0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Commit graph

1665 commits

Author SHA1 Message Date
Chris Raible
01d0b2b304
Added new member signup flow behind labs flag (#19986)
ref https://linear.app/tryghost/issue/KTLO-1/members-spam-signups

- Some customers are seeing many spammy signups ("hundreds a day") — our
hypothesis is that bots and/or email link checkers are able to signup by
simply following the link in the email without even loading the page in
a browser.
- Currently new members signup by clicking a magic link in an email,
which is a simple GET request. When the user (or a bot) clicks that link, Ghost
creates the member and signs them in for the first time.
- This change, behind an alpha flag, requires a new member to click the
link in the email, which takes them to a new frontend route `/confirm_signup/`, then submit a form on the page which sends a POST request to the
server. If JavaScript is enabled, the form will be submitted
automatically so the only change to the user is an extra flash/redirect
before being signed in and redirected to the homepage.
- This change is behind the alpha flag `membersSpamPrevention` so we can
test it out on a few customer's sites and see if it helps reduce the
spam signups. With the flag off, the signup flow remains the same as
before.
2024-04-04 15:25:41 -07:00
Fabien O'Carroll
a262a64eea Moved additional payment methods into beta
ref ENG-812
ref https://linear.app/tryghost/issue/ENG-812

We want to roll this out as a beta feature
2024-04-04 23:54:01 +07:00
Fabien O'Carroll
781599de62 Added a feature flag for additional payment methods
ref ENG-812
ref https://linear.app/tryghost/issue/ENG-812
2024-04-04 23:13:10 +07:00
Sag
267d677705
Removed leftover alpha lab (#19978)
refs https://ghost.slack.com/archives/C02G9E68C/p1712150935653429

- the 'newEmailAddresses' feature has been released to GA, end of
January
(7d0be3f1a9)
- but, the flag was still shown as alpha in Settings
2024-04-03 16:10:58 +00:00
Ronald Langeveld
a732164d54
🐛 Fixed jerky scrolling in Site Design for Safari (#19974)
no issue

- Keeping state of the scroll location to keep in sync with iframe
buffering caused performance issues in Safari.
- This adds a debounce to when the scroll location is updated which
fixes jerky scrolling in Safari.
2024-04-03 02:07:18 +00:00
renovate[bot]
541395434d Update sentry-javascript monorepo to v7.109.0 2024-04-01 14:10:07 +02:00
Sag
7e2d842db2
🐛 Fixed keeping existing attribution in recommendations (#19945)
ref https://linear.app/tryghost/issue/ENG-799

- recommendations were being stripped of query parameters and hash
fragments before save
- in particular, query parameters for attribution such as ?ref were not
being stored
2024-03-28 13:54:23 +01:00
renovate[bot]
bcf0fcb7d2 Update dependency tailwindcss to v3.4.2 2024-03-28 10:13:19 +01:00
Peter Zimon
7dcddb2e75
Improved staff empty display (#19810)
ref https://linear.app/tryghost/issue/DES-84

- changed display to not show tabs when there's no staff users (only owner)
- automatically switch to Invites tab in the Staff section after sending an invite
- updated toast messages on failure

---------

Co-authored-by: Steve Larson <9larsons@gmail.com>
2024-03-27 08:21:38 -05:00
Princi Vershwal
64122b1dc3
ENG-794 Fixed validation for offer percentage amount (#19927) 2024-03-26 15:23:08 +00:00
renovate[bot]
97c63e1735 chore(deps): update sentry-javascript monorepo to v7.108.0 2024-03-25 08:34:53 +00:00
Princi Vershwal
2798a8cd09
ENG-767 Offers cannot be created if there are no active paid tiers (#19900) 2024-03-21 15:07:32 +05:30
renovate[bot]
092f982fec Update dependency typescript to v5.4.3 2024-03-21 09:28:10 +01:00
Sag
fd777ccc54
Released Portal v2.37.6 (#19883)
Changes:
- Fixed button spacing in Portal unsubscribe popup footer
(ae5df293c3)
- Fix free tier benefit not showing up
(e4b908479e)
2024-03-19 09:40:27 +00:00
Peter Zimon
e4b908479e
Fix free tier benefit not showing up (#19879)
ref ENG-760

The benefits for Free tier was not showing up for some old & new logic.

---------

Co-authored-by: Sag <guptazy@gmail.com>
2024-03-19 09:51:59 +01:00
Djordje Vlaisavljevic
a67342b06a
Add WIP onboarding checklist behind the flag (#19801)
ref https://linear.app/tryghost/issue/IPC-66/onboarding-checklist-v1

- Adds a basic version of a new onboarding checklist behind the feature
flag, without incomplete/complete state logic
- Links to Design settings, Members screen and new post
- Opens amodal that we’ll use as Share modal

---------

Co-authored-by: Daniël van der Winden <danielvanderwinden@ghost.org>
2024-03-18 14:53:01 +00:00
Sodbileg Gansukh
04c9bf0197
Fixed empty state flashing issue on offers list (#19863)
ref DES-101, DES-105
2024-03-14 09:25:48 +00:00
Sodbileg Gansukh
2029a5846a
Fixed Portal preview flashing issue in Offers (#19862)
ref DES-101
2024-03-14 14:29:17 +08:00
Fabien "egg" O'Carroll
0fb0c6c2b5 Added NestJS Playground
no-issue

This adds the barebones of a NestJS application wired up to the Admin API
behind a feature flag, so that we can experiement with how to use Nest in the
context of Ghost
2024-03-13 19:44:06 +07:00
Peter Zimon
9d9707e6f4
Settings keyboard shortcuts (#19836)
ref DES-166

Accessing settings via a keyboard shortcut is a great productivity
booster for advanced users and it is missing from Ghost today.
2024-03-13 08:46:22 +01:00
Ronald Langeveld
19da5c6af4
Extracted Unsplash Selector from AdminX (#19849)
no issue

- Adds the unsplash selector as a standalone typescript package inside
the Koenig monorepo.
- Currently we have 3 versions of the Unsplash Selector. One in
Koenig-Lexical, one in AdminX and the original Ember version.
- We can now start phasing out the application coupled version of the
selector and replace it with the reusable version.
- We can now import it via npm to any React application.
- This commit removes the Unsplash components from AdminX and imports it
instead.

This is the second commit for this as the previous commit broke styles
due to normalise styles leaking into the Ember app. Disabling preflight
(https://github.com/TryGhost/Koenig/pull/1169) in Tailwind fixed it.
2024-03-12 22:40:33 +02:00
Kevin Ansfield
9203eea673
Released comments-ui 0.16.1 (#19847)
no issue

- includes fix for IFrame modal throwing errors and making comments block disappear when performing certain actions
2024-03-12 18:04:20 +00:00
Kevin Ansfield
dd3bc06761
🐛 Fixed comments block disappearing when performing certain actions (#19846)
closes https://linear.app/tryghost/issue/ENG-739

- `props.innerRef` in `<IFrame>` was inadvertently assumed to always exist, sometimes throwing an error on render when certain popups like the profile settings modal were opened resulting in the app crashing and the whole comments block disappearing
- added a guard to ensure the ref exists before trying to set it
- updated tests so the profile modal route is tested
2024-03-12 17:39:36 +00:00
Ronald Langeveld
36f11a65a0
Revert "Extracted Unsplash Selector from AdminX (#19838)" (#19844)
no issue

- caused a styling regression, making changes then will merge again.
2024-03-12 15:35:09 +00:00
Kevin Ansfield
ef143978e7
🎨 Reduced requests and 403 responses for comments auth check (#19840)
closes https://linear.app/tryghost/issue/ENG-721
ref https://linear.app/tryghost/issue/ENG-708

Comments-UI loads `/ghost/admin-frame/` in an iframe to check if a Staff User is authenticated in order to  show moderation options. That iframe request loads a HTML page which in turn contains a script that fires off an API request that attempts to fetch the logged-in user details, resulting in a 403 "error" showing up when not authenticated. In the vast majority of cases there will be no staff user authenticated so lots of extra requests and "errors" are seen unnecessarily.

- adjusted the `/ghost/auth-frame/` endpoint to check if the request contains an Admin session cookie
  - if it does, continue as before with rendering the HTML page so the script is loaded
  - if it doesn't, return an empty 204 response avoiding the script request and subsequent 403-generating API request
- eliminates the 403 error being generated for all typical visitor traffic, the error should only be seen when an Admin was previously logged in but their cookie is no longer valid (either from logging out, or going past the 6month validity period)
2024-03-12 12:27:18 +00:00
Ronald Langeveld
6719bcf46e
Extracted Unsplash Selector from AdminX (#19838)
no issue

- Adds the unsplash selector as a standalone typescript package inside
the Koenig monorepo.
- Currently we have 3 versions of the Unsplash Selector. One in
Koenig-Lexical, one in AdminX and the original Ember version.
- We can now start phasing out the application coupled version of the
selector and replace it with the reusable version.
- We can now import it via npm to any React application.
- This commit removes the Unsplash components from AdminX and imports it
instead.
2024-03-12 11:06:57 +00:00
renovate[bot]
0162fea441 Update dependency typescript to v5.4.2 2024-03-11 17:16:17 +01:00
renovate[bot]
439644e21c Update storybook monorepo to v7.6.17 2024-03-11 17:16:02 +01:00
Sodbileg Gansukh
be3a5664a2
Added escape key handler to select elements (#19689)
ref DES-58
2024-03-11 17:40:03 +08:00
Peter Zimon
ad491ea4f3
Fixed udpated banner z-index (#19822)
refs.
https://linear.app/tryghost/issue/DES-168/z-index-is-really-messed-up-in-settings

The update banner's z-index was conflicting with settings.
2024-03-07 14:46:48 +01:00
Ronald Langeveld
8a67901355
Updated test to check for Unsplash button in Admin (#19814)
ref DES-167

https://linear.app/tryghost/issue/DES-167/🐛-unsplash-in-admin-x-not-styled-correctly
2024-03-06 14:54:37 +00:00
Steve Larson
ae5df293c3
Fixed button spacing in Portal unsubscribe popup footer (#19815)
no ref
- The 'Get help' button was only adding margin on the left when accessed
through account management even though it is also shown on the
unsubscribe page accessed via link.
2024-03-06 14:53:02 +00:00
Steve Larson
7a36917c6a
Released Portal v2.37.5 (#19812)
ref ENG-677
- Improved unsubscribe from url workflow staying in sync with logged in
user.
- Added tests covering the unsubscribe from url workflow.
2024-03-06 14:37:04 +00:00
Sodbileg Gansukh
b90d66a846
Fixed various Unsplash design bugs (#19806)
ref DES-167

- fixed visibility of Unsplash button in publication cover setting
- fixed gallery image ratio
- fixed search input border style
- fixed icon fill color issue of the download button
- fixed insert image alignment
- fixed author thumbnail pixelation
2024-03-06 16:48:13 +08:00
Steve Larson
cbb27c2d53
Fixed TZ dependency in Portal helpers test (#19804)
no refs
- Tests run locally (US TZ) often always failed because the dates are
pushed to the en-GB locale. The test now forces the same TZ onto the
compared to date.
2024-03-05 15:44:07 -06:00
Steve Larson
2bb566f18f
Added Portal tests for newsletter subscriptions (#19802)
refs https://linear.app/tryghost/issue/ENG-677

- Portal was completely missing tests for `UnsubscribePage`
- `UnsubscribePage` is unique for Portal in that it needs to be able to
handle logged in and not-logged-in member state/interactions
- Various parts of Portal don't use a shared `GhostApi` instance, making
mocking all functionality impossible
- `UnsubscribePage` was updated to use `onAction` to bring it in line
with other Portal interactions while logged in
- Added checks for UI components for more precision in tests checking subscriptions within the UI

---------

Co-authored-by: Ronald Langeveld <hi@ronaldlangeveld.com>
2024-03-05 19:22:50 +00:00
Kevin Ansfield
857588ed60
Released comments-ui 0.16.0 (#19800)
no issue

- defers loading of `admin-auth` frame and it's API request until we are displaying some comments
  - defers the frame load and API request until the comments box is scrolled into view
  - eliminates the requests altogether for posts that have no comments
2024-03-05 16:20:19 +00:00
Kevin Ansfield
92a8a53a95
Added lazy-loading of admin auth in Comments UI (#19799)
closes ENG-711

When an Admin is authenticated in Comments-UI we only add moderation options to the displayed comments so we don't need to pre-emptively load the `admin-auth` iframe and make the `/ghost/api/admin/users/me/` request until some comments are actually visible.

- used `state.comments.length` property to defer rendering of the admin auth frame until comments have been fetched (after box is scrolled into view) and the count is > 0
2024-03-05 15:57:20 +00:00
Djordje Vlaisavljevic
50770d20b1
Reorganized and improved meta data settings so it's easier to parse DES-159
refs DES-159
2024-03-05 11:23:42 +00:00
Peter Zimon
6d6969f4b0
Portal signup page spacing fixes (#19791)
refs.
https://linear.app/tryghost/issue/DES-161/portal-signup-window-spacing-problem

The products section is returned even if there's only a free product in
the publication. This results in an extra, unnecessary space between the
signup form inputs and the signup button.
2024-03-04 16:27:30 +01:00
Ronald Langeveld
8582462619
🐛 Fixed emojis not updating in Announcement Bar (#19792)
refs
https://linear.app/tryghost/issue/ENG-358/🐛-emojis-created-with-lexicals-emoji-picker-are-not-displayed

- Changed the update method from onBlur to a 500ms denounce instead
since the onBlur would update before the emoji plugin for the koenig
editor input field manages to create the emoji.
- Switching to denouncing would ensure the preview only updates once the
input field stopped being modified.
2024-03-04 13:17:42 +00:00
Ronald Langeveld
2816c2c128
Added try/catch to iFrame buffering in Settings (#19790)
refs https://ghost.slack.com/archives/CTH5NDJMS/p1709230854358779

- Customer reported that some code they injected via the Code Injection
crashed the Preview in Ghost Settings.
- This wraps the function where the crash took place (according to
Sentry) in a try/catch to attempt to handle it gracefully.
- Added an additional Sentry log to better understand the situation
should it happen again.
2024-03-04 11:11:03 +02:00
Sanne de Vries
c7e475feb0
Remove comment icon at the top of email template (#19771)
Refs
https://linear.app/tryghost/issue/DES-80/newsletter-view-in-browser-breaking-to-next-line-with-incorrect
2024-02-29 14:45:38 +01:00
Steve Larson
c2f3ffaca7
🐛 Prevented newsletter subscriptions from getting out of sync in Portal (#19768)
refs https://linear.app/tryghost/issue/ENG-677
- UnsubscribePage is intended to be able to be used without logging in
to Portal. The app context (member state) was not synchronized when
logged in, causing conflicts in the client data vs. database.
- Now when a logged in member is found, the member object is manually
updated to reflect the API response(s).
2024-02-28 13:57:19 -06:00
Kevin Ansfield
c365972aa8
Released Comments-UI 0.15.0 (#19775)
no issue

- switches post browse requests to`/members/api/comments/post/:post_id/` to enable better cache bucketing
and invalidation
- removes `order` param from browse and replies requests
2024-02-28 18:59:01 +00:00
Kevin Ansfield
44e602b447
Switched to default ordering for comments API requests (#19774)
closes ENG-681

There's no need to provide an `order` param with every request in Comments-UI if the API has default ordering that matches our requirements. The order param makes logs more noisy/harder to read than they need to be so we want to get rid of it.

- modified comments API input serializer to add a default order param to the browse and replies endpoints when none is provided
- removed order param from the requests that Comments-UI makes
2024-02-28 18:42:02 +00:00
Fabien O'Carroll
a291914fc4 Updated Comments UI to use new endpoint
refs https://linear.app/tryghost/issue/ENG-676/

Now we have the case that there is no filter param, the simple string
approach fails. Instead we build up a URLSearchParams object which
makes it easier to handle conditional params & stringify it at the end.
2024-02-28 22:40:56 +07:00
Kevin Ansfield
b91bf74236
Released comments-ui 0.14.1 (#19770)
part of ENG-678

- comments are now lazy-loaded when the comments block is scrolled into view
2024-02-28 13:12:55 +00:00
Kevin Ansfield
5b6d8fb7a8
Added lazy-loading to comments (#19769)
closes ENG-678

The comments block is typically shown at the bottom of a post so it doesn't make sense to eagerly fetch comments from the API when we don't know if the comments block will even be viewed. By lazy-loading the data only when the comments block comes into view we can reduce both data usage for visitors and load on the site.

- uses IntersectionObserver API to delay comments app initialisation until the comments block has scrolled into view
- updated all iframe-related components to forward a `ref` so we can use the `<iframe>` element reference inside the `App` component
2024-02-28 12:52:24 +00:00
Fabien O'Carroll
6a4d36878e Removed timestamp from initial load of comments
refs https://linear.app/tryghost/issue/ENG-673

This means that the initial load of comments can be cached for everyone.

We also improve the timestamp which is used when fetching future comments,
instead of using a locally generated timestamp, we use the created_at of
the first comment loaded, this drastically improved the likelyhood that the
timestamp will be the same, meaning that it will hit the cache.
2024-02-28 07:38:22 +07:00