refs https://github.com/TryGhost/Toolbox/issues/280
- This change covers two use cases:
- The accept-version > current version + the request cannot be served: ERROR CASE 1
- The accept-version < current version + the request cannot be served: ERROR CASE 2
- Along with 406 status there's additional information about the probable cause and action to be taken by the Ghost site owner or an integration talking to the Ghost API.
- These errors is designed to allow introducing breaking API changes gradually and have meaningful information when the requests cannot be server any longer
refs https://github.com/TryGhost/Team/issues/1248
refs https://github.com/TryGhost/Team/issues/1302
refs https://github.com/TryGhost/Ghost/pull/14433
This fixes multiple problems we've had with handling stripe webhooks where
linking the same subscription concurrently was not locking the database row, we
would have the same operation attempted multiple times, in the case of creating
subscriptions this causes unique constraint errors, and in the case of creating
cancellation events, it was causing multiple cancellation events to be created.
refs https://github.com/TryGhost/Team/issues/1469
Currently, all new members get auto subscribed to the default newsletter. This change adds same behavior with multiple newsletters by auto subscribing all available newsletters on site for new members(If flag is enabled).
Note: In future, this will also take into consideration the `subscribe_on_signup` flag for a newsletter to filter which newsletters should a member be auto-subscribed.
- adds newsletters service for working with newsletter data
- bumps `@tryghost/members-api` package which handles default subscription
- adds new test fixture/data for newsletters
refs 2fa3985d42
- Running tests with error logging set to "error" lever, produced a massive amounts of errors related to failed Stripe keys. Making it hard to look through the output.
- When Ghost is running in teste environment by default it is configured with an invalid Stripe key that looks like `sk_test***`. In this case the Members migrations runs creating requiest to Stripe, which fail.
- these packages have had minor dependency bumps but we've been force to
publish them because of Lerna
- this commit updates all pending TryGhost packages ahead of release
refs 9f695dc254
- see the referenced commit for context but this resolves symlinked
themes missing from the list due to a bug in my refactor of
`@tryghost/package-json`
- the original bump wasn't released yet so this doesn't need to be an emoji
commit
refs https://github.com/TryGhost/Toolbox/issues/241
- The changes bring new fatal errors that will become visible with Ghost v5. These are errors with codes: GS001-DEPR-ESC and GS001-DEPR-CURR-SYM.
- There should be no visible change during theme activation for existing Ghsot version
closes https://github.com/TryGhost/Ghost/issues/14344
- Update dependency @tryghost/kg-default-cards to v5.16.2
- contains fix for unquoted `src` and `href` attributes in product cards that are not handled by our URL transform functions
Co-authored-by: Renovate Bot <bot@renovateapp.com>
- Updated express-test to latest version with new expectEmptyBody assertion
- Updated all the tests that used matchBodySnapshot for an empty body to use expectEmptyBody instead
- Updated all the snapshots that were affected manually, and verified running the tests works as expected
refs https://github.com/TryGhost/Ghost/issues/14344
- The video card containing thumbnail images did not pick up url tranformations (aka __GHOSt_URL__) needed to keep urls compatible across Ghost instancess.
- There's also a similar problem with product cards that will get a separate fix
refs https://github.com/TryGhost/gscan/issues/178
- When a theme with errors or warnings was uploaded the details of the error sometimes contained a broken link leading to a 404. For example, a warning that was visible when use of {{currency_symbol}} was linking to an unexisting page.
- Along with the version bump there are some performance optimizations and new fatal errors for Ghost's v5 theme checks
refs https://github.com/TryGhost/Toolbox/issues/213
- our `knex` dependency has been out of date for a while so my aim was
to bring it up to date
- this required also switching `sqlite3` to `@vscode/sqlite3` because
knex switched the default sqlite driver
- this commit also bumps knex-migrator and switches to a mock-knex fork
until Knex 1.0 support has been merged
- also updates an error message to handle a new code in SQLite
refs https://github.com/TryGhost/Toolbox/issues/241
- The `engines.ghost-api` property has been deprecated and the support for it will be dropped in Ghost v5 due to versionless nature of the Content API.
- When uploading a new theme or activating existing one that uses ghost-api in it's config a warning will be shown to the user
refs https://github.com/TryGhost/Team/issues/1437
- The discount was no longer showing up on the account page when the member had an active discount.
- The redemption counter on the offers page was not incrementing.
- The root cause was that messages sent on the internal bus were not reaching the internal bus listener, due to the unexpected duplication of the internal bus.
refs https://github.com/TryGhost/Team/issues/1437
- The discount was no longer showing up on the account page when the member had an active discount.
- The redemption counter on the offers page was not incrementing.
- The root cause was that messages sent on the internal bus were not reaching the internal bus listener, due to the unexpected duplication of the internal bus.
no issue
Prevents errors from being uploaded to Sentry when a 404 happens in Ghost Admin. At the moment, 404s in Ghost Admin create an ENOENT error in express' static library. Our generic 404 handler at the end will only intercept requests that don't have any errors in the context, so a simple middleware can strip out 404 errors just before we add in our own.
The Ghost-specific error that we attach to requests does not get uploaded to Sentry :)
closes https://github.com/TryGhost/Toolbox/issues/248
- When using the framework it was laways confusing to remember which variable would trigger the snapshot updates. Having aliases to most common "typos" makes the DX way better.
- List of updated variables triggering all snapshot updates:
SNAPSHOT_UPDATE
UPDATE_SNAPSHOT
SNAPSHOTS_UPDATE
UPDATE_SNAPSHOTS
- Additionally this bump automatically fixes missing trailing slashes in URLs used in tests
refs https://github.com/TryGhost/Toolbox/issues/241
- The `engines.ghost-api` property has been deprecated and the support for it will be dropped in Ghost v5 due to versionless nature of the Content API.
- When uploading a new theme or activating existing one that uses ghost-api in it's config a warning will be shown to the user
refs https://github.com/TryGhost/Team/issues/1302
- Added the `MemberCancelEvent` model to MembersApi
- Triggered when a subscription is canceled by an admin or by the member
- Updated shared dependencies
Co-authored-by: Simon Backx <simon@ghost.org>
- We've been seeing weird errors with tables not existing when running tests locally
- This appears to happen after an error causes the tests to abort
- This change includes two fixes:
1. we triggers a full DB reset just before the entire test suite runs
- this is done by wrapping the override file for tests that use a db, and supplying a mochaGlobalSetup hook
2. catch errors when attempting to do a fast truncation-based reset & init, and do a full reset & init instead
- These two changes should ensure the DB is always in the state we expect when running a new test suite
Tiers admin api schema was missing description and type properties. `type` is stripped as we only allow editing `paid` tiers at the moment and it's not allowed to change the type of a tier via API.
refs: https://github.com/TryGhost/Team/issues/1369
Change already made for JSON responses in @tryghost/mw-error-handler, but this change also fixes the order of operations for displaying theme errors.
refs https://github.com/TryGhost/Team/issues/1289
Due to a bug in site setup some Tiers were named "Default Product" and
so the corresponding Stripe Product was also named this. This adds a
Stripe migration to rename any Stripe Products from "Default Product" to
the site title.
refs https://github.com/TryGhost/Team/issues/1408
- switched from `@nexes/nql` to `@tryghost/nql` and bumped `@tryghost/bookshelf-plugins` to get access to the latest NQL version across the app
- adds "contains" operator support
- `:~'string'` - contains
- `:-~'string'` - does not contain
- `:~^'string'` - starts with
- `:-~^'string'` - does not start with
- `:~$'string'` - ends with
- `:-~$'string'` - does not end with
- enables `'` escaping in strings, eg `'O\'Nolan'`
refs https://github.com/TryGhost/Team/issues/1387
This will allow us to move from the portal_products and portal_plans
settings to using the visibility property on tiers to determine whether
or not a tier should be visible in Portal.
This also fixes a bug with the Tiers Admin API read method permissions.
- we seem to be getting some odd numbers when running c8 on Node 12, and
it's causing our CI checks to fail
- even when we're adding tests, the coverage value goes down
- this is disrupting the team from shipping, so we need to change that
- this commit alters the setup to run unit tests w/ c8 for Node 16 unit
tests, and without c8 for other versions
- `yarn test:unit` is kept the same for everyday use
- I recently went across every repo and made sure our c8 config was
correct, but this resulted in us having to publish patch versions of a
bunch of packages
- given these don't contain any code changes, we can just bump them all
at once
refs https://github.com/TryGhost/Toolbox/issues/174
- this commit switches Ghost from using the `mysql` library to the
`mysql2` one
- we've done this for several reasons:
- `mysql2` is more actively maintained
- `mysql2` natively supports the default auth plugin on MySQL 8
- `mysql2` is fasterrrr
- there have been various other commits refactoring the groundwork for
this commit but this commit should be short and sweet:
- alias `mysql` to `mysql2` client so we maintain backwards
compatibility with all configs who use `"client": "mysql"`
- enabled `decimalNumbers` so we maintain the same functionality as
`mysql`
- replaced the dependencies and updated `knex-migrator`
- hardcoded the newer authentication plugin in MySQL 8 CI. Before
switching to `mysql2`, this would break because it didn't support
this
refs https://github.com/TryGhost/Toolbox/issues/174
- right now, our migrations manually check the client of the knex
instance to see whether we're running on MySQL or SQLite
- that's been working fine, but the problem is that we're due to switch
to the mysql2 driver soon, so all these checks will be faulty
- i've altered the functionality of `@tryghost/database-info` to accept
a knex instance, and it'll return if the DB is MySQL or SQLite in some
helper functions
- this commit bumps the package and switches to that format
- originally I used a shared instance of the class within
`@tryghost/database-info` but there's a chance that the knex instance
inside migrations actually comes from knex-migrator, and not Ghost, so
that wouldn't work
refs https://github.com/TryGhost/Team/issues/1306
- This adds a `MemberPageViewEvent` event when a page is viewed by a member (post/page/tag/author/...)
- Integrates the `LastSeenAtUpdater` service that listens to the `MemberPageViewEvent` events to update `member.last_seen_at`
- Follows the latest testing recommendation (end to end test + testing for side-effects)
refs https://github.com/TryGhost/Team/issues/1306
- Updates once every day (in the publication timezone)
- Also updates when the value is `NULL`
- This is implemented as a SQL query as the code is on the job and doesn't have visibility to the members code
- Updating our config to have `--check-coverage` enforces that the coverage meets a certain level.
- The default is 95 I believe, but our coverage is lower.
- I've set the levels to our current levels, so any drop below these numbers will cause the build to fail.
- I've also set the reporters to be text, html and cobertura so we always have a mini report, the full HTML files to navigate and cobertura for CI
- Cleaned up CI so we don't use the cov:unit command as we're now using codecov
- This also means we can remove the cov:unit command which was weird to use because it uses the last test run, which can be confusing
refs https://github.com/TryGhost/Team/issues/1313
Rather than removing the /products API we're adding a /tiers API as
a first step towards renaming "products" to "tiers". The initial idea was
to alias the URL's but out API framework doesn't easily allow for this so
we've duplicated it instead.
refs https://github.com/TryGhost/Toolbox/issues/215
- Ghost tests had difficulty running sometimes when the versions for jest-snapshot package did not match in Ghost and @tryghost/express-test
- This is the error that was showing up: `IncorrectUsageError: Unable to run snapshot tests, current test was not configured`
- The reason why snapshot tests were misconfigured was multiple instances of SnapshotManager, which broke the singleton pattern
- Having jest-snapshot embeded within express-test makes sure the versions stay the same across the clients
- The version bump also introduces passing "queryParams" parameter into the Agent constructor - enables configuring query parameters that would appear in each agent's request. Example usecase - Content API authentication parameter "key" would be nice to "remember" and add to every request URL
- I recently added a bunch of strict rules to our eslint plugin around returns: ca9af37866
- These mostly are issues that occur whilst writing code, that you spot and fix as you're developing, but they're annoying to notice/find and eslint can be used to flag them quickly
- There are of course, edge cases where you don't need to return from array fns, but this rule also suggests better patterns might be available
- For our excert helper and new assertEvent helper, I've updated the code to use simpler patterns that are easier to read, so as to avoid the warnings
- For our old API I've simply disabled the rule as we're about to delete this code
refs https://github.com/TryGhost/Toolbox/issues/214
- After calling `DELETE /settings/stripe/connect/` Admin API endpoint, stripe did not fully disconnect causing other Member API endpoints to behave as if Stripe was still configured
https://github.com/TryGhost/Team/issues/1374
When we receive a web hook to update payment details for a customer
which is not associated with a Member, instead of proceeding and erroring
we now return early and respond to Stripe with a 200. A test has been
added to ensure this
refs https://github.com/TryGhost/Toolbox/issues/207
- we want to start writing some E2E tests that involve automated
pointing and clicking around the frontend of Ghost to test that
members of Ghost sites can still do what we expect
- we've decided to look in to Playwright for this - it looks __really__
nice
- this is a VERY basic first test - it'll check for a 200 on the
homepage of whatever we provide as the TEST_URL env variable, or
default to a (manually-run) Ghost instance on port 2368
- also adds a `yarn test:browser` command to run the tests using the
Playwright CLI, and a sample GitHub Action workflow which we can
manually run with a site URL
- there's a lot more to add here in terms of test framework but this
gets us started
refs https://github.com/TryGhost/Toolbox/issues/210
- After updating to the newest `@tryghost/express-test`, it's dependency `@tryghost/jest-snapshot` was missmatched with the one used in Ghost itself. This caused multiple instances of SnapshotManager class in the system, which is meant to be a singleton!
- The issue was causing following error to appear: "IncorrectUsageError: Unable to run snapshot tests, current test was not configured"
refs https://github.com/TryGhost/Toolbox/issues/210
- Having assertions executed in the declaration order using superagent has lead to many frustrating developer experiences. For example when status code assertion fails there was usually no additional context to investigate the failure further. In this situation having a "response body" assertion executed usually would give many more clues on the actual problem at hand.
- The order of the assertions has been changed from the order in which they were declared to the following one based on assertion type:
1. `exect`
2. `expectHeader`
3. `expectStatus`
- For more on this topic check the documentation: cfd6e88fe2/packages/express-test (assertion-execution-order)
refs https://github.com/TryGhost/Toolbox/issues/208
- we currently run all test commands separately in CI and this can make
it harder to replicate any issues we see in CI because we have to
manually go and copy the order of the tests
- it's also nicer if there's just one command that runs so we can make
changes globally to CI
- this commit adds a test:ci yarn command which will run the tests in
order of speed/importance, with the -b AKA fail-fast flag so we
don't have to wait for all tests to run before finding out about
issues
- this also cleans up running unit tests in the DB matrix
refs https://github.com/TryGhost/Team/issues/1377
- bumped all packages that have a dependency on `@tryghost/kg-utils` to fix a bug in the `slugify()` utility that was throwing errors when the header or subheader was left blank in a header card
refs https://github.com/TryGhost/Team/issues/1377
- bumped all packages that have a dependency on `@tryghost/kg-utils` to fix a bug in the `slugify()` utility that was throwing errors when the header or subheader was left blank in a header card
- we've just fixed up the use of `@tryghost/errors` and bumped some
dependencies in all of our packages in Members
- this commit bumps all of those packages in Ghost so we can stay
up-to-date
refs https://github.com/TryGhost/Toolbox/issues/209
refs https://github.com/TryGhost/Toolbox/issues/210
- Fixed request header processing by the e2e-framework where it failed to lowercase incoming header keys. This bug made it harder to test code paths which involve header checking, e.g. following code: `req.headers['stripe-signature']` would not get a correct value if the header was specified as Stripe-Signature
- Additional output to the status code assertions was added - this allows to have more context when an invalid response code comes back in a test.
refs https://github.com/TryGhost/Team/issues/1322
Since the Members service is no longer started when Stripe is
reconfigured the url config used for checkout sessions was not updated.
This moves all of the default Stripe urls into the Stripe service, where
they will be updated as/when Stripe is connected/disconnected.
refs: https://github.com/TryGhost/Toolbox/issues/158
- We only use chai in a handful of places now, and it seems totally unnecessary
- Use assert instead
- Made other minor changes with a view to this being a reference aka "perfect" test suite
no-issue
If Stripe subscriptions have manually been modified to contain more than
one price, then cancellation would fail, as Ghost/Members relies on
subscriptions only containing one price. This adds some handling so that
we do not error when cancelling.
refs TryGhost/Toolbox#158
refs TryGhost/Toolbox#129 (comment)
We now have @tryghost/jest-snapshot - a suite of utilities for using snapshots with mocha, should, etc
The @tryghost/express-test lib also uses it to provide chained snapshot assertions
This library was created because all the existing implementations I could find, including the in use @ethanresnick/chai-jest-snapshot
didn't properly support property matching. @ethanresnick/chai-jest-snapshot supposedly supported it, but the implementation was incorrect
and frequently lead to false test passes.
This library also has (after some back and forth) path resolution so that snapshots can live in a local __snapshots__ folder
refs https://github.com/TryGhost/Team/issues/1316
Updates header card renderer so the `<h2>` and `<h3>` elements have slugified titles set on their `id` attributes to allow in-page and external #header-title anchor links.
- bumps `@tryghost/kg-default-cards` including the header card id fix
- bumps other `@tryghost/kg-*` packages that were released simultaneously - contains dependency updates and switch to `slugify()` from `@tryghost/kg-utils`
no-issue
Due to a bug with the event filtering logic verification triggers were
happening when they shouldn't - for now we are disabling the trigger
until the bug is fixed
no-issue
refs https://github.com/TryGhost/Members/commit/6860e3c1
refs https://github.com/TryGhost/Members/commit/03a6d694
This adds an e2e tests for the regression we had with comping members.
The stripe service imports the members service, which will instantiate
members-ssr once it is loaded, which will use the uninstantiated
settings cache resulting in errors due to a missing theme_session_secret.
For this reason we require the stripe service inside of the test function,
rather than at the top level of the file
refs https://github.com/TryGhost/Team/issues/1299
- The email_delivered_event, email_opened_event and email_failed_event events weren't correctly ordered
- This has caused some of these events to not show
refs https://github.com/TryGhost/Team/issues/1289
The default Tier name is "Default Product" - this adds a check on
startup for this name, and will update it to the site title. This is so
that when Tiers is enabled, the user is presented with an expected value
for the Tier name.
refs TryGhost/Team#1071
- new `tiers` key is now attached to posts/pages API response to include tiers visibility
- updates expected response for post/page in tests to include `tiers`
refs https://github.com/TryGhost/Ghost/issues/14079
The stripe_prices API whilst not used publicly is still used for handling
complimentary subscriptions in the old (pre-tiers) system. This was mistakenly
removed, and has been reinstated with this commit.
refs https://github.com/TryGhost/Team/issues/1168
This updates the JSON API Schema to allow for the welcome_page_url
property, as well as including the new column in API responses, so that
we can both read and write the value via the API.
refs: TryGhost/Toolbox#166
The new VerificationTrigger listens to events form the members repository, and will cause the verification workflow to be triggered if the number of events is greater than the configured threshold in a rolling 30 day window.
The importer also no longer depends on the import threshold, so the threshold testing is now done in the processImport method in Ghost - seems sensible since we already had this wrapper and the logic is now tiny, since it's just relying on @tryghost/verification-trigger to handle the real stuff.
refs https://github.com/TryGhost/Team/issues/1293
A mistake in the email sending code when handling webhooks meant that
emails were not sent to new paid signups - however the member would
still be logged in afterwards, so no loss of access was incurred.
refs https://github.com/TryGhost/Team/issues/1277
- When a user signs-up, two events are created, the api route was only returning one of these events.
- This was introduce in commit 120116e8a2 when the only usage of the api route was to extract the 5 most recent events. Any duplication was creating too much noise.
- This was creating issues now that we introduced event filtering. Some `newsletter_event` events would appear from nowhere we we were filtering-out `signup_event` events.
- We removed the deduplication when the `membersActivityFeed` flag is enabled.
no-issue
Handling Stripe Checkout webhooks was failing to send emails to customers
because of a faulty reference. This updates the Webhook Controller to fix
that.
refs https://github.com/TryGhost/Team/issues/1252
In order to ensure that archived Tiers are not selected to be shown in
Portal, both after they archived, and after they've been un-archived -
we need to persist this information to storage. This is currently done
via the `portal_products` setting.
The reasoning behind this is so that un-archiving a Tier doesn't modify
Portal settings without the user being aware.
refs https://github.com/TryGhost/Team/issues/1252
Although Archived Tiers cannot be signed up to via Stripe, we also need
to stop them from being assigned through a complementary subscription.
refs https://github.com/TryGhost/Team/issues/1277
- Enabled the `filter` attribute on the route.
- The events are now filtered in-memory instead of in the database.
- This fixes a wrong logic where the API user would have to know the internal event structure.
refs https://github.com/TryGhost/Team/issues/1252
This allows us to archive and unarchive tiers, but does not implement
any of the background behaviour like modifying portal settings. Or
disabling archived tiers from being used.
The two packages now allow the `active` flag to be passed, and will
update that in the database.