Commit Graph

2067 Commits

Author SHA1 Message Date
Daniel Lockyer
55948ef4a6 v3.26.0 2020-07-21 13:45:57 +01:00
Fabien O'Carroll
73badf150f 🐛 Fixed race condition when configuring Stripe
closes #12065

Includes the code from https://github.com/TryGhost/Members/pull/185
2020-07-21 14:22:06 +02:00
Fabien O'Carroll
0fe80edc0a 🐛 Fixed Stripe Subscriptions with trail periods
no-issue

This fixes a problem when subscribing to a Plan (Price) with a default
trial period. We also add logging to add a little more information about
which flow we're entering.

Subscriptions that are started with a trial have a
present on the Checkout Session object, which was incorrectly causing us
to determine that we are in a setup flow and attempt to update a
customers card details.

We now use the  property of the Checkout Session to determine
whether we are handling a new Subscription, or if we are in a setup
flow and should update the Customer's card details.

Includes the code from https://github.com/TryGhost/Members/pull/184
2020-07-21 14:22:06 +02:00
Fabien O'Carroll
1822e5d23e 🐛 Fixed webhook cleanup to handle older URLs
closes #12061

Includes the code from https://github.com/TryGhost/Members/pull/181
2020-07-21 14:22:06 +02:00
Renovate Bot
09ff9cd331
Update dependency @tryghost/members-ssr to v0.8.3 2020-07-21 11:48:24 +00:00
Renovate Bot
3f08443e26
Update dependency @tryghost/magic-link to v0.4.11 2020-07-21 10:05:00 +00:00
Renovate Bot
b3aec95230
Update dependency express-hbs to v2.3.4 2020-07-20 10:57:49 +00:00
Renovate Bot
32a043c27c
Update dependency eslint to v7.5.0 2020-07-20 05:35:46 +00:00
Renovate Bot
33813962d3
Update dependency @sentry/node to v5.19.2 2020-07-14 08:04:55 +00:00
Daniel Lockyer
ae68d090ca v3.25.0 2020-07-13 14:52:36 +01:00
Fabien O'Carroll
832ecad43b Improved handling of Stripe webhooks on boot
no-issue

This version of members-api includes changes to how webhooks are
managed, previously they would be deleted and recreated on every boot of
Ghost. Now they are created and the secret is persisted, on boot the
webhook is updated to the most current url and events. If the api
version is wrong or the update fails, the webhook is deleted and
recreated and the settings updated.

 - Installed @tryghost/members-api@0.24.0
 - Updated config to work with 0.24.0
2020-07-10 17:43:46 +02:00
Daniel Lockyer
59ef5c0ef5 v3.24.0 2020-07-10 14:26:50 +01:00
Renovate Bot
fe962345af
Update dependency knex to v0.21.2 2020-07-09 22:13:35 +00:00
Daniel Lockyer
872c2dc4b3 v3.23.1 2020-07-09 10:05:08 +01:00
Renovate Bot
746e7ce3f2 Update dependency @sentry/node to v5.19.1 2020-07-09 07:50:29 +01:00
Renovate Bot
08edb08d3f
Update dependency lodash to v4.17.19 2020-07-08 17:37:40 +00:00
Renovate Bot
c8f8896661
Update dependency lodash to v4.17.18 2020-07-08 16:28:46 +00:00
Rish
659900d01c Bumped @tryghost/members-api to 0.23.2
no issue

🐛 Fixed incorrect payload creation for magic link token
2020-07-08 21:57:25 +05:30
Renovate Bot
74c27aabbb
Update dependency lodash to v4.17.17 2020-07-08 14:24:53 +00:00
Daniel Lockyer
63426f3a42 v3.23.0 2020-07-08 15:23:23 +01:00
Renovate Bot
6996922ed0 Update dependency express-jwt to v6 [SECURITY] 2020-07-08 15:09:54 +02:00
Renovate Bot
f4a060c923
Update dependency @tryghost/members-ssr to v0.8.2 2020-07-08 12:32:29 +00:00
Renovate Bot
ec48cccadb
Update dependency @tryghost/members-csv to v0.2.1 2020-07-08 11:07:53 +00:00
Renovate Bot
5dfbc05b5f
Update dependency @tryghost/members-api to v0.23.1 2020-07-08 10:06:02 +00:00
Renovate Bot
60940253ad
Update dependency @tryghost/magic-link to v0.4.10 2020-07-08 08:25:12 +00:00
Daniel Lockyer
8956a9df35 Merged 3.22.2 into master
* tag '3.22.2':
  v3.22.2
  Updated Ghost-Admin to v3.22.2
  Emitted all settings events on reinit of cache (#12012)
  🐛 Updated access to be true by default in v3 API
  Hardened members subscription migration against missing data (#12009)
2020-07-06 16:19:55 +01:00
Daniel Lockyer
ae80f742d3 v3.22.2 2020-07-06 16:17:13 +01:00
Renovate Bot
d5d6a25600
Update dependency ajv to v6.12.3 2020-07-06 00:06:33 +00:00
Renovate Bot
afcb4f099e
Update dependency eslint to v7.4.0 2020-07-03 21:00:03 +00:00
Kevin Ansfield
061d8c6ac3 🐛 Fixed stretched images appearing in emails
on issue

- upgraded `@tryghost/kg-default-cards` so that `srcset` and `sizes` attributes are not added to images when rendering post content used in emails
2020-07-03 10:16:05 +01:00
Renovate Bot
dd270b399c
Update dependency @tryghost/session-service to v0.1.5 2020-07-02 21:05:52 +00:00
Renovate Bot
a869e6c6c0
Update dependency @tryghost/mw-session-from-token to v0.1.5 2020-07-02 19:11:24 +00:00
Renovate Bot
4e859fff45
Update dependency @tryghost/adapter-manager to v0.1.7 2020-07-02 17:04:24 +00:00
Kevin Ansfield
e9ae0d9baa 🐛 Fixed srcset and sizes attributes being rendered when image resizing unavailable
closes https://github.com/TryGhost/Ghost/issues/11944

- updates `@tryghost/image-transform` to version that exposes `canTransformFiles()` which checks for `sharp` availibility
- updates `@tryghost/kg-default-cards` to version that accepts a `canTransformImage()` method as an option
- updates our `mobiledoc` lib to pass a `canTransformImage()` function that returns false if sharp is unavailable, the image extension is not supported, or the storage engine in use does not support image transforms
- updates `populateImageSizes` to fetch image sizes when transforms are unavailable as the render/not-render is now handled in the renderer and we don't need to worry about adding size information to the mobiledoc source
2020-07-02 18:03:22 +01:00
Nazar Gargol
6902f86b40 Added field mapping support for members import CSVs
no issue

- This is a precursor work allowing client to send csv to JSON
field mapping hash as a `mapping` field parameter in the incoming
request.
2020-07-02 15:18:39 +12:00
Daniel Lockyer
f6f22fce7b v3.22.1 2020-07-01 18:38:33 +01:00
Daniel Lockyer
7f7484669e v3.22.0 2020-07-01 10:49:49 +01:00
Daniel Lockyer
dc131cfff1 Merged 3.21.1 into master
v3.21.1

* tag '3.21.1':
  v3.21.1
  Updated Ghost-Admin to v3.21.1
  Un-skipped populateImageSizes subdir test
  Fixed unit tests interdependency issue
  Fixed `populateImageSizes` handling of images in subdir setups
  🐛 Fixed potentially squashed images in image cards
  Refactored site url data attribute for new members script
2020-06-29 15:30:42 +01:00
Daniel Lockyer
b06d03fce6 v3.21.1 2020-06-29 13:25:33 +01:00
Kevin Ansfield
1694fa3675 🐛 Fixed potentially squashed images in image cards
no issue

- 3.21.0 added `width/height` attributes to `<img>` elements output by image cards which was a potentially breaking change for any sites whose CSS does not expect those attributes, resulting in squashed and distorted images
- updated to `@tryghost/kg-default-cards` which modifies the image card renderer to not output `width/height` attributes
2020-06-29 11:19:45 +01:00
Renovate Bot
51d506469d
Update dependency @sentry/node to v5.18.1 2020-06-26 10:11:12 +00:00
Renovate Bot
ea23a8392b Update dependency @sentry/node to v5.18.0 2020-06-25 18:24:14 +01:00
Kevin Ansfield
b1924bac1c 🐛 Fixed potentially squashed images in image cards
no issue

- 3.21.0 added `width/height` attributes to `<img>` elements output by image cards which was a potentially breaking change for any sites whose CSS does not expect those attributes, resulting in squashed and distorted images
- updated to `@tryghost/kg-default-cards` which modifies the image card renderer to not output `width/height` attributes
2020-06-23 08:54:58 +01:00
Renovate Bot
2cdc4b5d9a
Update dependency eslint to v7.3.1 2020-06-23 03:29:54 +00:00
Daniel Lockyer
1ebbe4ea54 v3.21.0 2020-06-22 11:33:59 +01:00
Renovate Bot
93433bac37
Update dependency eslint to v7.3.0 2020-06-19 19:29:27 +00:00
Renovate Bot
4b145df42b
Update dependency jwks-rsa to v1.8.1 2020-06-19 12:23:03 +00:00
Kevin Ansfield
edd997402b Added sizes attribute to in-content <img> elements
no issue

- by including `sizes` with media-queries that match typical content widths we can give the browser better hints as to which responsive image size to fetch resulting in more performant pages
- also fixes `srcset` output where "unknown" sizes were used instead of linking to the original image src which was causing 302 redirects and slowing image loading in some cases
2020-06-19 11:41:32 +01:00
Renovate Bot
b05527b159
Update dependency @tryghost/magic-link to v0.4.9 2020-06-19 08:00:47 +00:00
Nazar Gargol
93e8ee83d9 Extracted members CSV related code into @tryghost/members-csv package
no issue

- Moves out CSV parsing and serialization related code into separate package as a part of push to modularize Ghost repo.
- Next up is to remove `csv-parser` dependency from this new package
2020-06-19 19:55:47 +12:00
Nazar Gargol
92a4ef5d31 Fixed package version to be exact
no issue

- The convention is to keep versions exact in this repository. The change seems like an overlook and not something done with specific intention
2020-06-19 18:02:13 +12:00
Fabien O'Carroll
4716d13d13 Added API endpoints for disconnecting Stripe
no-issue
pr: https://github.com/TryGhost/Ghost/pull/11930

- Upgraded @tryghost/members-api to 0.23.0

  This version includes a new method hasActiveStripeSubscriptions

- Added /admin/members/hasActiveStripeSubscriptions

  This can be used to determine whether or not we should allow removing
  the stripe keys.

- Added /admin/settings/stripe/connect

  This can be used to delete a Stripe Connect integration, provided
  there are not active subscriptions
2020-06-18 18:42:20 +02:00
Daniel Lockyer
2ea00a8f97 v3.20.3 2020-06-18 16:20:13 +01:00
Daniel Lockyer
996b30d335 v3.20.2 2020-06-18 15:10:11 +01:00
Daniel Lockyer
78bf5d1e21 v3.20.1 2020-06-17 17:13:05 +01:00
Kevin Ansfield
4537ccd329 🐛 Fixed embed/bookmark retrieval for sites that require cookies during redirects
no issue

- known failing case was Medium. Some *.medium.com articles triggered redirects but without cookies being stored/sent across the redirect requests it would cause an infinite redirect loop and we'd abort after 10 redirects
- use `got`'s [cookie support](https://github.com/sindresorhus/got/tree/v9.6.0#cookies) via `tough-cookie` so that we can create bookmark cards for medium.com and other sites with similar problems
2020-06-17 10:03:36 +01:00
Daniel Lockyer
4ca85b7139 v3.20.0 2020-06-16 11:55:57 +01:00
Kevin Ansfield
73e14b4235 🐛 Fixed small images appearing smaller in post content
closes https://github.com/TryGhost/Ghost/issues/11913

- updated `@tryghost/kg-default-cards` with fixed `srcset` behaviour
  - does not output `srcset` unless we know the image's original size
  - does not output `w` values for sizes that are bigger than the original image
2020-06-15 16:24:02 +01:00
Kevin Ansfield
937df2c7ec ️ Added blank alt attributes to images when no alt text is provided
no issue

- screen readers often resort to reading out the filename when alt text is not provided which is not useful. By adding `alt=""` (or just `alt`) to `<img>` elements the image is skipped by screen readers providing a smoother experience
- updated `@tryghost/kg-default-cards` which contains above change for `image` and `gallery` cards
2020-06-15 09:24:15 +01:00
renovate[bot]
85e6b77ca9
Update dependency @tryghost/members-api to v0.22.0 (#11910)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-06-12 19:06:18 +01:00
Nazar Gargol
589d826afd Added /members/validate ednpoint to Admin API
no issue

- This endpoint is meant to be used for validation of imported members
- Main function at the moment is to validate if stripe_customer_id present in the dataset exists in connected Stripe account
2020-06-12 16:34:12 +12:00
Daniel Lockyer
11a686d734 v3.19.2 2020-06-11 19:55:43 +01:00
Renovate Bot
1174dbc588
Update dependency @tryghost/kg-mobiledoc-html-renderer to v3.0.1 2020-06-11 17:20:25 +00:00
Renovate Bot
97a979bc93
Update dependency @tryghost/kg-markdown-html-renderer to v2.0.1 2020-06-11 14:46:23 +00:00
Daniel Lockyer
12d0000e7e v3.19.1 2020-06-11 15:43:03 +01:00
Daniel Lockyer
15f58f7925 Revert "Update dependency moment to v2.26.0"
This reverts commit dfb1f9aeae.
2020-06-11 14:22:39 +01:00
Daniel Lockyer
67fca4e716 Revert "Updated ghost-storage-base dependency"
This reverts commit 13986a797c.
2020-06-11 14:22:39 +01:00
Kevin Ansfield
70b205618f Added responsive-image srcset attribute to image and gallery card output
no issue

- adds a set of hardcoded "content image sizes" to the base config
- adjusts `handle-image-sizes` middleware to always allow the hardcoded content image sizes to be genreated
- updates `@tryghost/kg-card-factory` to allow passthrough of options to card renderers
- updates `@tryghost/kg-default-cards` to add `srcset` output for image and gallery cards
2020-06-11 13:28:44 +01:00
Renovate Bot
4a90e8f1ee
Update dependency @tryghost/kg-default-atoms to v2.0.1 2020-06-11 11:13:23 +00:00
Renovate Bot
84d510f059
Update dependency bson-objectid to v1.3.1 2020-06-11 06:21:08 +00:00
Renovate Bot
f392883a6d
Update dependency analytics-node to v3.4.0-beta.2 2020-06-10 17:18:23 +00:00
Fabien 'egg' O'Carroll
bfc03eb120
Replaced nql-map-key-values with @nexes/nql (#11896)
closes #11008

- Updated @nexes/nql to 0.4.0

  This version exports the mapKeyValues utility function

- Replaced nql-map-key-values with @nexes/nql util fn

  Usage was found using `rg nql-map-key-values` and replaced globally.

- Deleted nql-map-key-values module in shared 

  Now that this module isn't referenced anywhere else, we can remove it,
  relying solely on the util exported by @nexes/nql
2020-06-10 19:17:25 +02:00
Renovate Bot
299c9aaddb
Update dependency @tryghost/members-ssr to v0.8.1 2020-06-10 12:14:51 +00:00
Rish
37b9d934cd Bumped @tryghost/members-api to 0.20.1
refs https://github.com/TryGhost/members.js/issues/38

- Handles stripe checkout session creation error rejection with correct response
2020-06-10 17:42:54 +05:30
Daniel Lockyer
7918653da4 v3.19.0 2020-06-09 10:27:45 +01:00
Nazar Gargol
53abf79869 Removed format-csv module in favor of papaparse
no issue

- The aim was to extract format-csv to become an external dependency. After some analysis found out that native papaparse method `unparse` was achieving the same results with a lot better test coverage and stability. Because papaparse will become Ghost's default csv processor in near future decided to integrate papaparse instead of extracting module for the format-csv module's code, which would become redundant soon anyways.
- For reference papaparse will substitute current csv-parser lib because it's better performance and maturity.
- Performance comparison can be checked here - https://github.com/Keyang/csvbench#result . At the time of writing papaparse is rougly 40% faster than csv-parser
2020-06-09 15:23:15 +12:00
Daniel Lockyer
13986a797c Updated ghost-storage-base dependency
no issue

- ghost-storage-base uses moment which was affected by the moment update
- this commit updates the dependency so they use the same moment version
2020-06-08 19:43:55 +01:00
Renovate Bot
dfb1f9aeae Update dependency moment to v2.26.0 2020-06-08 19:43:55 +01:00
Rish
bca41e1877 Allowed updating from address domain for member emails
refs https://github.com/TryGhost/Ghost/issues/11414

Confirms if the fromAddress for sending member emails is valid and accessible using magic link flow, allowing owners to update full from address including domain change.

- Extends member service to handle magic link generation and validation for email update
- Updates existing setting endpoint to not directly update from address
- Adds new endpoint to send magic link to new address
- Adds new endpoint for validating the magic link when clicked and update the new email for from address
- Adds new email template for from address update email
2020-06-09 00:06:07 +05:30
Renovate Bot
867e0306b9
Update dependency @tryghost/kg-default-cards to v2.0.2 2020-06-08 16:31:07 +00:00
Renovate Bot
a97996eec1 Update dependency @sentry/node to v5.17.0 2020-06-08 16:06:33 +01:00
renovate[bot]
1d49cba426
Update dependency @tryghost/kg-mobiledoc-html-renderer to v3 (#11887)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-06-08 10:47:17 +01:00
Kevin Ansfield
e1fd8cc11f 🐛 Fixed original url/query params not being used in bookmark cards
refs https://github.com/TryGhost/Ghost/issues/11212
credit @devaman https://github.com/TryGhost/Ghost/pull/11542

- use `payload.url` for the `href` which is the originally entered url rather than `payload.metadata.url` which is the final url after redirects and metascraper extraction
- retains query params and redirects which are useful for things like affiliate links
2020-06-08 09:04:14 +01:00
renovate[bot]
31d0966e2d
Update dependency @tryghost/kg-markdown-html-renderer to v2 (#11886)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-06-08 08:17:30 +01:00
renovate[bot]
90a19ee397
Update dependency @tryghost/kg-default-atoms to v2 (#11884)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-06-08 08:17:16 +01:00
Kevin Ansfield
d8773dcc45 Allowed bookmark cards to be created without a description
no issue

- title+description was too limiting for some sites so we're relaxing the requirements to only require a title
2020-06-08 07:55:38 +01:00
Renovate Bot
b92f976a6a
Update dependency eslint to v7.2.0 2020-06-08 00:58:20 +00:00
Renovate Bot
e9b812e4f0
Update dependency csv-parser to v2.3.3 2020-06-05 13:28:20 +00:00
Renovate Bot
80fa891965 Update dependency sanitize-html to v1.26.0 2020-06-05 09:59:48 +01:00
Kevin Ansfield
ff83cd0d97 🐛 Fixed location not being recorded for paid member signups
no issue

- updates `@tryghost/members-{api/ssr}` packages that move geolocation into the token->session exchange step so that the member's IP address is always available for rough geolocation
2020-06-04 13:32:09 +01:00
Renovate Bot
5dcd856088
Update dependency fs-extra to v9.0.1 2020-06-04 00:26:05 +00:00
Renovate Bot
66026c57e9
Update dependency @sentry/node to v5.16.1 2020-06-03 16:59:57 +00:00
Daniel Lockyer
3757cd936b v3.18.1 2020-06-02 18:07:38 +01:00
Daniel Lockyer
0f6e23668c v3.18.0 2020-06-02 15:22:02 +01:00
Renovate Bot
7fe945f4dd
Update dependency @lodder/grunt-postcss to v2.0.4 2020-06-02 11:19:41 +00:00
Renovate Bot
a16e4cc5d1 Update dependency @sentry/node to v5.16.0 2020-06-02 12:18:42 +01:00
Vikas Potluri
935acfdb88
Updated tests locations and added linting of core/shared (#11872)
* 🔥 removed duplicate error tests

* add lint:shared package script, and updated lint to run it as well

* moved test/unit/config to test/unit/shared/config
2020-06-01 22:06:50 +01:00
Renovate Bot
a5a57adc54 Update dependency sanitize-html to v1.25.0 2020-06-01 08:42:58 +01:00
Renovate Bot
9b9f8462e7 Update dependency @tryghost/members-api to v0.19.0 2020-05-28 19:06:39 +01:00
Renovate Bot
c3e1e559e6
Update dependency @tryghost/vhost-middleware to v1.0.5 2020-05-27 02:23:53 +00:00
Renovate Bot
979a62deea
Update dependency @tryghost/session-service to v0.1.4 2020-05-27 00:23:02 +00:00
Renovate Bot
d758f47771
Update dependency @tryghost/mw-session-from-token to v0.1.4 2020-05-26 22:29:49 +00:00
Renovate Bot
c0149cf38e
Update dependency @tryghost/image-transform to v0.2.4 2020-05-26 20:20:58 +00:00
Renovate Bot
e81ee45bb6
Update dependency @tryghost/adapter-manager to v0.1.6 2020-05-26 18:20:50 +00:00
Renovate Bot
bddfc04289
Update dependency @tryghost/zip to v1.1.1 2020-05-26 16:56:41 +00:00
Renovate Bot
4bb413a7c7 Update dependency @tryghost/errors to v0.2.0 2020-05-26 17:51:31 +01:00
Daniel Lockyer
3bdce9686d v3.17.1 2020-05-26 15:55:46 +01:00
Daniel Lockyer
8bf173dc67 v3.17.0 2020-05-26 14:03:34 +01:00
Renovate Bot
f205461bbf
Update dependency @tryghost/members-api to v0.18.7 2020-05-26 12:01:35 +00:00
Daniel Lockyer
26dd46a1ed Updated Ignition and @tryghost/errors dependencies
no issue

- These dependencies needed to be bumped together
2020-05-26 12:58:52 +01:00
Renovate Bot
0f414725e4 Update dependency eslint to v7 2020-05-26 12:37:15 +01:00
Daniel Lockyer
08b0c03c21 Pinned dependencies
no issue

- pinned `@tryghost/members-api`
2020-05-26 12:30:31 +01:00
Renovate Bot
cf3ee559c1
Update dependency @tryghost/members-ssr to v0.7.10 2020-05-25 12:19:30 +00:00
Renovate Bot
c149b3e9ad
Update dependency eslint-plugin-ghost to v1.5.0 2020-05-25 09:21:05 +00:00
Renovate Bot
a345db6e3d
Update dependency mocha to v7.2.0 2020-05-25 00:23:07 +00:00
Renovate Bot
caa1244492 Update dependency js-yaml to v3.14.0 2020-05-22 21:59:04 +01:00
Renovate Bot
a23def6253 Update dependency sanitize-html to v1.24.0 2020-05-21 07:43:21 +01:00
Renovate Bot
5e5c498493 Update dependency uuid to v8.1.0 2020-05-20 23:09:02 +01:00
Rish
530760cfd0 Bumped @tryghost/members-api to 0.18.5
refs https://github.com/TryGhost/members.js/issues/26

- Updates magic link token handling to read and update name on member signup
2020-05-20 16:54:48 +05:30
Renovate Bot
2bd44ebee8
Update dependency @tryghost/members-ssr to v0.7.9 2020-05-20 09:15:55 +00:00
Daniel Lockyer
1f5b031bfa v3.16.1 2020-05-20 07:30:35 +01:00
Renovate Bot
efdc230c7d
Update dependency @tryghost/members-ssr to v0.7.8 2020-05-19 16:44:05 +00:00
Rish
96b26d22f2 Bumped @tryghost/members-api to 0.18.4
refs https://github.com/TryGhost/members.js/issues/20 , https://github.com/TryGhost/members.js/issues/29

- Adds metadata option to stripe checkout session for passing member info like name
- Updates subscription api to allow updating plan by nickname
- Refactored update member method to pick passed fields only and return with subscriptions
2020-05-19 22:12:50 +05:30
Renovate Bot
3fc5cc021d
Update dependency @tryghost/session-service to v0.1.3 2020-05-18 20:19:28 +00:00
Renovate Bot
48a63dd99e
Update dependency @tryghost/mw-session-from-token to v0.1.3 2020-05-18 18:17:39 +00:00
Renovate Bot
d15dce9086
Update dependency @tryghost/image-transform to v0.2.3 2020-05-18 15:16:57 +00:00
Renovate Bot
0cda4de484
Update dependency @tryghost/adapter-manager to v0.1.5 2020-05-18 13:48:01 +00:00
Daniel Lockyer
1da51ea8dc v3.16.0 2020-05-18 14:43:53 +01:00
Renovate Bot
17ee76c013
Update dependency mock-knex to v0.4.9 2020-05-13 17:15:11 +00:00
Renovate Bot
419ffea5cf
Update dependency @lodder/grunt-postcss to v2.0.3 2020-05-12 16:15:37 +00:00
Renovate Bot
399c0e4773
Update dependency eslint-plugin-ghost to v1.4.1 2020-05-11 09:16:31 +00:00
Renovate Bot
f2defba264
Update dependency @tryghost/vhost-middleware to v1.0.4 2020-05-08 23:14:16 +00:00
Renovate Bot
ddaa289338
Update dependency @tryghost/session-service to v0.1.2 2020-05-08 21:13:24 +00:00
Renovate Bot
803a0b697a
Update dependency @tryghost/mw-session-from-token to v0.1.2 2020-05-08 19:13:26 +00:00
Renovate Bot
9a0aaaa34f
Update dependency @tryghost/image-transform to v0.2.2 2020-05-08 17:15:18 +00:00
Renovate Bot
fbad5b199f
Update dependency @tryghost/adapter-manager to v0.1.4 2020-05-08 15:58:44 +00:00
Hannah Wolfe
4af0a127cd Update dependency @tryghost/zip to v1.1.0
closes #11794

- Update to use the latest version of zip, which has dotfile support
2020-05-08 16:46:15 +01:00
Daniel Lockyer
11f7834800 v3.15.3 2020-05-08 12:17:18 +01:00
Daniel Lockyer
d9bc5e0c16 Reverted oembed-parser dependency to 1.3.7
no issue

- oember-parser 1.3.8/1.3.9 specify a minimum Node version of `>= 10.14.2`
- a problem with CI allowed this package to be updated, despite not
  matching our allowed minimum supported Node version
- this commit reverts back to the previous version, and this package
  will be bumped when we increase our minimum versions
2020-05-08 11:28:14 +01:00
Daniel Lockyer
3c5839fa8d Reverted metascraper packages to 5.11.9
no issue

- metascraper packages >= 5.11.10 have a dependency on got >= 11.0
- this has the minimum node version requirement set to `">=10.19.0"`
- our current minimum required node version is `10.13.0`, breaking installs for versions in between
- this reverts back metascraper packages to `5.11.9` to fix the minimum node version requirement
2020-05-08 11:28:14 +01:00
Daniel Lockyer
89a56b9fd8 v3.15.2 2020-05-07 21:59:02 +01:00
Daniel Lockyer
bcfde580c7 v3.15.1 2020-05-07 10:52:18 +01:00
Renovate Bot
02dd0df371
Update dependency oembed-parser to v1.3.9 2020-05-07 08:14:41 +00:00
Renovate Bot
e5cc0cb130
Update dependency eslint-plugin-ghost to v1.4.0 2020-05-06 17:15:42 +00:00
Daniel Lockyer
f0348014d7 v3.15.0 2020-05-06 13:43:38 +01:00
Renovate Bot
7b0efa34a4
Update dependency oembed-parser to v1.3.8 2020-05-06 11:16:05 +00:00
Renovate Bot
21f5912c2d
Update dependency metascraper-logo-favicon to v5.11.12 2020-05-04 15:15:40 +00:00
Kevin Ansfield
28b24d2095 Fixed video embed card fallback display across gmail apps
refs https://github.com/TryGhost/Ghost/issues/11756

- bumped kg-default-cards package to generate fixed html for video embed fallbacks
2020-05-01 13:22:52 +01:00
Renovate Bot
f8c1d5b0e6
Update dependency gscan to v3.5.4 2020-05-01 10:15:50 +00:00
Renovate Bot
549ef7aaa9
Update dependency metascraper-logo-favicon to v5.11.11 2020-04-30 20:14:34 +00:00
Rish
87fa1db0c0 Bumped @tryghost/members-api to 0.18.3
no issue

- This bump adds ability to pre-fill customer email in stripe checkout session
2020-04-30 17:56:41 +05:30
Kevin Ansfield
81bf1667fa Fixed video embed card fallback display in Outlook
refs https://github.com/TryGhost/Ghost/issues/11756

- updates `@tryghost/kg-default-cards` which includes a VML version of video embed card fallbacks
- fixes play button styling for Yahoo Mail
- adds a minimum height to video embeds so they appear more reasonable when images are not loaded
2020-04-30 12:08:06 +01:00
Renovate Bot
f8cecee05d
Update dependency @tryghost/members-ssr to v0.7.7 2020-04-30 10:45:08 +00:00
Renovate Bot
cc7bd3992b Update dependency uuid to v8 2020-04-30 09:58:07 +01:00
Daniel Lockyer
182a64dbc5 Reverted "Updated pull request template"
no issue

- this reverts commit f3bf2237e6
- ensuring regression tests pass should not be the full responsibility
  of the contributor so revert back to the prior advice
2020-04-30 09:10:40 +01:00
Daniel Lockyer
f3bf2237e6 Updated pull request template
no issue

- adds `yarn test-all` for running the full test-suite and documents
  this in the PR template
2020-04-30 08:26:17 +01:00
Renovate Bot
e6dbf4ce47
Update dependency @tryghost/kg-markdown-html-renderer to v1.0.4 2020-04-29 19:38:11 +00:00
Renovate Bot
1c0db1dc87
Update dependency @tryghost/kg-card-factory to v1.0.3 2020-04-29 16:42:41 +00:00
Kevin Ansfield
d255d98bbb Improved display of video embed cards in member emails
refs core/server/api/canary/oembed.js

- updated `kg-default-cards` to a version that will render a thumbnail and play button overlay for video embed cards when rendering to an email target
- added styling for video embed play button overlays to members email template
2020-04-29 16:44:20 +01:00
Renovate Bot
a72c4e7905
Update dependency knex-migrator to v3.4.6 2020-04-28 15:55:06 +00:00
Renovate Bot
ce48d36a49 Update dependency knex to v0.21.1 2020-04-28 08:48:46 +01:00
Renovate Bot
5161f497e2
Update metascraper to v5.11.10 2020-04-27 22:00:17 +00:00
Renovate Bot
f60200fede Update dependency sqlite3 to v4.2.0 2020-04-27 22:59:30 +01:00
Daniel Lockyer
323117fe23 v3.14.0 2020-04-27 13:27:52 +01:00
Renovate Bot
08cfb5719a
Update dependency mocha to v7.1.2 2020-04-27 00:14:48 +00:00
Renovate Bot
97830fda41 Update dependency eslint-plugin-ghost to v1.3.0 2020-04-23 09:32:19 +01:00
Renovate Bot
ca0f4635c9
Update dependency gscan to v3.5.3 2020-04-22 17:13:21 +00:00
Renovate Bot
5ed0f13a44
Update dependency @sentry/node to v5.15.5 2020-04-22 08:25:32 +00:00
Renovate Bot
c54e50bd11
Update dependency @tryghost/members-ssr to v0.7.6 2020-04-21 12:32:31 +00:00
Renovate Bot
6fd4c65421
Update dependency @tryghost/members-api to v0.18.2 2020-04-21 10:05:23 +00:00
Renovate Bot
0e2147ba74 Update dependency knex to v0.21.0 2020-04-21 08:53:37 +01:00
Renovate Bot
f002e62fc4
Update dependency knex-migrator to v3.4.5 2020-04-21 06:40:00 +00:00
Renovate Bot
c15945ad23
Update dependency mock-knex to v0.4.8 2020-04-20 21:47:34 +00:00
Renovate Bot
e2e18b3448
Update dependency gscan to v3.5.2 2020-04-20 18:18:04 +00:00
Daniel Lockyer
ba36333a1f v3.13.4 2020-04-20 16:30:34 +01:00
Renovate Bot
2ea504255c
Update dependency ajv to v6.12.2 2020-04-20 00:15:31 +00:00
Kevin Ansfield
5c12bf3858
Update dependency @tryghost/kg-mobiledoc-html-renderer to v2.0.1 (#11750)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-04-17 14:13:15 +01:00
Renovate Bot
7104183c6f
Update dependency @tryghost/kg-default-cards to v1.1.1 2020-04-17 11:23:24 +00:00
Daniel Lockyer
88c11ffbb2 Updated eslint-plugin-ghost
no issue
2020-04-17 11:29:33 +01:00
Renovate Bot
cdaa1b5dbb
Update dependency express-session to v1.17.1 2020-04-17 05:14:11 +00:00
Renovate Bot
ccff9f095b
Update dependency @tryghost/members-ssr to v0.7.5 2020-04-17 03:25:45 +00:00
Renovate Bot
0dab0449c2
Update dependency @tryghost/members-api to v0.18.1 2020-04-17 02:11:58 +00:00
Renovate Bot
0d266bb3bb
Update dependency @tryghost/zip to v1.0.1 2020-04-17 00:18:23 +00:00
Renovate Bot
663400166a
Update dependency @tryghost/vhost-middleware to v1.0.3 2020-04-16 22:15:05 +00:00
Renovate Bot
4ee2be4b19
Update dependency @tryghost/session-service to v0.1.1 2020-04-16 20:15:01 +00:00
Renovate Bot
b69684e05e
Update dependency @tryghost/image-transform to v0.2.1 2020-04-16 18:17:13 +00:00
Renovate Bot
d68cd44c60
Update dependency @tryghost/mw-session-from-token to v0.1.1 2020-04-16 16:50:40 +00:00
Renovate Bot
9fce5d8ac0
Update dependency @tryghost/errors to v0.1.2 2020-04-16 15:26:26 +00:00
Renovate Bot
0d97a98eba
Update dependency @tryghost/adapter-manager to v0.1.3 2020-04-16 13:44:40 +00:00
Renovate Bot
fa1fcd8870
Update dependency knex to v0.20.15 2020-04-15 22:54:22 +00:00
Renovate Bot
9ae5ce0f84
Update dependency @lodder/grunt-postcss to v2.0.2 2020-04-15 14:15:23 +00:00
Daniel Lockyer
b018a07357 v3.13.3 2020-04-15 14:06:16 +01:00
Daniel Lockyer
c192dcc36d v3.13.2 2020-04-15 11:40:33 +01:00
Renovate Bot
9f27eeab02
Update dependency semver to v7.3.2 2020-04-14 17:47:18 +00:00
Renovate Bot
05c2334898
Update dependency semver to v7.3.1 2020-04-14 16:58:53 +00:00
Renovate Bot
7e910b9c09
Update dependency knex-migrator to v3.4.4 2020-04-14 15:21:50 +00:00
Renovate Bot
531c5a3e6f
Update metascraper to v5.11.9 2020-04-14 10:41:21 +00:00
Renovate Bot
af81cabf07 Update dependency semver to v7.3.0 2020-04-14 06:45:03 +01:00
Renovate Bot
9af9f8bed5
Update dependency knex to v0.20.14 2020-04-14 02:32:48 +00:00
Renovate Bot
6fb11a6ccc
Update dependency semver to v7.2.3 2020-04-13 19:29:58 +00:00
Renovate Bot
2216e0be21 Update dependency @tryghost/html-to-mobiledoc to v0.7.0 2020-04-13 20:28:57 +01:00
Renovate Bot
696879dca7 Update dependency jwks-rsa to v1.8.0 2020-04-13 20:28:24 +01:00
Renovate Bot
67d6f2dadb
Update dependency @tryghost/helpers to v1.1.27 2020-04-13 16:21:25 +00:00
Renovate Bot
7409a4247c
Update dependency @tryghost/url-utils to v0.6.18 2020-04-13 03:17:21 +00:00
Renovate Bot
d00b91aa15
Update dependency @tryghost/string to v0.1.9 2020-04-13 00:18:05 +00:00
Renovate Bot
a34c76d823
Update dependency @tryghost/social-urls to v0.1.9 2020-04-10 22:18:37 +00:00
Renovate Bot
88d36e230a
Update dependency @tryghost/html-to-mobiledoc to v0.6.7 2020-04-10 20:16:30 +00:00
Renovate Bot
6ce5a6c16e
Update dependency @tryghost/helpers to v1.1.26 2020-04-10 18:47:17 +00:00
Renovate Bot
415554c600
Update dependency semver to v7.2.2 2020-04-10 16:03:41 +00:00
Renovate Bot
92cf910b05 Update dependency gscan to v3.5.1 2020-04-10 13:36:58 +01:00
Renovate Bot
f3ed965987 Update dependency @tryghost/kg-default-cards to v1.1.0 2020-04-10 10:28:06 +01:00
Kevin Ansfield
f3627c5fc3 Update dependency @tryghost/kg-markdown-html-renderer to v2.0.0
no issue

- `version` integer parameter in the `render` method has been replaced with an `options` object parameter
2020-04-09 21:10:03 +01:00
Renovate Bot
8f65de87c7 Update dependency sanitize-html to v1.23.0 2020-04-09 21:00:19 +01:00
Renovate Bot
43434e1f7d
Update dependency @tryghost/kg-markdown-html-renderer to v1.0.3 2020-04-08 23:19:18 +00:00
Renovate Bot
a49980e767
Update dependency @tryghost/kg-default-cards to v1.0.2 2020-04-08 21:16:46 +00:00
Renovate Bot
30c79555f0
Update dependency @tryghost/kg-card-factory to v1.0.2 2020-04-08 19:50:29 +00:00
Kevin Ansfield
b37ac8ef1f Switched to extracted @tryghost/mobiledoc-dom-renderer package
no issue

- moved `mobiledoc.renderers.mobiledocHtmlRenderer` to `mobiledoc.mobiledocHtmlRenderer` so that it's easier for the getter to access the parent objects getters
- removed all tests and dependencies that now live in @tryghost/mobiledoc-dom-renderer
  - kept the `mobiledocHtmlRenderer` test because that's testing that we've correctly wired up our cards and atoms and the output is what we expect
2020-04-08 18:27:12 +01:00
Renovate Bot
26dfc02d48 Update dependency @tryghost/zip to v1 2020-04-08 16:09:08 +01:00
Kevin Ansfield
294187c41f Switched to extracted @tryghost/kg-default-atoms package
no issue

- removed code that now lives in the external Koenig monorepo
2020-04-08 14:49:44 +01:00
Renovate Bot
b2fa6b9878
Update dependency sinon to v9.0.2 2020-04-08 11:48:38 +00:00
Renovate Bot
ac746251e7
Update dependency bookshelf-relations to v1.3.2 2020-04-08 08:16:23 +00:00
Renovate Bot
3b637ce259
Update dependency knex-migrator to v3.4.3 2020-04-08 06:43:10 +00:00
Renovate Bot
1daaf075aa
Update dependency express-jwt to v5.3.3 2020-04-07 15:08:49 +00:00
Daniel Lockyer
5b942fc7e4 v3.13.1 2020-04-07 16:03:38 +01:00
Daniel Lockyer
fb955a2a0a Bumped @tryghost/adapter-manager to 0.1.2
no issue
2020-04-07 15:43:46 +01:00
Fabien O'Carroll
1fcf82cde3 Bumbed @tryghost/adapter-manager to 0.1.1
no-issue

This fixes an issue with storage adapters inheriting from an older
version of ghost-storage-base
2020-04-07 15:32:13 +02:00
Daniel Lockyer
bebfe140be v3.13.0 2020-04-07 11:12:53 +01:00
Renovate Bot
3ebae36c0a Update dependency knex to v0.20.13 2020-04-07 10:49:12 +01:00
Daniel Lockyer
29647870f1 Pinned dependencies
no issue
2020-04-07 09:36:05 +01:00
Renovate Bot
ec49a362b8 Update dependency semver to v7.2.1 2020-04-07 08:27:48 +01:00
Renovate Bot
f60b3f5607
Update dependency gscan to v3.4.1 2020-04-06 17:10:36 +00:00
Renovate Bot
4ee0b92eac
Update dependency express-hbs to v2.3.3 2020-04-06 15:42:24 +00:00
Fabien O'Carroll
a701ee7023
Added support for token session to /ghost (#11709)
no-issue

* Added default for getting origin of request

This function is used to attach the origin of the request to the
session, and later check that requests using the session are coming from
the same origin. This protects us against CSRF attacks as requests in
the browser MUST originate from the same origin on which the user
logged in.

Previously, when we could not determine the origin we would return
null, as a "safety" net.

This updates the function to use a secure and sensible default - which
is the origin of the Ghost-Admin application, and if that's not set -
the origin of the Ghost application.

This will make dealing with magic links simpler as you can not always
guaruntee the existence of these headers when visiting via a hyperlink

* Removed init fns and getters from session service

This simplifies the code here, making it easier to read and maintain

* Moved express-session initialisation to own file

This is complex enough that it deserves its own module

* Added createSessionFromToken to session service

* Wired up the createSessionFromToken middleware
2020-04-06 11:49:14 +02:00
Renovate Bot
12d6b05498
Update metascraper to v5.11.8 2020-04-06 00:17:00 +00:00
Fabien O'Carroll
fb942af1db Added adapter-manager service
no-issue

This services handles the registration and retrieval of adapters,
it normalises the config to look like:

{
    [adapterType]: {
        active: adapterName,
        [adapterName]: adapterConfig
    }
}
2020-04-05 21:13:47 +02:00
Daniel Lockyer
2d42af8d72 Removed unused release-utils dependency
no issue

- this is no longer needed because we moved the main release code
  out
2020-04-03 14:25:28 +01:00
Daniel Lockyer
92aebc21f4 Updated Ghost-SDK packages
no issue
2020-04-03 10:43:35 +01:00
Renovate Bot
deb1118714
Update dependency @tryghost/helpers to v1.1.25 2020-04-03 08:17:33 +00:00
Fabien O'Carroll
23154f0739
Refactored session service (#11701)
* Refactored SessionStore to use @tryghost/errors

no-issue

* Updated tests to test exposed API

no-issue

This will make refactoring easier, as we only have the "public" contract to maintain

* Refactored session functionality to SessionService

no-issue

This splits the session logic away from the HTTP responding logic,
which will allows us to decouple session creation/modification from the
API. Eventually this can be used to create sessions based on magiclink
style tokens.

* Instantiated and exported the new SessionService

no-issue

* Refactored session middleware to take session service

no-issue

This removes duplication of code and makes the middleware more explicit
that it's just a wrapper around the session service.

* Updated to use external @tryghost/session-service

no-issue
2020-04-02 16:27:31 +02:00
Daniel Lockyer
5a748ee5a9 Updated eslint-plugin-ghost dependency
no issue
2020-04-02 14:11:33 +01:00
Renovate Bot
f8f8a4b597
Update dependency express-hbs to v2.3.2 2020-04-01 18:04:24 +00:00
Daniel Lockyer
5989400df7 Removed unused chalk dependency
no issue

- left over from removing the stable branch warning from the Gruntfile
- it's not used anywhere else
2020-04-01 19:02:55 +01:00
Hannah Wolfe
e4404f9b9a Removed unnecessary dependency matchdep
- Don't really need a dependency here, can work without it
- matchdep hasn't been updated in 3 years, and has a web of potentially insecure dependencies
- Unlikely to affect us, but safer to go without
2020-04-01 17:50:03 +01:00
Hannah Wolfe
c3e0e82604 Removed unused grunt-cli dependency
- this should be installed globally
2020-04-01 17:50:03 +01:00
Hannah Wolfe
9cf4312ae2 Removed misc unused dependencies 2020-04-01 15:38:26 +01:00
Renovate Bot
36a55eb0a4 Pin dependencies 2020-04-01 15:35:02 +01:00
Daniel Lockyer
02bf8773b9 Automated the release process
no issue
2020-04-01 15:17:52 +01:00
Renovate Bot
634b5e83a2
Update dependency uuid to v7.0.3 2020-04-01 12:49:34 +00:00
Hannah Wolfe
25f51056f5 Remove unused dev dependency should-http 2020-04-01 13:30:38 +01:00
Hannah Wolfe
a4175ff218 Swapped grunt-cssnano for grunt-postcss+cssnano
- The grunt-cssnano plugin is old and no longer maintained
- It uses insecure dependencies that don't really impact us, but we want to get rid of warnings
- Swapping for grunt-postcss+cssnano is a more up-to-date way of sorting this out
2020-04-01 13:17:49 +01:00