG-737
ref https://linear.app/tryghost/issue/ENG-737/http-500-errors-from-recommendations-check-endpoint

- it's still possible for `this.#externalRequest.get` to throw, like if
  DNS resolution fails
- we want to try-catch this so we don't throw from this function and
  return a HTTP 500 to the user
- instead, we can just return `undefined`, which is the fallback
- adds a breaking test too
2024-03-12 12:31:44 +01:00
Daniel Lockyer
5fa4496d52 🐛 Fixed HTTP 500 responses when oembed endpoint receives error
fixes https://github.com/TryGhost/Product/issues/4237

- this fixes the fact that we return a HTTP 500 response when the oembed
  library receives an error, such as a 401 or 403
- includes special handling for cases where we want to return a slightly
  different error message
- also adds unit tests for @tryghost/oembed-service package
2024-03-12 12:31:44 +01:00
Daniel Lockyer
6842d599e9 🐛 Fixed handling of image uploads with overly long filenames
fixes ENG-733
ref https://linear.app/tryghost/issue/ENG-733/handle-image-uploads-where-name-is-too-long

- filesystems usually have a filename length limit; ie. on macOS it is
  255 characters
- if a file is uploaded with a longer filename, we'll return a HTTP 500
- we shouldn't do this as it is user error, so we can just catch the
  error code and return BadRequest
- this implements that, and adds a breaking test
2024-03-12 12:31:44 +01:00
Daniel Lockyer
6db20fc14b Fixed minor code nits
- made fixes for the following:
  - jsdoc definitions
  - typos
  - extra parameter to function
  - missing `utf-8` to fs file read
2024-03-12 12:31:44 +01:00
Ronald Langeveld
6719bcf46e
Extracted Unsplash Selector from AdminX (#19838)
no issue

- Adds the unsplash selector as a standalone typescript package inside
the Koenig monorepo.
- Currently we have 3 versions of the Unsplash Selector. One in
Koenig-Lexical, one in AdminX and the original Ember version.
- We can now start phasing out the application coupled version of the
selector and replace it with the reusable version.
- We can now import it via npm to any React application.
- This commit removes the Unsplash components from AdminX and imports it
instead.
2024-03-12 11:06:57 +00:00
renovate[bot]
bba53b82aa Update dependency html-validate to v8.15.0 2024-03-12 06:26:02 +01:00
timemanagementsk
7fb5def470
Edited few phrases in Slovak (sk) translation to make it sound better (#19825)
I think my changes make the Slovak better. I changed just a few thins,
it's my first time trying Github, but if this is approved, I plan to do
more changes in the future and make the Slovak translation even btetter.

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-03-11 17:56:26 -04:00
Raka Afp
6e82aac14f
Updated Bahasa Indonesia translations (#19829)
Translation for new strings in portal.json
2024-03-11 14:58:31 -04:00
Daniel Lockyer
360ecf15ae 🐛 Fixed HTTP 500 error when given incorrect Range header
ref ENG-729
ref https://linear.app/tryghost/issue/ENG-729/incorrect-range-header-leads-to-http-500-errors

- we didn't have handling here for the `RangeNotSatisfiableError` that
  can come from express/serve-static/send
- as a result, passing an invalid range would cause a 500 error
- this prevents that and adds a breaking test
2024-03-11 19:14:30 +01:00
Daniel Lockyer
162f438c63 Updated @tryghost/errors dependency
- this version is written in TS, but was published a few months ago and
  needs to be bumped here
- also updates a previous deep include into the library, which was
  unnecessary anyway
2024-03-11 17:33:51 +01:00
Daniël van der Winden
f0d6a64f7a
Fixed scrolling issues on members table (#19833)
ref DES-86

Set fixed widths for different columns on the Members table specifically, so content does not jump up & down anymore as you scroll down the page.

---------

Co-authored-by: Peter Zimon <peter.zimon@gmail.com>
2024-03-11 17:32:10 +01:00
renovate[bot]
b41d9c9251 Update dependency html-validate to v8.10.0 2024-03-11 17:17:01 +01:00
renovate[bot]
0162fea441 Update dependency typescript to v5.4.2 2024-03-11 17:16:17 +01:00
renovate[bot]
439644e21c Update storybook monorepo to v7.6.17 2024-03-11 17:16:02 +01:00
Sodbileg Gansukh
be3a5664a2
Added escape key handler to select elements (#19689)
ref DES-58
2024-03-11 17:40:03 +08:00
renovate[bot]
4c02b60ec3 Update dependency nodemailer to v6.9.12 2024-03-08 22:52:06 +00:00
Ghost CI
f83d51c1e3 v5.80.2 2024-03-08 16:04:08 +00:00
Ghost CI
76383b4295 🎨 Updated Source to v1.2.0 2024-03-08 16:04:08 +00:00
renovate[bot]
e17bbb6215 Update dependency i18next to v23.10.1 2024-03-08 07:07:33 +00:00
Peter Zimon
ad491ea4f3
Fixed udpated banner z-index (#19822)
refs.
https://linear.app/tryghost/issue/DES-168/z-index-is-really-messed-up-in-settings

The update banner's z-index was conflicting with settings.
2024-03-07 14:46:48 +01:00
renovate[bot]
57c5e24f5b Update dependency jose to v4.15.5 2024-03-07 12:55:02 +00:00