shopify_app 21.10.0 → 22.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 927f0886c6d7be713738a4c38d2a1c5319593d2d8e4d200d854957abae73ac09
-  data.tar.gz: cca13c50d4cc99853ef10e119d4cb10cf96ba786ee9e146c2acacc12758d741f
+  metadata.gz: 9ea486458223aad4ec68fd15a99a340d79ae306e95b8596ca7b9f447b0ac237c
+  data.tar.gz: 7cfc9f51c225a89a3aacf87fc6cd3724c3c69399c60588cab9ac821f32b9bde0
 SHA512:
-  metadata.gz: db9c6d4fdee1744d974fcde46f54d4246c2886dafb4d31f3423d9c903566f730c06a0b3187a21cdd534d7ee63be95c1fa318e85c007b53f682cbf7a6d3184df2
-  data.tar.gz: eb437382bf4fba13da3d3780fd05e29360807c8d999239d129dd4ff5e92fc63de33dea382deb9ab9f0e9552d208a1405acb5aa68cb85c20a7310afd81681bcb0
+  metadata.gz: 6c3c7f2426c24946ab299bb2499e5065c16828fe72ff8160f7d114c96ba7ff658d032494f418d58668ff0ad2fc53288a237fa92f35950e8028aeb0cd551b9d4d
+  data.tar.gz: e86005c3bde23478adc4444ff93274f3c6e4646f063399eb80f9165ab2a0b56765209038d49174889d2e026519296f4b44a929ce0201be5bc25c2c98470f3258

data/.github/ISSUE_TEMPLATE/bug-report.md

@@ -6,36 +6,41 @@ labels: "Type: Bug 🐛"
 
 # Issue summary
 
-<!--
-
-Write a short description of the issue here. Please provide any details or logs that
-can help us debug it.
+Before opening this issue, I have:
+
+- [ ] Upgraded to the latest version of the package
+  - `shopify_app` version:
+  - Ruby version:
+  - Operating system:
+- [ ] Set `log_level: :debug` [in my configuration](https://github.com/Shopify/shopify-api-ruby#setup-shopify-context), if applicable
+- [ ] Found a reliable way to reproduce the problem that indicates it's a problem with the package
+- [ ] Looked for similar issues in this repository
+- [ ] Checked that this isn't an issue with a Shopify API
+  - If it is, please create a post in the [Shopify community forums](https://community.shopify.com/c/partners-and-developers/ct-p/appdev) or report it to [Shopify Partner Support](https://help.shopify.com/en/support/partners/org-select)
 
-Increase the logs as described in the README by setting log_level to :debug, and paste the relevant portion here.
-
-Learn more: https://github.com/Shopify/shopify-api-ruby#setup-shopify-context
+<!--
+Write a short description of the issue here.
 
+We can only fix issues for which there is a clear reproduction scenario.
+The more context you can provide, the easier it becomes for us to investigate and fix the issue.
 -->
 
-- `shopify_api` version:
-- `shopify_app` version:
-- Ruby version:
-- Operating system:
-
-```
-// Paste any relevant logs here
-```
-
 ## Expected behavior
 
-<!-- What do you think should happen? -->
+What do you think should happen?
 
 ## Actual behavior
 
-<!-- What actually happens? -->
+What actually happens?
 
 ## Steps to reproduce the problem
 
 1.
 1.
 1.
+
+## Debug logs
+
+```
+// Paste any relevant logs here
+```

data/.github/workflows/build.yml

@@ -12,7 +12,7 @@ jobs:
     name: Ruby ${{ matrix.version }}
     strategy:
       matrix:
-        version: ['2.7', '3.0', '3.1', '3.2']
+        version: ['3.0', '3.1', '3.2']
 
     steps:
       - uses: actions/checkout@v3

data/.github/workflows/rubocop.yml

@@ -8,10 +8,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v3
-    - name: Set up Ruby 2.7
+    - name: Set up Ruby 3.2
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: 2.7
+        ruby-version: 3.2
         bundler-cache: true
     - name: Install gems
       run: |

data/CHANGELOG.md

@@ -1,6 +1,27 @@
 Unreleased
 ----------
 
+22.0.1 (March 12, 2024)
+----------
+* Bumps `shopify_api` to `14.0.1` [1813](https://github.com/Shopify/shopify_app/pull/1813)
+
+22.00.0 (March 5, 2024)
+----------
+
+To migrate from a previous version, please see the [v22 migration guide](docs/Upgrading.md#upgrading-to-v2200).
+
+* ⚠️ [Breaking] Bumps minimum supported Ruby version to 3.0. Bumps `shopify_api` to 14.0 [1801](https://github.com/Shopify/shopify_app/pull/1801)
+* ⚠️ [Breaking] Removes deprecated controller concerns that were renamed in `v21.10.0`. [1805](https://github.com/Shopify/shopify_app/pull/1805)
+* ⚠️ [Breaking] Removes deprecated `ScripttagManager`. We realize there was communication error in our logging where we logged future deprecation instead of our inteded removal. Since we have been logging that for 2 years we felt we'd move forward with the removal instead pushing this off until the next major release. [1806](https://github.com/Shopify/shopify_app/pull/1806)
+* ⚠️ [Breaking] Removes ITP controller concern and `browser_sniffer` dependency.[1810](https://github.com/Shopify/shopify_app/pull/1810)
+* ⚠️ [Breaking] Removes Marketing Extensions generator [1810](https://github.com/Shopify/shopify_app/pull/1810)
+* ⚠️ [Breaking] Thows an error if a controller includes incompatible concerns (LoginProtection/EnsureInstalled) [1809](https://github.com/Shopify/shopify_app/pull/1809)
+* ⚠️ [Breaking] No longer rescues non-shopify API errors during OAuth
+  callback [1807](https://github.com/Shopify/shopify_app/pull/1807)
+* Make type param for webhooks route optional. This will fix a bug with CLI initiated webhooks.[1786](https://github.com/Shopify/shopify_app/pull/1786)
+* Fix redirecting to login when we catch a 401 response from Shopify, so that it can also handle cases where the app is already embedded when that happens.[1787](https://github.com/Shopify/shopify_app/pull/1787)
+* Always register webhooks with offline sessions.[1788](https://github.com/Shopify/shopify_app/pull/1788)
+
 21.10.0 (January 24, 2024)
 ----------
 * Fix session deletion for users with customized session storage[#1773](https://github.com/Shopify/shopify_app/pull/1773)

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,46 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all
+people who contribute through reporting issues, posting feature
+requests, updating documentation, submitting pull requests or patches,
+and other activities.
+
+We are committed to making participation in this project a
+harassment-free experience for everyone, regardless of level of
+experience, gender, gender identity and expression, sexual orientation,
+disability, personal appearance, body size, race, ethnicity, age,
+religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+- The use of sexualized language or imagery
+- Personal attacks
+- Trolling or insulting/derogatory comments
+- Public or private harassment
+- Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+- Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit,
+or reject comments, commits, code, wiki edits, issues, and other
+contributions that are not aligned to this Code of Conduct, or to ban
+temporarily or permanently any contributor for other behaviors that they
+deem inappropriate, threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves
+to fairly and consistently applying these principles to every aspect of
+managing this project. Project maintainers who do not follow or enforce
+the Code of Conduct may be permanently removed from the project team.
+
+This Code of Conduct applies both within project spaces and in public
+spaces when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may
+be reported by contacting a project maintainer at <opensource@shopify.com>.
+All complaints will be reviewed and investigated and will result in a response
+that is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an incident.
+
+This Code of Conduct is adapted from the Contributor Covenant, version
+1.3.0, available from http://contributor-covenant.org/version/1/3/0/

data/Gemfile.lock

@@ -1,14 +1,13 @@
 PATH
   remote: .
   specs:
-    shopify_app (21.10.0)
+    shopify_app (22.0.1)
       activeresource
       addressable (~> 2.7)
-      browser_sniffer (~> 2.0)
       jwt (>= 2.2.3)
       rails (> 5.2.1)
       redirect_safely (~> 1.0)
-      shopify_api (~> 13.4)
+      shopify_api (>= 14.0.1, < 15.0)
       sprockets-rails (>= 2.0.0)
 
 GEM
@@ -86,7 +85,6 @@ GEM
     ast (2.4.2)
     binding_of_caller (1.0.0)
       debug_inspector (>= 0.0.1)
-    browser_sniffer (2.2.0)
     builder (3.2.4)
     byebug (11.1.3)
     coderay (1.1.3)
@@ -134,11 +132,11 @@ GEM
     net-smtp (0.3.3)
       net-protocol
     nio4r (2.5.9)
-    nokogiri (1.15.0-arm64-darwin)
+    nokogiri (1.16.2-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.15.0-x86_64-darwin)
+    nokogiri (1.16.2-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.15.0-x86_64-linux)
+    nokogiri (1.16.2-x86_64-linux)
       racc (~> 1.4)
     oj (3.14.3)
     openssl (3.1.0)
@@ -155,7 +153,7 @@ GEM
       binding_of_caller (~> 1.0)
       pry (~> 0.13)
     public_suffix (5.0.1)
-    racc (1.6.2)
+    racc (1.7.3)
     rack (2.2.7)
     rack-test (2.1.0)
       rack (>= 1.3)
@@ -217,7 +215,7 @@ GEM
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
     securerandom (0.2.2)
-    shopify_api (13.4.0)
+    shopify_api (14.0.1)
       activesupport
       concurrent-ruby
       hash_diff

data/README.md

@@ -106,7 +106,6 @@ You can find documentation on gem usage, concepts, mixins, installation, and mor
   * [Engine](/docs/shopify_app/engine.md)
   * [Controller Concerns](/docs/shopify_app/controller-concerns.md)
   * [Generators](/docs/shopify_app/generators.md)
-  * [ScriptTags](/docs/shopify_app/script-tags.md)
   * [Sessions](/docs/shopify_app/sessions.md)
   * [Handling changes in access scopes](/docs/shopify_app/handling-access-scopes-changes.md)
   * [Testing](/docs/shopify_app/testing.md)

data/app/controllers/concerns/shopify_app/ensure_authenticated_links.rb

@@ -20,11 +20,15 @@ module ShopifyApp
     end
 
     def splash_page_with_params(params)
-      uri = URI(root_path)
+      uri = URI(base_url)
       uri.query = params.compact.to_query
       uri.to_s
     end
 
+    def base_url
+      ShopifyApp.configuration.root_url.presence || root_path
+    end
+
     def redirect_to_splash_page
       redirect_to(splash_page)
     rescue ::ShopifyApp::ShopifyDomainNotFound => error

data/app/controllers/concerns/shopify_app/ensure_installed.rb

@@ -9,10 +9,10 @@ module ShopifyApp
       if defined?(ShopifyApp::LoginProtection) && ancestors.include?(ShopifyApp::LoginProtection)
         message = <<~EOS
           We detected the use of incompatible concerns (EnsureInstalled and LoginProtection) in #{name},
-          which may lead to unpredictable behavior. In a future release of this library this will raise an error.
+          which leads to unpredictable behavior. You cannot include both concerns in the same controller.
         EOS
 
-        ShopifyApp::Logger.deprecated(message, "22.0.0")
+        raise message
       end
 
       before_action :check_shop_domain

data/app/controllers/shopify_app/callback_controller.rb

@@ -10,8 +10,12 @@ module ShopifyApp
       begin
         api_session, cookie = validated_auth_objects
       rescue => error
-        deprecate_callback_rescue(error) unless error.class.module_parent == ShopifyAPI::Errors
-        return respond_with_error
+        if error.class.module_parent == ShopifyAPI::Errors
+          callback_rescue(error)
+          return respond_with_error
+        else
+          raise error
+        end
       end
 
       save_session(api_session) if api_session
@@ -25,6 +29,10 @@ module ShopifyApp
 
     private
 
+    def callback_rescue(error)
+      ShopifyApp::Logger.debug("#{error.class} was rescued and redirected to login_url_with_optional_shop")
+    end
+
     def deprecate_callback_rescue(error)
       message = <<~EOS
         An error of type #{error.class} was rescued. This is not part of `ShopifyAPI::Errors`, which could indicate a
@@ -130,8 +138,11 @@ module ShopifyApp
     end
 
     def perform_post_authenticate_jobs(session)
-      install_webhooks(session)
-      install_scripttags(session)
+      # Ensure we use the shop session to install webhooks
+      session_for_shop = session.online? ? shop_session : session
+
+      install_webhooks(session_for_shop)
+
       perform_after_authenticate_job(session)
     end
 
@@ -141,16 +152,6 @@ module ShopifyApp
       WebhooksManager.queue(session.shop, session.access_token)
     end
 
-    def install_scripttags(session)
-      return unless ShopifyApp.configuration.has_scripttags?
-
-      ScripttagsManager.queue(
-        session.shop,
-        session.access_token,
-        ShopifyApp.configuration.scripttags,
-      )
-    end
-
     def perform_after_authenticate_job(session)
       config = ShopifyApp.configuration.after_authenticate_job
 

data/config/routes.rb

@@ -26,6 +26,6 @@ ShopifyApp::Engine.routes.draw do
   end
 
   namespace :webhooks do
-    post ":type" => :receive
+    post "(:type)" => :receive
   end
 end

data/docs/Upgrading.md

@@ -8,6 +8,8 @@ This file documents important changes needed to upgrade your app's Shopify App v
 
 [Unreleased](#unreleased)
 
+[Upgrading to `v22.0.0`](#upgrading-to-v2200)
+
 [Upgrading to `v20.3.0`](#upgrading-to-v2030)
 
 [Upgrading to `v20.2.0`](#upgrading-to-v2020)
@@ -38,8 +40,30 @@ We also recommend the use of a staging site which matches your production enviro
 
 If you do run into issues, we recommend looking at our [debugging tips.](https://github.com/Shopify/shopify_app/blob/main/docs/Troubleshooting.md#debugging-tips)
 
+## Upgrading to `v22.0.0`
+#### Dropped support for Ruby 2.x
+Support for Ruby 2.x has been dropped as it is no longer supported. You'll need to upgrade to 3.x.x
+
+#### Renamed Controller Concerns
+The following controller concerns have been renamed/replaced in `v21.10.0` and have now been removed. To upgrade, please rename any usage in your apps's controllers that include them to the following:
+
+|Old Deprecated Controller Concern |Replaced By New Controller Concern|
+|---|---|
+|`Authenticated`|`EnsureHasSession`|
+|`RequireKnownShop`|`EnsureInstalled`|
+
+The new names better reflect what assurances the including the controller concern provide. The new concern provide similar if not identical functionality as the concerns they replaced.
+
+#### Remove ScripttagManager
+Script tag usage has largely been replaced with the adoption of [theme app extensions](https://shopify.dev/docs/apps/online-store/theme-app-extensions) and [thank you order status customization](https://shopify.dev/docs/apps/checkout/thank-you-order-status). The manager has been removed with this major release due to effective replacement and a goal to have parity in supported functionality across language stacks.
+
+If you find yourself still using Scipt Tags and want to continue the pattern of declarative management of script tags this gem used to use, we recommend porting the logic [the manager used in prior versions](https://github.com/Shopify/shopify_app/blob/2336fabc6d0b45a4dee3f336455dace4d2d88bc4/lib/shopify_app/managers/scripttags_manager.rb#L4) and implementing it in a [post authentication job](https://github.com/Shopify/shopify_app/blob/main/docs/shopify_app/authentication.md#run-jobs-after-the-oauth-flow). This is the recommended flow to create script tags (or any other logic) for stores that install your app.
+
+#### No longer rescue non-shopify API errors during customized OAuth flow
+If you have customized authentication logic and are counting on the `CallbackController` to catch your error and redirect to login, you'll need to catch that error and redirect to `login_url_with_optional_shop`.
+
 ## Upgrading to 21.3.0
-The `Itp` controller concern has been removed from `LoginProtection` which is included by the `Authenticated` controller concern.
+The `Itp` controller concern has been removed from `LoginProtection` which is included by the `Authenticated`/`EnsureHasSession` controller concern.
 If any of your controllers are dependant on methods from `Itp` then you can include `ShopifyApp::Itp` directly.
 You may notice a deprecation notice saying, `Itp will be removed in an upcoming version`.
 This is because we intend on removing `Itp` completely in `v22.0.0`, but this will work in the meantime.

data/docs/shopify_app/controller-concerns.md

@@ -64,5 +64,26 @@ Implements Rails' [protect_from_forgery](https://api.rubyonrails.org/classes/Act
 #### EmbeddedApp
 If your ShopifyApp configuration has the `embedded_app` config set to true, [P3P header](https://www.w3.org/P3P/) and [content security policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) are handled for you.
 
+By default, the `EmbeddedApp` concern also sets the layout file to be `app/views/layouts/embedded_app.html.erb`.
+
+Sometimes one wants to run an embedded app in non-embedded mode. For example:
+
+- When the remote environment is a CI;
+- When the remote environment is a preview/PR app;
+- When the developer wants to run the app in a non-embedded mode for testing.
+
+To use the same application layout for every application controller, a developer can now overwrite the `#use_embedded_app_layout?` method.
+
+```ruby
+class ApplicationController
+  # Ensures every controller is using the standard app/views/layouts/application.html.erb layout.
+  #
+  # @return [true, false]
+  def use_embedded_app_layout?
+    false
+  end
+end
+```
+
 #### EnsureBilling
 If billing is enabled for the app, the active payment for the session is queried and enforced if needed. If billing is required the user will be redirected to a page requesting payment.

data/docs/shopify_app/generators.md

@@ -68,13 +68,13 @@ Specify whether the app is an embedded app. Apps are embedded by default.
 
 #### `$ rails generate shopify_app:shop_model`
 
-This generator creates a `Shop` model and a migration to store shop installation records. See [*Shop-based token strategy*](/docs/shopify_app/session-repository.md#shop-based-token-storage) to learn more.
+This generator creates a `Shop` model and a migration to store shop installation records. See [*Shop-based token strategy*](/docs/shopify_app/sessions.md#shop-offline-token-storage) to learn more.
 
 ---
 
 #### `$ rails generate shopify_app:user_model`
 
-This generator creates a `User` model and a migration to store user records. See [*User-based token strategy*](/docs/shopify_app/session-repository.md#user-based-token-storage) to learn more.
+This generator creates a `User` model and a migration to store user records. See [*User-based token strategy*](/docs/shopify_app/sessions.md#user-online-token-storage) to learn more.
 
 ---
 

data/lib/shopify_app/controller_concerns/embedded_app.rb

@@ -7,14 +7,22 @@ module ShopifyApp
     include ShopifyApp::FrameAncestors
 
     included do
-      if ShopifyApp.configuration.embedded_app?
-        after_action(:set_esdk_headers)
-        layout("embedded_app")
-      end
+      layout :embedded_app_layout
+      after_action :set_esdk_headers, if: -> { ShopifyApp.configuration.embedded_app? }
+    end
+
+    protected
+
+    def use_embedded_app_layout?
+      ShopifyApp.configuration.embedded_app?
     end
 
     private
 
+    def embedded_app_layout
+      "embedded_app" if use_embedded_app_layout?
+    end
+
     def set_esdk_headers
       response.set_header("P3P", 'CP="Not used"')
       response.headers.except!("X-Frame-Options")

data/lib/shopify_app/controller_concerns/login_protection.rb

@@ -1,21 +1,18 @@
 # frozen_string_literal: true
 
-require "browser_sniffer"
-
 module ShopifyApp
   module LoginProtection
     extend ActiveSupport::Concern
     include ShopifyApp::SanitizedParams
 
     included do
-      if defined?(ShopifyApp::RequireKnownShop) &&
-          defined?(ShopifyApp::EnsureInstalled) &&
-          ancestors.include?(ShopifyApp::RequireKnownShop || ShopifyApp::EnsureInstalled)
+      if defined?(ShopifyApp::EnsureInstalled) &&
+          ancestors.include?(ShopifyApp::EnsureInstalled)
         message = <<~EOS
-          We detected the use of incompatible concerns (RequireKnownShop/EnsureInstalled and LoginProtection) in #{name},
-          which may lead to unpredictable behavior. In a future release of this library this will raise an error.
+          We detected the use of incompatible concerns (EnsureInstalled and LoginProtection) in #{name},
+          which leads to unpredictable behavior. You cannot include both concerns in the same controller.
         EOS
-        ShopifyApp::Logger.deprecated(message, "22.0.0")
+        raise message
       end
 
       rescue_from ShopifyAPI::Errors::HttpResponseError, with: :handle_http_error
@@ -147,10 +144,11 @@ module ShopifyApp
     end
 
     def close_session
-      clear_shopify_session
       ShopifyApp::Logger.debug("Closing session")
-      ShopifyApp::Logger.debug("Redirecting to #{login_url_with_optional_shop}")
-      redirect_to(login_url_with_optional_shop)
+      clear_shopify_session
+
+      ShopifyApp::Logger.debug("Redirecting to login")
+      redirect_to_login
     end
 
     def handle_http_error(error)

data/lib/shopify_app/engine.rb

@@ -5,7 +5,7 @@ module ShopifyApp
     private
 
     def args_info(job)
-      log_disabled_classes = ["ShopifyApp::ScripttagsManagerJob", "ShopifyApp::WebhooksManagerJob"]
+      log_disabled_classes = ["ShopifyApp::WebhooksManagerJob"]
       return "" if log_disabled_classes.include?(job.class.name)
 
       super
@@ -35,7 +35,6 @@ module ShopifyApp
       ActiveSupport.on_load(:active_job) do
         if ActiveJob::Base.respond_to?(:log_arguments?)
           WebhooksManagerJob.log_arguments = false
-          ScripttagsManagerJob.log_arguments = false
         elsif ActiveJob::Logging::LogSubscriber.private_method_defined?(:args_info)
           ActiveJob::Logging::LogSubscriber.prepend(RedactJobParams)
         end

data/lib/shopify_app/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ShopifyApp
-  VERSION = "21.10.0"
+  VERSION = "22.0.1"
 end

data/lib/shopify_app.rb

@@ -44,7 +44,6 @@ module ShopifyApp
   require "shopify_app/controller_concerns/csrf_protection"
   require "shopify_app/controller_concerns/localization"
   require "shopify_app/controller_concerns/frame_ancestors"
-  require "shopify_app/controller_concerns/itp"
   require "shopify_app/controller_concerns/sanitized_params"
   require "shopify_app/controller_concerns/redirect_for_embedded"
   require "shopify_app/controller_concerns/login_protection"
@@ -56,11 +55,9 @@ module ShopifyApp
 
   # jobs
   require "shopify_app/jobs/webhooks_manager_job"
-  require "shopify_app/jobs/scripttags_manager_job"
 
   # managers
   require "shopify_app/managers/webhooks_manager"
-  require "shopify_app/managers/scripttags_manager"
 
   # middleware
   require "shopify_app/middleware/jwt_middleware"

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shopify_app",
-  "version": "21.10.0",
+  "version": "22.0.1",
   "repository": "git@github.com:Shopify/shopify_app.git",
   "author": "Shopify",
   "license": "MIT",

data/shopify_app.gemspec

@@ -10,17 +10,16 @@ Gem::Specification.new do |s|
   s.author      = "Shopify"
   s.summary     = "This gem is used to get quickly started with the Shopify API"
 
-  s.required_ruby_version = ">= 2.7"
+  s.required_ruby_version = ">= 3.0"
 
   s.metadata["allowed_push_host"] = "https://rubygems.org"
 
   s.add_runtime_dependency("activeresource") # TODO: Remove this once all active resource dependencies are removed
   s.add_runtime_dependency("addressable", "~> 2.7")
-  s.add_runtime_dependency("browser_sniffer", "~> 2.0")
   s.add_runtime_dependency("jwt", ">= 2.2.3")
   s.add_runtime_dependency("rails", "> 5.2.1")
   s.add_runtime_dependency("redirect_safely", "~> 1.0")
-  s.add_runtime_dependency("shopify_api", "~> 13.4")
+  s.add_runtime_dependency("shopify_api", ">= 14.0.1", "< 15.0")
   s.add_runtime_dependency("sprockets-rails", ">= 2.0.0")
 
   s.add_development_dependency("byebug")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shopify_app
 version: !ruby/object:Gem::Version
-  version: 21.10.0
+  version: 22.0.1
 platform: ruby
 authors:
 - Shopify
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-01-24 00:00:00.000000000 Z
+date: 2024-03-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activeresource
@@ -38,20 +38,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.7'
-- !ruby/object:Gem::Dependency
-  name: browser_sniffer
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -98,16 +84,22 @@ dependencies:
   name: shopify_api
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '13.4'
+        version: 14.0.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '15.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 14.0.1
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '13.4'
+        version: '15.0'
 - !ruby/object:Gem::Dependency
   name: sprockets-rails
   requirement: !ruby/object:Gem::Requirement
@@ -301,6 +293,7 @@ files:
 - ".ruby-version"
 - ".spin/rails/prepare-application"
 - CHANGELOG.md
+- CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
 - Gemfile
 - Gemfile.lock
@@ -312,11 +305,9 @@ files:
 - app/assets/javascripts/shopify_app/app_bridge_3.7.8.js
 - app/assets/javascripts/shopify_app/app_bridge_redirect.js
 - app/assets/javascripts/shopify_app/redirect.js
-- app/controllers/concerns/shopify_app/authenticated.rb
 - app/controllers/concerns/shopify_app/ensure_authenticated_links.rb
 - app/controllers/concerns/shopify_app/ensure_has_session.rb
 - app/controllers/concerns/shopify_app/ensure_installed.rb
-- app/controllers/concerns/shopify_app/require_known_shop.rb
 - app/controllers/concerns/shopify_app/shop_access_scopes_verification.rb
 - app/controllers/shopify_app/authenticated_controller.rb
 - app/controllers/shopify_app/callback_controller.rb
@@ -364,7 +355,6 @@ files:
 - docs/shopify_app/generators.md
 - docs/shopify_app/handling-access-scopes-changes.md
 - docs/shopify_app/logging.md
-- docs/shopify_app/script-tags.md
 - docs/shopify_app/sessions.md
 - docs/shopify_app/testing.md
 - docs/shopify_app/webhooks.md
@@ -374,8 +364,6 @@ files:
 - lib/generators/shopify_app/add_after_authenticate_job/templates/after_authenticate_job.rb
 - lib/generators/shopify_app/add_app_uninstalled_job/add_app_uninstalled_job_generator.rb
 - lib/generators/shopify_app/add_app_uninstalled_job/templates/app_uninstalled_job.rb.tt
-- lib/generators/shopify_app/add_marketing_activity_extension/add_marketing_activity_extension_generator.rb
-- lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb
 - lib/generators/shopify_app/add_privacy_jobs/add_privacy_jobs_generator.rb
 - lib/generators/shopify_app/add_privacy_jobs/templates/customers_data_request_job.rb.tt
 - lib/generators/shopify_app/add_privacy_jobs/templates/customers_redact_job.rb.tt
@@ -432,7 +420,6 @@ files:
 - lib/shopify_app/controller_concerns/embedded_app.rb
 - lib/shopify_app/controller_concerns/ensure_billing.rb
 - lib/shopify_app/controller_concerns/frame_ancestors.rb
-- lib/shopify_app/controller_concerns/itp.rb
 - lib/shopify_app/controller_concerns/localization.rb
 - lib/shopify_app/controller_concerns/login_protection.rb
 - lib/shopify_app/controller_concerns/payload_verification.rb
@@ -441,10 +428,8 @@ files:
 - lib/shopify_app/controller_concerns/webhook_verification.rb
 - lib/shopify_app/engine.rb
 - lib/shopify_app/errors.rb
-- lib/shopify_app/jobs/scripttags_manager_job.rb
 - lib/shopify_app/jobs/webhooks_manager_job.rb
 - lib/shopify_app/logger.rb
-- lib/shopify_app/managers/scripttags_manager.rb
 - lib/shopify_app/managers/webhooks_manager.rb
 - lib/shopify_app/middleware/jwt_middleware.rb
 - lib/shopify_app/session/in_memory_session_store.rb
@@ -482,14 +467,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.4
+rubygems_version: 3.5.6
 signing_key: 
 specification_version: 4
 summary: This gem is used to get quickly started with the Shopify API

data/app/controllers/concerns/shopify_app/authenticated.rb

@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-module ShopifyApp
-  module Authenticated
-    extend ActiveSupport::Concern
-
-    included do
-      ShopifyApp::Logger.deprecated(
-        "Authenticated has been replaced by EnsureHasSession."\
-          " Please use the EnsureHasSession controller concern for the same behavior",
-        "22.0.0",
-      )
-    end
-
-    include ShopifyApp::EnsureHasSession
-  end
-end

data/app/controllers/concerns/shopify_app/require_known_shop.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-module ShopifyApp
-  module RequireKnownShop
-    extend ActiveSupport::Concern
-    include ShopifyApp::EnsureInstalled
-
-    included do
-      ShopifyApp::Logger.deprecated(
-        "RequireKnownShop has been replaced by EnsureInstalled."\
-          " Please use the EnsureInstalled controller concern for the same behavior",
-        "22.0.0",
-      )
-    end
-  end
-end

data/docs/shopify_app/script-tags.md

@@ -1,28 +0,0 @@
-# ScriptTags
-
-#### Table of contents
-
-[Manage ScriptTags using the Shopify App initializer](#manage-scripttags-using-the-shopify-app-initializer)
-
-## Manage ScriptTags using the Shopify App initializer
-
-As with webhooks, ShopifyApp can manage your app's [ScriptTags](https://shopify-dev-staging.shopifycloud.com/docs/admin-api/graphql/reference/online-store/scripttag) for you by setting which scripttags you require in the initializer:
-
-```ruby
-ShopifyApp.configure do |config|
-  config.scripttags = [
-    {event:'onload', src: 'https://example.com/fancy.js'},
-    {event:'onload', src: ->(domain) { dynamic_tag_url(domain) } }
-  ]
-end
-```
-
-You also need to have write_script_tags permission in the config scope in order to add script tags automatically:
-
-```ruby
- config.scope = '... , write_script_tags'
-```
-
-Scripttags are created in the same way as the [Webhooks](/docs/shopify_app/webhooks.md), with a background job which will create the required scripttags.
-
-If `src` responds to `call` its return value will be used as the scripttag's source. It will be called on scripttag creation and deletion.

data/lib/generators/shopify_app/add_marketing_activity_extension/add_marketing_activity_extension_generator.rb

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-require "rails/generators/base"
-
-module ShopifyApp
-  module Generators
-    class AddMarketingActivityExtensionGenerator < Rails::Generators::Base
-      source_root File.expand_path("../templates", __FILE__)
-
-      def generate_app_extension
-        ShopifyApp::Logger.deprecated("MarketingActivitiesController will be removed in an upcoming version", "22.0.0")
-        template("marketing_activities_controller.rb", "app/controllers/marketing_activities_controller.rb")
-        generate_routes
-      end
-
-      private
-
-      def generate_routes
-        inject_into_file(
-          "config/routes.rb",
-          optimize_indentation(routes, 2),
-          after: "root :to => 'home#index'\n",
-        )
-      end
-
-      def routes
-        <<~EOS
-
-          resource :marketing_activities, only: [:create, :update] do
-            patch :resume
-            patch :pause
-            patch :delete
-            post :republish
-            post :preload_form_data
-            post :preview
-            post :errors
-          end
-        EOS
-      end
-    end
-  end
-end

data/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb

@@ -1,63 +0,0 @@
-# frozen_string_literal: true
-
-class MarketingActivitiesController < ShopifyApp::ExtensionVerificationController
-  def preload_form_data
-    preload_data = {
-      "form_data": {},
-    }
-    render(json: preload_data, status: :ok)
-  end
-
-  def update
-    render(json: {}, status: :accepted)
-  end
-
-  def pause
-    render(json: {}, status: :accepted)
-  end
-
-  def resume
-    render(json: {}, status: :accepted)
-  end
-
-  def delete
-    render(json: {}, status: :accepted)
-  end
-
-  def preview
-    placeholder_img = "https://cdn.shopify.com/s/files/1/0533/2089/files/placeholder-images-image_small.png"
-    preview_response = {
-      "desktop": {
-        "preview_url": placeholder_img,
-        "content_type": "text/html",
-        "width": 360,
-        "height": 200,
-      },
-      "mobile": {
-        "preview_url": placeholder_img,
-        "content_type": "text/html",
-        "width": 360,
-        "height": 200,
-      },
-    }
-    render(json: preview_response, status: :ok)
-  end
-
-  def create
-    render(json: {}, status: :ok)
-  end
-
-  def republish
-    render(json: {}, status: :accepted)
-  end
-
-  def errors
-    request_id = params[:request_id]
-    message = params[:message]
-
-    ShopifyApp::Logger.info("[Marketing Activity App Error Feedback]"\
-      "Request id: #{request_id}, message: #{message}")
-
-    render(json: {}, status: :ok)
-  end
-end

data/lib/shopify_app/controller_concerns/itp.rb

@@ -1,50 +0,0 @@
-# frozen_string_literal: true
-
-module ShopifyApp
-  # Cookie management helpers required for ITP implementation
-  module Itp
-    extend ActiveSupport::Concern
-    included do
-      ShopifyApp::Logger.deprecated("Itp will be removed in an upcoming version", "22.0.0")
-    end
-
-    private
-
-    def set_test_cookie
-      return unless ShopifyApp.configuration.embedded_app?
-      return unless user_agent_can_partition_cookies
-
-      session["shopify.cookies_persist"] = true
-    end
-
-    def set_top_level_oauth_cookie
-      session["shopify.top_level_oauth"] = true
-    end
-
-    def clear_top_level_oauth_cookie
-      session.delete("shopify.top_level_oauth")
-    end
-
-    def user_agent_is_mobile
-      user_agent = BrowserSniffer.new(request.user_agent).browser_info
-
-      user_agent[:name].to_s.match(/Shopify\sMobile/)
-    end
-
-    def user_agent_is_pos
-      user_agent = BrowserSniffer.new(request.user_agent).browser_info
-
-      user_agent[:name].to_s.match(/Shopify\sPOS/)
-    end
-
-    def user_agent_can_partition_cookies
-      user_agent = BrowserSniffer.new(request.user_agent).browser_info
-
-      is_safari = user_agent[:name].to_s.match(/Safari/)
-
-      return false unless is_safari
-
-      user_agent[:version].to_s.match(/12\.0/)
-    end
-  end
-end

data/lib/shopify_app/jobs/scripttags_manager_job.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-module ShopifyApp
-  class ScripttagsManagerJob < ActiveJob::Base
-    queue_as do
-      ShopifyApp.configuration.scripttags_manager_queue_name
-    end
-
-    def perform(shop_domain:, shop_token:, scripttags:)
-      ShopifyAPI::Auth::Session.temp(shop: shop_domain, access_token: shop_token) do
-        manager = ScripttagsManager.new(scripttags, shop_domain)
-        manager.create_scripttags
-      end
-    end
-  end
-end

data/lib/shopify_app/managers/scripttags_manager.rb

@@ -1,85 +0,0 @@
-# frozen_string_literal: true
-
-module ShopifyApp
-  class ScripttagsManager
-    def self.queue(shop_domain, shop_token, scripttags)
-      ShopifyApp::ScripttagsManagerJob.perform_later(
-        shop_domain: shop_domain,
-        shop_token: shop_token,
-        # Procs cannot be serialized so we interpolate now, if necessary
-        scripttags: build_src(scripttags, shop_domain),
-      )
-    end
-
-    def self.build_src(scripttags, domain)
-      scripttags.map do |tag|
-        next tag unless tag[:src].respond_to?(:call)
-
-        tag = tag.dup
-        tag[:src] = tag[:src].call(domain)
-        tag
-      end
-    end
-
-    attr_reader :required_scripttags, :shop_domain
-
-    def initialize(scripttags, shop_domain)
-      ShopifyApp::Logger.deprecated("The ScripttagsManager will become deprecated in an upcoming version", "22.0.0")
-      @required_scripttags = scripttags
-      @shop_domain = shop_domain
-    end
-
-    def recreate_scripttags!
-      destroy_scripttags
-      create_scripttags
-    end
-
-    def create_scripttags
-      return unless required_scripttags.present?
-
-      expanded_scripttags.each do |scripttag|
-        create_scripttag(scripttag) unless scripttag_exists?(scripttag[:src])
-      end
-    end
-
-    def destroy_scripttags
-      scripttags = expanded_scripttags
-      ShopifyAPI::ScriptTag.all.each do |tag|
-        tag.delete if required_scripttag?(scripttags, tag)
-      end
-
-      @current_scripttags = nil
-    end
-
-    private
-
-    def expanded_scripttags
-      self.class.build_src(required_scripttags, shop_domain)
-    end
-
-    def required_scripttag?(scripttags, tag)
-      scripttags.map { |w| w[:src] }.include?(tag.src)
-    end
-
-    def create_scripttag(attributes)
-      scripttag = ShopifyAPI::ScriptTag.new
-      attributes.each { |key, value| scripttag.public_send("#{key}=", value) }
-
-      begin
-        scripttag.save!
-      rescue ShopifyAPI::Errors::HttpResponseError => e
-        raise ::ShopifyApp::CreationFailed, e.message
-      end
-
-      scripttag
-    end
-
-    def scripttag_exists?(src)
-      current_scripttags[src]
-    end
-
-    def current_scripttags
-      @current_scripttags ||= ShopifyAPI::ScriptTag.all.index_by(&:src)
-    end
-  end
-end