shopify_app 18.0.4 → 18.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e0945fed22675681ffec4e7818341d42ad7d62ebe6b9309a8132f65c5a954e37
-  data.tar.gz: 51c7ec2c5e1c43b06fc2dc67b57418b24197b0bf98a252b6940980614daa5a79
+  metadata.gz: 525ace7cd1e154da3bad80a1d26631b6ae7db48a84c83adb10ca996725608550
+  data.tar.gz: 2f235e4eed6025df20cfb985eb19cb77b781048d1b8b10873071bfd5e6c71e5e
 SHA512:
-  metadata.gz: 07b2adbc4b9c44023a6fed8ffaa358f07b463d9713d9825803d356184d1d2392194f71adf239371b9311e67326336b8de9f5b7fc9778c15e2f38c2d2903a2357
-  data.tar.gz: e4771d9ef9a4c337c6a1902be6a4d04ac859cd0a446f641d40ec66813464aa4b329defa75d1349017bfad040f355d3a27e67be89807fbc9da33399fa0221e56d
+  metadata.gz: 8bae3cec01980b2450d81f2d38143325095637f769d2127ff5d62ccf36c706a72bfcb89ff3b60cd82b2c9ed3636b9c387457b7dcdd55bb0ca474cf72e2bbd0f4
+  data.tar.gz: 2768f243dfdd36ff183846b4b31110217aa37ae2709bd4f4255f8f769500b1a494063bea7ccf0b73dc5c9db41efc17918915f170be7b85a6b1e66a167e41ae3f

data/.github/workflows/build.yml

@@ -12,7 +12,7 @@ jobs:
     name: Ruby ${{ matrix.version }}
     strategy:
       matrix:
-        version: [2.5, 2.6, 2.7]
+        version: ['2.6', '2.7', '3.0']
 
     steps:
       - uses: actions/checkout@v2
@@ -24,7 +24,7 @@ jobs:
           key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
       - name: Set up Ruby ${{ matrix.version }}
         uses: ruby/setup-ruby@v1
-        with: 
+        with:
           ruby-version: ${{ matrix.version }}
           bundler-cache: true
       - name: Set up Node
@@ -38,4 +38,3 @@ jobs:
         run: |
           yarn test
           bundle exec rake test
-          

data/.nvmrc

@@ -1 +1 @@
-8.10.0
+12.22.8

data/.ruby-version

@@ -1 +1 @@
-2.5.0
+3.0.3

data/CHANGELOG.md

@@ -1,3 +1,17 @@
+18.1.2 (Mar 3, 2022)
+----------
+* Use the App Bridge 2.0 redirect when attempting to break out of an iframe. This happens when an app is installed, requires new access scopes, or re-authentication because the login session is expired. [#1376](https://github.com/Shopify/shopify_app/pull/1376)
+
+18.1.1 (Feb 2, 2022)
+----------
+* Fix bug causing `unsafe-inline` CSP violation. [#1362](https://github.com/Shopify/shopify_app/pull/1362)
+
+18.1.0 (Jan 28, 2022)
+----------
+* Support Rails 7 [#1354](https://github.com/Shopify/shopify_app/pull/1354)
+* Fix webhooks handling in Ruby 3 [#1342](https://github.com/Shopify/shopify_app/pull/1342) 
+* Update to Ruby 3 and drop support to Ruby 2.5 [#1359](https://github.com/Shopify/shopify_app/pull/1359)
+
 18.0.4 (Jan 27, 2022)
 ----------
 * Use App Bridge client for redirect [#1247](https://github.com/Shopify/shopify_app/pull/1247)

data/Gemfile.lock

@@ -1,80 +1,80 @@
 PATH
   remote: .
   specs:
-    shopify_app (18.0.4)
+    shopify_app (18.1.2)
       browser_sniffer (~> 1.4.0)
       jwt (>= 2.2.3)
       omniauth-rails_csrf_protection
       omniauth-shopify-oauth2 (~> 2.3)
-      rails (> 5.2.1, < 6.2)
+      rails (> 5.2.1)
       redirect_safely (~> 1.0)
       shopify_api (~> 9.4)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.1.3.1)
-      actionpack (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    actioncable (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.3.1)
-      actionpack (= 6.1.3.1)
-      activejob (= 6.1.3.1)
-      activerecord (= 6.1.3.1)
-      activestorage (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    actionmailbox (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activestorage (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       mail (>= 2.7.1)
-    actionmailer (6.1.3.1)
-      actionpack (= 6.1.3.1)
-      actionview (= 6.1.3.1)
-      activejob (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    actionmailer (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      actionview (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.3.1)
-      actionview (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    actionpack (6.1.4.4)
+      actionview (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.3.1)
-      actionpack (= 6.1.3.1)
-      activerecord (= 6.1.3.1)
-      activestorage (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    actiontext (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activestorage (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       nokogiri (>= 1.8.5)
-    actionview (6.1.3.1)
-      activesupport (= 6.1.3.1)
+    actionview (6.1.4.4)
+      activesupport (= 6.1.4.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.3.1)
-      activesupport (= 6.1.3.1)
+    activejob (6.1.4.4)
+      activesupport (= 6.1.4.4)
       globalid (>= 0.3.6)
-    activemodel (6.1.3.1)
-      activesupport (= 6.1.3.1)
+    activemodel (6.1.4.4)
+      activesupport (= 6.1.4.4)
     activemodel-serializers-xml (1.0.2)
       activemodel (> 5.x)
       activesupport (> 5.x)
       builder (~> 3.1)
-    activerecord (6.1.3.1)
-      activemodel (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
-    activeresource (5.1.1)
-      activemodel (>= 5.0, < 7)
+    activerecord (6.1.4.4)
+      activemodel (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
+    activeresource (6.0.0)
+      activemodel (>= 6.0)
       activemodel-serializers-xml (~> 1.0)
-      activesupport (>= 5.0, < 7)
-    activestorage (6.1.3.1)
-      actionpack (= 6.1.3.1)
-      activejob (= 6.1.3.1)
-      activerecord (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+      activesupport (>= 6.0)
+    activestorage (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       marcel (~> 1.0.0)
-      mini_mime (~> 1.0.2)
-    activesupport (6.1.3.1)
+      mini_mime (>= 1.1.0)
+    activesupport (6.1.4.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -89,65 +89,45 @@ GEM
     builder (3.2.4)
     byebug (11.1.3)
     coderay (1.1.3)
-    concurrent-ruby (1.1.8)
+    concurrent-ruby (1.1.9)
     crack (0.4.4)
     crass (1.0.6)
     debug_inspector (0.0.3)
     erubi (1.10.0)
-    faraday (1.9.3)
-      faraday-em_http (~> 1.0)
-      faraday-em_synchrony (~> 1.0)
-      faraday-excon (~> 1.1)
-      faraday-httpclient (~> 1.0)
-      faraday-multipart (~> 1.0)
-      faraday-net_http (~> 1.0)
-      faraday-net_http_persistent (~> 1.0)
-      faraday-patron (~> 1.0)
-      faraday-rack (~> 1.0)
-      faraday-retry (~> 1.0)
+    faraday (2.2.0)
+      faraday-net_http (~> 2.0)
       ruby2_keywords (>= 0.0.4)
-    faraday-em_http (1.0.0)
-    faraday-em_synchrony (1.0.0)
-    faraday-excon (1.1.0)
-    faraday-httpclient (1.0.1)
-    faraday-multipart (1.0.2)
-      multipart-post (>= 1.2, < 3)
-    faraday-net_http (1.0.1)
-    faraday-net_http_persistent (1.2.0)
-    faraday-patron (1.0.0)
-    faraday-rack (1.0.0)
-    faraday-retry (1.0.3)
+    faraday-net_http (2.0.1)
     globalid (1.0.0)
       activesupport (>= 5.0)
-    graphql (1.13.4)
+    graphql (1.13.10)
     graphql-client (0.17.0)
       activesupport (>= 3.0)
       graphql (~> 1.10)
     hashdiff (1.0.1)
     hashie (5.0.0)
-    i18n (1.8.9)
+    i18n (1.9.1)
       concurrent-ruby (~> 1.0)
     jwt (2.3.0)
-    loofah (2.9.0)
+    loofah (2.13.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
     marcel (1.0.2)
     method_source (0.9.2)
-    mini_mime (1.0.3)
-    mini_portile2 (2.5.0)
+    mini_mime (1.1.2)
+    mini_portile2 (2.6.1)
     minitest (5.14.4)
     mocha (1.11.2)
     multi_json (1.15.0)
     multi_xml (0.6.0)
-    multipart-post (2.1.1)
     nio4r (2.5.8)
-    nokogiri (1.11.2)
-      mini_portile2 (~> 2.5.0)
+    nokogiri (1.12.5)
+      mini_portile2 (~> 2.6.1)
       racc (~> 1.4)
-    oauth2 (1.4.7)
-      faraday (>= 0.8, < 2.0)
+    oauth2 (1.4.9)
+      faraday (>= 0.17.3, < 3.0)
       jwt (>= 1.0, < 3.0)
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
@@ -159,7 +139,7 @@ GEM
     omniauth-oauth2 (1.7.2)
       oauth2 (~> 1.4)
       omniauth (>= 1.9, < 3)
-    omniauth-rails_csrf_protection (1.0.0)
+    omniauth-rails_csrf_protection (1.0.1)
       actionpack (>= 4.2)
       omniauth (~> 2.0)
     omniauth-shopify-oauth2 (2.3.2)
@@ -177,26 +157,26 @@ GEM
       binding_of_caller (>= 0.7)
       pry (>= 0.9.11)
     public_suffix (4.0.6)
-    racc (1.5.2)
+    racc (1.6.0)
     rack (2.2.3)
-    rack-protection (2.1.0)
+    rack-protection (2.2.0)
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.1.3.1)
-      actioncable (= 6.1.3.1)
-      actionmailbox (= 6.1.3.1)
-      actionmailer (= 6.1.3.1)
-      actionpack (= 6.1.3.1)
-      actiontext (= 6.1.3.1)
-      actionview (= 6.1.3.1)
-      activejob (= 6.1.3.1)
-      activemodel (= 6.1.3.1)
-      activerecord (= 6.1.3.1)
-      activestorage (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    rails (6.1.4.4)
+      actioncable (= 6.1.4.4)
+      actionmailbox (= 6.1.4.4)
+      actionmailer (= 6.1.4.4)
+      actionpack (= 6.1.4.4)
+      actiontext (= 6.1.4.4)
+      actionview (= 6.1.4.4)
+      activejob (= 6.1.4.4)
+      activemodel (= 6.1.4.4)
+      activerecord (= 6.1.4.4)
+      activestorage (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       bundler (>= 1.15.0)
-      railties (= 6.1.3.1)
+      railties (= 6.1.4.4)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
@@ -205,13 +185,13 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.3.0)
+    rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
-    railties (6.1.3.1)
-      actionpack (= 6.1.3.1)
-      activesupport (= 6.1.3.1)
+    railties (6.1.4.4)
+      actionpack (= 6.1.4.4)
+      activesupport (= 6.1.4.4)
       method_source
-      rake (>= 0.8.7)
+      rake (>= 0.13)
       thor (~> 1.0)
     rainbow (3.0.0)
     rake (13.0.3)
@@ -219,7 +199,7 @@ GEM
     redirect_safely (1.0.0)
       activemodel
     regexp_parser (2.0.0)
-    rexml (3.2.4)
+    rexml (3.2.5)
     rubocop (1.5.2)
       parallel (~> 1.10)
       parser (>= 2.7.1.5)
@@ -235,11 +215,10 @@ GEM
       rubocop (~> 1.4)
     ruby-progressbar (1.10.1)
     ruby2_keywords (0.0.5)
-    shopify_api (9.5)
-      activeresource (>= 4.1.0, < 6.0.0)
+    shopify_api (9.5.1)
+      activeresource (>= 4.1.0)
       graphql-client
       rack
-      webrick
     sprockets (4.0.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
@@ -256,11 +235,10 @@ GEM
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    webrick (1.7.0)
     websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    zeitwerk (2.4.2)
+    zeitwerk (2.5.4)
 
 PLATFORMS
   ruby
@@ -281,4 +259,4 @@ DEPENDENCIES
   webmock
 
 BUNDLED WITH
-   2.2.29
+   2.3.5

data/README.md

@@ -17,6 +17,7 @@ This gem builds Rails applications that can be embedded in the Shopify Admin.
 [Contributing](/CONTRIBUTING.md) |
 [License](/LICENSE)
 
+
 ## Introduction
 
 This gem includes a Rails engine, generators, modules, and mixins that help create Rails applications that work with Shopify APIs. The [Shopify App Rails engine](/docs/shopify_app/engine.md) provides all the code required to implement OAuth with Shopify. The [default Shopify App generator](/docs/shopify_app/generators.md#-environment-rails-generate-shopify_app) builds an app that can be embedded in the Shopify Admin and secures it with [session tokens](https://shopify.dev/concepts/apps/building-embedded-apps-using-session-tokens).