- password changes should only be possible from the password change endpoint
Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
issue #5841
- fix relative link checks in navlink url input component
- fix navlink url input component sending absolute URLs instead of relative URLs to action handler
- remove URL manipulation in navigation settings controller (url input handles URL manipulation, validator flags anything that's still incorrect)
- capture cmd-s in url input to ensure changes are actioned before save
- automatically add mailto: to e-mail addresses
- add gh-validation-state-container component so .error/.success validation classes can be applied to any container element
- add validation-state mixin that can be mixed in to any other component to give it access to validation status (used in gh-navitem component to keep alignment when inline error message elements are added)
- validate and display inline errors on save
- improve ember test coverage for navigation settings related controller and components
- currently, the plural helper doesn't replace % with the number when the number is zero, which is inconsistent
- this change ensures that theme developers can choose to show the number or a plain string
no issue
- upgrades ember-cli, ember-cli-mocha, ember-mocha dependencies
- switches Brocfile.js to ember-cli-build.js
- fixes controller tests with missing needs
Pulled into a separate PR as it doesn't affect running code but does provide access to the very useful component integration tests.
closes#5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
closes#5813
- when transitioning away from a shortcuts route, always specify the scope when unbinding in keymaster to avoid issues when we are temporarily be in a different scope at time of transition
refs #5652
- reverts previous fix (#5698) to return translate3d smoothness
- add separate open-autonav toggle element and style it to always stick to the viewport edge to avoid wandering hover hit areas
refs #5727, #5602
- Add new 'order' column to posts_tags table
- Migrate all existing posts_tags to have a correct value for 'order'
- Rewrite updateTags to not remove all tags, and to correctly maintain order
- Add transaction support for tag operations
- Many tests
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
closes#5692, refs felixrieseberg/Ghost-Azure#1
- fix broken promise code
- fix incorrect handling of hash in user.add which causes 'Error: Invalid salt version 2' if owner user fixture is not present
refs #5685, #5709
- cycle through all tags, removing leading commas and trim spaces
- if the string is empty, change to 'tag' - the slug base for this model
- if there is a change, save it
