shopify_app 21.7.0 → 21.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '008956269ae292bfcb408c5701406a310047edbf97fb9296842187dd007d3b9c'
-  data.tar.gz: dc745806e7b7704ee849fe492860aebc9e4d3ff6a45dde83cad944c96cd7721a
+  metadata.gz: 49db79a7ee1809140f869b5a2b0ab52fe6b9e64d53c8d4cd21084763b59392cc
+  data.tar.gz: 5cef8ded01f6a2cebbd887fdc2811ac5612df5ae7b6fb684fa8aadfd3b56ad37
 SHA512:
-  metadata.gz: b5c923af9c94e9c95278febd2b528bd1f51b6e4ff59693f9f32937c37bec078eee4ff06c801f52a2f7424df46b13c0616989e413a4c849b85e74b9394b02cae9
-  data.tar.gz: 93511dc7c71caeec004438d7131d9289eae5dd285365e9fd10fbb771e5567818e561c747607cefe12ff76e32c4f913f59704008db90e13bbab4c216486b7d734
+  metadata.gz: 705b96b32ef22ee3c0f24391e2dc18c194e0c914fb1b03df449d79129da5dddfbdf095949c0ae5d1b219f5533a53384d24ded2464a8e00190099cf6c77c4f182
+  data.tar.gz: ffb76479139e64d4685c87f2af945e90bb7ad45e56b3d42bb6738052da2bedc80c637df977a7671e2ed1c2e28ba2041489444c9046fe5a13631b4708ae0ab9fa

data/.github/CODEOWNERS

@@ -1,2 +1,3 @@
 *       @shopify/platform-dev-tools-education
 *       @shopify/app-foundations
+*       @Shopify/client-libraries-app-templates

data/.github/workflows/build.yml

@@ -30,7 +30,7 @@ jobs:
       - name: Set up Node
         uses: actions/setup-node@v3
         with:
-          node-version: '12'
+          node-version: '18'
       - name: Install Yarn Dependencies
         run: yarn
       - name: Run Yarn Tests

data/CHANGELOG.md

@@ -1,6 +1,12 @@
 Unreleased
 ----------
 
+21.8.0 (Dec 1, 2023)
+----------
+* Bump `shopify_api` to include bugfix with mandatory webhooks + fixes for CI failures that prevented earlier release
+* Fixes bug with `WebhooksManager#recreate_webhooks!` where we failed to register topics in the registry[#1743](https://github.com/Shopify/shopify_app/pull/1704)
+* Allow embedded apps to provide a full URL to get redirected to, rather than defaulting to Shopify Admin [#1746](https://github.com/Shopify/shopify_app/pull/1746)
+
 21.7.0 (Oct 12, 2023)
 ----------
 * Fixes typo in webhook generator [#1704](https://github.com/Shopify/shopify_app/pull/1704)

data/Gemfile.lock

@@ -1,14 +1,14 @@
 PATH
   remote: .
   specs:
-    shopify_app (21.7.0)
+    shopify_app (21.8.0)
       activeresource
       addressable (~> 2.7)
       browser_sniffer (~> 2.0)
       jwt (>= 2.2.3)
       rails (> 5.2.1)
       redirect_safely (~> 1.0)
-      shopify_api (~> 13.2)
+      shopify_api (~> 13.3)
       sprockets-rails (>= 2.0.0)
 
 GEM
@@ -217,7 +217,7 @@ GEM
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
     securerandom (0.2.2)
-    shopify_api (13.2.0)
+    shopify_api (13.3.0)
       activesupport
       concurrent-ruby
       hash_diff

data/app/controllers/shopify_app/callback_controller.rb

@@ -70,14 +70,25 @@ module ShopifyApp
 
     def redirect_to_app
       if ShopifyAPI::Context.embedded?
-        return_to = "#{decoded_host}#{session.delete(:return_to)}"
-        return_to = ShopifyApp.configuration.root_url if deduced_phishing_attack?
-        redirect_to(return_to, allow_other_host: true)
+        return_to = session.delete(:return_to)
+        redirect_to = if fully_formed_url?(return_to)
+          return_to
+        else
+          "#{decoded_host}#{return_to}"
+        end
+
+        redirect_to = ShopifyApp.configuration.root_url if deduced_phishing_attack?
+        redirect_to(redirect_to, allow_other_host: true)
       else
         redirect_to(return_address)
       end
     end
 
+    def fully_formed_url?(return_to)
+      uri = Addressable::URI.parse(return_to)
+      uri.present? && uri.scheme.present? && uri.host.present?
+    end
+
     def decoded_host
       @decoded_host ||= ShopifyAPI::Auth.embedded_app_url(params[:host])
     end

data/docs/shopify_app/webhooks.md

@@ -3,7 +3,7 @@
 #### Table of contents
 
 [Manage webhooks using `ShopifyApp::WebhooksManager`](#manage-webhooks-using-shopifyappwebhooksmanager)
-[Mandatory GDPR Webhooks](#mandatory-gdpr-webhooks)
+[Mandatory Privacy Webhooks](#mandatory-privacy-webhooks)
 
 ## Manage webhooks using `ShopifyApp::WebhooksManager`
 
@@ -72,9 +72,9 @@ rails g shopify_app:add_webhook --topic carts/update --path webhooks/carts_updat
 
 Where `--topic` is the topic and `--path` is the path the webhook should be sent to.
 
-## Mandatory GDPR Webhooks
+## Mandatory Privacy Webhooks
 
-We have three mandatory GDPR webhooks
+We have three mandatory privacy webhooks
 
 1. `customers/data_request`
 2. `customer/redact`

data/karma.conf.js

@@ -26,7 +26,12 @@ module.exports = function(config) {
     preprocessors: {
       'test/javascripts/**/*test.js': ['webpack'],
     },
-    webpack: {},
+    webpack: {
+      mode: 'none',
+      output: {
+        hashFunction: 'rsa-sha512',
+      },
+    },
     reporters: karmaReporters,
     port: 9876,
     colors: true,

data/lib/generators/shopify_app/{add_gdpr_jobs/add_gdpr_jobs_generator.rb → add_privacy_jobs/add_privacy_jobs_generator.rb}

@@ -4,7 +4,7 @@ require "rails/generators/base"
 
 module ShopifyApp
   module Generators
-    class AddGdprJobsGenerator < Rails::Generators::Base
+    class AddPrivacyJobsGenerator < Rails::Generators::Base
       source_root File.expand_path("../templates", __FILE__)
 
       def add_customer_data_request_job

data/lib/generators/shopify_app/shopify_app_generator.rb

@@ -10,7 +10,7 @@ module ShopifyApp
 
       def run_all_generators
         generate("shopify_app:add_app_uninstalled_job")
-        generate("shopify_app:add_gdpr_jobs")
+        generate("shopify_app:add_privacy_jobs")
         generate("shopify_app:install #{@opts.join(" ")}")
         generate("shopify_app:shop_model #{@opts.join(" ")}")
         generate("shopify_app:authenticated_controller")

data/lib/shopify_app/managers/webhooks_manager.rb

@@ -26,6 +26,7 @@ module ShopifyApp
 
         ShopifyApp::Logger.debug("Recreating webhooks")
         add_registrations
+        create_webhooks(session: session)
       end
 
       def destroy_webhooks(session:)

data/lib/shopify_app/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ShopifyApp
-  VERSION = "21.7.0"
+  VERSION = "21.8.0"
 end

data/package.json

@@ -1,25 +1,24 @@
 {
   "name": "shopify_app",
-  "version": "21.7.0",
+  "version": "21.8.0",
   "repository": "git@github.com:Shopify/shopify_app.git",
   "author": "Shopify",
   "license": "MIT",
-  "dependencies": {},
   "devDependencies": {
     "babel-loader": "^8.0.6",
     "babel-preset-shopify": "^21.0.0",
     "chai": "^4.1.2",
-    "karma": "^5.2.1",
+    "karma": "^6.4.2",
     "karma-chai-sinon": "^0.1.5",
     "karma-chrome-launcher": "^3.1.0",
     "karma-cli": "^2.0.0",
     "karma-mocha": "^2.0.1",
     "karma-mocha-clean-reporter": "^0.0.1",
-    "karma-webpack": "^4.0.2",
-    "mocha": "^8.1.3",
+    "karma-webpack": "^5.0.0",
+    "mocha": "^10.2.0",
     "sinon": "^9.0.3",
     "sinon-chai": "^3.2.0",
-    "webpack": "^4.44.1"
+    "webpack": "^5.89.0"
   },
   "scripts": {
     "test": "./node_modules/.bin/karma start --browsers ChromeHeadless --single-run"

data/shopify_app.gemspec

@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency("jwt", ">= 2.2.3")
   s.add_runtime_dependency("rails", "> 5.2.1")
   s.add_runtime_dependency("redirect_safely", "~> 1.0")
-  s.add_runtime_dependency("shopify_api", "~> 13.2")
+  s.add_runtime_dependency("shopify_api", "~> 13.3")
   s.add_runtime_dependency("sprockets-rails", ">= 2.0.0")
 
   s.add_development_dependency("byebug")