- published_by should be set by business logic, rather than by users
Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
no issue
- Uncapitalise was dropping the subdirectory when redirecting - so the base url has been added where present
- Uncapitalise was also working differently in node 0.10 and 0.12 - so the path is decoded before testing for uppercase
- Adds some test coverage
closes#5804, supersedes and closes#5820
- adds a fixed width that flexbox can expand from to prevent flexbox content dictating the width (see https://github.com/TryGhost/Ghost/issues/5804#issuecomment-141416812)
- adds a hack to the casperjs tests reverting the CSS change because phantomjs and flexbox don't get along
- password changes should only be possible from the password change endpoint
Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
- currently, the plural helper doesn't replace % with the number when the number is zero, which is inconsistent
- this change ensures that theme developers can choose to show the number or a plain string
no issue
- upgrades ember-cli, ember-cli-mocha, ember-mocha dependencies
- switches Brocfile.js to ember-cli-build.js
- fixes controller tests with missing needs
Pulled into a separate PR as it doesn't affect running code but does provide access to the very useful component integration tests.
closes#5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
closes#5813
- when transitioning away from a shortcuts route, always specify the scope when unbinding in keymaster to avoid issues when we are temporarily be in a different scope at time of transition
refs #5652
- reverts previous fix (#5698) to return translate3d smoothness
- add separate open-autonav toggle element and style it to always stick to the viewport edge to avoid wandering hover hit areas
refs #5727, #5602
- Add new 'order' column to posts_tags table
- Migrate all existing posts_tags to have a correct value for 'order'
- Rewrite updateTags to not remove all tags, and to correctly maintain order
- Add transaction support for tag operations
- Many tests
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
closes#5692, refs felixrieseberg/Ghost-Azure#1
- fix broken promise code
- fix incorrect handling of hash in user.add which causes 'Error: Invalid salt version 2' if owner user fixture is not present
