[pull] main from TryGhost:main#1135
Merged
Merged
Conversation
…27834) Adds a `{{#social_accounts}}` block helper that iterates over the connected social platforms on a given source object, replacing the ~27 lines of repetitive `{{#if twitter}}…{{#if facebook}}…` blocks that themes currently need for a row of social icons. ```hbs {{#social_accounts @site}} <a class="gh-social-link" href="{{href}}" target="_blank" rel="noopener" aria-label="{{name}}"> {{> (concat "icons/" type)}} </a> {{/social_accounts}} ``` Per-iteration the helper exposes `{type, href, username, name}` plus standard `@first` / `@last` / `@index` frame vars. The link uses `href` rather than `url` to avoid colliding with the existing `{{url}}` helper, which would otherwise win over the per-iteration property in the handlebars resolution order. Themes keep full control of their markup (wrapper classes, icon partials, link attributes); the helper just iterates platforms with a username set and builds the URL via `@tryghost/social-urls`. Platform order matches the admin "Social accounts" settings UI. ## Design — one obvious way, no magic The source object **must** be passed explicitly as a positional argument: ```hbs {{#social_accounts @site}}…{{/social_accounts}} {{!-- site-level accounts --}} {{#social_accounts author}}…{{/social_accounts}} {{!-- a specific author --}} {{#foreach authors}} {{#social_accounts this}}…{{/social_accounts}} {{!-- inside an author loop --}} {{/foreach}} ``` Calling it bare (`{{#social_accounts}}`) or as an inline helper (no `#`) throws an `IncorrectUsageError` with a help link. We deliberately chose **not** to follow the implicit-context-fallback pattern used by `{{social_url type=…}}` (which walks `this` then falls back to `@site` via `localUtils.findKey`). Reasons: - **Self-documenting call sites.** Reading any usage tells you exactly which object is being rendered, with no need to know the surrounding template scope. - **No surprises in nested contexts.** Inside `{{#foreach authors}}`, magic context-walking would silently switch source — convenient when intended, confusing when not. - **Symmetric.** Neither site nor author is privileged. - **One-way door.** Strict-now is easy to loosen later if it proves painful; adding magic now is hard to remove without a breaking change. - **Fail loud.** Silent empty output is a theme-developer debugging nightmare across thousands of sites; an `IncorrectUsageError` at theme-dev time is the kindness.
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@tryghost/adapter-base-cache](https://redirect.github.com/TryGhost/SDK) ([source](https://redirect.github.com/TryGhost/SDK/tree/HEAD/packages/adapter-base-cache)) | [`0.1.23` → `0.1.25`](https://renovatebot.com/diffs/npm/@tryghost%2fadapter-base-cache/0.1.23/0.1.25) |  |  | | [@tryghost/admin-api-schema](https://redirect.github.com/TryGhost/SDK) ([source](https://redirect.github.com/TryGhost/SDK/tree/HEAD/packages/admin-api-schema)) | [`4.7.2` → `4.7.4`](https://renovatebot.com/diffs/npm/@tryghost%2fadmin-api-schema/4.7.2/4.7.4) |  |  | | [@tryghost/bookshelf-plugins](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/bookshelf-plugins)) | [`2.0.3` → `2.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2fbookshelf-plugins/2.0.3/2.2.0) |  |  | | [@tryghost/debug](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/debug)) | [`2.1.0` → `2.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2fdebug/2.1.0/2.2.0) |  |  | | [@tryghost/logging](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/logging)) | [`4.1.0` → `4.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2flogging/4.1.0/4.2.0) |  |  | | [@tryghost/pretty-cli](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/pretty-cli)) | [`3.1.0` → `3.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2fpretty-cli/3.1.0/3.2.0) |  |  | | [@tryghost/promise](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/promise)) | [`2.1.0` → `2.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2fpromise/2.1.0/2.2.0) |  |  | | [@tryghost/referrer-parser](https://ghost.org) ([source](https://redirect.github.com/TryGhost/SDK/tree/HEAD/packages/referrer-parser)) | [`0.1.15` → `0.1.17`](https://renovatebot.com/diffs/npm/@tryghost%2freferrer-parser/0.1.15/0.1.17) |  |  | | [@tryghost/root-utils](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/root-utils)) | [`2.1.0` → `2.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2froot-utils/2.1.0/2.2.0) |  |  | | [@tryghost/social-urls](https://redirect.github.com/TryGhost/SDK) ([source](https://redirect.github.com/TryGhost/SDK/tree/HEAD/packages/social-urls)) | [`0.1.60` → `0.1.62`](https://renovatebot.com/diffs/npm/@tryghost%2fsocial-urls/0.1.60/0.1.62) |  |  | | [@tryghost/tpl](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/tpl)) | [`2.1.0` → `2.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2ftpl/2.1.0/2.2.0) |  |  | | [@tryghost/version](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/version)) | [`2.1.0` → `2.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2fversion/2.1.0/2.2.0) |  |  | | [@tryghost/zip](https://redirect.github.com/TryGhost/framework) ([source](https://redirect.github.com/TryGhost/framework/tree/HEAD/packages/zip)) | [`3.1.0` → `3.2.0`](https://renovatebot.com/diffs/npm/@tryghost%2fzip/3.1.0/3.2.0) |  |  | --- ### Release Notes <details> <summary>TryGhost/SDK (@​tryghost/adapter-base-cache)</summary> ### [`v0.1.25`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/adapter-base-cache@0.1.24...@tryghost/adapter-base-cache@0.1.25) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/adapter-base-cache@0.1.24...@tryghost/adapter-base-cache@0.1.25) ### [`v0.1.24`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/adapter-base-cache@0.1.23...@tryghost/adapter-base-cache@0.1.24) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/adapter-base-cache@0.1.23...@tryghost/adapter-base-cache@0.1.24) </details> <details> <summary>TryGhost/SDK (@​tryghost/admin-api-schema)</summary> ### [`v4.7.4`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/admin-api-schema@4.7.3...@tryghost/admin-api-schema@4.7.4) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/admin-api-schema@4.7.3...@tryghost/admin-api-schema@4.7.4) ### [`v4.7.3`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/admin-api-schema@4.7.2...@tryghost/admin-api-schema@4.7.3) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/admin-api-schema@4.7.2...@tryghost/admin-api-schema@4.7.3) </details> <details> <summary>TryGhost/framework (@​tryghost/bookshelf-plugins)</summary> ### [`v2.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/bookshelf-plugins@2.1.0...@tryghost/bookshelf-plugins@2.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/bookshelf-plugins@2.1.0...@tryghost/bookshelf-plugins@2.2.0) ### [`v2.1.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/bookshelf-plugins@2.0.3...@tryghost/bookshelf-plugins@2.1.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/bookshelf-plugins@2.0.3...@tryghost/bookshelf-plugins@2.1.0) </details> <details> <summary>TryGhost/framework (@​tryghost/debug)</summary> ### [`v2.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/debug@2.1.0...@tryghost/debug@2.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/debug@2.1.0...@tryghost/debug@2.2.0) </details> <details> <summary>TryGhost/framework (@​tryghost/logging)</summary> ### [`v4.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/logging@4.1.1...@tryghost/logging@4.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/logging@4.1.1...@tryghost/logging@4.2.0) ### [`v4.1.1`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/logging@4.1.0...@tryghost/logging@4.1.1) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/logging@4.1.0...@tryghost/logging@4.1.1) </details> <details> <summary>TryGhost/framework (@​tryghost/pretty-cli)</summary> ### [`v3.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/pretty-cli@3.1.0...@tryghost/pretty-cli@3.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/pretty-cli@3.1.0...@tryghost/pretty-cli@3.2.0) </details> <details> <summary>TryGhost/framework (@​tryghost/promise)</summary> ### [`v2.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/promise@2.1.0...@tryghost/promise@2.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/promise@2.1.0...@tryghost/promise@2.2.0) </details> <details> <summary>TryGhost/SDK (@​tryghost/referrer-parser)</summary> ### [`v0.1.17`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/referrer-parser@0.1.16...@tryghost/referrer-parser@0.1.17) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/referrer-parser@0.1.16...@tryghost/referrer-parser@0.1.17) ### [`v0.1.16`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/referrer-parser@0.1.15...@tryghost/referrer-parser@0.1.16) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/referrer-parser@0.1.15...@tryghost/referrer-parser@0.1.16) </details> <details> <summary>TryGhost/framework (@​tryghost/root-utils)</summary> ### [`v2.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/root-utils@2.1.0...@tryghost/root-utils@2.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/root-utils@2.1.0...@tryghost/root-utils@2.2.0) </details> <details> <summary>TryGhost/SDK (@​tryghost/social-urls)</summary> ### [`v0.1.62`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/social-urls@0.1.61...@tryghost/social-urls@0.1.62) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/social-urls@0.1.61...@tryghost/social-urls@0.1.62) ### [`v0.1.61`](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/social-urls@0.1.60...@tryghost/social-urls@0.1.61) [Compare Source](https://redirect.github.com/TryGhost/SDK/compare/@tryghost/social-urls@0.1.60...@tryghost/social-urls@0.1.61) </details> <details> <summary>TryGhost/framework (@​tryghost/tpl)</summary> ### [`v2.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/tpl@2.1.0...@tryghost/tpl@2.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/tpl@2.1.0...@tryghost/tpl@2.2.0) </details> <details> <summary>TryGhost/framework (@​tryghost/version)</summary> ### [`v2.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/version@2.1.0...@tryghost/version@2.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/version@2.1.0...@tryghost/version@2.2.0) </details> <details> <summary>TryGhost/framework (@​tryghost/zip)</summary> ### [`v3.2.0`](https://redirect.github.com/TryGhost/framework/compare/@tryghost/zip@3.1.0...@tryghost/zip@3.2.0) [Compare Source](https://redirect.github.com/TryGhost/framework/compare/@tryghost/zip@3.1.0...@tryghost/zip@3.2.0) </details> --- ### Configuration 📅 **Schedule**: (in timezone Etc/UTC) - Branch creation - Only on Sunday and Saturday (`* * * * 0,6`) - Between 12:00 AM and 12:59 PM, only on Monday (`* 0-12 * * 1`) - Between 09:00 PM and 11:59 PM, Monday through Friday (`* 21-23 * * 1-5`) - Between 12:00 AM and 04:59 AM, Tuesday through Saturday (`* 0-4 * * 2-6`) - Automerge - Only on Sunday and Saturday (`* * * * 0,6`) - Between 12:00 AM and 12:59 PM, only on Monday (`* 0-12 * * 1`) - Between 10:00 PM and 11:59 PM, Monday through Friday (`* 22-23 * * 1-5`) - Between 12:00 AM and 04:59 AM, Tuesday through Saturday (`* 0-4 * * 2-6`) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/TryGhost/Ghost). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzMuNiIsInVwZGF0ZWRJblZlciI6IjQzLjE3My42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
…heckout (#27845) ref https://linear.app/ghost/issue/BER-3647 - the public `create-stripe-checkout-session` endpoint forwarded caller-supplied `successUrl` / `cancelUrl` verbatim to Stripe, which would redirect users to any external URL after checkout - turning the Ghost site into an open-redirect launch pad - the same applied to `create-stripe-checkout-setup-session` and `create-stripe-billing-portal-session` (both behind an identity token, but still worth tightening) - now reject any return URL whose origin or subpath doesn't match `urlUtils.getSiteUrl()`, letting the downstream stripe-api fall back to its existing same-origin defaults; the gift flow keeps its site-root cancelUrl fallback since Stripe gift checkout has no config-level default for `cancel_url` - subpath comparison normalizes both sides to trailing-slash form, so `/blog` and `/blog/` are treated equivalently while `/blogger` is rejected
ref https://linear.app/ghost/issue/BER-3529/ When building gift subscriptions, several strings in Portal were intentionally left as English literals because copy was still being reviewed. Those screens were marked with `// TODO: Add translation strings once copy has been finalised` (and `/* eslint-disable i18next/no-literal-string */` in a few files). Copy has now been reviewed for the most part, so we're wrapping English literals into translatable strings.
Closes https://linear.app/ghost/issue/DES-1373/oss-issue-ui-avatar-aspect-ratio-on-comments-due-to-expertise and #27795 Ensures that avatars retain their aspect ratio when expertise wrap over more than 1 line.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )