no issue
Fixes the build - as test checks for instanceof ValidationError, and
we were using 2 versions of @tryghost/errors between Ghost and
@tryghost/validator.
refs https://github.com/TryGhost/Team/issues/775
As we currently do not delete canceled subscriptions and they are
exposed via the API, this functionality has been added to the
editSubscription controller method under the PUT HTTP method.
The cancelSubscription method in @tryghost/members-api was updated to
handle deleting by member id
- Part of the effort to split Ghost down into smaller, decoupled pieces
- Moved out our internal validator tooling to a separate library
- Replaced all usage of our own tooling and validatorjs directly with @tryghost/validator
- Removed the validatorjs dependency and removed the renovate pin
- This gives us a consistant, smaller, clearer public API for validations
- It will eventually be used on Ghost Admin too
- This way we can start getting up to date with validator whilst not increasing build size
no issue
The only pieces of Ghost-Ignition used in Ghost were debug and
logging. Both of these modules have been superceded by the Framework
monorepo, and all usages of Ignition have now been removed, replaced
with @tryghost/debug and @tryghost/logging.
- validator has seen a lot of change, this one bump is safe
- after this we need to go through and make API updates as isURL has changed quite significantly!
no issue
Part of the effort to split ghost into smaller, decoupled parts. The
@root-utils package lets us avoid hard-coding a path to package.json,
and means that the ghost-version.js file could eventually be moved
into a separate module.
This commit uses a patched version of @tryghost/root-utils which
checks for the existence of a `current` directory, as used in
Ghost-CLI. Since this is very specific to Ghost and Ghost CLI, there's
a new method called "getGhostRoot" for this purpose.
refs:
- cf15f60085
- dd20cc649b
- ccf27f7009
- abf146d61f
- 2b54c92a14
- bb029a53f6
- 95bd7ee675
- 9018b4df22
- df01a6e5f4
- d313726b34
- these plugins were in a state where they were independent enough to be
pulled out into their own packages, which is what we did in the
referenced commits above
- each package is named like `@tryghost/bookshelf-<plugin>`
- to avoid requiring multiple packages into Ghost, we've also created a
wrapper package called `@tryghost/bookshelf-plugins` which re-exports
all these plugins, so the changes in Ghost are very simple - dbebdd43b5
- this commit deletes the plugins + tests, and replaces with our new
package with some minor code changes
no issue
Part of the effort to split ghost into smaller, decoupled parts. The
@root-utils package lets us avoid hard-coding a path to package.json,
and means that the ghost-version.js file could eventually be moved
into a separate module.
refs https://github.com/TryGhost/Team/issues/770
We want post feature image functionality to better match what's available inside the editor, to do that we'll need somewhere to store alt and caption meta data. `posts_meta` chosen because even though we want to make this generic for other tables in the future those tables also have a `feature_image` (or closely related) field.
- updated schema with new columns
- added migration to create columns
- cleaned new columns from API output
- not output on v2/v3
- conditionally output on v4/canary output based on labs flag
- bumped `@tryghost/admin-api-schema` to allow new columns through in canary API requests
- silently clean properties from input when labs flag is disabled
- updated acceptance tests so they fail if `admin-api-schema` is not letting the new fields through
- The underlying package-json package has had i18n ripped out using the new tpl utility instead
- It's also then been refactored to not be a class that needs instantiating
- This means it can be required directly and its public interface methods used where needed
- This is a much nicer, neater pattern for what is a mature utility library :)
refs 971ac479dc
- `@tryghost/tpl` was accidentally placed in `devDependencies` but
Ghost needs this to run so it would cause Ghost-CLI to fail when it
only installs `dependencies`
- this commit moves the dependency to `dependencies`
- also pins the dependency to `0.1.0`
- We are going to get rid of the internal i18n tool because it doesn't solve a real use case
- Instead, we have a new tpl utility that does basic string interpolation
- This pattern will make it easier for us to decouple the codebase, and the new tool helps to keep the refactor surface area really small
- This is the first example of using the new tpl helper, so it also adds @tryghost/tpl
no issue
- `cssnano` requires `postcss` as a peer dependency which was causing warnings when running `yarn`
- `postcss` was available because it's a sub-dependency of `sanitize-html` so nothing was broken but explicitly adding it to `package.json` resolves the warnings
refs https://github.com/TryGhost/Team/issues/712
The ProductRepository in members-api has been updated to accept
monthly_price & yearly_price when creating and updating products, as
well as including them when reading.
refs https://github.com/TryGhost/Team/issues/728
- The code of update check has been extracted into it's own package as a part of TryGhost/Core monorepo. This commit is a cleanup of the leftover files
refs https://github.com/TryGhost/Team/issues/711
Since we need to support multiple products, which will each have a
monthly and yearly price, we are moving away from storing these ids in
settings, and instead in a column on the products table. The migration
depends on the settings being prepopulated, which is done outside of
knex-migrator, in members-api, so this migration must also be done there.
no issue
- includes sub-dependency bumps for `markdown-it` packages for markdown renderer bug fixes and to keep Ghost and Admin markdown rendering in sync
refs https://github.com/TryGhost/Team/issues/704
Previously a customer message was not passed, and the default message
was used. This made a reference to, "someone else is editing the post"
which is incorrect in this context! The members-api has been updated
with an appropriate error message, with a link to our documentation.
refs https://github.com/TryGhost/Team/issues/704
Currently when attempting to create stripe_prices without a Stripe
connection, it will fail silently. This is an issue when initially
configuring Members as the Stripe connection can take some time to be
established. By erroring we allow the client to be notifed that the
connection does not yet exist, so that it can be retried later.
refs f51c640fb0
- This should not affect any of the current code but should improve edge case errors related to "allowlist" types of limits
- See referenced commit for details when this edgecase was happening
refs https://github.com/TryGhost/Team/issues/635
This is to ensure we don't break migrations for any sites which have
imported external subscriptions which have an interval of 'week' or
'day'
The bump to members-api includes the handling of these intervals for
ongoing population of mrr events
refs https://github.com/TryGhost/Team/issues/698
The migrations to populate these settings are handled by the members-api
module, as they depend on the stripe_prices table being populated. This
cannot be guarunteed at boot, so we're unable to do this as a standard
migration.
refs https://github.com/TryGhost/Team/issues/687
- The frontmatter field has leaked into the API layer unintentionally when it was introduced into the DB schema during 4.0 release.
- The fix add the field to "trim" list in all API. A proper validation and handling will be add per API as usecase for the field becomes clear
refs https://github.com/TryGhost/Team/issues/581
closes https://github.com/TryGhost/Team/issues/582
Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings.
As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label.
- removed enum validations for `visibility` so it now accepts any string or `null`
- bumped `@tryghost/admin-api-schema` for API-level validation changes
- added nql validation to API input validators by running the visibility query against the members model
- added transform of NQL to special-case visibility values when saving post model
- ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment
- useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected
- updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match
- bumped @tryghost/members-api to include label and product data when loading member
refs https://github.com/TryGhost/Team/issues/588
- This is a new type of limit allowing to measure resource use (e.g. sent emails) per period (e.g. subscription, billing, cycle, etc)
- To enable periodical limit add following values under `hostSettings.limits`:
```
"emails": {
"maxPeriodic": 10,
"error": "Your plan supports up to {{max}} emails. Please upgrade to reenable sending emails."
}
```
and following under `hostSettings.subscription`:
```
"subscription": {
"start": "2020-04-02T15:53:55.000Z",
"interval": "month"
}
```
- Above config would allow checking if 10 emails per month starting on the 2nd of every month has been reached untill now
refs: https://github.com/TryGhost/Ghost/commit/7bce05ab8
- I wrote a custom plugin for the no-cross-requires logic between our modules after not finding anything that could do it
- Then, when searching for the next rule I wanted, I found eslint-plugin-ghost has no-restricted-requires
- This rule is more flexible, so switching to it
- NOTE: This update to eslint-plugin-ghost also fixes performance of linting our test files by pinning eslint-plugin-mocha to v7 as v8 has performance problems
refs 37ebe723c6
- `package-json` was a standalone library using dependency injection so
we could pull it out into its own package in Utils
- this was done in the commit referenced above
- this commit removes the implementation and tests in Ghost and replaces
the require in the initialization wrapper with the new package
refs https://github.com/TryGhost/Team/issues/588
- This bump allows to pass configuration for "emails" limit (flag type for now) and allows to do checks against this limit as a consequence
- Useful to be able to do basic checks for newsletter-related functionality
refs: 7e787ef807
- bumps eslint-plugin-ghost to 2.1.0 which adds the code for a new custom rule
- adds configuration to our eslint file to enable the rule in a very soft mode for now
- this rule is intended to enforce not tightly coupling the server and frontend
- the intention is to make it stricter over time as the number of cross requires reduces
- enabling this rule temporarily and running lint is a nice way to grok just how tightly coupled things are at the moment
refs https://github.com/TryGhost/Team/issues/628
After a recent bump to Stripe API version used by Members service - 2020-08-27 - importing paid members via CSV in ghost was not working correctly due to missing subscriptions object in customer data fetched from Stripe. Stripe had updated the customer resource to not include the subscriptions data by default which is now patched to always include in Ghost.
refs https://github.com/TryGhost/Team/issues/591
refs ffe24a728c
It's possible to have sites which still have customer subscriptions in their DB from old Stripe accounts, most likely added when we allowed Stripe Direct, as those subscriptions were not cleaned up. While populating stripe prices and products for existing subscriptions, we want to ignore these old subscriptions which are not part of current Stripe account instead of throwing error and halting the one off migration which we currently do.
The population script will re-run again as long as no new subscriptions are created between the last release and this, and there were no old invalid plans in DB, which is a very unlikely edge case so the data will eventually re-populate correctly.
issue https://github.com/TryGhost/Team/issues/614
- Users who have a password can directly sign-in via oauth
- User who are logged-in get their password disabled
- Users accepting an invitation get their password disabled
- The way we disable password is by setting it to a long random password
refs https://github.com/TryGhost/Team/issues/619
- Bumps `@tryghost/members-api` to `1.3.0` which adds a one-off migration to populate missing stripe prices and products
- Bumps patch versions on `@trghost/members-ssr` and `@tryghost/magic-link` to 1.02
refs https://github.com/TryGhost/Team/issues/616
This adds the schema for the Products Admin API to be used as the input
validation, and adds support for the `products` property on the Members
Admin API
Co-authored-by: Renovate Bot <bot@renovateapp.com>
no issue
- `tmp` 0.1.0 was broken and I added `tmp` to the Renovate ignore list
to stop it creating PRs - 082160106a
- 0.2.1 is fixed again so we can merge the update and remove it from the
list
no issue
- we've been unpinning dependencies in our libraries to remove
duplicates
- this commit bumps packages from the Utils repo and NQL, all of which
contain changes to unpin their own dependencies
no issue
- I recently unpinned dependencies in the Utils monorepo so we can avoid
multiple versions of the same package
- this commit bumps all the packages that I published, that do not have
other changes. Other team members should merge these
- this reverts commit 1962fb6140
- I accidentally merged this thinking we were all good, but it turns out
it needs Node >= 10.16, which we can't do until we drop Node 10 on
April 20th 2021
- this is soon, but for now we need to revert
refs https://github.com/TryGhost/Team/issues/596
refs 95751a0e5f
- previous dependency bump of `@tryghost/url-utils` resulted in two versions being referenced in `yarn.lock` with the old buggy version still being used when performing URL transforms
- bumped `@tryghost/kg-default-cards` to up it's minimum allowed version of `@tryghost/url-utils` to force a `yarn.lock` update
- bumped `@tryghost/kg-markdown-html-renderer` to avoid two versions of that library being specified in `yarn.lock`
refs https://github.com/TryGhost/Team/issues/599
- This is a precursor change to tests which verify the hostSettings limits are working correctly
- Bumped limits-service version which allows for multiple calls of loadLimits on the same service instance
refs https://github.com/TryGhost/Team/issues/510
- This version bump includes follwing interface improvements of the limit-service package: passing in errors as a parameter to "loadLimits" and allowing for custom "currentCountQuery" method implementations per limit
refs https://github.com/TryGhost/Team/issues/595
The MRR delta calculation for subscription cancelation was incorrectly setting double negative of the original amount.
- Bumped to @tryghost/members-api@1.1.1 that includes the calculation fix
refs https://github.com/TryGhost/Team/issues/596
Since Ghost 3.0, if a same-site image in a markdown card was linked to a same-site URL (eg: `](/example-post)`) then the source markdown was mangled by the absolute/relative URL transforms.
- bumped `@tryghost/url-utils` to a fixed version (see https://github.com/TryGhost/SDK/pull/379)
closes https://github.com/TryGhost/Team/issues/571
- `post.plaintext` values were being transformed with the markdown URL transformer but that wasn't picking up the link format used in our plaintext fields resulting in absolute URLs being stored in the database rather than `__GHOST_URL__` URLs
- meant that if the `url` config is changed then plaintext and other calculated fields that used it would have URLs that referred to the old domain rather than the new one
- re-saving the posts would have updated it but that's not feasible to do manually for large sites
- bumped `@tryghost/url-utils` to a version that has plaintext transform utils and updated the post model's transform map
closes https://github.com/TryGhost/Team/issues/567
- bumped `@tryghost/kg-default-cards` with a version containing a bugfix for detecting absolute URLs as local content images when they match the site url supplied as an option when rendering
- this bug surfaced because of the change in https://github.com/TryGhost/Ghost/pull/12787 - the renderer is now seeing absolute URLs when passed content from the model layer rather than `__GHOST_URL__` URLs. We didn't hit it in 3.x because that was passing content with relative URLs.
no issue
- we run raw mobiledoc through the mobiledoc-html renderer and we now store URLs in raw mobiledoc as `__GHOST_URL__` relative. Those URLs were not passing the "local image" check in the renderer for image optimisation availability meaning the srcset and sizes output was skipped
- bumped library version to include a fix for the optimisation check
closes https://github.com/TryGhost/Team/issues/467
- switches to storing "transform-ready" URLs in the database
- transform-ready URLs contain a `__GHOST_URL__` placeholder that corresponds to the configured url that gives a few benefits
- much faster and less memory intensive output transformations through not needing to parse html or markdown - the transform can be achieved using a straightforward regex find+replace
- ability to change to/from or rename subdirectory without any manual updates to the database
- modified existing 4.0 url-transformation migration rather than adding another one and repeating the transformation on posts rows
refs https://github.com/TryGhost/Team/issues/469
This updates to logic for generating the member events timeline used on
the dashboard to include member signup events and exclude newsletter
subscription events that are the byproduct of a member signup.
This allows site owners to get a fuller picture of what's happening with
their members, whilst reducing the noise of almost duplicate data.
This also fixes a bug where the timeline was not ordered correctly
refs https://github.com/TryGhost/Team/issues/492
- updates regex that checks valid files to test rules against to include all *.hbs files
- cleans up rules for last4 and currency_symbol helpers
- fixes a really weird unexpected token = error when using lodash templates in Ghost
- this was caused by _.templateSettings being global
- this fix ensures that the config of the limit-service stays in the limit-service!
refs: https://github.com/TryGhost/Team/issues/510
- added and wired up the new limit service, which is a lazy-loaded service
- this handles the case that there are host limits set in config, and wraps all the logic needed for detecting exceeded limits & throwing limit errors
- expects limits to be set in config under `host_settings.limits`
- supported limits are managed in the limit service, outside of core
refs https://github.com/TryGhost/Team/issues/513
- The `defaultApiVersion` parameter was bumped to v4 in this version
- Also contains a refactore for `url.parse` method which was used for base url detection
closes https://github.com/TryGhost/Team/issues/493
- all functionality except that directly related to Ghost's database and business logic now lives in external packages
- @tryghost/email-analytics-service
- @tryghost/email-analytics-provider-mailgun
refs https://github.com/TryGhost/Ghost/issues/12496
- Handling logging in the main thread avoids file handle leaks which happen due to leaky implementation of bunyan logger (see referenced issue for more context)
- Bumped job-manager version to allow for `workerMessageHandler` callback funciton
- This commit removes the old boot process and any files that are no longer needed as a result
- Remove the duplicate event for triggering inactive themes to load
- Tidied up a few other bits
refs https://github.com/TryGhost/Ghost/issues/1325
- updated `kg-default-cards` to version that includes lazy loading attributes on image and gallery card output
- updated `kg-markdown-html-renderer` to version that includes lazy loading attributes on markdown images
closes https://github.com/TryGhost/Team/issues/466
- upgraded kg-default-cards to include paywall card
- extracted `htmlToPlaintext` from post model to shared util for re-use
- updated post-gating to set html+plaintext to the free preview if a paywall card has been used
- re-generates plaintext from the truncated html using `htmlToPlaintext` util
- display free content in the `{{content}}` helper via the default CTA template
refs https://github.com/TryGhost/Team/issues/221
- adds width and height attributes back to html output for images
- previously added and later removed because it's a potentially breaking change for themes, now we're on a major we can re-introduce it
refs https://github.com/TryGhost/Ghost/issues/12646
- bumps mobiledoc and markdown renderer versions with [new header id algorithms](5f0c2fb8bc)
Uses the newly added [`ghostVersion` support](0eadc22ddd) to conditionally switch to new header id behaviour when rendering 4.0 or later mobiledoc.
- rather than trying unsuccessfully to "improve" readability of anchor links by removing or replacing chars the anchor ID generation will now strip certain special chars, replace spaces with `-` and then url-encode the header text
- ids in source code will have percent-encoding but when links or urls are displayed by browsers they will appear as native characters
- relies on native browser behaviour so all languages are supported
refs https://github.com/TryGhost/Team/issues/221
- These changes are a precursor for stable version bump of admin-api-schema. Should allow for early bug detection and introduction of breaking changes in the canary admin-api-schemas
no-issue
* Removed support for paid param from v3 & canary API
* Updated active subscription checks to use status flag
* Updated MEGA to use status filter over paid flag
* Removed support for paid option at model level
* Installed @tryghost/members-api@1.0.0-rc.0
* Updated members fixtures
closes https://github.com/TryGhost/Ghost/issues/12493
- the published version of `bookshelf-relations` 1.4.0 was missing the critical commit that added the new relationship config feature
- v1.4.1 is a valid release
closes https://github.com/TryGhost/Ghost/issues/12493
- bumps `bookshelf-relations` to new version that allows for `hasMany` children to be kept when a parent record is destroyed
- adds necessary config to the `Member.email_recipients` relationship to keep related records when a member is deleted
refs https://github.com/TryGhost/Ghost-Utils/issues/118
- Duplicating error handling across jobs is not best developer experience. Also, having custom error handling logic did not allow for recommended worker script behavior: allowing for unhandled exceptions to bubble up and be managed by parent process
no issue
- schema validation was erroring due extra properties on the member resource that were recently added to the output causing the client to send them back when saving
- updated @tryghost/admin-api-schema to include skips for the new read-only properties
no-issue
- Updates members-api to throw errors when attempting to link to
stripe customers if it is not configured, which allows us to include
the errors in the CSV
- Updates members-csv to handle the header mappings as well as parsing
the values so that we can read a CSV file and get back valid member
objects
refs #12402
- With bumped version of job-manager it offloads job procesing into separate worker thread. Having jobs run out of main Ghost process even loop allows for safe job execution, which does not block Ghost from serving requests or performing other functions without a delay
- Added experimental data access to 'testmode' jobs. This should serve as an illustration of how to access data from the job layer
no issue
- These changes should allow easy testing of scheduled jobs and provide an implementation example for future jobs within Ghost
- Added experimental support to run jobs based on functions defined in modules
- Extendeded testmode "schedule" endpoint with an optional job name parameter which picks up job from "jobs" folder
- Adjusted scheduleJob method use and passed "schedule" as first parameter
- Bumped job-manager version to allow for all new functionality
no issue
- We need an ability to early test scheduled jobs to refine the new feature and it's API. Should be used with caution
- To schedule an example scheduled job every 30 seconds run following request: `curl http://localhost:2368/ghost/api/schedule/every%2030%20seconds`
refs #11572
- Filtering by fields coming from posts_meta table did not work for post resources. This was due to lack of support for these types of operations on NQL layer. The approach taken here is using same way filtering was done for many:many relations and generates a `WHERE IN` filtering clause. In the future we could look into adding preloading of 1:1 relations which should allow getting rid of `WHERE IN` in favor of `JOIN` and filtering directly by field names.
- Changed structure of `EXPANSIONS` filter configuration. Current approach was based on "bag of all the things". Such structure will become problematic as more fields are added. For example, adding all the fields from 1:1 relation posts:posts_meta might collide with any other relations that would have similar naming like meta_description from tags table (if it were was added).
- Bumped nql version to 0.5.0. This adds filtering support to 1:1 relations
- Added filter expansions which can be unique per model Previous approach with single global expansions lookup wasn't working in case different models would need to declare expansion for same field names. Having a `filterExpansion` method per model works in a similar convention other filter related model methods do (e.g. enforcedFilters, defaultFilters)
closes https://github.com/TryGhost/Ghost/issues/11548
- bumps @tryghost/kg-default-cards
- introduces a breaking change where `imageOptimization` is passed as an options argument instead of separating out individual config options
- fixes width/height attributes for images in gallery cards being larger than the max default width used when resizing images
no issue
- standard browse/read/add/edit/destroy API endpoints for snippets resource
- updates `@tryghost/admin-api-schema` dependency to version that includes snippet definition and schemas
closes#12273
- `comped` field has been allowed when editing a member or importing from a CSV. There has been a usecase (Zapier Integration) for API client to create a member with "Complimentary" plan, which made this change necessary
- Previously the logic for comped field was to skip and continue member record creation if Stripe was not connected. Now we throw an error - same as the one we have been throwing before when stripe_customer_id field was passed in. The implication of this change is that we won't be creating any record now if comped === true and Stripe is disabled.
- Bumped admin-api-schema-package. Contains `comped` schema change so this field gets passed through to controller
