refs #9601
- replace jsonpath with [NQL](https://github.com/NexesJS/NQL)
- jsonpath was just a temporary solution (a short-term fix)
- with NQL we are able to filter collections more powerful in the near future
- NQL is not feature complete
- we still support `featured:true` for collections
refs #9601
- you can now use `rss:false`
- ability to define a custom rss url with a target template (+ content_type)
- ability to disable rss for channel or collection
no issue
- this mock eat already too much of my/our time
- the idea of adding a knex mock was definitely a failed approach/try
- it's too much to maintaince and have not found a module which does this already
- we have to support any query format
- this is too crazy
- the idea was to use the knex mock for model unit tests, because if we want to unit test models we have to
run through bookshelf, because the whole model layer depends on bookshelf e.g. events
- for now we simply use the real database
- we could use the sqlite3 memory mode, but that would mean every unit test runs on sqlite3
- something to consider for later e.g. run unit tests on one matrix
- run the rest on another matrix for sqlite + mysql
refs https://github.com/TryGhost/Ghost/issues/9623
- add `oembed-parser` module for checking provider availability for a url and fetching data from the provider
- require it in the `overrides.js` file before the general Promise override so that the `promise-wrt` sub-dependency doesn't attempt to extend the Bluebird promise implementation
- add `/oembed` authenticated endpoint
- takes `?url=` query parameter to match against known providers
- adds safeguard against oembed-parser's providers list not recognising http+https and www+non-www
- responds with `ValidationError` if no provider is found
- responds with oembed response from matched provider's oembed endpoint if match is found
closes#9528
These code changes introduce a YAML parser which will load and parse YAML files from the `/content/settings` directory. There are three major parts involved:
1. `ensure-settings.js`: this fn takes care that on bootstrap, the supported files are present in the `/content/settings` directory. If the files are not present, they get copied back from our default files. The default files to copy from are located in `core/server/services/settings`.
2. `loader.js`: the settings loader reads the requested `yaml` file from the disk and passes it to the yaml parser, which returns a `json` object of the file. The settings loader throws an error, if the file is not accessible, e. g. because of permission errors.
3. `yaml-parser`: gets passed a `yaml` file and returns a `json` object. If the file is not parseable, it returns a clear error that contains the information, what and where the parsing error occurred (e. g. line number and reason).
- added a `get()` fn to settings services, that returns the settings object that's asked for. e. g. `settings.get('routes').then(()...` will return the `routes` settings.
- added a `getAll()` fn to settings services, that returns all available settings in an object. The object looks like: `{routes: {routes: {}, collections: {}, resources: {}}, globals: {value: {}}`, assuming that we have to supported settings `routes` and `globals`.
Further additions:
- config `contentPath` for `settings`
- config overrides for default `yaml` files location in `/core/server/services/settings`
**Important**: These code changes are in preparation for Dynamic Routing and not yet used. The process of copying the supported `yaml` files (in this first step, the `routes.yaml` file) is not yet activated.
no issue
This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion)
### key notes
- `authors` are not fetched by default, only if we need them
- the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid)
- ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release
- the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation)
- if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author)
- we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors
- `authors` helper available (same as `tags` helper)
- `primary_author` computed field available
- `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
closes#9520
- it contains a dependency bump of the latest Bookshelf release
- Bookshelf introduced a bug in the last release
- see https://github.com/bookshelf/bookshelf/pull/1583
- see https://github.com/bookshelf/bookshelf/pull/1798
- this has caused trouble in Ghost
- the `updated_at` attribute was not automatically set anymore
---
The bookshelf added one breaking change: it's allow to pass custom `updated_at` and `created_at`.
We already have a protection for not being able to override the `created_at` date on update.
We had to add another protection to now allow to only change the `updated_at` property.
You can only change `updated_at` if you actually change something else e.g. the title of a post.
To be able to implement this check i discovered that Bookshelfs `model.changed` object has a tricky behaviour.
It remembers **all** attributes, which where changed, doesn't matter if they are valid or invalid model properties.
We had to add a line of code to avoid remembering none valid model attributes in this object.
e.g. you change `tag.parent` (no valid model attribute). The valid property is `tag.parent_id`.
If you pass `tag.parent` but the value has **not** changed (`tag.parent` === `tag.parent_id`), it will output you `tag.changed.parent`. But this is wrong.
Bookshelf detects `changed` attributes too early. Or if you think the other way around, Ghost detects valid attributes too late.
But the current earliest possible stage is the `onSaving` event, there is no earlier way to pick valid attributes (except of `.forge`, but we don't use this fn ATM).
Later: the API should transform `tag.parent` into `tag.parent_id`, but we are not using it ATM, so no need to pre-optimise.
The API already transforms `post.author` into `post.author_id`.
no issue
- replace logic for preparing nested tags
- if you have nested tags in your file, we won't update or update the target tag
- we simply would like to add the relationship to the database
- use same approach as base class
- add `posts_tags` to target post model
- update identifiers
- insert relation by foreign key `tag_id`
- bump bookshelf-relations to 0.1.10
no issue
- added https://github.com/colonyamerican/mock-knex as dev dependency
- the mock serves our data generator test data by default
- but you can define your own if you want
- we need a proper mock for unit testing
- we should not mock bookshelf if possible, otherwise we can't test event flows
no issue
1. renamed alias:
- we have a special alias that does initial setup tasks that are only supposed to be run once
- changing the alias to be `setup` rather than `init` otherwise it is too easy to confuse with `grunt init`
2. require globals to be installed manually
- yarn is RUBBISH at managing globals
- internally we use npm for this (actually we have a managed list of globals) and yarn for everything else
- by moving this to documentation, rather than a command, we have flexibility to do this differently
- also explicit globals are better than installing these without the user knowing IMO
3. setup includes knex-migrator
- do this automatically instead of knex-migrator init being a separate command
- every other time knex-migrator is needed, Ghost _should_ tell you what to do
no issue
- knex@0.12.9
- bookshelf@0.10.3
- and any dependency, which relies on knex@0.14
- we experienced an unwated behaviour where the blog keeps too many connections open
- we have to investigate
refs #5345, refs #3801
- Blog localisation
- default is `en` (English)
- you can change the language code in the admin panel, see https://github.com/TryGhost/Ghost-Admin/pull/703
- blog behaviour changes depending on the language e.g. date helper format
- theme translation get's loaded if available depending on the language setting
- falls back to english if not available
- Theme translation
- complete automatic translation of Ghost's frontend for site visitors (themes, etc.), to quickly deploy a site in a non-English language
- added {{t}} and {{lang}} helper
- no backend or admin panel translations (!)
- easily readable translation keys - very simple translation
- server restart required when adding new language files or changing existing files in the theme
- no language code validation for now (will be added soon)
- a full theme translation requires to translate Ghost core templates (e.g. subscriber form)
- when activating a different theme, theme translations are auto re-loaded
- when switching language of blog, theme translations are auto re-loaded
- Bump gscan to version 1.3.0 to support more known helpers
**Documentation can be found at https://themes.ghost.org/v1.20.0/docs/i18n.**
no issue
- patch release with two fixes:
- 1. attach target models in batches
- 2. ensure we detach the bookshelf model event from new targets, otherwise we can run into memory leaks
no issue
- adapt major changes of knex-migrator v3
- adapt migration scripts, simplify and add `down` (rollback) hook if possible
- clear Ghost cache after init hook (because of `knex-migrator migrate --init`)
- ensure db migrations work with the CLI
- updated troubleshooting guide (https://docs.ghost.org/v1/docs/troubleshooting#section-task-execute-is-not-a-function)
**For development only: Please ensure you run `npm i -g knex-migrator@latest` to update your global installation to v3. We always prefer the local installation, but v3 has modified and added binaries.**
no issue
- https://github.com/mochajs/mocha/blob/master/CHANGELOG.md#400--2017-10-02
- the new `--exit` flag might be interesting at some point
> In Mocha v3.0.0 and newer, returning a Promise and calling done() will result in an exception.
- adapt teardown/setup test utility
- adapt other mixed usages of callback && Promise usage
no issue
- added https://github.com/TryGhost/bookshelf-relations as dependency
- remove existing tag handling
---
* Important: Ensure we trigger parent initialize function
- otherwise the plugin is unable to listen on model events
- important: event order for listeners is Ghost -> Plugin
- Ghost should be able to listen on the events as first instance
- e.g. be able to modify/validate relationships
* Fix tag validation
- we detect lower/update case slugs for tags manually
- this can't be taken over from the plugin obviously
- ensure we update the target model e.g. this.set('tags', ...)
* override base fn: `permittedAttributes`
- ensure we call the base
- put relations on top
- each relation is allowed to be passed
- the plugin will auto-unset any relations to it does not reach the database
* Ensure we run add/edit/delete within a transaction
- updating nested relationships requires sql queries
- all sql statements have to run in a single transaction to ensure we rollback everything if an error occurs
- use es6
refs #9178
* Add eslint deps, remove old lint deps
* Add eslint config, remove old lint configs
* Config for server and tests are different
* Tweaked rules to suit us
* Fix linting in codebase - lots of indent changes.
* Fix a real broken test
no issue
- the official V8 LTS release version is 8.9.0
- came out on the 31th of 10/17 (this is where the official LTS for V8 has started)
- requires an update on docs.ghost.org
no issue
- major bump
- we only use jsonpath inside the `get` helper
- the functionality still works as expected
- includes security fix, see 98464aa5fe
no issue
- we had to fork the original repository at one point, because of slow maintenance
- maintenance is back now
- https://github.com/maxogden/extract-zip/pull/52 was merged and released
no issue
- bson-objectid@1.2.1
- compression@1.7.1
- express@4.16.2
- moment-timezone@0.5.14
- mysql@2.15.0
- nconf@0.8.5
- sanitize-html@1.15.0
- simple-html-tokenizer@0.4.3
- superagent@3.8.0
IMPORTANT:
- we are unable to bump moment and bluebird at the moment, because in both releases there is a bug which breaks our tests
- i didn't investigate a lot, but there is https://github.com/petkaantonov/bluebird/issues/1468
- and for moment, a couple of reports came in for .19 regarding a wrong date behaviour
no issue
- bump dependencies because of failing tests
- added package-lock.json to gitignore, because we use yarn
- run v8 on travis
- support v8 engine in package.json
closes#9060
- Update `gscan` - it now extracts custom templates and exposes them to Ghost
- Add `custom_template` field to post schema w/ 1.13 migration
- Return `templates` array for the active theme in `/themes/` requests
- Users with Author/Editor roles can now request `/themes/`
- Front-end will render `custom_template` for posts if it exists, template priority is now:
1. `post/page-{{slug}}.hbs`
2. `{{custom_template}}.hbs`
3. `post/page.hbs`
closes#8668, refs #8920
- Updated tests to include internal tags
- Tests had no example of an internal tag
- Need this to show that the new filtering works as expected
- primary_tag is a calculated field
- This ensures that we can alias the field to equivalent logic in API filters
- By replacing primary_tag by a lookup based on a tag which has order 0
- bump ghost-gql to 0.0.8
**NOTE:**
Until GQL is refactored, there are limitations on what else can be filtered when using primary_tag in a filter e.g. it wont be possible to do a filter based on primary_tag AND/OR other tag filters.
no issue
- bump `amperize` to 0.3.5 which fixes issues with images-size requests not following redirects, and image-size requests that caused errors leading to stop transforming the rest of the passed HTML.
closes#8342
- no need to add a migration, because when we'released 1.0, OAuth was never an option
- it was disabled in April, 1.0-beta was released in June
- remove all remote authentication code
closes#8757
- update the markdown card render method to use SimpleDOM's `createRawHtmlSection`. This avoids SimpleDOM parsing and tokenization of broken or unsupported free-form HTML that markdown allows
- replace markdown extraction/render with mobiledoc's renderer in the `Post` model
- removes `jsdom` as it's no longer necessary
refs #8868
The `image-size` library supports now `.ico` files, which means there is no longer need to use the `icojs` library.
- removes unnecessary `icojs` dependency
- refactors `getIconDimensions` fn in blog icon util to fetch image sizes synchronus
- removes unnecessary `getIconDimensions` fn in blog icon validation, as there is no longer need to use different image size fn for different file extensions, and uses `getIconDimensions` from blog util fn instead.
- updates and adds more tests
no issue
- Upgraded ghost-ignition
- Use debug from ghost-ignition everywhere in the code base
- Remove debug dependency
- Fixed random typo in Gruntfile.js
no issue
- Most of our other projects have `npm run dev`
- In Ghost we use `grunt dev`, but I also want to have DEBUG turned on for development
- `npm run dev` is a shortcut for these 2 things
- Also cos I keep accidentally typing `npm run dev` anyway 😬
closes#8793
- 1.3 post excerpt migration
- add 1.3 migration to add `excerpt` to post schema
NOTE:
- knex-migrator relies on the package.json safe version
- so right now Ghost is on 1.2
- the migration script is for 1.3
- if you pull down the PR (or if we merge this PR into master), you have to run `knex-migrator migrate --v 1.3 --force`
- knex-migrator will tell you what you have todo
- Bump dependencies
- knex-migrator@2.1.3
- Soft limit for custom_excerpt
- Extended {{excerpt}} to use custom excerpt
- when a `custom_excerpt` field exists, the `{{excerpt}}` helper will output this and fall back to autogenerated excerpt if not.
- Refactored behaviour of (meta) description
- html tag `<meta name="description" />` for posts, tags and author doesn't get rendered if not provided.
- fallback for `author.bio` removed
- fallback for `tag.description` removed
- structured data and schema.org for `post` context takes the following order to render description fields:
1. custom excerpt
2. meta description
3. automated excerpt (50 words)
- updated and added tests to reflect the changes
refs #8222
- differentiate between errors and fatal errors
- use gscan errors in theme middleware
- Adds a new `error()` method to `currentActiveTheme` constructor which will return the errors we receive from gscan
- In middleware, if a theme couldn't be activated because it's invalid, we'll fetch the erros and send them to our error handler. We also use a new property `hideStack` to control, if the stack (in dev mode and if available) should be shown or the gscan errors (in prod mode, or in dev if no stack error)
- In our error handler we use this conditional to send a new property `gscan` to our error theme
- In `error.hbs` we'll iterate through possible `gscan` error objects and render them.
- remove stack printing
- stack for theme developers in development mode doesn't make sense
- stack in production doesn't make sense
- the stack is usually hard to read
- if you are developer you can read the error stack on the server log
- utils.packages: transform native error into Ghost error
- use `onlyFatalErrors` for gscan format and differeniate fatal errors vo.2
- optimise bootstrap error handling
- transform theme is missing into an error
- add new translation key
- show html tags for error.hbs template: rule
no issue
- the new ember version requires 4.5.0
- i've also bumped node v6, because of the latest security vulnerability report (see https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/)
"All of these vulnerabilities are considered low-severity for Node.js users, however, users of Node.js v6.x should upgrade at their earliest convenience."
no issue
The simpledom interpreter that the Mobiledoc DOM renderer uses does not allow for unbalanced or incorrect HTML such as that which is entered by a user.
This PR adds a step where the HTML is sanitised and balanced before being passed to simpledom.
- use latest jsdom (+pin version), update yarn.lock, add comments
- don't use node-4 incompatible shorthand method definition
- grab <body> content rather than document content
- update markdown card specs to match markdown-it behaviour
- revert to jsdom 9.12.0 for node 4.x support, close window to free memory
- moved 3rd party libs into render function
no issue
We have recently merged `knex:0.13.0` into Ghost master.
It was absolutely fine and it works, because yarn is smart. but...
- in case you use `npm` for the installation, the installation of the Ghost dependency fails because of a peer dependency error
- we install 2x knex, which isn't really useful
- bookshelf doesn't actually support knex 0.13.0 yet, see https://github.com/tgriesser/bookshelf/issues/1566
refs https://github.com/TryGhost/Ghost-Admin/pull/690, closes#1501, closes#2093, closes#4592, closes#4627, closes#4659, closes#5039, closes#5237, closes#5587, closes#5625, closes#5632, closes#5822, closes#5939, closes#6840, closes#7183, closes#7536
- replace custom showdown fork with markdown-it
- swaps showdown for markdown-it when rendering markdown
- match existing header ID behaviour
- allow headers without a space after the #s
- add duplicate header ID handling
- remove legacy markdown spec
- move markdown-it setup into markdown-converter util
- update mobiledoc specs to match markdown-it newline behaviour
- update data-generator HTML to match markdown-it newline behaviour
- fix Post "converts html to plaintext" test
- update rss spec to match markdown-it newline behaviour
- close almost all related showdown bugs
* 🙀 change database schema for images
- rename user/post/tag images
- contains all the required changes from the schema change
* Refactor helper/meta data
- rename cover to cover_image
- also rename default settings to match the pattern
- rename image to profile_image for user
- rename image to feature_image for tags/posts
* {{image}} >>> {{img_url}}
- rename
- change the functionality
- attr is required
- e.g. {{img_url feature_image}}
* gscan 1.0.0
- update yarn.lock
* Update casper reference: 1.0-changes
- see 5487b4da8d
refs #8235
Usage:
- for existing development setups: `grunt symlink` (will create the pre-commit symlink)
- for fresh development setups: `npm run init` (symlinking happens as part of the typical set up)
- ✨ Added pre-commit hook to handle submodules
- Checks to see if there are any submodules about to be committed
- Output matches closely to `git st` to make it easy to read
- Requires interaction from the committer to accept that this really should be committed
- ✨ Use grunt symlink to register githooks
- Grunt symlink will make a link to the pre-commit hook
- It ONLY does this if there isn't already a pre-commit hook, so won't overwrite anything
- It does this as part of npm run init, not grunt init, because a release repo would NEVER want this
- This is a dev tool, that configures the repo for development
refs #8221🔥 Remove ghost=true concept from asset url helper
✨💯 Introduce CSS minification with cssnano
- add new grunt-cssnano dependency
- wire up grunt task to minify public/ghost.css
🎨 Rename minification config & hash params
- Change minifyInProduction -> hasMinFile
- this means this asset should have a .min file available
- Change minifyAssets -> useMinFiles
- this means that in this env we want to serve .min files if available
🎨 Update public/ghost.css to serve .min for prod
- add the new `hasMinFile` property
🎨 Move minified asset handling to asset_url util
- this logic should be in the util, not the asset helper
- updated tests
📖 Error handler always needs asset helper
- this removes the TODO and adds a more sensible comment
- we also need to update our theme documentation around error templates
🔥 Don't use asset helper in ghost head
- use getAssetUrl util instead!
- removed TODO
📖 Update proxy docs
🎨 Simplify asset helper & add tests
- this refactor is a step prior to moving this from metadata to being a url util
- needed to skip some new tests
🐛 Add missing handler for css file
refs #7687
There are four main changes in this PR:
we have outsourced the base storage adapter to npm, because for storage developers it's annoying to inherit from a script within Ghost
we hacked theme storage handling into the default local storage adapter - this was reverted, instead we have added a static theme storage here
use classes instead of prototyping
optimise the storage adapter in general - everything is explained in each commit
----
* rename local-file-store to LocalFileStorage
I would like to keep the name pattern i have used for scheduling.
If a file is a class, the file name reflects the class name.
We can discuss this, if concerns are raised.
* Transform LocalFileStorage to class and inherit from new base
- inherit from npm ghost-storage-base
- rewrite to class
- no further refactoring, happens later
* Rename core/test/unit/storage/local-file-store_spec.js -> core/test/unit/storage/LocalFileStorage_spec.js
* Fix wrong require in core/test/unit/storage/LocalFileStorage_spec.js
* remove base storage and test
- see https://github.com/kirrg001/Ghost-Storage-Base
- the test has moved to this repo as well
* Use npm ghost-storage-base in storage/index.js
* remove the concept of getStorage('themes')
This concept was added when we added themes as a feature.
Back then, we have changed the local storage adapter to support images and themes.
This has added some hacks into the local storage adapters.
We want to revert this change and add a simple static theme storage.
Will adapt the api/themes layer in the next commits.
* Revert LocalFileStorage
- revert serve
- revert delete
* add storagePath as property to LocalFileStorage
- define one property which holds the storage path
- could be considered to pass from outside, but found that not helpful, as other storage adapters do not need this property
- IMPORTANT: save has no longer a targetDir option, because this was used to pass the alternative theme storage path
- IMPORTANT: exists has now an alternative targetDir, this makes sense, because
- you can either ask the storage exists('my-file') and it will look in the base storage path
- or you pass a specific path where to look exists('my-file', /path/to/dir)
* LocalFileStorage: get rid of store pattern
- getUniqueFileName(THIS)
- this doesn't make sense, instances always have access to this by default
* Add static theme storage
- inherits from the local file storage, because they both operate on the file system
- IMPORTANT: added a TODO to consider a merge of themes/loader and themes/storage
- but will be definitely not part of this PR
* Use new static theme storage in api/themes
- storage functions are simplified!
* Add https://github.com/kirrg001/Ghost-Storage-Base as dependency
- tarball for now, as i am still testing
- will release if PR review get's accepted
* Adapt tests and jscs/jshint
* 🐛 fix storage.read in favicon utility
- wrong implementation of error handling
* 🎨 optimise error messages for custom storage adapter errors
* little renaming in the storage utlity
- purpose is to have access to the custom storage instance and to the custom storage class
- see next commit why
* optimise instanceof base storage
- instanceof is always tricky in javascript
- if multiple modules exist, it can happen that instanceof is false
* fix getTargetDir
- the importer uses the `targetDir` option to ensure that images land in the correct folder
* ghost-storage-base@0.0.1 package.json dependency
no issue
- https://greenkeeper.io/
- revert because sinon has changed their API obviously and it shows lots of depreaction warnings right now
- as sinon is "just" a testing dependency, i wouldn't spend this time right now and add sinon to the ignore list
* Revert: Update sinon to version 2.1.0
* yarn update
no issue
- use `yarn install` instead of `npm install` in grunt tasks
- remove `grunt deps` and `grunt shell:{shrinkwrap/prune/dedupe}` tasks as they are not needed when using `yarn`
- set `options.npmPath` to `yarn` for subgrunt so it doesn't use `npm install` automatically
- don't remove client contributors files in `grunt clean` - those files are now manually created and should be kept
* 🛠 switch to using yarn in our Grunt tasks
* 🛠 use yarn for `npm run init`, update README
