Ghost Release: 5.25.0

TL;DR

Ghost v5.25.0 introduces significant email infrastructure improvements with a new email stability system, detailed email debugging tools, and enhanced analytics. This release focuses on making email delivery more reliable and providing better visibility into email failures. It also includes UI improvements for the Lexical editor, fixes for the Members dashboard, and security enhancements. This update is particularly important for newsletter publishers who rely on Ghost's email capabilities.

Highlight of the Release

• New email stability system with improved reliability and debugging
• Enhanced email analytics with new event tracking
• Improved Lexical editor with better keyboard navigation
• New email debug screen for troubleshooting delivery issues
• Security enhancement with disabled editable relations by default

Migration Guide

Email Stability System

If you're using the new email stability system (behind a feature flag), be aware that:

• Emails are now sent using a new renderer with handlebars templates
• The system now uses Mailgun for batch sending when configured
• Email suppressions are tracked and managed differently

Security Changes

The disabled editable relations change is a security enhancement that shouldn't require any action from most users. However, if you've built custom code that relies on editing relational records, you may need to update your code to explicitly enable editable relations where needed.

Node.js Update

This release updates to Node.js 18. If you're running a custom installation, ensure your environment is updated to Node.js 18 for optimal compatibility.

Upgrade Recommendations

Recommended for All Users

This release is recommended for all Ghost users, especially those who rely heavily on the newsletter functionality. The email stability improvements and debugging tools provide significant benefits for newsletter publishers.

Critical for Security

The security fix for editable relations makes this update particularly important for sites that are publicly accessible. This fix addresses a vulnerability where members could potentially edit newsletter settings.

Update Timeline

• Newsletter Publishers: Update as soon as possible to benefit from improved email reliability and debugging tools
• General Users: Update at your earliest convenience
• Development/Testing Sites: Update and test with your custom themes and integrations

Bug Fixes

• Fixed post title in the filter dropdown on the Members page
• Removed member's activity double scrolling issue
• Fixed invalid query strings in tests
• Fixed error logging in importer to show actual error messages
• Removed spaces and quotes from replacement IDs in emails
• Fixed email batches and recipient pagination
• Fixed text color bug in box button links
• Fixed email debug page always showing error and breadcrumb issues

New Features

Email Stability System

• Added new email renderer implementation with handlebars templates
• Implemented Mailgun provider for sending batch emails
• Added email preview and testing using the new email flow
• Added support for concurrent batch sending (10 batches simultaneously)

Email Debugging and Analytics

• Added comprehensive email debug screen for visualizing email failures
• Created new tables to store email recipient failures and spam complaints
• Added API endpoints for email batch and recipient failure data
• Enhanced post analytics with new email events (Sent, Received, Bounced)

Lexical Editor Improvements

• Added URL transform for image cards in Lexical documents
• Implemented title-to-editor keyboard handling
• Added top-of-document handling for improved navigation

Member Management

• Added email suppression FAQ modal in Portal
• Fixed double scrolling issue in member's activity view
• Fixed post title display in filter dropdown on Members page

Security Updates

• Disabled editable relations by default to prevent unwanted nested saves
• Fixed vulnerability where members were able to edit newsletter settings
• Added unique constraint to email_spam_complaint_events table to prevent duplicate entries
• Improved error handling and storage for email failures

Performance Improvements

• Improved email sending concurrency by sending 10 batches simultaneously
• Optimized email event processing with dedicated processor
• Enhanced test coverage configuration for better performance
• Tweaked code coverage config for e2e tests to exclude unnecessary files
• Updated Node.js to v18 for better performance

Impact Summary

Ghost v5.25.0 represents a significant enhancement to the platform's email infrastructure, making it more reliable, debuggable, and robust. The new email stability system provides better handling of email delivery, while the comprehensive debug tools give publishers unprecedented visibility into email failures.

The security fix addressing editable relations is an important improvement that prevents potential unauthorized modifications to newsletter settings. This change makes the platform more secure by default while maintaining flexibility for developers.

For content creators, the improvements to the Lexical editor and post analytics provide a smoother editing experience and better insights into content performance. The enhanced event tracking for emails gives publishers more accurate data about how their newsletters are performing.

The update to Node.js 18 ensures Ghost remains on a modern, supported foundation, while the various performance improvements contribute to a more efficient platform overall.

This release balances new features with important fixes and infrastructure improvements, making it a valuable update for all Ghost users, but especially those who rely on the newsletter functionality.

Full Release Notes