shopify_app 21.6.0 → 22.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a92631c8bf253b232ab525ca71c8eb4e9dd9803d040942994d6c82aa440a3a83
-  data.tar.gz: 27bc111e45acffb302e8c794e8ecbffe9c558ab0deb3234b9512050565d8e866
+  metadata.gz: d8a8d6fb5b227bbe3070fba9050497eb007e4191a782bc89b12a84546470ed65
+  data.tar.gz: 5f8d8e4486585b07a93ad7f6abddaebde7a263568dc78e757627476aba37d38b
 SHA512:
-  metadata.gz: 5b1ff59a290a9ef78dde26b03ce51b01ab31569e1d3ea29daca6df81dfec1903e9f785b06db4aa5fbe7dd66a078c4647ff981f5e3a02508b7457c07e84a5cc51
-  data.tar.gz: 25d4baeebf8988d25bf3ac545deba5746ed6ff56e33d8ea0de8413fff50ae711e4804e2a10da2b893e2a741561be20b05b58d26ba9ab458fb29f582009dbd2f3
+  metadata.gz: 2a0b7ad073c42b6fbe5033aa686fa365050d8d56305507746b15f938a1511e979eecd49dcaefbe2793114c6ca4c4ef4f986085b743651115dc816faab404da15
+  data.tar.gz: a8896ed834816ef8fd35f17db67aef3efcd401fa2a46900e2a2bce8d5b96f863db3eaa0335e73d63b6c48e6382d52d9103c46fce7a7252568e1abe7e503d2075

data/.github/CODEOWNERS

@@ -1,2 +1,3 @@
 *       @shopify/platform-dev-tools-education
 *       @shopify/app-foundations
+*       @Shopify/client-libraries-app-templates

data/.github/ISSUE_TEMPLATE/bug-report.md

@@ -6,36 +6,41 @@ labels: "Type: Bug 🐛"
 
 # Issue summary
 
-<!--
-
-Write a short description of the issue here. Please provide any details or logs that
-can help us debug it.
+Before opening this issue, I have:
+
+- [ ] Upgraded to the latest version of the package
+  - `shopify_app` version:
+  - Ruby version:
+  - Operating system:
+- [ ] Set `log_level: :debug` [in my configuration](https://github.com/Shopify/shopify-api-ruby#setup-shopify-context), if applicable
+- [ ] Found a reliable way to reproduce the problem that indicates it's a problem with the package
+- [ ] Looked for similar issues in this repository
+- [ ] Checked that this isn't an issue with a Shopify API
+  - If it is, please create a post in the [Shopify community forums](https://community.shopify.com/c/partners-and-developers/ct-p/appdev) or report it to [Shopify Partner Support](https://help.shopify.com/en/support/partners/org-select)
 
-Increase the logs as described in the README by setting log_level to :debug, and paste the relevant portion here.
-
-Learn more: https://github.com/Shopify/shopify-api-ruby#setup-shopify-context
+<!--
+Write a short description of the issue here.
 
+We can only fix issues for which there is a clear reproduction scenario.
+The more context you can provide, the easier it becomes for us to investigate and fix the issue.
 -->
 
-- `shopify_api` version:
-- `shopify_app` version:
-- Ruby version:
-- Operating system:
-
-```
-// Paste any relevant logs here
-```
-
 ## Expected behavior
 
-<!-- What do you think should happen? -->
+What do you think should happen?
 
 ## Actual behavior
 
-<!-- What actually happens? -->
+What actually happens?
 
 ## Steps to reproduce the problem
 
 1.
 1.
 1.
+
+## Debug logs
+
+```
+// Paste any relevant logs here
+```

data/.github/workflows/build.yml

@@ -12,7 +12,7 @@ jobs:
     name: Ruby ${{ matrix.version }}
     strategy:
       matrix:
-        version: ['2.7', '3.0', '3.1', '3.2']
+        version: ['3.0', '3.1', '3.2', '3.3']
 
     steps:
       - uses: actions/checkout@v3
@@ -30,7 +30,7 @@ jobs:
       - name: Set up Node
         uses: actions/setup-node@v3
         with:
-          node-version: '12'
+          node-version: '18'
       - name: Install Yarn Dependencies
         run: yarn
       - name: Run Yarn Tests

data/.github/workflows/release.yml

@@ -11,7 +11,7 @@ jobs:
     steps:
     - name: Extract tag name
       id: tag
-      run: echo "::set-output name=value::${GITHUB_REF##*/}"
+      run: echo "value=${GITHUB_REF##*/}" >> "$GITHUB_OUTPUT"
     - uses: actions/checkout@v3
 
     - name: Create Release

data/.github/workflows/rubocop.yml

@@ -8,10 +8,9 @@ jobs:
 
     steps:
     - uses: actions/checkout@v3
-    - name: Set up Ruby 2.7
+    - name: Set up Ruby
       uses: ruby/setup-ruby@v1
       with:
-        ruby-version: 2.7
         bundler-cache: true
     - name: Install gems
       run: |

data/.nvmrc

@@ -1 +1 @@
-12.22.8
+20.10.0

data/.rubocop.yml

@@ -2,7 +2,6 @@ inherit_gem:
     rubocop-shopify: rubocop.yml
 
 AllCops:
-  TargetRubyVersion: 2.7
   Exclude:
     - 'test/tmp/**/*'
     - 'vendor/bundle/**/*'

data/CHANGELOG.md

@@ -1,6 +1,121 @@
 Unreleased
 ----------
 
+22.5.0 (November 28, 2024)
+----------
+- Add support for filters in webhook registration [1923](https://github.com/Shopify/shopify_app/pull/1923)
+-  Make `ShopifyApp.configuration.scope` default to empty list `[]` [1913](https://github.com/Shopify/shopify_app/pull/1913)
+
+22.4.0 (August 22, 2024)
+----------
+- Add the `unified_admin_domain` configuration option for the unified admin domain.
+- Add new generators for webhook subscriptions defined in the `shopify.app.toml` file [1882](https://github.com/Shopify/shopify_app/pull/1882)
+- Fix test stubbing for Token Exchange auth [1897](https://github.com/Shopify/shopify_app/pull/1897)
+
+22.3.1 (July 26, 2024)
+----------
+- Handle edge case where we attempted to redirect to login when already at the top level [#1887](https://github.com/Shopify/shopify_app/pull/1887)
+
+22.3.0 (July 24, 2024)
+----------
+- Deprecate `ShopifyApp::JWTMiddleware`. And remove internal usage.  Any existing app code relying on decoded JWT contents set from `request.env` should instead include the `WithShopifyIdToken` concern and call its respective methods. [#1861](https://github.com/Shopify/shopify_app/pull/1861) [Migration Guide](/docs/Upgrading.md#v2300---removed-shopifyappjwtmiddleware)
+- Handle scenario when invalid URI is passed to `sanitize_shop_domain` [#1852](https://github.com/Shopify/shopify_app/pull/1852)
+- Remove references to old JS files during asset precompile [#1865](https://github.com/Shopify/shopify_app/pull/1865)
+- Remove old translation keys for `enable_cookies_*`, `top_level_interaction_*` and `request_storage_access_*` [#1865](https://github.com/Shopify/shopify_app/pull/1865)
+- Add invalid id token handling for `current_shopify_domain` method [#1868](https://github.com/Shopify/shopify_app/pull/1868)
+- Keep original path and params when redirecting deep links to embed [#1869](https://github.com/Shopify/shopify_app/pull/1869)
+- Fix managed install path for SPIN environments [#1877](https://github.com/Shopify/shopify_app/pull/1877)
+- Migrate fullpage redirect to App Bridge CDN [#1870](https://github.com/Shopify/shopify_app/pull/1870)
+- Improve embedded requests detection with `Sec-Fetch-Dest` header [#1873](https://github.com/Shopify/shopify_app/pull/1873)
+- Fix bug where locale is not read from session if locale param is not present in app request [#1878](https://github.com/Shopify/shopify_app/pull/1878)
+
+22.2.1 (May 6,2024)
+----------
+* Patch - Don't delete session on 401 errors during retry in `with_token_refetch` [#1844](https://github.com/Shopify/shopify_app/pull/1844)
+
+22.2.0 (May 2,2024)
+----------
+* Add new zero redirect authorization strategy - `Token Exchange`.
+  - This strategy replaces the existing OAuth flow for embedded apps and remove the redirects that were previously necessary to complete OAuth.
+  See ["New embedded app authorization strategy (Token Exchange)"](/README.md/#new-embedded-app-authorization-strategy-token-exchange) for how to enable this feature.
+  - Related PRs: [#1817](https://github.com/Shopify/shopify_app/pull/1817),
+  [#1818](https://github.com/Shopify/shopify_app/pull/1818),
+  [#1819](https://github.com/Shopify/shopify_app/pull/1819),
+  [#1821](https://github.com/Shopify/shopify_app/pull/1821),
+  [#1822](https://github.com/Shopify/shopify_app/pull/1822),
+  [#1823](https://github.com/Shopify/shopify_app/pull/1823),
+  [#1832](https://github.com/Shopify/shopify_app/pull/1832),
+  [#1833](https://github.com/Shopify/shopify_app/pull/1833),
+  [#1834](https://github.com/Shopify/shopify_app/pull/1834),
+  [#1836](https://github.com/Shopify/shopify_app/pull/1836),
+* Bumps `shopify_api` to `14.3.0` [1832](https://github.com/Shopify/shopify_app/pull/1832)
+* Support `id_token` from URL param [1832](https://github.com/Shopify/shopify_app/pull/1832)
+  * Extracted controller concern `WithShopifyIdToken`
+      * This concern provides a method `shopify_id_token` to retrieve the Shopify Id token from either the authorization header or the URL param `id_token`.
+  * `ShopifyApp::JWTMiddleware` supports retrieving session token from URL param `id_token`
+  * `ShopifyApp::JWTMiddleware` returns early if the app is not embedded to avoid unnecessary JWT verification
+  * `LoginProtection` now uses `WithShopifyIdToken` concern to retrieve the Shopify Id token, thus accepting the session token from the URL param `id_token`
+* Marking `ShopifyApp::JWT` to be deprecated in version 23.0.0 [1832](https://github.com/Shopify/shopify_app/pull/1832), use `ShopifyAPI::Auth::JwtPayload` instead.
+* Fix infinite redirect loop caused by handling errors from Billing API [1833](https://github.com/Shopify/shopify_app/pull/1833)
+
+22.1.0 (April 9,2024)
+----------
+* Extracted class - `PostAuthenticateTasks` to handle post authenticate tasks. To learn more, see [post authenticate tasks](/docs/shopify_app/authentication.md#post-authenticate-tasks). [1819](https://github.com/Shopify/shopify_app/pull/1819)
+* Bumps shopify_api dependency to 14.1.0 [1826](https://github.com/Shopify/shopify_app/pull/1826)
+
+22.0.1 (March 12, 2024)
+----------
+* Bumps `shopify_api` to `14.0.1` [1813](https://github.com/Shopify/shopify_app/pull/1813)
+
+22.00.0 (March 5, 2024)
+----------
+
+To migrate from a previous version, please see the [v22 migration guide](docs/Upgrading.md#upgrading-to-v2200).
+
+* ⚠️ [Breaking] Bumps minimum supported Ruby version to 3.0. Bumps `shopify_api` to 14.0 [1801](https://github.com/Shopify/shopify_app/pull/1801)
+* ⚠️ [Breaking] Removes deprecated controller concerns that were renamed in `v21.10.0`. [1805](https://github.com/Shopify/shopify_app/pull/1805)
+* ⚠️ [Breaking] Removes deprecated `ScripttagManager`. We realize there was communication error in our logging where we logged future deprecation instead of our inteded removal. Since we have been logging that for 2 years we felt we'd move forward with the removal instead pushing this off until the next major release. [1806](https://github.com/Shopify/shopify_app/pull/1806)
+* ⚠️ [Breaking] Removes ITP controller concern and `browser_sniffer` dependency.[1810](https://github.com/Shopify/shopify_app/pull/1810)
+* ⚠️ [Breaking] Removes Marketing Extensions generator [1810](https://github.com/Shopify/shopify_app/pull/1810)
+* ⚠️ [Breaking] Thows an error if a controller includes incompatible concerns (LoginProtection/EnsureInstalled) [1809](https://github.com/Shopify/shopify_app/pull/1809)
+* ⚠️ [Breaking] No longer rescues non-shopify API errors during OAuth
+  callback [1807](https://github.com/Shopify/shopify_app/pull/1807)
+* Make type param for webhooks route optional. This will fix a bug with CLI initiated webhooks.[1786](https://github.com/Shopify/shopify_app/pull/1786)
+* Fix redirecting to login when we catch a 401 response from Shopify, so that it can also handle cases where the app is already embedded when that happens.[1787](https://github.com/Shopify/shopify_app/pull/1787)
+* Always register webhooks with offline sessions.[1788](https://github.com/Shopify/shopify_app/pull/1788)
+
+21.10.0 (January 24, 2024)
+----------
+* Fix session deletion for users with customized session storage[#1773](https://github.com/Shopify/shopify_app/pull/1773)
+* Add configuration flag `check_session_expiry_date` to trigger a re-auth when the (user) session is expired. The session expiry date must be stored and retrieved for this flag to be effective. When the `UserSessionStorageWithScopes` concern is used, a DB migration can be generated with `rails generate shopify_app:user_model --skip` and should be applied before enabling that flag[#1757](https://github.com/Shopify/shopify_app/pull/1757)
+
+21.9.0 (January 16, 2024)
+----------
+* Fix `add_webhook` generator to create the webhook jobs under the correct directory[#1748](https://github.com/Shopify/shopify_app/pull/1748)
+* Add support for metafield_namespaces in webhook registration [#1745](https://github.com/Shopify/shopify_app/pull/1745)
+* Bumps `shopify_api` to latest version (13.4.0), adds support for 2024-01 API version [#1776](https://github.com/Shopify/shopify_app/pull/1776)
+
+21.8.1 (December 6, 2023)
+----------
+* Bump `shopify_api` to 13.3.1 [1763](https://github.com/Shopify/shopify-api-ruby/blob/main/CHANGELOG.md#1331)
+
+21.8.0 (Dec 1, 2023)
+----------
+* Bump `shopify_api` to include bugfix with mandatory webhooks + fixes for CI failures that prevented earlier release
+* Fixes bug with `WebhooksManager#recreate_webhooks!` where we failed to register topics in the registry[#1743](https://github.com/Shopify/shopify_app/pull/1704)
+* Allow embedded apps to provide a full URL to get redirected to, rather than defaulting to Shopify Admin [#1746](https://github.com/Shopify/shopify_app/pull/1746)
+
+21.7.0 (Oct 12, 2023)
+----------
+* Fixes typo in webhook generator [#1704](https://github.com/Shopify/shopify_app/pull/1704)
+* Fix registration of event_bridge and pub_sub webhooks [#1635](https://github.com/Shopify/shopify_app/pull/1635)
+* Adds support for adding any number of trial days within `EnsureBilling` by adding the `trial_days` field to `BillingConfiguration`
+* Updated AppBridge to 3.7.8 [#1680](https://github.com/Shopify/shopify_app/pull/1680)
+* Support falling back to 2 letter language code locales [#1711](https://github.com/Shopify/shopify_app/pull/1711)
+* Fix locale leaks across requests [#1711](https://github.com/Shopify/shopify_app/pull/1711)
+* Fix bug in `InMemoryUserSessionStore#store`, this can now be used out of box. [#1716](https://github.com/Shopify/shopify_app/pull/1716)
+* Adds support for 2023-10 API version [#1734](https://github.com/Shopify/shopify_app/pull/1734)
+
 21.6.0 (July 11, 2023)
 ----------
 * Adds support for toggling test charges within `EnsureBilling` by adding `test` field to `BillingConfiguration` and pulling in environment variable [#1688](https://github.com/Shopify/shopify_app/pull/1688)

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,46 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all
+people who contribute through reporting issues, posting feature
+requests, updating documentation, submitting pull requests or patches,
+and other activities.
+
+We are committed to making participation in this project a
+harassment-free experience for everyone, regardless of level of
+experience, gender, gender identity and expression, sexual orientation,
+disability, personal appearance, body size, race, ethnicity, age,
+religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+- The use of sexualized language or imagery
+- Personal attacks
+- Trolling or insulting/derogatory comments
+- Public or private harassment
+- Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+- Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit,
+or reject comments, commits, code, wiki edits, issues, and other
+contributions that are not aligned to this Code of Conduct, or to ban
+temporarily or permanently any contributor for other behaviors that they
+deem inappropriate, threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves
+to fairly and consistently applying these principles to every aspect of
+managing this project. Project maintainers who do not follow or enforce
+the Code of Conduct may be permanently removed from the project team.
+
+This Code of Conduct applies both within project spaces and in public
+spaces when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may
+be reported by contacting a project maintainer at <opensource@shopify.com>.
+All complaints will be reviewed and investigated and will result in a response
+that is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an incident.
+
+This Code of Conduct is adapted from the Contributor Covenant, version
+1.3.0, available from http://contributor-covenant.org/version/1/3/0/

data/CONTRIBUTING.md

@@ -23,7 +23,7 @@ Shopify has an official message board with dedicated forums to discuss all thing
 * [Shopify Apps](https://community.shopify.com/c/Shopify-Apps/bd-p/shopify-apps)
 * [Shopify APIs & SDKs](https://community.shopify.com/c/Shopify-APIs-SDKs/bd-p/shopify-apis-and-technology)
 
-If you prefer to chat instead, join the [Shopify Partners Slack Community group](https://www.shopify.com/partners/community#conversation). This Slack group hosts an active community of thousands of app developers.
+If you prefer to chat instead, join the [Shopify Partners Slack Community group](https://community.shopify.com/c/partners-and-developers/ct-p/appdev). This Slack group hosts an active community of thousands of app developers.
 
 By participating in the Community forum or Slack group, you agree to adhere to the forum [Code of Conduct](https://community.shopify.com/c/Announcements/Code-of-Conduct/m-p/491969#M23) outlined.
 
@@ -89,8 +89,3 @@ To run tests, you'll need to make sure that your development environment is setu
 * To run all tests: `bundle exec rake test`
 * To run a specific test file: `bundle exec rake test TEST=test/controllers/callback_controller_test.rb`
 * To run a single test: `bundle exec rake test TEST=test/controllers/callback_controller_test.rb:50` where `50` is the line number on or inside the test case.
-
-### App Bridge client
-
-This gem ships with a UMD version of the App Bridge client. It lives inside the assets folder: `app/assets/javascripts/shopify_app/`. To update the client, simply download the UMD build from [unpkg.com](https://unpkg.com/@shopify/app-bridge) and save it into the folder.
-Please follow the convention of including the client version number in the filename. Finally, change the reference to the new App Bridge client inside `app/assets/javascripts/shopify_app/app_bridge_redirect.js`.

data/Gemfile.lock

@@ -1,81 +1,80 @@
 PATH
   remote: .
   specs:
-    shopify_app (21.6.0)
+    shopify_app (22.5.0)
       activeresource
       addressable (~> 2.7)
-      browser_sniffer (~> 2.0)
       jwt (>= 2.2.3)
       rails (> 5.2.1)
       redirect_safely (~> 1.0)
-      shopify_api (~> 13.1)
+      shopify_api (>= 14.7.0, < 15.0)
       sprockets-rails (>= 2.0.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.1.7.3)
-      actionpack (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    actioncable (6.1.7.9)
+      actionpack (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7.3)
-      actionpack (= 6.1.7.3)
-      activejob (= 6.1.7.3)
-      activerecord (= 6.1.7.3)
-      activestorage (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    actionmailbox (6.1.7.9)
+      actionpack (= 6.1.7.9)
+      activejob (= 6.1.7.9)
+      activerecord (= 6.1.7.9)
+      activestorage (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       mail (>= 2.7.1)
-    actionmailer (6.1.7.3)
-      actionpack (= 6.1.7.3)
-      actionview (= 6.1.7.3)
-      activejob (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    actionmailer (6.1.7.9)
+      actionpack (= 6.1.7.9)
+      actionview (= 6.1.7.9)
+      activejob (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.7.3)
-      actionview (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    actionpack (6.1.7.9)
+      actionview (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7.3)
-      actionpack (= 6.1.7.3)
-      activerecord (= 6.1.7.3)
-      activestorage (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    actiontext (6.1.7.9)
+      actionpack (= 6.1.7.9)
+      activerecord (= 6.1.7.9)
+      activestorage (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       nokogiri (>= 1.8.5)
-    actionview (6.1.7.3)
-      activesupport (= 6.1.7.3)
+    actionview (6.1.7.9)
+      activesupport (= 6.1.7.9)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.7.3)
-      activesupport (= 6.1.7.3)
+    activejob (6.1.7.9)
+      activesupport (= 6.1.7.9)
       globalid (>= 0.3.6)
-    activemodel (6.1.7.3)
-      activesupport (= 6.1.7.3)
+    activemodel (6.1.7.9)
+      activesupport (= 6.1.7.9)
     activemodel-serializers-xml (1.0.2)
       activemodel (> 5.x)
       activesupport (> 5.x)
       builder (~> 3.1)
-    activerecord (6.1.7.3)
-      activemodel (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
-    activeresource (6.0.0)
+    activerecord (6.1.7.9)
+      activemodel (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
+    activeresource (6.1.3)
       activemodel (>= 6.0)
       activemodel-serializers-xml (~> 1.0)
       activesupport (>= 6.0)
-    activestorage (6.1.7.3)
-      actionpack (= 6.1.7.3)
-      activejob (= 6.1.7.3)
-      activerecord (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    activestorage (6.1.7.9)
+      actionpack (= 6.1.7.9)
+      activejob (= 6.1.7.9)
+      activerecord (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.7.3)
+    activesupport (6.1.7.9)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -86,30 +85,29 @@ GEM
     ast (2.4.2)
     binding_of_caller (1.0.0)
       debug_inspector (>= 0.0.1)
-    browser_sniffer (2.2.0)
-    builder (3.2.4)
+    builder (3.3.0)
     byebug (11.1.3)
     coderay (1.1.3)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.3.4)
     crack (0.4.5)
       rexml
     crass (1.0.6)
-    date (3.3.3)
+    date (3.3.4)
     debug_inspector (1.1.0)
-    erubi (1.12.0)
-    globalid (1.1.0)
-      activesupport (>= 5.0)
+    erubi (1.13.0)
+    globalid (1.2.1)
+      activesupport (>= 6.1)
     hash_diff (1.1.1)
     hashdiff (1.0.1)
     httparty (0.21.0)
       mini_mime (>= 1.0.0)
       multi_xml (>= 0.5.2)
-    i18n (1.13.0)
+    i18n (1.14.6)
       concurrent-ruby (~> 1.0)
-    json (2.6.3)
+    json (2.7.2)
     jwt (2.7.0)
     language_server-protocol (3.17.0.3)
-    loofah (2.21.3)
+    loofah (2.22.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mail (2.8.1)
@@ -119,32 +117,33 @@ GEM
       net-smtp
     marcel (1.0.2)
     method_source (1.0.0)
-    mini_mime (1.1.2)
+    mini_mime (1.1.5)
     minitest (5.18.0)
     mocha (2.0.2)
       ruby2_keywords (>= 0.0.5)
     multi_xml (0.6.0)
-    net-imap (0.3.4)
+    net-imap (0.4.17)
       date
       net-protocol
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.5.0)
       net-protocol
     nio4r (2.5.9)
-    nokogiri (1.15.0-arm64-darwin)
+    nokogiri (1.16.7-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.15.0-x86_64-darwin)
+    nokogiri (1.16.7-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.15.0-x86_64-linux)
+    nokogiri (1.16.7-x86_64-linux)
       racc (~> 1.4)
     oj (3.14.3)
     openssl (3.1.0)
-    parallel (1.23.0)
-    parser (3.2.2.1)
+    parallel (1.24.0)
+    parser (3.3.0.5)
       ast (~> 2.4.1)
+      racc
     prettier_print (1.2.1)
     pry (0.14.2)
       coderay (~> 1.1)
@@ -155,37 +154,39 @@ GEM
       binding_of_caller (~> 1.0)
       pry (~> 0.13)
     public_suffix (5.0.1)
-    racc (1.6.2)
-    rack (2.2.7)
+    racc (1.8.1)
+    rack (2.2.10)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (6.1.7.3)
-      actioncable (= 6.1.7.3)
-      actionmailbox (= 6.1.7.3)
-      actionmailer (= 6.1.7.3)
-      actionpack (= 6.1.7.3)
-      actiontext (= 6.1.7.3)
-      actionview (= 6.1.7.3)
-      activejob (= 6.1.7.3)
-      activemodel (= 6.1.7.3)
-      activerecord (= 6.1.7.3)
-      activestorage (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    rails (6.1.7.9)
+      actioncable (= 6.1.7.9)
+      actionmailbox (= 6.1.7.9)
+      actionmailer (= 6.1.7.9)
+      actionpack (= 6.1.7.9)
+      actiontext (= 6.1.7.9)
+      actionview (= 6.1.7.9)
+      activejob (= 6.1.7.9)
+      activemodel (= 6.1.7.9)
+      activerecord (= 6.1.7.9)
+      activestorage (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       bundler (>= 1.15.0)
-      railties (= 6.1.7.3)
+      railties (= 6.1.7.9)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
       activesupport (>= 5.0.1.rc1)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
-      loofah (~> 2.19, >= 2.19.1)
-    railties (6.1.7.3)
-      actionpack (= 6.1.7.3)
-      activesupport (= 6.1.7.3)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
+    railties (6.1.7.9)
+      actionpack (= 6.1.7.9)
+      activesupport (= 6.1.7.9)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
@@ -194,20 +195,21 @@ GEM
     rb-readline (0.5.5)
     redirect_safely (1.0.0)
       activemodel
-    regexp_parser (2.8.0)
-    rexml (3.2.5)
-    rubocop (1.51.0)
+    regexp_parser (2.9.0)
+    rexml (3.3.9)
+    rubocop (1.62.1)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.1)
-      parser (>= 3.2.1.0)
+    rubocop-ast (1.31.2)
+      parser (>= 3.3.0.4)
     rubocop-shopify (2.13.0)
       rubocop (~> 1.50)
     ruby-lsp (0.5.1)
@@ -217,7 +219,7 @@ GEM
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
     securerandom (0.2.2)
-    shopify_api (13.1.0)
+    shopify_api (14.7.0)
       activesupport
       concurrent-ruby
       hash_diff
@@ -236,16 +238,16 @@ GEM
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    sqlite3 (1.6.3-arm64-darwin)
-    sqlite3 (1.6.3-x86_64-darwin)
-    sqlite3 (1.6.3-x86_64-linux)
+    sqlite3 (1.7.3-arm64-darwin)
+    sqlite3 (1.7.3-x86_64-darwin)
+    sqlite3 (1.7.3-x86_64-linux)
     syntax_tree (6.1.1)
       prettier_print (>= 1.2.0)
     thor (1.2.2)
-    timeout (0.3.2)
+    timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.5.0)
     webmock (3.18.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
@@ -253,11 +255,12 @@ GEM
     websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    zeitwerk (2.6.4)
+    zeitwerk (2.6.18)
 
 PLATFORMS
   arm64-darwin-21
   arm64-darwin-22
+  arm64-darwin-23
   x86_64-darwin-19
   x86_64-darwin-20
   x86_64-darwin-21