Commit Graph

3943 Commits

Author SHA1 Message Date
Renovate Bot
bfb7cecc8c Update dependency express-session to v1.17.3 2022-05-12 16:45:31 +01:00
Renovate Bot
a364fc3980 Update dependency jwks-rsa to v2.1.2 2022-05-12 16:45:21 +01:00
Rishabh Garg
f321ff2760
Fixed tier monthly/yearly price admin api schema (#14805)
- schema now allows null values for tier prices
2022-05-12 20:22:26 +05:30
Simon Backx
3214186f98
Improved newsletter limit checking (#14780)
refs https://github.com/TryGhost/Team/issues/1583

- Check limits when unarchiving newsletters
- Added tests for more scenarios
- When editing/adding newsletters, the limit check happens in the same transaction.
- `limit-service` was bumped to add transactions support
- Added transaction support for edit in newsletter service
2022-05-12 14:28:45 +02:00
Naz
9236b8a397 Relaxed validation rules + removed unknown properties
refs https://github.com/TryGhost/Toolbox/issues/314

- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
2022-05-12 18:06:38 +08:00
Matt Hanley
371f9996f5
Fixed filter mapping from subscribed to newsletters for bulk operations (#14787)
closes https://github.com/TryGhost/Team/issues/1606

- Fixed filter mapping from subscribed to newsletters for bulk operations
- Updated members-api package
2022-05-12 10:54:20 +01:00
Naz
d3f432f745 🔥 Removed versioning from json schema validation
refs https://github.com/TryGhost/Toolbox/issues/314

- With versioned API concept being dropped there's no need to rely on a specific version in validations either!
2022-05-12 16:08:23 +08:00
Hannah Wolfe
b29852b012
🔥 Removed support for http/https mixed mode (#14783)
closes: https://github.com/TryGhost/Toolbox/issues/324
refs: https://github.com/TryGhost/Ghost/issues/14446

- Currently, if url is configured to http but a request is marked secure, Ghost will handle upgrading all internal URLs to https so that there are no mixed content warnings
- From 5.0 that feature is going away, in favour of strictly honouring the configured URL
- Ghost will serve URLs exactly as configured and won't upgrade http to https anymore
- This use case was common when Ghost was first built, but in 2022 the web is mostly https.
- The code needed to support the feature creates a lot of additional complexity & maintenance overhead, so removing this gives us space to do more cool and useful stuff in 2022
2022-05-11 14:53:23 +01:00
Rishabh
7ab00c8eda Updated admin api schema for tiers
- added `id` and `description` to tiers schema
- added `tiers` column to members schema
2022-05-11 16:14:10 +05:30
Naz
f10f224668 Improved version mismatch notification email copy
refs https://github.com/TryGhost/Toolbox/issues/292

- Copy improvements were done base on feedback. Makes the information in the email more concise and removes unecessary/unsecure bits like query strings.
2022-05-11 10:53:42 +08:00
Renovate Bot
c0d82122b0 Update dependency grunt to v1.5.3 2022-05-10 14:57:10 +00:00
Naz
6934595053 Added Integration Name in version mismatch emails
refs https://github.com/TryGhost/Toolbox/issues/292

- Providing user-defined Integration name instead of API client's UserAgent gives a lot more control to instance administrators identifying which integration is being used incorrectly.
- It's best practice to create an Integration with a set of API keys per API client - which should be enough to identify an outdated one.
2022-05-10 17:55:18 +08:00
Simon Backx
fb60a0199c
Fixed editing members throwing when setting avatar_image (#14751)
refs https://ghost.slack.com/archives/C02G9E68C/p1652126859737159?thread_ts=1652126765.251419&cid=C02G9E68C

When you try to edit a member in the admin frontend, the `avatar_image` property is passed. But that field is not editable and should be ignored. Currently an error is thrown, but this update from `admin-api-schema` adds it as a skipped property to remove this error.
2022-05-10 10:00:27 +02:00
Renovate Bot
c753d61be6
Update dependency sinon to v14 2022-05-09 19:14:13 +00:00
Naz
b2db80c9fe Fixed missing failed request URL if version emails
refs https://github.com/TryGhost/Toolbox/issues/292

- The version mismatch notification emails were missing a URL of the endpoint that was being accessed by an outdated integraton
- Also squeezed in a refactor simplifying APIVersionCompatibilityService initialization
2022-05-09 20:11:25 +08:00
Simon Backx
21d9d20e3e
Included newsletter relation by default in posts (#14723)
refs https://github.com/TryGhost/Team/issues/1569

**Changes in admin-api-schema:**
- https://github.com/TryGhost/SDK/compare/%40tryghost/admin-api-schema%402.14.1...%40tryghost/admin-api-schema%402.15.0
- Ignore `newsletter` when used in input

**Changes**
- Added the `newsletter` relation as a default include for posts
- Removed the newsletter_id from the API output

**Tests**
- Test the newsletter relation is always loaded for browse, read, add and edit, unless the include option is added explicitly

Co-authored-by: Matt Hanley <git@matthanley.co.uk>
2022-05-09 11:06:59 +02:00
Renovate Bot
7d951f96f0 Update dependency jwks-rsa to v2.1.1 2022-05-09 08:37:13 +01:00
Renovate Bot
f5d4174e0d
Update dependency luxon to v2.4.0 2022-05-09 03:40:41 +00:00
Renovate Bot
b3c6801352
Update dependency eslint to v8.15.0 2022-05-09 00:38:13 +00:00
renovate[bot]
abd90be910
Update dependency @tryghost/mw-error-handler to v1 (#14719)
- Replaced usage of handleJSONResponseV2 with the newly renamed handleJSONResponse

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-07 15:28:28 +01:00
Renovate Bot
fb017d496e
Update dependency express-jwt to v7.7.0 2022-05-06 17:28:38 +00:00
Renovate Bot
4019964b15
Update dependency knex-migrator to v4.2.9 2022-05-06 16:54:08 +00:00
renovate[bot]
e0ce8995a7
Update dependency @tryghost/security to v0.3.0 (#14718)
- Swapped instances of createSecret for security.secret.create

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-06 17:53:10 +01:00
Renovate Bot
d7399faa81
Update dependency sqlite3 to v5.0.8 2022-05-06 12:52:08 +00:00
Daniel Lockyer
f6fb823ce9
Updated all @tryghost packages
- these packages have had minor code changes or dependency updates that
  have forced us to publish the packages in Lerna
- this commit updates all packages in one rollup commit
2022-05-06 12:55:29 +01:00
Renovate Bot
1afe52c657
Update dependency sqlite3 to v5.0.7 2022-05-05 18:34:13 +00:00
renovate[bot]
9aa8e3e7ff
Update dependency @tryghost/url-utils to v3 (#14705)
- updated usage of url-utils.urlFor to work with v3

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 16:10:18 +01:00
Naz
648530009d Added use of email templates for version mismatch notifications
refs https://github.com/TryGhost/Toolbox/issues/292

- This change allows to reuse existing pattern present in Ghost on the version mismatch service layer, where we define the contents of the sent email through email templates instead of plain text.
- Apart form templates, there's now failed request URL present in the data passed to the email template along with site title and site url
2022-05-05 18:26:08 +08:00
renovate[bot]
45695ef2d5
Update dependency @tryghost/mw-error-handler to v0.2.4 (#14677)
- Updated accept-version error message copy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 08:57:32 +01:00
Fabien 'egg' O'Carroll
2da52130a6
Removed hasActiveStripeSubscriptions endpoint (#14689)
refs https://github.com/TryGhost/Team/issues/1147

This endpoint is no longer used in 5.0
2022-05-04 17:25:21 +01:00
Simon Backx
473ac3b5a4
Fixed updating a non-existent member internal error (#14658)
refs https://github.com/TryGhost/Team/issues/1580

- When you try to edit a member that doesn't exist, a 500 error is thrown. We should throw a 404 error instead
- This is fixed by https://github.com/TryGhost/Members/pull/395
2022-05-04 13:51:35 +02:00
Simon Backx
ad1ebe6a47
Fixed error when firing Members webhooks (#14645)
refs https://github.com/TryGhost/Team/issues/1577

The last seen at was being updated via the model rather than the
respository, which mean that the default relations were not being
loaded.

This fix updates the repository to load the newseletters relation,
updates the last seen at updated to use the repository and updates the
output serializer to handle missing newsletter relation.

We also update all packages relying on the domain-events package to
ensure that they're all using the same version.

Co-authored-by: Fabien 'egg' O'Carroll <fabien@allou.is>
2022-05-04 12:42:27 +02:00
Naz
c627779948 Extracted email-content-generator into a package
refs https://github.com/TryGhost/Toolbox/issues/292

- Following the concept of having as little code in Ghost core as possible :) The email content generation is also needed to be reused in the version mismatch handling package.
2022-05-04 17:28:09 +08:00
Renovate Bot
7c992ef099
Update dependency express-jwt to v7.6.2 2022-05-03 15:17:44 +00:00
Renovate Bot
073b1f8dad Update dependency postcss to v8.4.13 2022-05-02 06:54:31 +01:00
Renovate Bot
e418630737
Update dependency mocha to v10 2022-05-02 01:29:26 +00:00
Renovate Bot
21b0ab0a8e
Update dependency express to v4.18.1 2022-04-29 21:07:20 +00:00
Daniel Lockyer
67c5395a7f v4.46.0 2022-04-28 15:29:18 +01:00
Simon Backx
104a0f5181
Fixed issue with new members always subscribing to defaults (#14629)
no issue

The member was updated when setting the geolocation, but that also included setting subscribed to true.
2022-04-28 13:21:38 +02:00
Daniel Lockyer
d5e7893212
Updated all @tryghost packages
- these packages contain minor code or dependency updates but we're
  forced to publish them because of Lerna
- this commit rolls up all pending updates into one commit to save noise
2022-04-28 11:54:29 +01:00
Renovate Bot
148779b74c Update dependency knex-migrator to v4.2.8 2022-04-28 11:24:13 +01:00
Renovate Bot
b58e7af65e Updated dependency express-jwt to v7
- also requires a small change to the imports to reflect an API change
2022-04-28 11:15:04 +01:00
Simon Backx
efdc42c257
Fixed bulk unsubscribe and updated member import tests (#14610)
refs https://github.com/TryGhost/Team/issues/1567

**Changes in members-api**
- Compare changes: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.1.0...%40tryghost/members-api%406.2.2
- Fixed bulk unsubscribe
- Deletes the newsletter relations instead of setting subscribed to false

**Test fail fix**
refs https://github.com/TryGhost/Ghost/pull/14621
refs https://ghost.slack.com/archives/C02G9E68C/p1651126990299689?thread_ts=1651072733.859939&cid=C02G9E68C

- Events didn't always have the same created_at as created members
- This caused a test to fail randomly in the main repo

**Changes**
- Added required helpers for members-api package
- Version bumps of other packages are only tooling related

**Tests**
- Tests if member import still works with the legacy `subscribed` flag
- Updated member importer to use multipleNewsletters flag
- Dropped legacy members tests
2022-04-28 09:50:05 +02:00
Renovate Bot
ad2903a196
Update dependency sqlite3 to v5.0.6 2022-04-27 21:40:10 +00:00
Fabien 'egg' O'Carroll
810c3077e8
Wired up LimitService to NewsletterService (#14602)
refs https://github.com/TryGhost/Team/issues/1549

This allows us to restrict certain sites to a single newsletter
2022-04-27 17:44:16 +01:00
Simon Backx
21af34a0d4
Added mapping from member subscribed to newsletters on edit/create (#14596)
refs https://github.com/TryGhost/Team/issues/1545

**Changes (`members-api`)**
- Compare via https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.0.0...%40tryghost/members-api%406.1.0
- Added mapping from member subscribed to newsletters on edit/create
- When editing or creating a member with the subscribed property, it is mapped to the corresponding newletters value
- Defaults to all active newsletters with visibility = members and subscribe_on_signup = true

**Tests**
- Adds test that adds a member with subscribed = true
- Adds test that adds a member with subscribed = false
- Adds test that edits a member with subscribed = true
- Adds test that edits a member with subscribed = false
2022-04-27 17:04:55 +02:00
Simon Backx
2cf76cb031
Added newsletter relation to subscribe events (#14585)
refs https://github.com/TryGhost/Team/issues/1478

**Changes**
- Added the newsletter relation to subscribe events

**Changes in `members-api`**
- Compare: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.0.0-alpha.0...%40tryghost/members-api%406.0.0
- Makes sure the newsletter relation is returned in the activity feed for susbcribe events (aka newsletter events).

**Tests**
- Added first test for activity feed to check if the newsletter relation is correctly fetched
2022-04-27 16:44:27 +02:00
Fabien 'egg' O'Carroll
d94859f2e5
Added /stats/subscriptions API (#14547)
refs https://github.com/TryGhost/Team/issues/1505
refs https://github.com/TryGhost/Team/issues/1466

Exposes an API for historical counts broken down by tier and cadence.

Counts backwards from the current stats like MRR to minimize inaccruate
data due to missing/superfluous events.
2022-04-27 14:53:32 +01:00
Renovate Bot
0a5fb7166a Update dependency supertest to v6.2.3 2022-04-27 06:49:47 +01:00
Renovate Bot
eec0c502d9
Update dependency @sentry/node to v6.19.7 2022-04-26 16:27:46 +00:00
Renovate Bot
2d08324238 Update dependency grunt-contrib-clean to v2.0.1 2022-04-26 17:25:59 +01:00
Renovate Bot
863c409ca3 Update dependency @playwright/test to v1.21.1 2022-04-26 17:25:39 +01:00
Renovate Bot
2a5af9c0c5 Update dependency jwks-rsa to v2.1.0 2022-04-26 17:21:23 +01:00
Daniel Lockyer
6747f3a93a Updated @tryghost packages
- these packages contain only code changes or dependency updates but
  we're force to publish new versions due to Lerna's limitations
- this commit bulk updates the packages to save having many commits
2022-04-26 16:54:44 +01:00
Daniel Lockyer
1122ce9cc6
🐛 Fixed credentials issue with SES mail transport
refs 58ace0af76

- please see the referenced commit above for full context but this
  commit bumps `@tryghost/nodemailer`, which contains a fix for reading
  credentials when using the SES mail transport
- credits to @touzoku
2022-04-26 16:40:45 +01:00
Renovate Bot
37f17f9dca Update dependency coffeescript to v2.7.0 2022-04-26 16:29:41 +01:00
Renovate Bot
6937b637ec Update dependency eslint to v8.14.0 2022-04-26 16:29:19 +01:00
Simon Backx
32b0f69e55 Added newsletters to subscribe events (#14579)
refs https://github.com/TryGhost/Team/issues/1478

- Moved all admin API members tests to enable the multiple newsletters flag
- Checks if the susbcribe events are added correctly when adding or removing newsletters
- Checks if susbcribe events are added for default newsletters
2022-04-26 12:31:34 +01:00
Thibaut Patel
48799e1c68 Added the newsletter API ?include=count.posts and ?include=count.members query options (#14525)
refs https://github.com/TryGhost/Team/issues/1524

- This enables admins in the ghost admin to have an overview of the total posts/members associated with a newsletter.
- Follows the `?include=count.x` convention used by other resources
2022-04-26 12:31:34 +01:00
Renovate Bot
65c2958f2a
Update dependency express to v4.18.0 2022-04-25 21:12:45 +00:00
Daniel Lockyer
39f4abbbcd v4.45.0 2022-04-22 16:00:32 +01:00
Renovate Bot
5bd44a05da Update dependency glob to v8 2022-04-22 13:53:15 +01:00
Renovate Bot
98c4956ff4 Update dependency c8 to v7.11.2 2022-04-22 13:51:14 +01:00
renovate[bot]
24d3b7cfd3
Pinned dependency @tryghost/stats-service to v0.1.0 (#14528)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-22 13:47:19 +01:00
Daniel Lockyer
d0553331db
Switched to commit hash for TryGhost/mock-knex
- I had to fork this dependency to add support for Knex 2.0 but yarn is
  weird and won't bump it if we use `master` because "nothing changed"
- Using a hash should force yarn to pull the changes if the hash gets
  updated
2022-04-22 12:24:02 +01:00
Daniel Lockyer
a394a00618
Fixed date-fns missing as a dependency declaration
refs fccee0614f

- `@tryghost/nql-lang` had `date-fns` declared as a devDependency but it
  was used within the library itself
- the referenced commit moved it to `dependencies` and this commit bumps
  the packages in Ghost
2022-04-22 11:41:48 +01:00
Daniel Lockyer
bead1bbe14 ℹ️ Fixed common build issues with SQLite
- we had to switch to `@vscode/sqlite3` a while back because `sqlite3`
  was unmaintained
- this fork didn't come with prebuilt binaries, so everyone had to
  compile them on their machine
- this brought a lot of issues with installing Ghost
- since then, the Ghost team have picked up maintenance of `sqlite3` and
  Knex has switched back, so we can switch back here too
2022-04-22 10:24:42 +01:00
Naz
7b9a80fbf4 Extracted data access code to external module
refs https://github.com/TryGhost/Toolbox/issues/280

- Keeps the code in the core to the minimum. Ideally we should not be adding any logic apart form "hooking things together"
2022-04-22 16:31:56 +08:00
Naz
b7189a99e4 Added support for version missmatch handling
refs https://github.com/TryGhost/Toolbox/issues/280

- Email notification handling logic needs to be added to Ghost. Ideally there should be as little code landing in the core as possible - mostly data fetching and hooking modules together.
- The primary email handling logic for the `Accept-Version`/`Conent-Version` header missmatch is done in `api-version-compatibility-service` module, and the `mw-api-version-mismatch` allows to intercept request with the missmatch and call the api version compatibility service to do it's job. The mw-error-handler gives each case of client BEHIND or AHEAD of the Ghost version a unique error code, so that the versioning compatibility service has data to distinguish different cases
2022-04-22 16:31:56 +08:00
Renovate Bot
2bde20b7de Update dependency sinon to v13.0.2 2022-04-21 16:32:08 +00:00
Fabien 'egg' O'Carroll
19a08cd11d
Replaced stats service with @tryghost/stats-service (#14527)
- Pulls logic out of Ghost core and into the Analytics repository.
- Test coverage has increased for the stats service
- Interface simplified
2022-04-21 14:57:07 +01:00
Simon Backx
b9646cceb1
Updated members API to return subscriptions' offers from the offer_id (#14515)
refs https://github.com/TryGhost/Team/issues/1520

**Changes in members repo**

Bumped to `5.12.0`, with the following changes:

- Compare differences via https://github.com/TryGhost/Members/compare/%40tryghost/members-api%405.11.1...%40tryghost/members-api%405.12.0
- Instead of doing the matching of the offers and subscriptions by looking at the offer redemptions, we can now look at the offer_id from subscriptions.
- This also fixes an issue where we don't attach the offer object to subscriptions in the members' browse method
- Updated browse behaviour to match the read behaviour of members (product relation needs to get loaded because it is missing in member.products if the subscription is expired).

**Tests**
- Includes test to see if the API correctly returns the offer object when fetching one or multiple members
- Check if the return format is the same for the read, edit and browse members admin API endpoints (offer was missing in subscriptions)
- Snapshot files have been updated because now the offer is returned in subscriptions (content length increased)
2022-04-21 12:06:06 +02:00
Renovate Bot
065078c397
Update dependency express-jwt to v6.1.2 2022-04-20 18:02:43 +00:00
Simon Backx
0c72e78e6a
Stored offer_id in subscriptions (#14488)
refs https://github.com/TryGhost/Team/issues/1519

**Tests:**
- Tests whether the metadata from an offer is read correctly and stored in the database
- Test that invalid offer ids are ignored

**Changes in members repository:** 
- Compare changes here: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%405.9.2...%40tryghost/members-api%405.11.1
- The `offer_id` column of subscriptions is set based on the coupon id from Stripe
- `getByStripeCouponId` method added in the offers repository (required to look up an offer from a stripe_coupon_id)
- the `members-payments` package was bumped twice (once for changes, once for undoing those changes, my bad). Nothing else has changed in that package.
2022-04-19 17:06:53 +02:00
Daniel Lockyer
3171df4102
🔥 Dropped support for Node 12
refs https://github.com/TryGhost/Toolbox/issues/267

- Node 12 becomes EOL on April 30th so we're going to be dropping
  support for it in Ghost
- this commit updates the Node engine ranges so CLI can pick this up,
  and drops 12.22.1 from the CI matrix
2022-04-19 15:53:44 +01:00
Renovate Bot
ad45773d70
Update dependency fs-extra to v10.1.0 2022-04-18 15:32:12 +00:00
Renovate Bot
6db2e411ea
Update dependency luxon to v2.3.2 2022-04-18 08:21:52 +00:00
Rishabh Garg
88ed60d079
Updated default newsletter subscription logic for members (#14482)
refs https://github.com/TryGhost/Team/issues/1469

Previously, members were subscribed to all available newsletters by default when added. This change updates the default newsletters subscription for member to take into account newsletter preferences for auto opt-in(`subscribe_on_signup`) as well as `visibility`.
2022-04-18 13:48:44 +05:30
Daniel Lockyer
c2d739a25c v4.44.0 2022-04-15 16:00:39 +01:00
Renovate Bot
a1fdda51d8 Update dependency nconf to v0.12.0 2022-04-15 07:22:40 +01:00
renovate[bot]
dec282345f
Update dependency @tryghost/members-importer to v0.5.8 (#14421)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-14 14:57:44 +01:00
renovate[bot]
11c495276d
Update dependency @tryghost/members-api to v5.9.1 (#14425)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-14 14:38:26 +01:00
renovate[bot]
fe5afb6196
Update dependency @tryghost/verification-trigger to v0.2.0 (#14477)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-14 14:37:41 +01:00
Renovate Bot
cc26c9aa9f Update dependency knex to v1.0.7 2022-04-14 12:55:04 +01:00
Rishabh Garg
c6da6afc9e
Handled members newsletter preference on signup (#14473)
refs https://github.com/TryGhost/Team/issues/1490

With multiple newsletters, members can choose their newsletter subscription preference in Portal while signing up. This change handles newsletter preference data for both free and paid members via magic link/stripe checkout and saves it for the newly created member.
2022-04-13 20:02:45 +05:30
Thibaut Patel
7a55e1a60a
Added the newsletter_id query string to the post edit API route (#14449)
refs https://github.com/TryGhost/Team/issues/1502

- Support the `newsletter_id` only when sending a newsletter
- Default to the default newsletter when `newsletter_id` isn't specified
- Ignore the `newsletter_id` parameter when passed in the post body
2022-04-13 15:27:43 +02:00
Renovate Bot
03045ca0f7 Update dependency semver to v7.3.7 2022-04-13 11:13:27 +01:00
Renovate Bot
c1bc19c409 Update dependency grunt to v1.5.2 2022-04-12 16:34:43 +01:00
Renovate Bot
89ea9de5a5
Update dependency knex to v1.0.6 2022-04-12 11:23:34 +00:00
Fabien 'egg' O'Carroll
baf9c1b61b
Updated MRR events & stored current subscription MRR
refs https://github.com/TryGhost/Team/issues/1456
refs https://github.com/TryGhost/Team/issues/1454
refs https://github.com/TryGhost/Team/issues/1302
refs https://github.com/TryGhost/Team/issues/1453

This includes changes to store MRR on subscriptions, as well as to store
events for both cancellation and expiration of subscriptions. Cancellation
events will cause a change in MRR when the `dashboardV5` flag is enabled.

Co-authored-by: Simon Backx <simon@ghost.org>
2022-04-12 12:22:26 +01:00
Renovate Bot
c89a1b7d58
Update metascraper to v5.29.3 2022-04-11 20:47:04 +00:00
Renovate Bot
f1de0405e6 Update dependency grunt to v1.5.1 2022-04-11 18:33:44 +01:00
Daniel Lockyer
184dc861cb
Merged v4.43.1 into main
v4.43.1
2022-04-11 12:21:16 +01:00
Daniel Lockyer
c082a9c333 v4.43.1 2022-04-11 12:16:38 +01:00
Naz
a9030536c0
🐛 Fixed false positive fatal error for {{tiers}}
closes https://github.com/TryGhost/Ghost/issues/14452

- When {{tiers}} helper was used with parameters in a Ghost theme, for example statement like this:  `{{tiers prefix="Access with:"}}`, the theme did not pass the gscan check and threw a false positive fatal error. {{tiers}} is fully valid and documented helper that should work in current version of Ghost
2022-04-11 11:54:17 +01:00
Naz
e5172facd6 🐛 Fixed false positive fatal error for {{tiers}}
closes https://github.com/TryGhost/Ghost/issues/14452

- When {{tiers}} helper was used with parameters in a Ghost theme, for example statement like this:  `{{tiers prefix="Access with:"}}`, the theme did not pass the gscan check and threw a false positive fatal error. {{tiers}} is fully valid and documented helper that should work in current version of Ghost
2022-04-11 17:19:47 +08:00
Renovate Bot
16437965f9 Update dependency grunt to v1.5.0 2022-04-11 06:40:53 +01:00
Renovate Bot
5e07160251 Update dependency nconf to v0.11.4 2022-04-11 06:40:21 +01:00
Renovate Bot
176a9679da
Update dependency eslint to v8.13.0 2022-04-08 23:55:41 +00:00
Renovate Bot
3a9d5392a2
Update metascraper to v5.29.1 2022-04-08 16:54:50 +00:00
Daniel Lockyer
9b835f5823 v4.43.0 2022-04-08 16:00:32 +01:00
Daniel Lockyer
a26056d796
Updated all @tryghost packages
- these packages have only had small dependency or non-code updates so
  they can all be merged together
2022-04-08 13:48:31 +01:00
Naz
4959dd83b8 Added 406 errors when Accept-Version header is missmatched
refs https://github.com/TryGhost/Toolbox/issues/280

- This change covers two use cases:
  -  The accept-version > current version + the request cannot be served: ERROR CASE 1
    - The accept-version < current version + the request cannot be served: ERROR CASE 2
- Along with 406 status there's additional information about the probable cause and action to be taken by the Ghost site owner or an integration talking to the Ghost API.
- These errors is designed to allow introducing breaking API changes gradually and have meaningful information when the requests cannot be server any longer
2022-04-08 20:41:54 +12:00
Renovate Bot
31b308d475
Update dependency @sentry/node to v6.19.6 2022-04-07 14:24:40 +00:00
Fabien "egg" O'Carroll
7b0fbe955c Updated subscription handling to lock db rows
refs https://github.com/TryGhost/Team/issues/1248
refs https://github.com/TryGhost/Team/issues/1302
refs https://github.com/TryGhost/Ghost/pull/14433

This fixes multiple problems we've had with handling stripe webhooks where
linking the same subscription concurrently was not locking the database row, we
would have the same operation attempted multiple times, in the case of creating
subscriptions this causes unique constraint errors, and in the case of creating
cancellation events, it was causing multiple cancellation events to be created.
2022-04-07 15:20:08 +01:00
Rishabh Garg
90e7887007
Added default newsletter subscription for new members (#14431)
refs https://github.com/TryGhost/Team/issues/1469

Currently, all new members get auto subscribed to the default newsletter. This change adds same behavior with multiple newsletters by auto subscribing all available newsletters on site for new members(If flag is enabled). 
Note: In future, this will also take into consideration the `subscribe_on_signup` flag for a newsletter to filter which newsletters should a member be auto-subscribed.

- adds newsletters service for working with newsletter data
- bumps `@tryghost/members-api` package which handles default subscription
- adds new test fixture/data for newsletters
2022-04-07 08:30:00 +05:30
Renovate Bot
7b01bd0209
Update dependency semver to v7.3.6 2022-04-06 19:42:18 +00:00
Renovate Bot
7926ce56b4 Update metascraper to v5.29.0 2022-04-06 19:41:08 +00:00
Renovate Bot
3d40952632
Update dependency @sentry/node to v6.19.4 2022-04-05 20:49:48 +00:00
Renovate Bot
861d1d1d5f Update dependency knex-migrator to v4.2.6 2022-04-05 21:48:39 +01:00
Rishabh
cc7c51e140 Handled newsletter data for member api
refs https://github.com/TryGhost/Team/issues/1469

- Added newsletter data handling to member BREAD service
- Allowed updating newsletter data for a member
2022-04-05 22:23:39 +05:30
Rishabh
437d6830aa Added newsletter object to members admin api schema
refs https://github.com/TryGhost/Team/issues/1469
2022-04-05 22:23:39 +05:30
Naz
33ad7c2740 Cleaned up output errors during tests
refs 2fa3985d42

- Running tests with error logging set to "error" lever, produced a massive amounts of errors related to failed Stripe keys. Making it hard to look through the output.
- When Ghost is running in teste environment by default it is configured with an invalid Stripe key that looks like `sk_test***`. In this case the Members migrations runs creating requiest to Stripe, which fail.
2022-04-05 18:17:47 +08:00
renovate[bot]
ee0b24f154
Update dependency @tryghost/mw-error-handler to v0.1.8 (#14423)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-05 10:19:57 +01:00
renovate[bot]
777863f728
Update dependency @tryghost/errors to v1.2.8 (#14418)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-05 09:50:21 +01:00
Renovate Bot
d41d4699a8 Update dependency knex to v1.0.5 2022-04-05 04:49:10 +00:00
Renovate Bot
8ee67c3d91
Update dependency body-parser to v1.20.0 2022-04-04 13:19:42 +00:00
Daniel Lockyer
08701aa7a8
Merged v4.42.1 into main
v4.42.1
2022-04-04 10:40:50 +01:00
Daniel Lockyer
28bc0530d6 v4.42.1 2022-04-04 10:39:50 +01:00
Renovate Bot
a2ad2a668e Update dependency cssnano to v5.1.7 2022-04-04 08:10:47 +01:00
Renovate Bot
8eb903e2b9 Update dependency @playwright/test to v1.20.2 2022-04-04 08:10:39 +01:00
Daniel Lockyer
2fdf8fd4b6 v4.42.0 2022-04-01 16:00:41 +01:00
Daniel Lockyer
ef54e4d8b3
Updated all internal packages
- these packages have had minor dependency bumps but we've been force to
  publish them because of Lerna
- this commit updates all pending TryGhost packages ahead of release
2022-04-01 14:57:04 +01:00
Renovate Bot
5129313e31 Update dependency cssnano to v5.1.6 2022-04-01 14:52:08 +01:00
Daniel Lockyer
69b6ba7a68
Fixed symlinked themes missing from list
refs 9f695dc254

- see the referenced commit for context but this resolves symlinked
  themes missing from the list due to a bug in my refactor of
  `@tryghost/package-json`
- the original bump wasn't released yet so this doesn't need to be an emoji
  commit
2022-04-01 14:17:41 +01:00
Naz
7449490a54 Bumped gscan error levels for future version of themes
refs https://github.com/TryGhost/Toolbox/issues/241

 - The changes bring new fatal errors that will become visible with Ghost v5. These are errors with codes: GS001-DEPR-ESC and GS001-DEPR-CURR-SYM.
 - There should be no visible change during theme activation for existing Ghsot version
2022-04-01 18:22:08 +08:00
renovate[bot]
62b5a85830
Update dependency @tryghost/kg-mobiledoc-html-renderer to v5.3.5 (#14400)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-01 10:43:02 +01:00
renovate[bot]
47c44eb1c1
Update dependency @tryghost/kg-default-atoms to v3.1.2 (#14397)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-01 10:42:51 +01:00
renovate[bot]
bb52012758
Update dependency @tryghost/kg-markdown-html-renderer to v5.1.5 (#14399)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-01 09:25:35 +01:00
renovate[bot]
5aa8fbb122
Update dependency @tryghost/kg-card-factory to v3.1.3 (#14396)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-01 09:24:53 +01:00
renovate[bot]
d1c0b87d5b
Fixed unquoted src and href attributes in product cards leading to missing __GHOST_URL__ transforms (#14398)
closes https://github.com/TryGhost/Ghost/issues/14344

- Update dependency @tryghost/kg-default-cards to v5.16.2
- contains fix for unquoted `src` and `href` attributes in product cards that are not handled by our URL transform functions

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-01 09:23:40 +01:00
Hannah Wolfe
c222d1f64e
Added expectEmptyBody assertions to e2e framework
- Updated express-test to latest version with new expectEmptyBody assertion
- Updated all the tests that used matchBodySnapshot for an empty body to use expectEmptyBody instead
- Updated all the snapshots that were affected manually, and verified running the tests works as expected
2022-03-31 18:56:05 +01:00
Naz
bf7d141407 🐛 Fixed __GHOST_URL__ tranformations in video cards
refs https://github.com/TryGhost/Ghost/issues/14344

- The video card containing thumbnail images did not pick up url tranformations (aka __GHOSt_URL__) needed to keep urls compatible across Ghost instancess.
- There's also a similar problem with product cards that will get a separate fix
2022-03-31 19:33:26 +08:00
Naz
a6535cf0ab 🐛 Fixed broken links in some of theme errors
refs https://github.com/TryGhost/gscan/issues/178

 - When a theme with errors or warnings was uploaded the details of the error sometimes contained a broken link leading to a 404. For example, a warning that was visible when use of {{currency_symbol}} was linking to an unexisting page.
 - Along with the version bump there are some performance optimizations and new fatal errors for Ghost's v5 theme checks
2022-03-31 18:46:11 +08:00
Renovate Bot
ef5d2b27ae
Update dependency node-jose to v2.1.1 2022-03-30 21:57:56 +00:00
Renovate Bot
b5d8c0c375
Update dependency metascraper-logo-favicon to v5.28.5 2022-03-30 10:35:01 +00:00
Daniel Lockyer
86680cb207 Updated knex dependency
refs https://github.com/TryGhost/Toolbox/issues/213

- our `knex` dependency has been out of date for a while so my aim was
  to bring it up to date
- this required also switching `sqlite3` to `@vscode/sqlite3` because
  knex switched the default sqlite driver
- this commit also bumps knex-migrator and switches to a mock-knex fork
  until Knex 1.0 support has been merged
- also updates an error message to handle a new code in SQLite
2022-03-30 08:47:57 +01:00
Renovate Bot
374defc9d6
Update dependency @sentry/node to v6.19.3 2022-03-30 03:05:17 +00:00
Naz
de4044884b Added {{products}} deprecation warning
refs https://github.com/TryGhost/Toolbox/issues/226
refs https://github.com/TryGhost/gscan/issues/179

- The bump added multiple new theme deprecation warning and removed one outdated notice.
- Added a theme warning for use of {{products}}, {{@product}}, and {{@products}} helpers
- Removed an outdated notice for use of {{id}} helper
2022-03-29 14:32:15 +08:00
Renovate Bot
8492f65578 Update dependency @tryghost/zip to v1.1.22 2022-03-28 18:38:42 +01:00
Renovate Bot
5d79f86460 Update dependency @tryghost/database-info to v0.3.0 2022-03-28 18:38:31 +01:00
Renovate Bot
2ca452f4b0 Update dependency @tryghost/image-transform to v1.0.29 2022-03-28 16:28:18 +01:00
Renovate Bot
9089abcc5c Update dependency @tryghost/package-json to v1.0.17 2022-03-28 16:27:54 +01:00
Renovate Bot
8b0676d9ff
Update metascraper 2022-03-28 00:57:30 +00:00
Renovate Bot
73322e218d
Update dependency eslint to v8.12.0 2022-03-25 23:38:56 +00:00
Daniel Lockyer
dd174bf3f5 v4.41.3 2022-03-25 16:00:32 +00:00
Renovate Bot
6340fbf408
Update dependency metascraper-logo-favicon to v5.27.2 2022-03-24 23:46:14 +00:00
Renovate Bot
b19878144e
Update metascraper to v5.27.1 2022-03-24 19:54:42 +00:00
Renovate Bot
a6edd37721 Update dependency cookie-session to v2 2022-03-24 12:56:56 +00:00
Renovate Bot
1c22710a43 Update dependency @tryghost/members-events-service to v0.3.2 2022-03-24 12:28:15 +00:00
Renovate Bot
4eb2ebb1a9 Update dependency @tryghost/member-events to v0.4.1 2022-03-24 12:27:07 +00:00
Renovate Bot
708d26a1a4 Update dependency @tryghost/members-ssr to v1.0.23 2022-03-24 12:26:24 +00:00
Renovate Bot
9f69bcbca9 Update dependency grunt-shell to v4 2022-03-24 12:14:29 +00:00
Daniel Lockyer
173a81dab6 Updated internal packages v2
- these packages are owned by us but these bumps don't contain
  any code changes - usually just dependency bumps
- this commit bumps all those packages
2022-03-24 12:03:12 +00:00
Daniel Lockyer
d5d0bcb3f5
Updated internal packages
- these packages are owned by us but these bumps don't contain any code
  changes - usually just dependency bumps
- this commit bumps all those packages
2022-03-24 10:14:27 +00:00
Renovate Bot
d5942943a5 Update dependency @tryghost/validator to v0.1.17 2022-03-24 08:51:10 +00:00
Renovate Bot
bfbc829c09 Update dependency @playwright/test to v1.20.1 2022-03-24 07:54:46 +00:00
Naz
7d03194e55 Added detection of "ghost-api" use in theme config
refs https://github.com/TryGhost/Toolbox/issues/241

- The `engines.ghost-api` property has been deprecated and the support for it will be dropped in Ghost v5 due to versionless nature of the Content API.
- When uploading a new theme or activating existing one that uses ghost-api in it's config a warning will be shown to the user
2022-03-24 15:27:40 +13:00
Renovate Bot
fb41cfa335
Update dependency @sentry/node to v6.19.2 2022-03-23 20:26:41 +00:00
Rishabh
6978892c57 Merged v4.41.2 into main
v4.41.2
2022-03-23 21:08:06 +05:30
Daniel Lockyer
974fb050cf v4.41.2 2022-03-23 15:06:02 +00:00
Thibaut Patel
0ddd10fad0 🐛 Fixed two issues with offers
refs https://github.com/TryGhost/Team/issues/1437

- The discount was no longer showing up on the account page when the member had an active discount.
- The redemption counter on the offers page was not incrementing.
- The root cause was that messages sent on the internal bus were not reaching the internal bus listener, due to the unexpected duplication of the internal bus.
2022-03-23 19:40:44 +05:30
Thibaut Patel
bc05998662 🐛 Fixed two issues with offers
refs https://github.com/TryGhost/Team/issues/1437

- The discount was no longer showing up on the account page when the member had an active discount.
- The redemption counter on the offers page was not incrementing.
- The root cause was that messages sent on the internal bus were not reaching the internal bus listener, due to the unexpected duplication of the internal bus.
2022-03-23 11:53:16 +01:00
Rishabh
4acdd0de7c Merged v4.41.1 into main
v4.41.1
2022-03-23 14:10:20 +05:30
Daniel Lockyer
60af28269c v4.41.1 2022-03-23 08:24:59 +00:00
Sam Lord
de3a45a805
Fixed theme error handler (#14363)
no issue

Prevents errors from being uploaded to Sentry when a 404 happens in Ghost Admin. At the moment, 404s in Ghost Admin create an ENOENT error in express' static library. Our generic 404 handler at the end will only intercept requests that don't have any errors in the context, so a simple middleware can strip out 404 errors just before we add in our own.

The Ghost-specific error that we attach to requests does not get uploaded to Sentry :)
2022-03-22 15:32:55 +00:00
Naz
f3f4501552 Added aliases to update test snapshots
closes https://github.com/TryGhost/Toolbox/issues/248

- When using the framework it was laways confusing to remember which variable would trigger the snapshot updates. Having aliases to most common "typos" makes the DX way better.
- List of updated variables triggering all snapshot updates:

SNAPSHOT_UPDATE
UPDATE_SNAPSHOT
SNAPSHOTS_UPDATE
UPDATE_SNAPSHOTS

- Additionally this bump automatically fixes missing trailing slashes in URLs used in tests
2022-03-22 17:47:14 +08:00
Naz
3c9531452c Reverted "Added detection of "ghost-api" use in theme config"
This reverts commit 4c19f38c74.
2022-03-22 16:18:17 +08:00
Renovate Bot
a10c89ff94 Update dependency cssnano to v5.1.5 2022-03-22 07:41:14 +00:00
Naz
4c19f38c74 Added detection of "ghost-api" use in theme config
refs https://github.com/TryGhost/Toolbox/issues/241

- The `engines.ghost-api` property has been deprecated and the support for it will be dropped in Ghost v5 due to versionless nature of the Content API.
- When uploading a new theme or activating existing one that uses ghost-api in it's config a warning will be shown to the user
2022-03-22 14:05:34 +08:00
Renovate Bot
955f1e8a2e
Update dependency @sentry/node to v6.19.1 2022-03-21 21:04:26 +00:00
Daniel Lockyer
abfc6a17b8 v4.41.0 2022-03-21 11:38:12 +00:00
Renovate Bot
30f73b73fe Update dependency papaparse to v5.3.2 2022-03-21 09:51:56 +00:00
Renovate Bot
d34c8f77df Update dependency @playwright/test to v1.20.0 2022-03-21 09:16:50 +00:00
Renovate Bot
47741e5b58 Update CSS preprocessors 2022-03-21 08:36:33 +00:00
Daniel Lockyer
70788b86a0 v4.40.0 2022-03-18 16:00:40 +00:00
Simon Backx
d9f103ddac
Updated @tryghost/members-api to 5.4.0 (#14338) 2022-03-18 16:52:56 +01:00
Thibaut Patel
b4ea309893
Added the MemberCancelEvent model to MembersApi (#14313)
refs https://github.com/TryGhost/Team/issues/1302

- Added the `MemberCancelEvent` model to MembersApi
- Triggered when a subscription is canceled by an admin or by the member
- Updated shared dependencies

Co-authored-by: Simon Backx <simon@ghost.org>
2022-03-18 14:25:35 +01:00
Renovate Bot
f20b31dbe9
Update dependency knex-migrator to v4.2.3 2022-03-17 22:52:36 +00:00
Hannah Wolfe
2cc2d114f4
Revert "Added global setup to reset DB before test run"
This reverts commit d50fb7c922.
2022-03-16 21:10:49 +00:00
Hannah Wolfe
d50fb7c922
Added global setup to reset DB before test run
- We've been seeing weird errors with tables not existing when running tests locally
- This appears to happen after an error causes the tests to abort
- This change includes two fixes:
1. we triggers a full DB reset just before the entire test suite runs
 - this is done by wrapping the override file for tests that use a db, and supplying a mochaGlobalSetup hook
2. catch errors when attempting to do a fast truncation-based reset & init, and do a full reset & init instead

- These two changes should ensure the DB is always in the state we expect when running a new test suite
2022-03-16 20:56:17 +00:00
Matt Hanley
e630967c7a Merged v4.39.1 into main
v4.39.1
2022-03-16 14:55:32 +00:00
Daniel Lockyer
4d3815e9f0 v4.39.1 2022-03-16 14:47:02 +00:00
Rishabh
ee87c7f995 Added description and type property for tiers admin api schema
Tiers admin api schema was missing description and type properties. `type` is stripped as we only allow editing `paid` tiers at the moment and it's not allowed to change the type of a tier via API.
2022-03-15 19:02:44 +05:30
Renovate Bot
40bdc3a275
Update metascraper to v5.26.0 2022-03-14 04:03:46 +00:00
Renovate Bot
2136bb632f
Update dependency bson-objectid to v2.0.3 2022-03-14 01:38:03 +00:00
Renovate Bot
3f645e8e26
Update Test & linting packages 2022-03-11 23:34:53 +00:00
Thibaut Patel
49d393c88f Added the product name to member subscriptions
refs https://github.com/TryGhost/Team/issues/1141 da6a43bfcf

- Adds the `member.subscriptions.price.product.name` property to the member read endpoint
2022-03-11 17:36:47 +01:00
Daniel Lockyer
3db963c540 v4.39.0 2022-03-11 16:00:28 +00:00
Renovate Bot
51245c4483 Update dependency cssnano to v5.1.2 2022-03-11 14:16:39 +00:00
Sam Lord
1025be91d8 Improved error display in Sentry for theme responses
refs: https://github.com/TryGhost/Team/issues/1369

Change already made for JSON responses in @tryghost/mw-error-handler, but this change also fixes the order of operations for displaying theme errors.
2022-03-11 10:59:03 +00:00
Renovate Bot
4b540ecb01 Update dependency @tryghost/validator to v0.1.15 2022-03-10 12:30:45 +00:00
Fabien "egg" O'Carroll
d8295da817 Renamed Stripe Products from "Default Product"
refs https://github.com/TryGhost/Team/issues/1289

Due to a bug in site setup some Tiers were named "Default Product" and
so the corresponding Stripe Product was also named this. This adds a
Stripe migration to rename any Stripe Products from "Default Product" to
the site title.
2022-03-10 11:35:03 +00:00
Renovate Bot
3bcb442811 Update dependency @tryghost/request to v0.1.17 2022-03-10 09:23:47 +00:00
Renovate Bot
002dbf428d Update dependency @tryghost/errors to v1.2.4 2022-03-10 09:23:35 +00:00
Renovate Bot
2c2bb13e2a Update dependency @tryghost/express-test to v0.6.1 2022-03-10 09:23:13 +00:00
Renovate Bot
169fa83781
Update dependency probe-image-size to v7.2.3 2022-03-09 20:44:38 +00:00
Renovate Bot
1825f408a5 Update dependency @tryghost/nodemailer to v0.3.14 2022-03-09 20:35:39 +00:00
Renovate Bot
5687fb9213 Update dependency probe-image-size to v7 2022-03-09 20:27:38 +00:00
Kevin Ansfield
51e04c75ad
Added "contains" operator support to ?filter= query params (#14286)
refs https://github.com/TryGhost/Team/issues/1408

- switched from `@nexes/nql` to `@tryghost/nql` and bumped `@tryghost/bookshelf-plugins` to get access to the latest NQL version across the app
- adds "contains" operator support
  - `:~'string'` - contains
  - `:-~'string'` - does not contain
  - `:~^'string'` - starts with
  - `:-~^'string'` - does not start with
  - `:~$'string'` - ends with
  - `:-~$'string'` - does not end with
- enables `'` escaping in strings, eg `'O\'Nolan'`
2022-03-09 13:02:17 +00:00