fixes#4555
- There's no easy way to declare an XSL with the node xml module, so I
needed to move the declarations to both be strings
- Ideally the code to serve the XSL would also be inside the sitemap
module, but I think we need to refactor a bit to get there easily
- Added the XSL from #4559, with minor amends to make the tables and urls
display correctly
Closes#623
- Add basic init and eventing scaffold
- Add sitemap-index.xml generation
- Broke out generators to individual files, added request handler
- Add page, author and tag xml files; add index mapping
- Add SiteMapManager unit tests
- Add Generators tests
- Cache invalidation headers for sitemap-*.xml
- Redirect sitemap.xml to index and rename to sitemap-index
- Handle page convert and publish/draft changes
- Add very basic functional test for route existence
- Add cache headers to sitemap routes
No Issue
- Use Ghost version value that is already loaded instead of
reading package.json from the filesystem and parsing it on
every call into the configuration API.
closes#4157
- adds cache-control header back to api routes
- moves cache rules object into testUtils
- adds cache-control header test to every existing API test
ref #3795
- express updated to 4.9.2
- express 4.9.0 introduced res.sendStatus() to replace res.status().end()
- we no longer need express-session, connect or cookie-parser
- body-parser, busboy, compression, express-hbs, morgan, all bumped to
latest versions as well - there doesn't seem to be any breaking changes
addresses #2852
- Moves storage modules to use prototypes and to create prototypes
that inherit from the base storage ctor.
- Makes storage/base conform to an all Promise interface.
resolves#1789
- removes config/theme.js
- moves caching of theme variables to api/settings.js which is where the
rest of the settings cache occurs. this removes the requirement of having
to push changes to cache, now it simply occurs alongside when settings
are changed.
- updates relevant tests.
refs #827
- Moves ./index to use Ghost in a similar manner to how someone uses
Ghost as an npm module.
- Allows Ghost to be cleanly mounted on another express application
on any arbitrary endpoint, all you need to customize is the mount path.
fixes#3857
- adds uncapitalise middleware which detects uppercase in req.path and
redirects to the lowercase equivalent
- change the ghost route to a regex, just so it's consistent with other
routes in the file
closes#3544
- limit forgotten password requests to five requests per IP per hour
for different email addresses
- limit forgotten password requests to five requests per email address
- limit signin requests to ten failed requests per IP per hour
- removed special treatment for tests
closes#3468
- added rate limit to deny more than 5 attempt every hour
- updated spam prevention to be configurable
- added config values spamTimeout, ratePeriod, rateAttempts
- added ratePeriod:1 to config.example.js to prevent functional tests
from hitting the rate limit
- commented spam test, I’ll fix it tomorrow
no issue
- acquiring a new access token using a refresh token sets the
expiration time of the refresh token to now + 24 hrs.
- moved all occurrences of ONE_HOUR, ONE_DAY and ONE_YEAR to
`core/server/utils`
migration from usage of config() to just an object of config.
no relevant issue
- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing. Its sole purpose is to make sure a `config.js`
file exists, and as such the name now reflects that purpose.
- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules
- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.
- Fixes to tests to support new config access method
- Allow each test to still work when invoked invidually
closes#3128 (now really)
- added express variable disableLoginLimiter
- added disableLoginLimiter to all tests that use Ghost as module and
do authentication
- fixed isSetup not working for status other than active
- removed ‚Ensure a User is Registered‘ test as this is covered by the
new setup test
closes#3136
- moved setup to authentication API
- added `POST /ghost/api/v0.1/authentication/setup` to execute the
setup process
- added `GET /ghost/api/v0.1/authentication/setup` to check if blog is
already set up (needed for #3145)
- removed unused methods from api/users.js
closes#3080
- added users.invite() to add user from email with random password
- added `GET /ghost/api/v0.1/users/` to invite users and resend
invitations
- removed one user limit
- added global utils for uid generation
- changed some „“ to ‚‘
closes#3056
- Remove clientold
- Remove clientold tests
- Cleanup old admin helpers
- Remove old routes from admin and controllers from admin controller
- Comment out / remove old and broken tests
- Cleanup Gruntfile.js, bower.js, package.json etc
Still TODO:
- cleanup / add removed tests
- do we still need countable?
