Commit Graph

1962 Commits

Author SHA1 Message Date
Naz
ce63b87b2e 🐛 Fixed extention missmatching .mp4 as invalid
refs https://github.com/TryGhost/Toolbox/issues/120

- When a file name with an .mp4 extension was passed in it was mistakenly taken as an invalid extension. It is pretty valid!
- Fixing this bug allows for for duplicate file detection when uploading valid valies with extensions containing numbers
- Extensions that consiste only from numbers are still treated as invalid
2021-11-09 16:07:23 +04:00
Kevin Ansfield
3150142b2f Updated button card frontend+email render output
refs https://github.com/TryGhost/Team/issues/1207

- uses koenig-specific classes to avoid clashes with theme CSS
- fixes email rendering by using table alignment
2021-11-09 10:44:18 +00:00
Thibaut Patel
bfaccadd4e Added initial callout card rendering
refs https://github.com/TryGhost/Team/issues/1205

- bumped rendering library to the version with `callout` card support
2021-11-09 10:36:51 +01:00
Fabien O'Carroll
3017f9d50c 🐛 Fixed offers remaining after subscription change
refs https://github.com/TryGhost/Team/issues/1092

This ensures that when a subscription is changed by a Member that the
Offer is removed and will no longer apply.
2021-11-09 11:22:04 +02:00
Renovate Bot
6b2cbe5c18
Update dependency luxon to v2.1.1 2021-11-08 22:35:35 +00:00
Kevin Ansfield
3a2bf93173 Added initial button card rendering and parsing support
refs https://github.com/TryGhost/Team/issues/1207

- bumped rendering and parsing libraries to versions with `button` card support
2021-11-08 18:33:26 +00:00
renovate[bot]
b7d8d70ccf
Update dependency @tryghost/members-api to v2.7.3 (#13717)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-11-08 12:40:17 +02:00
Renovate Bot
13d282fb94 Update dependency cssnano to v5.0.10 2021-11-08 08:30:43 +00:00
Renovate Bot
6ad0ac4103 Update dependency nock to v13.2.0 2021-11-08 08:30:30 +00:00
Naz
151ab6968c Added local file storage adapter
refs https://github.com/TryGhost/Toolbox/issues/114

- This adapter is meant to power Files API
- The files will be stored under `/files/` in the configured content path and under `/content/files/` URL.
2021-11-08 11:29:33 +04:00
Renovate Bot
9d0af694d0
Update dependency oembed-parser to v1.5.2 2021-11-08 03:57:58 +00:00
Renovate Bot
46762eb624
Update dependency luxon to v2.1.0 2021-11-08 01:53:51 +00:00
Renovate Bot
de6fff90b3
Update dependency @sentry/node to v6.14.1 2021-11-05 16:01:42 +00:00
Renovate Bot
fa03052187 Update dependency @tryghost/job-manager to v0.8.12 2021-11-05 13:35:34 +00:00
Daniel Lockyer
ed4586c28c
Disabled Sharp image cache to improve memory usage
refs 03d24ea4fe

- see the referenced commit for the full explanation but in short, Sharp
  has an internal cache it uses when optimizing images and it defaults
  to 50MB. This cache is not needed for our use-case because we never
  optimize images twice
- `@tryghost/image-transform` has been updated to disable the cache and
  this commit bumps the package in Ghost
2021-11-05 12:32:13 +00:00
Fabien O'Carroll
72b90151bb Disabled auto-login when a success url is provided
refs https://github.com/TryGhost/Team/issues/1067

The auto-login behaviour obliterates the concept of a success URL,
because the Member is redirected in a logged in state, to the welcome
URL - rather than a logged out state to the success URL.

In order to not disrupt existing flows, we disable auto login if a
success URL is provided.
2021-11-05 10:24:02 +02:00
Hannah Wolfe
fdf38ba8c6
Initial card asset service implementation
- Requires the new @tryghost/minifier package
- Adds a new service that will handle taking config from the theme and optionally including assets for Koenig editor cards
- It supports both css and js as cards may need one or both
- For any given config, the tool can find the matching files to include and concat and minify them into one file per type
- Currently has an override in place so that this is not yet customisable in the theme - will remove this override when we're ready for the feature
2021-11-04 11:34:40 +00:00
Renovate Bot
f421ee79d8 Update dependency @lodder/grunt-postcss to v3.1.1 2021-11-04 07:33:33 +00:00
Fabien 'egg' O'Carroll
da152a0a13
Removed references to Offers labs flag (#13709)
refs https://github.com/TryGhost/Team/issues/1115

This feature is now GA, and the flag has been hardcoded to `true`, here we clean up the
remaining references as they're no longer needed.
2021-11-03 17:11:48 +02:00
Renovate Bot
0acdbde010
Update dependency @sentry/node to v6.14.0 2021-11-03 11:42:22 +00:00
Renovate Bot
28bcd66d1b Lock file maintenance 2021-11-03 09:19:55 +00:00
Fabien O'Carroll
a0cad99a72 Added initial support for Members auto-login
refs https://github.com/TryGhost/Team/issues/1067

When the `membersAutoLogin` labs flag is enabled this will override the
successful redirect URL from Stripe Checkout - and instead use a magic
link, which will log the Member in.

Note that this will only work for brand new members. This is to stop
unauthorized access of Member accounts.
2021-11-03 11:17:02 +02:00
Renovate Bot
ada554e6f0
Update dependency sanitize-html to v2.5.3 2021-11-02 15:59:03 +00:00
Thibaut Patel
3f7448ae38 🐛 Fixed gscan crashing on invalid package.json
refs 7c2c9d54d8

- Gscan won't crash on invalid json, and display the list of failed rules instead
2021-11-02 16:57:26 +01:00
Fabien O'Carroll
b45e514cb1 🐛 Prevented unexecuted migrations from being rolled back
refs https://github.com/TryGhost/knex-migrator/issues/241

Previous to this bump if a migration was occuring across multiple
versions and a migration was to error, we would incorrectly rollback
migrations which had not run yet.

For example - assume we are on v1.0.0 and migrating to v1.3.0, and there are
migrations for v1.1.0, v1.2.0 & v1.3.0. In the case that a migration in
v1.2.0 fails, we will still attempt to rollback migrations from v1.3.0.

This is no longer the case, and we will only roll back migrations which
have already been run.
2021-11-02 16:27:15 +01:00
Renovate Bot
52ee74c16a Update dependency cssnano to v5.0.9 2021-11-02 15:22:27 +00:00
Fabien O'Carroll
0cb551d37b 🐛 Fixed handling of non-subscription invoices
refs https://github.com/TryGhost/Team/issues/887

This updates our webhook handling to ignore invoices which are not
associated with a subscriptions. This stops us from throwing 500 errors
when a Stripe account is used for more than just Member subscriptions,
for example - selling products, or taking one-off payments.
2021-11-02 15:40:03 +02:00
Naz
02da62ee48 Added limit service check for uploaded media filesize
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Uploading large files is costly and might cause DDoS. Limits would allow fair use of the site instance.
- The configureation in hostSettings to enable an "uploads" limit would look like following:
```
"hostSettings": {
    "limits": {
            "uploads": {
                "max": 5,
                "error": "Your plan supports uploads of max size up to {{max}}MB. Please upgrade to reenable uploading."
            }
    }
}
```
- Read more at ba37890be4/packages/limit-service (usage)
2021-11-03 00:33:28 +13:00
Fabien O'Carroll
c45afc7f26 🐛 Fixed email type when creating Members via API
refs https://github.com/TryGhost/Team/issues/1197

We were always sending the 'signin' email, rather than respecting the
email_type param passed to the API. This updates our email sending when
creating members to force the requested type if it's present.
2021-11-02 12:56:00 +02:00
Renovate Bot
30bc2f5090 Update dependency @tryghost/metrics to v1 2021-11-01 12:40:49 +00:00
Renovate Bot
083b57a924 Update dependency @tryghost/logging to v1 2021-10-28 19:57:49 +01:00
Renovate Bot
858a9897d4 Update dependency @tryghost/update-check-service to v0.2.5 2021-10-28 17:43:41 +01:00
Renovate Bot
ca2c9b92cd Update dependency @tryghost/email-analytics-provider-mailgun to v1.0.5 2021-10-27 13:41:11 +01:00
Renovate Bot
650c88b3dd Update dependency @tryghost/email-analytics-service to v1.0.4 2021-10-27 12:07:52 +01:00
Daniel Lockyer
f4b48c1373 🔥 Added support for Node 16
refs https://github.com/TryGhost/Toolbox/issues/71

- Node 16 is now LTS so we're adding support in Ghost
- we're also bumping the minimum Node 14 version to 14.17.0 so we can merge
  dependencies who have higher Node 14 requirements than current
- this commit adds Node 16 to the `package.json` engines and to CI
- also bumps all dependencies that needed new versions to add Node 16
  support
2021-10-27 11:39:42 +01:00
Thibaut Patel
1b01036458 Removed the theme settings lab flag in gscan
refs https://github.com/TryGhost/Team/issues/1164

- theme settings are GA now
2021-10-26 17:46:29 +02:00
Thibaut Patel
e851e28b16 Fixed gscan crash on files starting with package.json
refs https://github.com/TryGhost/Team/issues/1185

- gscan was attempting to json parse all files starting with package.json
2021-10-26 12:23:11 +02:00
Thibaut Patel
e4ce745ab6 🐛 Fixed gscan falsely triggering the "unused theme setting" error
refs https://github.com/TryGhost/Team/issues/1183

- This gscan rule wasn't parsing the partials where the theme setting was used
2021-10-26 11:20:05 +02:00
Kevin Ansfield
af4c115fb3 🐛 Fixed error from custom settings sync when theme name contains . chars
no issue

- bumped `@tryghost/custom-theme-settings-service`
- contains a fix for invalid filter strings being generated for theme names that contain `.` by wrapping the name in quotes, eg `theme:'4.1.1-my-theme'`
2021-10-26 10:18:47 +01:00
Fabien O'Carroll
960828b646 Removed handling of invoice.payment_failed webhook
refs https://github.com/TryGhost/Team/issues/885

This webhook was not used to populate data, and was causing 404's when
checkout sessions were completed, but payment had failed. Removing it
should fix these 404's.
2021-10-25 14:34:45 +02:00
Fabien O'Carroll
a68b96001c Fixed max-complexity-warnings for members API
no-issue

This removes logic from the Members API controller, and into the Members
BREAD service, this allows our controllers to be simpler and easier to
maintain, as well as keeping the important logic all together.
2021-10-25 14:06:12 +02:00
Daniel Lockyer
cfb5323017
Merged v4.20.3 into main
v4.20.3
2021-10-25 11:32:31 +02:00
Kevin Ansfield
8e2568c776 🐛 Fixed error when a theme does not have a "config" object in it's package.json
no issue

- bumped `gscan` to version with an added guard check where it extracts custom theme settings from `config.custom`
2021-10-25 10:08:35 +01:00
renovate[bot]
d266dfe291
Update dependency @tryghost/members-api to v2.4.4 (#13670)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-25 10:05:37 +02:00
Renovate Bot
54dba233f6
Update metascraper to v5.25.0 2021-10-25 03:52:14 +00:00
Renovate Bot
3b773c2ab5
Update dependency oembed-parser to v1.4.9 2021-10-22 16:21:39 +00:00
Fabien O'Carroll
c3694c9903 Improved error messages for Offers API
no-issue

The error messages for duplicate Offer name and code were not
particularly helpful. This includes an update to them based on feedback
from Peter.
2021-10-22 16:50:48 +02:00
Renovate Bot
b2e95ba12a Update dependency @tryghost/metrics to v0.2.6 2021-10-22 15:50:35 +02:00
Renovate Bot
b467d45c5c Update dependency @tryghost/image-transform to v1.0.17 2021-10-22 15:47:28 +02:00
Renovate Bot
0bacf3ef69 Update dependency @tryghost/config-url-helpers to v0.1.3 2021-10-22 15:45:52 +02:00