ref GRO-54
fixes GRO-63
fixes GRO-62
fixes GRO-69
When the config `hostSettings:managedEmail:enabled` is enabled, or the
new flag (`newEmailAddresses`) is enabled for self-hosters, we'll start
to check the from addresses of all outgoing emails more strictly.
- Current flow: nothing changes if the managedEmail config is not set or
the `newEmailAddresses` feature flag is not set
- When managedEmail is enabled: never allow to send an email from any
chosen email. We always use `mail.from` for all outgoing emails. Custom
addresses should be set as replyTo instead. Changing the newsletter
sender_email is not allowed anymore (and ignored if it is set).
- When managedEmail is enabled with a custom sending domain: if a from
address doesn't match the sending domain, we'll default to mail.from and
use the original as a replyTo if appropriate and only when no other
replyTo was set. A newsletter sender email addresss can only be set to
an email address on this domain.
- When `newEmailAddresses` is enabled: self hosters are free to set all
email addresses to whatever they want, without verification. In addition
to that, we stop making up our own email addresses and send from
`mail.from` by default instead of generating a `noreply`+ `@` +
`sitedomain.com` address
A more in depth example of all cases can be seen in
`ghost/core/test/integration/services/email-addresses.test.js`
Includes lots of new E2E tests for most new situations. Apart from that,
all email snapshots are changed because the from and replyTo addresses
are now included in snapshots (so we can see unexpected changes in the
future).
Dropped test coverage requirement, because tests were failing coverage
locally, but not in CI
Fixed settings test that set the site title to an array - bug tracked in
GRO-68
fixes GRO-34
fixes GRO-33
This is a revision of a previous commit, that broke the browser tests
because changes in the data generator (requiring bookshelf had side
effects).
This adds a new way to run all tests with enforced numeric ObjectIDs.
These numeric ids cause issues if they are used withing NQL filters. So
they surface tiny bugs in our codebase.
You can run tests using this option via:
NUMERIC_IDS=1 yarn test:e2e
Removed some defensive logic that could be explained by this discovered
issue.
fixes GRO-34
fixes GRO-33
This also adds a new way to run all tests with enforced numeric ObjectIDs.
These numeric ids cause issues if they are used withing NQL filters. So they
surface tiny bugs in our codebase.
You can run tests using this option via:
NUMERIC_IDS=1 yarn test:e2e
Also removed some defensive logic that could be explained by unquoted ids.
closes https://github.com/TryGhost/Product/issues/4075
- when a member clicks on "Unsubscribe from that list" from Apple Mail,
the member's email is put into Mailgun's Unsubscribe suppression list.
Ghost listens for "Unsubscribe" events from Mailgun, and unsubscribes
the member from all the newsletters
- now, the member is only unsubscribed from the newsletter they
unsubscribe to (not all of them)
- now, the email is also deleted from Mailgun's suppression list, so
that it doesn't affect any other membership
refs https://ghost.slack.com/archives/CTH5NDJMS/p1699359241142969
It's possible for `ObjectIDs` to have only numeric characters. We were
previously letting the type be inferred, which created a very rare but
possible edge case where the last recipient of an email batch had a
numeric ObjectID, resulting in a numeric comparison against alphanumeric
`ObjectIDs` in the database.
- updated the filter to add `'`'s around the `lastId` parameter
- updated tests to check for the type of the id filter parameter value
- can't fully test for numeric object IDs using what we have because
javascript cannot handle numerics of that size; may be able to look at
using fixture data loaded directly into the db
refs https://github.com/TryGhost/Ghost/pull/18587/files and
https://github.com/TryGhost/Ghost/pull/17475/files
- In October 2022, `juice`, a library Ghost uses to inline CSS for email
rendering, introduced a small change that began inlining `width: auto`
and `height: auto` from CSS on image tags, resulting in `width="auto"`
and `height="auto"` attributes being added to image tags in rendered emails
(cb62062794)
- This change in `juice` broke our email rendering in Outlook, which
doesn't play well with `width="auto"` attributes. The first two attempts
to workaround this new behavior in `juice` ended up fixing the issue in
Outlook, but breaking the rendering in other clients
- This commit stores the `height` and `width` attributes of all images
_before_ inlining the CSS with `juice`, and resets them to their
original values, only if they were set to `auto`
no issue
- product card outputs the original width/height of the image in emails
which results in overflown images in Outlook
- Combined with https://github.com/TryGhost/Koenig/pull/983/files, this
change fixes rendering for product card images in Outlook
---------
Co-authored-by: Sodbileg Gansukh <sodbileg.gansukh@gmail.com>
closes https://github.com/TryGhost/Koenig/pull/1038
- updated `<KoenigLexicalEditorInput>` to load `<EmojiPickerPlugin>` and compose it into the editor unless used with `<KoenigLexicalEditorInput @emojiPicker={{false}} />`
- bumped Koenig packages so `EmojiPickerPlugin` is available to import from `koenig-lexical`
refs https://github.com/TryGhost/Product/issues/4053
This adds the feature flag. If enabled, the list-unsubscribe header
should be set. The value currently is only for testing purposes and
probably won't work yet.
no issue
- updates `@tryghost/koenig-lexical` with indent improvements
- prevents indents on paragraphs/headings etc which are not supported when rendering for front-end display
- improves indent behaviour for lists so <kbd>Tab</kbd> can be pressed anywhere in a list item to indent rather than only at the beginning of the list
closes https://github.com/TryGhost/Ghost/issues/18448
- improved slash menu positioning when opening at the bottom of a post
- fixed backspace sometimes deleting a preceding card (e.g. backspace at end of link inside a paragraph preceded by a card)
- fixed `?source=html` issues
- images not rendering in front-end output after import
- images wrapped in links losing their link after import
- fixed inline styles in HTML card content not displaying in the editor
- fixed broken help link in the email card
fixes https://github.com/TryGhost/Ghost/issues/17937
- We used a global Handlebars instance, which means it was reused across
Ghost
- Partials are different between parts of Ghost, that means the partials
were overwritten every time a normal Mailgun email was send
- All staff emails send after a normal newsletter would have invalid
styles because the partials for styles were overwritten
no issues
- product card images have explicit width/height attributes, and when the width value is large (e.g. 2560), it causes an overflow on Gmail on Android
- the reason why there's no issue on other email clients is that Gmail on Android has autofit feature which makes the email width fit inside the screen automatically, and it made the email width very narrow when the product card image width isn't responsive
- this fix makes the product card image width responsive by explicitly setting it 100%
refs https://github.com/TryGhost/Product/issues/3704
- the site icon has sizes defined in CSS and it works great for most
browsers
- but it becomes very large in Outlook and it requires explicit sizes in
the image markup for some reason
fixes https://github.com/TryGhost/Product/issues/3687
After this change, relative URLs in emails will be replaced with
absolute URLs using the post URL. Making relative Portal URLs possible
etc.
Updates the test data generator to fix invalid URL encoding (somehow a
backslash + escaped double quote was added when it wasn't required).
refs TryGhost/Product#3609
- author and publisher styles were mixed up in mobiledoc
- made consistent for author coming after publisher for md and lexical
- updated renderer packages
refs https://github.com/TryGhost/Product/issues/3651
- This is a security fix that addresses an issue causing malicious users
to abuse the test / preview email API endpoint.
- We have multiple procedures in place now to limit such users.
- First, we now only allow one email address to be passed into the
`sendTestEmail` method. This method only have one purpose, which is to
compliment the test email functionality within the Editor in Admin and
therefore have no reason to send to more than one email address at a
time.
- We then add an additional rate limiter to prevent a user from making
multiple requests, eg via a script.
- The new imposed limit is 10 test emails per hour.