Commit Graph

3150 Commits

Author SHA1 Message Date
Daniel Lockyer
a145c7b1b8 v4.17.1 2021-10-05 08:31:40 +01:00
Fabien O'Carroll
cda041d424 Moved StripeAPIService to its own service
refs https://github.com/TryGhost/Team/issues/1083

The Offers service is going to need access to the StripeAPIService too,
so we need to move it out of the @tryghost/members-api module and make
it accessible to both.
2021-10-04 19:28:19 +02:00
Renovate Bot
2acbf9fb50 Update dependency @tryghost/zip to v1.1.17 2021-10-04 16:40:06 +01:00
Renovate Bot
ada99d3e9d Update dependency @tryghost/package-json to v1.0.5 2021-10-04 16:12:35 +01:00
Renovate Bot
7941bfcafa Update dependency @tryghost/vhost-middleware to v1.0.18 2021-10-04 16:10:38 +01:00
Renovate Bot
d6347d80b3 Update dependency @tryghost/security to v0.2.12 2021-10-04 16:10:26 +01:00
Renovate Bot
18a6f536a1 Update dependency @tryghost/job-manager to v0.8.10 2021-10-04 16:08:02 +01:00
Renovate Bot
e24adb436b Update dependency @tryghost/session-service to v0.1.27 2021-10-04 16:05:54 +01:00
Renovate Bot
da0d97449f Update dependency @tryghost/promise to v0.1.12 2021-10-04 16:05:40 +01:00
Renovate Bot
e657527fa8 Update dependency @tryghost/mw-session-from-token to v0.1.25 2021-10-04 16:03:58 +01:00
Renovate Bot
682bb1cb1e Update dependency @tryghost/limit-service to v0.6.4 2021-10-04 16:03:40 +01:00
Renovate Bot
79f778c469 Update dependency @tryghost/errors to v0.2.16 2021-10-04 16:03:27 +01:00
Renovate Bot
9412515e98 Update dependency @tryghost/image-transform to v1.0.16 2021-10-04 16:00:43 +01:00
Renovate Bot
55f951f58f Update dependency @tryghost/constants to v0.1.11 2021-10-04 16:00:34 +01:00
Renovate Bot
ed069d51d3 Update dependency @tryghost/bootstrap-socket to v0.2.12 2021-10-04 16:00:27 +01:00
Renovate Bot
e53bafb1aa Update dependency @tryghost/adapter-manager to v0.2.17 2021-10-04 16:00:18 +01:00
Kevin Ansfield
28fb6f2939 Fixed errors when syncing theme settings
no issue

- bumped `@tryghost/custom-theme-settings-service`
- fixes errors when a previously seen theme setting has been removed from the theme when syncing
- fixes settings for non-active theme being deleted/updated instead of just settings for the current theme
2021-10-04 12:17:41 +01:00
Renovate Bot
c2ea67b2ff
Update metascraper to v5.24.8 2021-10-04 00:23:21 +00:00
Daniel Lockyer
e0f6d59046 v4.17.0 2021-10-01 16:00:30 +01:00
Fabien O'Carroll
ea42fac527 Charged payment for Subscription upgrades immediately
refs https://github.com/TryGhost/Team/issues/1075

This includes changes to how we handle upgrading subscriptions to ensure
that members are immediately charged for upgrades. This fixes a flaw
where upgrading would not be charged until the end of the current
billing cycle, essentially giving free upgraded access for a period of
time.
2021-10-01 13:22:19 +02:00
Renovate Bot
ef20a564a1 Update dependency @tryghost/email-analytics-provider-mailgun to v1.0.2 2021-10-01 11:25:19 +01:00
Renovate Bot
64124b9cea Update dependency @tryghost/email-analytics-service to v1.0.2 2021-10-01 10:48:19 +01:00
Renovate Bot
dedfebfdca Update dependency @tryghost/constants to v0.1.10 2021-10-01 10:19:16 +01:00
Renovate Bot
12451d413d Update dependency @tryghost/errors to v0.2.15 2021-10-01 09:54:05 +01:00
Renovate Bot
795cf55c11 Update dependency @tryghost/image-transform to v1.0.15 2021-10-01 09:53:58 +01:00
Renovate Bot
e28b87c836 Update dependency @tryghost/package-json to v1.0.4 2021-10-01 09:53:49 +01:00
Renovate Bot
1e749d78d8 Update dependency @tryghost/session-service to v0.1.26 2021-10-01 09:53:43 +01:00
Renovate Bot
47a582b51c Update dependency @tryghost/vhost-middleware to v1.0.17 2021-10-01 09:53:23 +01:00
Renovate Bot
55ee3ea1c6 Update dependency @tryghost/mw-session-from-token to v0.1.24 2021-10-01 08:41:24 +01:00
Renovate Bot
7be5e861c7 Update dependency @tryghost/security to v0.2.11 2021-10-01 08:41:01 +01:00
Renovate Bot
612a202525 Update dependency @tryghost/promise to v0.1.11 2021-10-01 08:40:52 +01:00
Renovate Bot
4ac27cd889 Update dependency @tryghost/bootstrap-socket to v0.2.11 2021-10-01 08:40:14 +01:00
Renovate Bot
a98b1e8541 Update dependency @tryghost/adapter-manager to v0.2.16 2021-10-01 08:40:09 +01:00
Renovate Bot
99fdfe8ec8 Update dependency @tryghost/config-url-helpers to v0.1.2 2021-10-01 08:40:01 +01:00
Renovate Bot
568dfc7d34 Update dependency @tryghost/tpl to v0.1.5 2021-10-01 08:39:16 +01:00
Renovate Bot
656237a7cf Update dependency @tryghost/zip to v1.1.16 2021-10-01 08:39:07 +01:00
Renovate Bot
07a7c0ea4c Update dependency @tryghost/limit-service to v0.6.3 2021-10-01 08:38:51 +01:00
Renovate Bot
9642635ca9 Update dependency @tryghost/job-manager to v0.8.9 2021-10-01 08:38:40 +01:00
renovate[bot]
1b6253e140
Update dependency @tryghost/members-importer to v0.3.3 (#13372)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-29 10:58:10 +02:00
Kevin Ansfield
59adb9a9cb Added route for updating custom theme settings
refs https://github.com/TryGhost/Team/issues/1070

- bumped `@tryghost/custom-theme-settings-service` for access to `.updateSettings()`
- added `PUT /custom_theme_settings` route that delegates to `customThemeSettingsService.updateSettings()` to perform the db and cache updates
- invalidates the cache in Ghost because a theme setting change will mean the front-end output will change
2021-09-28 16:09:39 +01:00
Daniel Lockyer
1e5f28727d
🐛 Fixed mail config not respecting disabled secure connections
refs https://forum.ghost.org/t/un-noticed-email-config-change-in-4-15-16/25869/6
refs https://linear.app/tryghost/issue/CORE-66/fixed-secureconnection-alias-for-nodemailer

- `secureConnection` was removed in Nodemailer 1.0.2 in favor of
  `secure` but we're locked into supporting it because a lot of
  our users will have it in their config
- I attempted to alias it to keep compatibility but I did this
  incorrectly and only handled the cases where it was set to `true`
- this meant users who had disabled secure connections were seeing SSL
  warnings because the library was trying to connect via SSL to a
  non-SSL endpoint
- the aliasing is fixed in `@tryghost/nodemailer` 0.3.3 and so this
  commit bumps the package in Ghost
2021-09-28 15:19:36 +01:00
renovate[bot]
9797787c4b
Update dependency @tryghost/magic-link to v1.0.13 (#13370)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-28 16:09:07 +02:00
renovate[bot]
135bb6a4a4
Update dependency @tryghost/members-csv to v1.1.7 (#13371)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-28 16:08:50 +02:00
renovate[bot]
7044fd459e
Update dependency @tryghost/members-ssr to v1.0.14 (#13373)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-28 15:44:06 +02:00
Fabien O'Carroll
b22050c037 Added initial support for Offers 1-day version
refs https://github.com/TryGhost/Team/issues/1090

This updates the members-api to allow passing an Offer ID when creating
a Stripe Checkout Session. This will be used for the 1-day version of
Offers.
2021-09-28 15:10:27 +02:00
Renovate Bot
328a88087b
Update metascraper to v5.24.7 2021-09-27 21:15:26 +00:00
Renovate Bot
85c46b4eda Update dependency postcss to v8.3.8 2021-09-27 13:00:59 +01:00
Kevin Ansfield
2947db0e6b
Added API endpoint for browsing custom theme settings (#13362)
refs https://github.com/TryGhost/Team/issues/1070

- bumped `@tryghost/custom-theme-settings-service` to get access to `.listSettings()` method
- added GET `/api/canary/admin/theme_settings/` route behind `'customThemeSettings'` feature flag that uses the custom theme settings service to return settings resources that are a combination of the theme-provided definition and the saved value
2021-09-27 11:31:47 +01:00
Renovate Bot
91a6917563
Update dependency mocha to v9.1.2 2021-09-27 03:11:58 +00:00
Daniel Lockyer
a3f46708e2
v4.16.0 2021-09-23 16:04:57 +01:00
Kevin Ansfield
04dd409243
Added syncing and theme exposure of custom theme settings (#13354)
refs https://github.com/TryGhost/Team/issues/1070

- added `@tryghost/custom-theme-settings-service` as a dependency
- `core/server/services/custom-theme-settings` creates an instance of the new service passing in the model used for storing the setting keys/values and a cache instance
- requiring `core/shared/services/custom-theme-settings-cache` creates a cache instance, it has no dependencies so can be required anywhere and the first require will initialize the shared instance
- updated the theme activation bridge to trigger the theme settings service to sync the newly activated theme settings and populate the cache
- updated theme validation to pass `labs` through as an option so that we get custom theme settings back as part of the checked theme as that's what is passed to the custom theme settings service
2021-09-23 12:44:39 +01:00
Renovate Bot
cecec3d253 Update dependency @tryghost/email-analytics-service to v1.0.1 2021-09-23 12:39:32 +01:00
Fabien O'Carroll
91907cd900 Bumped @tryghost/members-api for security patch
refs https://github.com/TryGhost/Ghost/commit/944c2cc9af

The original fix for this happened off of `main` on a separate branch for
v4.15.1 - the same was the case for the @tryghost/members-api package.

Because work happened on both packages in `main`, since the versions
that were patched, we needed to rebump the dependency here to include
the changes.
2021-09-23 12:18:08 +02:00
Daniel Lockyer
57664696a4 v4.15.1
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYUxOIgAKCRDSEYbwtHKV
 reO6AQCL2mFdVLBwRbpVQa2Zs9RlYKk88ivLRMpAZPPiElNblQEAqt710wrVbMwm
 hOOWbWdFpPOWCrop9zhO8GJSPeNpJw0=
 =Ff3M
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYUxTawAKCRDSEYbwtHKV
 ra28AQCcambctLCH70Sc7SJmexojA5k6Ti0p3pwOktWY/WygZQEAlMEHSDw89wdY
 3U8R8zY1d1MeXqj51Op95sTYwiDAjg8=
 =HoUL
 -----END PGP SIGNATURE-----

Merged v4.15.1 into main

v4.15.1
2021-09-23 11:13:56 +01:00
Daniel Lockyer
94d3f556e6
v4.15.1 2021-09-23 10:51:30 +01:00
Fabien O'Carroll
944c2cc9af
🔒 Fixed member email change vulnerability
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr

This updates the signup/signin flow for members to no longer support the
email address change flow - which had missing authentication. It has
been replaced with a dedicated email change flow, and Portal has been
updated to use it.
2021-09-23 10:49:30 +01:00
Renovate Bot
8560aa6b34 Update dependency @tryghost/email-analytics-provider-mailgun to v1.0.1 2021-09-23 10:09:38 +01:00
Daniel Lockyer
20870aa2fa
🐛 Fixed sending emails via SES or non-standard SMTP config
fixes https://linear.app/tryghost/issue/CORE-45/

- this commit fixes two email related issues:
    - SES transport: the auth mechanism was set up wrong and so none of
      the requests would go through. This now follows the docs on https://nodemailer.com/transports/ses/
    - SMTP transport: the latest versions of Nodemailer don't seem to
      allow overriding of options if a service is present. I've filed
      https://github.com/nodemailer/nodemailer/issues/1327 but in the
      mean time, I assign the options back to the transporter object
      to ensure they always get applied
- I've fixed this in our `@trghost/nodemailer` package and so this commit
  bumps that here
2021-09-23 10:08:43 +01:00
Renovate Bot
592ac2dcb7
Update dependency @tryghost/update-check-service to v0.2.2 2021-09-23 10:08:43 +01:00
Renovate Bot
701d5555a2
Update dependency glob to v7.2.0 2021-09-23 01:03:51 +00:00
Renovate Bot
5da0caf9cc Update dependency @tryghost/package-json to v1.0.3 2021-09-22 19:17:29 +01:00
Renovate Bot
99c776aa10 Update dependency @tryghost/constants to v0.1.9 2021-09-22 19:17:20 +01:00
Renovate Bot
c52d1bbe37 Update dependency @tryghost/job-manager to v0.8.8 2021-09-22 19:17:12 +01:00
Renovate Bot
9c64228e13 Update dependency @tryghost/mw-session-from-token to v0.1.23 2021-09-22 19:17:05 +01:00
Renovate Bot
ee67df704e Update dependency @tryghost/vhost-middleware to v1.0.16 2021-09-22 19:16:58 +01:00
Renovate Bot
cabb7c779b Update dependency @tryghost/security to v0.2.10 2021-09-22 19:16:45 +01:00
Renovate Bot
a8fb066c71 Update dependency @tryghost/limit-service to v0.6.2 2021-09-22 18:02:34 +01:00
Renovate Bot
e6845237e0 Update dependency @tryghost/image-transform to v1.0.14 2021-09-22 18:02:09 +01:00
Renovate Bot
ca798ccb73 Update dependency @tryghost/errors to v0.2.14 2021-09-22 18:02:00 +01:00
Renovate Bot
cd008a6d48 Update dependency @tryghost/config-url-helpers to v0.1.1 2021-09-22 18:01:50 +01:00
Renovate Bot
db907f88f2 Update dependency @tryghost/bootstrap-socket to v0.2.10 2021-09-22 18:01:44 +01:00
Renovate Bot
0c4e119483 Update dependency @tryghost/adapter-manager to v0.2.15 2021-09-22 18:01:38 +01:00
Renovate Bot
be47f78293 Update dependency @tryghost/promise to v0.1.10 2021-09-22 18:01:17 +01:00
Renovate Bot
27ce353222 Update dependency @tryghost/session-service to v0.1.25 2021-09-22 18:01:07 +01:00
Renovate Bot
db2c7b64dd Update dependency @tryghost/tpl to v0.1.4 2021-09-22 18:00:59 +01:00
Renovate Bot
40fd068229 Update dependency @tryghost/zip to v1.1.15 2021-09-22 18:00:40 +01:00
Renovate Bot
23bece59a9 Update dependency @tryghost/update-check-service to v0.2.2 2021-09-22 16:31:51 +01:00
Rishabh
4c4efc3a3a Added member analytics events handling
refs https://github.com/TryGhost/Team/issues/1064
refs https://github.com/TryGhost/Team/issues/1056
refs https://github.com/TryGhost/Team/issues/1054
refs https://github.com/TryGhost/Team/issues/1055

- adds handling for new member analytic events including new ingress endpoint
- introduces member-analytics packages and code
2021-09-22 18:21:10 +05:30
renovate[bot]
e9e9d90ec4
Update dependency @tryghost/members-ssr to v1.0.13 (#13332)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-22 11:33:14 +02:00
renovate[bot]
bbe6a0a933
Update dependency @tryghost/magic-link to v1.0.12 (#13331)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-22 11:32:59 +02:00
Renovate Bot
c8afdac0c9 Update dependency postcss to v8.3.7 2021-09-22 10:01:09 +01:00
Renovate Bot
ebf13f07a0
Update dependency @sentry/node to v6.13.2 2021-09-21 16:32:20 +00:00
Renovate Bot
7c1192fc20
Update dependency @sentry/node to v6.13.1 2021-09-20 18:46:49 +00:00
Renovate Bot
9615d76ff3
Update dependency @sentry/node to v6.13.0 2021-09-20 15:08:22 +00:00
Daniel Lockyer
8a534c5b14
🐛 Fixed sending emails via SES or non-standard SMTP config
fixes https://linear.app/tryghost/issue/CORE-45/

- this commit fixes two email related issues:
    - SES transport: the auth mechanism was set up wrong and so none of
      the requests would go through. This now follows the docs on https://nodemailer.com/transports/ses/
    - SMTP transport: the latest versions of Nodemailer don't seem to
      allow overriding of options if a service is present. I've filed
      https://github.com/nodemailer/nodemailer/issues/1327 but in the
      mean time, I assign the options back to the transporter object
      to ensure they always get applied
- I've fixed this in our `@trghost/nodemailer` package and so this commit
  bumps that here
2021-09-20 15:53:44 +01:00
Renovate Bot
12f59e7ec0 Update dependency coffeescript to v2.6.0 2021-09-20 08:04:52 +01:00
Daniel Lockyer
7ffa5414b5
v4.15.0 2021-09-17 16:58:45 +01:00
Daniel Lockyer
93e4b2eafd 🔒 Fixed remote command injection when using sendmail email transport
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm
refs https://github.com/advisories/GHSA-48ww-j4fc-435p

- a vulnerability in `nodemailer` means that the `sendmail` transport is
  vulnerable to command injection for flags passed to the `sendmail`
  binary
- updating to the latest version of Nodemailer required creating
  `@tryghost/nodemailer`, which is a wrapper around Nodemailer and
  several plugins that used to be in the core
- this commit switches to using that package, and fixes up some small
  code + test changes
2021-09-17 16:46:51 +01:00
Hannah Wolfe
ac82554f3e
Added command for finding slow regression tests
- A tiny tool to help us prioritise killing regression tests
2021-09-17 13:35:41 +01:00
Renovate Bot
3eb41d3e36 Update dependency @tryghost/root-utils to v0.3.4 2021-09-15 08:44:13 +01:00
Renovate Bot
fc66c6621f Update dependency @tryghost/logging to v0.1.7 2021-09-15 08:44:04 +01:00
Renovate Bot
b6c8a8efdf Update dependency @tryghost/validator to v0.1.5 2021-09-15 08:43:53 +01:00
Renovate Bot
3e7f9cd54c Update dependency @tryghost/request to v0.1.5 2021-09-14 18:30:37 +01:00
Renovate Bot
ac7f92b8d5 Update dependency @tryghost/debug to v0.1.5 2021-09-14 18:30:22 +01:00
Renovate Bot
50dfe20369 Update dependency @tryghost/bookshelf-plugins to v0.3.1 2021-09-14 17:51:14 +01:00
Renovate Bot
18945ef805 Update dependency @tryghost/version to v0.1.4 2021-09-14 17:50:46 +01:00
Renovate Bot
fb452d739a
Update dependency sanitize-html to v2.5.1 2021-09-14 14:56:18 +00:00
Daniel Lockyer
d4adae775e v4.14.0
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYUB7mgAKCRDSEYbwtHKV
 rYTGAP9dggMBUTq6+2yLyYHChVMqLez2WS/XmgTdC4mc2tsZzgD+J2/zhRObGYX0
 d54Y39pAw7rPV8Z8md9nCm9olPpE4AM=
 =w206
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYUB8kwAKCRDSEYbwtHKV
 rTGVAP4wqFwWwQUFUXX4tLbvcLKQalvHQI3soLFneAzZT1M3DQEAtWO+crkH2auN
 Agt8ND2ndlIzsyGxYywliajBfbQVZwM=
 =nFhH
 -----END PGP SIGNATURE-----

Merged v4.14.0 into main

v4.14.0
2021-09-14 11:42:21 +01:00
Daniel Lockyer
48a906b879
v4.14.0 2021-09-14 11:38:18 +01:00
Renovate Bot
5251d1e559
Update dependency analytics-node to v5.1.0 2021-09-13 22:22:11 +00:00
Renovate Bot
66a705930c
Update metascraper to v5.24.6 2021-09-13 08:35:39 +00:00
Kevin Ansfield
a277ff5bf4 Bumped @tryghost/kg-* dependencies
no issue

- includes bump to minimum version of `markdown-it` for consistency between Ghost and Admin markdown rendering
2021-09-13 09:34:18 +01:00
Daniel Lockyer
0c7c34ff67 Updated bookshelf-relations dependency to 2.2.0 2021-09-10 16:59:11 +01:00
Daniel Lockyer
7b93efddd0 Updated bookshelf dependency to 1.2.0 2021-09-10 16:59:11 +01:00
Renovate Bot
74c43bcea5 Update dependency c8 to v7.9.0 2021-09-10 11:25:21 +01:00
Daniel Lockyer
10fa1283ca Updated ghost-storage-base to v0.0.6
no issue

- this package has been bumped to support Node 12 + 14
- AFAICT I added it to the Renovate list back when we had some timezone
  issues with moment, but we've since pinned the version of moment so we
  shouldn't experience that now
- therefore this commit also removes it from the Renovate ignore list
2021-09-09 10:15:26 +01:00
Renovate Bot
c05432889a
Update dependency sanitize-html to v2.5.0 2021-09-08 21:18:14 +00:00
Fabien O'Carroll
07e595b9aa Fixed webhook handler when Stripe is not connected
no-issue

The webhook handler did not correctly check for whether or not Stripe
was connected, and would attempt to handle webhooks anyway, resulting in
errors due to missing Stripe config. This fixes the handler to exit
early.
2021-09-08 12:41:20 +02:00
Renovate Bot
0bb14c115b Update dependency @tryghost/members-importer to v0.3.2 2021-09-08 10:34:07 +02:00
Fabien O'Carroll
fd574f527c Removed webhooks when disconnecting stripe
refs https://github.com/TryGhost/Team/issues/1006

The @tryghost/members-api module has been updated to remove webhooks
from Stripe when disconnecting. This will ensure that we do not leave
around old/invalid webhooks that will not be handled and generate
errors.
2021-09-07 18:58:25 +02:00
Fabien 'egg' O'Carroll
cd89c7e427
Used @tryghost/members-api Stripe disconnect logic (#13290)
refs https://github.com/TryGhost/Team/issues/1006

Moving the logic of disconnecting Stripe into the members-api module
decouples the Ghost API from the Members API internals. This method can
now be updated independently of Ghost, to implement the deletion of
webhooks from Stripe.
2021-09-07 18:25:53 +02:00
Fabien 'egg' O'Carroll
ae844db60b
Fixed handling of Complimentary Stripe subscriptions (#13289)
refs https://github.com/TryGhost/Team/issues/995

Since we reintroduced the comped status, we did not update the
subscription handling to correctly set members to a status of comped
when they were on a 'Complimentary' plan. This meant that 'comped' members
had a status of 'paid'. The changes to @tryghost/members-api ensure that
handling subscriptions going forward will not result in this error.

Since we handle the Complimentary plan correctly now, we do not need to
manually check for the existence of one, we can instead rely on the
status to set the `comped` flag.
2021-09-07 11:31:47 +01:00
renovate[bot]
677dc1a59b
Update dependency @tryghost/members-csv to v1.1.6 (#13273)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-06 16:16:10 +01:00
renovate[bot]
a8902bd1f8
Update dependency @tryghost/members-ssr to v1.0.12 (#13275)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-06 16:16:01 +01:00
renovate[bot]
b8b9707ddb
Update dependency @tryghost/magic-link to v1.0.11 (#13272)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-06 16:15:46 +01:00
Renovate Bot
f34a862526 Update dependency @tryghost/helpers to v1.1.52 2021-09-06 12:32:34 +01:00
Renovate Bot
b89967f9fb Update dependency @tryghost/logging to v0.1.6 2021-09-06 12:32:26 +01:00
Daniel Lockyer
5d700c6a79 v4.13.0
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYTX5vAAKCRDSEYbwtHKV
 rensAP9Oicx5z/VxT+24aUZye7ZAGKtixkcAD5t8mHL2sVOYtAEArmbbWcY7QObf
 e3xUbOTujGOkYdirKrnc4jSqhpPypAM=
 =IYQa
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYTX7TgAKCRDSEYbwtHKV
 reiOAQCp6medOlKFGD3uq9v/umvOn7+XQeKLQ0ELxXR80X/YrQD+Nych2u4kdHdC
 d060V9Bj1sNRcuuztwqJZx+iFg+jvwk=
 =wCw4
 -----END PGP SIGNATURE-----

Merged v4.13.0 into main

v4.13.0
2021-09-06 12:28:04 +01:00
Daniel Lockyer
8458e14b05
v4.13.0 2021-09-06 12:21:32 +01:00
Fabien O'Carroll
31fafcb936
Fixed errors when creating complimentary subscriptions
no-issue

The ProductRepository changed to require the options parameter which is
not passed when created complimentary subscriptions. This updates the
code to no longer require the options parameter and instead provide a
default.
2021-09-06 12:04:25 +01:00
Fabien O'Carroll
dd2def277c Fixed errors when creating complimentary subscriptions
no-issue

The ProductRepository changed to require the options parameter which is
not passed when created complimentary subscriptions. This updates the
code to no longer require the options parameter and instead provide a
default.
2021-09-06 12:55:20 +02:00
Renovate Bot
7851e4ce52
Update dependency oembed-parser to v1.4.8 2021-09-03 03:32:36 +00:00
Fabien O'Carroll
a39dd7255d Fixed updating products inside of a transaction
no-issue

When updating products we make many reads and writes to the database,
some of these reads were not happening inside of a transaction which was
causing issues when loading the members setting page. This bumps the
@tryghost/members-api dependency to ensure that all of the database
operations happen inside of the transaction
2021-09-01 19:14:21 +02:00
Naz
4f78bf01a2 Moved default settings population test to regression suite
closes https://github.com/TryGhost/Team/issues/860
refs 5405b6ca7c

- The slow test was running slow because it's not a "unit test" it is testing much more. Moved it to a correct suite - regression which simplified the logic a lot (no need to mock db calls).
- Brought back the 2000ms limit as the bottleneck has been solved
2021-09-01 15:23:57 +04:00
renovate[bot]
f52d0136ef
Update dependency @tryghost/kg-mobiledoc-html-renderer to v5.1.1 (#13251)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-01 09:12:09 +01:00
renovate[bot]
2f2939ec1b
Update dependency @tryghost/color-utils to v0.1.2 (#13269)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-01 09:11:21 +01:00
Naz
5405b6ca7c Temporarily lifted unit test timeout threshold
refs https://github.com/TryGhost/Team/issues/860

- Lifting it slightly just so the timeout doesn't waste team's time on false-positive failures. A follow up commit should put the threshold back to the original value and solve the slow test
2021-09-01 11:12:17 +04:00
Naz
75744041c1 Allowed for a 'sent' status in canary Admin Post API
refs https://github.com/TryGhost/Team/issues/892

- When a published email-only post is edited on the client it sends through a "sent" status over to the backend over PUT endpoint. It's a valid new status that should be accepted by the validation
2021-09-01 10:55:13 +04:00
Renovate Bot
966f167fd9
Update dependency @sentry/node to v6.12.0 2021-08-31 16:25:51 +00:00
Renovate Bot
ac57c1b364
Update dependency mocha to v9.1.1 2021-08-30 00:13:33 +00:00
Fabien O'Carroll
b895b87add Errored when creating products if any error occurs
refs https://github.com/TryGhost/Team/issues/982

When creating a Product with invalid data for Stripe, e.g. a price of
one gazillion dollars - the Stripe API requests would fail, but we would
end up with a broken product created in the database. This updates
@tryghost/members-api to wrap these calls in a database transaction, and
will roll back any operations if one of them fails.
2021-08-26 20:10:31 +02:00
Fabien 'egg' O'Carroll
9a1417c8b9
Exposed dummy subscriptions to theme layer (#13257)
refs https://github.com/TryGhost/Team/issues/986

This updates the @tryghost/members-api module to return the full member
object from getMemberIdentityData, which is used to populate req.member
used by themes to construct the `@member` template data.

The full object is read from the service which handles all additional
properties and logic for retrieving members, including the dummy
subscriptions for comped members.
2021-08-26 16:03:32 +01:00
Fabien O'Carroll
e05fa6af38 Fixed subscription handling to remove old products
refs https://github.com/TryGhost/Team/issues/979

This bump to @tryghost/members-api includes a fix for handling a
subscription updating to a new price. Previously we would add the new
product to the member, but the old one would still be attached. Now we
check that there are no other active subscriptions for the product
associated with the old price, and remove it.
2021-08-26 15:55:22 +02:00
Fabien O'Carroll
76311484df Added dummy subscription to comped members
refs https://github.com/TryGhost/Team/issues/873

This includes the update to @tryghost/members-api which includes the new
MemberBREADService which is used to handle the logic for controller
methods outside of the controller.

With it, we've introduced the concept of a dummy subscription for comped
members. This gives API consumers a way to get the created_at date for a
comped members access to a product.
2021-08-26 15:28:55 +02:00
Daniel Lockyer
c7f45f5580 Renamed coverage:unit command to cov:unit
no issue

- this is slightly quicker to type and cleaner to read
2021-08-26 15:06:45 +02:00
Daniel Lockyer
070a6ac13c Configured c8 to use all source files
no issue

- by default, `c8` will only show stats for files that were loaded during execution
- this means the coverage stats are too high because we're not taking
  into account all the files not loaded by tests
- this commit append the `--all` flag to `c8` which fixes this
2021-08-26 15:06:45 +02:00
renovate[bot]
b2aa2dd7e1
Update dependency @tryghost/members-importer to v0.3.1 (#13231)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-25 13:43:13 +01:00
Renovate Bot
789773ae8a Update dependency nock to v13.1.3 2021-08-25 12:08:30 +02:00
Kevin Ansfield
5e83d87ab9 Updated email-cta card rendering to match editor
refs https://github.com/TryGhost/Team/issues/1007

- bumped `@tryghost/kg-default-cards` with updated rendering
  - aligns text as well as button
  - has single payload toggle for divider display
  - adds toggle for button display
- bumps other @tryghost/kg-*` packages that had minor dependency bumps
2021-08-24 18:10:07 +01:00
Fabien O'Carroll
3a6e71a2b6 Wired up MemberProductEvents to member product changes
refs https://github.com/TryGhost/Team/issues/873

This version of @tryghost/members-api handles creating
MemberProductEvents when a member is created, updated or has their
subscription updated. This populates the members_product_events table
and can be used to determine when a member was given access to a
product, which is useful with the concept of comped access to a product,
where we do not have a subscription as a record.
2021-08-24 15:22:10 +02:00
renovate[bot]
2ed9529fa0
Update dependency @tryghost/members-csv to v1.1.5 (#13246)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-24 14:17:02 +01:00
renovate[bot]
734f1c4422
Update dependency @tryghost/members-ssr to v1.0.11 (#13247)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-24 11:55:51 +02:00
renovate[bot]
0cc64fc5f2
Update dependency @tryghost/magic-link to v1.0.10 (#13245)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-24 11:55:42 +02:00
Renovate Bot
17fd1b3c7d Update dependency nock to v13.1.2 2021-08-24 11:17:28 +02:00
Fabien O'Carroll
e71114bb8f Added Members bulk actions endpoint
refs https://github.com/TryGhost/Team/issues/946

This adds the initial bulk actions endpoint used for the members
filtering feature. The idea is to eventually move bulk destroy into this
endpoint to and provide a consistent interface for applying bulk actions
to members.

The @tryghost/members-api package has been bumped to include the new
bulkEdit method.

The sinon.restore in tests was moved to an afterEach so that stubs did
not effect other tests.
2021-08-23 16:38:21 +02:00
renovate[bot]
4266bb751f
Update dependency @tryghost/magic-link to v1.0.9 (#13237)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-23 11:06:21 +01:00
renovate[bot]
47f89f56c8
Update dependency @tryghost/members-csv to v1.1.4 (#13238)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-23 10:35:10 +01:00
renovate[bot]
6ca8eb2d23
Update dependency @tryghost/members-ssr to v1.0.10 (#13239)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-08-23 10:35:03 +01:00
Naz
7f09beb2a8 Moved email list check to GA
refs https://github.com/TryGhost/Team/issues/906

- The feature has moved to GA from behind alpha flag. It's skipping the beta phase as it's not needed in this specific situation
2021-08-20 18:07:31 +04:00
Daniel Lockyer
70bea3ddf8 Added c8 coverage to unit tests
no issue

- coverage allows us to see how much of our code we're hitting in tests
  and it's time we started to get visibility on this in Ghost
- we can then make informed decisions on which well-tested internal libraries
  can be pulled out into their own packages
- this commit:
  - adds the c8 dev dependency to Ghost
  - prepends the `test:unit` command with c8 with the `text-summary` reporter
  - adds a `coverage:unit` command to get the `text` report
    - you can do `yarn coverage:unit --reporter html` to get a HTML report etc
  - uses this new test coverage reporter command in CI tests
2021-08-20 12:42:11 +02:00
Renovate Bot
53c5cd5428
Update dependency mocha to v9.1.0 2021-08-20 08:16:37 +00:00
Renovate Bot
b1fa774a56 Update dependency cssnano to v5.0.8 2021-08-19 10:40:51 +01:00
Naz
2f2fe16944 Added floating threshold to member import
closes https://github.com/TryGhost/Team/issues/958

- The change allows to dynamically adjust import threshold based on current member count
2021-08-18 18:39:43 +04:00
Renovate Bot
858a8d685a Update dependency supertest to v6.1.6 2021-08-18 08:45:42 +01:00
Daniel Lockyer
fa19ef7f0b v4.12.1
-----BEGIN PGP SIGNATURE-----
 
 iHQEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRviGQAKCRDSEYbwtHKV
 rfxSAPi1I0TdH6rbtpNCqaAmm0kAShomDM0IOajwm2bSwFIGAQDYgzablHFGAhv7
 fsFe7t66zHs2fGZ7jakF+vC/NEsMBw==
 =ci9A
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRvi/wAKCRDSEYbwtHKV
 rdv+AP9sExkMA4Yqn13vs8Lh6vApLi5BmAYipbVZr7/htx9XVAEA2sd4iQBLvS7H
 KRxwT/4YMvT985cdPrsYL39hRa0ltwc=
 =dpmX
 -----END PGP SIGNATURE-----

Merged v4.12.1 into main

v4.12.1
2021-08-17 17:25:28 +01:00
Daniel Lockyer
b482f76d62
v4.12.1 2021-08-17 17:21:45 +01:00
Daniel Lockyer
f8aa065891 v4.12.0
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRuK8QAKCRDSEYbwtHKV
 rXv7AP9tKQEpGwis3ZjVpWcE7EWkYfrwzTmTGnFMAOrqeCPlNQEAyaROjVd2qiGc
 xzHsLOu8fIHjhlbQtkbc0fh4ZMiZ2gw=
 =kec3
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRuL4wAKCRDSEYbwtHKV
 rdLcAQCYNn+jTXH+QaBu2XBPLfwQltXuhTKe0oMoZA8YUFtC1gEA3tGWtXgZNIGH
 BoG+GubHsjSAxpMnxZjQ2dbaUMlZiQo=
 =xy1l
 -----END PGP SIGNATURE-----

Merged v4.12.0 into main

v4.12.0
2021-08-17 11:13:49 +01:00
Daniel Lockyer
019161cad3
v4.12.0 2021-08-17 11:09:53 +01:00
Renovate Bot
e4d9c8daf2
Update metascraper to v5.24.2 2021-08-16 11:12:26 +00:00
Renovate Bot
67cf73074b Update dependency supertest to v6.1.5 2021-08-13 14:14:53 +01:00
Renovate Bot
4fe0535236 Update dependency @tryghost/members-csv to v1.1.3 2021-08-13 14:14:23 +01:00
Renovate Bot
13e148bf08 Update dependency @tryghost/magic-link to v1.0.8 2021-08-13 14:14:16 +01:00
Renovate Bot
762b7a467e Update dependency @tryghost/members-ssr to v1.0.9 2021-08-13 14:14:08 +01:00
Fabien O'Carroll
e208b1a8f3 Updated bulkDestroy method to handle search correctly
no-issue

The first implementation of bulkDestroy did not pass the search option
unless the filter was also passed. This was incorrect and has been
fixed.
2021-08-13 13:35:58 +02:00
Fabien 'egg' O'Carroll
235597a5e4
Refactored Members controller bulkDestroy (#13221)
no-issue

This moves the logic out of the controller and into the members-api
member repository. Removing complexity from the controllers and
out into services is desirable to reduce code in the Ghost codebase
and move logic into modules which can be tested easier.
2021-08-12 15:26:25 +01:00
Renovate Bot
19fd16649a
Update dependency express-jwt to v6.1.0 2021-08-11 22:56:50 +00:00
Renovate Bot
8623e8de8b Update dependency knex to v0.21.21 2021-08-10 17:33:28 +01:00
Renovate Bot
6719aa4e57
Update metascraper to v5.24.1 2021-08-09 11:56:34 +00:00
Renovate Bot
b17bbe3ead
Update dependency multer to v1.4.3 2021-08-09 10:32:38 +00:00
Renovate Bot
5c8fe195d6
Update dependency @sentry/node to v6.11.0 2021-08-06 14:30:33 +00:00
Renovate Bot
b20c88b3e3 Update dependency @tryghost/html-to-mobiledoc to v0.7.17 2021-08-06 13:31:28 +01:00
Renovate Bot
1a89986323 Update dependency @tryghost/social-urls to v0.1.26 2021-08-06 11:39:14 +01:00
Renovate Bot
6c3836e9c9 Update dependency @tryghost/validator to v0.1.4 2021-08-06 11:39:00 +01:00
Renovate Bot
f698b7785a Update dependency @tryghost/color-utils to v0.1.1 2021-08-06 08:53:33 +01:00
Renovate Bot
8d73386cf7 Update dependency @tryghost/request to v0.1.4 2021-08-06 08:53:26 +01:00
Renovate Bot
7cddaeb081 Update dependency @tryghost/logging to v0.1.5 2021-08-06 08:53:08 +01:00
Renovate Bot
43902f6673 Update dependency @tryghost/helpers to v1.1.51 2021-08-06 08:23:09 +01:00
Renovate Bot
948b674d85 Update dependency @tryghost/debug to v0.1.4 2021-08-06 08:23:03 +01:00
Renovate Bot
7297323e25 Pin dependency @tryghost/color-utils to v0.1.0 2021-08-06 08:22:46 +01:00
Renovate Bot
4210480c78 Update dependency @tryghost/root-utils to v0.3.3 2021-08-06 08:22:31 +01:00
Renovate Bot
cd98ad6de4 Update dependency @tryghost/string to v0.1.20 2021-08-06 08:22:22 +01:00
Renovate Bot
81c86efa84 Update dependency @tryghost/url-utils to v2.0.2 2021-08-06 08:22:17 +01:00
Renovate Bot
61f1aa4bf2 Update dependency @tryghost/version to v0.1.3 2021-08-06 08:21:59 +01:00
Naz
9081877996 Added ability to modify email_only property in post resource
https://github.com/TryGhost/Team/issues/893

- The package bump allows to validate the post's `email_only`  property
2021-08-05 19:44:35 +12:00
Fabien 'egg' O'Carroll
758497839b
Updated @tryghost/bookshelf-plugins & @nexes/nql (#13212)
refs https://github.com/TryGhost/Team/issues/944

This updates both libraries to include support for custom foreign keys
on relations, as well as relations with a "virtual" table, defined by a
query.

This will allow us to filter members based on aggregates of their
events, as well as on properties of their stripe subscriptions which are
linked not by the `id` column but by thir external stripe id, e.g. `customer_id`.
2021-08-04 17:01:23 +01:00
Fabien 'egg' O'Carroll
424f621414
Moved NQL relations and expansions into the models (#13204)
refs https://github.com/TryGhost/framework/pull/19

The @tryghost/bookshelf-filter plugin no longer bundles hardcoded
relations and expansion definitions, instead leaving it up to the
library consumer to implement.

This PR adds the preexisting relations and expansions to the relevant
models, in order to preserve our existing filtering functionality.
2021-08-04 15:30:53 +01:00
Daniel Lockyer
5cce9818eb v4.11.0
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYQk0mQAKCRDSEYbwtHKV
 raAxAQCWNrrS6ixKZlzFkjv8opyMQ1b0HV25NBjg8rAkD8YRVQEAsvUM2Vu/G0+Y
 mbb7qeWAzK1L8tNP686Khc84TbeSBQY=
 =NBs1
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYQk1CAAKCRDSEYbwtHKV
 rcPcAP9eW3OIVa5eO05BTVt7Dgi6sqLkry7AKU1KA6yWANJS4wEAi+EygDpPjxXu
 HTIkCXAJRV8VAKPHbO6ESUcqtMTEOAc=
 =PoHi
 -----END PGP SIGNATURE-----

Merged v4.11.0 into main

v4.11.0
2021-08-03 13:22:26 +01:00
Daniel Lockyer
0035d45a31
v4.11.0 2021-08-03 13:20:41 +01:00
Kevin Ansfield
db4a596d92 Added top/bottom divider and button alignment support to email-cta card
refs https://github.com/TryGhost/Team/issues/928

- bumped `kg-default-cards` which adds necessary output to the rendered `email-cta` card
2021-08-02 15:31:45 +01:00
Renovate Bot
4a4f98ffe2
Update metascraper to v5.24.0 2021-08-02 10:20:50 +00:00
Renovate Bot
deb971dad6
Update metascraper to v5.23.3 2021-08-02 00:21:03 +00:00
Renovate Bot
cb46e14c9c
Update dependency eslint to v7.32.0 2021-07-30 23:58:43 +00:00
Kevin Ansfield
dbbf80bc6a Fixed "undefined" appearing in email-cta cards when no content is provided
refs https://github.com/TryGhost/Team/issues/928

- bumped version of `kg-default-cards` which includes a fix
2021-07-29 15:47:48 +01:00
Kevin Ansfield
eb92610df2 Added accent color button styles to labs email template
refs https://github.com/TryGhost/Team/issues/928

- duplicated email template so email-cta changes can go into the labs version
- added `accentContrastColor` to template settings for using white/black depending on the accent color
- added `.gh-btn-accent` styles to the email template (email-cta card already uses those for the button)
2021-07-29 15:25:09 +01:00
Kevin Ansfield
152702c27b Fixed error when rendering email-cta card with button and no contents
refs https://github.com/TryGhost/Team/issues/928

- bumped `kg-default-cards` to version with a fix for `payload.html` being `undefined`
- bumped other `kg-*` packages to that had sub-dependency bumps
2021-07-29 14:39:25 +01:00
Naz
5fd1ed5bcb Added an escalation email when import triggers a limit
refs https://github.com/TryGhost/Team/issues/912

- When the improt acceedes the threshold for the first time we need a way to notify configured escalationAddress to verify the instance owner's email address.
2021-07-29 20:30:30 +12:00
Renovate Bot
9d60936c56
Update metascraper to v5.23.1 2021-07-27 16:07:05 +00:00
Kevin Ansfield
82032fb7c2 Added first pass at email-cta card button rendering in emails
refs https://github.com/TryGhost/Team/issues/927

- bumped `@tryghost/kg-default-cards` to version with button output when rendering
- bumped `@tryghost/kg-card-factory` and `@tryghost/kg-markdown-html-renderer` as they had (unrelated) sub-dependency updates
2021-07-27 17:05:38 +01:00
Renovate Bot
b5334fe831
Update dependency sinon to v11.1.2 2021-07-27 12:52:52 +00:00
Renovate Bot
91ab07d0d1
Update metascraper to v5.23.0 2021-07-26 12:02:57 +00:00
Daniel Lockyer
04b5a1c6c5 v4.10.2
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYP6iagAKCRDSEYbwtHKV
 rR/dAPsGjY89fheicUdZfWbVUGunIQAKCYWj4sNMR5ZJbFQ8IAD8Dbx5XLR1IYmX
 7uzjx7ayuHt+o9jJkaRFGpETIRln4w0=
 =JY+u
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYP6kDQAKCRDSEYbwtHKV
 rVJ1AQCDiGWEJNVItQbPoAURACUtQPtg8GH1O62We+LUNdKQ5gEA2+snzZAi9fag
 60k5eyYxcB4JOwSVLIS19FcybgnhuAg=
 =1a74
 -----END PGP SIGNATURE-----

Merged v4.10.2 into main

v4.10.2
2021-07-26 13:01:12 +01:00
Daniel Lockyer
570bc67790
v4.10.2 2021-07-26 12:54:18 +01:00
Renovate Bot
149101a87b Update dependency gscan to v4.2.1 2021-07-26 11:15:15 +01:00
Renovate Bot
75f6e733d1
Update dependency mocha to v9.0.3 2021-07-26 00:07:06 +00:00
Naz
a7dd7bb64b Added email verification limit check
refs https://github.com/TryGhost/Team/issues/912

- When the import threshold is reached we want to trigger an "email" limit. See details in the refed issue
2021-07-23 20:37:29 +04:00
Daniel Lockyer
dcca28a45b v4.10.1
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYPmn5QAKCRDSEYbwtHKV
 rZ7GAP44uQbWr4HFW7cAdEBG3YRDA5EC7S0uy2fdizzxuvPr2AEAqpU51eOpUPgm
 SY43m3su6G2QUoMMUJEt6HJ0xzH4FQU=
 =Qvoa
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYPmoNQAKCRDSEYbwtHKV
 rY8SAQDDoVnCn5KBFk7F4pMBEsH9CV5olF1URJf5wShFdVZrpwD/bNOf/kN/xn1R
 X2SMUaG4uZav969eRRU36h3Ky64Hdw4=
 =2WgO
 -----END PGP SIGNATURE-----

Merged v4.10.1 into main

v4.10.1
2021-07-22 18:17:34 +01:00
Daniel Lockyer
eec8273147
v4.10.1 2021-07-22 18:16:20 +01:00
Thibaut Patel
bdb6e950db
🐛 Fixed GScan errors when handling partials with undefined names
refs 81b89e9289

- The mark-used-partials util was recording `undefined` partials, it's not anymore
- Also fixed the `normalizePath` function that was breaking when given `undefined`
- This solves the two ends of a bug that prevented some Ghost instances to boot due to a theme with dynamic partials
- this commit bumps GScan to the fixed version
2021-07-22 18:12:43 +01:00
Renovate Bot
fa14e4bf5f
Update dependency @sentry/node to v6.10.0 2021-07-22 09:18:13 +00:00
Rishabh
dbcd222620 Updated member identity data for labels
refs https://github.com/TryGhost/Team/issues/909
refs 4b315348aa

Adds back `labels` and `products` to member identity data as its used for content gating with segmented post access
2021-07-22 13:01:07 +05:30
Rishabh
4b315348aa Removed unused data queries for member identity
refs https://github.com/TryGhost/Team/issues/909

The request for fetching logged-in member data was making several extra DB queries to fetch data points that are not used on frontend, like `labels`, `products`, `stripe customer`. This refactor removes these extra data points and cuts DB queries in half for fetching logged in member.
2021-07-22 12:42:45 +05:30
Renovate Bot
49a1367ff0 Update CSS preprocessors 2021-07-22 08:11:11 +01:00
Renovate Bot
c4f2864cc6 Update dependency supertest to v6.1.4 2021-07-22 08:10:50 +01:00
Naz
57c4afdea2 Integrated @tryghost/members-importer
closes https://github.com/TryGhost/Team/issues/916

- The members importer module was extracted into an ouside module as per project structuring standards
2021-07-21 19:34:30 +04:00
Daniel Lockyer
62d31bc65d
v4.10.0 2021-07-20 13:45:53 +01:00
Fabien O'Carroll
ba7ddc88c1 🐛 Fixed 500 error when creating Products
refs https://github.com/TryGhost/Team/issues/919

This version of @tryghost/members-api has a patch to the loading of the
benefits relation for products, which previously was erroring and
causing a 500 error.
2021-07-20 13:22:21 +01:00
Fabien 'egg' O'Carroll
264fb51a87
Exposed Members pub keys on /members/.well-known/ (#13163)
refs https://github.com/TryGhost/Team/issues/664

The new WellKnownController and middleware handles exposing a JSON Web
Key Set for us.

In order to serve the keys on /members/.well-known/jwks.json without a
trailing slash, we must mount the wellKnown middleware before the
frontend.
2021-07-20 13:19:31 +01:00
Kevin Ansfield
ea3bf8ad7f Bumped Koenig-related packages
refs https://github.com/TryGhost/Team/issues/910

- fixed missing `alt` attributes on images in bookmark cards
- added `email-cta` card
- dropped node 10 support
2021-07-20 12:20:36 +01:00
renovate[bot]
6646c1bb65
🐛 Fixed member cookies remaining after signout
refs https://github.com/TryGhost/Team/issues/908

The `cookies` module inside `@tryghost/members-ssr` was being used incorrectly
and resulted in cookies being set with `'[Object object]'`

Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-07-20 11:16:00 +01:00
Thibaut Patel
8425fb480d 🐛 Fixed gscan path issues on windows
issue https://github.com/TryGhost/Team/issues/901

- The main issue was in the AST linter, where partials could have either forward- or backward-slash separators depending on the operating system. We have normalized all partial names to only have forward-slashes, which matches the handlebars syntax, like `{{> icons/avatar}}`.
- The second issue was in the 005-template-compile, where we wouldn't check partials even though they were used. This also comes from the path separator difference.
- We have also updated all regular expressions to account for paths with backward-slashes
2021-07-19 18:17:17 +02:00
Renovate Bot
ab4694db47
Update dependency eslint-plugin-ghost to v2.6.0 2021-07-19 12:50:50 +00:00
Rishabh
41717a53a0 Fixed migration to avoid incorrect default prices
refs https://github.com/TryGhost/Team/issues/778

- cleans up the stripe migration to add default monthly/yearly prices for sites, which had a possibility of using complimentary (0 amount prices) in edge cases
- adds missing return in the same migration for an unlikely failure to parse stripe plans
2021-07-19 18:19:17 +05:30
Renovate Bot
dbf6c783a5
Update metascraper to v5.22.11 2021-07-19 11:38:44 +00:00
Renovate Bot
846db16071 Update dependency analytics-node to v5 2021-07-19 11:28:51 +01:00
Naz
798bbd5320 Increased slow unit tests threshold to 2000ms
refs 20aea8c819
refs bf587d4055

- The 1000 ms limit was not enough to pass consistently for some slow unit  tests. Doubling the previous threshold to be on the safe side of the slow CIs.
- We should limit this back down to 1000ms or less during next cleanup!
2021-07-19 13:22:31 +04:00
Renovate Bot
566615f014 Update dependency jwks-rsa to v2.0.4 2021-07-19 08:16:08 +01:00
Renovate Bot
97f19b1650
Update dependency eslint to v7.31.0 2021-07-19 01:06:44 +00:00
renovate[bot]
a292a4ba18
Update dependency eslint-plugin-ghost to v2.5.0 (#13149)
Co-authored-by: Renovate Bot <bot@renovateapp.com>

This version of eslint contains changes for Admin only
2021-07-16 13:13:04 +01:00
Fabien 'egg' O'Carroll
81e7d71391
Fixed created_at dates for member events on import (#13151)
refs https://github.com/TryGhost/Team/issues/542

The members-api has been updated to use the passed `created_at`
property when creating members for the status change events, as well as
using the subscription start_date for members paid subscription events

This is a duplicate of 7eb821b3f5 but
with updated dependencies.
2021-07-16 12:06:46 +01:00
Fabien O'Carroll
768709ce88 Revert "Fixed created_at dates for member events on import"
This reverts commit 7eb821b3f5.

This package version is broken.
2021-07-15 18:45:47 +01:00
Fabien O'Carroll
7eb821b3f5 Fixed created_at dates for member events on import
refs https://github.com/TryGhost/Team/issues/542

The members-api has been updated to use the passed `created_at`
property when creating members for the status change events, as well as
using the subscription start_date for members paid subscription events
2021-07-15 17:44:22 +01:00
Naz
20aea8c819 Decreased unit test's timeout
refs https://github.com/TryGhost/Team/issues/860

- As major slow test have been refactored making the timeout stricter will enforce better quality unit tests in the future
2021-07-16 00:02:33 +12:00
Daniel Lockyer
17f0aae97e v4.9.4
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYOyBkgAKCRDSEYbwtHKV
 rUwwAQCxNVIluZNQaQFq1mXsXK99oJUh62TcfaRVpLln4OIW2gEA9P74NRNzAdM+
 RC3C0CeEnGEU0ggmfa4Snp6NNT47BAU=
 =wETf
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYOyCCgAKCRDSEYbwtHKV
 rTK6AQC+F1TV6FvH/JOrjyR0pdxgr3SzAubG22a4imwQenLjEwEA0nC2wFzsyRJd
 QZxi1khdgSXKe68ZpOMhqYPvC9maCA8=
 =RAf0
 -----END PGP SIGNATURE-----

Merged v4.9.4 into main

v4.9.4
2021-07-12 18:55:16 +01:00
Daniel Lockyer
278f881f97
v4.9.4 2021-07-12 18:53:22 +01:00
Renovate Bot
167da5addd Update dependency @tryghost/root-utils to v0.3.2 2021-07-12 13:45:09 +01:00
Renovate Bot
494de507a8 Update dependency @tryghost/validator to v0.1.3 2021-07-12 13:44:54 +01:00
Renovate Bot
16649386b7 Update dependency @tryghost/version to v0.1.2 2021-07-12 13:16:54 +01:00
Renovate Bot
0750e37793
Update dependency @sentry/node to v6.9.0 2021-07-12 11:02:08 +00:00
Renovate Bot
65111c9464 Update dependency @tryghost/logging to v0.1.4 2021-07-12 10:41:34 +01:00
Renovate Bot
571e63691e Update dependency @tryghost/request to v0.1.3 2021-07-12 10:41:24 +01:00
Renovate Bot
b4f6985634 Update dependency @tryghost/debug to v0.1.3 2021-07-12 10:41:06 +01:00
Renovate Bot
a494f3d3ac
Update metascraper 2021-07-12 00:37:41 +00:00
Sam Lord
cd86724731 Merged 4.9.3 into main 2021-07-09 20:56:55 +01:00
Sam Lord
88670dfa28 v4.9.3 2021-07-09 20:41:27 +01:00
Rishabh
6bb10e6d4b 🐛 Fixed API errors when including member counts for labels
closes https://github.com/TryGhost/Team/issues/607

- patch was added in `bookshelf-include-count@0.1.3` to fix member counts for labels
- bumps `bookshelf-plugins` to include the patch
2021-07-09 19:51:17 +05:30
Sam Lord
fa231a1995 v4.9.2 2021-07-09 10:23:26 +01:00
Thibaut Patel
02324b95a3 🐛 Fixed a gscan bug that was causing Ghost to throw http 500s.
refs https://github.com/TryGhost/Team/issues/864

- gscan was breaking when parsing double-quoted helpers like `{{"pagination"}}`.
- re-used a function to convert StringLiterals to PathExpressions, which fixes the issue.
2021-07-09 10:21:23 +01:00
Thibaut Patel
92b55b7b01 🐛 Fixed a gscan bug that was causing Ghost to throw http 500s.
refs https://github.com/TryGhost/Team/issues/864

- gscan was breaking when parsing double-quoted helpers like `{{"pagination"}}`.
- re-used a function to convert StringLiterals to PathExpressions, which fixes the issue.
2021-07-09 11:06:59 +02:00
Renovate Bot
2ffad75b9d
Update metascraper to v5.22.7 2021-07-08 20:16:37 +00:00
Sam Lord
ff8e6e35b6 v4.9.1 2021-07-08 11:13:20 +01:00