no issue
- moved card definitions to a new library `@tryghost/kg-default-cards`
- moved `createCard` factory function to a new library `@tryghost/kg-card-factory`
- moved image.manipulation lib to a new package called @tryghost/image-transform
- new package has an updated API signature, so the method calls have changed but the underlying code is identical
- removed the optional sharp dependency from Ghost, as this is now optionally required by the image-transform module
- Moved zipFolder to a new package
- also exposing extract-zip from the new package
- new package has the API pre-promisified
- also uses @tryghost/extract-zip instead of extract-zip, which has bugfixes
no-issue
This adds two new endpoints, one at /ghost/.well-known/jwks.json for exposing
a public key, and one on the canary api /identities, which allows the
Owner user to fetch a JWT.
This token can then be used by external services to verify the domain
* Added ghost_{public,private}_key settings
This key can be used for generating tokens for communicating with
external services on behalf of Ghost
* Added .well-known directory to /ghost/.well-known
We add a jwks.json file to the .well-known directory which exposes a
public JWK which can be used to verify the signatures of JWT's created
by Ghost
This is added to the /ghost/ path so that it can live on the admin
domain, rather than the frontend. This is because most of its
uses/functions will be in relation to the admin domain.
* Improved settings model tests
This removes hardcoded positions in favour of testing that a particular
event wasn't emitted which is less brittle and more precise about what's
being tested
* Fixed parent app unit tests for well-known
This updates the parent app unit tests to check that the well-known
route is mounted. We all change proxyquire to use `noCallThru` which
ensures that the ubderlying modules are not required. This stops the
initialisation logic in ./well-known erroring in tests
https://github.com/thlorenz/proxyquire/issues/215
* Moved jwt signature to a separate 'token' propery
This structure corresponds to other resources and allows to exptend with
additional properties in future if needed
no issue
- includes fixes for html->mobiledoc conversion
- fixes multiple spaces appearing in text content if source content is indented and has newlines
- fixes crash if source content has `<li>` elements containing headers
- fixes crash if source content has non-`<li>` top-level elements inside a list
- fixes `blockquote>p` markup in source content losing blockquote styling
no issue
- Multiple currencies for membe plans were supported under the hood but never had a clear interface to manage them. This change allows to reference currently used currency and it's symbol from the theme layer with following syntax: `{{@price.currency}}` and `{{@price.currency_symbol}}
no issue
- updated `@tryghost/members-api` which now includes geolocation lookup from IP address during member signup and signin when geolocation data doesn't already exist
no issue
- This functionality allows member to update their billing information, like credit card information.
- Adds handler to update Stripe billing when element with `data-members-edit-billing` attribute is present on the page. Additional `data-members-success` and `data-members-cancel` attributes could be used to control the redirects on billing update success or failure. They work in the same fission as for 'members-plan' (https://ghost.org/docs/members/checkout-buttons/#redirects)
no issue
* Updated sendEmailWithMagicLink syntax
* Updated label name selection from theme
* Updated migration version for labels
* Added labels to export/import of members
* Added member labels sanitization for case-insensitive duplicates
* Fixed tests
* Fixed label serialization bug on import
* Bumped @tryghost/members-api to 0.15.0
* Fixed lint
* Cleanup
no issue
- This bump fixes a problem where members_stripe_customers_subscriptions were not able to be created due to plan 'nickname' NOT NULL constraing. This case was possible because in earlier versions of Stripe API `nickname` property was allowed to be `null`
no issue
- New fields that are accepted through members CSV import endpoint are:
- `subscribed_to_emails` - corresponds to `subscribed` flag in API
- `stripe_customer_id` - links existing Stripe customer to created member
- `complimentary_plan` - flag controlling "Complimentary" plan subscription creation for imported member
- Noteworthy exception in field naming - `subscribed_to_emails` that corresponds to `subscribed` API flag present on members resources. It's a special case of CSV format, where users can be less technical it's more explicit to what the flag does (also the same naming is applied in the Admin UI)
- Failing to either link Stripe customer or assign "Complimentary" subscription to imported member behaves in a transaction-like manner - imported record is not created in the database. This is needed to be able to retry imports when it fails for reasons like connectivity failure with Stripe or Stripe miss-configuration.
- To avoid conflicts with linking same Stripe customer to multiple members there is a special handling for duplicate `stripe_customer_id` fields. Records with duplicates are removed from imported set.
no issue
- Renovate automerged a bump for tmp, but this version has a bug and
shouldn't have passed the automated tests
- this commit reverts the package back to the working version
This reverts commit 6e024331eb.
Temporarily reverting whilst we investigate an issue with Sentry and running Ghost via Ghost-CLI.
Ghost-CLI initiated boot was failing when Sentry was installed due to what appears to be `process.cwd()` returning `undefined` here https://github.com/TryGhost/Ignition/blob/master/lib/config/index.js#L26
no issue
- We need a way to simulate "premium" membership without any payment from members' side. For this new "Complimentary" plan is introduced
- Allows `comped` flag as an input only on `PUT /members/:id` endpoint which sets free subscriptions based on "complimentary" plan on the member
- Added `comped` flag to members endpoint responses
- Bumped members-api to 0.12.0. This version supports new set/cancel complimentary subscription methods
refs https://github.com/TryGhost/Members/pull/105
- As members module has become a core part it makes sense to follow the same principles as in all other controllers and use the model directly instead of calling external services.
- Bumped @tryghost/members-api to 0.11.1 . New stripe-specific methods used in controllers are available starting with this version
- Exposing these new methods is a little hacky because there are no relationships setup on members_* tables. Left notes for future improvements once relations are introduced.
- We don't allow for chaging member's emails at the moment. For this reason had to modify JSON schema a little. It doesn't support OO inheritence: "This shortcoming is perhaps one of the biggest surprises of the combining operations in JSON schema: it does not behave like inheritance in an object-oriented language. " (ref. https://json-schema.org/understanding-json-schema/reference/combining.html#allof)
refs c059e8e32e
- Reason why the refactor was needed can be found in refed commit
- The logic was extracted into members-api through passing models
directly as member-api module constructor parameters
- Bumped @tryghost/members-api to 0.11.0. Needed to work after the
refactor
no issue
- The helper allows generating HTML needed to cancel or continue the member's subscription depending on subscription state.
- Added public members endpoint to allow updating subscription's `cancel_at_period_end` attribute available at: `PUT /api/canary/members/subscriptions/:id/`
- Added client-side hook to allow calling subscription cancellation. Allows to create elements with `data-members-cancel-subscription` / `data-members-continue-subscription` attributes which would call subscription update.
- Updated schema and added migration for `current_period_end` column
- As discussed we only add a single column to subscriptions table to avoid preoptimizing for future cases
- Added {{cancel_link}} helper
- Added error handling for {{cancel_link}} when members are disabled
- Added test coverage for {{cancel_link}} helper
- Bumped @tryghost/members-api version to 0.10.2. Needed to use `updateSubscription` middleware
- Bumped gscan to 3.2.0. Needed to recognize new {{cancel_link}} helper
no issue
- This includes the interface change for members-api constructor - now accepts the member's model instead of proxy methods. These methods have been moved ton @tryghost/members-api in favor of using the model directly (ref: https://github.com/TryGhost/Members/pull/105)
- Moved error handling from the service layer to controller
- Bumped @tryghost/member-api package to 0.10.0
no issue
- Sends formatted email to members
- Added css inlining support for MEGA template
- Migrated MEGA service to use API serializers
- Service needs to be compliant with the API to be able to serve absolute URLs for resources like images
- Fixed send email check for previously sent mails
no issue
When using certain proxy setups that result in `host` and `x-forwarded-host` being different, it became impossible to access Ghost because all routes showed generic 404 pages.
- `vhost` module that we are using to separate front-end and admin urls does not use express' `req.hostname` so it does not pick up the `x-forwarded-host` url that express' `'trust proxy'` config gives us
- switched to the forked `@tryghost/vhost-middleware` package which has a one-line change to use `req.hostname || req.host`
- added `'trust proxy'` config to the admin express app and switched to using `req.hostname` in our redirect code to avoid infinite redirect loops
