Commit Graph

13869 Commits

Author SHA1 Message Date
Renovate Bot
a8fb066c71 Update dependency @tryghost/limit-service to v0.6.2 2021-09-22 18:02:34 +01:00
Renovate Bot
e6845237e0 Update dependency @tryghost/image-transform to v1.0.14 2021-09-22 18:02:09 +01:00
Renovate Bot
ca798ccb73 Update dependency @tryghost/errors to v0.2.14 2021-09-22 18:02:00 +01:00
Renovate Bot
cd008a6d48 Update dependency @tryghost/config-url-helpers to v0.1.1 2021-09-22 18:01:50 +01:00
Renovate Bot
db907f88f2 Update dependency @tryghost/bootstrap-socket to v0.2.10 2021-09-22 18:01:44 +01:00
Renovate Bot
0c4e119483 Update dependency @tryghost/adapter-manager to v0.2.15 2021-09-22 18:01:38 +01:00
Renovate Bot
be47f78293 Update dependency @tryghost/promise to v0.1.10 2021-09-22 18:01:17 +01:00
Renovate Bot
27ce353222 Update dependency @tryghost/session-service to v0.1.25 2021-09-22 18:01:07 +01:00
Renovate Bot
db2c7b64dd Update dependency @tryghost/tpl to v0.1.4 2021-09-22 18:00:59 +01:00
Renovate Bot
40fd068229 Update dependency @tryghost/zip to v1.1.15 2021-09-22 18:00:40 +01:00
Renovate Bot
23bece59a9 Update dependency @tryghost/update-check-service to v0.2.2 2021-09-22 16:31:51 +01:00
Rishabh
4c4efc3a3a Added member analytics events handling
refs https://github.com/TryGhost/Team/issues/1064
refs https://github.com/TryGhost/Team/issues/1056
refs https://github.com/TryGhost/Team/issues/1054
refs https://github.com/TryGhost/Team/issues/1055

- adds handling for new member analytic events including new ingress endpoint
- introduces member-analytics packages and code
2021-09-22 18:21:10 +05:30
Naz
f13ee0e4fb Corrected type declarations in ThemeStorage
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- Type declarations were incorrect, co changed them to something more suitable based on the implementation to reduce the error output.
2021-09-22 14:16:39 +02:00
Peter Zimon
496b98b751 Added Offers Alpha flag 2021-09-22 13:20:36 +02:00
renovate[bot]
e9e9d90ec4
Update dependency @tryghost/members-ssr to v1.0.13 (#13332)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-22 11:33:14 +02:00
renovate[bot]
bbe6a0a933
Update dependency @tryghost/magic-link to v1.0.12 (#13331)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-22 11:32:59 +02:00
Renovate Bot
c8afdac0c9 Update dependency postcss to v8.3.7 2021-09-22 10:01:09 +01:00
Naz
7589218abc Converted import-manager module to a class
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-16/tackle-importersdataindexjs

- The codebase uses class syntax instead of extending/instantiating a native function (this is a very old of doing pseudo OOP in JS). Updated the old syntax in a very one-to-one brainless way with intention to improve the file again when touched again
2021-09-22 20:10:23 +12:00
Naz
c39d1996a4 Brought back importer index.js file exposing a single thing
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-16/tackle-importersdataindexjs

- This extra step was done to keep the git history cleaner (previous commit was a clean rename). This new index file exposes just one thing.
- The next step here should be refactoring of the "importer-manager" module into a class following a DI pattern.
2021-09-22 20:10:23 +12:00
Naz
0d32552d7a Renamed imports indexjs to import-manager
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-16/tackle-importersdataindexjs

- The index file should contain an API index that the module/folder exposes. In this instance it is a full blown class-like set of data and functions that don't belong to index.js
2021-09-22 20:10:23 +12:00
Rishabh
1e239de039 Added new ingress endpoint for client-side events
res https://github.com/TryGhost/Team/issues/1064

- adds new events endpoint on members app to capture client side events for member analytics behind the `membersActivity` flag
2021-09-21 23:37:25 +05:30
Renovate Bot
ebf13f07a0
Update dependency @sentry/node to v6.13.2 2021-09-21 16:32:20 +00:00
Naz
90e9e473ad Brought back index.js file exposing a single thing
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-16/tackle-importersdataindexjs

- This extra step was done to keep the git history cleaner (previous commit was a clean rename). This new index file exposes just one thing.
- The next step here should probably be refactoring of the data-importer module into a class following a DI pattern.
2021-09-22 03:23:12 +12:00
Naz
208dd49971 Renamed imports/data indexjs to data-importer
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-16/tackle-importersdataindexjs

- The index file should contain an API index that the module/folder exposes. In this instance it is a full blown class-like set of data and functions that don't belong to index.js
2021-09-22 03:23:12 +12:00
Fabien O'Carroll
9183c3fa11 Exported MemberAnalyticEvent from models/index.js
refs https://github.com/TryGhost/Team/issues/1053

In order to use the model we must exports it from the index.js file.
This was missing from the commit which added the models.
2021-09-21 13:22:40 +02:00
Naz
74c15c7b02 Refactored secret settings util functions
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The index file in services/settings was containning logic and started throwing an additional lint warning due to module length.
- The extracted secret settings utils were used in multiple places and were a good candidate to live in it's own small module
2021-09-21 23:05:57 +12:00
Naz
ed56239523 Moved browse method from settings API controllers
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The browse method didn't throw a complexity warning but was a clear target to get extracted into settings bread service. This way we get rid of a settings cache dependency and reduce code duplication.
2021-09-21 23:05:57 +12:00
Naz
d76ba2852e Removed method complexity in settings API v3 controller
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The controller code is not meant to contain complex business logic. Removed complexity in settings.edit method
- Have brought up to sync v3 controller code to the changes that were done in v4. Didn't touch v2 controller as it had slight API differences, so avoided going on another trip into the unknown
- Migrating v3 controller was pretty straigh forward as it's an exact copy of the v4 one (at least for the methods that were extracted)
2021-09-21 23:05:57 +12:00
Naz
ae3b2fad7c Removed method complexity in settings API controller
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The controller code is not meant to contain complex business logic. Removed complexity in settings.edit method
- The code causing the complexity warning clearly belonged in the validation layer, so has been moved to it's propper location
2021-09-21 23:05:57 +12:00
Naz
e7ec197da1 Removed duplicate logic from settings edit permissions stage
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The removed logic is done more thoroughly on the settings BREAD
service layer.
2021-09-21 23:05:57 +12:00
Naz
6b25b91fa4 Removed method complexity in settings API controller
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The controller code is not meant to contain complex business logic. Removed complexity in settings.edit method
- Have separated the regular editing from "Stripe Data" editing to keep the dependency on the members service still in the controller reducing coupling of the settings BREAD service to the minimum.
- The stripeConnectData passed into `edit` method still feels out of place (maybe it should be passed as an array already that's ready to be merged with the rest of settings, but that was left for another refactor in the future)
2021-09-21 23:05:57 +12:00
Naz
85ee721157 Removed method complexity in settings API controller
refs https://github.com/TryGhost/Team/issues/694
refs https://linear.app/tryghost/issue/CORE-13

- The controller code is not meant to contain complex business logic.
Reduced complexity in the settings.read method
- Broke the usual "xxxService" naming pattern here in favor of "xxxBREADService" pattern that members package has been experimenting with recently (0469707f2e/packages/members-api/lib/services/member-bread.js (L25)). This naming choice was made because we already had a "SettingsService" and it would've become quite convoluted distinguishing the naming or doing renames for the sake of having a new temporary location for read/edit/add methods
- Also duplicated `hideValueIfSecret` method code with an intention to move it fully into the BREAD service once the refactoring is completed
2021-09-21 23:05:57 +12:00
Fabien O'Carroll
c1c969238f Passed MemberAnalyticEvent to @tryghost/members-api
refs https://github.com/TryGhost/Team/issues/1055

We use the models defined in Ghost as our database connection to store
the analytic events. So we must pass this down to the Members module so
that we can store the events
2021-09-21 11:42:05 +02:00
Renovate Bot
7c1192fc20
Update dependency @sentry/node to v6.13.1 2021-09-20 18:46:49 +00:00
Renovate Bot
9615d76ff3
Update dependency @sentry/node to v6.13.0 2021-09-20 15:08:22 +00:00
Daniel Lockyer
8a534c5b14
🐛 Fixed sending emails via SES or non-standard SMTP config
fixes https://linear.app/tryghost/issue/CORE-45/

- this commit fixes two email related issues:
    - SES transport: the auth mechanism was set up wrong and so none of
      the requests would go through. This now follows the docs on https://nodemailer.com/transports/ses/
    - SMTP transport: the latest versions of Nodemailer don't seem to
      allow overriding of options if a service is present. I've filed
      https://github.com/nodemailer/nodemailer/issues/1327 but in the
      mean time, I assign the options back to the transporter object
      to ensure they always get applied
- I've fixed this in our `@trghost/nodemailer` package and so this commit
  bumps that here
2021-09-20 15:53:44 +01:00
Rishabh
58bdf1e6e5 Added new ghost analytics meta tag behind activity alpha flag
refs https://github.com/TryGhost/Team/issues/1063

Member activity is a labs alpha feature which aims at capturing member events for site owner if switched on. The event metadata captures the site page/post where the event originates from, and the post/page id is included as content of new ghost analytics meta tag. The meta tag is only aded on the site if member activity is switched on from labs.
2021-09-20 13:55:37 +05:30
Renovate Bot
12f59e7ec0 Update dependency coffeescript to v2.6.0 2021-09-20 08:04:52 +01:00
Renovate Bot
9fb78b338c Lock file maintenance 2021-09-20 02:46:58 +00:00
Daniel Lockyer
7ffa5414b5
v4.15.0 2021-09-17 16:58:45 +01:00
Daniel Lockyer
0a64916771
Updated Admin to v4.15.0 2021-09-17 16:58:45 +01:00
Daniel Lockyer
8590376795
Fixed linting issue
no issue

- I removed the use of Promises but didn't clean up the import
2021-09-17 16:51:52 +01:00
Daniel Lockyer
93e4b2eafd 🔒 Fixed remote command injection when using sendmail email transport
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm
refs https://github.com/advisories/GHSA-48ww-j4fc-435p

- a vulnerability in `nodemailer` means that the `sendmail` transport is
  vulnerable to command injection for flags passed to the `sendmail`
  binary
- updating to the latest version of Nodemailer required creating
  `@tryghost/nodemailer`, which is a wrapper around Nodemailer and
  several plugins that used to be in the core
- this commit switches to using that package, and fixes up some small
  code + test changes
2021-09-17 16:46:51 +01:00
Fabien O'Carroll
61058fb0a4 fixup! Refactored migration to run faster 2021-09-17 16:33:14 +01:00
Fabien O'Carroll
3165315f84 fixup! Refactored migration to run faster 2021-09-17 16:33:14 +01:00
Fabien O'Carroll
484e0c1e05 Refactored migration to run faster
no-issue

We're seeing problems with large sites taking a long time to run this
migration. The aim here is to refactor it so that it is faster to run.

We've achieved that by reducing the number of database queries needed,
firstly by selecting members with a join to their events (rather than
fetching the events on a member-by-member basis) we also batch the
necessary updates to further reduce db query time.
2021-09-17 16:33:14 +01:00
Hannah Wolfe
ac82554f3e
Added command for finding slow regression tests
- A tiny tool to help us prioritise killing regression tests
2021-09-17 13:35:41 +01:00
Hannah Wolfe
7d1d6ec6eb
🐛 Fixed error in sitemap with >50k posts (#13317)
closes: CORE-34
refs: https://github.com/TryGhost/Team/issues/1044

- this is a super basic fix, it adds a max nodes concept and limits the node in each sub-sitemap to 50k by default
- this will prevent the error in google console
- a better fix is in progress, but we want to at least solve the errors ASAP
2021-09-17 11:13:42 +01:00
Fabien 'egg' O'Carroll
2dca63eae2
Added temporary database table for analytic events (#13312)
refs https://github.com/TryGhost/Team/issues/1053

This table is going to be completely deleted at some point in the
future. It serves as a persistent datastore for a spike into collection
analytic events for members. We've opted for a generic table, rather
than a table for each event, so that we can push the DB to the limit in
terms of the length of the table, and find out performance issues A$AP
2021-09-17 11:15:21 +02:00
Hannah Wolfe
ba587ba882
Fixed logic bugs in match helper (#13315)
closes: CORE-33

Two bugs:
- lodash isEmpty and handlebars util isEmpty are not the same
- I literally had the truthy and falsy cases the wrong way around 🙈

Notes:
- I have, for now, copied the isEmpty util from handlebars. It's so small it doesn't seem worth trying to require the util right now, although in future it'd be nice if that was easier to do
- Adding the management for the conditional being a SafeString allows the match helper to be a subexpression of itself, I can see this pattern being useful later in combo with the any and all helpers
2021-09-17 09:47:10 +01:00