Commit Graph

2944 Commits

Author SHA1 Message Date
Kevin Ansfield
f88fdfe363
Increased test timeout for HTML transform unit tests (#19490)
closes https://github.com/TryGhost/Product/issues/4086

- JSDOM require on CI has been found to occasionally be very slow causing random timeouts
- doubled test time to eliminate the noise
2024-01-16 11:16:46 +00:00
Simon Backx
709a0cf3c4
🐛 Fixed error logging crash when email recipients count if off by 1% (#19485)
no issue

When creating the batches when sending an email, we log a message to
Sentry when there is an unexpected offset of 1% between creating the
email and actually creating the batch recipients. We used a method that
was not mapped in our Sentry proxy.

Location of error: ghost/email-service/lib/BatchSendingService.js:286
2024-01-15 16:21:11 +01:00
Michael Barrett
ed0762fb51
Removed usage of yg when using NQL (#19287)
refs https://github.com/TryGhost/NQL/pull/73

The referenced PR removes `yg` from the parsed NQL output, so we also
need to remove any usage of it in Ghost
2024-01-15 14:40:01 +00:00
renovate[bot]
524f73c545 Update dependency socket.io to v4.7.4 2024-01-14 20:54:29 +00:00
Daniel Lockyer
be6b9e437f Refactored fetching schema tables in data generator
- we want to pass in the schema tables instead of cross requiring them
  from a different package because it means the package isn't standalone
  and moving the code structure around breaks the data generator
2024-01-13 18:28:14 +01:00
renovate[bot]
09921fd2b4 Update dependency @sentry/profiling-node to v1.3.5 2024-01-12 18:05:56 +00:00
renovate[bot]
84c2fe9051 Update dependency @sentry/profiling-node to v1.3.4 2024-01-11 17:05:58 +00:00
renovate[bot]
78e2c10d3c Update dependency newrelic to v11.9.0 2024-01-10 22:17:49 +00:00
renovate[bot]
3f9598d14c Update dependency @sentry/profiling-node to v1.3.3 2024-01-08 21:57:00 +00:00
renovate[bot]
0b0c177952 Update dependency mysql2 to v3.7.0 2024-01-08 01:45:46 +00:00
Daniel Lockyer
18599fb9ce
Merged v5.75.3 into main
v5.75.3
2024-01-05 15:24:59 +01:00
Ghost CI
f21f025659 v5.75.3 2024-01-05 13:58:49 +00:00
Simon Backx
d2cb23c3fa
Wired up Docker setup script and increased data generation performance (#19420)
ref PROD-233

- Stored whether Docker is used in the config files
- When running `yarn setup`, any existing Docker container will be
reset. Run with `-y` to skip the confirmation step.
- `yarn setup` will always init the database and generate fake data
- Increased amount of default generated data to 100,000 members + 500
posts.
- Made lots of performance improvements in the data generator so we can
generate the default data in ±170s
2024-01-05 13:42:30 +00:00
Daniel Lockyer
d2ab091599
Updated snapshots for the new year
- these shouldn't be hardcoded but it changes so infrequently that we
  can just update the snapshots for now and then fix it at a later point
2024-01-05 13:31:07 +00:00
Daniel Lockyer
a667b160c1
Lazyloaded @sentry/profiling-node dependency
- we don't need to load this if we haven't configured Node profiling to occur
- this might help fix random segfaults we've been seeing in CI, which
  only started occurring after this dependency was added
2024-01-05 13:30:21 +00:00
Michael Barrett
b639993a1b
Removed Sentry Express integration (#19443)
no refs

Removed Sentry Express integration as it is not compatible with Ghost's
use of Express
2024-01-05 13:02:29 +00:00
Michael Barrett
06a413c807
Updated Sentry env to use PRO_ENV when available (#19441)
refs
[ARCH-33](https://linear.app/tryghost/issue/ARCH-33/fix-sentry-environment)

To ensure that we are correctly identifying the environment that data is
being sent to Sentry from, we can use the `PRO_ENV` environment variable
if it is available. This will be set to `production` in production and
`staging` in staging. If `PRO_ENV` is not available, we will fall back
to retrieving the environment from config (`env`)
2024-01-05 13:02:29 +00:00
Chris Raible
0feebfcf63
Added Sentry Profiling to Ghost server (#19319)
refs ARCH-29

- Added Sentry Profiling to collect more detailed performance data on
the backend.
- This feature is opt-in behind a config. To enable profiling, first
enable tracing with `sentry.tracing.enabled: true`, then set
`sentry.profiling.enabled: true` and `sentry.profiling.sampleRate` to a
decimal number between 0 and 1.
2024-01-05 12:57:18 +00:00
Michael Barrett
bd6bfe13c0
Added custom Sentry integration for Knex.js (#19315)
no refs

Added custom Sentry integration for Knex.js to trace database queries in
Sentry
2024-01-05 12:54:26 +00:00
Chris Raible
f91d046f5e
Added Sentry performance monitoring to Ghost Server (#19243)
refs ARCH-21

- We currently have NewRelic setup for a few of our largest customers
for monitoring performance, but it is too expensive to enable across all
sites
- Sentry has similar (but simpler) performance monitoring tools to keep
track of response times that are available to us for free, but we just
haven't configured them
- This PR sets up Sentry Performance monitoring for API requests so we
can have one place for monitoring errors + performance so we can stay on
top of response times more easily.
- Tracing is disabled by default, so there is no additional overhead
unless `sentry.tracing.enabled` is set to `true` in the site's config.
Additionally, `sentry.tracing.sampleRate` should be set to a decimal
value between 0 and 1. This value defaults to 0 to avoid accidentally
blowing through quota, and requires a value to explicitly be set in
order to send the traces to Sentry.
2024-01-05 12:53:36 +00:00
Michael Barrett
1263cf148e
Updated Sentry env to use PRO_ENV when available (#19441)
refs
[ARCH-33](https://linear.app/tryghost/issue/ARCH-33/fix-sentry-environment)

To ensure that we are correctly identifying the environment that data is
being sent to Sentry from, we can use the `PRO_ENV` environment variable
if it is available. This will be set to `production` in production and
`staging` in staging. If `PRO_ENV` is not available, we will fall back
to retrieving the environment from config (`env`)
2024-01-05 12:10:39 +00:00
renovate[bot]
1fa2a11cbc Update dependency knex-migrator to v5.1.7 2024-01-05 12:32:45 +01:00
renovate[bot]
85f3ef3d14 Update dependency postcss to v8.4.33 2024-01-05 11:05:49 +01:00
renovate[bot]
ce5466d017 Update dependency sqlite3 to v5.1.7 2024-01-05 11:05:15 +01:00
Michael Barrett
2d28dbe2fd
Removed Sentry Express integration (#19443)
no refs

Removed Sentry Express integration as it is not compatible with Ghost's
use of Express
2024-01-04 14:31:57 +00:00
renovate[bot]
dc45d5285a Update dependency cssnano to v6.0.3 2024-01-04 10:44:39 +01:00
Sag
1f5a42d34c
Added webmentions endpoint to robots.txt disallow (#19433)
fixes PROD-290

- in order to receive webmentions (e.g. recommendations), Ghost sites
expose a /webmentions/receive endpoint. This endpoint is wrongly being
indexed by Google as a regular page, and causes indexing errors in
Google Search Console
2024-01-03 17:30:37 +00:00
renovate[bot]
668e51e631 Update dependency newrelic to v11.8.0 2024-01-03 16:20:33 +00:00
renovate[bot]
56fd992a1f Update dependency image-size to v1.1.1 2024-01-02 17:41:16 +00:00
renovate[bot]
9e2558931f
🐛 Fixed signup card background color and editor crash when typing :, or :| (#19421)
refs https://github.com/TryGhost/Ghost/issues/19282
refs https://github.com/TryGhost/Koenig/pull/1136

- fixes signup card background color
- fixes crash when typing `:,` or `:|` or similar
2024-01-02 17:26:55 +00:00
renovate[bot]
43dbc4ca89 Update dependency cssnano to v6.0.2 2024-01-02 09:46:50 +01:00
renovate[bot]
e90e403aca Update dependency ws to v8.16.0 2024-01-02 08:39:49 +00:00
Daniel Lockyer
a86bf46347 Updated snapshots for the new year
- these shouldn't be hardcoded but it changes so infrequently that we
  can just update the snapshots for now and then fix it at a later point
2024-01-02 09:07:55 +01:00
Daniel Lockyer
d21ab1aa4e Lazyloaded @sentry/profiling-node dependency
- we don't need to load this if we haven't configured Node profiling to occur
- this might help fix random segfaults we've been seeing in CI, which
  only started occurring after this dependency was added
2024-01-02 09:07:55 +01:00
renovate[bot]
9f2365209d Update dependency image-size to v1.1.0 2023-12-28 15:32:30 +00:00
renovate[bot]
bce90d5337 Update dependency newrelic to v11.7.0 2023-12-14 22:01:01 +00:00
Daniel Lockyer
47f50e2d35
Merged v5.75.2 into main
v5.75.2
2023-12-14 13:51:23 +01:00
Ghost CI
c2ad349b78 v5.75.2 2023-12-14 12:34:56 +00:00
Sanne de Vries
255d1b1740
Added site url link to newsletter header image (#19380)
No ref
2023-12-14 12:08:10 +00:00
Chris Raible
a33ce7c20c
Added Sentry Profiling to Ghost server (#19319)
refs ARCH-29

- Added Sentry Profiling to collect more detailed performance data on
the backend.
- This feature is opt-in behind a config. To enable profiling, first
enable tracing with `sentry.tracing.enabled: true`, then set
`sentry.profiling.enabled: true` and `sentry.profiling.sampleRate` to a
decimal number between 0 and 1.
2023-12-13 21:53:19 -08:00
Joel DeSante
dc7e2b9261
🐛Fixed XSS vulnerability involving post excerpts (#17190)
closes https://github.com/TryGhost/Ghost/issues/17058

- Uses the lodash `escape` function.
- Avoids XSS vulnerabilities in post excerpts.
2023-12-13 15:23:48 -06:00
Daniel Lockyer
20b0890a02 Cleaned up duplicate await
- noticed whilst bouncing around the codebase
- shouldn't change anything but it gets rid of some tsserver warnings
2023-12-13 11:54:31 +01:00
Chris Raible
c90e033fcf
Added an email rendering test for all Koenig cards (#19059)
refs TryGhost/Product#4125

This PR adds two new integration tests to ensure all our Koenig cards
are rendered properly after going through the EmailRenderer. Although we
have thorough tests for the cards themselves in the Koenig repo, the
EmailRenderer does post-processing on the rendered HTML, such as
inlining CSS, which can adversely impact the rendered output of our
cards in email clients (usually Outlook).

Since email newsletters are a core feature of Ghost, these bugs are
typically fairly urgent, and since it is email, they are also quite
difficult to troubleshoot and fix. These two tests are intended to
prevent bugs of this sort, which in the past have been created by
seemingly harmless changes like bumping dependencies that are used in
the EmailRenderer.

The idea is to create a 'Golden Post' which has at least 1 of every card
from Koenig, run that post through the EmailRenderer, and take a
snapshot of the rendered HTML. In the future, if we make any changes to
the EmailRenderer or the Koenig cards themselves, this will trigger us
to carefully consider the changes, and it provides an 'expected' output
to compare our changes against.

Additionally, the second test simply checks that all cards from
`kg-default-nodes` are included in the 'Golden Post'. This protects
against any new cards that we will add in the future — as soon as we add
them to Koenig and bump `kg-default-nodes` in Ghost, this test will
fail, prompting us to add the new card to the Golden Post and update the
snapshots.

We should also run the 'Golden Post' through a test in Litmus, which
allows us to visually inspect the rendered email across many different
email clients. Ideally we would create a process to review the output of
the 'Golden Post' in Litmus whenever we update the snapshot as well.
2023-12-12 16:05:04 -08:00
renovate[bot]
45891f83b1 Update dependency ws to v8.15.1 2023-12-12 21:10:38 +00:00
Kevin Ansfield
565b9b245e
🐛 Fixed callout card not rendering all inline formats (#19343)
refs https://github.com/TryGhost/Ghost/issues/19129

- bumps Koenig packages containing fix for callout card rendering
2023-12-12 19:00:32 +00:00
Kevin Ansfield
9706754d6a
🐛 Fixed quote and aside formatting being lost in single-block snippets (#19341)
refs https://github.com/TryGhost/Product/issues/4197

- bumped Koenig packages containing fix for snippets capturing plain text when only the text of an aside or quote block is selected
2023-12-12 17:56:21 +00:00
Simon Backx
60fb2e3139
Added quantities and seed option to the data generator (#19330)
ref PROD-243
2023-12-12 12:50:55 +01:00
Michael Barrett
95eaaad459
Added custom Sentry integration for Knex.js (#19315)
no refs

Added custom Sentry integration for Knex.js to trace database queries in
Sentry
2023-12-12 11:09:49 +00:00
Sanne de Vries
98ff45647c
🎨 Updated editor layout to be more mobile friendly (#19327)
Refs https://github.com/TryGhost/Ghost/issues/18690
2023-12-12 11:51:59 +01:00
Steve Larson
ccc9c9bdd8
Removed emoji picker feature flag (#19314)
closes TryGhost/Product#4109
- requires new editor packages which are bumped in this commit
2023-12-11 09:51:37 -06:00
Kevin Ansfield
1479c55068
🐛 Fixed video uploads hanging in editor when using iOS (#19302)
refs https://github.com/TryGhost/Koenig/issues/1121

- bumps `@tryghost/koenig-lexical` to version including fix (https://github.com/TryGhost/Koenig/pull/1122)
2023-12-11 11:27:59 +00:00
Ronald Langeveld
c969dd18a8
Revert "Fixed private mode cookie for local development (#17938)" (#19298)
This reverts commit f303eee8a4.

refs https://ghost.slack.com/archives/C0568LN2CGJ/p1702277420152709
https://linear.app/tryghost/issue/PROD-46/rss-url-for-private-mode-site-is-hardcoded
2023-12-11 09:18:03 +00:00
renovate[bot]
9fae565673 Update sentry-javascript monorepo to v7.86.0 2023-12-11 09:48:49 +01:00
renovate[bot]
2caf1ec93a Update dependency ws to v8.15.0 2023-12-11 03:41:38 +00:00
renovate[bot]
8cbf133614 Update dependency newrelic to v11.6.1 2023-12-07 19:41:46 +00:00
Daniel Lockyer
db16e565bc Added --print-dependencies to data generator
refs https://github.com/TryGhost/DevOps/issues/119

- this allows you to debug the dependency chain to understand why a
  particular table is being generated
2023-12-07 14:44:00 +01:00
Chris Raible
1b43b5c60a
Added Sentry performance monitoring to Ghost Server (#19243)
refs ARCH-21

- We currently have NewRelic setup for a few of our largest customers
for monitoring performance, but it is too expensive to enable across all
sites
- Sentry has similar (but simpler) performance monitoring tools to keep
track of response times that are available to us for free, but we just
haven't configured them
- This PR sets up Sentry Performance monitoring for API requests so we
can have one place for monitoring errors + performance so we can stay on
top of response times more easily.
- Tracing is disabled by default, so there is no additional overhead
unless `sentry.tracing.enabled` is set to `true` in the site's config.
Additionally, `sentry.tracing.sampleRate` should be set to a decimal
value between 0 and 1. This value defaults to 0 to avoid accidentally
blowing through quota, and requires a value to explicitly be set in
order to send the traces to Sentry.
2023-12-06 15:04:35 -08:00
Steve Larson
d696e8b2e2
Added support for TK tracking inside cards (#19247)
refs https://github.com/TryGhost/Product/issues/4209

- bumped Koenig packages
  - `koenig-lexical` added nested editor TK support
  - all packages dropped Node 16 support
- switched to using `isTKEnabled` prop and `<TKCountPlugin>`

Co-authored-by: Kevin Ansfield <kevin@lookingsideways.co.uk>
2023-12-06 11:32:36 +00:00
Simon Backx
3f6ea04c43
Added portal default plan setting (#19238)
fixes PROD-61

This adds a new default plan setting. It defaults to yearly, which is
the current default selected interval in Portal.

Behind the new portal improvements feature flag, the default plan can be
changed. It will also change automatically if the available intervals
are changed.

This PR also wires up passing the new setting to the Portal preview.
2023-12-06 11:39:58 +01:00
Simon Backx
7c8a141264 Bumped Portal to 2.37.x
no issue
2023-12-06 11:30:47 +01:00
renovate[bot]
351e93ebca Update dependency lib0 to v0.2.88 2023-12-04 22:09:17 +01:00
renovate[bot]
e2a6a83fb6 Update sentry-javascript monorepo to v7.85.0 2023-12-04 22:05:42 +01:00
Djordje Vlaisavljevic
36294c6482 Added feature flag for portal improvements
refs GRO-154
2023-12-04 18:16:23 +00:00
Ghost CI
feb15d2273 Merged v5.75.1 into main 2023-12-04 14:56:08 +00:00
Ghost CI
9ac050dfe9 v5.75.1 2023-12-04 14:56:05 +00:00
renovate[bot]
50d40f298f Update dependency knex-migrator to v5.1.6 2023-12-04 15:21:00 +01:00
renovate[bot]
6f3d16f75b Update dependency postcss to v8.4.32 2023-12-04 08:37:46 +01:00
Ghost CI
90656aa047 v5.75.0 2023-12-01 16:04:16 +00:00
Ghost CI
643ec589a9 🎨 Updated Source to v1.1.2 2023-12-01 16:04:16 +00:00
renovate[bot]
de2482736e Update sentry-javascript monorepo to v7.84.0 2023-12-01 08:58:32 +01:00
Jono M
642c7f39cd
Fixed bugs with newsletter creation in admin (#19201)
refs ADM-4
2023-11-30 15:07:02 +00:00
Daniel Lockyer
4d029c4812 Fixed generating fallback context unnecessarily
fixes https://github.com/TryGhost/Product/issues/4216

When generating page/post metadata, we generate a "context object" from
several meta helpers. In the event there is no context from the resource
type, we generate a fallback object.

However... we generate this fallback object no matter what.

Now, the fallback object is just 3x settingsCache.get, which should be
fast, but it's not. I've opened a separate issue for that: https://github.com/TryGhost/Product/issues/4217

In the mean time, we can switch this logic around to only do these calls
when we have no other context.

From testing, this allows for 10% more throughput on a post 🤯
2023-11-30 10:39:35 +01:00
Simon Backx
ab21b8ae1d
Allowed custom/empty replyTo for newsletters with managed sending domain (#19183)
fixes GRO-75
fixes GRO-100

And allow them to be empty
2023-11-30 09:16:03 +00:00
renovate[bot]
8fc6fef168 Update dependency newrelic to v11.6.0 2023-11-29 15:59:56 +00:00
Sag
f8ad5fb2ea
Updated Portal to use calculated support and default email addresses (#19163)
fixes GRO-72

- added "default_email_address" and "support_email_address" to the
public settings
- when available, use these addresses in Portal. Otherwise, fallback to
current logic
2023-11-29 09:48:05 -03:00
renovate[bot]
d5f3b26e87 Update sentry-javascript monorepo to v7.83.0 2023-11-29 12:29:34 +01:00
Jono M
3f70cc08b7
Fixed create offer API not returning created_at (#19143)
refs https://github.com/TryGhost/Product/issues/4196

The offers API basically returns the data you pass to it, rather than
the created database record. It looks like this is how it was intended
to work in the first place; the `setMilliseconds` is because the test
helper expects `.000Z`, which I assume is because MySQL will strip off
the milliseconds when it's saved.
2023-11-28 15:11:35 +00:00
Simon Backx
3687feca07
Updated support email address verification for DMARC changes (#19147)
fixes GRO-71

- Current flow: unchanged
- New managed flow: verification required
- New managed flow with custom sending domain: only verification
required for different domains
- Self hosters (feature flag): no verification required
2023-11-28 15:06:58 +01:00
Ghost CI
be6916f066 Merged v5.74.5 into main 2023-11-28 12:58:26 +00:00
Ghost CI
df3eea908a v5.74.5 2023-11-28 12:58:24 +00:00
Fabien "egg" O'Carroll
07f9564eea 🔐 Restricted reading files from outside the theme directory
closes https://github.com/TryGhost/Product/issues/4191

Without this patch, themes can read arbitrary files from your system and
expose them to the internet via the layout feature of express-hbs.

For example `{{!< ../../../../config.production.json}}` would spit out config,
which can contain secrets.

As theme upload is restricted to users with the Admin role, this mostly effects
hosting providers which use their own secret keys for e.g. mail or database config
2023-11-28 12:46:06 +00:00
Fabien 'egg' O'Carroll
616247b6d5
Indexed over members_newsletters(newsletter_id, member_id) (#19156)
refs https://github.com/TryGhost/Product/issues/4181

We were seeing slow queries when joining on this table, and the index
speeds them up. The down migration is tricky because when we add the
index MySQL can optimise away some `KEY` indexes on the `newsletter_id`
column. When we then go to remove the newly created index, there is no
index for the FK! 

We also remove the use of `force index` as 1. the index we're forcing is
optimised away and 2. we don't need it anymore!


Co-authored-by: Daniel Lockyer <hi@daniellockyer.com>
2023-11-28 12:20:14 +00:00
renovate[bot]
7d564d4173 Update dependency fs-extra to v11.2.0 2023-11-28 11:54:44 +01:00
Steve Larson
e2807475f8
Updated editor packages (#19151)
closes TryGhost/Product#4204
- updated editor packages to get improvements to TK Plugin
2023-11-27 18:02:26 -06:00
Sag
54ee8d3389
Updated newsletter email verification to render the verified address (#19148)
refs GRO-80
- added a new meta field "email_verified" to the /verification endpoint
for newsletters. This meta field contains which email has been verified,
"sender_email" or "sender_reply_to"
- updated copy in newsletter settings, based on which email has been
verified
2023-11-27 18:28:57 +00:00
Simon Backx
6c37382bc3
Fixed requiring verification email for default address (#19140)
fixes GRO-79

When changing the Reply-To to the default address, the verification
email is now skipped.
2023-11-27 10:45:34 +00:00
Ghost CI
d30a6633ab v5.74.4 2023-11-27 07:56:41 +00:00
Ghost CI
bae7ca957d 🎨 Updated Source to v1.1.1 2023-11-27 07:56:41 +00:00
Daniel Lockyer
28e59b5444
Merged tag 'v5.74.3' into main
v5.74.3
2023-11-27 08:48:04 +01:00
Ghost CI
c6b86abb12 v5.74.3 2023-11-24 14:55:14 +00:00
Simon Backx
a037ce3dde
Added calculated email address settings (#19115)
fixes GRO-73

We need to avoid duplicating the complex logic for determining the
default email address and the support email address. So these are now
exposed as calculated settings.
2023-11-23 13:07:15 +00:00
Simon Backx
17ec1e8937
Added email address alignment protections (#19094)
ref GRO-54
fixes GRO-63
fixes GRO-62
fixes GRO-69

When the config `hostSettings:managedEmail:enabled` is enabled, or the
new flag (`newEmailAddresses`) is enabled for self-hosters, we'll start
to check the from addresses of all outgoing emails more strictly.

- Current flow: nothing changes if the managedEmail config is not set or
the `newEmailAddresses` feature flag is not set
- When managedEmail is enabled: never allow to send an email from any
chosen email. We always use `mail.from` for all outgoing emails. Custom
addresses should be set as replyTo instead. Changing the newsletter
sender_email is not allowed anymore (and ignored if it is set).
- When managedEmail is enabled with a custom sending domain: if a from
address doesn't match the sending domain, we'll default to mail.from and
use the original as a replyTo if appropriate and only when no other
replyTo was set. A newsletter sender email addresss can only be set to
an email address on this domain.
- When `newEmailAddresses` is enabled: self hosters are free to set all
email addresses to whatever they want, without verification. In addition
to that, we stop making up our own email addresses and send from
`mail.from` by default instead of generating a `noreply`+ `@` +
`sitedomain.com` address

A more in depth example of all cases can be seen in
`ghost/core/test/integration/services/email-addresses.test.js`

Includes lots of new E2E tests for most new situations. Apart from that,
all email snapshots are changed because the from and replyTo addresses
are now included in snapshots (so we can see unexpected changes in the
future).

Dropped test coverage requirement, because tests were failing coverage
locally, but not in CI

Fixed settings test that set the site title to an array - bug tracked in
GRO-68
2023-11-23 10:25:30 +01:00
Chris Raible
a97e2b823e
Added error handling to Sentry's beforeSend (#19109)
refs TryGhost/Product#4175

- Added error handling to Sentry's beforeSend function in both Admin and
Core, so if there is any error in beforeSend, we will still send the
unmodified event to Sentry
- This is in response to an incident yesterday wherein the beforeSend
function threw an error due to an unexpected missing value in the
exception. The event sent to Sentry was the error in the beforeSend
function, and the original error never reached Sentry.
- If the original event had reached Sentry, even if unmodified by the
logic in beforeSend, we could have been alerted to the issue sooner and
more easily identified all affected sites.
- Also added defensive logic to protect for certain values in the
exception passed to beforeSend not existing and added unit tests for the
beforeSend function in admin and core
2023-11-23 02:46:50 +00:00
Jono Mingard
efc0f68b96 Merge tag 'v5.74.2'
v5.74.2
2023-11-22 14:53:42 +00:00
Ghost CI
5299d1176e v5.74.2 2023-11-22 14:37:51 +00:00
Steve Larson
0954e08cf9
🐛 Fixed creating posts with an empty root (#19098) (#19099)
refs TryGhost/Product#4156
- bumped renderer package to handle empty root node
2023-11-22 08:26:09 -06:00
Steve Larson
03fec65fd5
🐛 Fixed creating posts with an empty root (#19098)
refs TryGhost/Product#4156
- bumped renderer package to handle empty root node
2023-11-22 14:18:26 +00:00
Daniel Lockyer
8debc4eb02 Forced use of specific index on members_newsletters
refs https://github.com/TryGhost/Product/issues/4181

- we've seen MySQL change its query planner to use a different index
  than the ideal one, resulting in drastically slower query performance
  when fetching newsletters with the member count
- this forces the use of the ideal index on MySQL
- this kept many of the Ghost team up overnight, so I hope MySQL is
  happy
2023-11-22 15:12:42 +01:00
renovate[bot]
e01c87800e Update dependency mysql2 to v3.6.5 2023-11-22 00:59:57 +00:00
Ghost CI
6941ef0148 Merged v5.74.1 into main 2023-11-21 16:49:06 +00:00
Ghost CI
34dc2f8c1e v5.74.1 2023-11-21 16:49:03 +00:00
renovate[bot]
56d18edf0e Update sentry-javascript monorepo to v7.81.1 2023-11-21 15:05:41 +01:00
renovate[bot]
98941cef3a Update dependency yjs to v13.6.10 2023-11-21 11:53:03 +00:00
Simon Backx
b6519e0f1f
Removed usage of unquoted ids in filter strings (#19070)
fixes GRO-34
fixes GRO-33

This is a revision of a previous commit, that broke the browser tests
because changes in the data generator (requiring bookshelf had side
effects).

This adds a new way to run all tests with enforced numeric ObjectIDs.
These numeric ids cause issues if they are used withing NQL filters. So
they surface tiny bugs in our codebase.

You can run tests using this option via:
NUMERIC_IDS=1 yarn test:e2e

Removed some defensive logic that could be explained by this discovered
issue.
2023-11-21 09:45:36 +01:00
renovate[bot]
fedda8b898 Update dependency mysql2 to v3.6.4 2023-11-21 08:14:56 +00:00
Ronald Langeveld
83a1060983
Added last redeemed property to Offers (#19066)
refs https://github.com/TryGhost/Product/issues/4153

- wired up a new last_redeemed prop to the Offers API endpoint.
2023-11-21 08:02:15 +00:00
Steve Larson
a398067159
Added TK reminders labs feature (#19057)
refs TryGhost/Product#4156
2023-11-20 23:30:16 +00:00
renovate[bot]
7a3ae4ab75 Update sentry-javascript monorepo to v7.81.0 2023-11-20 16:57:32 +01:00
Michael Barrett
55392646e1
Refined cache invalidation when updating a user (#19028)
refs https://github.com/TryGhost/Arch/issues/101

Refined the cache invalidation logic so that when updating a user, we
only invalidate the cache when an attribute of the user that is used on
the frontend changes.
2023-11-20 14:14:30 +00:00
Simon Backx
d5492bd63c
Revert "Removed usage of unquoted ids in filter strings" (#19052)
Reverts TryGhost/Ghost#19031

Browser tests are failing with an unknown cause
2023-11-20 13:50:07 +00:00
Jono M
a93c665d20
Created a skeleton AdminX demo app (#19005)
refs https://github.com/TryGhost/Product/issues/4152

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖[[deprecated]](https://githubnext.com/copilot-for-prs-sunset)
Generated by Copilot at a28462f</samp>

This pull request adds a new admin-x app called `admin-x-demo`, which
demonstrates how to use the shared packages `admin-x-framework` and
`admin-x-design-system` to create a simple app that renders a button and
a modal. It also improves the development workflow, the vite
integration, the dependency management, and the type checking for the
admin-x apps and packages. It modifies some files in the
`admin-x-framework` and `admin-x-design-system` packages to make the
modals prop optional, to introduce a new type for the props from the
Ember app, to fix the z-index of the modal backdrop, and to use
consistent file extensions and module syntax.
2023-11-20 13:30:15 +00:00
Simon Backx
320eaac4c4
Removed usage of unquoted ids in filter strings (#19031)
fixes GRO-34
fixes GRO-33

This also adds a new way to run all tests with enforced numeric ObjectIDs.
These numeric ids cause issues if they are used withing NQL filters. So they
surface tiny bugs in our codebase.

You can run tests using this option via:
NUMERIC_IDS=1 yarn test:e2e

Also removed some defensive logic that could be explained by unquoted ids.
2023-11-20 14:00:31 +01:00
Kevin Ansfield
1be490ae9e
Reduced size of social metadata images (#19048)
refs https://github.com/TryGhost/Product/issues/4140

- added `social-image` image size to our `internalImagesSizes` list with a max-width of 1200
- extracted image utils from `{{img_url}}` helper to a utils file for re-use
- updated `getImageDimensions` method that reads image dimensions and modifies the finalised `metaData` object before use to adjust dimensions and associated URLs to match max width of 1200px
2023-11-20 12:39:51 +00:00
renovate[bot]
0cf25d0afe Update dependency yjs to v13.6.9 2023-11-20 12:25:48 +00:00
Jono M
5e057dee11
Added tests to AdminX framework package (#19022)
refs https://github.com/TryGhost/Product/issues/4159

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖[[deprecated]](https://githubnext.com/copilot-for-prs-sunset)
Generated by Copilot at 9e68f4d</samp>

This pull request refactors several components in the `admin-x-settings`
app to use common hooks from the `@tryghost/admin-x-framework` package,
which reduces code duplication and improves consistency. It also updates
the `package.json` file and adds unit tests for the `admin-x-framework`
package, which improves the formatting, testing, and dependency
management. Additionally, it makes some minor changes to the `hooks.ts`,
`FrameworkProvider.tsx`, and `.eslintrc.cjs` files in the
`admin-x-framework` package, which enhance the public API and the
linting configuration.
2023-11-20 11:00:51 +00:00
Ghost CI
a1d7aa6dba v5.74.0 2023-11-17 16:05:58 +00:00
Ghost CI
d77ef5de7c 🎨 Updated Source to v1.1.1 2023-11-17 16:05:58 +00:00
Simon Backx
32d0d2b293 Added filter to filter members by email disabled
fixes GRO-23

Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
Co-authored-by: Sag <guptazy@gmail.com>
2023-11-16 19:16:20 +01:00
Sag
69ee4a5ff5
Added option to unsubscribe in one-click from emails (#19032)
refs https://github.com/TryGhost/Product/issues/4051
- added a "List-Unsubscribe" header to emails, in compliance with the
RFC 8058 requirements
- Gmail, Apple Mail, Yahoo Mail, and other popular email clients offer
an option to unsubscribe in one-click, based on the "List-Unsubscribe"
header. Some require an HTTPS endpoint, some a mailto address; both
options are provided in the "List-Unsubscribe" header

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
2023-11-16 14:50:24 -03:00
Daniel Lockyer
5acecf2cae ️ Improved GScan performance for themes with many partials
refs https://github.com/TryGhost/DevOps/issues/3
refs b6d8e0192a

- see referenced commit for full context but this should improve the
  theme check time for themes with a large number of files and partials
- locally, checking a particularly heavy theme goes from 5s to 1.7s with this
  commit, and the improvement is larger on slower machines
2023-11-16 13:55:57 +01:00
Simon Backx
e3cdc24d6b
Added test to test default theme against linked gscan version (#19020)
fixes GRO-32

If we ever introduce errors in the linked source theme and linked gscan
version combination, this test will catch it.
2023-11-16 12:03:00 +00:00
Simon Backx
3a78cf48c9
Fixed deleting session when requesting identity for invalid session (#19017)
ref https://ghost.slack.com/archives/C02G9E68C/p1700129928489809

- When the GET /api/session endpoint is called, the session is deleted
if it is invalid
- We don't have a body parser for this GET endoint, and the request
object was passed to the deleteSession handler. This caused a type error
(cannot read properties of undefined)
- We had dangling promise because deleteSession is async and wasn't
awaited, causing random errors in tests
- Added a test that would have caught this earlier
2023-11-16 11:01:50 +00:00
Ronald Langeveld
2bd597fe0d
Added createdAt prop to Offers API request. (#19012)
refs https://github.com/TryGhost/Product/issues/4153

- We need use the `created_at` timestamp in the new AdminX offers. The
API doesn't return that value.
- With this change the API returns the created_at property so that we
can consume it.
---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖[[deprecated]](https://githubnext.com/copilot-for-prs-sunset)
Generated by Copilot at dc282af</samp>

This pull request adds a `createdAt` property to the offer domain model,
data transfer object, and repository. This allows tracking and auditing
the creation and modification of offers and offer codes in
`ghost/offers`.
2023-11-16 17:33:01 +07:00
Simon Backx
e5f644c27f
🐛 Fixed contain/starts/endsWith filters with /, _ or % in them (#19015)
fixes GRO-25

Updated @tryghost/nql to 0.12.0 and other packages that depend on it

1. SQLite: when a filter string contains /.

When we use a NQL contain/starts/endsWith filter that contains a slash,
underlyingly the whole filter will get converted to a MongoDB query, in
which we just use a regexp to represent the filter. In here we will
escape the slash: \/ as expected in a regexp. Later when we convert this
MongoDB query back to knex/SQL, we use a SQL LIKE query. Currently we
don't remove the escaping here for a normal slash. MySQL seems to ignore
this (kinda incorrect). SQLite doesn't like it, and this breaks queries
on SQLite that use slashes. The solution here is simple: remove the
backslash escaping when converting the regexp to LIKE, just like we do
with other special regexp characters.

2. We don't escape % and _, which have a special meaning in LIKE queries

Usage of % and _ is now as expected and doesn't have the special SQL
meaning anymore.
2023-11-16 09:35:20 +00:00
Steve Larson
d0fa385848
Added jpeg compression (#19006)
refs TryGhost/Product#4140
- bumped image-transform to add jpeg compression
2023-11-15 23:30:48 +00:00
Steve Larson
40a8e969b8
Revert "Bumped image transform package (#19003)" (#19004)
This reverts commit 557c01f48c.
2023-11-15 20:25:29 +00:00
Steve Larson
557c01f48c
Bumped image transform package (#19003)
refs TryGhost/Product#4140
- adds compression for jpeg > jpeg or any > jpeg asset generation
2023-11-15 19:14:23 +00:00
Simon Backx
75bb53f065
🔒 Added support for logging out members on all devices (#18935)
fixes https://github.com/TryGhost/Product/issues/3738
https://www.notion.so/ghost/Member-Session-Invalidation-13254316f2244c34bcbc65c101eb5cc4

- Adds the transient_id column to the members table. This defaults to
email, to keep it backwards compatible (not logging out all existing
sessions)
- Instead of using the email in the cookies, we now use the transient_id
- Updating the transient_id means invalidating all sessions of a member
- Adds an endpoint to the admin api to log out a member from all devices
- Added the `all` body property to the DELETE session endpoint in the
members API. Setting it to true will sign a member out from all devices.
- Adds a UI button in Admin to sign a member out from all devices
- Portal 'sign out of all devices' will not be added for now

Related changes (added because these areas were affected by the code
changes):
- Adds a serializer to member events / activity feed endpoints - all
member fields were returned here, so the transient_id would also be
returned - which is not needed and bloats the API response size
(`transient_id` is not a secret because the cookies are signed)
- Removed `loadMemberSession` from public settings browse (not used
anymore + bad pattern)

Performance tests on site with 50.000 members (on Macbook M1 Pro):
- Migrate: 6s (adding column 4s, setting to email is 1s, dropping
nullable: 1s)
- Rollback: 2s
2023-11-15 17:10:28 +01:00
Kevin Ansfield
3358ba305b
🐛 Fixed highlight formatting not showing in rendered posts (#18997)
closes https://github.com/TryGhost/Product/issues/4144

- bumped `@tryghost/kg-lexical-html-renderer` which adds highlight (`<mark>`) support
2023-11-15 14:08:14 +00:00
Kevin Ansfield
26554bc206
Improved lexical render performance (#18967)
closes https://github.com/TryGhost/Product/issues/4133

- we were creating a new JSDOM instance every time we rendered a card which lowered performance because JSDOM instantiation is heavy
- updated Koenig packages to remove the need for passing in an external `createDocument` option method as they now re-use the renderer's internal single instance of JSDOM
2023-11-15 12:33:22 +00:00
Daniel Lockyer
05977d5c26 Added boot time performance test to CI
refs https://github.com/TryGhost/DevOps/issues/105

- this will run a small benchmark on the boot time for Ghost, and push
  the stats to another repository which has GitHub Pages enabled, so we
  can visualise the change over time
- will only run on pushes to `main` so we don't pollute the stats with
  commits from PRs
- just a test for now to see if we get stable numbers
2023-11-15 13:24:56 +01:00
renovate[bot]
4651ef3d9b Update sentry-javascript monorepo to v7.80.1 2023-11-15 12:31:56 +01:00
Ghost CI
d8aba91f51 Merged v5.73.2 into main 2023-11-14 22:14:15 +00:00
Ghost CI
499b894f8d v5.73.2 2023-11-14 22:14:14 +00:00
Kevin Ansfield
4394580c1a
🐛 Fixed and improved various editor issues
closes https://github.com/TryGhost/Product/issues/4146
closes https://github.com/TryGhost/Ghost/issues/17753
closes https://github.com/TryGhost/Product/issues/4127
closes https://github.com/TryGhost/Ghost/issues/18903

- 🐛 Fixed blank render output in some cases when using line breaks
- 🐛 Fixed backspace at end of link sometimes deleting whole link in Firefox
- 🐛 Fixed plain black generated video thumbnails in Safari
- 🎨 Added `srcset` and `loading="lazy"` to header card images
- 🎨 Improved accessibility of buttons in render output by adding `aria-role` attributes
- 🎨 Removed Ctrl/Cmd+H shortcut as it clashed with expected OS shortcut
2023-11-14 21:59:45 +00:00
Steve Larson
0fe573b1d0
🐛 Redirected email previews to /email/ route (#18976)
closes TryGhost/Product#4136
- the `/p/` route is only intended for drafts, not published content
(e.g. sent newsletters)
- email-only posts (newsletters) do not get assigned a slug, and could
still be viewed at `/p/:uuid`, which didn't hide paid/member content
2023-11-14 13:31:41 -06:00
Simon Backx
370c6b465b
Filter members by email disabled (#18884)
fixes https://github.com/TryGhost/Product/issues/4108

- Updates filters behind a new alpha feature flag so you can also filter
on members who have email disabled (because the email had a permanent
bounce, they reported spam or the email address is invalid)
- When returning members, we now also use the email_disabled flag to set
email_suppression.suppressed correctly (in case they are out of sync,
which should normally never happen).
2023-11-14 14:37:01 +01:00
renovate[bot]
7799e0f47b Update dependency json-stable-stringify to v1.1.0 2023-11-13 23:16:24 +00:00
Sag
6db7cc8156
Removed email from Mailgun's suppression list on unsubscribe (#18922)
closes https://github.com/TryGhost/Product/issues/4075

- when a member clicks on "Unsubscribe from that list" from Apple Mail,
the member's email is put into Mailgun's Unsubscribe suppression list.
Ghost listens for "Unsubscribe" events from Mailgun, and unsubscribes
the member from all the newsletters
- now, the member is only unsubscribed from the newsletter they
unsubscribe to (not all of them)
- now, the email is also deleted from Mailgun's suppression list, so
that it doesn't affect any other membership
2023-11-13 16:56:37 -03:00
Daniel Lockyer
3513ef3032 Fixed extra quote in logging line
- spotted in logs
2023-11-13 16:23:26 +01:00
Sanne de Vries
6f3ebae4c0
Fixed cursor on toggle button to display as pointer (#18964)
No ref
2023-11-13 15:07:35 +00:00
Daniel Lockyer
337b550b7e Moved monobundle into monorepo
fixes https://github.com/TryGhost/DevOps/issues/99

- this inlines the `monobundle` script into the monorepo from an
  external repo in order to avoid some caching issues we've seen
- it also makes it easier to maintain because you can change the script
  alongside changes in the monorepo
2023-11-13 13:30:38 +01:00
Sanne de Vries
5b73dd9f22
Fixed broken toggle card icon on iOS (#18959)
Closes https://github.com/TryGhost/Ghost/issues/18902
2023-11-13 11:01:25 +00:00
Simon Backx
14927ee24b
Added quotes to NQL filters with ids (#18958)
refs https://github.com/TryGhost/Product/issues/4120

Updated some places where we don't add quotes around ids in NQL filters,
which can be an issue when the id is a number
2023-11-13 12:00:20 +01:00
renovate[bot]
93fc6106dd Update dependency luxon to v3.4.4 2023-11-13 09:50:36 +01:00
Ghost CI
590505ca17 v5.73.1 2023-11-13 08:19:25 +00:00
Ghost CI
f46ba34c54 v5.73.0 2023-11-10 16:04:09 +00:00
Ghost CI
44791446a2 Merged v5.72.2 into main 2023-11-10 01:45:16 +00:00
Ghost CI
a333820324 v5.72.2 2023-11-10 01:45:14 +00:00
Kevin Ansfield
30a66da4e3
🐛 Fixed various editor issues (#18934)
refs https://github.com/tryghost/ghost/issues/18752, https://github.com/TryGhost/Product/issues/3897, https://github.com/TryGhost/Product/issues/4112,https://github.com/TryGhost/Product/issues/3802, https://github.com/TryGhost/Product/issues/4104, https://github.com/TryGhost/Ghost/issues/18866, https://github.com/TryGhost/Ghost/issues/18753, https://github.com/TryGhost/Product/issues/4116, https://github.com/TryGhost/Ghost/issues/18888, https://github.com/TryGhost/Ghost/issues/18844

- 🐛 Fixed browser focus on editor when clicking card ([Koenig/#1051](https://github.com/TryGhost/Koenig/pull/1051))
- 🐛 Fixed signup card styles with image background ([Koenig/#1052](https://github.com/TryGhost/Koenig/pull/1052))
- 🐛 Fixed slash menu having fixed position when scrolling ([Koenig/#1054](https://github.com/TryGhost/Koenig/pull/1054))
- 🐛 Fixed signup card text color with transparent background ([Koenig/#1053](https://github.com/TryGhost/Koenig/pull/1053))
- 🐛 Fixed text formats being lost when copy/pasting from Google Docs ([Koenig/#1055](https://github.com/TryGhost/Koenig/pull/1055))
- 🐛 Fixed pasting link behaviour in single line nested editors ([Koenig/#1056](https://github.com/TryGhost/Koenig/pull/1056))
- 🐛 Fixed backspace behaviour at start of aside/quote ([Koenig/#1057](https://github.com/TryGhost/Koenig/pull/1057))
- 🐛 Fixed text having unexpected formats when rendering ([Koenig/#1058](https://github.com/TryGhost/Koenig/pull/1058))
- 🐛 Fixed placeholder descenders being cut off in nested editor ([Koenig/#1059](https://github.com/TryGhost/Koenig/pull/1059))
- 🐛 Fixed HTML->Lexical conversion not handling paragraphs inside blockquotes ([Koenig/#1061](https://github.com/TryGhost/Koenig/pull/1061))
2023-11-09 16:26:22 +00:00
Michael Barrett
bcfb8e1291
Misc Sentry tweaks (#18900)
no refs

- Removed redundant duplicated `save_revision` tag when capturing slow
saves
- Standardised Sentry tags casing (`snake_case`)
- Renamed tag `adminX settings component-` to
`adminx_settings_component`
2023-11-09 14:10:53 +00:00
Djordje Vlaisavljevic
057d952e27
Made new recommendation email more flexible (#18915)
refs https://github.com/TryGhost/Product/issues/4095

- Removes `min-height` of the card in order to make the template more
flexible half-empty states look better (missing description, short
description, featured image...)
- Fixes wrong variables used in Outlook-specific template
2023-11-08 16:44:48 +00:00
Simon Backx
986296cac9 🐛 Fixed unsubscribe button requiring manual action + wrong confirmation
fixes https://github.com/TryGhost/Product/issues/4118

The newsletter uuids were not passed when fetching all the members current newsletters. Therefore, Portals logic broke to remove all newsletters that matched the uuid that was passed to the unsubscribe link. No newsletters were removed, still the notification toast said that the member was unsubscribed from the newsletter.
2023-11-08 15:05:47 +01:00
renovate[bot]
85979df33d Update sentry-javascript monorepo to v7.78.0 2023-11-08 14:06:32 +01:00
Kevin Ansfield
3a975fee18
Added debug timing logs for HTML conversion library import+convert (#18912)
refs https://github.com/TryGhost/Product/issues/4086

- we're seeing random test timeouts on CI but not locally, these logs should help pinpoint if it's the require that's taking a long time, the conversion itself, or something else entirely
2023-11-08 12:26:03 +00:00
renovate[bot]
2ca1083de7 Update Types packages 2023-11-08 12:13:12 +01:00
Sag
e16102f4f1
Fixed metadata for recommendations from private sites (#18901)
refs https://github.com/TryGhost/Product/issues/4098
- added basic metadata (title, description, image, url) on the password
wall for private sites
- when a private site recommends me, I can now see the usual metadata
2023-11-07 17:41:53 -03:00
Daniel Lockyer
5739fbe3d2 Fixed bundling apps/ packages into tarball
refs 811679e94b
refs https://ghost.slack.com/archives/C0568LN2CGJ/p1699352735496789

- this bumps monobundle so it doesn't include `apps/` packages in the
  tarball
- soon we'll inline the script into this repo anyway
2023-11-07 12:10:47 +01:00
Sanne de Vries
dbe00929d3
Changed "latest posts" layout in email template on mobile (#18894)
Refs https://ghost.slack.com/archives/C019B1K4FAM/p1699127038805739

- Removed mobile styles so that latest posts are always in the same
layout, instead of in a single column on mobile
- Fixed img caption font size rendering too large on mobile
2023-11-07 11:23:03 +01:00
Nick Moreton
b9b1502772
🐛Changed "free_signups" to "signups" in Post Exporter (#18883)
ref https://github.com/TryGhost/Product/issues/4110

Made this change to increase clarity in data export

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 6c0508d</samp>

Renamed a column in posts export data and updated the corresponding test
case. This change makes the export data more consistent and clear for
users who have different member features enabled.
2023-11-07 09:52:28 +00:00
Daniel Lockyer
9c6dc044b3 Skipped random flaky HTML -> Lexical test
refs https://github.com/TryGhost/Product/issues/4086

- this test is randomly timing out so we're disabling it until we figure out
  the cause
2023-11-07 09:50:53 +01:00
Ghost CI
82af2a12f9 Merged v5.72.1 into main 2023-11-07 02:07:18 +00:00
Ghost CI
63e603f2f6 v5.72.1 2023-11-07 02:07:16 +00:00
Steve Larson
ae53464cac
Enabled emoji picker in editor (#18880)
closes TryGhost/Product#4107
- emoji picker is now available for inline emoji insertion
- open the menu with typing a : (colon), e.g. 
2023-11-06 16:07:55 +00:00
Jono M
fa3898113b
Updated publishing spec to use a more consistent timezone (#18873)
no issue

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 474a274</samp>

This pull request fixes a timezone display bug in the admin and post
settings. It also updates the `publishing.spec.js` file to test the
timezone functionality with a consistent option.
2023-11-06 07:49:43 +00:00
Jono M
e8e0d84d50
Deleted old Ember settings pages (#18740)
refs https://github.com/TryGhost/Product/issues/4055

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 3b24693</samp>

Removed unused components related to announcement settings, custom theme
settings, and file upload. These components were part of a deprecated
feature or a legacy UI.
2023-11-06 06:46:31 +00:00
Ghost CI
ad7efbe92e v5.72.0 2023-11-03 16:04:27 +00:00
Simon Backx
bf859c38ee
🐛 Fixed showing recommendations on custom welcome pages (#18864)
no issue

When a custom welcome page is set for a tier, the recommendations modal
didn't show. If recommendations were disabled, there was also no toast
to confirm the sign up.

To fix this, we'll need to set the success and action query parameters
on the welcome page, but only if it is not an external site.
2023-11-03 15:02:46 +00:00
Simon Backx
fee402a340
🐛 Fixed adding recommendation with URL redirect breaking one-click-subscribe (#18863)
fixes https://github.com/TryGhost/Product/issues/4102

E.g. you recommend myghostsite.com, while that site redirects all
traffic to [www.myghostsite.com](#):

The redirect causes CORS issues, which means we cannot detect
one-click-subscribe support.
- This is fixed by moving the whole detection to the backend, which has
the additional benefit that we can update it in the background without
the frontend, and update it on every recommendation change.
- This change also fixes existing recommendations by doing a check on
boot (we can move this to a background job in the future).
2023-11-03 15:02:45 +01:00
renovate[bot]
25d27f2589 Update dependency mysql2 to v3.6.3 2023-11-03 03:45:00 +00:00
Sag
b3c8055efe
Fixed email_disabled field after member update in Admin (#18827)
closes https://github.com/TryGhost/Product/issues/4046
- when editing the member's email in Admin, the email_disabled field was
not recalculated, making it inconsistent with the suppression list
- now, if the new email is part of the suppression list, we set
email_disabled to true. Otherwise set it to false
2023-11-02 17:15:03 +00:00
Sag
6952966e46
Fixed title for incoming recommendations from private sites (#18846)
closes https://github.com/TryGhost/Product/issues/4098
- when a site is private, the metadata title is "My Site — Private Site
Access". When fetching the metadata via oembed, we get "Private Site
Access" as publisher, and "My Site — Private Site Access" as title
- this fix removes "- Private Site Access" from the metadata title when
a Ghost site is private
2023-11-02 16:02:04 +00:00
Ghost CI
59817c3c9b Merged v5.71.2 into main 2023-11-02 08:27:00 +00:00
Ghost CI
3fd2571cb2 v5.71.2 2023-11-02 08:26:58 +00:00
Michael Barrett
213e54aa71
Fixed error caused by uploading empty redirects YAML file (#18820)
no refs

Fixed error caused by uploading empty redirects YAML file:

```
Cannot read properties of undefined (reading '302')
```

This error was occurring due to `yaml.load` returning `undefined` when
the provided yaml file was empty. I've made the check on the return
value of `yaml.load` stricter (i.e we only want an `object`) to prevent
this error from occurring.
2023-11-02 08:17:52 +00:00
Daniel Lockyer
388d1a8f2d
🐛 Fixed detection of {{recommendations}} and {{readable_url}} helpers
fixes https://github.com/TryGhost/Ghost/issues/18836
fixes https://github.com/TryGhost/Ghost/issues/18834

- this bumps GScan to a version which detects the helpers
2023-11-02 08:45:29 +01:00
Kevin Ansfield
75672a902b
Enabled emoji picker in feature image caption (#18824)
closes https://github.com/TryGhost/Koenig/pull/1038

- updated `<KoenigLexicalEditorInput>` to load `<EmojiPickerPlugin>` and compose it into the editor unless used with `<KoenigLexicalEditorInput @emojiPicker={{false}} />`
- bumped Koenig packages so `EmojiPickerPlugin` is available to import from `koenig-lexical`
2023-11-01 21:22:56 +00:00
Steve Larson
8b57bf7efc
Bumped lexical editor packages (#18828)
no refs
2023-11-01 21:05:44 +00:00
Chris Raible
9a8c703e34
Improved error handling for SQL errors (#18797)
refs TryGhost/Product#4083

- In the vast majority of cases, we shouldn't have SQL errors in our
code. Due to some limitations with validating e.g. nql filters passed to
the API, sometimes we don't catch these errors and they bubble up to the
user.
- In these rare cases, Ghost was returning the raw SQL error from mysql
which is not very user friendly and also exposes information about the
database, which generally is not a good practice.
- To make things worse, Sentry was treating every instance of these
errors as a unique issue, even when it was exactly the same query
failing over and over.
- This change improves the error message returned from the API, and also
makes sure that Sentry will group all these errors together, so we can
easily see how many times they are happening and where.
- It also adds more specific context to the event that is sent to
Sentry, including the mysql error number, code, and the SQL query
itself.
2023-11-01 13:47:41 -07:00
Ghost CI
2c9d42f599 Merged v5.71.1 into main 2023-11-01 16:53:42 +00:00
Ghost CI
a56c39fbd1 v5.71.1 2023-11-01 16:53:39 +00:00
Kevin Ansfield
281fbc973e
🐛 Fixed mobiledoc and lexical content being available via Content API
refs https://github.com/TryGhost/Product/issues/4088

The Content API should not expose the lexical/mobiledoc source content because it's not membership-gated and although not used at the present time may in future contain additional internal metadata. We were handling this for the more-typical `?formats` param but it was still possible to access this data using the `?fields` param.

- updated post mapper used in our API output serializers to strip the `mobiledoc` and `lexical` fields ready for API output
- credits to Prathap Puthran for reporting
2023-11-01 16:10:41 +01:00
Sanne de Vries
a38461a00d
Fixed email paywall styling bug on mobile (#18818)
Closes https://github.com/TryGhost/Product/issues/4089
2023-11-01 14:13:51 +00:00
renovate[bot]
62ecb1ebd8 Update sentry-javascript monorepo to v7.77.0 2023-11-01 09:14:38 +01:00
renovate[bot]
057d9599f5 Update TryGhost packages 2023-10-31 20:54:17 +01:00
Simon Backx
97d0cddb50
Added indexes to members_created_events and members_subscription_created_events (#18805)
fixes https://github.com/TryGhost/Product/issues/4085

Increases the performance for the post analytics export by adding new
indexes. These indexes are used when counting the amount of (paid)
subscribers that were attributed to a given post. With the indexes, the
time required to export 700 posts with 300k members decreases from 40s
to 0.6s.

Tests show that adding these indexes should be very fast (< 1 s) if the
tables contain up to 300k rows.
2023-10-31 15:11:24 +00:00
Hannah Wolfe
0049b74a2d Added well-known assetlinks.json to allowed files
refs: https://github.com/google/digitalassetlinks/blob/master/well-known/specification.md
refs: https://github.com/google/digitalassetlinks/blob/master/well-known/details.md

- allow themes to include assetlinks.json files to comply with the Google digital asset links spec
2023-10-31 15:10:58 +00:00
renovate[bot]
df8eeb2249 Update Types packages 2023-10-31 14:40:32 +01:00
Simon Backx
398b98b5f6
Cleaned up some email helpers (#18806)
no issue
2023-10-31 12:25:05 +00:00
Jono M
3711260f9d
Added feature flag for AdminX Offers (#18801)
closes https://github.com/TryGhost/Product/issues/4084

---

### <samp>🤖 Generated by Copilot at 9380e1f</samp>

This pull request adds a new UI for creating and managing offers for
members in the admin settings, which is controlled by an alpha feature
flag. It introduces new modal components for the offers UI, a new
sidebar item, new routes, and a new setting group. It also updates the
`labs.js` file to include the `adminXOffers` flag.
2023-10-31 08:41:35 +00:00
renovate[bot]
ab57071901 Update dependency newrelic to v11.5.0 2023-10-31 07:59:49 +00:00
Ghost CI
7cda0b2250 v5.71.0 2023-10-27 15:03:15 +00:00
Ghost CI
90660d0516 🎨 Updated Source to v1.1.0 2023-10-27 15:03:15 +00:00
renovate[bot]
7af870c022 Update dependency newrelic to v11.4.0 2023-10-25 22:32:28 +00:00
Sag
6db0deb58e
Fixed missing favicon layout in the Recommendations template (#18766)
refs https://github.com/TryGhost/Product/issues/3940
- when a favicon url is null, don't render the img element at all
- when a favicon fails to load, hide the img element from the DOM
2023-10-25 19:13:37 +00:00
Daniel Lockyer
96b7ba4755 Fixed minor Node deprecation warning
- resolves `DeprecationWarning: In future versions of Node.js, fs.rmdir(path, { recursive: true }) will be removed. Use fs.rm(path, { recursive: true }) instead` in tests
2023-10-25 18:06:44 +02:00
Daniel Lockyer
32bdbf7efd 🔥 Dropped support for Node 16
refs https://github.com/TryGhost/DevOps/issues/75

- this drops support for Node 16 as it has gone past the EOL date
2023-10-25 17:50:56 +02:00
Simon Backx
6cc19e1851
Added List-Unsubscribe https endpoint (#18758)
refs TryGhost/Product#4052
2023-10-25 16:16:31 +02:00
Simon Backx
9cad62d826
Fixed loading Portal when Stripe is enabled, members disabled and don… (#18757)
…ations flag disabled

refs https://ghost.slack.com/archives/C02G9E68C/p1698230240376929
2023-10-25 13:18:50 +02:00
Sag
1b82efe5d2
Added Recommendations feature (#18743)
refs https://github.com/TryGhost/Product/issues/3744


Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
2023-10-24 11:00:11 -03:00
Kevin Ansfield
125b09324c
Added editorEmojiPicker labs flag (#18739)
closes https://github.com/TryGhost/Product/issues/4056

- adds new flag with UI and passes it through to the editor so it can conditionally enable the relevant plugins
2023-10-24 12:44:29 +00:00
Simon Backx
c8f71e8504
Added list-unsubscribe feature flag and header (#18736)
refs https://github.com/TryGhost/Product/issues/4053

This adds the feature flag. If enabled, the list-unsubscribe header
should be set. The value currently is only for testing purposes and
probably won't work yet.
2023-10-24 10:35:47 +00:00
Ghost CI
d20ad046db Merged v5.70.2 into main 2023-10-24 08:04:00 +00:00
Ghost CI
27f3f86d23 v5.70.2 2023-10-24 08:03:58 +00:00
renovate[bot]
effafd4ab1 Update dependency human-number to v2.0.4 2023-10-23 19:23:55 +00:00
renovate[bot]
da7271d261 Update dependency newrelic to v11.3.0 2023-10-23 18:29:32 +00:00
Kevin Ansfield
9b1f79f601
Cleaned up lexicalEditor labs flag, switched Post model to lexical-by-default (#18607)
no issue

- flag is no longer used in Admin so we can clean it up in Core too
- updated Post model to set blank document to `lexical` field rather than `mobiledoc` as a default value
- switched over to returning `mobiledoc,lexical` as default formats in Admin API
2023-10-23 17:51:34 +01:00
renovate[bot]
30f168b86b Update dependency nconf to v0.12.1 2023-10-23 11:14:45 +02:00
renovate[bot]
24849d8787
🐛 Fixed indent behaviour for paragraphs (#18724)
no issue

- updates `@tryghost/koenig-lexical` with indent improvements
  - prevents indents on paragraphs/headings etc which are not supported when rendering for front-end display
  - improves indent behaviour for lists so <kbd>Tab</kbd> can be pressed anywhere in a list item to indent rather than only at the beginning of the list
2023-10-23 08:43:25 +00:00
Ghost CI
ed885bd6b3 v5.70.1 2023-10-20 17:48:28 +00:00
renovate[bot]
975b122886
🐛 Fixed errors from using <br> in some situations when creating posts with ?source=html (#18714)
closes https://github.com/TryGhost/Product/issues/4037

- bumps `@tryghost/kg-html-to-lexical` that includes better node normalization to handle `<br>` in top-level text nodes and after a nested block-level element
  - also includes fix for button hrefs having `about:blank` prefixed to hash URLs
2023-10-20 17:09:55 +00:00
Ghost CI
ea42122a1f v5.70.0 2023-10-20 15:03:26 +00:00
Ghost CI
6611f76723 🎨 Updated Source to v1.0.2 2023-10-20 15:03:26 +00:00
Ghost CI
16c5e6e2f9 Merged v5.69.4 into main 2023-10-20 11:41:03 +00:00
Ghost CI
9e24ade17d v5.69.4 2023-10-20 11:41:01 +00:00
Princi Vershwal
3324009381
Added fix for browser test (#18710) 2023-10-20 16:06:50 +05:30
Jono M
caae0edf19
Fixed and restored new AdminX E2E tests (#18606)
refs https://github.com/TryGhost/Product/issues/3831

---

### <samp>🤖 Generated by Copilot at 539c2d3</samp>

This pull request updates and adds some test cases for the date picker
and newsletter features in the Ghost admin panel. It introduces a test
helper function for the date picker in `editor-test.js`, and removes a
redundant test case from `publish-flow-test.js`. It also adds two new
test cases in `publishing.spec.js` using the Playwright framework to
verify the timezone and recipient settings for publishing posts.
2023-10-20 10:00:35 +01:00
renovate[bot]
93382df314
🐛 Fixed various editor issues (#18645)
closes https://github.com/TryGhost/Ghost/issues/18448

- improved slash menu positioning when opening at the bottom of a post
- fixed backspace sometimes deleting a preceding card (e.g. backspace at end of link inside a paragraph preceded by a card)
- fixed `?source=html` issues
  - images not rendering in front-end output after import
  - images wrapped in links losing their link after import
- fixed inline styles in HTML card content not displaying in the editor
- fixed broken help link in the email card
2023-10-19 19:17:23 +01:00
Chris Raible
5a5a756415
Updated theme fixtures for casper and source (#18677)
no issue

- Casper and Source theme files were out of date — this commit updates the theme fixtures, and fixes up a few tests to pass with the updated themes
2023-10-18 14:51:35 -07:00
Sag
5c43945b94
Revert "Added Recommendations feature (#18664)" (#18694)
refs https://github.com/TryGhost/Product/issues/3744

- this reverts GA commit 4e338114de, as
launch has been postponed by a week
2023-10-18 17:03:35 +00:00
Ghost CI
099db95278 Merged v5.69.3 into main 2023-10-18 09:42:15 +00:00
Ghost CI
cf06037b81 v5.69.3 2023-10-18 09:42:13 +00:00
Steve Larson
a521c23cd3
🐛 Prevented subsequent lexical conversion wiping out content (#18672)
closes TryGhost/Product#4032
- the api flag ?convert_to_lexical converts a mobiledoc string to
lexical
- if run on a post/page with lexical content, would null it out
2023-10-17 20:38:51 +00:00
Sag
9ba1d47b04
Updated copy in the Recommendation email notification (#18671)
closes https://github.com/TryGhost/Product/issues/4031
2023-10-17 17:03:24 +00:00
Sag
22618aad65
Fixed broken link in Recommendations email notification (#18666)
no issue

- paths in the new settings are not using /settings-x/... anymore
2023-10-17 10:44:28 -03:00
Daniel Lockyer
6c2d70f26a Optimized fetching settings from cache adapter
- this optimizes the number of `get` calls we need to do to the adapter
  for settings cache
- for example, this prevents ~187 calls to the adapter during boot
- right now we use the in-memory adapter for settings, so there's probably
  not much benefit, but if we ever switch to the Redis adapter, this will
  help prevent a lot of extra Redis calls
2023-10-17 15:10:02 +02:00
Sag
4e338114de
Added Recommendations feature (#18664)
refs https://github.com/TryGhost/Product/issues/3744

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
2023-10-17 13:04:35 +00:00
Sam Lord
7f67e98e28 Memoized the getStripeAccountId function
no issue

Some flaky tests found, and it seems as though they're being caused by an invalid Stripe account id.

It's possible that by re-using the worker after a test which calls `setupStripe` could cause some Stripe functionality to not work.
2023-10-16 22:14:10 +01:00
Djordje Vlaisavljevic
08f81dbf90
Updated recommendations design (#18614)
refs https://github.com/TryGhost/Product/issues/4024, https://github.com/TryGhost/Product/issues/3938

- Improved email notification template
- Added `for you` next to the click/subscribe stats

---------

Co-authored-by: Sag <guptazy@gmail.com>
2023-10-16 18:04:15 +01:00
Ghost CI
af29aef5c5 Merged v5.69.2 into main 2023-10-16 16:16:28 +00:00
Ghost CI
75aadb1a92 v5.69.2 2023-10-16 16:16:26 +00:00
Daniel Lockyer
3a564237a5 Temporarily increased timeout for saving Offer in tests
- if Stripe is slow, this might take longer than we expect to finish
- this helps prevent flaky tests in CI
2023-10-16 17:37:42 +02:00
Sam Lord
ccbcba0969
Switched to a shared page for each playwright worker
refs: https://github.com/TryGhost/DevOps/issues/78

This speeds up the tests by another 30 seconds on my local machine, and
hopefully takes some time off in CI too
2023-10-16 15:32:13 +00:00
Emilien Bidet
57fe5e7ca6
Added DOCTYPE HTML tag to admin-auth iframe (#18634) 2023-10-16 13:51:10 +02:00
joe-blocher
f303eee8a4
Fixed private mode cookie for local development (#17938)
fixes #17514

- good explanation in https://github.com/TryGhost/Ghost/pull/17938#discussion_r1328157348
- fixes setting the private mode cookie in stricter browsers for local development
2023-10-16 11:09:08 +02:00
renovate[bot]
29ca414d33 Update dependency mysql2 to v3.6.2 2023-10-16 01:09:26 +00:00
Ghost CI
d1e03f42fe v5.69.1 2023-10-13 15:03:10 +00:00
renovate[bot]
39c3337113 Update dependency lib0 to v0.2.87 2023-10-13 15:51:32 +02:00
Kevin Ansfield
b6216586c4
Fixed "Cannot read properties of null (reading 'off')" noise in tests (#18610)
no issue

- the lexical multiplayer experiment was causing noise in e2e tests because it tried to use `ghostServer.httpServer` which doesn't exist
2023-10-13 11:46:24 +00:00
Sam Lord
4815aa6e7f
Parallelise browser tests
refs: https://github.com/TryGhost/DevOps/issues/78

Re-introduce parallel browser tests

These were adding in a previous PR, but the difference between local
running tests and using CI introduced failures.

Added additional fixes to ensure the Stripe API key is used in the CLI when running in CI.
2023-10-13 11:42:39 +00:00
Jono M
b75a6d0e7f
Revert "Updated old admin acceptance tests to E2E with AdminX" (#18604)
Reverts TryGhost/Ghost#18599

There seems to be a timezone issue with one of the tests
2023-10-13 10:16:28 +01:00
Daniel Lockyer
85d41d0562 Aligned dependencies with resolution values
- this commit brings all dependencies up-to-date with the version set as
  a resolution
2023-10-13 08:37:36 +02:00
Chris Raible
cd4ca3c933
🐛 Fixed member search ignoring filters (#18600)
fixes TryGhost/Product#3792

- Previously, if you had a filter set in the members list (e.g. `status=paid`), then you searched for a member by email address, the original filter would be ignored, and any members matching the search would be returned, regardless of whether they matched the filters. Effectively, the logic was `member matches filters OR member matches search`. To make this worse, the UI still showed both the filters and the search query, leading to confusing results.
- This small change to the backend logic changes the behavior to only return members that match the filter AND the search query, so if you search for a member that does not meet the current filters, they will not be returned.
2023-10-12 16:47:02 -07:00
Jono M
f0efbb7fbb
Updated old admin acceptance tests to E2E with AdminX (#18599)
refs https://github.com/TryGhost/Product/issues/3831

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 5af23a9</samp>

This pull request updates and adds some test cases for the editor and
the publishing flow in Ghost. It uses a helper function to test the date
picker component in the editor, and removes a redundant test case from
the `publish-flow-test.js` file. It also adds two test cases to the
`publishing.spec.js` file, using the Playwright framework, to check the
publish time and the newsletter settings of a post.
2023-10-12 20:27:16 +01:00
renovate[bot]
06b95c3bbc Update dependency newrelic to v11.2.1 2023-10-12 16:42:58 +00:00
Sam Lord
0e47ae03e1
Revert "Enable parallel running of browser tests" (#18594)
Reverts TryGhost/Ghost#18544
2023-10-12 14:55:39 +00:00
Sam Lord
661acdee95 Made portal tests run fully parallelised
refs: https://github.com/TryGhost/DevOps/issues/78
2023-10-12 14:33:20 +01:00
Sam Lord
30448a13cd Added event listeners to the webhook server
no issue

Whilst debugging I discovered that the webhooks weren't being received by some tests, causing them to fail. I added log lines for the output from the webhook server to see if I could fix it, and the bug vanished. I narrowed it down to event listeners on the webhook server fixing it.

I'm not sure exactly how this fixes it, I'm guessing the extra events in the event queue have something to do with it.
2023-10-12 14:33:20 +01:00
Sam Lord
09a77f4939 Fixed Ghost Admin browser tests
refs: https://github.com/TryGhost/DevOps/issues/78

Some tests needed to disconnect Stripe + reconnect, so the code had to be changed to match the new Stripe Connect method.

Some tests in publishing.spec have been modified to work out-of-order, which will enable us to use fullyParallel in future (a change which brings test runs down from 85~ seconds to 50~ seconds).
2023-10-12 14:33:20 +01:00
Sam Lord
27b69f083c Use a separate Stripe Connect account for each worker
refs: https://github.com/TryGhost/DevOps/issues/78

This still has problems with parallel tests causing issues for each other, but is so close to a full pass test run
2023-10-12 14:33:20 +01:00