npm - ghost - Versions diffs - 4.22.4 → 4.25.1 - Mend

ghost 4.22.4 → 4.25.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/core/frontend/src/cards/css/toggle.css CHANGED Viewed

@@ -1,8 +1,26 @@
 .kg-toggle-card[data-kg-toggle-state="close"] .kg-toggle-content{
-    visibility: hidden;
-    opacity: 0;
+    height: auto;
+    opacity: 1;
+    transition: opacity 1s ease, top .35s ease;
+    top: 0;
+    position: relative;
+}
+.kg-toggle-content {
     height: 0;
-    padding: 0;
+    overflow: hidden;
+    transition: opacity .5s ease, top .35s ease;
+    opacity: 0;
+    top: -0.5em;
+    position: relative;
+}
+.kg-toggle-content p:first-of-type {
+    margin-top: 0.5em;
+}
+.kg-toggle-content p {
+    font-size: 0.95em;
 }
 .kg-toggle-card[data-kg-toggle-state="close"] svg {
@@ -10,14 +28,13 @@
 }
 .kg-toggle-card {
-    border: 1px solid rgba(127, 127, 127, 0.15);
+    background: transparent;
+    box-shadow: inset 0 0 0 1px rgba(124, 139, 154, 0.25);
     border-radius: 4px;
-    padding: 20px;
+    padding: 1.2em;
 }
 .kg-toggle-heading {
-    font-size: 2rem;
-    font-weight: 600;
     cursor: pointer;
     display: flex;
     justify-content: space-between;
@@ -30,18 +47,21 @@
     display: flex;
     justify-content: center;
     align-items: center;
-    margin-left: 16px;
+    margin-left: 1em;
+    background: none;
+    border: 0;
 }
 .kg-toggle-heading svg {
     width: 14px;
-    color: rgba(127, 127, 127, 0.4);
-    transition: transform 0.3s;
-    transform: rotate(180deg);
+    color: rgba(124, 139, 154, 0.5);
+    transition: all 0.3s;
+    transform: rotate(-180deg);
 }
-.kg-toggle-content {
-    display: flex;
-    transition: opacity 0.3s;
-    padding-top: 8px;
-}
+.kg-toggle-heading-text {
+    margin-top: 0;
+    margin-bottom: 0;
+    line-height: 1.3em;
+    font-size: 1.1em;
+}

package/core/frontend/web/middleware/error-handler.js ADDED Viewed

@@ -0,0 +1,93 @@
+const hbs = require('express-hbs');
+const _ = require('lodash');
+const tpl = require('@tryghost/tpl');
+const sentry = require('../../../shared/sentry');
+const config = require('../../../shared/config');
+const helpers = require('../../services/routing/helpers');
+// @TODO: make this properly shared code
+const shared = require('../../../server/web/shared/middleware/error-handler');
+const messages = {
+    oopsErrorTemplateHasError: 'Oops, seems there is an error in the error template.',
+    encounteredError: 'Encountered the error: ',
+    whilstTryingToRender: 'whilst trying to render an error page for the error: '
+};
+const escapeExpression = hbs.Utils.escapeExpression;
+/**
+ * This is a bare minimum setup, which allows us to render the error page
+ * It uses the {{asset}} helper, and nothing more
+ */
+const createHbsEngine = () => {
+    const engine = hbs.create();
+    engine.registerHelper('asset', require('../../helpers/asset'));
+    return engine.express4();
+};
+const errorFallbackMessage = err => `<h1>${tpl(messages.oopsErrorTemplateHasError)}</h1>
+     <p>${tpl(messages.encounteredError)}</p>
+     <pre>${escapeExpression(err.message || err)}</pre>
+     <br ><p>${tpl(messages.whilstTryingToRender)}</p>
+     ${err.statusCode} <pre>${escapeExpression(err.message || err)}</pre>`;
+const themeErrorRenderer = (err, req, res, next) => {
+    // If the error code is explicitly set to STATIC_FILE_NOT_FOUND,
+    // Skip trying to render an HTML error, and move on to the basic error renderer
+    // We do this because customised 404 templates could reference the image that's missing
+    // A better long term solution might be to do this based on extension
+    if (err.code === 'STATIC_FILE_NOT_FOUND') {
+        return next(err);
+    }
+    // Renderer begin
+    // Format Data
+    const data = {
+        message: err.message,
+        // @deprecated Remove in Ghost 5.0
+        code: err.statusCode,
+        statusCode: err.statusCode,
+        errorDetails: err.errorDetails || []
+    };
+    // Template
+    // @TODO: very dirty !!!!!!
+    helpers.templates.setTemplate(req, res);
+    // It can be that something went wrong with the theme or otherwise loading handlebars
+    // This ensures that no matter what res.render will work here
+    // @TODO: split the error handler for assets, admin & theme to refactor this away
+    if (_.isEmpty(req.app.engines)) {
+        res._template = 'error';
+        req.app.engine('hbs', createHbsEngine());
+        req.app.set('view engine', 'hbs');
+        req.app.set('views', config.get('paths').defaultViews);
+    }
+    // @TODO use renderer here?!
+    // Render Call - featuring an error handler for what happens if rendering fails
+    res.render(res._template, data, (_err, html) => {
+        if (!_err) {
+            return res.send(html);
+        }
+        // re-attach new error e.g. error template has syntax error or misusage
+        req.err = _err;
+        // And then try to explain things to the user...
+        // Cheat and output the error using handlebars escapeExpression
+        return res.status(500).send(errorFallbackMessage(_err));
+    });
+};
+module.exports.handleThemeResponse = [
+    // Make sure the error can be served
+    shared.prepareError,
+    // Handle the error in Sentry
+    sentry.errorHandler,
+    // Render the error using theme template
+    themeErrorRenderer
+];

package/core/frontend/web/middleware/handle-image-sizes.js CHANGED Viewed

@@ -1,6 +1,6 @@
 const _ = require('lodash');
 const path = require('path');
-const {GhostError} = require('@tryghost/errors');
+const {NoContentError} = require('@tryghost/errors');
 const imageTransform = require('@tryghost/image-transform');
 const storage = require('../../../server/adapters/storage');
 const activeTheme = require('../../services/theme-engine/active');
@@ -102,10 +102,7 @@ module.exports = function (req, res, next) {
             })
             .then((originalImageBuffer) => {
                 if (originalImageBuffer.length <= 0) {
-                    throw new GhostError({
-                        errorType: 'NoContentError',
-                        statusCode: 204
-                    });
+                    throw new NoContentError();
                 }
                 return imageTransform.resizeFromBuffer(originalImageBuffer, imageDimensionConfig);
             })
@@ -115,7 +112,7 @@ module.exports = function (req, res, next) {
     }).then(() => {
         next();
     }).catch(function (err) {
-        if (err.code === 'SHARP_INSTALLATION' || err.errorType === 'NoContentError') {
+        if (err.code === 'SHARP_INSTALLATION' || err.code === 'IMAGE_PROCESSING' || err.errorType === 'NoContentError') {
             return redirectToOriginal();
         }
         next(err);

package/core/frontend/web/middleware/index.js CHANGED Viewed

@@ -1,4 +1,5 @@
 module.exports = {
+    errorHandler: require('./error-handler'),
     handleImageSizes: require('./handle-image-sizes'),
     redirectGhostToAdmin: require('./redirect-ghost-to-admin'),
     serveFavicon: require('./serve-favicon'),

package/core/frontend/web/middleware/serve-public-file.js CHANGED Viewed

@@ -11,8 +11,23 @@ const messages = {
     fileNotFound: 'File not found'
 };
+/**
+ * If this request has a ?v= param, make sure the cache has the same key
+ *
+ * @param {Object} req
+ * @param {Object} cache
+ * @returns {boolean}
+ */
+function matchCacheKey(req, cache) {
+    if (req.query && req.query.v && cache && cache.key) {
+        return req.query.v === cache.key;
+    }
+    return true;
+}
 function createPublicFileMiddleware(location, file, mime, maxAge) {
-    let content;
+    let cache;
     // These files are provided by Ghost, and therefore live inside of the core folder
     const staticFilePath = config.get('paths').publicFilePath;
     // These files are built on the fly, and must be saved in the content folder
@@ -24,9 +39,9 @@ function createPublicFileMiddleware(location, file, mime, maxAge) {
     const blogRegex = /(\{\{blog-url\}\})/g;
     return function servePublicFileMiddleware(req, res, next) {
-        if (content) {
-            res.writeHead(200, content.headers);
-            return res.end(content.body);
+        if (cache && matchCacheKey(req, cache)) {
+            res.writeHead(200, cache.headers);
+            return res.end(cache.body);
         }
         // send image files directly and let express handle content-length, etag, etc
@@ -67,17 +82,19 @@ function createPublicFileMiddleware(location, file, mime, maxAge) {
                 str = str.replace(blogRegex, urlUtils.urlFor('home', true).replace(/\/$/, ''));
             }
-            content = {
+            cache = {
                 headers: {
                     'Content-Type': mime,
                     'Content-Length': Buffer.from(str).length,
                     ETag: `"${crypto.createHash('md5').update(str, 'utf8').digest('hex')}"`,
                     'Cache-Control': `public, max-age=${maxAge}`
                 },
-                body: str
+                body: str,
+                key: req.query && req.query.v ? req.query.v : null
             };
-            res.writeHead(200, content.headers);
-            res.end(content.body);
+            res.writeHead(200, cache.headers);
+            res.end(cache.body);
         });
     };
 }

package/core/frontend/web/site.js CHANGED Viewed

@@ -112,7 +112,7 @@ module.exports = function setupSiteApp(options = {}) {
     // Card assets
     siteApp.use(mw.servePublicFile('built', 'public/cards.min.css', 'text/css', constants.ONE_YEAR_S));
-    siteApp.use(mw.servePublicFile('built', 'public/cards.min.js', 'text/js', constants.ONE_YEAR_S));
+    siteApp.use(mw.servePublicFile('built', 'public/cards.min.js', 'application/javascript', constants.ONE_YEAR_S));
     // Serve blog images using the storage adapter
     siteApp.use(STATIC_IMAGE_URL_PREFIX, mw.handleImageSizes, storage.getStorage('images').serve());
@@ -153,9 +153,6 @@ module.exports = function setupSiteApp(options = {}) {
     sitemapHandler(siteApp);
     debug('Internal apps done');
-    // send 503 error page in case of maintenance
-    siteApp.use(shared.middleware.maintenance);
     // Add in all trailing slashes & remove uppercase
     // must happen AFTER asset loading and BEFORE routing
     siteApp.use(shared.middleware.prettyUrls);
@@ -187,7 +184,7 @@ module.exports = function setupSiteApp(options = {}) {
             app.setupErrorHandling(siteApp);
         }
     });
-    siteApp.use(shared.middleware.errorHandler.handleThemeResponse);
+    siteApp.use(mw.errorHandler.handleThemeResponse);
     debug('Site setup end');

package/core/server/adapters/scheduling/SchedulingDefault.js CHANGED Viewed

@@ -307,7 +307,7 @@ SchedulingDefault.prototype._pingUrl = function (object) {
                 this._pingUrl(object);
             }, this.retryTimeoutInMs);
-            logging.error(new errors.GhostError({
+            logging.error(new errors.InternalServerError({
                 err,
                 context: 'Retrying...',
                 level: 'normal'
@@ -316,7 +316,7 @@ SchedulingDefault.prototype._pingUrl = function (object) {
             return;
         }
-        logging.error(new errors.GhostError({
+        logging.error(new errors.InternalServerError({
             err,
             level: 'critical'
         }));

package/core/server/adapters/storage/LocalStorageBase.js CHANGED Viewed

@@ -147,7 +147,7 @@ class LocalStorageBase extends StorageBase {
                         return next(new errors.NoPermissionError({err: err}));
                     }
-                    return next(new errors.GhostError({err: err}));
+                    return next(new errors.InternalServerError({err: err}));
                 }
                 next();
@@ -196,7 +196,7 @@ class LocalStorageBase extends StorageBase {
                         return reject(new errors.NoPermissionError({err: err}));
                     }
-                    return reject(new errors.GhostError({
+                    return reject(new errors.InternalServerError({
                         err: err,
                         message: tpl(this.errorMessages.cannotRead, {file: options.path})
                     }));

package/core/server/api/canary/db.js CHANGED Viewed

@@ -62,7 +62,7 @@ module.exports = {
             return Promise.resolve()
                 .then(() => exporter.doExport({include: frame.options.withRelated}))
                 .catch((err) => {
-                    return Promise.reject(new errors.GhostError({err: err}));
+                    return Promise.reject(new errors.InternalServerError({err: err}));
                 });
         }
     },
@@ -124,7 +124,7 @@ module.exports = {
                             }, {concurrency: 100});
                         })
                         .catch((err) => {
-                            throw new errors.GhostError({
+                            throw new errors.InternalServerError({
                                 err: err
                             });
                         });

package/core/server/api/canary/media.js CHANGED Viewed

@@ -23,8 +23,9 @@ module.exports = {
     uploadThumbnail: {
         permissions: false,
-        options: [
-            'url'
+        data: [
+            'url',
+            'ref'
         ],
         async query(frame) {
             const mediaStorage = storage.getStorage('media');

package/core/server/api/canary/oembed.js CHANGED Viewed

@@ -3,9 +3,24 @@ const externalRequest = require('../../lib/request-external');
 const OEmbed = require('../../services/oembed');
 const oembed = new OEmbed({config, externalRequest});
 const NFT = require('../../services/nft-oembed');
-const nft = new NFT();
+const nft = new NFT({
+    config: {
+        apiKey: config.get('opensea').privateReadOnlyApiKey
+    }
+});
+const Twitter = require('../../services/twitter-embed');
+const twitter = new Twitter({
+    config: {
+        bearerToken: config.get('twitter').privateReadOnlyToken
+    },
+    logging: require('@tryghost/logging')
+});
 oembed.registerProvider(nft);
+oembed.registerProvider(twitter);
 module.exports = {
     docName: 'oembed',

package/core/server/api/canary/session.js CHANGED Viewed

@@ -42,7 +42,7 @@ const session = {
                 });
             });
         }).catch(async (err) => {
-            if (!errors.utils.isIgnitionError(err)) {
+            if (!errors.utils.isGhostError(err)) {
                 throw new errors.UnauthorizedError({
                     message: tpl(messages.accessDenied),
                     err

package/core/server/api/canary/slugs.js CHANGED Viewed

@@ -43,7 +43,7 @@ module.exports = {
             return models.Base.Model.generateSlug(allowedTypes[frame.options.type], frame.data.name, {status: 'all'})
                 .then((slug) => {
                     if (!slug) {
-                        return Promise.reject(new errors.GhostError({
+                        return Promise.reject(new errors.InternalServerError({
                             message: tpl(messages.couldNotGenerateSlug)
                         }));
                     }

package/core/server/api/canary/utils/permissions.js CHANGED Viewed

@@ -66,11 +66,11 @@ const nonePublicAuth = (apiConfig, frame) => {
             return Promise.reject(err);
         }
-        if (errors.utils.isIgnitionError(err)) {
+        if (errors.utils.isGhostError(err)) {
             return Promise.reject(err);
         }
-        return Promise.reject(new errors.GhostError({
+        return Promise.reject(new errors.InternalServerError({
             err: err
         }));
     });

package/core/server/api/canary/utils/serializers/output/config.js CHANGED Viewed

@@ -1,5 +1,4 @@
 const _ = require('lodash');
-const labs = require('../../../../../../shared/labs');
 const debug = require('@tryghost/debug')('api:canary:utils:serializers:output:config');
 module.exports = {
@@ -18,13 +17,10 @@ module.exports = {
             'stripeDirect',
             'mailgunIsConfigured',
             'emailAnalytics',
-            'hostSettings'
+            'hostSettings',
+            'tenor'
         ];
-        if (labs.isSet('gifsCard')) {
-            keys.push('tenor');
-        }
         frame.response = {
             config: _.pick(data, keys)
         };

package/core/server/api/v2/db.js CHANGED Viewed

@@ -51,7 +51,7 @@ module.exports = {
             return Promise.resolve()
                 .then(() => exporter.doExport({include: frame.options.withRelated}))
                 .catch((err) => {
-                    return Promise.reject(new errors.GhostError({err: err}));
+                    return Promise.reject(new errors.InternalServerError({err: err}));
                 });
         }
     },
@@ -107,7 +107,7 @@ module.exports = {
                             }, {concurrency: 100});
                         })
                         .catch((err) => {
-                            throw new errors.GhostError({
+                            throw new errors.InternalServerError({
                                 err: err
                             });
                         });

package/core/server/api/v2/session.js CHANGED Viewed

@@ -42,7 +42,7 @@ const session = {
                 });
             });
         }).catch(async (err) => {
-            if (!errors.utils.isIgnitionError(err)) {
+            if (!errors.utils.isGhostError(err)) {
                 throw new errors.UnauthorizedError({
                     message: tpl(messages.authAccessDenied),
                     err

package/core/server/api/v2/slugs.js CHANGED Viewed

@@ -40,7 +40,7 @@ module.exports = {
             return models.Base.Model.generateSlug(allowedTypes[frame.options.type], frame.data.name, {status: 'all'})
                 .then((slug) => {
                     if (!slug) {
-                        return Promise.reject(new errors.GhostError({
+                        return Promise.reject(new errors.InternalServerError({
                             message: tpl(messages.couldNotGenerateSlug)
                         }));
                     }

package/core/server/api/v2/utils/permissions.js CHANGED Viewed

@@ -62,11 +62,11 @@ const nonePublicAuth = (apiConfig, frame) => {
             return Promise.reject(err);
         }
-        if (errors.utils.isIgnitionError(err)) {
+        if (errors.utils.isGhostError(err)) {
             return Promise.reject(err);
         }
-        return Promise.reject(new errors.GhostError({
+        return Promise.reject(new errors.InternalServerError({
             err: err
         }));
     });

package/core/server/api/v3/db.js CHANGED Viewed

@@ -62,7 +62,7 @@ module.exports = {
             return Promise.resolve()
                 .then(() => exporter.doExport({include: frame.options.withRelated}))
                 .catch((err) => {
-                    return Promise.reject(new errors.GhostError({err: err}));
+                    return Promise.reject(new errors.InternalServerError({err: err}));
                 });
         }
     },
@@ -118,7 +118,7 @@ module.exports = {
                             }, {concurrency: 100});
                         })
                         .catch((err) => {
-                            throw new errors.GhostError({
+                            throw new errors.InternalServerError({
                                 err: err
                             });
                         });

package/core/server/api/v3/session.js CHANGED Viewed

@@ -42,7 +42,7 @@ const session = {
                 });
             });
         }).catch(async (err) => {
-            if (!errors.utils.isIgnitionError(err)) {
+            if (!errors.utils.isGhostError(err)) {
                 throw new errors.UnauthorizedError({
                     message: tpl(messages.accessDenied),
                     err

package/core/server/api/v3/slugs.js CHANGED Viewed

@@ -39,7 +39,7 @@ module.exports = {
             return models.Base.Model.generateSlug(allowedTypes[frame.options.type], frame.data.name, {status: 'all'})
                 .then((slug) => {
                     if (!slug) {
-                        return Promise.reject(new errors.GhostError({message: tpl(messages.couldNotGenerateSlug)}));
+                        return Promise.reject(new errors.InternalServerError({message: tpl(messages.couldNotGenerateSlug)}));
                     }
                     return slug;
                 });

package/core/server/api/v3/utils/permissions.js CHANGED Viewed

@@ -66,11 +66,11 @@ const nonePublicAuth = (apiConfig, frame) => {
             return Promise.reject(err);
         }
-        if (errors.utils.isIgnitionError(err)) {
+        if (errors.utils.isGhostError(err)) {
             return Promise.reject(err);
         }
-        return Promise.reject(new errors.GhostError({
+        return Promise.reject(new errors.InternalServerError({
             err: err
         }));
     });

package/core/server/data/db/state-manager.js CHANGED Viewed

@@ -59,8 +59,8 @@ class DatabaseStateManager {
             // CASE: database connection errors, unknown cases
             let errorToThrow = error;
-            if (!errors.utils.isIgnitionError(errorToThrow)) {
-                errorToThrow = new errors.GhostError({message: errorToThrow.message, err: errorToThrow});
+            if (!errors.utils.isGhostError(errorToThrow)) {
+                errorToThrow = new errors.InternalServerError({message: errorToThrow.message, err: errorToThrow});
             }
             throw errorToThrow;
@@ -94,8 +94,8 @@ class DatabaseStateManager {
             }
         } catch (error) {
             let errorToThrow = error;
-            if (!errors.utils.isIgnitionError(error)) {
-                errorToThrow = new errors.GhostError({message: errorToThrow.message, err: errorToThrow});
+            if (!errors.utils.isGhostError(error)) {
+                errorToThrow = new errors.InternalServerError({message: errorToThrow.message, err: errorToThrow});
             }
             throw errorToThrow;

package/core/server/data/exporter/export-filename.js CHANGED Viewed

@@ -26,7 +26,7 @@ const exportFileName = async function exportFileName(options) {
         return title + 'ghost.' + datetime + '.json';
     } catch (err) {
-        logging.error(new errors.GhostError({err: err}));
+        logging.error(new errors.InternalServerError({err: err}));
         return 'ghost.' + datetime + '.json';
     }
 };

package/core/server/data/importer/handlers/json.js CHANGED Viewed

@@ -30,7 +30,7 @@ JSONHandler = {
                 // if importData follows JSON-API format `{ db: [exportedData] }`
                 if (_.keys(importData).length === 1) {
                     if (!importData.db || !Array.isArray(importData.db)) {
-                        throw new errors.GhostError({
+                        throw new errors.InternalServerError({
                             message: tpl(messages.invalidJsonFormat)
                         });
                     }

package/core/server/data/importer/import-manager.js CHANGED Viewed

@@ -121,7 +121,7 @@ class ImportManager {
         fs.remove(self.fileToDelete, function (err) {
             if (err) {
-                logging.error(new errors.GhostError({
+                logging.error(new errors.InternalServerError({
                     err: err,
                     context: tpl(messages.couldNotCleanUpFile.error),
                     help: tpl(messages.couldNotCleanUpFile.context)

package/core/server/data/importer/importers/data/base.js CHANGED Viewed

@@ -145,7 +145,7 @@ class Base {
                     });
                 }
             } else {
-                if (!errors.utils.isIgnitionError(err)) {
+                if (!errors.utils.isGhostError(err)) {
                     err = new errors.DataImportError({
                         message: err.message,
                         context: JSON.stringify(obj),

package/core/server/data/migrations/utils.js CHANGED Viewed

@@ -143,7 +143,7 @@ function addPermissionToRole(config) {
             }).first();
             if (!permission) {
-                throw new errors.GhostError({
+                throw new errors.InternalServerError({
                     message: tpl(messages.permissionRoleActionError, {
                         action: 'add',
                         permission: config.permission,
@@ -158,7 +158,7 @@ function addPermissionToRole(config) {
             }).first();
             if (!role) {
-                throw new errors.GhostError({
+                throw new errors.InternalServerError({
                     message: tpl(messages.permissionRoleActionError, {
                         action: 'add',
                         permission: config.permission,

package/core/server/data/migrations/versions/1.25/1-update-koenig-beta-html.js CHANGED Viewed

@@ -45,6 +45,7 @@ module.exports.up = function regenerateKoenigBetaHTML(options) {
                     || (mobiledoc && !mobiledocIsCompatibleWithV1(mobiledoc))
                 ) {
                     // change imagecard.payload.imageStyle to imagecard.payload.cardWidth
+                    // eslint-disable-next-line no-restricted-syntax
                     mobiledoc.cards.forEach((card) => {
                         if (card[0] === 'image') {
                             card[1].cardWidth = card[1].imageStyle;