- we keep ending up with multiple versions of the depedency in our tree,
and it's causing problems when comparing instances
- the workaround I'm implementing for now is to bump the package
everywhere and set a resolution so we only have 1 shared instance
- hopefully we can come up with a better method down the line
no issue
- Renovate merged in a breaking change to ember-cli-code-coverage which
broke our coverage reporting for the admin app
- This commit fixes the issue by pinning the version of
ember-cli-code-coverage to the last working version and telling renovate
to ignore it in the future
- It also adds html coverage reporting to make it easier to run locally
and see your coverage before pushing
fixes https://github.com/TryGhost/Toolbox/issues/532
- we should protect against failures entering `main` which could be
avoided by running a quick unit test beforehand
- this reintroduces Lerna as it supports parallelisation and `--since`,
to run linting and unit tests on packages that have changed since
upstream
fixes https://github.com/TryGhost/Toolbox/issues/493
- `nodemon` doesn't properly wait for graceful shutdown if there's a job
running in Ghost when it tries to reload, so it ends up producing
errors because two versions of Ghost are started
- Node 18 added a `--watch` flag, which reloads if any required file is
changed
- switching from nodemon to this native feature should keep the
core functionality the same but fix this edge case that disrupts the
development flow
refs https://github.com/TryGhost/Toolbox/issues/501
- this reverts commit 48dda23554
- also includes a resolution for `@elastic/elasticsearch` so we don't
run a version that is potentially problematic - see referenced issue
for context
refs https://github.com/TryGhost/Team/issues/2370
Due to a possible bug in either `@sentry/node` (mainly the Express
middlewares and the usage of deprectated Domain) and Node v16+,
unhandled promise rejections are transformed into uncaught exceptions
and cause Ghost to crash in unexpected situations.
Reverting to `v7.11.1` fixes this (but definitely not ideal at all)
because errors are caught in the Express middleware.
Reproduction repo:
https://github.com/SimonBackx/sentry-node-unhandled-rejection-crash
- up until this commit, git hooks were only used by a handful of people
because they were a pain:
- they'd only be set up when you did `yarn setup`
- the existing hooks ran `yarn lint` on all projects, which was
incredibly slow
- as a result, not many of us actually had them enabled, but this would
cause issues in CI because people were pushing un-linted commits
- other JS projects tend to use husky to automate the git hook setup and
lint-staged to speed up linting on changed files
- this commit switches to using them both
- `lint-staged` only runs `eslint` on staged JS files that are about to
be committed - if there's a linting error, it will stop the commit
- I've configured the pre-commit hook to successfully exit in CI because we
don't want to run pre-commit hooks right now
- this means we can remove Grunt - yay!
refs https://github.com/TryGhost/Toolbox/issues/426
- we're going to need to support more complex combinations of dev
commands soon, with other packages optionally running and env
variables being altered
- this command pulls out a lot of the dev env scripting into a single
scripts
- also cleans up the use of grunt-shell so we can remove the dependency
fixes https://github.com/TryGhost/Ghost/issues/15190
refs https://github.com/TryGhost/framework/pull/76
- log output always uses UTC timestamps, but it may be desirable to
configure logs to use the local machine timezone
- a new config option has been added to `@tryghost/logging` so you can
switch the logs to the local timezone
- this commit bumps the package and sets the default config option to
`false`, so it doesn't suddenly change the timezone of the logs
- docs will be updated soon but if you'd like to use the
timezone-altered timestamps, you can set `logging.useLocalTime` to
`true`
- credits to https://github.com/levee223 for the implementation and PR
- because we use `concurrently`, `debug` thinks it's not inside a TTY,
so it doesn't show colors
- we can force it to show colors using the DEBUG_COLORS env variable, as
done in this commit
- we need to initialize the submodules in case they weren't done when
cloning, otherwise Casper will be missing
- we can avoid doing an initial build because it'll get wiped when we do
`yarn dev` anyway
refs https://github.com/TryGhost/Team/issues/1723
- Added count.replies to comments
- Added replies endpoint
- Limited returned replies to 3.
- Replaced likes_count with count.likes in comments
- Instead of fetching all the likes of a comment to determine the total count, we'll now use count.likes
- Instead of fetching all the likes of a comment to determine whether a member liked a comment, we'll now use count.liked (which returns the amount of likes of the current member, being 0 or 1). This is mapped to `liked` to make it more natural to work with.
The `members.test.snap` file changed because we no longer include `liked: false` if we didn't fetch the liked relation. And in the comments events of the activity feed the liked property is therefore removed.
These changes requires an update to the `bookshelf-include-count` plugin:
- Updated to also work for nested relations
- This moves the count queries from the `bookshelf-include-count` plugin to the `countRelations` method of each model.
- Updated to keep the counts after saving a model (crud.edit didn't return the counts before)
- `eslint-plugin-ghost` v2.15.0 bumped `eslint-plugin-unicorn` to a
version that required Node 14.18.0
- we don't support that minimum right now so this commit bumps the Ghost
plugin which contains a revert to that plugin
refs https://github.com/TryGhost/Toolbox/issues/345
- this commit bumps `eslint-plugin-ghost`, which bumps compatiblity to
2022
- this also removes a lot of the manually-added
`parserOptions.ecmaVersion` that we had in imported packages, in favor
of the value set in `eslint-plugin-ghost`
- this Renovate config was pulled from Admin but it's inadvertantly
stopping `postcss` updates in core
- this commit restricts the dependency updates to the Admin package only
- most of these tasks were duplicates or had been extracted out into
npm/yarn scripts
- in order to get closer to removing Grunt, I've cleaned up the majority
of those script
- this also removes an intermediate command to building Admin, so it starts
ever so slightly quicker
- this commit switches our `yarn dev` workflow from heavily relying on
Grunt, to using `nodemon` and `concurrently`
- we're doing this to reduce reliance on Grunt, but also to fix several
nits with the way `yarn dev` works in the monorepo
- we now use `nodemon` to run the Ghost backend, and it should
auto-refresh whenever you change a file in any of the packages (except
`admin`)
- we use `concurrently` to simultaneously run `ghost` and `admin` at
the same time. it seems to handle process cleanup well and has nice
colored prefixes to help with differentiating between log output
- this commit ends up removing a handful of Grunt dependencies and
reduces the functionality stored in the Gruntfile
- on the whole, it should keep existing functionality but there may be
some small underlying changes to get used to
- we're doing this to reduce the repo PR noise when a separate monorepo
get published
- you can still update your dependency with yarn, and then this rollup
PR will be occasionally merged
refs https://github.com/TryGhost/Toolbox/issues/365
- these files are no longer needed now they're in the main Ghost repo
- re-adds the Renovate rules into the top-level Renovate config
- our internal tooling needs to know when to add LICENSE files
- unfortunately, setting a package to private gives it a LICENSE file of
a closed source app, which is not the case here
- my MVP solution is just to add a key here so I can detect it in Slimer
- now we've switched to a monorepo, commands like `knex-migrator health`
won't work from the top-level directory because they expect to be run
alongside the MigratorConfig.js file
- this commit adds a `knex-migrator` script in the top-level
package.json so you can run `yarn knex-migrator ...`
- whilst this is only a bandaid, it should give a route forwards for
running knex-migrator commands from your top-level directory
- since we've turned the repo into a monorepo, the `yarn main` scripts
have lived in their original place under `ghost/core` package.json and
Gruntfile.js
- for one, we want to remove grunt because it's terribly old and our use
is hacked together
- secondly, `yarn main` applies to the monorepo + submodules as a whole,
and not just the Ghost core folder
- this commit extracts the functionality into yarn scripts in the
top-level and removes the dependency that was required
- we had this working in the Ghost repo before switching to a monorepo
- this commit adds a `setup` script to the root package.json so we can
maintain the functionality
- these scripts are useful for just trying to fix your repo when
node_modules is playing up
- as we now have a monorepo, they should be lifted up to the root and
not hidden in the ghost package
refs https://github.com/TryGhost/Toolbox/issues/354
- this commit turns the Ghost repo into a monorepo so we can bring our
internal packages back in, which makes life easier when working on
Ghost
- up until now, we've been running `grunt release` before publishing to
NPM or pushing the canary zip
- this command runs the production asset build and generates a zip
- this zip isn't used by the NPM publishing task because that does an
`npm pack`
- we only use it for the canary build, but this should be brought more
inline with the NPM process to make the gaps smaller
- this commit refactors the `grunt release` task to become a lot smaller
by removing the generated zip steps
- the expected workflow is now to just to an `npm pack`, which will run
the `prepack` task to generate a `.tgz` archive
- this should still respect `.npmignore`, so it'll just include the
files we expect
- the test of the canary workflow is being updated to handle this
- also cleans up a dev dependency that is no longer used, along with 2
imports
refs https://github.com/TryGhost/Team/issues/1174
refs https://github.com/TryGhost/Members/pull/408
When logged out members navigate a site and want to interact with, for example
comments, they are redirected to the homepage after sign-in with the magic link,
this is disorientating, and means they then need to navigate back to the content
they were interacting with.
This change means that sign-in's will be redirected to the page from which they
were initiated, allowing a more streamlined flow for logged out members wanting
to add comments.
We've restricted the redirect to URI's which are on the same domain as the site,
and we also do a relative redirect, this is to ensure that a malicious actor does not
send magic links which redirect off-site and leak authentication details
closes https://github.com/TryGhost/Team/issues/1674
- The comped flag in Members API unintentionally stopped working when v3 API was dropped with the release of Ghost v5. The flag is deprecated but should be back-compatible for now - we don't want to break integratons like Zapier.
- To properly deprecate the flag we need to plan it's removal and start signalling about it through the version headers
Co-authored-by: Simon Backx <simon@ghost.org>
ref https://github.com/TryGhost/Team/issues/1667
Introducing 2 new helper handlebars tags, `{{total_members}}` and `{{total_paid_members}}` ideal for Member Sites who want to display these metrics to incentivise users to upgrade.
refs https://github.com/TryGhost/Team/issues/1673
When a user switches plan, the paid subscribers delta chart on the dashboard displays the change as a cancellation plus a new subscription. This display is misleading and confusing - instead, plan changes should be excluded from the paid subscribers delta chart.
To accomplish this, we added new properties to the API (signups and cancellations) that can be used to exclude plan changes in the statistics.
Changes in `@tryghost/stats-service`: d0dd218fc7
Related admin changes: https://github.com/TryGhost/Admin/pull/2425
refs https://github.com/TryGhost/Team/issues/1664
These changes are required for Portal to be able to edit the member notification preferences for comments, and to be able to know whether comments are enabled for the site.
refs https://github.com/TryGhost/Toolbox/issues/320
- Webhook tests are becoming a special type of tests and needed their own "home" to live in. Adding them to be a part of the e2e test command, so they are run the same way as the rest of e2e test suites
refs https://github.com/TryGhost/Toolbox/issues/320
- Following the rule of having minimum code changes in the Ghost core codebase. This module belongs to "framework" along with other testing tools anyway.
- The bump includes a noteworthy changes - the "snapshotManager" was extracted into a separate exposed property of express-test API (maybe should be even it's own separate concept eventually, for now exposing it was enough). "snapshotManager" had to be exposed to be able to pass it to the webhook mock receiver - to use same instance configured with mocha hooks. snapshotManager has to be a singleton in the system to configure snapshots correctly through mochaHooks.
refs https://github.com/TryGhost/Team/issues/1526
This adds a check for existing subscriptions for a member associated with the
email addressed used for Stripe Checkout, if any are found the Checkout Session
creation fails and responds with a 403.
We've also updated the error handling for the create-stripe-checkout-session
endpoint so that it follows the existing Ghost API patterns.
fixes https://github.com/TryGhost/Team/issues/1652
fixes https://github.com/TryGhost/Ghost/issues/13319
**Image formatting**
Added support for changing the format of images via the `handle-image-sizes` middleware (e.g. format SVG to png, jpeg, webp)
This change was required:
- Not all browsers support SVG favicons, so we need to convert them to PNGs
- We can't fit image resizing and formatting in the `serve-favicon` middleware: we need to store the resized image to avoid resizing on every request. This system was already present in the `handle-image-sizes` middleware.
To format an uploaded image:
- Original URL: https://localhost/blog/content/images/2022/05/giphy.gif
- To resize: https://localhost/blog/content/images/size/w256h256/2022/05/giphy.gif (already supported)
- To resize and format to webp: https://localhost/blog/content/images/size/w256h256/format/webp/2022/05/giphy.gif
- Animations are preserved when converting Gifs to Webp and in reverse, and also when only resizing (https://github.com/TryGhost/Ghost/issues/13319)
**Favicons**
- Custom favicons are no longer served via `/favicon.png` or `/favicon.ico` (only for default favicon), but use their full path
- Added support for uploading more image extensions in Ghost as a favicon: .jpg, .jpeg, .gif, .webp and .svg are now supported (already supported .png and .ico).
- File extensions other than jpg/jpeg, png, or ico will always get transformed to the image/png format to guarantee browser support (webp and svg images are not yet supported as favicons by all browsers).
For all image formats, other than .ico files:
- Allowed to upload images larger than 1000px in width and height, they will get cropped to 256x256px.
- Allowed uploading favicons that are not square. They will get cropped automatically.
- Allowed to upload larger files, up to 20MB (will get served at a lower file size after being resized)
For .svg files:
- The minimum size of 60x60px is no longer required.
For .ico files:
- The file size limit is increased to 200kb (coming from 100kb)
refs https://github.com/TryGhost/Team/issues/1640
- Some the clien libraries were not able to match the signin key to verify JWT when using `GET /members/.well-knonw/jwks.json` endpoint for member token verification. This issue was due to missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029
- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
refs https://github.com/TryGhost/Team/issues/1642
- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?) package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
- checkout session creation was failing when setup with `offerId` instead of `tierId` and `cadence`
- updates `members-api` to ignore cadence check to allow creation using `offerId` present in request
Added CLI commands for REPL and timetravel functionality
- Added TimeTravel command for updating test data with a date offset
- Added REPL command for access to models and knex in development
- Added pattern for creating new CLI commands, including
- User input
- Output
- Validation of `NODE_ENV`
- TimeTravel command is in the main Ghost repo because it requires the schema
closes: https://github.com/TryGhost/Toolbox/issues/299
- core/client doesn't really make sense any more now that we don't have just a client and server folder
- this folder contains ghost admin, so admin makes waaaay more sense
refs https://github.com/TryGhost/Team/issues/1575
- Updates the admin-api-schema to reflect new data structure
- Updates members-api to allow Portal to use new data structure
- Data is only mapped at the serialised level to avoid changing the underlying implementation
- Ensure only one version of domain-events present in yarn.lock
