ghost 4.18.0 → 4.20.1

package/core/{frontend → server}/services/url/UrlService.js

@@ -9,7 +9,7 @@ const Resources = require('./Resources');
 const urlUtils = require('../../../shared/url-utils');
 
 // This listens to services.themes.api.changed, routing events, and it's own queue events
-const events = require('../../../server/lib/common/events');
+const events = require('../../lib/common/events');
 
 /**
  * The url service class holds all instances in a centralized place.
@@ -35,9 +35,6 @@ class UrlService {
      * @private
      */
     _listeners() {
-        this._onRouterAddedListener = this._onRouterAddedType.bind(this);
-        events.on('router.created', this._onRouterAddedListener);
-
         this._onThemeChangedListener = this._onThemeChangedListener.bind(this);
         events.on('services.themes.api.changed', this._onThemeChangedListener);
 
@@ -77,22 +74,23 @@ class UrlService {
     /**
      * @description Router was created, connect it with a url generator.
      * @param {ExpressRouter} router
-     * @private
      */
-    _onRouterAddedType(router) {
-        // CASE: there are router types which do not generate resource urls
-        //       e.g. static route router
-        //       we are listening on the general `router.created` event - every router throws this event
-        if (!router || !router.getPermalinks()) {
-            return;
-        }
-
-        debug('router.created');
+    onRouterAddedType(router) {
+        debug('Registering route: ', router.name);
 
         let urlGenerator = new UrlGenerator(router, this.queue, this.resources, this.urls, this.urlGenerators.length);
         this.urlGenerators.push(urlGenerator);
     }
 
+    /**
+     * @description Router update handler - regenerates it's resources
+     * @param {ExpressRouter} router
+     */
+    onRouterUpdated(router) {
+        const generator = this.urlGenerators.find(g => g.router.id === router.id);
+        generator.regenerateResources();
+    }
+
     /**
      * @description If the API version in the theme config changes, we have to reset urls and resources.
      * @private
@@ -307,7 +305,6 @@ class UrlService {
         if (!options.keepListeners) {
             this._onQueueStartedListener && this.queue.removeListener('started', this._onQueueStartedListener);
             this._onQueueEndedListener && this.queue.removeListener('ended', this._onQueueEndedListener);
-            this._onRouterAddedListener && events.removeListener('router.created', this._onRouterAddedListener);
             this._onThemeChangedListener && events.removeListener('services.themes.api.changed', this._onThemeChangedListener);
         }
     }

package/core/{frontend → server}/services/url/Urls.js

@@ -5,7 +5,7 @@ const logging = require('@tryghost/logging');
 const errors = require('@tryghost/errors');
 
 // This emits its own url added/removed events
-const events = require('../../../server/lib/common/events');
+const events = require('../../lib/common/events');
 
 /**
  * This class keeps track of all urls in the system.

package/core/server/services/xmlrpc.js

@@ -1,7 +1,7 @@
 const _ = require('lodash');
 const xml = require('xml');
 const config = require('../../shared/config');
-const urlService = require('../../frontend/services/url');
+const urlService = require('./url');
 const errors = require('@tryghost/errors');
 const tpl = require('@tryghost/tpl');
 const logging = require('@tryghost/logging');

package/core/server/update-check.js

@@ -1,7 +1,6 @@
 const _ = require('lodash');
 
 const api = require('./api');
-const GhostMailer = require('./services/mail').GhostMailer;
 const config = require('../shared/config');
 const urlUtils = require('./../shared/url-utils');
 const jobsService = require('./services/jobs');
@@ -10,8 +9,6 @@ const request = require('@tryghost/request');
 const ghostVersion = require('@tryghost/version');
 const UpdateCheckService = require('@tryghost/update-check-service');
 
-const ghostMailer = new GhostMailer();
-
 /**
  * Initializes and triggers update check
  *
@@ -25,6 +22,9 @@ module.exports = async () => {
         return;
     }
 
+    const {GhostMailer} = require('./services/mail');
+    const ghostMailer = new GhostMailer();
+
     const updateChecker = new UpdateCheckService({
         api: {
             settings: {

package/core/server/web/admin/controller.js

@@ -1,5 +1,7 @@
 const debug = require('@tryghost/debug')('web:admin:controller');
 const path = require('path');
+const fs = require('fs');
+const crypto = require('crypto');
 const config = require('../../../shared/config');
 const updateCheck = require('../../update-check');
 
@@ -21,6 +23,15 @@ module.exports = function adminController(req, res) {
     const templatePath = path.resolve(config.get('paths').adminViews, defaultTemplate);
     const headers = {};
 
+    // Generate our own ETag header
+    //   `sendFile` by default uses filesize+lastmod date to generate an etag.
+    //   That doesn't work for admin templates because the filesize doesn't change between versions
+    //   and `npm pack` sets a fixed lastmod date for every file meaning the default etag never changes
+    const fileBuffer = fs.readFileSync(templatePath);
+    const hashSum = crypto.createHash('md5');
+    hashSum.update(fileBuffer);
+    headers.ETag = hashSum.digest('hex');
+
     if (config.get('adminFrameProtection')) {
         headers['X-Frame-Options'] = 'sameorigin';
     }

package/core/server/web/admin/views/default-prod.html

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
 
     
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.18%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.20%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
 
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -41,7 +41,7 @@
 
     
                 <link rel="stylesheet" href="assets/vendor.min-987af30228885bce50f05c4723fe6f53.css">
-                <link rel="stylesheet" href="assets/ghost.min-d9cbfb4eb2db8915fcd2bf2416218616.css" title="light">
+                <link rel="stylesheet" href="assets/ghost.min-57e46fd3b1145ecf2cbd185a13611f3b.css" title="light">
             
 
     
@@ -59,8 +59,8 @@
 <div id="ember-basic-dropdown-wormhole"></div>
 
 
-                <script src="assets/vendor.min-7dc7cf9c92175ebfb9cea95c120ee8a7.js"></script>
-                <script src="assets/ghost.min-88d647a008a5b1dd678a89ae1e55c038.js"></script>
+                <script src="assets/vendor.min-af502ac4142871500fc424f6a5a254ec.js"></script>
+                <script src="assets/ghost.min-26e427944e719b616b8dc7fbb3bbd2f9.js"></script>
             
 </body>
 </html>

package/core/server/web/admin/views/default.html

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
 
     
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.18%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.20%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
 
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -41,7 +41,7 @@
 
     
                 <link rel="stylesheet" href="assets/vendor.min-987af30228885bce50f05c4723fe6f53.css">
-                <link rel="stylesheet" href="assets/ghost.min-d9cbfb4eb2db8915fcd2bf2416218616.css" title="light">
+                <link rel="stylesheet" href="assets/ghost.min-57e46fd3b1145ecf2cbd185a13611f3b.css" title="light">
             
 
     
@@ -59,8 +59,8 @@
 <div id="ember-basic-dropdown-wormhole"></div>
 
 
-                <script src="assets/vendor.min-7dc7cf9c92175ebfb9cea95c120ee8a7.js"></script>
-                <script src="assets/ghost.min-88d647a008a5b1dd678a89ae1e55c038.js"></script>
+                <script src="assets/vendor.min-af502ac4142871500fc424f6a5a254ec.js"></script>
+                <script src="assets/ghost.min-26e427944e719b616b8dc7fbb3bbd2f9.js"></script>
             
 </body>
 </html>

package/core/server/web/api/app.js

@@ -12,18 +12,17 @@ module.exports = function setupApiApp() {
         apiApp.use(require('./testmode')());
     }
 
-    // Mount different API versions
-    apiApp.use(urlUtils.getVersionPath({version: 'v2', type: 'content'}), require('./v2/content/app')());
-    apiApp.use(urlUtils.getVersionPath({version: 'v2', type: 'admin'}), require('./v2/admin/app')());
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'v2', type: 'content'}), require('./v2/content/app'));
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'v2', type: 'admin'}), require('./v2/admin/app'));
 
-    apiApp.use(urlUtils.getVersionPath({version: 'v3', type: 'content'}), require('./v3/content/app')());
-    apiApp.use(urlUtils.getVersionPath({version: 'v3', type: 'admin'}), require('./v3/admin/app')());
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'v3', type: 'content'}), require('./v3/content/app'));
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'v3', type: 'admin'}), require('./v3/admin/app'));
 
-    apiApp.use(urlUtils.getVersionPath({version: 'v4', type: 'content'}), require('./canary/content/app')());
-    apiApp.use(urlUtils.getVersionPath({version: 'v4', type: 'admin'}), require('./canary/admin/app')());
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'v4', type: 'content'}), require('./canary/content/app'));
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'v4', type: 'admin'}), require('./canary/admin/app'));
 
-    apiApp.use(urlUtils.getVersionPath({version: 'canary', type: 'content'}), require('./canary/content/app')());
-    apiApp.use(urlUtils.getVersionPath({version: 'canary', type: 'admin'}), require('./canary/admin/app')());
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'canary', type: 'content'}), require('./canary/content/app'));
+    apiApp.lazyUse(urlUtils.getVersionPath({version: 'canary', type: 'admin'}), require('./canary/admin/app'));
 
     // Error handling for requests to non-existent API versions
     apiApp.use(errorHandler.resourceNotFound);

package/core/server/web/members/app.js

@@ -37,6 +37,7 @@ module.exports = function setupMembersApp() {
     membersApp.put('/api/member', bodyParser.json({limit: '1mb'}), middleware.updateMemberData);
     membersApp.post('/api/member/email', bodyParser.json({limit: '1mb'}), (req, res) => membersService.api.middleware.updateEmailAddress(req, res));
     membersApp.get('/api/session', middleware.getIdentityToken);
+    membersApp.get('/api/offers/:id', labs.enabledMiddleware('offers'), middleware.getOfferData);
     membersApp.delete('/api/session', middleware.deleteSession);
     membersApp.get('/api/site', middleware.getMemberSiteData);
 

package/core/server/web/oauth/app.js

@@ -1,7 +1,5 @@
 const debug = require('@tryghost/debug')('web:oauth:app');
 const {URL} = require('url');
-const passport = require('passport');
-const GoogleStrategy = require('passport-google-oauth20').Strategy;
 const express = require('../../../shared/express');
 const urlUtils = require('../../../shared/url-utils');
 const shared = require('../shared');
@@ -36,6 +34,10 @@ module.exports = function setupOAuthApp() {
      */
     function googleOAuthMiddleware(clientId, secret) {
         return (req, res, next) => {
+            // Lazy-required to save boot time
+            const passport = require('passport');
+            const GoogleStrategy = require('passport-google-oauth20').Strategy;
+
             const adminURL = urlUtils.urlFor('admin', true);
 
             //Create the callback url to be sent to Google

package/core/server/web/parent/backend.js

@@ -10,9 +10,9 @@ module.exports = () => {
     // BACKEND
     // Wrap the admin and API apps into a single express app for use with vhost
     const backendApp = express('backend');
-    backendApp.use('/ghost/api', require('../api')());
-    backendApp.use('/ghost/oauth', require('../oauth')());
-    backendApp.use('/ghost/.well-known', require('../well-known')());
+    backendApp.lazyUse('/ghost/api', require('../api'));
+    backendApp.lazyUse('/ghost/oauth', require('../oauth'));
+    backendApp.lazyUse('/ghost/.well-known', require('../well-known'));
     backendApp.use('/ghost', require('../../services/auth/session').createSessionFromToken, require('../admin')());
 
     return backendApp;

package/core/server/web/parent/frontend.js

@@ -18,8 +18,8 @@ module.exports = (options) => {
     // otherwise we serve assets/pages with http. This can cause mixed content warnings in the admin client.
     frontendApp.use(shared.middlewares.urlRedirects.frontendSSLRedirect);
 
-    frontendApp.use('/members', require('../members')());
-    frontendApp.use('/', require('../site')(options));
+    frontendApp.lazyUse('/members', require('../members'));
+    frontendApp.use('/', require('../../../frontend/web')(options));
 
     return frontendApp;
 };

package/core/server/web/shared/middlewares/api/spam-prevention.js

@@ -107,7 +107,6 @@ const globalReset = () => {
         extend({
             attachResetToRequest: false,
             failCallback(req, res, next, nextValidRequestDate) {
-                // TODO use i18n again
                 return next(new errors.TooManyRequestsError({
                     message: `Too many attempts try again in ${moment(nextValidRequestDate).fromNow(true)}`,
                     context: tpl(messages.forgottenPasswordIp.error,
@@ -143,7 +142,6 @@ const userLogin = () => {
             failCallback(req, res, next, nextValidRequestDate) {
                 return next(new errors.TooManyRequestsError({
                     message: `Too many sign-in attempts try again in ${moment(nextValidRequestDate).fromNow(true)}`,
-                    // TODO add more options to i18n
                     context: tpl(messages.tooManySigninAttempts.context),
                     help: tpl(messages.tooManySigninAttempts.context)
                 }));

package/core/server/web/shared/middlewares/custom-redirects.js

@@ -7,7 +7,6 @@ const urlUtils = require('../../../../shared/url-utils');
 const errors = require('@tryghost/errors');
 const logging = require('@tryghost/logging');
 const redirectsService = require('../../../services/redirects');
-const labsService = require('../../../../shared/labs');
 
 const messages = {
     customRedirectsRegistrationFailure: 'Could not register custom redirects.'
@@ -27,13 +26,6 @@ let customRedirectsRouter;
 _private.registerRoutes = (router, redirects) => {
     debug('redirects loading');
 
-    if (labsService.isSet('offers')) {
-        redirects.unshift({
-            from: '/zimo50',
-            to: '/#/portal/offers/abcdefuckoff'
-        });
-    }
-
     redirects.forEach((redirect) => {
         /**
          * Detect case insensitive modifier when regex is enclosed by

package/core/server/web/shared/middlewares/maintenance.js

@@ -1,7 +1,7 @@
 const errors = require('@tryghost/errors');
 const config = require('../../../../shared/config');
 const tpl = require('@tryghost/tpl');
-const urlService = require('../../../../frontend/services/url');
+const urlService = require('../../../services/url');
 
 const messages = {
     maintenance: 'Site is currently undergoing maintenance, please wait a moment then retry.',

package/core/server/web/well-known.js

@@ -1,19 +1,19 @@
 const express = require('../../shared/express');
 const settings = require('../../shared/settings-cache');
-const jose = require('node-jose');
-
-const dangerousPrivateKey = settings.get('ghost_private_key');
-const keyStore = jose.JWK.createKeyStore();
-const keyStoreReady = keyStore.add(dangerousPrivateKey, 'pem');
-
-const getSafePublicJWKS = async () => {
-    await keyStoreReady;
-    return keyStore.toJSON();
-};
 
 module.exports = function setupWellKnownApp() {
     const wellKnownApp = express('well-known');
 
+    const jose = require('node-jose');
+    const dangerousPrivateKey = settings.get('ghost_private_key');
+    const keyStore = jose.JWK.createKeyStore();
+    const keyStoreReady = keyStore.add(dangerousPrivateKey, 'pem');
+
+    const getSafePublicJWKS = async () => {
+        await keyStoreReady;
+        return keyStore.toJSON();
+    };
+
     wellKnownApp.get('/jwks.json', async (req, res) => {
         const jwks = await getSafePublicJWKS();
         res.json(jwks);

package/core/shared/config/defaults.json

@@ -121,7 +121,7 @@
         "emailAnalytics": true
     },
     "portal": {
-        "url": "https://unpkg.com/@tryghost/portal@~1.11.0/umd/portal.min.js",
-        "version": "1.11"
+        "url": "https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js",
+        "version": "1.12"
     }
 }

package/core/shared/config/overrides.json

@@ -10,7 +10,7 @@
         "internalAppPath": "core/frontend/apps/",
         "internalAdaptersPath": "core/server/adapters/",
         "migrationPath": "core/server/data/migrations",
-        "publicFilePath": "core/server/public"
+        "publicFilePath": "core/frontend/public"
     },
     "apps": {
         "internal": [

package/core/shared/express.js

@@ -1,7 +1,10 @@
 const debug = require('@tryghost/debug')('shared:express');
 const express = require('express');
+const {createLazyRouter} = require('express-lazy-router');
 const sentry = require('./sentry');
 
+const lazyLoad = createLazyRouter();
+
 module.exports = (name) => {
     debug('new app start', name);
     const app = express();
@@ -14,6 +17,13 @@ module.exports = (name) => {
     // Sentry must be our first error handler. Mounting it here means all custom error handlers will come after
     app.use(sentry.errorHandler);
 
+    app.lazyUse = function lazyUse(mountPath, requireFn) {
+        app.use(mountPath, lazyLoad(() => {
+            debug(`lazy-loading on ${mountPath}`);
+            return Promise.resolve(requireFn());
+        }));
+    };
+
     debug('new app end', name);
     return app;
 };

package/core/shared/html-to-plaintext.js

@@ -1,6 +1,6 @@
-const htmlToText = require('html-to-text');
-
 module.exports = function htmlToPlaintext(html) {
+    const htmlToText = require('html-to-text');
+
     return htmlToText.fromString(html, {
         wordwrap: 80,
         ignoreImage: true,

package/core/shared/labs.js

@@ -1,6 +1,5 @@
 const _ = require('lodash');
 const Promise = require('bluebird');
-const SafeString = require('express-hbs').SafeString;
 const errors = require('@tryghost/errors');
 const logging = require('@tryghost/logging');
 const tpl = require('@tryghost/tpl');
@@ -14,21 +13,25 @@ const messages = {
     errorHelp: 'See {url}'
 };
 
+// flags in this list always return `true`, allows quick global enable prior to full flag removal
+const GA_FEATURES = [
+    'customThemeSettings',
+    'offers'
+];
+
 // NOTE: this allowlist is meant to be used to filter out any unexpected
 //       input for the "labs" setting value
 const BETA_FEATURES = [
     'activitypub',
-    'matchHelper',
     'multipleProducts'
 ];
 
 const ALPHA_FEATURES = [
     'oauthLogin',
-    'customThemeSettings',
-    'membersActivity',
-    'offers'
+    'membersActivity'
 ];
 
+module.exports.GA_KEYS = [...GA_FEATURES];
 module.exports.WRITABLE_KEYS_ALLOWLIST = [...BETA_FEATURES, ...ALPHA_FEATURES];
 
 module.exports.getAll = () => {
@@ -40,6 +43,10 @@ module.exports.getAll = () => {
         }
     });
 
+    GA_FEATURES.forEach((gaKey) => {
+        labs[gaKey] = true;
+    });
+
     labs.members = settingsCache.get('members_signup_access') !== 'none';
 
     return labs;
@@ -79,7 +86,7 @@ module.exports.enabledHelper = function enabledHelper(options, callback) {
     }
 
     // Else, the helper is not active and we need to handle this as an error
-    errDetails.message = tpl(options.errorMessage || messages.errorMessage, {helperName: options.helperName}),
+    errDetails.message = tpl(options.errorMessage || messages.errorMessage, {helperName: options.helperName});
     errDetails.context = tpl(options.errorContext || messages.errorContext, {
         helperName: options.helperName,
         flagName: options.flagName
@@ -88,6 +95,7 @@ module.exports.enabledHelper = function enabledHelper(options, callback) {
 
     logging.error(new errors.DisabledFeatureError(errDetails));
 
+    const {SafeString} = require('express-hbs');
     errString = new SafeString(`<script>console.error("${_.values(errDetails).join(' ')}");</script>`);
 
     if (options.async) {

package/loggingrc.js

@@ -1,4 +1,5 @@
 const config = require('./core/shared/config');
+const ghostVersion = require('@tryghost/version');
 
 module.exports = {
     name: config.get('logging:name'),
@@ -8,6 +9,15 @@ module.exports = {
     mode: config.get('logging:mode'),
     level: config.get('logging:level'),
     transports: config.get('logging:transports'),
+    metrics: {
+        transports: config.get('logging:metrics:transports'),
+        metadata: {
+            // Undefined if unavailable
+            siteId: config.get('hostSettings:siteId'),
+            domain: config.get('url'),
+            version: ghostVersion.safe
+        }
+    },
     gelf: config.get('logging:gelf'),
     loggly: config.get('logging:loggly'),
     elasticsearch: config.get('logging:elasticsearch'),