refs https://github.com/TryGhost/Team/issues/1189
Support for AMP is slowly in decline, and makes developing new cards trickier,
since AMP no longer has an effect of SEO we're going to disable it by default
as a first step toward moving away from it.
Co-authored-by: Thibaut Patel <thibaut@ghost.org>
closes https://github.com/TryGhost/Zapier/issues/56
- fixes tag creation when creating posts with `tags: [{slug: 'new'}]` which should be supported
- assigning tags with only `{slug: 'new'}` was triggering our validation for the required `name` property then bubbling up to the `bookshelf-relations` library resulting in a 500 error
- the fix applied here is to set the `name` field to the same as the `slug` field if a name is not provided
refs https://github.com/TryGhost/Team/issues/1273
This endpoint currently only serves the members public key, which should
never change. A 24 hours cache will drastically reduce the number of
requests for the key, with little to no impact on functionality.
refs https://github.com/TryGhost/Team/issues/1240
As this endpoint is hit on every page load when Portal is enabled, it
can cause a lot of traffic to Ghost. The data does not change very
frequently so we've added a 30s cache policy to alleviate load on servers.
refs https://github.com/TryGhost/Team/issues/1257
refs https://github.com/TryGhost/Team/issues/1261
Certain event listens are being added twice due to the way we "reload"
the MembersAPI which can cause duplicate counts of Offer Redemptions.
Rather than creating multiple instances of the MembersAPI we're moving
toward being able to reload the config in place or passing getters for
the config which will allows us to use the MembersAPI as a singleton,
and remove any bugs which come from creating multiple instances.
This also fixes a bug with the allowSelfSignup config not refreshing when
the portal_plans setting was changed.
refs https://github.com/TryGhost/Team/issues/1257
refs https://github.com/TryGhost/Team/issues/1261
Certain event listens are being added twice due to the way we "reload"
the MembersAPI which can cause duplicate counts of Offer Redemptions.
Rather than creating multiple instances of the MembersAPI we're moving
toward being able to reload the config in place or passing getters for
the config which will allows us to use the MembersAPI as a singleton,
and remove any bugs which come from creating multiple instances.
This also fixes a bug with the allowSelfSignup config not refreshing when
the portal_plans setting was changed.
closes https://github.com/TryGhost/Team/issues/1228
- copy updated to clarify the unsubscribe was for emails only, not full account cancelation
- added a link to member account management so members can easily re-subscribe to emails if desired
refs https://github.com/TryGhost/Team/issues/1258
- members auto login after Stripe checkout feature is GA so labs flag is no longer necessary
- bumps `@tryghost/members-api` to version that does not use the labs flag
refs https://github.com/TryGhost/Team/issues/1262
- Flickr embeds have fixed width/height attributes on the `img` elements but the displayed width is always constrained to the width of the email content container which is less than the attribute width, however the fixed height is observed by email clients resulting in images that are stretched vertically
- added a `height: auto` CSS override so email clients will correctly recalculate the image size when resized to fit the container width
refs https://github.com/TryGhost/Team/issues/1216
Since we are increasing the grace period to 10 minutes, we want to make
sure that server crashes during those 10 minutes do not cause single use
tokens to remain in the system. The quickest was to ensure that without
restartable background jobs is to delete all tokens upon boot.
closes https://github.com/TryGhost/Ghost/issues/13920
- Custom excerpt should be used as a fallback for meta_description in line with the behaviour of OG and Twitter metadata
- We specifically don't want to use the full fallback to the auto-generated preview text when a custom excerpt isn't defined, because we trust search engines to be able to summarise content better than we can
closes https://github.com/TryGhost/Team/issues/1164
- `customThemeSettings` feature is GA so any conditionals can be cleaned up
- removed conditional loading of custom theme settings and associated API routes
- removed event trigger for reloading custom theme settings when the feature flag is toggled
- removed flag from labs GA list
refs https://github.com/TryGhost/Team/issues/1216
Some email security clients are scanning links at delivery, rather than
at the point the user clicks on them. This is causing magic links to
expire. To get around this we're increasing the grace period in which a
link can be used multiple times to 10 minutes.
refs. https://github.com/TryGhost/Ghost/issues/13874
- Improved stability of cards by adding 'box-sizing: border-box;' CSS property to all of them so that it's not required by themes anymore
refs https://github.com/TryGhost/Team/issues/1251
With sites that have a huge number of resources, using limit="all" can
cause OOM errors at the Node level. Administrators now have the ability
to cap limit="all" requests via config. This only affects the get helper
used in themes, not the API, this is by design as themes have less
visibility of issues.
no issue
- The list is gonna get longer and has pottential to be edited few more times in the near future. It's a formatting change to allow seeing added/removed entries easier
refs https://github.com/TryGhost/Team/issues/1249
If we leave focus on the slider than after interacting with it, it will
capture scroll events and move the slider rather than scrolling the
page.
refs https://github.com/TryGhost/Team/issues/1249
Because we cannot resize the container of teh slider without affecting
the surrounding content, e.g. in the context of a grid. We need to
stretch images to fit the slider container.
This also applies the `object-fit: cover` property to the slider image
to help with mis-matched aspect ratios
refs https://github.com/TryGhost/Team/issues/1249
Instead of attempting to calculate teh width of the container, we leave
one image to fill up space naturally as the browser allows it, and then
use that to set the width of the secondary image.
refs https://github.com/TryGhost/Team/issues/1249
Using an input as the slider handle meant setting a width of 100% + px,
which could push width over the size of the screen - not good! This
takes the same approach as the CodePen linked below and uses a separate
element, which has the position of it updated by JS in realtime.
https://codepen.io/josephwong2004/pen/NWRGxdR
The default CSS styles of the new cards that have been released in the past couple of weeks was overoptimised for overridability. It was done by defining the lowest specificity scores for each card style. This resulted in certain default styles being unusable for a lot of themes – e.g. the text color of a button (which is a a element that is usually defined on a higher specificity) could easily be the same color as its background (accent color by default).
The solution to this issue is to increase the specificity level of globally used default elements (such as a's h1 and other headings, p's etc.) to a medium level so that they have precedence over styles that are defined in most themes. Our baseline specificity score for these default style is 21, which seems to be covering most of the cases in popular themes.
This commit contains CSS updates in card default styles that implement this change.
no issue
@tryghost/errors no longer exports GhostError, as we should only be using subclasses. Replace with InternalServerError as a new default, but should be replaced with a relevant error when one exists.
refs https://github.com/TryGhost/Team/issues/1067
As well as providing a better UX for Members, allowing them to use the
site immediately after payment, rather than having to check emails and
use the magic link to sign in, this should reduce issues with members
signing up twice due to being confused after Stripe Checkout.
refs https://github.com/TryGhost/Team/issues/1230
- new audio card allows adding custom audio files with thumbnail to post/page
- also adds new file and media API to manage files/thumbnails uploaded for new cards
refs https://github.com/TryGhost/Team/issues/1249
This contains the initial frontend code to provide a working slider for
the Before/After card. The JS is enclosed in an IIFE so as to not leak
any variables, and the CSS is all scoped to the card only to avoid
interfering with existing styles.
refs https://github.com/TryGhost/Team/issues/1229
- bumped @tryghost/kg-default-cards that contains initial video card rendering
- added video card CSS file with basic style that prevents video element rendering larger than the content width (similar to default image styles in most themes)
no issue
- wraps the card js scripts into an IIFE to avoid polluting global variables on the site
- also any fixes errors caused by `swup` and its scripts-plugin that trips over already created global variables
no-issue
Using the async attribute means that the script is downloaded in
parallel with the parsing of the html into DOM, and then executed upon
completion. This means that the script cannot be sure that particular
parts of the DOM exist as it may not have finished parsing. This has
resulted in bugs with the new toggle card not working.
Switching our script to use the defer attribute means that the script is
still downloaded in parallel with parsing, but it is not executed until
parsing is complete. This means that the script can safely access the
DOM.
refs https://github.com/TryGhost/Team/issues/1001
This adds custom rendering to Twitter embeds for email newsletters, so
that rather than displaying a plaintext blockquote with the tweet
contents, we render an rich Twitter card.
refs: https://github.com/TryGhost/Toolbox/issues/146
Switched to @tryghost/logging instead of passing around the library. The main sticking points of this change are jobs. When jobs are launched we don't want them to use a separate @tryghost/logging instance because they would start parallel rotation jobs. @tryghost/logging v2.x passes all logs to the parent process if run in a child process, so that we can use the same patterns in jobs and the rest of the codebase.
refs https://github.com/TryGhost/Team/issues/1206
- The callout card displays an emoji and a paragraph of text inside a highlighted box.
Co-authored-by:
- Sanne de Vries (@sanne-san)
refs https://github.com/TryGhost/Toolbox/issues/152
- Because the root app module was initialized only once per runtime it caused all the express apps to stack on each other causing all sorts of strange behavior when trying to test redirects/vhost mounts etc. Lesson here: be very cautious of how the module is initialized, an explicit function is almost always a better way!
refs 3c7a8dead4
- The idea is a rip-off from the referenced commit. It allows to isolate initialization logic to "frontend" mounted on top of a "parent"
- Gives path to simplify the express-mock tests
Co-authored-by: Hannah Wolfe <erisds@gmail.com>
refs https://github.com/TryGhost/Toolbox/issues/152
- This stops the mounting of the admin and frontend from being buried deep in express initialisation
- Instead it's explicit, which makes two things almost possible:
1. we can potentially boot the frontend or backend independently
2. we can pass services and settings loaded during boot into the frontend
- This needs more work, but we can start to group all the frontend code together
- Meanwhile we also need to rip apart the routing and url services to decouple the frontend from the backend fully
- BABY STEPS!
Co-authored-by: Hannah Wolfe <erisds@gmail.com>
refs https://github.com/TryGhost/Ghost/issues/13837
- a [refactor](9fa8800b9d) in `@tryghost/bootstrap-socket` changed the signature of the method it exprots, but the use of this
library wasn't updated in Ghost
- therefore, the library was trying to send the `@tryghost/logging` library, which caused
errors with Ghost-CLI down the line, as mentioned in the issue
- this commit updates the method signature to match what is expected
no-issue
Some NFT's are created without a title, for example the Bored Ape Yacht
Club collection does not name the tokens, instead just referring to them
by ID. This change falls back to the token_id, which is unqiue within
the collection to support these tokens.
refs https://github.com/TryGhost/Team/issues/960
- Character like "%%" or "%80" would crash our current url escaping behavior. We consider they aren't valid URLs as the percentages haven't been properly escaped.
refs https://github.com/TryGhost/Team/issues/1200
- The error was fixed in a1421c2380
- The error catching prevents future 500 errors in the API
- The logging enable visibility on these errors to fix them if they happen
refs https://github.com/TryGhost/Team/issues/1200
- The leading/trailing whitespaces are trimmed by `new URL()` but are considered invalid in metascraper. Trimming solves this edge case.
refs https://github.com/TryGhost/Toolbox/issues/151
refs cbec6aa49e
- Without the await the try/catch block does not catch a pottential validation error straight away, which leads to a 500 error instead of a validation error being returned. The regression was introduced during the refactor (part of referenced commit).
This reverts commit 303ea87897.
- Although gscan catches these now, we have a number of sites that have slipped through the net
- Reverting until we get them all cleaned up
- one big file full of stuff is never good for clarity
- separating it out helps us see what requires what
- it also highlights the awful naming and opaque behaviour we have in themes - much to do, but this helps us start
refs https://github.com/TryGhost/Toolbox/issues/151
refs cbec6aa49e
- The error was happening due to incorrect "this" context. Because the filename and extension are only used once in this class and only for the purposes of the error message have moved the whole thing into the error message itself. No need to keep additional variables around when there's no clear usecase.
refs https://github.com/TryGhost/Team/issues/1067
As part of the work of automatically logging members in after payment,
we want to revisit the emails. Currently after payment we send an email
asking a member to _confirm_ their subscription, and that they can
ignore the email to cancel the subscription. This is not the case
however, as the member has already been subscribed.
refs: TryGhost/Toolbox#147
* Replaces all references to isIgnitionError with isGhostError
* Switches use of GhostError to InternalServerError - as GhostError is no longer public
There are places where InternalServerError is not the valid error, and new errors should be added to the @tryghost/errors package to ensure that we can use semantically correct errors in those cases.
refs https://github.com/TryGhost/Team/issues/1234
Sharp can occasionally fail resizing, this is usually due the the
underlying libvips library failing. We do not want this to cause an
error however, instead we should just show the original image - as
resizing is an optimisation, rather than a requirement.
refs https://github.com/TryGhost/Team/issues/1001
We fall back to existing behaviour if no API key is present, or if there
is an error communicating with the Twitter API. We're also currently
requesting all the data, which will be thinned down once we understand
what we need.
This also includes a custom renderer for embeds of type "twitter" which
will be used to output the custom HTML for emails
- our themeErrorRenderer is only used in the frontend.. move it there
- this required exposing prepareError as shared middleware
- TODO: move these shared compontents to @tryghost/error
refs: 0799f02e80
refs: 5e931e2e37
- with the referenced two commits I replaced our old HTML renderer with some code borrowed heavily from finalHandler
- I had intended to modify this further to out put our message, context and help error messages
- However, I ended up doing this in prepareError so it's done for all error renderers
- There's now very little point keeping duplicated code from finalHandler just to output the status code
- If we remove this code, express will fall back to finalHandler anyway, so the output is near identical
- got rid of old _private & variable pattern in favour of const and module.exports
- changed weird capitalisation naming conventions to be camelCase
- removed some very old TODOs that we're never gonna get TODONE
- these are mostly old ideas that never made it, and it's been so long they're clearly not important
refs: https://github.com/TryGhost/Toolbox/issues/105
Lint rules prevent:
* Invalid naming conventions for new migrations
* Loop constructs in migrations - these should be used with caution
and are therefore a warning rule, use `// eslint-disable-next-line
no-restricted-syntax` to prevent this rule from firing where a loop is
required
* Returing within a loop - this is usually meant to be a
continue/break
* Multiple joins - these can be badly performing migrations, so should
be treated with caution, disable the rule for the line if the risk is
understood / the migration cannot be written without it
refs: 4474ca1a1d
refs: 0799f02e80
The BasicErrorRenderer was created as a fallback for when we needed to not render templates, which is
chiefly when we're trying to render a 404 for an image. Using a template puts us at risk of an infinite 404 loop
if the missing image is referenced in the 404 template.
As of 0799f02e, the HTMLErrorRenderer no longer uses templates - instead we serve a very simple HTML page.
This can be used instead of the BasicErrorRenderer, as it results in a properly formatted error.
Even when sending responses in plain text, the content type is returned as HTML and therefore having an
unformatted error makes no sense - if we really need a non-html format I guess there should be no body at all.
refs https://github.com/TryGhost/Toolbox/issues/120
- Having an "options" parameter in the controller definition was missleading as if the `url` or `ref` parameters were expected as a part of the qurey parameter. These variables should be provided as a part of the request body, thus having them in "data" attribute is more accurate
refs https://github.com/TryGhost/Toolbox/issues/139
- Having tight coupling with backup file path calculation for redirects makes it extremely hard to test. In addition, having it injected will make it easier to swap this dependency to the mechanism similar to one used for routes files
refs https://github.com/TryGhost/Toolbox/issues/139
- The custom redirects services belong in the initServicesForFrontend because frontend depends on these to function properly. When placed in general init section the middleware would not get initialized properly before it's used by the "frontend express app"
refs https://github.com/TryGhost/Toolbox/issues/139
- The pattern we use accross the codebase is a single "options" object passed into a constructor instead of passing multiple parametes. Fixed the broken pattern in CustomRedirectsAPI constructor
refs 91efa4605c
- Referenced commit introduced a double json-stringification to uploaded redirects.json files.
- The endpoint has no stability index of any sort and is meant to be dropped in Ghost v5. It's best to rework the redirects to the yaml format as descirbe here - https://ghost.org/docs/tutorials/implementing-redirects/#file-structure
- moving this middleware because we're about to add a second piece of middleware
- it's easier to see what we have when each middleware is in its own file rather than in one big middleware.js file
refs https://github.com/TryGhost/Team/issues/1236
We use Offer names for the Stripe Coupon name - which has a limit of 40
characters. We are now introducing a limit of 40 characters to Offer
names too. This migration ensures that all our data in the DB is valid.
no issue
When switching the oembed service to async/await the error handling was not correctly refactored. `this.errorHandler(url)` was returning a curried function so it could be used as `.catch(this.errorHandler(url))` but that's not how it's being used after the async/await change meaning we were returning a function rather than the result of that function.
- `this.errorHandler(url)` is now only used in one place where `url` is available so removed the method and moved the body of the curried function inline into the `catch` handler
- added a message to the logged error so it's more clear what the log refers to