shopify_app 18.0.1 → 18.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (38) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/build.yml +2 -3
  3. data/.nvmrc +1 -1
  4. data/.ruby-version +1 -1
  5. data/CHANGELOG.md +21 -0
  6. data/CONTRIBUTING.md +6 -1
  7. data/Gemfile.lock +108 -94
  8. data/README.md +2 -1
  9. data/app/assets/javascripts/shopify_app/app_bridge_1.30.0.js +1 -0
  10. data/app/assets/javascripts/shopify_app/app_bridge_redirect.js +23 -0
  11. data/app/assets/javascripts/shopify_app/redirect.js +9 -11
  12. data/app/assets/javascripts/shopify_app/storage_access.js +5 -11
  13. data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb +15 -2
  14. data/app/controllers/shopify_app/webhooks_controller.rb +1 -2
  15. data/app/views/shopify_app/sessions/enable_cookies.html.erb +8 -1
  16. data/app/views/shopify_app/sessions/request_storage_access.html.erb +17 -10
  17. data/app/views/shopify_app/shared/redirect.html.erb +7 -1
  18. data/config/locales/zh-CN.yml +1 -1
  19. data/docs/shopify_app/engine.md +2 -2
  20. data/docs/shopify_app/handling-access-scopes-changes.md +11 -1
  21. data/docs/shopify_app/script-tags.md +1 -1
  22. data/docs/shopify_app/webhooks.md +2 -2
  23. data/lib/generators/shopify_app/home_controller/templates/index.html.erb +4 -0
  24. data/lib/generators/shopify_app/install/install_generator.rb +5 -1
  25. data/lib/generators/shopify_app/install/templates/embedded_app.html.erb +2 -0
  26. data/lib/generators/shopify_app/install/templates/shopify_app_importmap.js +13 -0
  27. data/lib/shopify_app/controller_concerns/login_protection.rb +6 -0
  28. data/lib/shopify_app/middleware/jwt_middleware.rb +1 -0
  29. data/lib/shopify_app/session/jwt.rb +4 -0
  30. data/lib/shopify_app/version.rb +1 -1
  31. data/lib/shopify_app.rb +8 -0
  32. data/package.json +1 -1
  33. data/shopify_app.gemspec +3 -3
  34. data/translation.yml +1 -1
  35. data/yarn.lock +97 -82
  36. metadata +9 -14
  37. data/config/locales/hi.yml +0 -23
  38. data/config/locales/ms.yml +0 -22
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 05a2dce084fe578139757483538102b6f57d1fc4ec6935ae8ce4d11df7a914cf
4
- data.tar.gz: 789a109b204a143850cc0c7d3fe14c6d4519b94d89671d46ddb09101283ceb7a
3
+ metadata.gz: 85eb4cdd7fac0b5aef1c84b39cbf85d96d068e04ee6a9de66870000e7ab5c30b
4
+ data.tar.gz: a6958a471887ebd1e3b45732eab2f210db0e5788b309d5f8678a1d8138eabcf8
5
5
  SHA512:
6
- metadata.gz: 2cee778a503dc5652623f9b2d6e82b9844dff44840d77b57e8ecc4051bb7b3dd1707ba35cc2df93f348006da29251290b82c32988499f0e864d65d0d868bf00e
7
- data.tar.gz: 6ff6e53fb49335ee6e151ce8d21d2b7bd66b8f9267b9ed03ef589282bc9db2e5e9a3c17e4d2dfcec6fca5cc7fe59676d28dc4762254b6dfab356f2bcc9c47ec4
6
+ metadata.gz: 35a3894f7588fb7eec5ecd0c093df12ef4fc5b5fe14a1d80d7d18f2bba8e6c48e9e1a3bbd8aeb6b0cbf31ff55b1401598a5d8660bf9a0a383b24bf6133641b67
7
+ data.tar.gz: c20fb9f5e670060b3cf68132d6e4c8b5685323b98cf811de9a4828eceb4942edcd4c7a0dae0675c618d7af35a4ee3c3586f0dadd639eb0946fec8f529e2ffacf
@@ -12,7 +12,7 @@ jobs:
12
12
  name: Ruby ${{ matrix.version }}
13
13
  strategy:
14
14
  matrix:
15
- version: [2.5, 2.6, 2.7]
15
+ version: ['2.6', '2.7', '3.0']
16
16
 
17
17
  steps:
18
18
  - uses: actions/checkout@v2
@@ -24,7 +24,7 @@ jobs:
24
24
  key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
25
25
  - name: Set up Ruby ${{ matrix.version }}
26
26
  uses: ruby/setup-ruby@v1
27
- with:
27
+ with:
28
28
  ruby-version: ${{ matrix.version }}
29
29
  bundler-cache: true
30
30
  - name: Set up Node
@@ -38,4 +38,3 @@ jobs:
38
38
  run: |
39
39
  yarn test
40
40
  bundle exec rake test
41
-
data/.nvmrc CHANGED
@@ -1 +1 @@
1
- 8.10.0
1
+ 12.22.8
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- 2.5.0
1
+ 3.0.3
data/CHANGELOG.md CHANGED
@@ -1,3 +1,24 @@
1
+ 18.1.0 (Jan 28, 2022)
2
+ ----------
3
+ * Support Rails 7 [#1354](https://github.com/Shopify/shopify_app/pull/1354)
4
+ * Fix webhooks handling in Ruby 3 [#1342](https://github.com/Shopify/shopify_app/pull/1342)
5
+ * Update to Ruby 3 and drop support to Ruby 2.5 [#1359](https://github.com/Shopify/shopify_app/pull/1359)
6
+
7
+ 18.0.4 (Jan 27, 2022)
8
+ ----------
9
+ * Use App Bridge client for redirect [#1247](https://github.com/Shopify/shopify_app/pull/1247)
10
+ * Replaces deprecated EASDK with App Bridge when redirecting out of an embedded iframe.
11
+
12
+ 18.0.3 (Jan 7, 2022)
13
+ ----------
14
+ * Change regexp to match standard ngrok URLs. [#1311](https://github.com/Shopify/shopify_app/pull/1311)
15
+ * Make `EnsureAuthenticatedLinks` compatible with AppBridge 2.0. [#1277](https://github.com/Shopify/shopify_app/pull/1277)
16
+ * Includes the `host` parameter when redirecting to the splash page in an unauthenticated state.
17
+
18
+ 18.0.2 (Jun 15, 2021)
19
+ ----------
20
+ * Added careers link to readme. [#1274](https://github.com/Shopify/shopify_app/pull/1274)
21
+
1
22
  18.0.1 (May 7, 2021)
2
23
  ----------
3
24
  * Fix bug causing OAuth flow to fail due to CSP violation. [#1265](https://github.com/Shopify/shopify_app/pull/1265)
data/CONTRIBUTING.md CHANGED
@@ -73,4 +73,9 @@ Please follow these steps to have your contribution considered by the maintainer
73
73
  <summary>What if the status checks are failing?</summary>
74
74
 
75
75
  While the prerequisites above must be satisfied prior to having your pull request reviewed, the reviewer(s) may ask you to complete additional design work, tests, or other changes before your pull request can be ultimately accepted.
76
- </details>
76
+ </details>
77
+
78
+ ### App Bridge client
79
+
80
+ This gem ships with a UMD version of the App Bridge client. It lives inside the assets folder: `app/assets/javascripts/shopify_app/`. To update the client, simply download the UMD build from [unpkg.com](https://unpkg.com/@shopify/app-bridge) and save it into the folder.
81
+ Please follow the convention of including the client version number in the filename. Finally, change the reference to the new App Bridge client inside `app/assets/javascripts/shopify_app/app_bridge_redirect.js`.
data/Gemfile.lock CHANGED
@@ -1,136 +1,150 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- shopify_app (18.0.1)
5
- browser_sniffer (~> 1.2.2)
4
+ shopify_app (18.1.0)
5
+ browser_sniffer (~> 1.4.0)
6
6
  jwt (>= 2.2.3)
7
7
  omniauth-rails_csrf_protection
8
8
  omniauth-shopify-oauth2 (~> 2.3)
9
- rails (> 5.2.1, < 6.2)
9
+ rails (> 5.2.1)
10
10
  redirect_safely (~> 1.0)
11
11
  shopify_api (~> 9.4)
12
12
 
13
13
  GEM
14
14
  remote: https://rubygems.org/
15
15
  specs:
16
- actioncable (6.1.3.1)
17
- actionpack (= 6.1.3.1)
18
- activesupport (= 6.1.3.1)
16
+ actioncable (6.1.4.4)
17
+ actionpack (= 6.1.4.4)
18
+ activesupport (= 6.1.4.4)
19
19
  nio4r (~> 2.0)
20
20
  websocket-driver (>= 0.6.1)
21
- actionmailbox (6.1.3.1)
22
- actionpack (= 6.1.3.1)
23
- activejob (= 6.1.3.1)
24
- activerecord (= 6.1.3.1)
25
- activestorage (= 6.1.3.1)
26
- activesupport (= 6.1.3.1)
21
+ actionmailbox (6.1.4.4)
22
+ actionpack (= 6.1.4.4)
23
+ activejob (= 6.1.4.4)
24
+ activerecord (= 6.1.4.4)
25
+ activestorage (= 6.1.4.4)
26
+ activesupport (= 6.1.4.4)
27
27
  mail (>= 2.7.1)
28
- actionmailer (6.1.3.1)
29
- actionpack (= 6.1.3.1)
30
- actionview (= 6.1.3.1)
31
- activejob (= 6.1.3.1)
32
- activesupport (= 6.1.3.1)
28
+ actionmailer (6.1.4.4)
29
+ actionpack (= 6.1.4.4)
30
+ actionview (= 6.1.4.4)
31
+ activejob (= 6.1.4.4)
32
+ activesupport (= 6.1.4.4)
33
33
  mail (~> 2.5, >= 2.5.4)
34
34
  rails-dom-testing (~> 2.0)
35
- actionpack (6.1.3.1)
36
- actionview (= 6.1.3.1)
37
- activesupport (= 6.1.3.1)
35
+ actionpack (6.1.4.4)
36
+ actionview (= 6.1.4.4)
37
+ activesupport (= 6.1.4.4)
38
38
  rack (~> 2.0, >= 2.0.9)
39
39
  rack-test (>= 0.6.3)
40
40
  rails-dom-testing (~> 2.0)
41
41
  rails-html-sanitizer (~> 1.0, >= 1.2.0)
42
- actiontext (6.1.3.1)
43
- actionpack (= 6.1.3.1)
44
- activerecord (= 6.1.3.1)
45
- activestorage (= 6.1.3.1)
46
- activesupport (= 6.1.3.1)
42
+ actiontext (6.1.4.4)
43
+ actionpack (= 6.1.4.4)
44
+ activerecord (= 6.1.4.4)
45
+ activestorage (= 6.1.4.4)
46
+ activesupport (= 6.1.4.4)
47
47
  nokogiri (>= 1.8.5)
48
- actionview (6.1.3.1)
49
- activesupport (= 6.1.3.1)
48
+ actionview (6.1.4.4)
49
+ activesupport (= 6.1.4.4)
50
50
  builder (~> 3.1)
51
51
  erubi (~> 1.4)
52
52
  rails-dom-testing (~> 2.0)
53
53
  rails-html-sanitizer (~> 1.1, >= 1.2.0)
54
- activejob (6.1.3.1)
55
- activesupport (= 6.1.3.1)
54
+ activejob (6.1.4.4)
55
+ activesupport (= 6.1.4.4)
56
56
  globalid (>= 0.3.6)
57
- activemodel (6.1.3.1)
58
- activesupport (= 6.1.3.1)
57
+ activemodel (6.1.4.4)
58
+ activesupport (= 6.1.4.4)
59
59
  activemodel-serializers-xml (1.0.2)
60
60
  activemodel (> 5.x)
61
61
  activesupport (> 5.x)
62
62
  builder (~> 3.1)
63
- activerecord (6.1.3.1)
64
- activemodel (= 6.1.3.1)
65
- activesupport (= 6.1.3.1)
63
+ activerecord (6.1.4.4)
64
+ activemodel (= 6.1.4.4)
65
+ activesupport (= 6.1.4.4)
66
66
  activeresource (5.1.1)
67
67
  activemodel (>= 5.0, < 7)
68
68
  activemodel-serializers-xml (~> 1.0)
69
69
  activesupport (>= 5.0, < 7)
70
- activestorage (6.1.3.1)
71
- actionpack (= 6.1.3.1)
72
- activejob (= 6.1.3.1)
73
- activerecord (= 6.1.3.1)
74
- activesupport (= 6.1.3.1)
70
+ activestorage (6.1.4.4)
71
+ actionpack (= 6.1.4.4)
72
+ activejob (= 6.1.4.4)
73
+ activerecord (= 6.1.4.4)
74
+ activesupport (= 6.1.4.4)
75
75
  marcel (~> 1.0.0)
76
- mini_mime (~> 1.0.2)
77
- activesupport (6.1.3.1)
76
+ mini_mime (>= 1.1.0)
77
+ activesupport (6.1.4.4)
78
78
  concurrent-ruby (~> 1.0, >= 1.0.2)
79
79
  i18n (>= 1.6, < 2)
80
80
  minitest (>= 5.1)
81
81
  tzinfo (~> 2.0)
82
82
  zeitwerk (~> 2.3)
83
- addressable (2.7.0)
83
+ addressable (2.8.0)
84
84
  public_suffix (>= 2.0.2, < 5.0)
85
85
  ast (2.4.1)
86
86
  binding_of_caller (0.8.0)
87
87
  debug_inspector (>= 0.0.1)
88
- browser_sniffer (1.2.2)
88
+ browser_sniffer (1.4.0)
89
89
  builder (3.2.4)
90
90
  byebug (11.1.3)
91
91
  coderay (1.1.3)
92
- concurrent-ruby (1.1.8)
92
+ concurrent-ruby (1.1.9)
93
93
  crack (0.4.4)
94
94
  crass (1.0.6)
95
95
  debug_inspector (0.0.3)
96
96
  erubi (1.10.0)
97
- faraday (1.4.1)
97
+ faraday (1.9.3)
98
+ faraday-em_http (~> 1.0)
99
+ faraday-em_synchrony (~> 1.0)
98
100
  faraday-excon (~> 1.1)
101
+ faraday-httpclient (~> 1.0)
102
+ faraday-multipart (~> 1.0)
99
103
  faraday-net_http (~> 1.0)
100
- faraday-net_http_persistent (~> 1.1)
101
- multipart-post (>= 1.2, < 3)
104
+ faraday-net_http_persistent (~> 1.0)
105
+ faraday-patron (~> 1.0)
106
+ faraday-rack (~> 1.0)
107
+ faraday-retry (~> 1.0)
102
108
  ruby2_keywords (>= 0.0.4)
109
+ faraday-em_http (1.0.0)
110
+ faraday-em_synchrony (1.0.0)
103
111
  faraday-excon (1.1.0)
112
+ faraday-httpclient (1.0.1)
113
+ faraday-multipart (1.0.3)
114
+ multipart-post (>= 1.2, < 3)
104
115
  faraday-net_http (1.0.1)
105
- faraday-net_http_persistent (1.1.0)
106
- globalid (0.4.2)
107
- activesupport (>= 4.2.0)
108
- graphql (1.12.8)
109
- graphql-client (0.16.0)
116
+ faraday-net_http_persistent (1.2.0)
117
+ faraday-patron (1.0.0)
118
+ faraday-rack (1.0.0)
119
+ faraday-retry (1.0.3)
120
+ globalid (1.0.0)
121
+ activesupport (>= 5.0)
122
+ graphql (1.13.6)
123
+ graphql-client (0.17.0)
110
124
  activesupport (>= 3.0)
111
- graphql (~> 1.8)
125
+ graphql (~> 1.10)
112
126
  hashdiff (1.0.1)
113
- hashie (4.1.0)
114
- i18n (1.8.9)
127
+ hashie (5.0.0)
128
+ i18n (1.9.1)
115
129
  concurrent-ruby (~> 1.0)
116
- jwt (2.2.3)
117
- loofah (2.9.0)
130
+ jwt (2.3.0)
131
+ loofah (2.13.0)
118
132
  crass (~> 1.0.2)
119
133
  nokogiri (>= 1.5.9)
120
134
  mail (2.7.1)
121
135
  mini_mime (>= 0.1.1)
122
- marcel (1.0.1)
136
+ marcel (1.0.2)
123
137
  method_source (0.9.2)
124
- mini_mime (1.0.3)
125
- mini_portile2 (2.5.0)
138
+ mini_mime (1.1.2)
139
+ mini_portile2 (2.6.1)
126
140
  minitest (5.14.4)
127
141
  mocha (1.11.2)
128
142
  multi_json (1.15.0)
129
143
  multi_xml (0.6.0)
130
144
  multipart-post (2.1.1)
131
- nio4r (2.5.7)
132
- nokogiri (1.11.2)
133
- mini_portile2 (~> 2.5.0)
145
+ nio4r (2.5.8)
146
+ nokogiri (1.12.5)
147
+ mini_portile2 (~> 2.6.1)
134
148
  racc (~> 1.4)
135
149
  oauth2 (1.4.7)
136
150
  faraday (>= 0.8, < 2.0)
@@ -142,7 +156,7 @@ GEM
142
156
  hashie (>= 3.4.6)
143
157
  rack (>= 1.6.2, < 3)
144
158
  rack-protection
145
- omniauth-oauth2 (1.7.1)
159
+ omniauth-oauth2 (1.7.2)
146
160
  oauth2 (~> 1.4)
147
161
  omniauth (>= 1.9, < 3)
148
162
  omniauth-rails_csrf_protection (1.0.0)
@@ -163,26 +177,26 @@ GEM
163
177
  binding_of_caller (>= 0.7)
164
178
  pry (>= 0.9.11)
165
179
  public_suffix (4.0.6)
166
- racc (1.5.2)
180
+ racc (1.6.0)
167
181
  rack (2.2.3)
168
182
  rack-protection (2.1.0)
169
183
  rack
170
184
  rack-test (1.1.0)
171
185
  rack (>= 1.0, < 3)
172
- rails (6.1.3.1)
173
- actioncable (= 6.1.3.1)
174
- actionmailbox (= 6.1.3.1)
175
- actionmailer (= 6.1.3.1)
176
- actionpack (= 6.1.3.1)
177
- actiontext (= 6.1.3.1)
178
- actionview (= 6.1.3.1)
179
- activejob (= 6.1.3.1)
180
- activemodel (= 6.1.3.1)
181
- activerecord (= 6.1.3.1)
182
- activestorage (= 6.1.3.1)
183
- activesupport (= 6.1.3.1)
186
+ rails (6.1.4.4)
187
+ actioncable (= 6.1.4.4)
188
+ actionmailbox (= 6.1.4.4)
189
+ actionmailer (= 6.1.4.4)
190
+ actionpack (= 6.1.4.4)
191
+ actiontext (= 6.1.4.4)
192
+ actionview (= 6.1.4.4)
193
+ activejob (= 6.1.4.4)
194
+ activemodel (= 6.1.4.4)
195
+ activerecord (= 6.1.4.4)
196
+ activestorage (= 6.1.4.4)
197
+ activesupport (= 6.1.4.4)
184
198
  bundler (>= 1.15.0)
185
- railties (= 6.1.3.1)
199
+ railties (= 6.1.4.4)
186
200
  sprockets-rails (>= 2.0.0)
187
201
  rails-controller-testing (1.0.5)
188
202
  actionpack (>= 5.0.1.rc1)
@@ -191,13 +205,13 @@ GEM
191
205
  rails-dom-testing (2.0.3)
192
206
  activesupport (>= 4.2.0)
193
207
  nokogiri (>= 1.6)
194
- rails-html-sanitizer (1.3.0)
208
+ rails-html-sanitizer (1.4.2)
195
209
  loofah (~> 2.3)
196
- railties (6.1.3.1)
197
- actionpack (= 6.1.3.1)
198
- activesupport (= 6.1.3.1)
210
+ railties (6.1.4.4)
211
+ actionpack (= 6.1.4.4)
212
+ activesupport (= 6.1.4.4)
199
213
  method_source
200
- rake (>= 0.8.7)
214
+ rake (>= 0.13)
201
215
  thor (~> 1.0)
202
216
  rainbow (3.0.0)
203
217
  rake (13.0.3)
@@ -205,7 +219,7 @@ GEM
205
219
  redirect_safely (1.0.0)
206
220
  activemodel
207
221
  regexp_parser (2.0.0)
208
- rexml (3.2.4)
222
+ rexml (3.2.5)
209
223
  rubocop (1.5.2)
210
224
  parallel (~> 1.10)
211
225
  parser (>= 2.7.1.5)
@@ -220,20 +234,20 @@ GEM
220
234
  rubocop-shopify (1.0.7)
221
235
  rubocop (~> 1.4)
222
236
  ruby-progressbar (1.10.1)
223
- ruby2_keywords (0.0.4)
224
- shopify_api (9.4.1)
225
- activeresource (>= 4.1.0, < 6.0.0)
237
+ ruby2_keywords (0.0.5)
238
+ shopify_api (9.5.1)
239
+ activeresource (>= 4.1.0)
226
240
  graphql-client
227
241
  rack
228
242
  sprockets (4.0.2)
229
243
  concurrent-ruby (~> 1.0)
230
244
  rack (> 1, < 3)
231
- sprockets-rails (3.2.2)
232
- actionpack (>= 4.0)
233
- activesupport (>= 4.0)
245
+ sprockets-rails (3.4.2)
246
+ actionpack (>= 5.2)
247
+ activesupport (>= 5.2)
234
248
  sprockets (>= 3.0.0)
235
249
  sqlite3 (1.4.2)
236
- thor (1.1.0)
250
+ thor (1.2.1)
237
251
  tzinfo (2.0.4)
238
252
  concurrent-ruby (~> 1.0)
239
253
  unicode-display_width (1.7.0)
@@ -241,10 +255,10 @@ GEM
241
255
  addressable (>= 2.3.6)
242
256
  crack (>= 0.3.2)
243
257
  hashdiff (>= 0.4.0, < 2.0.0)
244
- websocket-driver (0.7.3)
258
+ websocket-driver (0.7.5)
245
259
  websocket-extensions (>= 0.1.0)
246
260
  websocket-extensions (0.1.5)
247
- zeitwerk (2.4.2)
261
+ zeitwerk (2.5.4)
248
262
 
249
263
  PLATFORMS
250
264
  ruby
@@ -265,4 +279,4 @@ DEPENDENCIES
265
279
  webmock
266
280
 
267
281
  BUNDLED WITH
268
- 2.1.4
282
+ 2.2.29
data/README.md CHANGED
@@ -1,5 +1,7 @@
1
1
  # Shopify App
2
2
 
3
+ **Shopify is doubling our engineering staff in 2021! [Join our team and work on libraries like this one.](https://smrtr.io/5GGrK)**
4
+
3
5
  [![Version][gem]][gem_url] [![Build Status](https://github.com/Shopify/shopify_app/workflows/CI/badge.svg)](https://github.com/Shopify/shopify_app/actions?query=workflow%3ACI) ![Supported Rails version][supported_rails_version]
4
6
 
5
7
  [gem]: https://img.shields.io/gem/v/shopify_app.svg
@@ -23,7 +25,6 @@ This gem includes a Rails engine, generators, modules, and mixins that help crea
23
25
  ## Requirements
24
26
 
25
27
  > **Rails compatibility**
26
- > * Rails 6.1 or above is not yet supported due to the new `cookies_same_site_protection` setting.
27
28
  > * Use Shopify App `<= v7.2.8` if you need to work with Rails 4.
28
29
 
29
30
  To become a Shopify app developer, you will need a [Shopify Partners](https://www.shopify.com/partners) account. Explore the [Shopify dev docs](https://shopify.dev/concepts/shopify-introduction) to learn more about [building Shopify apps](https://shopify.dev/concepts/apps).