Ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-30 14:22:07 +03:00

History

Fabien O'Carroll 944c2cc9af 🔒 Fixed member email change vulnerability refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr This updates the signup/signin flow for members to no longer support the email address change flow - which had missing authentication. It has been replaced with a dedicated email change flow, and Portal has been updated to use it.		2021-09-23 10:49:30 +01:00
..
adapters	Swapped to American English spellings	2021-07-27 12:15:19 +04:00
api	Removed method complexity in webhooks API controller	2021-09-17 10:11:23 +03:00
data	fixup! Refactored migration to run faster	2021-09-17 16:33:14 +01:00
lib	Blocked 0.* IP addresses when making oembed requests	2021-09-14 11:35:14 +01:00
models	Added temporary database table for analytic events (#13312 )	2021-09-17 11:15:21 +02:00
public	Added `/email/` route to robots.txt	2021-08-10 13:45:53 +04:00
services	Fixed linting issue	2021-09-17 16:51:52 +01:00
views	Added new, simpler, linear boot process	2021-02-08 11:56:44 +00:00
web	🔒 Fixed member email change vulnerability	2021-09-23 10:49:30 +01:00
analytics-events.js	Added comments to all usages of lib/common/events	2021-07-07 16:02:44 +01:00
ghost-server.js	Switch to @tryghost/debug, remove ghost-ignition	2021-06-15 17:24:22 +01:00
notify.js	Change to use @tryghost/logging	2021-06-15 15:59:11 +01:00
overrides.js	Moved sqlite3 override rules to db connection lib	2021-02-05 11:51:56 +00:00
run-update-check.js	Added protective code to update-check job	2021-06-29 14:02:16 +04:00
update-check.js	Fixed critical alerts sending to admin users	2021-07-07 11:29:18 +04:00