npm - ghost - Versions diffs - 4.24.0 → 4.26.1 - Mend

ghost 4.24.0 → 4.26.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (147) hide show

package/core/server/services/oembed.js CHANGED Viewed

@@ -1,6 +1,7 @@
 const errors = require('@tryghost/errors');
 const tpl = require('@tryghost/tpl');
 const logging = require('@tryghost/logging');
+const sentry = require('../../shared/sentry');
 const {extract, hasProvider} = require('oembed-parser');
 const cheerio = require('cheerio');
 const _ = require('lodash');
@@ -128,7 +129,14 @@ class OEmbed {
         const response = await this.externalRequest(url, {cookieJar});
         const html = response.body;
-        scraperResponse = await metascraper({html, url});
+        try {
+            scraperResponse = await metascraper({html, url});
+        } catch (err) {
+            // Log to avoid being blind to errors happenning in metascraper
+            sentry.captureException(err);
+            logging.error(err);
+            return this.unknownProvider(url);
+        }
         const metadata = Object.assign({}, scraperResponse, {
             thumbnail: scraperResponse.image,
@@ -284,6 +292,10 @@ class OEmbed {
         try {
             const urlObject = new URL(url);
+            // Trimming solves the difference of url validation between `new URL(url)`
+            // and metascraper.
+            url = url.trim();
             for (const provider of this.customProviders) {
                 if (await provider.canSupportRequest(urlObject)) {
                     const result = await provider.getOEmbedData(urlObject, this.externalRequest);
@@ -314,12 +326,12 @@ class OEmbed {
             return data;
         } catch (err) {
             // allow specific validation errors through for better error messages
-            if (errors.utils.isIgnitionError(err) && err.errorType === 'ValidationError') {
+            if (errors.utils.isGhostError(err) && err.errorType === 'ValidationError') {
                 throw err;
             }
             // log the real error because we're going to throw a generic "Unknown provider" error
-            logging.error(new errors.GhostError({
+            logging.error(new errors.InternalServerError({
                 message: 'Encountered error when fetching oembed',
                 err
             }));

package/core/server/services/permissions/can-this.js CHANGED Viewed

@@ -128,7 +128,7 @@ CanThisResult.prototype.beginCheck = function (context) {
     context = parseContext(context);
     if (actionsMap.empty()) {
-        throw new errors.GhostError({message: tpl(messages.noActionsMapFoundError)});
+        throw new errors.InternalServerError({message: tpl(messages.noActionsMapFoundError)});
     }
     // Kick off loading of user permissions if necessary

package/core/server/services/redirects/api.js CHANGED Viewed

@@ -34,7 +34,7 @@ const readRedirectsFile = async (redirectsPath) => {
             return '';
         }
-        if (errors.utils.isIgnitionError(err)) {
+        if (errors.utils.isGhostError(err)) {
             throw err;
         }
@@ -162,7 +162,7 @@ class CustomRedirectsAPI {
                 }
             }
         } catch (err) {
-            if (errors.utils.isIgnitionError(err)) {
+            if (errors.utils.isGhostError(err)) {
                 logging.error(err);
             } else {
                 logging.error(new errors.IncorrectUsageError({

package/core/server/services/route-settings/default-settings-manager.js CHANGED Viewed

@@ -48,7 +48,7 @@ class DefaultSettingsManager {
                 });
             }).catch((error) => {
                 // CASE: we might have a permission error, as we can't access the directory
-                throw new errors.GhostError({
+                throw new errors.InternalServerError({
                     message: tpl(messages.ensureSettings, {
                         path: this.destinationFolderPath
                     }),

package/core/server/services/route-settings/route-settings.js CHANGED Viewed

@@ -9,7 +9,7 @@ const tpl = require('@tryghost/tpl');
 const bridge = require('../../../bridge');
 const messages = {
-    loadError: 'Could not load {filename} file.'
+    loadError: 'Could not load routes.yaml file.'
 };
 /**
@@ -38,14 +38,6 @@ class RouteSettings {
          * @private
          */
         this.defaultRoutesSettingHash = '3d180d52c663d173a6be791ef411ed01';
-        /**
-         * @private
-         */
-        this.filename = 'routes';
-        /**
-         * @private
-         */
-        this.ext = 'yaml';
         this.settingsLoader = settingsLoader;
         this.settingsPath = settingsPath;
@@ -90,7 +82,7 @@ class RouteSettings {
                     return Promise.resolve([]);
                 }
-                if (errors.utils.isIgnitionError(err)) {
+                if (errors.utils.isGhostError(err)) {
                     throw err;
                 }
@@ -115,7 +107,7 @@ class RouteSettings {
         };
         try {
-            bridge.reloadFrontend();
+            await bridge.reloadFrontend();
         } catch (err) {
             return bringBackValidRoutes()
                 .finally(() => {
@@ -134,7 +126,7 @@ class RouteSettings {
                     if (!urlService.hasFinished()) {
                         if (tries > 5) {
                             throw new errors.InternalServerError({
-                                message: tpl(messages.loadError, {filename: `${this.filename}.${this.ext}`})
+                                message: tpl(messages.loadError)
                             });
                         }

package/core/server/services/route-settings/settings-loader.js CHANGED Viewed

@@ -36,11 +36,11 @@ class SettingsLoader {
             return validate(object);
         } catch (err) {
-            if (errors.utils.isIgnitionError(err)) {
+            if (errors.utils.isGhostError(err)) {
                 throw err;
             }
-            throw new errors.GhostError({
+            throw new errors.InternalServerError({
                 message: tpl(messages.settingsLoaderError, {
                     setting: 'routes',
                     path: this.settingFilePath
@@ -66,11 +66,11 @@ class SettingsLoader {
             return validate(object);
         } catch (err) {
-            if (errors.utils.isIgnitionError(err)) {
+            if (errors.utils.isGhostError(err)) {
                 throw err;
             }
-            throw new errors.GhostError({
+            throw new errors.InternalServerError({
                 message: tpl(messages.settingsLoaderError, {
                     setting: 'routes',
                     path: this.settingFilePath

package/core/server/services/route-settings/yaml-parser.js CHANGED Viewed

@@ -35,7 +35,7 @@ module.exports = function parseYaml(file) {
         return parsed;
     } catch (error) {
-        if (errors.utils.isIgnitionError(error)) {
+        if (errors.utils.isGhostError(error)) {
             throw error;
         }

package/core/server/services/slack.js CHANGED Viewed

@@ -136,7 +136,7 @@ function ping(post) {
                 'Content-type': 'application/json'
             }
         }).catch(function (err) {
-            logging.error(new errors.GhostError({
+            logging.error(new errors.InternalServerError({
                 err: err,
                 context: tpl(messages.requestFailedError, {service: 'slack'}),
                 help: tpl(messages.requestFailedHelp, {url: 'https://ghost.org/docs/'})

package/core/server/services/themes/storage.js CHANGED Viewed

@@ -112,7 +112,7 @@ module.exports = {
             if (checkedTheme) {
                 fs.remove(checkedTheme.path)
                     .catch((err) => {
-                        logging.error(new errors.GhostError({err: err}));
+                        logging.error(new errors.InternalServerError({err: err}));
                     });
             }
@@ -120,7 +120,7 @@ module.exports = {
             getStorage()
                 .delete(backupName)
                 .catch((err) => {
-                    logging.error(new errors.GhostError({err: err}));
+                    logging.error(new errors.InternalServerError({err: err}));
                 });
         }
     },

package/core/server/services/twitter-embed.js ADDED Viewed

@@ -0,0 +1,81 @@
+const {extract} = require('oembed-parser');
+/**
+ * @typedef {import('./oembed').ICustomProvider} ICustomProvider
+ * @typedef {import('./oembed').IExternalRequest} IExternalRequest
+ */
+const TWITTER_PATH_REGEX = /\/status\/(\d+)/;
+/**
+ * @implements ICustomProvider
+ */
+class TwitterOEmbedProvider {
+    /**
+     * @param {object} dependencies
+     */
+    constructor(dependencies) {
+        this.dependencies = dependencies;
+    }
+    /**
+     * @param {URL} url
+     * @returns {Promise<boolean>}
+     */
+    async canSupportRequest(url) {
+        return url.host === 'twitter.com' && TWITTER_PATH_REGEX.test(url.pathname);
+    }
+    /**
+     * @param {URL} url
+     * @param {IExternalRequest} externalRequest
+     *
+     * @returns {Promise<object>}
+     */
+    async getOEmbedData(url, externalRequest) {
+        const [match, tweetId] = url.pathname.match(TWITTER_PATH_REGEX);
+        if (!match) {
+            return null;
+        }
+        /** @type {object} */
+        const oembedData = await extract(url.href);
+        if (this.dependencies.config.bearerToken) {
+            const query = {
+                expansions: ['attachments.poll_ids', 'attachments.media_keys', 'author_id', 'entities.mentions.username', 'geo.place_id', 'in_reply_to_user_id', 'referenced_tweets.id', 'referenced_tweets.id.author_id'],
+                'media.fields': ['duration_ms', 'height', 'media_key', 'preview_image_url', 'type', 'url', 'width', 'public_metrics', 'alt_text'],
+                'place.fields': ['contained_within', 'country', 'country_code', 'full_name', 'geo', 'id', 'name', 'place_type'],
+                'poll.fields': ['duration_minutes', 'end_datetime', 'id', 'options', 'voting_status'],
+                'tweet.fields': ['attachments', 'author_id', 'context_annotations', 'conversation_id', 'created_at', 'entities', 'geo', 'id', 'in_reply_to_user_id', 'lang', 'public_metrics', 'possibly_sensitive', 'referenced_tweets', 'reply_settings', 'source', 'text', 'withheld'],
+                'user.fields': ['created_at', 'description', 'entities', 'id', 'location', 'name', 'pinned_tweet_id', 'profile_image_url', 'protected', 'public_metrics', 'url', 'username', 'verified', 'withheld']
+            };
+            const queryString = Object.keys(query).map((key) => {
+                return `${key}=${query[key].join(',')}`;
+            }).join('&');
+            try {
+                const result = await externalRequest(`https://api.twitter.com/2/tweets/${tweetId}?${queryString}`, {
+                    responseType: 'json',
+                    headers: {
+                        Authorization: `Bearer ${this.dependencies.config.bearerToken}`
+                    }
+                });
+                const body = JSON.parse(result.body);
+                oembedData.tweet_data = body.data;
+                oembedData.tweet_data.includes = body.includes;
+            } catch (err) {
+                this.dependencies.logging.error(err);
+            }
+        }
+        oembedData.type = 'twitter';
+        return oembedData;
+    }
+}
+module.exports = TwitterOEmbedProvider;

package/core/server/services/xmlrpc.js CHANGED Viewed

@@ -87,7 +87,7 @@ function ping(post) {
                 if (!goodResponse.test(res.body)) {
                     const matches = res.body.match(errorMessage);
                     const message = matches ? matches[1] : res.body;
-                    throw new errors.GhostError({message});
+                    throw new errors.InternalServerError({message});
                 }
             })
             .catch(function (err) {
@@ -100,7 +100,7 @@ function ping(post) {
                         help: tpl(messages.requestFailedHelp, {url: 'https://ghost.org/docs/'})
                     });
                 } else {
-                    error = new errors.GhostError({
+                    error = new errors.InternalServerError({
                         err: err,
                         message: err.message,
                         context: tpl(messages.requestFailedError, {service: 'xmlrpc'}),

package/core/server/web/admin/views/default-prod.html CHANGED Viewed

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.24%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.26%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -41,7 +41,7 @@
                 <link rel="stylesheet" href="assets/vendor.min-987af30228885bce50f05c4723fe6f53.css">
-                <link rel="stylesheet" href="assets/ghost.min-7f3603dbeb5ebf0ec09e207ae82fb4e3.css" title="light">
+                <link rel="stylesheet" href="assets/ghost.min-57c1e677f42d596942d317ce93e8a62c.css" title="light">
@@ -59,8 +59,8 @@
 <div id="ember-basic-dropdown-wormhole"></div>
-                <script src="assets/vendor.min-1a84ac3ef74edf31c6e86810b45221cc.js"></script>
-                <script src="assets/ghost.min-d5595f9c71ebc534ccf9ac78483d357c.js"></script>
+                <script src="assets/vendor.min-b6b8d2a31d61830c2d8f65c5ba54236a.js"></script>
+                <script src="assets/ghost.min-f3c6886e191d34450e9ffca0c8fa056e.js"></script>
 </body>
 </html>

package/core/server/web/admin/views/default.html CHANGED Viewed

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.24%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.26%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22emberKeyboard%22%3A%7B%22disableInputsInitializer%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -41,7 +41,7 @@
                 <link rel="stylesheet" href="assets/vendor.min-987af30228885bce50f05c4723fe6f53.css">
-                <link rel="stylesheet" href="assets/ghost.min-7f3603dbeb5ebf0ec09e207ae82fb4e3.css" title="light">
+                <link rel="stylesheet" href="assets/ghost.min-57c1e677f42d596942d317ce93e8a62c.css" title="light">
@@ -59,8 +59,8 @@
 <div id="ember-basic-dropdown-wormhole"></div>
-                <script src="assets/vendor.min-1a84ac3ef74edf31c6e86810b45221cc.js"></script>
-                <script src="assets/ghost.min-d5595f9c71ebc534ccf9ac78483d357c.js"></script>
+                <script src="assets/vendor.min-b6b8d2a31d61830c2d8f65c5ba54236a.js"></script>
+                <script src="assets/ghost.min-f3c6886e191d34450e9ffca0c8fa056e.js"></script>
 </body>
 </html>

package/core/server/web/api/canary/admin/middleware.js CHANGED Viewed

@@ -44,7 +44,7 @@ const notImplemented = function (req, res, next) {
         }
     }
-    next(new errors.GhostError({
+    next(new errors.InternalServerError({
         errorType: 'NotImplementedError',
         message: tpl(messages.notImplemented),
         statusCode: '501'

package/core/server/web/api/v2/admin/middleware.js CHANGED Viewed

@@ -40,7 +40,7 @@ const notImplemented = function (req, res, next) {
         }
     }
-    next(new errors.GhostError({
+    next(new errors.InternalServerError({
         errorType: 'NotImplementedError',
         message: tpl(messages.notImplemented),
         statusCode: '501'

package/core/server/web/api/v3/admin/middleware.js CHANGED Viewed

@@ -44,7 +44,7 @@ const notImplemented = function (req, res, next) {
         }
     }
-    next(new errors.GhostError({
+    next(new errors.InternalServerError({
         errorType: 'NotImplementedError',
         message: tpl(messages.notImplemented),
         statusCode: '501'

package/core/server/web/parent/app.js CHANGED Viewed

@@ -3,22 +3,15 @@ const config = require('../../../shared/config');
 const express = require('../../../shared/express');
 const compress = require('compression');
 const mw = require('./middleware');
-const vhost = require('@tryghost/vhost-middleware');
-/**
- * @param {Object} options
- * @param {Boolean} [options.start]
- * @param {Boolean} [options.backend]
- * @param {Boolean} [options.frontend]
- */
-module.exports = function setupParentApp({start, frontend = true, backend = true}) {
+module.exports = function setupParentApp() {
     debug('ParentApp setup start');
     const parentApp = express('parent');
     parentApp.use(mw.requestId);
     parentApp.use(mw.logRequest);
-    // Register event emmiter on req/res to trigger cache invalidation webhook event
+    // Register event emitter on req/res to trigger cache invalidation webhook event
     parentApp.use(mw.emitEvents);
     // enabled gzip compression by default
@@ -30,19 +23,6 @@ module.exports = function setupParentApp({start, frontend = true, backend = true
     // @TODO: figure out if this is really needed everywhere? Is it not frontend only...
     parentApp.use(mw.ghostLocals);
-    // Mount the express apps on the parentApp
-    if (backend) {
-        debug('Mounting bakcend: ADMIN + API');
-        const backendApp = require('./backend')();
-        parentApp.use(vhost(config.getBackendMountPath(), backendApp));
-    }
-    if (frontend) {
-        debug('Mounting frontend: SITE + MEMBERS');
-        const frontendApp = require('./frontend')({start});
-        parentApp.use(vhost(config.getFrontendMountPath(), frontendApp));
-    }
     debug('ParentApp setup end');
     return parentApp;

package/core/server/web/parent/backend.js CHANGED Viewed

@@ -10,9 +10,11 @@ module.exports = () => {
     // BACKEND
     // Wrap the admin and API apps into a single express app for use with vhost
     const backendApp = express('backend');
     backendApp.lazyUse('/ghost/api', require('../api'));
     backendApp.lazyUse('/ghost/oauth', require('../oauth'));
     backendApp.lazyUse('/ghost/.well-known', require('../well-known'));
     backendApp.use('/ghost', require('../../services/auth/session').createSessionFromToken, require('../admin')());
     return backendApp;