npm - ghost - Versions diffs - 5.60.0 → 5.61.0 - Mend

ghost 5.60.0 → 5.61.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (202) hide show

package/core/server/services/api-version-compatibility/index.js CHANGED Viewed

@@ -25,7 +25,7 @@ const init = () => {
     });
 };
-module.exports.errorHandler = (err, req, res, next) => {
+module.exports.errorHandler = function apiVersionCompatibilityErrorHandler(err, req, res, next) {
     return versionMismatchHandler(serviceInstance)(err, req, res, next);
 };
@@ -38,7 +38,7 @@ module.exports.errorHandler = (err, req, res, next) => {
  * @param {import('express').Response} res
  * @param {import('express').NextFunction} next
  */
-module.exports.contentVersion = (req, res, next) => {
+module.exports.contentVersion = function apiVersionCompatibilityContentVersion(req, res, next) {
     res.header('Content-Version', `v${ghostVersion.safe}`);
     res.vary('Accept-Version');

package/core/server/services/api-version-compatibility/mw-version-rewrites.js CHANGED Viewed

@@ -8,7 +8,7 @@ const urlUtils = require('../../../shared/url-utils');
  * @param {import('express').Response} res
  * @param {import('express').NextFunction} next
  */
-module.exports = (req, res, next) => {
+module.exports = function mwVersionRewrites(req, res, next) {
     let {version} = legacyApiPathMatch(req.url);
     // If we don't match a valid version, carry on

package/core/server/services/auth/api-key/admin.js CHANGED Viewed

@@ -44,7 +44,7 @@ const _extractTokenFromUrl = function extractTokenFromUrl(reqUrl) {
     return query.token;
 };
-const authenticate = (req, res, next) => {
+const authenticate = function apiKeyAdminAuth(req, res, next) {
     // CASE: we don't have an Authorization header so allow fallthrough to other
     // auth middleware or final "ensure authenticated" check
     if (!req.headers || !req.headers.authorization) {
@@ -63,7 +63,7 @@ const authenticate = (req, res, next) => {
     return authenticateWithToken(req, res, next, {token, JWT_OPTIONS: JWT_OPTIONS_DEFAULTS});
 };
-const authenticateWithUrl = (req, res, next) => {
+const authenticateWithUrl = function apiKeyAuthenticateWithUrl(req, res, next) {
     const token = _extractTokenFromUrl(req.originalUrl);
     if (!token) {
         return next(new errors.UnauthorizedError({
@@ -89,7 +89,7 @@ const authenticateWithUrl = (req, res, next) => {
  * - the "Audience" claim should match the requested API path
  *   https://tools.ietf.org/html/rfc7519#section-4.1.3
  */
-const authenticateWithToken = async (req, res, next, {token, JWT_OPTIONS}) => {
+const authenticateWithToken = async function apiKeyAuthenticateWithToken(req, res, next, {token, JWT_OPTIONS}) {
     const decoded = jwt.decode(token, {complete: true});
     if (!decoded || !decoded.header) {

package/core/server/services/collections/service.js CHANGED Viewed

@@ -2,7 +2,6 @@ const {
     CollectionsService
 } = require('@tryghost/collections');
 const BookshelfCollectionsRepository = require('./BookshelfCollectionsRepository');
-const labs = require('../../../shared/labs');
 let inited = false;
 class CollectionsServiceWrapper {
@@ -32,15 +31,18 @@ class CollectionsServiceWrapper {
     }
     async init() {
-        if (!labs.isSet('collections')) {
+        const config = require('../../../shared/config');
+        const labs = require('../../../shared/labs');
+        // host setting OR labs "collections" flag has to be enabled to run collections service
+        if (!config.get('hostSettings:collections:enabled') && !(labs.isSet('collections'))) {
             return;
         }
         if (inited) {
             return;
         }
         inited = true;
         this.api.subscribeToEvents();
-        require('./intercept-events')();
     }
 }

package/core/server/services/members/middleware.js CHANGED Viewed

@@ -16,7 +16,7 @@ const messages = {
 // @TODO: This piece of middleware actually belongs to the frontend, not to the member app
 // Need to figure a way to separate these things (e.g. frontend actually talks to members API)
-const loadMemberSession = async function (req, res, next) {
+const loadMemberSession = async function loadMemberSession(req, res, next) {
     try {
         const member = await membersService.ssr.getMemberDataFromSession(req, res);
         Object.assign(req, {member});
@@ -32,7 +32,7 @@ const loadMemberSession = async function (req, res, next) {
  * Require member authentication, and make it possible to authenticate via uuid.
  * You can chain this after loadMemberSession to make it possible to authenticate via both the uuid and the session.
  */
-const authMemberByUuid = async function (req, res, next) {
+const authMemberByUuid = async function authMemberByUuid(req, res, next) {
     try {
         const uuid = req.query.uuid;
         if (!uuid) {
@@ -60,7 +60,7 @@ const authMemberByUuid = async function (req, res, next) {
     }
 };
-const getIdentityToken = async function (req, res) {
+const getIdentityToken = async function getIdentityToken(req, res) {
     try {
         const token = await membersService.ssr.getIdentityTokenForMemberFromSession(req, res);
         res.writeHead(200);
@@ -71,7 +71,7 @@ const getIdentityToken = async function (req, res) {
     }
 };
-const deleteSession = async function (req, res) {
+const deleteSession = async function deleteSession(req, res) {
     try {
         await membersService.ssr.deleteSession(req, res);
         res.writeHead(204);
@@ -87,7 +87,7 @@ const deleteSession = async function (req, res) {
     }
 };
-const getMemberData = async function (req, res) {
+const getMemberData = async function getMemberData(req, res) {
     try {
         const member = await membersService.ssr.getMemberDataFromSession(req, res);
         if (member) {
@@ -101,7 +101,7 @@ const getMemberData = async function (req, res) {
     }
 };
-const deleteSuppression = async function (req, res) {
+const deleteSuppression = async function deleteSuppression(req, res) {
     try {
         const member = await membersService.ssr.getMemberDataFromSession(req, res);
         const options = {
@@ -123,7 +123,7 @@ const deleteSuppression = async function (req, res) {
     }
 };
-const getMemberNewsletters = async function (req, res) {
+const getMemberNewsletters = async function getMemberNewsletters(req, res) {
     try {
         const memberUuid = req.query.uuid;
@@ -151,7 +151,7 @@ const getMemberNewsletters = async function (req, res) {
     }
 };
-const updateMemberNewsletters = async function (req, res) {
+const updateMemberNewsletters = async function updateMemberNewsletters(req, res) {
     try {
         const memberUuid = req.query.uuid;
         if (!memberUuid) {
@@ -182,7 +182,7 @@ const updateMemberNewsletters = async function (req, res) {
     }
 };
-const updateMemberData = async function (req, res) {
+const updateMemberData = async function updateMemberData(req, res) {
     try {
         const data = _.pick(req.body, 'name', 'expertise', 'subscribed', 'newsletters', 'enable_comment_notifications');
         const member = await membersService.ssr.getMemberDataFromSession(req, res);
@@ -209,7 +209,7 @@ const updateMemberData = async function (req, res) {
     }
 };
-const createSessionFromMagicLink = async function (req, res, next) {
+const createSessionFromMagicLink = async function createSessionFromMagicLink(req, res, next) {
     if (!req.url.includes('token=')) {
         return next();
     }

package/core/server/services/mentions/WebmentionMetadata.js CHANGED Viewed

@@ -14,7 +14,8 @@ module.exports = class WebmentionMetadata {
             author: data.metadata.author,
             image: data.metadata.thumbnail ? new URL(data.metadata.thumbnail) : null,
             favicon: data.metadata.icon ? new URL(data.metadata.icon) : null,
-            body: data.body
+            body: data.body,
+            contentType: data.contentType
         };
         return result;
     }

package/core/server/services/mentions/service.js CHANGED Viewed

@@ -28,6 +28,8 @@ module.exports = {
     /** @type {import('@tryghost/webmentions/lib/MentionsAPI')} */
     api: null,
     controller: new MentionController(),
+    /** @type {import('@tryghost/webmentions/lib/MentionSendingService')} */
+    sendingService: null,
     didInit: false,
     async init() {
         if (this.didInit) {
@@ -107,5 +109,7 @@ module.exports = {
             }
         });
         sendingService.listen(events);
+        this.sendingService = sendingService;
     }
 };

package/core/server/services/{collections/intercept-events.js → model-to-domain-event-interceptor/index.js} RENAMED Viewed

@@ -1,4 +1,11 @@
-module.exports = () => {
+let inited = false;
+module.exports.init = async () => {
+    if (inited) {
+        return;
+    }
+    inited = true;
     const DomainEvents = require('@tryghost/domain-events/lib/DomainEvents');
     const {ModelToDomainEventInterceptor} = require('@tryghost/model-to-domain-event-interceptor');
     const events = require('../../lib/common/events');
@@ -6,5 +13,6 @@ module.exports = () => {
         ModelEvents: events,
         DomainEvents: DomainEvents
     });
     eventInterceptor.init();
 };

package/core/server/services/recommendations/RecommendationServiceWrapper.js ADDED Viewed

@@ -0,0 +1,57 @@
+class RecommendationServiceWrapper {
+    /**
+     * @type {import('@tryghost/recommendations').RecommendationRepository}
+     */
+    repository;
+    /**
+     * @type {import('@tryghost/recommendations').RecommendationController}
+     */
+    controller;
+    /**
+     * @type {import('@tryghost/recommendations').RecommendationService}
+     */
+    service;
+    init() {
+        if (this.repository) {
+            return;
+        }
+        const config = require('../../../shared/config');
+        const urlUtils = require('../../../shared/url-utils');
+        const models = require('../../models');
+        const sentry = require('../../../shared/sentry');
+        const {BookshelfRecommendationRepository, RecommendationService, RecommendationController, WellknownService} = require('@tryghost/recommendations');
+        const mentions = require('../mentions');
+        if (!mentions.sendingService) {
+            // eslint-disable-next-line ghost/ghost-custom/no-native-error
+            throw new Error('MentionSendingService not intialized, but this is a dependency of RecommendationServiceWrapper. Check boot order.');
+        }
+        const wellknownService = new WellknownService({
+            dir: config.getContentPath('public'),
+            urlUtils
+        });
+        this.repository = new BookshelfRecommendationRepository(models.Recommendation, {
+            sentry
+        });
+        this.service = new RecommendationService({
+            repository: this.repository,
+            wellknownService,
+            mentionSendingService: mentions.sendingService
+        });
+        this.controller = new RecommendationController({
+            service: this.service
+        });
+        // eslint-disable-next-line no-console
+        this.service.init().catch(console.error);
+    }
+}
+module.exports = RecommendationServiceWrapper;

package/core/server/services/recommendations/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+const RecommendationServiceWrapper = require('./RecommendationServiceWrapper');
+module.exports = new RecommendationServiceWrapper();

package/core/server/web/admin/app.js CHANGED Viewed

@@ -25,7 +25,7 @@ module.exports = function setupAdminApp() {
     adminApp.use('/assets', serveStatic(
         path.join(config.get('paths').adminAssets, 'assets'), {
             maxAge: (configMaxAge || configMaxAge === 0) ? configMaxAge : constants.ONE_YEAR_MS,
-            immutable: true,
+            immutable: true,
             fallthrough: false
         }
     ));
@@ -59,7 +59,7 @@ module.exports = function setupAdminApp() {
     // Finally, routing
     adminApp.get('*', require('./controller'));
-    adminApp.use((err, req, res, next) => {
+    adminApp.use(function fourOhFourMw(err, req, res, next) {
         if (err.statusCode && err.statusCode === 404) {
             // Remove 404 errors for next middleware to inject
             next();

package/core/server/web/api/endpoints/admin/middleware.js CHANGED Viewed

@@ -8,7 +8,7 @@ const messages = {
     notImplemented: 'The server does not support the functionality required to fulfill the request.'
 };
-const notImplemented = function (req, res, next) {
+const notImplemented = function notImplemented(req, res, next) {
     // CASE: user is logged in, allow
     if (!req.api_key) {
         return next();

package/core/server/web/api/endpoints/admin/routes.js CHANGED Viewed

@@ -20,9 +20,9 @@ module.exports = function apiRoutes() {
     router.post('/mail_events', mw.publicAdminApi, http(api.mailEvents.add));
     // ## Collections
-    router.get('/collections', mw.authAdminApi, labs.enabledMiddleware('collections'), http(api.collections.browse));
-    router.get('/collections/:id', mw.authAdminApi, labs.enabledMiddleware('collections'), http(api.collections.read));
-    router.get('/collections/slug/:slug', mw.authAdminApi, labs.enabledMiddleware('collections'), http(api.collections.read));
+    router.get('/collections', mw.authAdminApi, http(api.collections.browse));
+    router.get('/collections/:id', mw.authAdminApi, http(api.collections.read));
+    router.get('/collections/slug/:slug', mw.authAdminApi, http(api.collections.read));
     router.post('/collections', mw.authAdminApi, labs.enabledMiddleware('collections'), http(api.collections.add));
     router.put('/collections/:id', mw.authAdminApi, labs.enabledMiddleware('collections'), http(api.collections.edit));
     router.del('/collections/:id', mw.authAdminApi, labs.enabledMiddleware('collections'), http(api.collections.destroy));
@@ -347,5 +347,11 @@ module.exports = function apiRoutes() {
     router.get('/links', mw.authAdminApi, http(api.links.browse));
     router.put('/links/bulk', mw.authAdminApi, http(api.links.bulkEdit));
+    // Recommendations
+    router.get('/recommendations', mw.authAdminApi, http(api.recommendations.browse));
+    router.post('/recommendations', mw.authAdminApi, http(api.recommendations.add));
+    router.put('/recommendations/:id', mw.authAdminApi, http(api.recommendations.edit));
+    router.del('/recommendations/:id', mw.authAdminApi, http(api.recommendations.destroy));
     return router;
 };

package/core/server/web/api/endpoints/content/routes.js CHANGED Viewed

@@ -42,5 +42,8 @@ module.exports = function apiRoutes() {
     router.get('/collections/:id', mw.authenticatePublic, http(api.collectionsPublic.readById));
     router.get('/collections/slug/:slug', mw.authenticatePublic, http(api.collectionsPublic.readBySlug));
+    // ## Recommendations
+    router.get('/recommendations', mw.authenticatePublic, http(api.recommendationsPublic.browse));
     return router;
 };

package/core/server/web/api/middleware/cors.js CHANGED Viewed

@@ -87,7 +87,7 @@ function corsOptionsDelegate(req, cb) {
  * @param {Express.Response} res
  * @param {Function} next
  */
-const handleCaching = (req, res, next) => {
+const handleCaching = function handleCaching(req, res, next) {
     const method = req.method && req.method.toUpperCase && req.method.toUpperCase();
     if (method === 'OPTIONS') {
         // @NOTE: try to add native support for dynamic 'vary' header value in 'cors' module

package/core/server/web/api/middleware/upload.js CHANGED Viewed

@@ -47,7 +47,7 @@ const upload = multer({dest: os.tmpdir()});
 const deleteSingleFile = file => fs.unlink(file.path).catch(err => logging.error(err));
-const single = name => (req, res, next) => {
+const single = name => function singleUploadFunction(req, res, next) {
     const singleUpload = upload.single(name);
     singleUpload(req, res, (err) => {
@@ -77,7 +77,7 @@ const single = name => (req, res, next) => {
     });
 };
-const media = (fileName, thumbName) => (req, res, next) => {
+const media = (fileName, thumbName) => function mediaUploadFunction(req, res, next) {
     const mediaUpload = upload.fields([{
         name: fileName,
         maxCount: 1

package/core/server/web/parent/middleware/request-id.js CHANGED Viewed

@@ -3,7 +3,7 @@ const uuid = require('uuid');
 /**
  * @TODO: move this middleware to Framework monorepo?
  */
-module.exports = (req, res, next) => {
+module.exports = function requestIdMw(req, res, next) {
     const requestId = req.get('X-Request-ID') || uuid.v4();
     // Set a value for internal use

package/core/server/web/shared/middleware/uncapitalise.js CHANGED Viewed

@@ -21,7 +21,7 @@ const messages = {
     pageNotFound: 'Page not found"'
 };
-const uncapitalise = (req, res, next) => {
+const uncapitalise = function uncapitalise(req, res, next) {
     let pathToTest = (req.baseUrl ? req.baseUrl : '') + req.path;
     let redirectPath;
     let decodedURI;

package/core/server/web/shared/middleware/url-redirects.js CHANGED Viewed

@@ -87,7 +87,7 @@ _private.getFrontendRedirectUrl = ({requestedHost, requestedUrl, queryParameters
     }
 };
-_private.redirect = (req, res, next, redirectFn) => {
+_private.redirect = function urlRedirectsRedirect(req, res, next, redirectFn) {
     const redirectUrl = redirectFn({
         requestedHost: req.vhost ? req.vhost.host : req.get('host'),
         requestedUrl: url.parse(req.originalUrl || req.url).pathname,
@@ -104,11 +104,11 @@ _private.redirect = (req, res, next, redirectFn) => {
     next();
 };
-const frontendRedirect = (req, res, next) => {
+const frontendRedirect = function frontendRedirect(req, res, next) {
     _private.redirect(req, res, next, _private.getFrontendRedirectUrl);
 };
-const adminRedirect = (req, res, next) => {
+const adminRedirect = function adminRedirect(req, res, next) {
     _private.redirect(req, res, next, _private.getAdminRedirectUrl);
 };

package/core/server/web/well-known.js CHANGED Viewed

@@ -18,7 +18,7 @@ module.exports = function setupWellKnownApp() {
     const cache = cacheControl('public', {maxAge: config.get('caching:wellKnown:maxAge')});
-    wellKnownApp.get('/jwks.json', cache, async (req, res) => {
+    wellKnownApp.get('/jwks.json', cache, async function jwksMiddleware(req, res) {
         const jwks = await getSafePublicJWKS();
         // there's only one key in the store atm

package/core/shared/labs.js CHANGED Viewed

@@ -42,7 +42,8 @@ const ALPHA_FEATURES = [
     'collectionsCard',
     'tipsAndDonations',
     'importMemberTier',
-    'convertToLexical'
+    'recommendations',
+    'lexicalIndicators'
 ];
 module.exports.GA_KEYS = [...GA_FEATURES];

package/core/shared/settings-cache/public.js CHANGED Viewed

@@ -39,5 +39,6 @@ module.exports = {
     portal_plans: 'portal_plans',
     portal_name: 'portal_name',
     portal_button: 'portal_button',
-    comments_enabled: 'comments_enabled'
+    comments_enabled: 'comments_enabled',
+    recommendations_enabled: 'recommendations_enabled'
 };

package/index.js CHANGED Viewed

@@ -1 +1,6 @@
+// Load New Relic
+if (process.env.PRO_ENV) {
+    require('newrelic');
+}
 require('./ghost');

package/newrelic.js ADDED Viewed

@@ -0,0 +1,53 @@
+const config = require('./core/shared/config');
+exports.config = {
+    app_name: ['Ghost'],
+    license_key: config.get('newRelic:licenseKey'),
+    labels: {
+        env: process.env.PRO_ENV || 'unknown',
+        site: config.get('hostSettings:siteId')
+    },
+    // Agent only imported when enabled, but this will further cement that
+    agent_enabled: config.get('newRelic:enabled'),
+    distributed_tracing: {
+        enabled: true
+    },
+    logging: {
+        level: 'info'
+    },
+    slow_sql: {
+        // Default is false.
+        enabled: true,
+        // Default is 10. Increasing this limit increases memory usage
+        // Defines the maximum number of slow queries the agent collects per minute.
+        // The agent discards additional queries after the limit is reached.
+        max_samples: 10
+    },
+    error_collector: {
+        ignore_classes: [
+            // @NOTE: add more error classes to ignore here
+            'ValidationError',
+            'NoPermissionError'
+        ]
+    },
+    transaction_tracer: {
+        enabled: true,
+        record_sql: 'obfuscated'
+    },
+    allow_all_headers: true,
+    attributes: {
+        exclude: [
+            // Default exclusions (TODO: add more!):
+            'request.headers.cookie',
+            'request.headers.authorization',
+            'request.headers.proxyAuthorization',
+            'request.headers.setCookie*',
+            'request.headers.x*',
+            'response.headers.cookie',
+            'response.headers.authorization',
+            'response.headers.proxyAuthorization',
+            'response.headers.setCookie*',
+            'response.headers.x*'
+        ]
+    }
+};