ref MOM-31
ref https://linear.app/tryghost/issue/MOM-31
We'll be building a lot of the new code for ActivityPub in Nest, so we'll need
to have it enabled in Ghost to work.
ref DES-205
- label name is now used as the title on label pills instead of static
text
- label names will now be truncated when it takes more than 2 lines
instead of 1
ref https://linear.app/tryghost/issue/MOM-1
- renamed `searchable` to `groupName` so it better matches usage and avoids leaking internal naming to external clients
- added `url` to the fetched data for each data type as the editor will want to use front-end URLs in content
- added acceptance tests to help avoid regressions as we further generalise/optimise the search behaviour
- The RSS cache has lived for a really long time, but I'm not sure it's useful
- Want to be able to determine if it gets used much, and if not, then we can remove it
ref https://github.com/TryGhost/Ghost/issues/19797
- Fixed FirstPromoter always showing Active in Integration Settings list
- This was due to the position of the variable in the array being in the
wrong positon and indexed incorrectly.
- Added additional testing to avoid it from cropping up again.
closes https://linear.app/tryghost/issue/ENG-780
- the `admin-auth` frame was set up to log when any `message` event was handled but couldn't be parsed as JSON. For our own events that's fine but `message` events are also frequently triggered by browser extensions meaning the DevTools console log could become quite noisy for no reason
- removed the logging as it's noisy and not useful outside of development
ref 78311591d0
- updated tests to not click a button on the setup/done screen that is no longer shown
- fixed setup flow showing an alert bar due to not handling the `TransitionAborted` error that is thrown by the setup/done->dashboard redirect
ref ENG-189
- A type error was flagged by Sentry where Settingscrashed where the API
data wasn't formatted correctly and the error boundary didn't kick in.
- This adds additional safety to ensure the required data exists before
attempting to render the elements.
ref https://linear.app/tryghost/issue/KTLO-1/members-spam-signups
- Some customers are seeing many spammy signups ("hundreds a day") — our
hypothesis is that bots and/or email link checkers are able to signup by
simply following the link in the email without even loading the page in
a browser.
- Currently new members signup by clicking a magic link in an email,
which is a simple GET request. When the user (or a bot) clicks that link, Ghost
creates the member and signs them in for the first time.
- This change, behind an alpha flag, requires a new member to click the
link in the email, which takes them to a new frontend route `/confirm_signup/`, then submit a form on the page which sends a POST request to the
server. If JavaScript is enabled, the form will be submitted
automatically so the only change to the user is an extra flash/redirect
before being signed in and redirected to the homepage.
- This change is behind the alpha flag `membersSpamPrevention` so we can
test it out on a few customer's sites and see if it helps reduce the
spam signups. With the flag off, the signup flow remains the same as
before.
