Commit Graph

142 Commits

Author SHA1 Message Date
kirrg001
71f6068aa6 Bump grunt-contrib-uglify to version 3.2.1
no issue

- we only use the `sourceMap` option, which is still supported
2017-11-29 10:34:36 +01:00
kirrg001
9ce20fb043 Removed run-sequence dev dependency
no issue

- not used
2017-11-29 10:34:36 +01:00
kirrg001
ee7710ba68 Bump mocha to version 4.0.1
no issue

- https://github.com/mochajs/mocha/blob/master/CHANGELOG.md#400--2017-10-02
- the new `--exit` flag might be interesting at some point

> In Mocha v3.0.0 and newer, returning a Promise and calling done() will result in an exception.

- adapt teardown/setup test utility
- adapt other mixed usages of callback && Promise usage
2017-11-29 10:34:36 +01:00
kirrg001
404d045461 Bump rewire to version 3.0.2
no issue

- nothing to adapt for the major jump
2017-11-29 10:34:36 +01:00
Katharina Irrgang
b9a44bacf6
Bump should to version 13.1.3 (#9284)
refs https://github.com/TryGhost/Ghost/issues/9178

- adapt major changes
- see https://github.com/shouldjs/should.js/blob/master/History.md
- should.have.enumerable was removed
2017-11-28 19:41:16 +01:00
Katharina Irrgang
b4b5da2a75
Bump sinon to version 4.1.2 (#9283)
refs #9178

- adapt major changes
2017-11-28 18:19:23 +01:00
kirrg001
2f23cd32bb Bump dependencies
no issue

- gscan@1.2.3
- sanitize-html@1.16.1
- eslint@4.12.0
- nock@9.1.3
- sqlite3@3.1.13
2017-11-28 14:02:47 +01:00
Aileen Nowak
a4cf29dc7d Bump amperize to version 0.3.6 (#9264)
no issue

New version contains
- dependency updates
- Node v8 support
- Eslint refactoring
2017-11-21 15:00:04 +01:00
Katharina Irrgang
dfd4afea19 Add bookshelf-relations (#9252)
no issue

- added https://github.com/TryGhost/bookshelf-relations as dependency
- remove existing tag handling

--- 

* Important: Ensure we trigger parent initialize function

- otherwise the plugin is unable to listen on model events
- important: event order for listeners is Ghost -> Plugin
- Ghost should be able to listen on the events as first instance
- e.g. be able to modify/validate relationships

* Fix tag validation

- we detect lower/update case slugs for tags manually
- this can't be taken over from the plugin obviously
- ensure we update the target model e.g. this.set('tags', ...)

* override base fn: `permittedAttributes`

- ensure we call the base
- put relations on top
- each relation is allowed to be passed
- the plugin will auto-unset any relations to it does not reach the database

* Ensure we run add/edit/delete within a transaction

- updating nested relationships requires sql queries
- all sql statements have to run in a single transaction to ensure we rollback everything if an error occurs
- use es6
2017-11-21 13:28:05 +00:00
kirrg001
eba100d965 Bump dependencies
no issue

- bluebird@3.5.1
- csv-parser@1.12.0
- gscan@1.2.2
- moment@2.19.2
- nconf@0.9.1
- oauth2orize@1.11.0
- superagent@3.8.1
- eslint@4.11.0
- nock@9.1.0
2017-11-17 17:33:29 +01:00
kirrg001
2e521791b8 Optimised dependency tree
no issue
2017-11-17 17:33:29 +01:00
Hannah Wolfe
bcf5a1bc34
Switch to Eslint (#9197)
refs #9178

* Add eslint deps, remove old lint deps
* Add eslint config, remove old lint configs
* Config for server and tests are different
* Tweaked rules to suit us
* Fix linting in codebase - lots of indent changes.
* Fix a real broken test
2017-11-01 13:44:54 +00:00
kirrg001
949d33b1db Bump jsonpath to version 1.0.0
no issue

- major bump
- we only use jsonpath inside the `get` helper
- the functionality still works as expected
- includes security fix, see 98464aa5fe
2017-10-31 12:21:48 +01:00
kirrg001
9d4ed8c61c Replaced extract-zip-fork by extract-zip
no issue

- we had to fork the original repository at one point, because of slow maintenance
- maintenance is back now
- https://github.com/maxogden/extract-zip/pull/52 was merged and released
2017-10-31 12:11:59 +01:00
kirrg001
cfca111493 Bump dependencies
no issue

- bson-objectid@1.2.1
- compression@1.7.1
- express@4.16.2
- moment-timezone@0.5.14
- mysql@2.15.0
- nconf@0.8.5
- sanitize-html@1.15.0
- simple-html-tokenizer@0.4.3
- superagent@3.8.0

IMPORTANT:
- we are unable to bump moment and bluebird at the moment, because in both releases there is a bug which breaks our tests
- i didn't investigate a lot, but there is https://github.com/petkaantonov/bluebird/issues/1468
- and for moment, a couple of reports came in for .19 regarding a wrong date behaviour
2017-10-31 11:53:16 +01:00
Katharina Irrgang
07dcbb0d53 Support for Node v8 (#9183)
no issue

- bump dependencies because of failing tests
- added package-lock.json to gitignore, because we use yarn
- run v8 on travis
- support v8 engine in package.json
2017-10-26 11:37:58 +01:00
kirrg001
984aeffeb6 Bump knex-migrator to version 2.1.8
no issue

- Fixed migration order on db initialisation
2017-10-25 10:44:27 +02:00
Hannah Wolfe
7262c9e465 Upgrading knex-migrator to 2.1.7 (#9154) 2017-10-17 16:06:46 +01:00
Katharina Irrgang
594b0c2d14 Custom post templates (#9073)
closes #9060

- Update `gscan` - it now extracts custom templates and exposes them to Ghost
- Add `custom_template` field to post schema w/ 1.13 migration
- Return `templates` array for the active theme in `/themes/` requests
- Users with Author/Editor roles can now request `/themes/`
- Front-end will render `custom_template` for posts if it exists, template priority is now:
  1. `post/page-{{slug}}.hbs`
  2. `{{custom_template}}.hbs`
  3. `post/page.hbs`
2017-10-10 13:36:35 +01:00
Hannah Wolfe
7999c38fa2 Support filtering based on primary_tag (#9124)
closes #8668, refs #8920

- Updated tests to include internal tags
  - Tests had no example of an internal tag
  - Need this to show that the new filtering works as expected
- primary_tag is a calculated field
- This ensures that we can alias the field to equivalent logic in API filters
- By replacing primary_tag by a lookup based on a tag which has order 0
- bump ghost-gql to 0.0.8

**NOTE:**
Until GQL is refactored, there are limitations on what else can be filtered when using primary_tag in a filter e.g. it wont be possible to do a filter based on primary_tag AND/OR other tag filters.
2017-10-10 14:07:44 +02:00
Aileen Nowak
7be165da07 Fixed not updated yarn.lock
no issue

PR #9087 was updated with a new `yarn.lock` file after changing from using the caret in the `package.json` file for the dependency to not using it.
2017-10-04 17:09:18 +07:00
Aileen Nowak
d7e0770a7b Bump Amperize to version 0.3.5 (#9087)
no issue

- bump `amperize` to 0.3.5 which fixes issues with images-size requests not following redirects, and image-size requests that caused errors leading to stop transforming the rest of the passed HTML.
2017-10-04 11:12:03 +02:00
Kevin Ansfield
ec6e25674c Removed markdown-it-named-headers and unused string deps (#8994)
refs https://github.com/TryGhost/Ghost-Admin/pull/856

- moves `markdown-it-named-headers` functionality into our own app code without requiring the [`string.js`](http://stringjs.com) sub-dependency
- matches Ghost-Admin markdown-it code
2017-09-25 16:36:34 +02:00
Katharina Irrgang
55bf5997b9 Bump dependencies (#9050)
no issue

- body-parser@1.18.2
- cookie-session@1.3.2
- knex-migrator@2.1.6
- markdown-it@8.4.0
- netjet@1.1.4
- oauth2orize@1.10.0
- passport@0.4.0
- superagent@3.6.0
- mocha@3.5.3
- nock@9.0.20
- tmp@0.0.33
2017-09-25 13:27:14 +01:00
Katharina Irrgang
7b4c3fc085 Removed defunct Ghost OAuth code (#9014)
closes #8342

- no need to add a migration, because when we'released 1.0, OAuth was never an option
- it was disabled in April, 1.0-beta was released in June
- remove all remote authentication code
2017-09-18 13:01:58 +01:00
Kevin Ansfield
47322e4239 Re-instate mobiledoc dom rendering with bypass of SimpleDOM parsing (#8937)
closes #8757

- update the markdown card render method to use SimpleDOM's `createRawHtmlSection`. This avoids SimpleDOM parsing and tokenization of broken or unsupported free-form HTML that markdown allows
- replace markdown extraction/render with mobiledoc's renderer in the `Post` model
- removes `jsdom` as it's no longer necessary
2017-08-31 12:09:02 +02:00
Aileen Nowak
30bee115fe Used got to handle requests for image-size (#8892)
refs #8589, refs #8868

- swap `request` with `got` in `getImageSizeFromUrl` util
- less handling for request cases e.g. timeouts, follow redirects
2017-08-31 11:39:37 +02:00
David Wolfe
be54da265b Add segment analytics for blog data (#8912)
no issue
- adds data to track such as post published
- adds ability to add custom data and event prefix via config file
2017-08-22 12:23:23 +01:00
Aileen Nowak
b086b432ad Dumped icojs and use image-size for .ico (#8888)
refs #8868

The `image-size` library supports now `.ico` files, which means there is no longer need to use the `icojs` library.
- removes unnecessary `icojs` dependency
- refactors `getIconDimensions` fn in blog icon util to fetch image sizes synchronus
- removes unnecessary `getIconDimensions` fn in blog icon validation, as there is no longer need to use different image size fn for different file extensions, and uses `getIconDimensions` from blog util fn instead.
- updates and adds more tests
2017-08-17 17:44:05 +01:00
Hannah Wolfe
b6b299a8f7 Used ghost-ignition.debug, removed debug dep (#8881)
no issue

- Upgraded ghost-ignition
- Use debug from ghost-ignition everywhere in the code base
- Remove debug dependency
- Fixed random typo in Gruntfile.js
2017-08-15 18:29:27 +07:00
kirrg001
bb6b58cae7 ⬆️ Bump dependencies
no issue

- cookie-session@1.3.0
- ghost-ignition@2.8.13
- gscan@1.1.7
- image-size@0.6.1
- markdown-it@8.3.2
- mysql@2.14.1
- mocha@3.5.0
- nock@9.0.14
2017-08-08 14:57:10 +02:00
kirrg001
ffecf87551 ⬆️ Bumb dependencies
no issue

- compression@1.7.0
- cors@2.8.4
- gscan@1.1.6
- jsonpath@0.2.12
- knex-migrator@2.1.5
- semver@5.4.1
2017-08-03 11:09:03 +04:00
kirrg001
68803ae250 ⬆️ Bump dependencies
no issue

- knex-migrator@2.1.4
2017-08-01 17:20:01 +04:00
kirrg001
acfb0d31ea ⬆️ Bump dependencies
no issue

- ghost-ignition@2.8.12
2017-08-01 13:40:50 +04:00
Katharina Irrgang
7845617607 Custom Post Excerpt Feature (#8792)
closes #8793

- 1.3 post excerpt migration
  - add 1.3 migration to add `excerpt` to post schema

NOTE:
    - knex-migrator relies on the package.json safe version
    - so right now Ghost is on 1.2
    - the migration script is for 1.3
    - if you pull down the PR (or if we merge this PR into master), you have to run `knex-migrator migrate --v 1.3 --force`
    - knex-migrator will tell you what you have todo

- Bump dependencies
  - knex-migrator@2.1.3
- Soft limit for custom_excerpt
- Extended {{excerpt}} to use custom excerpt
   - when a `custom_excerpt` field exists, the `{{excerpt}}` helper will output this and fall back to autogenerated excerpt if not.
- Refactored behaviour of (meta) description
   - html tag `<meta name="description" />` for posts, tags and author doesn't get rendered if not provided.
        - fallback for `author.bio` removed
        - fallback for `tag.description` removed
   - structured data and schema.org for `post` context takes the following order to render description fields:
        1. custom excerpt
        2. meta description
        3. automated excerpt (50 words)
    - updated and added tests to reflect the changes
2017-08-01 12:39:34 +04:00
Katharina Irrgang
b11ffd976b ⬆️ bump dependencies (#8761)
no issue

- gscan@1.1.5
2017-07-27 11:47:27 +04:00
kirrg001
f4ecd65853 ⬆️ bump dependencies
no issue

- gscan@1.1.4
2017-07-18 15:31:12 +02:00
kirrg001
07e35e3d0b ⬆️ bump dependencies
no issue

- gscan@1.1.3
- grunt-contrib-clean@1.1.0
- grunt-contrib-compress@1.4.3
- grunt-contrib-jshint@1.1.0
- jshint@2.9.5
- mocha@3.4.2
2017-07-11 10:45:43 +02:00
kirrg001
6a589f7878 ⬆️ bump dependencies
no issue

- gscan@1.1.2
- body-parser@1.17.2
- debug@2.6.8
- express@4.15.3
- html-to-text@3.3.0
- image-size@0.5.5
- uuid@3.1.0
2017-06-22 19:40:56 +02:00
kirrg001
d823412987 ⬆️ bump dependencies
no issue

- gscan 1.1.1
2017-06-08 16:14:51 +02:00
kirrg001
85ed078df8 ⬆️ gscan 1.1.0 2017-06-06 13:07:50 +07:00
kirrg001
8680099765 🎨 gscan 1.1.0 & optimisations
refs #8222

- differentiate between errors and fatal errors
- use gscan errors in theme middleware
- Adds a new `error()` method to `currentActiveTheme` constructor which will return the errors we receive from gscan
- In middleware, if a theme couldn't be activated because it's invalid, we'll fetch the erros and send them to our error handler. We also use a new property `hideStack` to control, if the stack (in dev mode and if available) should be shown or the gscan errors (in prod mode, or in dev if no stack error)
- In our error handler we use this conditional to send a new property `gscan` to our error theme
- In `error.hbs` we'll iterate through possible `gscan` error objects and render them.
- remove stack printing
- stack for theme developers in development mode doesn't make sense
- stack in production doesn't make sense
- the stack is usually hard to read
- if you are developer you can read the error stack on the server log
- utils.packages: transform native error into Ghost error
- use `onlyFatalErrors` for gscan format and differeniate fatal errors vo.2
- optimise bootstrap error handling
- transform theme is missing into an error
- add new translation key
- show html tags for error.hbs template: rule
2017-06-06 13:07:50 +07:00
Ryan McCarvill
957f51e677 🐝 Allow unbalanced HTML in markdown card. (#8320)
no issue

The simpledom interpreter that the Mobiledoc DOM renderer uses does not allow for unbalanced or incorrect HTML such as that which is entered by a user.

This PR adds a step where the HTML is sanitised and balanced before being passed to simpledom.

- use latest jsdom (+pin version), update yarn.lock, add comments
- don't use node-4 incompatible shorthand method definition
- grab <body> content rather than document content
- update markdown card specs to match markdown-it behaviour
- revert to jsdom 9.12.0 for node 4.x support, close window to free memory
- moved 3rd party libs into render function
2017-05-23 16:15:32 +02:00
kirrg001
b20fb26061 ⬇️️ revert dependencies: knex@0.13.0 to knex@0.12.9
no issue

We have recently merged `knex:0.13.0` into Ghost master.

It was absolutely fine and it works, because yarn is smart. but...
- in case you use `npm` for the installation, the installation of the Ghost dependency fails because of a peer dependency error
- we install 2x knex, which isn't really useful
- bookshelf doesn't actually support knex 0.13.0 yet, see https://github.com/tgriesser/bookshelf/issues/1566
2017-05-22 14:59:21 +02:00
Kevin Ansfield
5d868d14ad replace custom showdown fork with markdown-it (#8451)
refs https://github.com/TryGhost/Ghost-Admin/pull/690, closes #1501, closes #2093, closes #4592, closes #4627, closes #4659, closes #5039, closes #5237, closes #5587, closes #5625, closes #5632, closes #5822, closes #5939, closes #6840, closes #7183, closes #7536

- replace custom showdown fork with markdown-it
- swaps showdown for markdown-it when rendering markdown
- match existing header ID behaviour
- allow headers without a space after the #s
- add duplicate header ID handling
- remove legacy markdown spec
- move markdown-it setup into markdown-converter util
- update mobiledoc specs to match markdown-it newline behaviour
- update data-generator HTML to match markdown-it newline behaviour
- fix Post "converts html to plaintext" test
- update rss spec to match markdown-it newline behaviour
- close almost all related showdown bugs
2017-05-15 18:48:14 +02:00
kirrg001
33c95f4523 ⬆️ bump dependencies
no issue

- express@4.15.2
- body-parser@1.17.1
- uuid@3.0.1
2017-05-12 08:59:09 +01:00
Greenkeeper
df8e7f873e Update fs-extra to version 3.0.1 🚀 (#8440)
* chore(package): update fs-extra to version 3.0.1

https://greenkeeper.io/

* chore: yarn.lock
2017-05-10 09:51:54 +02:00
Greenkeeper
a3e74b305a Update debug to version 2.6.6 🚀 (#8425)
* chore(package): update debug to version 2.6.6

https://greenkeeper.io/

* chore: yarn.lock
2017-05-10 09:47:23 +02:00
Greenkeeper
7a4d76c57d Update image-size to version 0.5.2 🚀 (#8446)
* chore(package): update image-size to version 0.5.2

https://greenkeeper.io/

* chore: yarn.lock
2017-05-10 09:46:54 +02:00
Greenkeeper
8704cc9169 Update knex to version 0.13.0 🚀 (#8428)
* chore(package): update knex to version 0.13.0

https://greenkeeper.io/

* chore: yarn.lock
2017-05-02 13:43:50 +02:00