closes https://github.com/TryGhost/Ghost/issues/15290
- Capture error from model errors
- Add hasValidated for name property to properly mark field as error/success
- Add property to hasValidated after each failed validation
- Wrap saving on try-catch to suppress uncaught exception (validation error)
closes https://github.com/TryGhost/Ghost/issues/15391
- `vertical-collection` component was throwing errors during render when the tags list was filtered down causing slowdowns or full Admin crashes
- similar regression had popped up before and fixed in https://github.com/TryGhost/Ghost/pull/15207 but the dependency had been bumped again without realising it caused an error
- added a test that triggers the error-throwing behaviour in the tags input to help catch this in future dependency updates
refs https://github.com/TryGhost/Toolbox/issues/403
- as we're moving towards independent Admin releases, we want to make
sure that we can bust cache when an asset is updated
- right now, svg, ttf and ico images aren't fingerprinted, so if they
change, it'll require a browser cache clear to update them
- instead, we should add them to the list of fingerprinted file
extensions to fix this issue
no issue
- relocated the screen-specific modals from `modals/` to `members/modals/` directory as part of a on-going reorganisation of components into screen-specific directories
refs: https://github.com/TryGhost/Team/issues/1121
- use captureMessage instead of captureException in showAlert as showAlert should always have a String not an Error
- this should hopefully improve how these things appear in Sentry
- moved source to a tag, not context, so we can filter on the source in sentry UI
refs: https://github.com/TryGhost/Team/issues/1121
- Reviewing the list of errors in sentry, some of the most common ones are:
- success messages like "Password changed"
- info messages like "Please check your email for instructions."
- warnings like "You need to sign out to register as a new user."
- None of these are errors, so they shouldn't appear in sentry
refs https://github.com/TryGhost/Team/issues/1025
- added `{{humanize-recipient-filter}}` helper that converts an NQL recipient filter into a more readable format
- updated posts list to use the new helper in the sends column tooltip shown when hovering with the mouse
no issue
- relocated screen-specific components into a separate `posts-list/` directory as part of the move to keep the top-level `components/` directory for re-usable components
refs https://github.com/TryGhost/Ghost/issues/14101
- controller was already mostly up-to-date with Octane patterns
- removed unnecessary use of `@computed` and removed `@classic` decorator
no issue
- relocated screen-specific components into a separate `tags/` directory as part of the move to keep the top-level `components/` directory for re-usable components
refs https://github.com/TryGhost/Team/issues/1871
This commit adds a test to the serialize method of `post-emaiserializer`. It checks whether the generated email HTML is valid and standard HTML5 and that all properties are escaped.
To do this validation, I depend on the new `html-validate` dev dependency. Just parsing the HTML with a HTML parser is not enough to guarantee that the HTML is okay.
Apart from that this fixes:
- Removed the sanitizeHTML method and replaced it with normal HTML escaping. We don't want to allow any HTML in the escaped fields. Whereas `sanitizeHTML` still allows valid HTML, but we don't want that and want the same behaviour as on the site. E.g., a post with a title `All your need to know about the <br /> tag` should actually render the same title and non-html content, being `All your need to know about the <br /> tag`
- The file, nft and audio card didn't (always) escape the injected HTML fields (new version @tryghost/kg-default-cards)
- `@tryghost/string` is bumped because it contains the new escapeHtml method
The Posts API does not strip unknown properties when dealing with relations,
which meant that tags were being sent up with a `parent` property which would
always cause the model to be considered "changed". This resulted in the update
methods being called, and leading to unexpected behaviour.
Whilst this change does fix things for the History feature, the correct fix is
to update the admin-api-schema, or the input serializers such that they only
allow through known and allowed properties.
