Commit Graph

33936 Commits

Author SHA1 Message Date
Fabien "egg" O'Carroll
ed674981e6 Updated npm scripts to support packages with a build step
- Updates the prepare script in the top level to run prepare on packages, so
  that packages can be built when running `yarn`

- Updates the build script in ghost/core to run build on packages, so that
  packages are built before being monobundled

- Updates monobundle to be a dependency and use the new TryGhost repo, which
  includes some minor fixes and improvements, such as supporting devDeps

- Updates the GitHub workflows to run the build command in the top level
  directory rather than ghost/core so that other packages are built, too.
2023-05-03 14:32:31 -04:00
Sam Lord
cb30c9bbc9 Prevent posts_meta data from killing the data-generator process
no issue
2023-05-03 16:28:29 +01:00
Simon Backx
84c6c0397b 🐛 Fixed CMD/shift clicking to open the editor in a new tab/window
refs https://ghost.slack.com/archives/C025584CA/p1683105468216909

When holding cmd,ctrl or shift when clicking a post list item, it would try to select it. But that meant some user flows were broken where users would open multiple posts at the same time in a new tab.

This change allows you to cmd/ctrl/shift/right click on the edit button again.
2023-05-03 17:02:26 +02:00
Ghost CI
81c93c16f0 Merged v5.46.1 into main 2023-05-03 13:47:34 +01:00
Ghost CI
17025cd344 v5.46.1 2023-05-03 13:47:31 +01:00
Fabien "egg" O'Carroll
b3caf16005 🔒 Fixed filtering on private Author fields in Content API
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9

Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
2023-05-03 08:43:20 -04:00
Fabien "egg" O'Carroll
a22717a8e7 🔒 Fixed filtering on private Author fields in Content API
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9

Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
2023-05-03 08:25:27 -04:00
Simon Backx
514c8917c0 Readded matchMetadataSnapshot
refs bac2f4d4d4 (diff-473dc0c49e80df6c07569ed5730445ebdaaa8138fc819182548727db50eb55aa)
2023-05-03 14:14:10 +02:00
Simon Backx
fd69ab181d Removed duplicate matchHTMLSnapshot 2023-05-03 14:13:04 +02:00
Simon Backx
bac2f4d4d4 Fixed snapshot tests for MySQL only newsletter test
no issue

There was an error when generating the snapshot for this test. It never ran, so the snapshot was never committed. On top of that, the generated snapshot would change every time because the email verification token was not replaced with a static value.
2023-05-03 14:05:53 +02:00
Ronald Langeveld
6189040fc4
Added unpublished reason to post revisions (#16726)
closes https://github.com/TryGhost/Team/issues/3137

We have now included the ability to display an "Unpublished" tag for revisions that have been unpublished. The tag is only displayed when the revision's reason property is set to "unpublished". A new revision is triggered when a post is unpublished, regardless whether there's a change in the content.
2023-05-03 09:20:34 +02:00
Fabien "egg" O'Carroll
cef062452b Fixed typo when referring to revision author 2023-05-02 19:50:34 -04:00
Fabien 'egg' O'Carroll
d87da627d9
Added author image to revision history list (#16724)
refs https://github.com/TryGhost/Team/issues/3129

This has copied the same pattern from the gh-user-list-item component.

Co-authored-by: Sanne de Vries <sannedv@protonmail.com>
2023-05-02 19:38:31 -04:00
Ronald
ad3c5d1a0b Fixed linting
refs https://ghost.slack.com/archives/C02G9E68C/p1683036435533879

- Indentation errors was being ignored by eslint.
- Fixed it to bring it up to standard.
2023-05-02 19:55:51 +02:00
Sam Lord
f7188b4dcf Prevented an invalid order during deletion
no issue

Will allow the demo data script to run if offers exist and have been redeemed
2023-05-02 16:34:47 +01:00
Michael Barrett
b60761706b
Prevented post history from being viewed for emailed posts (#16704)
refs https://github.com/orgs/TryGhost/projects/88/views/2?pane=issue&itemId=26198422

Prevented post history from being viewed in the following scenarios:

- When a post is sent as and email only
- When a post is published and sent as an email
2023-05-02 15:58:56 +01:00
Simon Backx
6aa8fa2a8e Updated Portal back button translations
refs https://github.com/TryGhost/Ghost/issues/16628
2023-05-02 16:51:48 +02:00
Fabien "egg" O'Carroll
97584cf0c4 Added .vscode/launch.json to git
Rather than sending each other JSON snippets in slack, we can build shared
configurations for the vscode debugger.
2023-05-02 07:30:16 -04:00
Sanne de Vries
2342bfd06f Updated status badges in post revision list
Refs https://github.com/TryGhost/Team/issues/3123
2023-05-02 11:30:18 +02:00
Simon Backx
1b38361211 Updated @sentry/node to v7.50.0 and reenabled renovate again
fixes https://github.com/TryGhost/Team/issues/2385

The Sentry version has been locked to v7.11.1 for some time because Sentry still used a legacy Node feature, called domains. Due to a bug or change in in Noide 16+, those domains broke handling uncaught promise execptions. So Ghost crashed when a promise exception wasn't caught. But that shouldn't be the case because we have a global uncaught exception handler.

Luckily Sentry switched to AsyncLocalStorage in v7.48.0. This fixes the issue as demonstrated in c0cd62184c
2023-05-02 10:23:45 +02:00
Ronald
df1329f5e9 Added unpublished logic to revisionList.
refs https://github.com/TryGhost/Team/issues/3123

Refactor revisionList function to use a more concise logic for finding new published and unpublished revisions.
2023-05-02 09:11:56 +02:00
Peter Zimon
9dea2ef911 Contributor view post button color update
no refs.

- the hover color for the "View post" button was the same as the "Edit" which is a bit misleading
2023-05-02 06:46:24 +02:00
Peter Zimon
a55efec7be Contributor post list button fix
no refs.

- On the post list, an edit button was shown for contributors even if the post has been published. Clicking on this reloaded the post list
2023-05-02 06:40:51 +02:00
Fabien "egg" O'Carroll
be28283b36 Added support for --all and --offline to yarn dev
The --all flag will run all of our apps and services including Stripe
The --offline flag will disable any network services, e.g. Stripe
2023-05-01 13:00:37 -04:00
Fabien "egg" O'Carroll
a90cc2d7ab Fixed sodo-search build script 2023-05-01 13:00:37 -04:00
renovate[bot]
e7cef15bdf Update dependency jsdom to v21.1.2 2023-05-01 18:22:36 +02:00
Daniel Lockyer
83ee1f8860
🔥 Dropped support for Node 14
refs https://github.com/TryGhost/Toolbox/issues/570

- Node 14 is now EOL so we don't support it any further
2023-05-01 17:51:10 +02:00
Elena Baidakova
7ade895ce7
Hide preview select for design/announcement settings (#16721)
no issue
- Hide post preview select if there is no published posts yet.

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
copilot:summary
2023-05-01 18:50:13 +04:00
Uvindu Rajapakshe
dc1ff890a0
Updated Sinhalese translations (#16639) 2023-05-01 16:49:04 +02:00
renovate[bot]
67abd6555b Update CSS preprocessors 2023-05-01 16:43:16 +02:00
Zabriskije
f81c7568fe Fixes for it localization 2023-05-01 15:19:16 +02:00
Andre Rafael
90adb7562b Added Portuguese locale for Portal 2023-05-01 15:18:36 +02:00
Daniel Lockyer
ada28188a3
Dropped Node 14 from CI
refs https://github.com/TryGhost/Toolbox/issues/570

- Node 14 is now EOL so we don't need to support and run tests for it
2023-05-01 15:07:20 +02:00
Daniel Lockyer
9bb2bc82bd Fixed erroneous timing in reported Mailgun metrics
- we have calls to the metrics library so we can measure the time it
  takes the Mailgun API to return a response
- however, there's a bug in the code whereby if the `batchHandler`
  takes a long time and then throws an error, this time will be reported
  to metrics
- this is misleading because it looks like Mailgun is taking a long time
  if the databases are slow
- this pulls the specific SDK call out into a function so it's easier to
  wrap with timing code
2023-05-01 15:05:59 +02:00
renovate[bot]
eff4662af3 Update dependency @types/sinon to v10.0.14 2023-05-01 15:01:17 +02:00
renovate[bot]
8ca3f301ae Update dependency date-fns to v2.30.0 2023-05-01 15:00:19 +02:00
Ronald
904a03f81a Sort revision list by createdAt.
refs https://ghost.slack.com/archives/C02G9E68C/p1682941387256079?thread_ts=1682507718.761429&cid=C02G9E68C https://github.com/TryGhost/Team/issues/3123

This commit modifies the revisionList method to sort the revisions array by createdAt property in descending order, instead of reversing the order of the array. This makes the code more intuitive and easier to follow for future developers.

Additionally, the published_latest key-value pair is renamed to initial_publish to better reflect its meaning. This key-value pair is added to the revision object at the index where the post status changed from 'draft' to 'published', indicating the initial publication of the post.
2023-05-01 14:13:05 +02:00
Ronald
d6794e6c43 Added "published_latest" key to revisionList
refs https://github.com/TryGhost/Team/issues/3123

This commit modifies the revisionList method to add a new key-value pair published_latest: true to the object if the current index matches with the index of the latest published revision with the reason 'published'. The change only affects the latest published revision and doesn't modify any existing data. This update improves the display of post revisions by highlighting the latest published revision in the list.
2023-05-01 10:30:02 +02:00
renovate[bot]
60d26c62e8 Update dependency vite to v4.3.3 2023-05-01 08:57:56 +02:00
renovate[bot]
f4cc04d235 Update dependency @playwright/test to v1.33.0 2023-05-01 08:57:43 +02:00
Ghost CI
45e84a60fe v5.46.0 2023-04-28 16:00:41 +01:00
Elena Baidakova
ef25e8dda7
Fixed tests (#16718)
no issue
2023-04-27 21:05:01 +04:00
Elena Baidakova
f9f5f72752 Added announcement bar setting
no issue

Allows publishers to set a banner at the top of their site
2023-04-27 17:51:24 +04:00
Elena Baidakova
62adec50f0 Bumped lexical package
no issue
2023-04-27 17:38:16 +04:00
Elena Baidakova
257e17c1ba Released Announcement-Bar v1.1.4 2023-04-27 17:23:37 +04:00
Simon Backx
51473b3f7d Added tests for pages bulk API
fixes https://github.com/TryGhost/Team/issues/2925
2023-04-27 15:06:19 +02:00
Simon Backx
9fc98417b5 Added bulk post unpublishing test
refs https://github.com/TryGhost/Team/issues/2925
2023-04-27 14:58:27 +02:00
Simon Backx
1ff71dc36c Removed unused bulkRemoveTags
no issue

This bulk action is not used at the moment.
2023-04-27 14:56:54 +02:00
Elena Baidakova
f5446bea46 Released Announcement-Bar v1.1.3 2023-04-27 16:45:55 +04:00
Elena Baidakova
0e9b8cc4ce Moved koenig-lexical from unpkg to jsdelivr cdn
no issue
2023-04-27 16:43:54 +04:00