refs https://github.com/TryGhost/Team/issues/1640
- Some the clien libraries were not able to match the signin key to verify JWT when using `GET /members/.well-knonw/jwks.json` endpoint for member token verification. This issue was due to missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029
- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
refs https://github.com/TryGhost/Team/issues/1642
- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?) package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
- checkout session creation was failing when setup with `offerId` instead of `tierId` and `cadence`
- updates `members-api` to ignore cadence check to allow creation using `offerId` present in request
Added CLI commands for REPL and timetravel functionality
- Added TimeTravel command for updating test data with a date offset
- Added REPL command for access to models and knex in development
- Added pattern for creating new CLI commands, including
- User input
- Output
- Validation of `NODE_ENV`
- TimeTravel command is in the main Ghost repo because it requires the schema
closes: https://github.com/TryGhost/Toolbox/issues/299
- core/client doesn't really make sense any more now that we don't have just a client and server folder
- this folder contains ghost admin, so admin makes waaaay more sense
refs https://github.com/TryGhost/Team/issues/1575
- Updates the admin-api-schema to reflect new data structure
- Updates members-api to allow Portal to use new data structure
- Data is only mapped at the serialised level to avoid changing the underlying implementation
- Ensure only one version of domain-events present in yarn.lock
refs https://github.com/TryGhost/Toolbox/issues/314
- Writing schema definitions will become more concise without a need to specify all valid resource properties that could be accepted by the Admin API - no need to define "strip" attribute on every known
refs https://github.com/TryGhost/Toolbox/issues/329
- Adds and improves gscan checks for use of following helpers:
- @labs.members
- @member.products
- @price
@labs.members going in favour @site.members_enabled
@member.products gone in favour of @member.subscriptions
@price and it's variations gone in favour of {{price}} + {{@member.subscriptions}}
refs https://github.com/TryGhost/Team/issues/1583
- Check limits when unarchiving newsletters
- Added tests for more scenarios
- When editing/adding newsletters, the limit check happens in the same transaction.
- `limit-service` was bumped to add transactions support
- Added transaction support for edit in newsletter service
refs https://github.com/TryGhost/Toolbox/issues/314
- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
