Ghost Release: 5.120.3

TL;DR

Ghost v5.120.3 fixes a critical issue with post previews that was affecting sites with custom themes. The update ensures proper rendering of post previews when no member status is specified, maintaining backward compatibility with existing themes. This release also includes security updates and improvements to Portal and Comments UI components.

Highlight of the Release

• Fixed post preview rendering when member status is not specified
• Security update for multer dependency
• Added configuration option to disable donations feature in Portal
• Updated i18n interpolation in Portal and Comments UI

Migration Guide

No migration steps are required for this update. The changes maintain backward compatibility with existing themes and configurations.

If you're using custom themes that rely on post.access values for preview functionality, this update will restore the expected behavior without any changes needed on your part.

Upgrade Recommendations

This update is recommended for all Ghost users, especially those:

• Using custom themes that rely on post.access values
• Actively using the post preview functionality
• Concerned about security (due to the multer dependency update)

The update addresses a bug that could affect content preview functionality and includes security improvements, making it an important update for maintaining site functionality and security.

Bug Fixes

Post Preview Rendering Fix

Fixed an issue where post previews without the member_status query parameter were not rendering correctly. This bug affected sites with custom themes that change styling or functionality based on the post.access value.

The problem occurred after a recent fix that removed the explicit post.access = true statement to support previewing posts as different member types. While this worked when member_status was specified, it broke the expected behavior when the parameter was absent.

This update restores the legacy behavior by setting post.access = "yes" when no member status is specified, ensuring backward compatibility with existing themes.

New Features

Portal and Comments UI Updates

• Portal v2.51.0:

  • Added new configuration option to disable the donations feature
  • Improved translation string interpolation for better internationalization

• Comments UI v1.2.0:

  • Updated i18n interpolation for improved translation handling

Security Updates

• Updated the multer dependency to version 2, addressing security vulnerabilities in the previous version
• This update helps protect against potential security issues in the file upload handling functionality

Performance Improvements

No specific performance improvements were included in this release.

Impact Summary

Ghost v5.120.3 is primarily a bug fix release that addresses an issue with post preview rendering when no member status is specified. This fix is particularly important for sites using custom themes that rely on the post.access value to determine styling or functionality.

The release also includes security improvements through the update of the multer dependency to version 2, and enhancements to the Portal and Comments UI components, including better internationalization support and a new option to disable the donations feature.

While the changes are relatively minor, they maintain backward compatibility and improve the reliability of core functionality, making this an important update for all Ghost users.

Full Release Notes