Commit Graph

20159 Commits

Author SHA1 Message Date
Daniel Lockyer
e8e3447f15 Fixed handling empty zip file uploads
fix https://linear.app/tryghost/issue/SLO-102/end-of-central-directory-record-signature-not-found-an-unexpected

- previously, uploading an empty zip would result in a HTTP 500 error
  because yauzl would error and we'd bubble that up as an
  InternalServerError
- now, we catch the specific error message and return a more user
  friendly error
- also includes tests and sample zip file
2024-05-08 11:19:47 +02:00
Daniel Lockyer
00f42855e3 Excluded docName key from API controller method map
- due to the structure of our API controllers, the docName and methods
  are under the same structure
- this code loops over the keys of the controller and forms the method
  map
- however, it currently also loops over every character of the docName,
  so the resulting map contains a weird structure of chars
- we don't need the docName for this, so we can just exclude it from the
  keys
- this doesn't change any functionality
2024-05-08 11:19:47 +02:00
Daniel Lockyer
d82b136a6a Handled uploads with invalid form bodies
fix https://linear.app/tryghost/issue/SLO-101/http-500-with-invalid-multipart-data

- previously, busboy would error out if we supplied a body that was
  invalid (such as an empty FormData)
- we would then return a HTTP 500 to the user, which causes all manner
  of problems
- now we catch errors from busboy and return a nice BadRequestError
2024-05-08 11:19:47 +02:00
Daniel Lockyer
ae88dc8548 Handled invalid timestamp format in filters
fix https://linear.app/tryghost/issue/SLO-85/fix-http-500-on-contentposts

- in the event we give the incorrect format in a filter, MySQL will
  throw an error and we'll throw a HTTP 500 error
- we can capture this error and return a more useful error to the user
- ideally we'd do this in a validation step before attempting the query,
  but parsing this out of NQL and detecting which columns are DATETIME
  could be quite tricky
2024-05-08 09:28:56 +02:00
Daniel Lockyer
82c612bad9 Rolled out API framework JSDoc typing to more places
- this updates a bunch of places where we're just using Object to cheat
  the system
- doing this means editor autocomplete and basic type checking is better
  because we now have proper types in place
- functionality should not change, these are just comments
2024-05-08 09:28:31 +02:00
renovate[bot]
1fea2fc616 Update dependency semver to v7.6.1 2024-05-08 09:04:44 +02:00
Ghost CI
7201006f05 Merged v5.82.7 into main 2024-05-07 18:13:36 +00:00
Ghost CI
000616ac02 v5.82.7 2024-05-07 18:13:34 +00:00
Djordje Vlaisavljevic
9fe0d13232 Fixed typo
ref https://linear.app/tryghost/issue/DES-338/subscription-details-section-on-mobile-spacing-issues
2024-05-07 20:00:11 +02:00
Kevin Ansfield
d831e687a5 Added initial implementation of internal linking for standard links (#20139)
ref https://linear.app/tryghost/issue/MOM-81

- bumps `@tryghost/koenig-lexical` to version with updated internal linking beta features
2024-05-07 19:59:46 +02:00
Kevin Ansfield
b24f976b34 Fixed empty groups in internal link searches (#20142)
closes https://linear.app/tryghost/issue/MOM-101

- we were mapping over the grouped search results which meant we still got a group even if it's options/items list was empty after filtering for published
2024-05-07 19:59:40 +02:00
Kevin Ansfield
0f482907e1 🐛 Fixed Admin search sometimes stalling on first query (#20143)
closes https://linear.app/tryghost/issue/MOM-103

- the `yield waitForProperty(...)` call that was supposed to return once the content refresh occurred never reached a valid state so the first search query (or any later query) where a content refresh occurred would never resolve causing search to look like it had stalled
- switched to waiting for the last running task to resolve instead which does the same as the previous code intended
- exported the `getPosts` request handler function so in mirage config so we can re-use it with different timing on a per-case basis
2024-05-07 19:59:33 +02:00
Djordje Vlaisavljevic
bae5ae43c9 Fixed typo
ref https://linear.app/tryghost/issue/DES-338/subscription-details-section-on-mobile-spacing-issues
2024-05-07 18:29:25 +01:00
Daniel Lockyer
2659e5aa40 Added handling for parsing errors with user-submitted HTML
fix https://linear.app/tryghost/issue/SLO-87/cannot-read-properties-of-undefined-reading-createimpl-an-unexpected
refs https://github.com/jsdom/jsdom/issues/3709

- in the event we are given some HTML to parse, and that fails, we
  currently return a HTTP 500 because it's unhandled
- the instance we saw was due to `<constructor>` crashing jsdom, we've
  opened an issue for that
- in terms of handling the error gracefully, we can surround the code
  in a try-catch and return a more suitable error. I've gone for a
  ValidationError for now - you could debate whether a different one is
  more appropriate
- also added Sentry error capturing so we're not blind to these,
  ultimately we should make sure the parser can handle all
  user-submitted data
2024-05-07 17:25:48 +02:00
Kevin Ansfield
40ee2043e0
Reduced Admin search re-indexes (#20154)
closes https://linear.app/tryghost/issue/MOM-97

The 30s search content expiry didn't really make sense and caused unnecessary delays and server load now that search will be more widely used within the editor.

- replaced concept of time-based expiry with explicit expiry
  - content still fetched on query if not already loaded or marked as stale
  - added `.expireContent()` method on search service to allow explicit expiry
- updated editor to pre-fetch search content when not already loaded or marked as stale
  - removes delay when first using internal linking search inside the editor
- updated post model to expire search content on save
  - expires on published post save or delete
  - expires on publish and unpublish
- updated tag model to expire content on create/save/delete
  - only expires when name or url is changed
- updated user model to expire on save/delete
  - only expires when name or url is changed
  - does not handle creation because that's done server-side via invites
2024-05-07 15:24:20 +01:00
Sanne de Vries
2b16a65720
Updated lock icon from hardcoded black to using currentColor (#20152)
REF MOM-80
2024-05-07 11:58:41 +00:00
Daniel Lockyer
dccb4ac84e Cleaned up unused controller method
- this isn't being used anywhere, so we can clean it up
2024-05-07 11:44:07 +02:00
Daniel Lockyer
1fd155d56a Fixed extra arguments being supplied to function calls
- identified by tsc, this shouldn't change any functionality because
  there were extra arguments being supplied and were unused
2024-05-07 11:44:07 +02:00
Daniel Lockyer
29cc3003c7 Fixed misc JSDoc types
- nothing crazy, just fixing minor typing issues that I've come across
2024-05-07 11:44:07 +02:00
Ronald Langeveld
4f3bfebfea
Revert "Added latest_event_timestamp to email table (#20118)" (#20149)
This reverts commit 3246a8d2c9.
2024-05-07 08:58:42 +00:00
Daniel Lockyer
c298db912c Added JSDoc types for API controllers
- this adds a simple set of types to the @tryghost/api-framework
  package that should describe all of the keys available on a
  controller, and then rolls it out to all API controllers
- unfortunately, due to https://github.com/microsoft/TypeScript/issues/47107, we have
  to split apart `module.exports` into a variable assignment in order for type-checking
  to be done
- the main benefit of this is that `frame` is now typed, and editors understand what keys
  are available, so intellisense works properly
2024-05-07 10:49:44 +02:00
Ronald Langeveld
3246a8d2c9
Added latest_event_timestamp to email table (#20118)
ref ENG-832

- Added migrations for `latest_event_timestamp` column in emails table.
- updated schema
- updated emails model
2024-05-07 16:12:51 +08:00
Daniel Lockyer
de435238f4 Fixed wrong status code type
- `statusCode` should be a number, but we were passing a string
- this doesn't really affect anything, but tsserver was flagging it up
  as the wrong type
2024-05-07 08:29:48 +02:00
Daniel Lockyer
b29c897da3 Fixed passing error to IncorrectUsageError
- we should pass it as `err` and not `error`
- this probably slipped in because the catch parameter is called
  `error`, so I've updated that and fixed the references
2024-05-07 08:29:48 +02:00
Daniel Lockyer
efc59dd315 Fixed extra parameter to function
- `serializeTier` only takes 2 parameters
- flagged by tsserver
2024-05-07 08:29:48 +02:00
Daniel Lockyer
f72d7b77ac Fixed miscellaneous jsdoc comments
- this helps tsserver figure out what the type of things is around our
  codebase
- nothing crazy, mostly Express types for the middleware, application and router levels
2024-05-07 08:29:48 +02:00
Kevin Ansfield
27e771b3a8
🐛 Fixed Admin search sometimes stalling on first query (#20143)
closes https://linear.app/tryghost/issue/MOM-103

- the `yield waitForProperty(...)` call that was supposed to return once the content refresh occurred never reached a valid state so the first search query (or any later query) where a content refresh occurred would never resolve causing search to look like it had stalled
- switched to waiting for the last running task to resolve instead which does the same as the previous code intended
- exported the `getPosts` request handler function so in mirage config so we can re-use it with different timing on a per-case basis
2024-05-06 21:04:13 +00:00
Kevin Ansfield
7f3731e9d1
Fixed empty groups in internal link searches (#20142)
closes https://linear.app/tryghost/issue/MOM-101

- we were mapping over the grouped search results which meant we still got a group even if it's options/items list was empty after filtering for published
2024-05-06 15:55:16 +00:00
Daniel Lockyer
265a8dd16f Added function names to more middleware
refs 319f251ad2

- this helps debugging because all middleware in the stack will have a
  function name, so it'll show up instead of `<anonymous>`
2024-05-06 17:51:39 +02:00
Kevin Ansfield
2aad4ca06f
Added initial implementation of internal linking for standard links (#20139)
ref https://linear.app/tryghost/issue/MOM-81

- bumps `@tryghost/koenig-lexical` to version with updated internal linking beta features
2024-05-06 15:12:11 +00:00
Daniel Lockyer
a50bb8d79e Added missing error messages for members uploader
fix https://linear.app/tryghost/issue/SLO-97/missing-messages-for-members-file-upload

- these were missing, so if the members importer wasn't given a file, it
  would crash with an HTTP 500 error
- also added a test to ensure we get a 422 back
2024-05-06 15:17:25 +02:00
Daniel Lockyer
5a8145139a Fixed handling cutoff boundary data in image + media upload
fix https://linear.app/tryghost/issue/SLO-95/unexpected-end-of-multipart-data-for-broken-image-upload-request

- in the event the client sends an invalid body to the image or media
  upload endpoints, Dicer will throw an error if the boundary data is
  malformed
- previously, we've just been bubbling that up as an InternalServerError
  and that results in an HTTP 500
- we can capture errors produced by dicer and return a handled
  BadRequestError, as it's the client's fault
- also includes breaking tests
2024-05-06 13:41:25 +02:00
Daniel Lockyer
3e79712466 Fixed handling malformed image + media upload requests
fix https://linear.app/tryghost/issue/SLO-94/unexpected-field-when-given-broken-image-upload-request

- in the event the body of an image or media upload request is malformed
  (broken metadata / blob or something), we get a MulterError and this
  bubbles up as an InternalServerError and spits out a HTTP 500
- we can capture this and return a BadRequestError, as it's the client's
  fault for not providing the correct body
- this implements that and adds breaking tests
2024-05-06 13:24:26 +02:00
Daniel Lockyer
4c35e00721 Fixed handling of invalid Accept-Version header
fix https://linear.app/tryghost/issue/SLO-96/invalid-version-must-be-a-string-got-type-object-an-unexpected-error

- in the event that a non-semver Accept-Version header is given, the
  current code will throw an error because the semver lib can't compare null
  against a valid version
- the error in question is `Must be a string. Got type "object"`
- to fix this, we can just detect a null and early return with a
  BadRequestError
- also adds a breaking test
2024-05-06 12:01:08 +02:00
Daniel Lockyer
319f251ad2 Added function names to mw-error-handler middleware
- this helps with debugging because all the middleware will now have
  function names, so it'll show up as something labeled vs `<anonymous>`
2024-05-06 12:01:08 +02:00
Daniel Lockyer
dd214aa67c Refactored @tryghost/mw-error-handler to assert
- removes should as our preferred assertion lib is `assert`
- removes empty test utils, these won't be needed
2024-05-06 12:01:08 +02:00
renovate[bot]
88957ca1f4 Update dependency @types/nodemailer to v6.4.15 2024-05-06 11:55:52 +02:00
Fabien O'Carroll
e6552ddb63 Added ability for Actor to sign requests
ref https://linear.app/tryghost/issue/MOM-74

This will allow us to generated signed requests for Activites.
2024-05-06 14:21:16 +07:00
Fabien O'Carroll
deb6e05889 Added HTTPSignature service
ref https://linear.app/tryghost/issue/MOM-72

This module handles signing and validating HTTP signatures, which is a core
part of interfacing with ActivityPub enabled servers.
2024-05-06 14:21:16 +07:00
Ghost CI
f34c33f330 v5.82.6 2024-05-03 16:04:14 +00:00
Chris Raible
d8b629c713
Added an optional timeout parameter to AdapterCacheRedis (#20131)
ref
https://linear.app/tryghost/issue/ENG-902/add-an-optional-timeout-in-the-redis-cache-adapter-in-case-redis

- Added an optional timeout parameter to AdapterCacheRedis, so that the
`get(key)` method will return `null` after the timeout if it hasn't
received a response from Redis
- When load testing the `LinkRedirectRepository` with the Redis cache
enabled on staging, we noticed that for some reason Redis stopped
responding to commands for ~30 seconds.
- The `LinkRedirectRepository` was waiting for the Redis cache to
respond and resulted in a drastic increase in response times for link
redirects
- This change will allow us to set a timeout on the `get(key)` method,
so that if Redis doesn't respond within the timeout, the method will
return `null` as if it were a cache miss.
- Then the `LinkRedirectRepository` will fall back to the database and
return the link redirect from the database instead of waiting
indefinitely for Redis to respond
2024-05-02 20:39:23 -07:00
Chris Raible
b9f7ea65e9
Revert "Added new member signup flow behind labs flag (#19986)" (#20130)
ref https://linear.app/tryghost/issue/KTLO-1/members-spam-signups

This reverts commit 01d0b2b304.

- Removed the new member signup flow because it didn't solve the
problems with spam signups
2024-05-02 13:02:32 -07:00
Kevin Ansfield
0fbea2d503
Revert "Added initial implementation of internal linking for standard links (#20126)" (#20128)
This reverts commit 41111893b4.

- reverting for further polish before it ends up in next release
2024-05-02 18:50:29 +00:00
Kevin Ansfield
41111893b4
Added initial implementation of internal linking for standard links (#20126)
ref https://linear.app/tryghost/issue/MOM-81

- bumps `@tryghost/koenig-lexical` to version with updated internal linking beta features
2024-05-02 17:28:19 +00:00
Daniel Lockyer
7950122ffe Protected against deleting non-existent image during upload
fix https://linear.app/tryghost/issue/SLO-93/undefined-path-error-with-bad-image-upload

- in the event we receive a request to upload an image, that doesn't
  contain an image, we still try and unlink the files
- this is a dangling promise, so it doesn't cause an explicit HTTP
  error, but it does show up as a console error
- fixed it by checking for the path, and early returning if it doesn't
  exist
- also added a test that would fail without this
2024-05-02 17:29:03 +02:00
Sag
e996213122
Moved POST /members/api/member behind alpha flag (#20124)
ref https://linear.app/tryghost/issue/SLO-78

- the `POST /members/api/member` endpoint is solely used by the alpha
feature `membersSpamPrevention` and should not be available otherwise
2024-05-02 16:34:32 +02:00
Daniel Lockyer
cc76fda3e8 Enabled includeLocalVariables option in Sentry
ref https://linear.app/tryghost/issue/SLO-92/enable-extra-sentry-integrations
refs https://docs.sentry.io/platforms/javascript/guides/node/configuration/options/#include-local-variables

- this will capture the local stack variables when producing a stack
  trace, which would be super useful when debugging
2024-05-02 13:52:40 +02:00
Daniel Lockyer
5b28dc9246 Enabled Sentry's ExtraErrorData integration
refs https://docs.sentry.io/platforms/javascript/guides/node/configuration/integrations/extraerrordata/
ref https://linear.app/tryghost/issue/SLO-92/enable-extra-sentry-integrations

- this enables the ExtraErrorData integration, which should help us
  capture more of the properties of the errors we're producing, which
  _may_ help with debugging
2024-05-02 13:52:40 +02:00
Daniel Lockyer
6c7b230efe Fixed handling requests with mismatching version and missing key
fix https://linear.app/tryghost/issue/SLO-88/typeerror-cannot-read-properties-of-null-reading-relations

- in the event that we make it through the version mismatch code, but
  without a key, which is possible if you send a request like POST
  /ghost/api/v2/content/posts/`, then the version mismatch code will try
  and look up the API key attached to a null key, which won't work
- we should handle this case and soft return, to avoid trying to read
  `.relations` from `null`
- I'm not entirely convinced by how this code works in general, it seems
  quite confusing to reason about, but this commit should solve the HTTP
  500 we've been seeing from this
- perhaps in the future we can return earlier in the flow if we receive
  a `null` key
2024-05-02 13:03:26 +02:00
renovate[bot]
ec626bd0cf Update react monorepo to v18.3.1 2024-05-02 11:46:13 +02:00
Chris Raible
d50a766aa3
Bumped koenig-lexical (#20116)
ref
https://linear.app/tryghost/issue/PA-53/add-posthog-tracking-to-trackevent-in-admin-x-settings-and-lexical

- Added `posthog.capture` to koenig-lexical's existing `trackEvent`
function to start sending events from the editor to PostHog
2024-05-01 22:39:28 -07:00
renovate[bot]
a33dccf8cd Update TryGhost packages 2024-05-01 17:01:41 +02:00
Daniel Lockyer
3f7a7fff44 Fixed HTTP 500 when adding unknown products to member
fix https://linear.app/tryghost/issue/SLO-89/cannot-read-properties-of-null-reading-get-an-unexpected-error

- if we pass an invalid ID when updating the products on a member, we
  throw a HTTP 500 error because `product` is `null`
- we can check for this and return a BadRequestError, because the user
  supplied an incorrect ID
2024-05-01 16:54:35 +02:00
Ghost CI
6b32548e5c Merged v5.82.5 into main 2024-05-01 13:22:28 +00:00
Ghost CI
a4c478958b v5.82.5 2024-05-01 13:22:26 +00:00
Ronald Langeveld
a738f5aacb Added customer_update param to StripeAPI (#20105)
ref https://linear.app/tryghost/issue/ENG-881/stripe-tax-checkout-instantiation-fails-for-free-members-when-choosing

- For existing customers to be able to upgrade their account with automatic tax enabled, we need to pass in `customer_update[address]:auto` as per Stripe documentation.
- Automatic tax calculation in Checkout requires a valid address on the Customer. Add a valid address to the Customer or set either 'customer_update[address]' to 'auto' or 'customer_update[shipping]' to 'auto' to save the address entered in Checkout to the Customer.
- We update the existing customer details by passing in address `auto` when they upgrade their accounts.
- Stripe captures the billing address information by default when new accounts are created and then that is used to calculate the tax rate.
2024-05-01 21:07:40 +08:00
renovate[bot]
746df63307
Update dependency gscan to v4.43.1 (#20109)
ref https://linear.app/tryghost/issue/ENG-842/gluster-file-name-length-limit

- gscan v4.43.1 contains a bug fix to throw an large filenames
2024-05-01 11:26:21 +00:00
Daniel Lockyer
31bdef94cd Handled invalid filters in members event repository
fix https://linear.app/tryghost/issue/SLO-82/query-error-unexpected-character-in-filter-at-char-1

- previously, we weren't handling a parsing error, and just bubbling it
  back up the chain
- this would result in an InternalServerError somewhere, which caused
  500s
- we can handle this, because it's just a bad filter
- this adds handling so we return a 422 upon receiving an invalid filter
2024-05-01 11:58:09 +02:00
Daniel Lockyer
ddac3a9e8b Removed Sentry error capturing for failed URL decoding
fix https://linear.app/tryghost/issue/SLO-79/incorrectusageerror-the-url-httpsblogkongregatecompercentc0-couldnt-be

- we added this Sentry captureException whilst fixing a bug where
  decodeUrl could fail, and throw a 500 exception
- we added handling for that case and returned an empty string, but we
  also added Sentry error capturing
- at this point, I don't think we need to be capturing errors in Sentry,
  because the issue is already handled, and it only usually happens with
  malicious/incorrect URLs
- this is our #2 cause of Sentry alerts, so it's good to clean it up
2024-05-01 10:15:13 +02:00
Ronald Langeveld
8483d96f08
Added customer_update param to StripeAPI (#20105)
ref https://linear.app/tryghost/issue/ENG-881/stripe-tax-checkout-instantiation-fails-for-free-members-when-choosing

- For existing customers to be able to upgrade their account with automatic tax enabled, we need to pass in `customer_update[address]:auto` as per Stripe documentation.
- Automatic tax calculation in Checkout requires a valid address on the Customer. Add a valid address to the Customer or set either 'customer_update[address]' to 'auto' or 'customer_update[shipping]' to 'auto' to save the address entered in Checkout to the Customer.
- We update the existing customer details by passing in address `auto` when they upgrade their accounts.
- Stripe captures the billing address information by default when new accounts are created and then that is used to calculate the tax rate.
2024-05-01 15:35:25 +08:00
renovate[bot]
60a3b5a913 Update TryGhost packages 2024-05-01 08:49:04 +02:00
renovate[bot]
8f839b34b1 Update Types packages 2024-04-30 22:00:55 +02:00
renovate[bot]
5dbaee8d43 Update dependency tough-cookie to v4.1.4 2024-04-30 19:56:24 +00:00
Daniel Lockyer
7109743282 Fixed overly verbose DatabaseInfo require
- we don't need to deep require into the library as it exports what we
  need on the surface
- this should unblock https://github.com/TryGhost/Ghost/pull/19002, as
  it's randomly failing with this require
2024-04-30 21:39:56 +02:00
renovate[bot]
393007bcd6 Update react monorepo to v18.3.0 2024-04-30 21:26:31 +02:00
Michael Barrett
4cd85ab8b7
Added timeout when resizing an image (#20087)
refs
[ENG-827](https://linear.app/tryghost/issue/ENG-827/🐛-crash-on-resizing-animated-gif)

Added a timeout to the image resizing middleware to prevent crashes when
an image is taking too long to resize. When the timeout is reached and
the image has not been resized, the middleware will return the original
image
2024-04-30 08:39:30 +01:00
Kevin Ansfield
3d6fae3ea7
Fixed intermittent click issues with internal links dropdown (#20101)
closes https://linear.app/tryghost/issue/MOM-60

- when the dropdown opens near the end of the document, clicking the links sometimes did nothing and showed an error in the console
- we have a mousedown event handler on an element that surrounds the main editing element that re-focuses the editor when clicked in order to make the "focus editor" click target larger and more natural-feeling but it was inadvertently re-focusing when the mousedown event fired for an element in the dropdown list when the list was positioned outside of the main editor element. This lead to timing issues with the bookmark node being removed on blur because it was empty followed by an error from the node's component's async event handlers which were trying to set values on the now-removed node
- by switching from `event.target.closest()` to looping over `event.composedPath()` when checking to see if we should skip re-focusing we're more resilient to DOM manipulations occurring between event triggers and function calls because we'll always be given the list of elements that existed at the time the event fired
2024-04-29 17:58:33 +01:00
renovate[bot]
756be38d59 Update dependency terser to v5.31.0 2024-04-29 15:20:31 +00:00
Sérgio Spagnuolo
4f5d375828
🎨 update i18n for better fit (pt-br) (#20045)
reduce word size to fit properly within button without making style
changes (_economize_ and _poupe_ have the exact same meaning)

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-04-29 09:20:07 -04:00
Sodbileg Gansukh
70ca7baf5a
Improved sign in form error typography (#20098)
ref DES-170
2024-04-29 10:29:07 +00:00
Sodbileg Gansukh
2eb6f86a22
Updated sign in form to make it consistent with the new signup design (#20086)
ref TRI-90
2024-04-29 16:55:32 +08:00
renovate[bot]
9056b9138c Update dependency i18next to v23.11.3 2024-04-29 08:40:51 +00:00
Ronald Langeveld
b2970cb4e0
Added integrity test for flags (#20094)
ref
https://ghost.slack.com/archives/C02G9E68C/p1714047709694639?thread_ts=1713956576.497899&cid=C02G9E68C
    
    - Ensures unique feature flags, avoiding configuration conflicts.
    - Enhances code reliability and simplifies feature tracking.
    - Prevents bad rebases was the reason for the initial duplication.
2024-04-29 02:39:15 +00:00
renovate[bot]
305029bc38 Update dependency ws to v8.17.0 2024-04-29 01:23:51 +00:00
renovate[bot]
f18f08928f Update dependency yjs to v13.6.15 2024-04-29 01:22:59 +00:00
Ghost CI
cf9ba60524 v5.82.4 2024-04-26 16:04:30 +00:00
Chris Raible
dcd65bfa4f
Added caching to the LinkRedirectRepository (#20036)
ref
https://linear.app/tryghost/issue/ENG-851/implement-a-minimal-but-complete-version-of-redirect-caching-to
ref https://app.incident.io/ghost/incidents/55

Often immediately after sending an email, sites receive a large volume
of requests to LinkRedirect endpoints from members clicking on the links in
the email.

We currently don't cache any of these requests in our CDN, because we
also record click events, update the member's `last_seen_at` timestamp,
and send webhooks in response to these clicks, so Ghost needs to handle
each of these requests itself. This means that each of these LinkRedirect requests
hits Ghost, and currently all these requests hit the database to lookup
where to redirect the member to.

Each one of these requests can make up to 11 database queries, which can
quickly exhaust Ghost's database connection pool. Even though the
LinkRedirect lookup query is fairly cheap and quick, these queries aren't
prioritized over the "record" queries Ghost needs to handle, so they can
get stuck behind other queries in the queue and eventually timeout.

The result is that members are unable to actually reach the destination
of the link they clicked on, instead receiving a 500 error in Ghost, or
it can take a long time (60s+) for the redirect to happen.

This PR uses our existing `adapterManager` to cache the redirect lookups
either in-memory or in Redis (if configured — by default there is no caching). This only removes 1 out of
11 queries per redirect request, so it won't reduce the load on the DB
drastically, but it at least decouples the serving of the LinkRedirect from
the DB so the member can be redirected even if the DB is under heavy
load.

Local load testing results have shown a decrease in response times from
60 seconds to ~50ms for the redirect requests when handling 500 requests
per second, and reduced the 500 error rate to 0.
2024-04-25 19:17:25 -07:00
Daniel Lockyer
892b9ab397 Moved internalLinking and stripeAutomaticTax flags to private beta
refs https://ghost.slack.com/archives/C02G9E68C/p1714051665654659?thread_ts=1713970812.191919&cid=C02G9E68C

- this enables us to enable the flags on sites without the need to
  enable developer experiments
- added `(private beta)` to the end of the relevant UI flags, because
  they're still in alpha in the UI despite being in beta in backend
2024-04-25 16:37:55 +02:00
Ronald Langeveld
601d05de0d
Removed duplicated ActivityPub labs key (#20089)
no issue

- rebased from main without seeing there's an existing flag.
- this removes the duplicated flag
2024-04-25 14:15:47 +00:00
Steve Larson
a0b7476794
Updated staff deletion logic (#20069)
ref https://linear.app/tryghost/issue/ENG-826

- Changed staff deletion logic to do a bulk insert when adding a tag to
the users' associated posts

Staff deletion logic has really poor performance at scale because we do
individual updates for every post. If a user has dozens+ posts
(especially in a large db with thousands of posts), this can take >60s
and look like a timeout. Ultimately this should probably be a jobbed off
process, but for the time being we can improve this by doing a bulk
insert.

Note that this update uses the pattern for the bulk tagging of posts
from the right click (bulk) actions in the posts lists in Admin. With
bulk actions, **we do not trigger web hooks or the post.edited events**.
We will document this and follow up on this separately.
2024-04-25 08:19:11 -05:00
Djordje Vlaisavljevic
7a3bbfde10
Added ActivityPub playground (#20081)
ref MOM61

- Adds admin-x react app we’ll use as ActivityPub playground to the
sidebar nav behind the feature flag.
- Wired up routing to Ember
- Setup the project as `admin-x-activitypub`

---------

Co-authored-by: Ronald Langeveld <hi@ronaldlangeveld.com>
2024-04-25 16:44:29 +08:00
Fabien O'Carroll
af02ca7044 Initial wire up of Posts -> Outbox flow
ref https://linear.app/tryghost/issue/MOM-29

This is very rough, and all still behind a flag. The idea is that any public
post which is published gets added to the Outbox of the site Actor. We also
dispatch an event, which will be used to deliver the Activity to any relevant
inboxes, but that is outside the scope of this commit.
2024-04-25 11:10:17 +07:00
Fabien O'Carroll
e01c9cb546 Moved frontend controllers into dedicated directory
no-issue

These should never have been in the admin directory!
2024-04-25 11:10:17 +07:00
Fabien O'Carroll
299f7c408e Added very basic Outbox for Actors
ref https://linear.app/tryghost/issue/MOM-28
ref https://linear.app/tryghost/issue/MOM-29
ref https://linear.app/tryghost/issue/MOM-30

Basic wire up of Create Activities, Articles for Posts & Actor's Outbox!
I'd definitely like to rethink the whole storage layer and how we split things
out - I think separating the Outbox from the Actor would make sense, otherwise
the size of thsi is gonna grow, or we're gonna have to deal with sub-pagination.
2024-04-25 11:10:17 +07:00
Fabien O'Carroll
d592b1e9c9 Expanded ActivityPub type definitions
ref https://linear.app/tryghost/issue/MOM-25

All these intersection types are getting a bit out of hand - but we can clean
up all of this once we're past prototyping phase.
2024-04-25 11:10:17 +07:00
renovate[bot]
25657b6a99 Update sentry-javascript monorepo to v7.112.1 2024-04-23 16:39:50 +02:00
renovate[bot]
627e8b66bb
Fixed BookmarkNode not auto selecting in Editor
refs 8166363359

- updated dependency @tryghost/koenig-lexical to v1.1.6
2024-04-23 14:36:00 +00:00
renovate[bot]
3960e8caa1 Update sentry-javascript monorepo to v7.112.0 2024-04-23 14:11:30 +02:00
Daniel Lockyer
fda8aa5bfe Removed Sentry logging from XMLRPC service
refs https://ghost-foundation.sentry.io/issues/5135326925/

- the service tends to 503 all the time, and we don't really care enough
  for it to ping us in Sentry, as it's not something we control
- we can still keep logging the errors in case we need to go and look at
  what went wrong
2024-04-23 12:48:33 +02:00
Fabien O'Carroll
2deee35673 Used more specific Content-Type for ActivityPub
no-issue
2024-04-23 11:53:27 +07:00
Fabien O'Carroll
da2ba37f63 Made the default ID a little more fun
no-issue

A bunch of zeroes is boring :(
2024-04-23 11:53:27 +07:00
Fabien O'Carroll
dfeb965878 Added extra properties to Actors JSON-LD
ref https://linear.app/tryghost/issue/MOM-25
ref https://docs.joinmastodon.org/spec/activitypub/#properties-used-1

This adds a bunch of extra properties, most of which are placeholders. They're
all taken from the mastodon docs for properties used on ActivityPub Actors
2024-04-23 11:53:27 +07:00
Chris Raible
d8672cb1ff
Fixed length of from field in the RedirectsImporter (#20034)
no issue

- The `RedirectsImporter` used by the data generator was creating
redirects with the wrong length for the `from` field, which didn't match
the actual behavior of Ghost.
- This commit corrects the length from 32 to 8, which is the actual
length of the `from` field in production.
- This change has no impact on Ghost's behavior, but makes the data
generator more representative of real world data for more accurate
testing.
2024-04-22 18:11:14 -07:00
Sanne de Vries
a2bbe6b3c3
Updated 'Users' to 'Staff' in search dropdown component (#20064)
No ref

- This copy change allows us to use consistent copy in both the general
search as well as the internal linking search component in the editor.
2024-04-22 14:49:43 +00:00
Daniël van der Winden
3771b2fca4
Fixed email footer text styling inconsistencies (#20063)
fixes
https://linear.app/tryghost/issue/DES-260/footer-link-text-smaller-than-regular-text

There was a bit of CSS in a media query aimed at other parts of the
newsletter template that was causing the footer styling to break. I
added some more specific styling for the footer as well, to make sure
span's within the `<p>` element are covered as well.
2024-04-22 15:43:19 +02:00
renovate[bot]
33c5ce057c Update dependency terser to v5.30.4 2024-04-22 12:42:44 +00:00
renovate[bot]
d69a0aa1e6 Update dependency knex-migrator to v5.2.1 2024-04-22 12:29:48 +02:00
Kevin Ansfield
8dac340492
Updated editor link search to group results (#20058)
closes https://linear.app/tryghost/issue/MOM-49

- bumped koenig-lexical so the bookmark card has group support for testing
- updated `searchLinks` function passed to Koenig to match expected grouped results shape
2024-04-22 05:35:18 +00:00
Fabien O'Carroll
99bfa30f81 Added Content-Type Header to actor & outbox endpoints
ref https://linear.app/tryghost/issue/MOM-25

This is the correct Content-Type and whilst not required, better in than out
2024-04-22 11:18:03 +07:00
Fabien O'Carroll
8542766094 Updated Actor key id to use Actor URL with fragment
ref https://linear.app/tryghost/issue/MOM-25

This matches the way that mastodon handles the key url and may be the reason
these documents are incompatible. This also removes the `username` key as that
isn't used anywhere, instead we have a username property which is rendered as
the ActivityPub compat preferredUsername key.
2024-04-22 11:18:03 +07:00
renovate[bot]
e4ffc7b8c0 Update dependency mysql2 to v3.9.7 2024-04-22 01:37:24 +00:00
renovate[bot]
69372d9018 Update dependency @sentry/profiling-node to v7.111.0 2024-04-19 16:56:32 +00:00
renovate[bot]
7fea4151d8 Update dependency @sentry/profiling-node to v7 2024-04-19 18:43:59 +02:00
Ghost CI
cb838c4bb6 v5.82.3 2024-04-19 16:04:16 +00:00
renovate[bot]
b24ad1ccc6 Update nest monorepo to v10.3.8 2024-04-19 15:05:38 +02:00
renovate[bot]
80fe672525 Update sentry-javascript monorepo to v7.111.0 2024-04-19 08:54:26 +02:00
Daniel Lockyer
f31814c804 Updated mysql2 dependency
refs #20050

- Renovate seems to be unable to bump the package past the security
  release, but unfortunately this release contains a breaking bug
- this commit manually bumps the package so we can get things flowing
  again
- the security release doesn't really affect us, but we should still try
  and keep on the latest
2024-04-19 08:48:24 +02:00
Kevin Ansfield
7132619115
Fixed internal linking not correctly filtering to published-only (#20054)
no issue

- updated search to add `status` to the search results
- added filtering to the editor's `searchLinks()` method
- prevented TaskCancellation errors being thrown from the search task being cast to a Promise
2024-04-18 17:18:37 +00:00
Chris Raible
a10b13916a
🐛 Fixed admin error when deleting an unsaved or imported post (#20053)
ref
https://linear.app/tryghost/issue/ENG-845/error-attempted-to-set-lexical-on-the-deleted-record
ref
[https://linear.app/tryghost/issue/ENG-854/🐛-deleting-imported-posts-makes-ghost-unresponsive](https://linear.app/tryghost/issue/ENG-854/%F0%9F%90%9B-deleting-imported-posts-makes-ghost-unresponsive)

- When deleting a post in the editor's Post Settings Menu, if the post
has unsaved changes (indicated by the hasDirtyAttributes property in the
editor), Admin will crash because it tries to save a post revision
before leaving the editor, but the post has already been deleted so
saving fails.
- This can occur when editing a post and quickly deleting it from the
Post Settings Menu before saving is completed.
- It can also occur when attempting to delete an imported post, as the
editor will parse the lexical from the server and may make some minor,
invisible-to-the-user changes to the lexical string locally (e.g. JSON
formatting, or updating the JSON to use extended version of base lexical
nodes), which triggers the same error.
- This fix bypasses the attempt to save a post revision when leaving the
editor if the post is already deleted, which allows the transition back
to the Posts route to succeed.
2024-04-18 10:02:02 -07:00
Kevin Ansfield
182fa62759
Bumped Koenig packages (#20047)
closes https://linear.app/tryghost/issue/MOM-39/

- fixes clicking on search results in internal linking PoC
- adds support for Node 20
2024-04-18 14:58:01 +00:00
Daniel Lockyer
10e81aeed8
ℹ️ Added support for Node 20
ref https://linear.app/tryghost/issue/ENG-765/add-support-for-node-20

- this adds support for Node 20 to Ghost and CI, as Node 20 is an LTS
  version and we should pick it up
2024-04-18 13:17:21 +02:00
Daniel Lockyer
8e0ad1a6fb
Fixed test on Node 20
refs f39d1d3aa3

- similar to the commit above, the JSON parser changed between Node 18
  and Node 20, so the error message changed too
- we actually just want to check the error is forwarded to the user, so
  we can do that by getting the error message from JSON.parse and check
  against that
2024-04-18 13:17:16 +02:00
Kevin Ansfield
96adb0a5d8
Wired up bookmark card internal linking proof of concept (#20044)
closes https://linear.app/tryghost/issue/MOM-1/

- added `feature.internalLinking` and `searchLinks` properties to the `cardConfig` object passed to the editor
- `searchLinks()` uses Admin's internal search to fetch and filter results
  - called with no search term to obtain default links to show as soon as the bookmark card is inserted, in our case we show the last 5 published posts. Result is cached for the duration of the editing session to avoid API queries/loading state after the first fetch
  - flattens search results for now because Koenig doesn't yet support grouped results
- bumps version of `@tryghost/koenig-lexical` to support the feature flag
2024-04-18 11:16:19 +00:00
renovate[bot]
ef6f79c272 Update dependency gscan to v4.43.0 2024-04-18 12:48:42 +02:00
Fabien O'Carroll
9e98be9268 Disabled caching for ActivityPub & WebFinger
ref https://linear.app/tryghost/issue/MOM-25

Whilst we're experimenting it's gonna be easier to not have to think about
caching affecting things. We'll disable it completely for now, and then decide
on a caching strategy that suits us down the line.
2024-04-18 17:40:44 +07:00
Fabien O'Carroll
e346423db2 Added missing JSON-LD context for publicKey definition
ref https://linear.app/tryghost/issue/MOM-25

This _might_ be the reason that Mastodon doesn't recognise our Actor, but
either way it's the correct thing to do so that JSON-LD parsers correctly
understand that publicKey field
2024-04-18 16:48:09 +07:00
Fabien O'Carroll
55d05f0476 Used path instead of query params for ActivityPub API
ref https://linear.app/tryghost/issue/MOM-25

This makes it easier to work with on the frontend, as we don't need to
whitelist query params for Ghost(Pro)
2024-04-18 14:54:57 +07:00
Fabien O'Carroll
d34884fc6d Moved ActivityPub API to frontend URL
ref https://linear.app/tryghost/issue/MOM-48

This required some structural changes to our NestJS setup so that we can mount
it on multiple parts of the Ghost express app.

We've used the RouterModule to allow adding submodules that are mounted on
different paths, and we've had to be explicit about the base path for each
module. We've also had to switch back to using the Module decorator, because
RouterModule doesn't work with DynamicModule definitions.

Now that the NestJS app has knowledge of the full path, we need to "reset" the
url & baseUrl when passing the request into NestJS so that it can correctly
match the path. This is probably needed for the frontend too, for subdirs, but
that causes further issues - as this in prototype stage, we'll look later

Another issue is that NestJS replaces the express app instance with its own,
which isn't an issue for the Admin API (though we've fixed it anyway for
consistency), but did cause problems for the frontend, because the express app
is where view engine and directory information is stored.

The fix for this is to save a reference to the original ghost express
application, and reattach it to the request if it is not handled by Nest

Now that we have the Nest app mounted on the frontend, we're able to have it
handle the /.well-known/webfinger route with a proper controller, which is nice!
2024-04-18 13:26:24 +07:00
Fabien O'Carroll
c51a434f64 Added initial support for Outbox to Actors
ref https://linear.app/tryghost/issue/MOM-32

This adds the basic building blocks for an Outbox for an Actor, currently it's
hardcoded - which'll let us at lest test integration with other platforms.

JSONLDService is an awful name, but it's late and this is a prototype.
2024-04-17 20:30:40 +07:00
Fabien O'Carroll
1d1c33db1e Simplified URL creation for Actor JSON-LD
no-issue

This makes the code easier to understand and maintain, and reduces the overhead
of converting to/from a Map. It also changes the URLs and makes them path based
2024-04-17 20:30:40 +07:00
Fabien O'Carroll
7a2e66708c Added support for Anon role in permissions
no-issue

This lets us have an unauthed endpoint for reading the outbox, long term we'll
probably wanna have this on the frontend URL but we don't have NestJS wired up
there yet.
2024-04-17 20:30:40 +07:00
Fabien O'Carroll
885dc537d5 Added initial support for /.well-known/webfinger
ref https://linear.app/tryghost/issue/MOM-26
ref https://linear.app/tryghost/issue/MOM-27
ref https://webfinger.net/spec/

WebFinger is the protocol which allows different ActivityPub implementers to
find information about Actors, it's kinda like the entrypoint.

Given a username like @user@site.com, we can look up the URL for the Actor at

   https://website.com/.well-known/webfinger?resource=acct:user@site.com

This would then give us the info needed to discover the Actor's Inbox & Outbox
2024-04-17 16:12:57 +07:00
Fabien O'Carroll
842098bd36 Switched to DynamicModule for AdminAPIModule
no-issue

This is consistent with our main NestJS Module and allows the values to be
introspected by other code, rather than be stored internaly in decorator
metadata, which makes it easier to debug.
2024-04-17 16:12:57 +07:00
Fabien O'Carroll
936e8fe8f8 Fixed type of id for base entity
no-issue

This needs to be cast to ObjectID so TS doesn't think it can be undefined
2024-04-17 16:12:57 +07:00
Fabien O'Carroll
ffbf2680ef Enabled Nest when ActivityPub flag is set
ref MOM-31
ref https://linear.app/tryghost/issue/MOM-31

We'll be building a lot of the new code for ActivityPub in Nest, so we'll need
to have it enabled in Ghost to work.
2024-04-17 14:00:07 +07:00
Fabien O'Carroll
0fb290a841 Added Feature Flag for ActivityPub
ref MOM-31
ref https://linear.app/tryghost/issue/MOM-31

Ronseal - let's goooooooo
2024-04-17 14:00:07 +07:00
Sodbileg Gansukh
7d42d1473e
Improved long label handling (#20029)
ref DES-205

- label name is now used as the title on label pills instead of static
text
- label names will now be truncated when it takes more than 2 lines
instead of 1
2024-04-17 05:02:21 +00:00
Kevin Ansfield
9213274a6b
🎨 Changed TK reminders to be case-insensitive (#20024)
closes https://linear.app/tryghost/issue/MOM-11

- updated Koenig packages to allow `tk`, `Tk`, and `tK` to be recognised as a TK reminder
2024-04-16 12:04:17 +00:00
renovate[bot]
96d0883928
🐛 Fixed file card button not being linked in emails (#20023)
ref https://linear.app/tryghost/issue/DES-202/

- bumped Koenig packages to include fix for incorrectly wrapped download image link in email rendering of file card
2024-04-16 10:37:28 +00:00
renovate[bot]
2af9c04477 Update CSS preprocessors 2024-04-16 09:44:36 +02:00
renovate[bot]
0802b9533c Update dependency semver to v7.6.0 2024-04-16 09:41:01 +02:00
Nicholas Mizoguchi
d6b7ebb517
Enforced more Mocha lint rules (#19720)
ref https://github.com/TryGhost/Ghost/issues/11038

1. Enforced lint rule
**[ghost/mocha/no-identical-title](https://github.com/lo1tuma/eslint-plugin-mocha/blob/main/docs/rules/no-identical-title.md)**
- Fixed relevant tests
2. Enforced lint rule
**[ghost/mocha/max-top-level-suites](https://github.com/lo1tuma/eslint-plugin-mocha/blob/main/docs/rules/max-top-level-suites.md)**
- No required fixes, as tests are compliant already

#### Additional details
Specifically for `ghost/mocha/no-identical-title` most fixes were simple
test description updates. Added comments to aid the PR review for the
ones that had relevant changes, and might require more attention. They
are as follows:
*
[e2e-api/admin/invites.test.js](https://github.com/TryGhost/Ghost/pull/19720#discussion_r1496397548):
Removed duplicated test (exact same code on both);
*
[e2e-api/admin/members.test.js](https://github.com/TryGhost/Ghost/pull/19720#discussion_r1496399107):
From the[ PR this was
introduced](73466c1c40 (diff-4dbc7e96e356428561085147e00e9acb5c71b58d4c1bd3d9fc9ac30e77c45be0L236-L237))
seems like author based his test on an existing one but possibly forgot
to rename it;
*
[unit/api/canary/utils/serializers/input/pages.test.js](https://github.com/TryGhost/Ghost/pull/19720#discussion_r1496400143):
The [page filter](https://github.com/TryGhost/Ghost/pull/14829/files)
was removed, so changed the description accordingly;
*
[unit/api/canary/utils/serializers/input/posts.test.js](https://github.com/TryGhost/Ghost/pull/19720#discussion_r1496400329):
The [page filter](https://github.com/TryGhost/Ghost/pull/14829/files)
was removed, so changed the description accordingly;
*
[unit/frontend/services/rendering/templates.test.js](https://github.com/TryGhost/Ghost/pull/19720#discussion_r1496402430):
Removed duplicated test
*
[unit/server/models/post.test.js](https://github.com/TryGhost/Ghost/pull/19720#discussion_r1496403529):
the change in [this
PR](https://github.com/TryGhost/Ghost/pull/14586/files#diff-c351cb589adefbb886570cfadb33b33eb8fdc12bde1024d1188cd18c165fc5e8L1010)
made three tests here mostly the same. Deduplicated them and kept only
one.
2024-04-16 09:37:06 +02:00
renovate[bot]
8e8250a332 Update dependency testem to v3.13.0 2024-04-16 09:24:20 +02:00
renovate[bot]
dd76bf2693 Update dependency terser to v5.30.3 2024-04-16 07:24:10 +00:00
Laurent Goderre
c2485af853
Updated metascraper/author dependency to fix arm32 installation (#19401)
Installing on arm32 (and perhaps arm64) on Alpine Linux architecture
fails due to re2 a dependency of metascraper.

References:
https://github.com/microlinkhq/metascraper/pull/681
https://github.com/docker-library/ghost/issues/400
2024-04-16 09:22:54 +02:00
renovate[bot]
39a9a9bfd8 Update sentry-javascript monorepo to v7.110.1 2024-04-16 09:09:22 +02:00
renovate[bot]
e7bb7a47ed Update dependency typescript to v5.4.5 2024-04-16 09:08:58 +02:00
renovate[bot]
0c119e2464 Update dependency typescript to v5.4.4 2024-04-15 09:47:55 +02:00
renovate[bot]
b008c00feb Update sentry-javascript monorepo to v7.110.0 2024-04-15 09:47:44 +02:00
renovate[bot]
f6f9f8cd79 Update dependency i18next to v23.11.2 2024-04-15 01:16:18 +00:00
Ghost CI
ff03b2eedb v5.82.2 2024-04-15 01:06:07 +00:00
Ghost CI
bc0496e5d3 🎨 Updated Source to v1.2.2 2024-04-15 01:06:06 +00:00
Ghost CI
5e6cc0d746 🎨 Updated Casper to v5.7.2 2024-04-15 01:06:06 +00:00
Kevin Ansfield
d6e599dab3
Generalised Admin search for use in editor (#20011)
ref https://linear.app/tryghost/issue/MOM-1

- renamed `searchable` to `groupName` so it better matches usage and avoids leaking internal naming to external clients
- added `url` to the fetched data for each data type as the editor will want to use front-end URLs in content
- added acceptance tests to help avoid regressions as we further generalise/optimise the search behaviour
2024-04-11 14:01:39 +00:00
Hannah Wolfe
145a184967 Added logging to RSS cache
- The RSS cache has lived for a really long time, but I'm not sure it's useful
- Want to be able to determine if it gets used much, and if not, then we can remove it
2024-04-11 10:33:53 +01:00
Michael Barrett
9e78412268
Added queue depth to requests (#19987)
refs
[CFR-14](https://linear.app/tryghost/issue/CFR-14/ensure-queue-depth-is-always-set-on-req)

Added queue depth to any request that passes through the request queue
middleware instead of only adding it to the request if it is queued.
This makes it easier to report on the queue depth within Elastic.
2024-04-11 09:24:04 +01:00
Kevin Ansfield
a788a9673c
Extracted Admin's search behaviour from component to service (#20008)
ref https://linear.app/tryghost/issue/MOM-1

- pre-requisite to exposing the search behaviour to the editor for internal linking
2024-04-10 11:44:24 +00:00
Kevin Ansfield
ebd36f2503
Added internalLinking labs flag (#20006)
ref https://linear.app/tryghost/issue/MOM-1
2024-04-10 12:13:37 +01:00
Kevin Ansfield
0cb0e7109a
Refreshed Admin .lint-todo file (#20007)
no issue

- bumped todos for 120 days
2024-04-10 10:45:59 +00:00
renovate[bot]
5eab1e1ed6 Update dependency i18next to v23.11.1 2024-04-09 18:49:21 +00:00
Daniël van der Winden
c692c1b634
Updated paywall CTA text (#20004)
fixes DES-164
2024-04-09 14:53:51 +00:00
renovate[bot]
f4cb488d04 Update dependency i18next to v23.11.0 2024-04-08 17:03:58 +00:00
Ghost CI
f046442bd8 v5.82.1 2024-04-08 14:42:52 +00:00
Kevin Ansfield
5c05ebe6cb
Fixed browser tests broken by onboarding changes (#19998)
ref 78311591d0

- updated tests to not click a button on the setup/done screen that is no longer shown
- fixed setup flow showing an alert bar due to not handling the `TransitionAborted` error that is thrown by the setup/done->dashboard redirect
2024-04-08 15:15:04 +01:00
Kevin Ansfield
78311591d0
🎨 Improved post-setup onboarding flow (#19996)
ref https://linear.app/tryghost/issue/IPC-66/onboarding-checklist-v1

- replaced the setup/done screen with a new onboarding checklist shown on the dashboard
2024-04-08 13:03:41 +01:00
Daniël van der Winden
c1321f8b84
Onboarding mobile improvements (#19997)
fixes IPC-142
2024-04-08 11:55:30 +00:00
Djordje Vlaisavljevic
3d4c4d4848 Fixed "skip onboarding" button position on smaller screens
fixes https://linear.app/tryghost/issue/IPC-141/mobile-style-bug-for-skip-onboarding-button
2024-04-08 09:55:43 +01:00
Ghost CI
b6195d204c v5.82.0 2024-04-05 16:05:12 +00:00
Chris Raible
01d0b2b304
Added new member signup flow behind labs flag (#19986)
ref https://linear.app/tryghost/issue/KTLO-1/members-spam-signups

- Some customers are seeing many spammy signups ("hundreds a day") — our
hypothesis is that bots and/or email link checkers are able to signup by
simply following the link in the email without even loading the page in
a browser.
- Currently new members signup by clicking a magic link in an email,
which is a simple GET request. When the user (or a bot) clicks that link, Ghost
creates the member and signs them in for the first time.
- This change, behind an alpha flag, requires a new member to click the
link in the email, which takes them to a new frontend route `/confirm_signup/`, then submit a form on the page which sends a POST request to the
server. If JavaScript is enabled, the form will be submitted
automatically so the only change to the user is an extra flash/redirect
before being signed in and redirected to the homepage.
- This change is behind the alpha flag `membersSpamPrevention` so we can
test it out on a few customer's sites and see if it helps reduce the
spam signups. With the flag off, the signup flow remains the same as
before.
2024-04-04 15:25:41 -07:00
Fabien O'Carroll
a262a64eea Moved additional payment methods into beta
ref ENG-812
ref https://linear.app/tryghost/issue/ENG-812

We want to roll this out as a beta feature
2024-04-04 23:54:01 +07:00
Fabien O'Carroll
c1b72b3997 Wired up additional payment types with labs flag
ref ENG-812
ref https://linear.app/tryghost/issue/ENG-812
2024-04-04 23:13:10 +07:00
Fabien O'Carroll
781599de62 Added a feature flag for additional payment methods
ref ENG-812
ref https://linear.app/tryghost/issue/ENG-812
2024-04-04 23:13:10 +07:00
Fabien O'Carroll
1d13a9c549 Refactored payment methods into shared global
ref ENG-812
ref https://linear.app/tryghost/issue/ENG-812

This will make it easier to switch to long term
2024-04-04 23:13:10 +07:00
Djordje Vlaisavljevic
7107b092fd Made Ghost logo background in dark mode match the admin background
close https://linear.app/tryghost/issue/IPC-140/ghost-logo-in-dark-mode-doesnt-perfectly-match-the-background
2024-04-04 12:13:33 +01:00
Daniel Ordóñez
0f0cdfdcd4
feat(spanish): Update spanish support comments.json (#19964)
Got some code for us? Awesome 🎊!

Please include a description of your change & check your PR against this
list, thanks!

- [x] There's a clear use-case for this code change, explained below
- [x] Commit message has a short title & references relevant issues
- [x] The build will pass (run `yarn test:all` and `yarn lint`)

We appreciate your contribution!

Explanation: There are some missing accents in:


4c598a1e6d/ghost/i18n/locales/es/comments.json (L18-L19)

And


4c598a1e6d/ghost/i18n/locales/es/comments.json (L37)

Specifically in: Conviertete, Se. So instead of including accents I just
used simpler words so it sounds as a more natural translation, I have
already translated my whole newsletter https://crecimientoconsciente.co/
to Spanish I'm just finishing some wording details.

Also if you could please give a check to this
[comment](https://github.com/TryGhost/Ghost/issues/16628#issuecomment-1990569446)
in milestone 3 of translations for official support in email paywall
cta.

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-04-03 15:52:15 -04:00
Taro Sato
53b37d6424
Add Japanese translation of comment resources (#19941)
This PR adds Japanese translation to the comment resources
(ghost/i18n/locales/ja/comments.json). Currently, all of them are empty
and Japanese translations are not supplied.

The PR also adds Japanese translations to a few missing phrases in the
portal language resources (ghost/i18n/locales/ja/portal.json).

---------

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-04-03 15:51:48 -04:00
Amir
f6635e2306
Added: Persian Locale (#19932)
This PR will add Persian language locale (fa/fa_IR) for Ghost

- [x] The build will pass (run `yarn test:all` and `yarn lint`)

---------

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-04-03 15:51:12 -04:00
Fabien O'Carroll
0bd4a800a5 Fixed error message for custom theme settings
ref ENG-809
ref https://linear.app/tryghost/issue/ENG-809

This includes the fix to the error message from gscan
2024-04-04 01:39:30 +07:00
Ryan Feigenbaum
5aa792c236
Add IDs for metrics (#19981)
REF:
https://linear.app/tryghost/issue/IPC-139/ensure-buttons-have-ids-for-posthog
- Added IDs to facilitate measurement in PH.
2024-04-03 14:35:18 -04:00
Daniël van der Winden
c384b79d33
Removed a word from an onboarding step (#19980)
Deleted "own" in "craft a look that reflects your own brand and style."
2024-04-03 17:03:53 +00:00
Kevin Ansfield
d5a9731845
Fixed email_recipients indexes to match query usage (#19918)
closes https://linear.app/tryghost/issue/ENG-791/migration-to-fix-email-recipients-indexes

Our indexes over single columns (`delivered_at`, `opened_at`, `failed_at`) were ineffective because the only time we query those is alongside `email_id` meaning we were frequently performing full table scans on very large tables during our email analytics jobs.

- added migration to add new indexes covering `email_id` and the respective columns
- added migration to drop the old indexes that weren't being used in any query plans

Local runtime with ~2M email_recipient rows:
- before: 1.7s
- after: 99ms

Explain output...

before:
```
+----+-------------+------------------+------------+-------+----------------------------------------------------------------------------------+----------------------------------------------+---------+-------+--------+----------+------------------------------------+
| id | select_type | table            | partitions | type  | possible_keys                                                                    | key                                          | key_len | ref   | rows   | filtered | Extra                              |
+----+-------------+------------------+------------+-------+----------------------------------------------------------------------------------+----------------------------------------------+---------+-------+--------+----------+------------------------------------+
|  1 | UPDATE      | emails           | NULL       | index | NULL                                                                             | PRIMARY                                      | 98      | NULL  |      1 |   100.00 | Using where                        |
|  4 | SUBQUERY    | email_recipients | NULL       | range | email_recipients_email_id_member_email_index,email_recipients_failed_at_index    | email_recipients_failed_at_index             | 6       | NULL  |   2343 |     7.76 | Using index condition; Using where |
|  3 | SUBQUERY    | email_recipients | NULL       | ref   | email_recipients_email_id_member_email_index,email_recipients_opened_at_index    | email_recipients_email_id_member_email_index | 98      | const | 159126 |    50.00 | Using where                        |
|  2 | SUBQUERY    | email_recipients | NULL       | ref   | email_recipients_email_id_member_email_index,email_recipients_delivered_at_index | email_recipients_email_id_member_email_index | 98      | const | 159126 |    50.00 | Using where                        |
+----+-------------+------------------+------------+-------+----------------------------------------------------------------------------------+----------------------------------------------+---------+-------+--------+----------+------------------------------------+
```

after:
```
+----+-------------+------------------+------------+-------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------+---------+------+--------+----------+--------------------------+
| id | select_type | table            | partitions | type  | possible_keys                                                                                                                                                                 | key                                          | key_len | ref  | rows   | filtered | Extra                    |
+----+-------------+------------------+------------+-------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------+---------+------+--------+----------+--------------------------+
|  1 | UPDATE      | emails           | NULL       | index | NULL                                                                                                                                                                          | PRIMARY                                      | 98      | NULL |      1 |   100.00 | Using where;             |
|  4 | SUBQUERY    | email_recipients | NULL       | range | email_recipients_email_id_member_email_index,email_recipients_email_id_delivered_at_index,email_recipients_email_id_opened_at_index,email_recipients_email_id_failed_at_index | email_recipients_email_id_failed_at_index    | 104     | NULL |     60 |   100.00 | Using where; Using index |
|  3 | SUBQUERY    | email_recipients | NULL       | range | email_recipients_email_id_member_email_index,email_recipients_email_id_delivered_at_index,email_recipients_email_id_opened_at_index,email_recipients_email_id_failed_at_index | email_recipients_email_id_opened_at_index    | 104     | NULL | 119496 |   100.00 | Using where; Using index |
|  2 | SUBQUERY    | email_recipients | NULL       | range | email_recipients_email_id_member_email_index,email_recipients_email_id_delivered_at_index,email_recipients_email_id_opened_at_index,email_recipients_email_id_failed_at_index | email_recipients_email_id_delivered_at_index | 104     | NULL | 146030 |   100.00 | Using where; Using index |
+----+-------------+------------------+------------+-------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------+---------+------+--------+----------+--------------------------+
```
2024-04-03 17:52:52 +01:00
Kevin Ansfield
2a119cc4a4
Removed confirmation modal when dismissing onboarding (#19979)
closes https://linear.app/tryghost/issue/IPC-138/skip-onboarding-confirmation

- removed confirmation modal
- changed button to directly call the dismiss action on the onboarding service
2024-04-03 16:46:38 +00:00
Kevin Ansfield
bd93bf0dea Optimised email stats aggregation query for typical column usage
ref https://linear.app/tryghost/issue/ENG-790/remove-use-of-sub-queries-in-email-analytics

- the `delivered_at` column is typically entirely/nearly entirely filled with values meaning the `IS NOT NULL` query matches a huge number of rows that MySQL has to fetch from the index to count
- using `IS NULL` switches that behaviour around as it will now match very few rows which has been shown in testing to be considerably quicker
- after switching to `IS NULL` the query returns an "undelivered" count rather than a "delivered" count, in order to keep the rest of the system behaviour the same we can calculate the delivered count by subtracting the query result from the total number of emails sent which we can fetch using a very fast primary key lookup query on the `emails` table
2024-04-03 16:27:23 +01:00
Kevin Ansfield
4f5a7b420e Removed use of subqueries in email analytics queries
closes https://linear.app/tryghost/issue/ENG-790/remove-use-of-sub-queries-in-email-analytics

Avoiding sub queries means we don't have a process tied up for longer than necessary and we can more easily see if one of the queries is non-performant.

- extracted the count queries into separate queries and used the retrieved values in the final update query
- removed a query by moving the email open rate calculation into JS as we've already fetched the necessary data before that point
2024-04-03 16:27:23 +01:00
Daniël van der Winden
83d4484d94
Updated icon positions in onboarding checklist (#19976)
fixes IPC-135

Icon no longer jumps around on hover in Safari.
2024-04-03 09:18:08 +00:00
Kevin Ansfield
9fb14aab7d
Added background blur to onboarding modals (#19969)
ref https://linear.app/tryghost/issue/IPC-125/modal-and-checklist-misaligned

- added background blur to the share and dismiss modals so the misalignment with non-full-width content is less obvious
2024-04-03 09:39:28 +01:00
Daniël van der Winden
9dcee418a4
Updated onboarding copy and line-height (#19975)
Descenders were being cut off in the titles due to the line-height not
being set right.
2024-04-03 08:34:35 +00:00
Daniel Lockyer
de668e7950 🔒 Added escaping to member export CSV fields
fix https://linear.app/tryghost/issue/ENG-805/
refs https://owasp.org/www-community/attacks/CSV_Injection

- it's possible for certain fields in a member CSV export to be executed
  by software that opens the CSVs
- we can protect against this for the user by escaping any forumulae in
  the CSV fields
- papaparse provides this option natively, so it's just a case of
  providing the field to the unparse method
- credits to Harvey Spec (phulelouch) for reporting
2024-04-03 10:21:02 +02:00
Kevin Ansfield
2332f339dc
Fixed setup/done screen showing 500 when not authenticated (#19973)
closes https://linear.app/tryghost/issue/IPC-136/setupdone-route-500s-if-you-hit-it-from-a-logged-out-state-instead-of

- the setup/done route was not set up as an authenticated route so no redirect occurred when accessing it directly before logging in which in turn caused an error because the route tries to read from the session user
2024-04-02 16:43:44 +00:00
Ryan Feigenbaum
12379e7cc5
Update LinkedIn share URL in share-modal.hbs (#19971)
Improve link sharing for LinkedIn
REF:
https://linear.app/tryghost/issue/IPC-131/linkedin-sharing-looks-really-odd
2024-04-02 10:24:37 -04:00
Daniël van der Winden
c7c13a394a
Added subheading to onboarding checklist (#19970) 2024-04-02 13:54:51 +00:00
renovate[bot]
956c51436e Update dependency terser to v5.30.2 2024-04-02 13:08:00 +00:00
Kevin Ansfield
98ce6bf4d5
Fixed onboarding checklist video logo autoplay (#19967)
closes https://linear.app/tryghost/issue/IPC-117/fix-ghost-orb-logo-not-being-animated-in-chrome-or-arc

- Chrome wasn't respecting the `muted` attribute when the dashboard is loaded without any interaction resulting in the video not auto playing
- fixed by adding a `{{autoplay}}` modifier that explicitly sets the `muted` property on the video before calling `.play()` which appears to bypass the interaction-required block
2024-04-02 13:55:22 +01:00
Daniël van der Winden
50dceb23ff
Updated class names for Share modal (#19966)
fixes IPC-134

Some class names in the share modal (onboarding) were not in line with
how we define our classes at Ghost.
2024-04-02 11:48:17 +00:00
renovate[bot]
a263877aa5 Update dependency terser to v5.30.1 2024-04-01 16:12:35 +00:00
Djordje Vlaisavljevic
bbb0239ac4 Updated onboarding checklist copy
ref https://linear.app/tryghost/issue/IPC-98/copy-feedback
2024-04-01 17:00:27 +01:00
Djordje Vlaisavljevic
1137926464 Open Design settings modal when clicked from Share modal
close https://linear.app/tryghost/issue/IPC-129/link-to-design-settings-modal-in-share-modal
2024-04-01 17:00:27 +01:00
Djordje Vlaisavljevic
96b23b3e6a Removed dashboard widgets when onboarding checklist is active
ref https://linear.app/tryghost/issue/IPC-128/hide-dashboard-widgets-if-onboarding-checklist-is-active
2024-04-01 17:00:27 +01:00
renovate[bot]
541395434d Update sentry-javascript monorepo to v7.109.0 2024-04-01 14:10:07 +02:00
Ghost CI
d4d69e2ac5 v5.81.1 2024-04-01 06:16:31 +00:00
Ryan Feigenbaum
7a5bb0818b
Fix punctuation in onboarding checklist help message (#19961)
REF: https://linear.app/tryghost/issue/IPC-98/copy-feedback
2024-03-31 11:53:14 -04:00
Ryan Feigenbaum
f5d025d7dd
Update copy for onboarding checklist. (#19960)
REF: https://linear.app/tryghost/issue/IPC-98/copy-feedback
2024-03-31 11:00:44 -04:00
Kevin Ansfield
0cd8547e23
Added confirmation modal to onboarding skip button (#19956)
closes https://linear.app/tryghost/issue/IPC-115/make-skip-onboarding-button-work

- show a confirmation modal when clicking the "Skip onboarding" button
- onboarding is only dismissed when confirm button is clicked in the modal
2024-03-28 17:50:40 +00:00
Daniël van der Winden
dda9ba2462
Updated checklist hovers in dark mode (#19955)
'Skip onboarding' and 'Help Center' hover states were not legible.
2024-03-28 17:01:17 +00:00
Djordje Vlaisavljevic
0b7f3546ac Fixed linting issue
ref https://linear.app/tryghost/issue/IPC-96/add-link-back-to-dashboard-to-post-published-screen
2024-03-28 16:47:53 +00:00
Djordje Vlaisavljevic
c3355d0067 Added link to dashboard on post-published screen
closes https://linear.app/tryghost/issue/IPC-96/add-link-back-to-dashboard-to-post-published-screen

- When the onboardingChecklist feature flag is enabled, hides "Back to editor" link on post-published screen and shows "Back to dashboard" instead. There is already one link back to the editor, and it makes sense to let users go back to the dashboard easily.
2024-03-28 16:47:53 +00:00
Djordje Vlaisavljevic
f20c79ee54 Fixed placement when last onboarding step is the active one
ref https://linear.app/tryghost/issue/IPC-124/fix-placement-when-the-last-step-is-active
2024-03-28 16:47:53 +00:00
Daniël van der Winden
85737012ab
Improved hover states for Onboarding Checklist (#19953)
fixes IPC-123
2024-03-28 16:15:05 +00:00
Kevin Ansfield
5cb85ff58f
Replaced setup/done screen with onboarding checklist (#19952)
part of https://linear.app/tryghost/issue/IPC-81/remove-setupdone-screen-from-signup-flow

- when the `onboardingChecklist` flag is enabled the `setup/done` screen shown after install or signup will initiate the onboarding checklist and redirect straight to the dashboard effectively replacing the previous onboarding flow
2024-03-28 16:10:59 +00:00
Sag
540660a49e
🐛 Fixed adding recommendations with long excerpts (#19949)
ref https://linear.app/tryghost/issue/ENG-801/unable-to-recommend-sites-with-long-excerpts

- recommending a site with a long excerpt was being blocked by a
validation error
- with this change, we truncate the excerpt to 2000 characters max. and
avoid showing an error in the UI
- with this change, the description length validation is also now
stricter; 200 characters max, instead of 2000, to match the UI
2024-03-28 17:02:37 +01:00
Djordje Vlaisavljevic
60b8316bb6 Added more performant way of displaying dark mode animated logo
ref https://linear.app/tryghost/issue/IPC-121/add-dark-mode-version-of-the-animated-ghost-logo
2024-03-28 15:57:26 +00:00
Djordje Vlaisavljevic
ac90c5691d Added a dark mode version of the animated Ghost logo for onboarding
ref https://linear.app/tryghost/issue/IPC-121/add-dark-mode-version-of-the-animated-ghost-logo
2024-03-28 15:57:26 +00:00
Kevin Ansfield
63fa7b1952
Migrated dashboard share modal to modern pattern (#19950)
closes https://linear.app/tryghost/issue/IPC-92/add-logic-for-completing-steps
closes https://linear.app/tryghost/issue/IPC-111/re-work-share-modal-to-use-the-right-pattern

- migrated code over to the modern ember-promise-modals pattern
- added share step completion when opening modal
- removed unnecessary 1sec timeout when clicking "Copy" button
- moved various share URLs into the template so there's less need to look back-and-forth between template and backing class
2024-03-28 15:35:35 +00:00
Kevin Ansfield
1c219fdcb6
Wired onboarding checklist to saved user settings (#19948)
part of https://linear.app/tryghost/issue/IPC-92/add-logic-for-completing-steps
part of https://linear.app/tryghost/issue/IPC-115/make-skip-onboarding-button-work

- updated `onboarding` service to use the `user.accessibility` (poor naming, this is an old field used for general user settings) as it's backing store
- added `onboarding.allStepsCompleted` to allow for "completion" state to be shown before the checklist is marked as completed
- added `onboarding.{complete,dismiss}Checklist()` actions and wired those up to the template

When testing, if you need to reset the checklist you can run this in DevTools console
```
Ember.Namespace.NAMESPACES_BY_ID['ghost-admin'].__container__.lookup('service:onboarding').startChecklist()
```
2024-03-28 14:19:43 +00:00
Sag
7e2d842db2
🐛 Fixed keeping existing attribution in recommendations (#19945)
ref https://linear.app/tryghost/issue/ENG-799

- recommendations were being stripped of query parameters and hash
fragments before save
- in particular, query parameters for attribution such as ?ref were not
being stored
2024-03-28 13:54:23 +01:00
Daniël van der Winden
86911be7db
Removed margin from checkmark (#19947)
fixes IPC-120
2024-03-28 12:37:54 +00:00
Daniël van der Winden
9bf133a70c
Added gradient background to onboarding checklist (#19946)
fixes IPC-114
2024-03-28 11:54:53 +00:00
Daniël van der Winden
008f36e476
Added styles for dark mode (#19944)
fixes IPC-119
2024-03-28 11:29:20 +00:00
renovate[bot]
d76eed50e6 Update nest monorepo to v10.3.7 2024-03-28 10:12:04 +01:00
Steve Larson
78d2a5e3c0
🐛 Fixed flaky browser tests (#19929)
ref https://linear.app/tryghost/issue/CFR-13
- enabled saving traces on browser test failure; this makes troubleshooting a lot easier
- updated handling in offers tests to ensure the tier has fully loaded in the UI (not just `networkidle`)
- updated publishing test to examine the publish button reaction to the save action response instead of a 300ms pause

In general, our tests use a lot of watching for 'networkidle' - and sometimes just raw timeouts - which do not scale well into running tests on CI. In particular, 'networkidle' does not work if we're expecting to see React components' state updates propagate and re-render. We should always instead look to the content which encapsulates the response and the UI updates. This is something we should tackle on a larger scale.
2024-03-27 13:57:53 -05:00
Kevin Ansfield
90d8b41f63
Wired up in-memory onboarding step completion (#19940)
ref https://linear.app/tryghost/issue/IPC-92/add-logic-for-completing-steps

- added in-memory step completion to `onboarding` service
- wired up the onboarding checklist to mark steps as completed when clicked
- extracted re-used step template and logic into components/helpers
2024-03-27 18:27:43 +00:00
Kevin Ansfield
919ec733e7
Moved onboarding display check into new onboarding service (#19938)
refs
https://linear.app/tryghost/issue/IPC-92/add-logic-for-completing-steps

- added `onboarding` service to manage logic and state for the onboarding display and it's various steps
- added basic "display onboarding checklist" state to replicate the basic feature flag toggle along with making sure it's only shown to owners
- added acceptance test file and missing mirage endpoints needed for the dashboard to load without error
2024-03-27 17:37:37 +00:00
Djordje Vlaisavljevic
75b08a716b Added dark mode styles for onboarding checklist
ref https://linear.app/tryghost/issue/IPC-108/add-dark-mode-design
2024-03-27 14:13:29 +00:00
Djordje Vlaisavljevic
71a1d825e3 Added onboarding checklist success state button
ref https://linear.app/tryghost/issue/IPC-91/add-success-state-design
2024-03-27 14:13:29 +00:00
Sanne de Vries
f8a55de743
Added exact timestamp to the title attribute of the post date in the … (#19936)
…post list view

Ref DES-171
2024-03-27 13:52:38 +01:00
Oktay Kilic
a1afc87757
Made changes in Turkish local for Comments, Ghost and Portal (#19919)
Dear Ghost team, 

Hope you're well. 

While developing our website https://fayn.press (we just launched it),
we came across a few English-Turkish translations that needed
correction.

Following the guide you shared with me, I made the corrections & changes
using Github and am now submitting it.

I changed "Sign in": "Kayıt ol", to "Sign in": "Giriş Yap", as the
current translation is wrong. Kayit ol means Sign up, as opposed to sign
in. It's been confusing for our paying members to receive an email that
says "sign up" in Turkish (Kayit ol) right after they sign up for the
site by paying. We'd greatly appreciate it if this could be fixed as
soon as possible.

Other suggestions are mostly improvements in translations that sound
more natural in Turkish.

I went through all translations and other than these, they are all good.

Thank you, 
Oktay

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-03-27 08:21:16 -04:00
renovate[bot]
dfacfb56bc Update dependency terser to v5.30.0 2024-03-27 11:31:29 +00:00
Daniël van der Winden
8757a5deec
Updated the copy link behaviour on the social share modal (#19933) 2024-03-27 12:18:15 +01:00
Sanne de Vries
c39c2de067
Updated time formatting for drafts and scheduled posts (#19924)
Ref TRI-27
- Published posts now show the published date in post list, instead of
updated date.
- The `gh-format-post-time` helper now has a `relative` and `absolute`
and option instead of formatting being tied to `draft` and `published`
state. This allows for more flexibility in how dates are displayed.
- Draft, scheduled and published posts now follow the same time
formatting pattern: today, yesterday, or explicit dates if further in
the past.
- Hover states for dates in the post list have been removed.
- Title attributes are added indicating whether timestamp refers to updated_at or published_at
- The scheduling logic on the publish page still uses relative
formatting.
2024-03-27 11:30:14 +01:00
renovate[bot]
dcbbfbba70 Update dependency express to v4.19.2 [SECURITY] 2024-03-27 11:18:44 +01:00
renovate[bot]
86575890f3 Update nest monorepo to v10.3.6 2024-03-27 11:04:20 +01:00
Simon Backx
3b8fb3cedf
Added support for ignoring migrated (duplicate) subscriptions (#19902)
refs KTLO-19

When we need to migrate subscriptions from a platform with platform
fees, we need to recreate the subscriptions. That can cause the same
subscription to be attached multiple times to the same member in Ghost.

This is a problem because all MRR, subscriptions and cancellations stats
are no longer correct. Ghost will add a MRR event for the duplicated
subscription from the start time, so there is a sudden peak in MRR and a
dip after the migration because all those duplicate subscriptions are
suddenly cancelled 'today'.

The migrator tool adds a ghost_migrated_to metadata field to the old
subscription. Ghost can use this to detect the old subscription and
delete the subscription and corresponding events.
2024-03-27 10:32:32 +01:00
Bojan Drango
08553f63f8
Added Macedonian language (mk) (#19920)
Added translation for Macedonian language (locales/mk)

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-03-26 22:46:49 -04:00
Daniël van der Winden
3664db491d
Updated social share modal layout (#19925)
- Changed the layout of the modal
- Added a fallback state for the cover image
- Added possibility to copy the publication link
- Correct hover states for social media buttons

---------

Co-authored-by: Ryan Feigenbaum <48868107+royalfig@users.noreply.github.com>
2024-03-26 19:38:07 +01:00
Sag
5c4a4e812c
Removed Powered by Ghost clicks in publisher analytics (#19926)
fixes https://linear.app/tryghost/issue/TRI-65/add-powered-by-ghost-badge-tracking

- clicks on the "Powered by Ghost" badge were unintentionally surfaced
in publisher analytics, under Newsletter Clicks
2024-03-26 17:51:23 +01:00
renovate[bot]
ec25aed06f fix(deps): update dependency mysql2 to v3.9.3 2024-03-26 07:46:09 +00:00
Fabien 'egg' O'Carroll
3d3b3ff701
Fixed Editors being able to invite Editors (#19904)
ref ENG-774
ref https://linear.app/tryghost/issue/ENG-774

Staff Tokens will have both a `user` and an `apiKey` present on the
`loadedPermissions`.

The check here for `apiKey` was written when we could assume that an
`apiKey` was an Admin Integration - so it completely overwrote the
previous `allowed` list. When we added the concept of Staff Tokens -
this resulted in a privilege escalation.

This is a good lesson in not using proxies or indicators for data, as
changes elsewhere can invalidate them - if we had been specific and
checked the role of the current actor we wouldn't've had this bug!
2024-03-26 00:45:08 +07:00
Simon Backx
89a01c2d05
Added support for clearing all data with data generator (#19901)
no issue

When testing Stripe migrations, it is useful to be able to clear the
database quickly without deleting admins and tokens. This is possible
with the data generator.
2024-03-25 14:44:28 +01:00
Ronald Langeveld
db62d83387
Bumped Koenig-Lexical to new minor (#19909)
no issue

- Bumped Koenig-Lexical to a new minor.
- This change contains the new Unsplash selector which is a breaking
change as default headers are handled a touch different.
2024-03-25 20:32:46 +08:00
Peter Zimon
cda909fdb8
Fixed alignment of main title in Admin (#19911)
Ref DES-188

- the alignment of the main page title and the site title in the sidebar
was off
- also the top right dropdown's vertical positioning was off
2024-03-25 12:23:24 +01:00
Daniël van der Winden
3fa363f944
Fixed design issue DES-4 (#19662)
Fixed inconsistencies in typography for footer and featured images, on desktop and mobile.
2024-03-25 12:08:34 +01:00
renovate[bot]
97c63e1735 chore(deps): update sentry-javascript monorepo to v7.108.0 2024-03-25 08:34:53 +00:00
renovate[bot]
8db502c1b0 Update nest monorepo to v10.3.5 2024-03-25 08:22:23 +00:00
Ghost CI
5d714f8a05 v5.81.0 2024-03-22 16:05:44 +00:00
Sunghyun Cho
bdbbac6d15
i18n: Korean Improvements (#19906)
- [x] There's a clear use-case for this code change, explained below
- [x] Commit message has a short title & references relevant issues
- [x] The build will pass (run `yarn test:all` and `yarn lint`)

I have improved the Korean translations by ensuring consistent tones,
using more polite phrases and correcting grammar errors.
2024-03-22 10:18:31 -04:00
Djordje Vlaisavljevic
5e631114db Added a thousands separator to tier price on member detail screen
ref https://linear.app/tryghost/issue/DES-152/thousand-separator-missing-in-member-details-tier-price
2024-03-21 14:55:39 +00:00
Djordje Vlaisavljevic
ba7f448e12 Fixed "Read this article" link on the dashboard
ref https://linear.app/tryghost/issue/DES-138/🐛-read-this-article-link-on-dashboard-leads-to-resources-instead
2024-03-21 14:55:39 +00:00
Steve Larson
a1c4e64994
Added queueing middleware to handle high request volume (#19887)
ref https://linear.app/tryghost/issue/CFR-4/
- added request queueing middleware (express-queue) to handle high
request volume
- added new config option `optimization.requestQueue`
- added new config option `optimization.requestConcurrency`
- added logging of request queue depth - `req.queueDepth`

We've done a fair amount of investigation around improving Ghost's
resiliency to high request volume. While we believe this to be partly
due to database connection contention, it also seems Ghost gets
overwhelmed by the requests themselves. Implementing a simple queueing
system allows us a simple lever to change the volume of requests Ghost
is actually ingesting at any given time and gives us options besides
simply increasing database connection pool size.

---------

Co-authored-by: Michael Barrett <mike@ghost.org>
2024-03-21 09:25:07 -05:00
renovate[bot]
dfdd4e5cfa Update dependency express to v4.19.1 2024-03-21 11:50:48 +01:00
Ghost CI
b88ef5f816 Merged v5.80.5 into main 2024-03-21 09:51:52 +00:00
Ghost CI
40277465ba v5.80.5 2024-03-21 09:51:50 +00:00
Sag
c2320cd2ea Revert "Added referral tracking to the powered-by-ghost newsletter badge" (#19899)
refs https://ghost.slack.com/archives/CTH5NDJMS/p1710976281912809

- this reverts commit 9869d9adb6
- the referral query parameter is unintentionally surfacing in publisher
analytics
2024-03-21 10:37:42 +01:00
Sag
5477d70a0c
Revert "Added referral tracking to the powered-by-ghost newsletter badge" (#19899)
refs https://ghost.slack.com/archives/CTH5NDJMS/p1710976281912809

- this reverts commit 9869d9adb6
- the referral query parameter is unintentionally surfacing in publisher
analytics
2024-03-21 10:02:17 +01:00
renovate[bot]
1c1ef70677 Update nest monorepo to v10.3.4 2024-03-21 09:30:07 +01:00
renovate[bot]
092f982fec Update dependency typescript to v5.4.3 2024-03-21 09:28:10 +01:00
Djordje Vlaisavljevic
7b70b60ad4 Added dynamic site title to the checklist
ref https://linear.app/tryghost/issue/IPC-76/add-static-checklist-to-the-dashboard
2024-03-20 20:39:01 +00:00
Djordje Vlaisavljevic
53310b52c1 Added function for copying publication link
ref https://linear.app/tryghost/issue/IPC-90/add-share-modal
2024-03-20 20:39:01 +00:00
Djordje Vlaisavljevic
aa7d294162 Switched "Copy link" icon to link
ref https://linear.app/tryghost/issue/IPC-90/add-share-modal
2024-03-20 20:39:01 +00:00
renovate[bot]
28c851be6a Update dependency sanitize-html to v2.13.0 2024-03-20 19:10:32 +00:00
Fabien O'Carroll
cb72835af1 Removed support for id specific permissions
ref ENG-728
ref https://linear.app/tryghost/issue/ENG-728

This is not used anywhere, and makes the code more complicated, it's a good
step toward simplifying permissions and pulling them out of the database.
2024-03-21 00:21:40 +07:00