refs https://github.com/TryGhost/Team/issues/1871
This commit adds a test to the serialize method of `post-emaiserializer`. It checks whether the generated email HTML is valid and standard HTML5 and that all properties are escaped.
To do this validation, I depend on the new `html-validate` dev dependency. Just parsing the HTML with a HTML parser is not enough to guarantee that the HTML is okay.
Apart from that this fixes:
- Removed the sanitizeHTML method and replaced it with normal HTML escaping. We don't want to allow any HTML in the escaped fields. Whereas `sanitizeHTML` still allows valid HTML, but we don't want that and want the same behaviour as on the site. E.g., a post with a title `All your need to know about the <br /> tag` should actually render the same title and non-html content, being `All your need to know about the <br /> tag`
- The file, nft and audio card didn't (always) escape the injected HTML fields (new version @tryghost/kg-default-cards)
- `@tryghost/string` is bumped because it contains the new escapeHtml method
refs https://github.com/TryGhost/Team/issues/1734
- resolves some deprecations raised by the addon which has fallen out of regular maintenance
- we were largely overriding much of the addon so the additional code was minimal, most of the changes were from updating to modern patterns
refs https://github.com/TryGhost/Ghost/issues/14101
refs https://github.com/TryGhost/Team/issues/1734
- use of the helper was generating deprecation warnings when building Admin
- removed the single usage in favor of using `{{perform}}` directly on a controller task property as there was no need to go via the route
- changed naming of task properties to include a `...Task` suffix so it's clear when dealing with a task object
fixes https://github.com/TryGhost/Ghost/issues/11541
- due to an upstream bug, typing emojis using Safari would show square
boxes in the editor
- the upstream patch has been fixed, so I've pulled it into our
mobiledoc-kit fork
- this commit bumps that package to fix the issue in Ghost
- because of how the npm scripts were set up, we were running the full
Admin integration tests during the unit tests phase of CI
- this commit renames the majority of `test` to `test:unit` in the
package.json files, and aliases `test` to `test:unit`
- special packages like Admin have no-op'd `test:unit` scripts so we
don't end up running its tests
refs https://github.com/TryGhost/Toolbox/issues/345
- this commit bumps `eslint-plugin-ghost`, which bumps compatiblity to
2022
- this also removes a lot of the manually-added
`parserOptions.ecmaVersion` that we had in imported packages, in favor
of the value set in `eslint-plugin-ghost`
- as part of our effort to reduce our usage of Grunt in favor of more
maintainable (and maintained) alternatives, this commit removes Grunt
from Admin
- the main difference here is switching from subgrunt to shell, which
should be a nice stepping stone to removing Grunt altogether one day
- we're meant to be running our CSS through csscomb in order to apply
specific code styles, but the reality is that it never gets used
- keeping csscomb around just adds to the package cruft and so this
commit cleans up references to it in order to
no issue
- bumped dependency
- fixed all new lint failures
- removed deprecated `ember-cli-eslint`
- it was tying us to an old version of `eslint` resulting in missing rule definition errors when linting was run as part of `yarn dev` and `ember test`
- we run linting separately in CI so we don't need linting to run _again_ on each of our ember test runs
no issue
- followed the migration guide to switch to from lifecycle hooks to single `modify()` method
- https://togithub.com/ember-modifier/ember-modifier/blob/master/MIGRATIONS.md
- forced resolution of `ember-in-viewport@4.0.2` to avoid older version of `ember-modifier` being pulled in through `ember-infinity`
requires https://github.com/TryGhost/Ghost/pull/15128
refs https://github.com/TryGhost/Admin/pull/2252
- bumped `ember-auto-import` dependency
- updated `autoImport` config to match new format
- added dependencies for node packages that no longer have built-in polyfills in webpack@5
- updated `asset-delivery` to work with `ember-auto-import@2`
- reverted to standard ember `index.html` to let `ember-auto-import` handle it's insertion of multiple JS chunk files
- updated the `asset-delivery` addon to copy the the `index.html` and `/assets` to `core/built/admin/{development|production}/` directory rather than splitting the `index.html` file apart from the assets inside Ghost's directory structure
- switched to relative root URL in development/production
- required because assets are served from the same directory the index file is served from in Ghost rather than from the root
- Admin uses `/#/` URLs so it can be served from any subdirectory without requiring prior knowledge of that directory at build time
Co-authored-by: Kevin Ansfield <kevin@lookingsideways.co.uk>
fixes: https://github.com/TryGhost/Ghost/issues/12219
- the WYSIWYG editor supports ^2^ for superscript and ~2~ for subscript
- with this change, the same syntax is supported in the markdown card, which was missing
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
no issue
- dropped the bundled `react-mobiledoc-editor` package
- updated `<ReactMobiledocEditor>` component to pull in editor components dynamically
- added a resource function to dynamically import the external module
- added `Container` and `Editor` components that read from the resource function and wrap components of the same name from the external module
- added `<Suspense>` around the `Container` and `Editor` components so that React will show a loading state whilst the external components are still being fetched
- added `<ErrorHandler>` so we can show an error state if loading fails
no issue
- updated ember-cli-build and eslint config to support jsx
- added `react` and `react-dom` libraries
- included them in the build so the `React` and `ReactDom` globals are available for use by third party components
- added vendor shims so we can do things like `import * from 'react'` where the imports are referenced directly to the already imported modules
- added `<ReactComponent>` component
- designed to be extended from in specific react component classes
- renders a div and calls `renderComponent()` action once inserted - this should be replaced in any extended classes in order to render a react component
- handles react rendering and teardown
- added `<ReactMobiledocEditor>` react component that renders an editor composed of components provided by the `react-mobiledoc-editor` package
- added `<KoenigReactEditor>` ember component that renders `<ReactMobiledocEditor>` and handles pass-through of Ember arguments and handling of actions
- updated `<GhKoenigEditorReact>` to render `<KoenigReactEditor>` in place of `<KoenigEditor>`
no issue
`ember-cli-mirage` replaced the use of a default function export with a `createServer` function that applies config and deprecated the older mirage config export style. It will also soon drop support of the separate `testConfig` export we used for defining our test routes.
- switched to the newer `return createServer(config);` server configuration approach
- extracted dev and test routes into separate files for a cleaner base config
refs https://github.com/TryGhost/Team/issues/1583
- When adding a newsletter, check the limits (both via button and route)
- When unarchiving a newsletter, check the limits
- Bumped `@tryghost/limit-service` package, required to make limit checking work for newsletter
- Added the `getNewslettersCount` query to the `limit` service
refs https://github.com/TryGhost/Toolbox/issues/267
- Node 12 is EOL as of April 30th so we're going to be dropping support
for it in Ghost too
- the only change in Admin is to update the Node engines range
no issue
- bumped version of our `ember-promise-modals` fork containing a workaround for modal promises missing their return values
- upstream issue: https://github.com/simplabs/ember-promise-modals/issues/565
- switched from a GitHub ref to a proper published package to avoid issues with yarn not bumping versions of the fork for developers who installed an earlier version
closes https://github.com/TryGhost/Ghost/issues/14296
- bumped fork of `ember-promise-modals` as newer version exposes all focus-trap options and per-modal disabling
- disabled focus-trap for the post preview modal because it was preventing clicks on the input elements performing default behaviour
refs https://github.com/TryGhost/Team/issues/1408
- switched to `@tryghost/nql` packages to get access to latest releases
- updated `GET /members` mirage endpoint with a try/catch and explicit logging to make any errors from NQL more visible
- added "Name" filter option
- has `is`, `contains`, `does not contain`, `starts with`, `ends with` operators
- uses a plain text field for the input value
- added support for `~`, `-~`, `~^`, and `~$` operators when generating NQL queries from filter definitions
refs https://github.com/TryGhost/Admin/pull/2209
- `miragejs` has been extracted to a framework-independent library, the re-exports of `miragejs` elements in `ember-cli-mirage` have been deprecated making our test logs very noisy
- added `miragejs` as a top-level dependency
- updated all relevant imports to pull from `miragejs` instead of `ember-cli-mirage`
no issue
We made very limited use of the `ua-parser-js` sub-dependency that `ember-useragent` pulls in so it didn't seem worth having the fairly large 17KB import or the associated sub-dependency version resolutions.
- switched the two iOS and Safari detections to use associated Regexes on `navigator.userAgent`
- dropped the "Microsoft Edge not supported" message in the editor
- old Edge is still not supported but it was been replaced with a Chromium-based version that is supported a while back
- we can re-introduce a warning if we get any significant reports (there is nothing showing in Sentry for this alert in the last 14 days)