Commit Graph

3316 Commits

Author SHA1 Message Date
Renovate Bot
1cfd873163 Update dependency @tryghost/nodemailer to v0.3.8 2021-12-01 17:56:00 +00:00
Renovate Bot
ceb93d00f4 Update dependency @tryghost/validator to v0.1.9 2021-12-01 17:55:46 +00:00
Renovate Bot
1bcec67ca2 Update dependency @tryghost/bookshelf-plugins to v0.3.5 2021-12-01 17:09:03 +00:00
Renovate Bot
af84ecae2d Update dependency @tryghost/minifier to v0.1.6 2021-12-01 17:08:42 +00:00
Renovate Bot
b6bbd607b4 Update dependency @tryghost/limit-service to v1.0.5 2021-12-01 17:08:11 +00:00
Renovate Bot
4505a150c2 Update dependency @tryghost/image-transform to v1.0.23 2021-12-01 17:07:47 +00:00
Renovate Bot
9def771db6 Update dependency @tryghost/adapter-manager to v0.2.23 2021-12-01 17:07:37 +00:00
Renovate Bot
286ccc586d Update dependency @tryghost/package-json to v1.0.11 2021-12-01 17:07:19 +00:00
Renovate Bot
e3ed6ddd07 Update dependency @tryghost/session-service to v0.1.33 2021-12-01 17:07:09 +00:00
Daniel Lockyer
8814f7a638
Merged v4.25.0 into main
v4.25.0
2021-12-01 16:04:36 +00:00
Daniel Lockyer
317382ebc2 v4.25.0 2021-12-01 15:49:29 +00:00
Thibaut Patel
2da2c99e86 Updated callout card css classes
no refs

- Updated the css classes from `kg-card-callout*` to `kg-callout-card*` for the callout card. This improves consistency with the other cards' css.
2021-12-01 16:48:42 +01:00
Fabien egg O'Carroll
3a263b08eb 🐛 Fixed Member imports overriding missing columns
refs https://github.com/TryGhost/Team/issues/1202

We were storing all possible columns for a member, rather than the ones
sent up in the CSV - this was causing updates to existing members to
have their data removed. This fix means that we only store the columns
that were sent up in the CSV - so that missing columns are not affected.
2021-12-01 17:19:18 +02:00
Kevin Ansfield
fd28218a40 Added theme CSS checks for button and nft cards
no issue

- bumps `gscan` with additional checks and a correction to error messages for missing CSS
2021-12-01 15:12:00 +00:00
Renovate Bot
5d9bd6f441 Update dependency @tryghost/express-dynamic-redirects to v0.2.2 2021-12-02 04:05:51 +13:00
Rishabh
b1b0657959 🐛 Fixed 500 webhook errors for subscription with multiple prices
closes TryGhost/Team#1238

- previously returned 500 errors when a subscription had invalid number of prices due to external tampering on Stripe directly
- instead now returns 400 Bad Request error when subscriptions don't have right number of prices
2021-12-01 20:29:25 +05:30
Sam Lord
18b8eddd0d Added linting for use of @tryghost/errors
refs: https://github.com/TryGhost/Toolbox/issues/147
Errors in @tryghost/errors rely on being called with an object (with a `message` member) rather than with a string.
2021-12-01 11:22:21 +00:00
Fabien egg O'Carroll
5e0374cfde Used new paid signup email when auto-login is enabled
refs https://github.com/TryGhost/Team/issues/1067
refs https://github.com/TryGhost/Ghost/commit/579b34434

This is behind the feature flag so that it can be tested & checked by
product before rolling out.
2021-12-01 13:19:18 +02:00
Sam Lord
2887e416da
Switch to @tryghost/errors from ignition errors package (#13807)
refs: TryGhost/Toolbox#147

* Replaces all references to isIgnitionError with isGhostError
* Switches use of GhostError to InternalServerError - as GhostError is no longer public
There are places where InternalServerError is not the valid error, and new errors should be added to the @tryghost/errors package to ensure that we can use semantically correct errors in those cases.
2021-12-01 10:22:01 +00:00
Thibaut Patel
8364ef80fe Updated a gscan custom setting rule description
no refs

- In the custom theme settings, the `color` default error was saying `null` and empty string values were allowed. They weren't. The description is now fixed
2021-12-01 10:03:20 +01:00
Fabien egg O'Carroll
c55a138a58 Removed invalid subscriptions from BREAD API
refs https://github.com/TryGhost/Team/issues/1243

When invalid subscriptions without any price data are included in the
API, we are faced with errors due to the data being in an undefined
state. This updates the API to not respond with these invalid
subscriptions.
2021-12-01 11:00:01 +02:00
Fabien egg O'Carroll
e6856f6ac6 Initial custom embed provider for Twitter
refs https://github.com/TryGhost/Team/issues/1001

We fall back to existing behaviour if no API key is present, or if there
is an error communicating with the Twitter API. We're also currently
requesting all the data, which will be thinned down once we understand
what we need.

This also includes a custom renderer for embeds of type "twitter" which
will be used to output the custom HTML for emails
2021-11-30 12:58:25 +02:00
Renovate Bot
f66800c92e Update CSS preprocessors 2021-11-30 09:41:40 +01:00
Sam Lord
a21b91cc71 Added lint rules for migrations
refs: https://github.com/TryGhost/Toolbox/issues/105

Lint rules prevent:

* Invalid naming conventions for new migrations
* Loop constructs in migrations - these should be used with caution
and are therefore a warning rule, use `// eslint-disable-next-line
no-restricted-syntax` to prevent this rule from firing where a loop is
required
* Returing within a loop - this is usually meant to be a
continue/break
* Multiple joins - these can be badly performing migrations, so should
be treated with caution, disable the rule for the line if the risk is
understood / the migration cannot be written without it
2021-11-29 16:21:43 +00:00
Kevin Ansfield
fedbfb3c67 Added alt-style blockquote support when creating posts using HTML
refs https://github.com/TryGhost/Team/issues/1239

- bumps `@tryghost/html-to-mobiledoc` that uses a new parser plugin for transforming `<blockquote class="kg-blockquote-alt">` to an `aside` section in mobiledoc as that's what we use as a workaround for storing alternative blockquote style
2021-11-29 11:43:53 +00:00
Kevin Ansfield
409fe5dd18 Added rendering of alternative style blockquotes
refs https://github.com/TryGhost/Team/issues/1239

- bumps `@tryghost/kg-mobiledoc-html-renderer` which changes rendering of previously-unused `<aside>` sections as `<blockquote class="kg-blockquote-alt kg-width-wide">`
2021-11-29 10:04:25 +00:00
Daniel Lockyer
561c84b9fa v4.24.0 2021-11-26 16:00:26 +00:00
Renovate Bot
59f6521f19
Update dependency eslint-plugin-ghost to v2.8.0 2021-11-25 17:21:43 +00:00
Thibaut Patel
3a9b70412a Added callout card css warning to gscan
refs https://github.com/TryGhost/Team/issues/1206

- This add a warning when the `card_asset` config is set so that Ghost doesn't include the callout card css AND the callout card css isn't in the theme
- The update also contains a fix to correctly detect partials named `fill`
- The update also improves the error content when gscan finds an unkown partial
2021-11-25 16:57:07 +01:00
Daniel Lockyer
d92eebd74e
Merged v4.23.0 into main
v4.23.0
2021-11-25 12:18:12 +01:00
Daniel Lockyer
0fe59026d0 v4.23.0 2021-11-25 11:16:29 +00:00
Fabien O'Carroll
9730081590 🐛 Restricted Offer name to 40 characters
refs https://github.com/TryGhost/Team/issues/1236

We want to ensure that Offers share a name with the correspondent coupon
in Stripe, which have a max length of 40 characters, so we are applying
the same restriction to Offers.
2021-11-25 12:57:42 +02:00
Daniel Lockyer
15d5905549
🐛 Fixed intermittent failures with embedding
refs https://github.com/TryGhost/Team/issues/1235

- we are seeing `oembed-parser` 1.5.2 have intermittent issues when
  fetching oembed data
- we're not sure of the reason but reverting the dependency to 1.4.9 seems to fix
  the issue
- this commit reverted the bump in Ghost and adds it to Renovate's ignore
  list so it isn't automatically bumped in the future
2021-11-25 11:45:56 +01:00
djordje vlaisavljevic
77cae01687 Refined container div for toggle card refs https://github.com/TryGhost/Team/issues/1209 2021-11-25 11:39:28 +01:00
Renovate Bot
ff89cd74bc Update dependency postcss to v8.4.1 2021-11-25 09:39:56 +01:00
Thibaut Patel
62dcabc236 Revert "Added missing callout card css warning to gscan"
This reverts commit 753b300a85.

- The reason is that migrating Ghost from v3 to the latest version would break due to the warning added by gscan (it would break there: a2a24491f5/packages/ghost-cli/lib/tasks/major-update/ui.js (L45)).
2021-11-24 20:40:21 +01:00
Thibaut Patel
753b300a85 Added missing callout card css warning to gscan
refs https://github.com/TryGhost/Team/issues/1206

- Theme developpers should add the right css classes or configure the `card_asset` property
- Commit a583f7236e fixed the previous attempt of bumping gscan
2021-11-24 20:24:16 +01:00
Thibaut Patel
dc5171f8fa Revert "Added missing callout card css warning to gscan"
This reverts commit 61213da3d1.
2021-11-24 17:47:36 +01:00
Thibaut Patel
61213da3d1 Added missing callout card css warning to gscan
refs https://github.com/TryGhost/Team/issues/1206

- Theme developpers should add the right css classes or configure the `card_asset` property
2021-11-24 16:54:46 +01:00
Renovate Bot
45b0b907e5
Update dependency sanitize-html to v2.6.0 2021-11-23 19:54:04 +00:00
Naz
6d6aa12afe Extracted routes.yaml path calculation into external package
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs e457fd5fe0 (diff-b292e8480eee007786cc602f55ed05006a06b8da9fe6934d51fbef8328013278R36)

- The full logic for  file path calculation for routes.yaml has been duplicated in couple modules. It is aslo following similar pattern used in redirects services and should be reused there once those modules are touched
2021-11-24 05:32:20 +13:00
Thibaut Patel
5258e02fd1 Added support for theme card_asset config to GScan
refs https://github.com/TryGhost/Team/issues/1232

- Only require the right css rules depending on the `card_assets` configuration
- 🐛 removed `kg-width-wide` and `kg-width-full` from being considered as card asset, as they should always be defined in themes (it was only a problem in v4.11.x)
2021-11-23 14:29:39 +01:00
Rishabh
df8273f995 Updated default styles for accordion card
refs https://github.com/TryGhost/Team/issues/1209

- bumps kg default cards package to include accordion card changes
2021-11-23 15:29:18 +05:30
Renovate Bot
8d1863e54b Update dependency gscan to v4.11.1 2021-11-22 14:04:18 +01:00
Renovate Bot
ab51ce09dc Update dependency analytics-node to v6 2021-11-22 08:05:05 +01:00
Renovate Bot
fdfd16934b Update dependency @tryghost/job-manager to v0.8.13 2021-11-22 07:46:28 +01:00
Renovate Bot
12b4933c3e
Update metascraper to v5.25.2 2021-11-19 21:15:28 +00:00
Daniel Lockyer
8bf93640a8 v4.22.4 2021-11-19 16:00:32 +00:00
Hannah Wolfe
4ba8752651 Revert "Revert "Ensured that the new content/public dir exists""
This reverts commit 1c36d3941f.
2021-11-19 14:34:48 +00:00
Hannah Wolfe
1c36d3941f
Revert "Ensured that the new content/public dir exists"
This reverts commit abf75cca71.
2021-11-19 13:31:48 +00:00
Hannah Wolfe
abf75cca71
Ensured that the new content/public dir exists
- Upgrading the version of minifier to a patched version that ensures the dir exists before writing a file
- This is needed because although the content/public directory is present in the repo, it is not present in production installs
  made with Ghost-CLI or Pro until changes there are merged. Other production setups will likely miss it too.
- Ensuring the dir means no one is suprised by this not working
2021-11-19 12:57:07 +00:00
Fabien O'Carroll
c784d7068c Added container class to NFT card HTML
refs https://github.com/TryGhost/Team/issues/1211

Added by Zimo https://github.com/TryGhost/Koenig/commit/1eeb264e
2021-11-19 13:10:22 +02:00
Fabien O'Carroll
78ee0509bf Removed duplicate class name from NFT card
refs https://github.com/TryGhost/Team/issues/1211

Duplicate class names make it harder to style elements.
2021-11-19 12:12:19 +02:00
Renovate Bot
503e4c198d Update dependency @tryghost/logging to v1.0.1 2021-11-19 08:44:59 +01:00
Rishabh
36b4c7de78 Refined frontend and email styles for toggle card
refs https://github.com/TryGhost/Team/issues/1209
2021-11-19 09:55:19 +05:30
Thibaut Patel
66f17e18a7 Updated gscan to support the card_assets config
refs https://github.com/TryGhost/Team/issues/1232

- When `config.card_assets` is set to true, disable the card asset checks
2021-11-18 23:29:54 +01:00
Daniel Lockyer
f37a5d3eff
Removed more unnecessary DB queries during init
refs d4b10323b7

- as mentioned in the referenced commit, there was another optimization
  regarding batching the inserts
- this seems good to me in the end, so I've updated knex-migrator to do this
- this commit bumps knex-migrator to the updated version
- after this change, a `knex-migrator init` goes from 5.5s to 5s locally
  and we've removed ~470 DB queries
2021-11-18 18:33:31 +01:00
Daniel Lockyer
d4b10323b7 Reduced unnecessary DB queries during init
refs 8d9a561cab

- see referenced commit for context but we were doing unnecessary SELECT
  queries when initializing the DB and the commit reduces this by half
- this commit updates `knex-migrator` to that containing the commit
2021-11-18 17:59:40 +01:00
Renovate Bot
9b14f1c22f Update dependency @tryghost/metrics to v1.0.1 2021-11-18 16:36:48 +01:00
Renovate Bot
0ff7011b0b Update dependency @tryghost/helpers to v1.1.54 2021-11-18 16:36:04 +01:00
Renovate Bot
1b9ca304ed Update dependency @tryghost/color-utils to v0.1.5 2021-11-18 16:35:12 +01:00
Renovate Bot
6fad408f2c Update dependency @tryghost/request to v0.1.9 2021-11-18 16:35:03 +01:00
Renovate Bot
e54f0a644d Update dependency @tryghost/url-utils to v2.0.4 2021-11-18 14:37:10 +01:00
Renovate Bot
f1ec0c1056 Update dependency cssnano to v5.0.11 2021-11-18 13:41:39 +01:00
Fabien O'Carroll
3d47f2835b Updated NFT card rendering to include payload
refs https://github.com/TryGhost/Team/issues/1211

This adds the payload as a data attribute to the rendered card so that
we can transform the card form HTML back to mobiledoc easily.
2021-11-18 14:30:48 +02:00
Daniel Lockyer
e883d4c4fe
🐛 Fixed credentials provider for SES mail transport
refs https://github.com/TryGhost/framework/pull/41

- see the referenced PR for context but Ghost could not authenticate to
  SES in containers using IAM because of a missing dependency
- this has been updated in the Nodemailer docs and added in the PR
- the `@tryghost/nodemailer` package has been updated so this commit
  bumps it in Ghost
- credits to https://github.com/touzoku for the fix
2021-11-18 11:48:26 +01:00
Fabien O'Carroll
b2172cec5b Updated NFT card rendering for emails
refs https://github.com/TryGhost/Team/issues/1211

This adds custom rendering for nft cards in emails, using tables instead
of flexbox for alignment.

This also updates the button card to add the missing `kg-card` class to
it.
2021-11-17 15:46:11 +02:00
Sam Lord
0692ddf57d Revert "Replace update user last seen middleware with package version"
This reverts commit 07f8c6efbb.

Revert "Remove unused unit test file"

This reverts commit f1798119d3.
2021-11-17 11:00:55 +00:00
Renovate Bot
b70ad5b170 Update dependency @tryghost/mw-update-user-last-seen to v0.1.1 2021-11-17 10:46:06 +00:00
Renovate Bot
f930575387 Update dependency gscan to v4.10.2 2021-11-17 10:41:00 +00:00
Rishabh
fdc7f4219f Added generic class to toggle and callout cards
refs https://github.com/TryGhost/Team/issues/1209
2021-11-17 15:45:56 +05:30
Renovate Bot
89b0b6cf5b
Update dependency @sentry/node to v6.15.0 2021-11-16 20:53:05 +00:00
Fabien O'Carroll
d7621405ed Fixed NFT card rendering
refs https://github.com/TryGhost/Team/issues/1211

The nft card rendering has been updated to correctly handle the switch
from card_type to type, and the removal of the html property from the
NFT embed API
2021-11-16 22:49:42 +02:00
Sam Lord
07f8c6efbb Replace update user last seen middleware with package version
no issue

Part of the goal to move these middleware packages to remove untested code from the codebase
2021-11-16 15:58:45 +00:00
Sam Lord
1234a61b52 Mode c8 configuration from package.json to .c8rc.json
refs: https://github.com/TryGhost/Toolbox/issues/117

Simplifies the commands in package.json by adding defaults to the .c8rc.json file
2021-11-16 10:22:15 +00:00
Renovate Bot
e8535cec6a
Update metascraper to v5.25.1 2021-11-15 20:06:43 +00:00
Daniel Lockyer
6fd5139372
Merged v4.22.3 into main
v4.22.3
2021-11-15 13:44:09 +00:00
Daniel Lockyer
58f7196881 v4.22.3 2021-11-15 13:43:15 +00:00
Rishabh
c3b6e21617 Refined frontend style for toggle cards
refs https://github.com/TryGhost/Team/issues/1209

- adds open/close behavior to toggle cards
- updates styling
2021-11-15 16:43:23 +05:30
Fabien O'Carroll
a51524c47c Added custom Embed card rendering for NFT Embeds
refs https://github.com/TryGhost/Team/issues/1211
2021-11-15 10:44:37 +02:00
Daniel Lockyer
ee1fb0d972 v4.22.2 2021-11-12 16:00:25 +00:00
Renovate Bot
f5d46d0da0 Update dependency nock to v13.2.1 2021-11-12 11:26:40 +00:00
Renovate Bot
ef8852c5b6
Update dependency @sentry/node to v6.14.3 2021-11-11 18:59:47 +00:00
Kevin Ansfield
50b51e222c Added support for parsing Wordpress and Substack button html to button cards
refs https://github.com/TryGhost/Team/issues/1214

- bumps @tryghost/html-to-mobiledoc with support for parsing Wordpress/Substack HTML into our button cards

Example Wordpress html:
```html
<div class="wp-block-buttons">
    <div class="wp-block-button">
        <a href="https://example.com" class="wp-block-button__link">
            Testing  button
        </a>
    </div>
</div>
```

Example Substack html:
```html
<a class="button primary" href="https://ghost.org">
    <span>Custom Button</span>
</a>
```
2021-11-11 14:29:15 +00:00
Thibaut Patel
1139b0fdde Updated the callout card parsing and rendering
refs https://github.com/TryGhost/Team/issues/1205

- Adds support for optional enoji and background color
2021-11-10 18:33:21 +01:00
Renovate Bot
b401bc77a2 Update dependency @tryghost/social-urls to v0.1.27 2021-11-10 15:33:19 +00:00
Rishabh
7dcad6d5b5 Added default card for new toggle card
refs https://github.com/TryGhost/Team/issues/1209

- bumps koenig default cards to include support for toggle card
- bumps html to mobiledoc library to add support for toggle card
2021-11-10 20:13:42 +05:30
Daniel Lockyer
2f57e0ab6b
Merged v4.22.1 into main
v4.22.1
2021-11-10 12:58:49 +00:00
Daniel Lockyer
8fe425e176 v4.22.1 2021-11-10 12:56:23 +00:00
Renovate Bot
edff6e0ef1 Update dependency @tryghost/url-utils to v2.0.3 2021-11-10 10:49:01 +00:00
Renovate Bot
cc650d90cb Update dependency @tryghost/admin-api-schema to v2.6.1 2021-11-10 08:47:47 +00:00
Renovate Bot
f36b8b5af6 Update dependency @tryghost/color-utils to v0.1.4 2021-11-10 08:47:07 +00:00
Renovate Bot
184e20b4de Update dependency @tryghost/helpers to v1.1.53 2021-11-10 08:46:50 +00:00
Renovate Bot
710136926d Update dependency @tryghost/string to v0.1.21 2021-11-10 08:46:40 +00:00
Fabien O'Carroll
4d4e04ea65
🐛 Fixed offers remaining after subscription change
refs https://github.com/TryGhost/Team/issues/1092

This ensures that when a subscription is changed by a Member that the
Offer is removed and will no longer apply.
2021-11-10 08:41:09 +00:00
Thibaut Patel
ea525e20a5 Updated callout card
refs https://github.com/TryGhost/Team/issues/1205

- Updated the rendered callout card to match the callout card from the admin interface
2021-11-09 21:47:03 +01:00
renovate[bot]
ced7b858dd
Update dependency @tryghost/members-offers to v0.10.2 (#13718)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-09 14:32:35 +02:00
Naz
ce63b87b2e 🐛 Fixed extention missmatching .mp4 as invalid
refs https://github.com/TryGhost/Toolbox/issues/120

- When a file name with an .mp4 extension was passed in it was mistakenly taken as an invalid extension. It is pretty valid!
- Fixing this bug allows for for duplicate file detection when uploading valid valies with extensions containing numbers
- Extensions that consiste only from numbers are still treated as invalid
2021-11-09 16:07:23 +04:00
Kevin Ansfield
3150142b2f Updated button card frontend+email render output
refs https://github.com/TryGhost/Team/issues/1207

- uses koenig-specific classes to avoid clashes with theme CSS
- fixes email rendering by using table alignment
2021-11-09 10:44:18 +00:00
Thibaut Patel
bfaccadd4e Added initial callout card rendering
refs https://github.com/TryGhost/Team/issues/1205

- bumped rendering library to the version with `callout` card support
2021-11-09 10:36:51 +01:00
Fabien O'Carroll
3017f9d50c 🐛 Fixed offers remaining after subscription change
refs https://github.com/TryGhost/Team/issues/1092

This ensures that when a subscription is changed by a Member that the
Offer is removed and will no longer apply.
2021-11-09 11:22:04 +02:00
Renovate Bot
6b2cbe5c18
Update dependency luxon to v2.1.1 2021-11-08 22:35:35 +00:00
Kevin Ansfield
3a2bf93173 Added initial button card rendering and parsing support
refs https://github.com/TryGhost/Team/issues/1207

- bumped rendering and parsing libraries to versions with `button` card support
2021-11-08 18:33:26 +00:00
renovate[bot]
b7d8d70ccf
Update dependency @tryghost/members-api to v2.7.3 (#13717)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-08 12:40:17 +02:00
Renovate Bot
13d282fb94 Update dependency cssnano to v5.0.10 2021-11-08 08:30:43 +00:00
Renovate Bot
6ad0ac4103 Update dependency nock to v13.2.0 2021-11-08 08:30:30 +00:00
Naz
151ab6968c Added local file storage adapter
refs https://github.com/TryGhost/Toolbox/issues/114

- This adapter is meant to power Files API
- The files will be stored under `/files/` in the configured content path and under `/content/files/` URL.
2021-11-08 11:29:33 +04:00
Renovate Bot
9d0af694d0
Update dependency oembed-parser to v1.5.2 2021-11-08 03:57:58 +00:00
Renovate Bot
46762eb624
Update dependency luxon to v2.1.0 2021-11-08 01:53:51 +00:00
Renovate Bot
de6fff90b3
Update dependency @sentry/node to v6.14.1 2021-11-05 16:01:42 +00:00
Daniel Lockyer
40e2c89e3c v4.22.0 2021-11-05 16:00:29 +00:00
Renovate Bot
fa03052187 Update dependency @tryghost/job-manager to v0.8.12 2021-11-05 13:35:34 +00:00
Daniel Lockyer
ed4586c28c
Disabled Sharp image cache to improve memory usage
refs 03d24ea4fe

- see the referenced commit for the full explanation but in short, Sharp
  has an internal cache it uses when optimizing images and it defaults
  to 50MB. This cache is not needed for our use-case because we never
  optimize images twice
- `@tryghost/image-transform` has been updated to disable the cache and
  this commit bumps the package in Ghost
2021-11-05 12:32:13 +00:00
Fabien O'Carroll
72b90151bb Disabled auto-login when a success url is provided
refs https://github.com/TryGhost/Team/issues/1067

The auto-login behaviour obliterates the concept of a success URL,
because the Member is redirected in a logged in state, to the welcome
URL - rather than a logged out state to the success URL.

In order to not disrupt existing flows, we disable auto login if a
success URL is provided.
2021-11-05 10:24:02 +02:00
Hannah Wolfe
fdf38ba8c6
Initial card asset service implementation
- Requires the new @tryghost/minifier package
- Adds a new service that will handle taking config from the theme and optionally including assets for Koenig editor cards
- It supports both css and js as cards may need one or both
- For any given config, the tool can find the matching files to include and concat and minify them into one file per type
- Currently has an override in place so that this is not yet customisable in the theme - will remove this override when we're ready for the feature
2021-11-04 11:34:40 +00:00
Renovate Bot
f421ee79d8 Update dependency @lodder/grunt-postcss to v3.1.1 2021-11-04 07:33:33 +00:00
Fabien 'egg' O'Carroll
da152a0a13
Removed references to Offers labs flag (#13709)
refs https://github.com/TryGhost/Team/issues/1115

This feature is now GA, and the flag has been hardcoded to `true`, here we clean up the
remaining references as they're no longer needed.
2021-11-03 17:11:48 +02:00
Renovate Bot
0acdbde010
Update dependency @sentry/node to v6.14.0 2021-11-03 11:42:22 +00:00
Fabien O'Carroll
a0cad99a72 Added initial support for Members auto-login
refs https://github.com/TryGhost/Team/issues/1067

When the `membersAutoLogin` labs flag is enabled this will override the
successful redirect URL from Stripe Checkout - and instead use a magic
link, which will log the Member in.

Note that this will only work for brand new members. This is to stop
unauthorized access of Member accounts.
2021-11-03 11:17:02 +02:00
Renovate Bot
ada554e6f0
Update dependency sanitize-html to v2.5.3 2021-11-02 15:59:03 +00:00
Thibaut Patel
3f7448ae38 🐛 Fixed gscan crashing on invalid package.json
refs 7c2c9d54d8

- Gscan won't crash on invalid json, and display the list of failed rules instead
2021-11-02 16:57:26 +01:00
Fabien O'Carroll
b45e514cb1 🐛 Prevented unexecuted migrations from being rolled back
refs https://github.com/TryGhost/knex-migrator/issues/241

Previous to this bump if a migration was occuring across multiple
versions and a migration was to error, we would incorrectly rollback
migrations which had not run yet.

For example - assume we are on v1.0.0 and migrating to v1.3.0, and there are
migrations for v1.1.0, v1.2.0 & v1.3.0. In the case that a migration in
v1.2.0 fails, we will still attempt to rollback migrations from v1.3.0.

This is no longer the case, and we will only roll back migrations which
have already been run.
2021-11-02 16:27:15 +01:00
Renovate Bot
52ee74c16a Update dependency cssnano to v5.0.9 2021-11-02 15:22:27 +00:00
Fabien O'Carroll
0cb551d37b 🐛 Fixed handling of non-subscription invoices
refs https://github.com/TryGhost/Team/issues/887

This updates our webhook handling to ignore invoices which are not
associated with a subscriptions. This stops us from throwing 500 errors
when a Stripe account is used for more than just Member subscriptions,
for example - selling products, or taking one-off payments.
2021-11-02 15:40:03 +02:00
Naz
02da62ee48 Added limit service check for uploaded media filesize
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Uploading large files is costly and might cause DDoS. Limits would allow fair use of the site instance.
- The configureation in hostSettings to enable an "uploads" limit would look like following:
```
"hostSettings": {
    "limits": {
            "uploads": {
                "max": 5,
                "error": "Your plan supports uploads of max size up to {{max}}MB. Please upgrade to reenable uploading."
            }
    }
}
```
- Read more at ba37890be4/packages/limit-service (usage)
2021-11-03 00:33:28 +13:00
Fabien O'Carroll
c45afc7f26 🐛 Fixed email type when creating Members via API
refs https://github.com/TryGhost/Team/issues/1197

We were always sending the 'signin' email, rather than respecting the
email_type param passed to the API. This updates our email sending when
creating members to force the requested type if it's present.
2021-11-02 12:56:00 +02:00
Renovate Bot
30bc2f5090 Update dependency @tryghost/metrics to v1 2021-11-01 12:40:49 +00:00
Daniel Lockyer
46277b6718 v4.21.0 2021-10-29 16:00:28 +01:00
Renovate Bot
083b57a924 Update dependency @tryghost/logging to v1 2021-10-28 19:57:49 +01:00
Renovate Bot
858a9897d4 Update dependency @tryghost/update-check-service to v0.2.5 2021-10-28 17:43:41 +01:00
Renovate Bot
ca2c9b92cd Update dependency @tryghost/email-analytics-provider-mailgun to v1.0.5 2021-10-27 13:41:11 +01:00
Renovate Bot
650c88b3dd Update dependency @tryghost/email-analytics-service to v1.0.4 2021-10-27 12:07:52 +01:00
Daniel Lockyer
f4b48c1373 🔥 Added support for Node 16
refs https://github.com/TryGhost/Toolbox/issues/71

- Node 16 is now LTS so we're adding support in Ghost
- we're also bumping the minimum Node 14 version to 14.17.0 so we can merge
  dependencies who have higher Node 14 requirements than current
- this commit adds Node 16 to the `package.json` engines and to CI
- also bumps all dependencies that needed new versions to add Node 16
  support
2021-10-27 11:39:42 +01:00
Thibaut Patel
1b01036458 Removed the theme settings lab flag in gscan
refs https://github.com/TryGhost/Team/issues/1164

- theme settings are GA now
2021-10-26 17:46:29 +02:00
Daniel Lockyer
6802a61307
Merged v4.20.4 into main
v4.20.4
2021-10-26 13:21:41 +01:00
Daniel Lockyer
db4951795b v4.20.4 2021-10-26 13:20:31 +01:00
Thibaut Patel
5d9e237951
🐛 Fixed GScan crash on files starting with package.json
refs https://github.com/TryGhost/Team/issues/1185

- gscan was attempting to json parse all files starting with package.json
2021-10-26 12:03:54 +01:00
Thibaut Patel
82e42bfc8b
🐛 Fixed GScan falsely triggering the "unused theme setting" error
refs https://github.com/TryGhost/Team/issues/1183

- This gscan rule wasn't parsing the partials where the theme setting was used
2021-10-26 12:03:45 +01:00
Kevin Ansfield
b6f9a19b25
🐛 Fixed error from custom settings sync when theme name contains . chars
no issue

- bumped `@tryghost/custom-theme-settings-service`
- contains a fix for invalid filter strings being generated for theme names that contain `.` by wrapping the name in quotes, eg `theme:'4.1.1-my-theme'`
2021-10-26 12:02:52 +01:00
Thibaut Patel
e851e28b16 Fixed gscan crash on files starting with package.json
refs https://github.com/TryGhost/Team/issues/1185

- gscan was attempting to json parse all files starting with package.json
2021-10-26 12:23:11 +02:00
Thibaut Patel
e4ce745ab6 🐛 Fixed gscan falsely triggering the "unused theme setting" error
refs https://github.com/TryGhost/Team/issues/1183

- This gscan rule wasn't parsing the partials where the theme setting was used
2021-10-26 11:20:05 +02:00
Kevin Ansfield
af4c115fb3 🐛 Fixed error from custom settings sync when theme name contains . chars
no issue

- bumped `@tryghost/custom-theme-settings-service`
- contains a fix for invalid filter strings being generated for theme names that contain `.` by wrapping the name in quotes, eg `theme:'4.1.1-my-theme'`
2021-10-26 10:18:47 +01:00
Fabien O'Carroll
960828b646 Removed handling of invoice.payment_failed webhook
refs https://github.com/TryGhost/Team/issues/885

This webhook was not used to populate data, and was causing 404's when
checkout sessions were completed, but payment had failed. Removing it
should fix these 404's.
2021-10-25 14:34:45 +02:00
Fabien O'Carroll
a68b96001c Fixed max-complexity-warnings for members API
no-issue

This removes logic from the Members API controller, and into the Members
BREAD service, this allows our controllers to be simpler and easier to
maintain, as well as keeping the important logic all together.
2021-10-25 14:06:12 +02:00
Daniel Lockyer
cfb5323017
Merged v4.20.3 into main
v4.20.3
2021-10-25 11:32:31 +02:00
Daniel Lockyer
6f0357e670 v4.20.3 2021-10-25 10:28:23 +01:00
Kevin Ansfield
8e2568c776 🐛 Fixed error when a theme does not have a "config" object in it's package.json
no issue

- bumped `gscan` to version with an added guard check where it extracts custom theme settings from `config.custom`
2021-10-25 10:08:35 +01:00
renovate[bot]
d266dfe291
Update dependency @tryghost/members-api to v2.4.4 (#13670)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-25 10:05:37 +02:00
Daniel Lockyer
7302fc615c
Merged v4.20.2 into main
v4.20.2
2021-10-25 09:20:57 +02:00
Daniel Lockyer
3067fbe97c v4.20.2 2021-10-25 08:19:06 +01:00