spree_core 5.1.3 → 5.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4653db5977ca32eb547d2b03e5813e9c8fbd20d554c4affed62c6b1eb264204c
-  data.tar.gz: 07f9f6dda2fa6f0a25266d6255db293aa82c97007d0fec0248f006fdc6e29573
+  metadata.gz: 470b6197277a6eb437ae9844a0616136625b77b7902073032d08b86315b41dc5
+  data.tar.gz: 9795041b28ea8b1680df00d885128f58f8502ec7ddf279887900b87218f0e999
 SHA512:
-  metadata.gz: 958124d59a881d5c5acf8e0ed3c0bff113fefeac06bf72cd6da310628122f15bae784f321709d2f7ab0d75fd655621c669e0c3fc97a1b53841d803106fcffe81
-  data.tar.gz: 022d0ac938c12b166d69d4a3e83b3e472da68b5a752079249288b99bcd490cfe3608853d3cd1313453ab21e89b42f130e57f80beb03aad079a2294892e877df0
+  metadata.gz: a314d8e138aea8643c18b6f33ab3d993bc49149a64e17427a904909c77b4ca951e147c9f292dc85d902e5b608e2c51cfabf6429c1c396353ca869d38da737c18
+  data.tar.gz: c47e0a2eb39b6cf9acda5efc0c1a8e3994cb3a49106fe9b6ff3d342523e0eb3b9c9b2316049b3122e7f0acadf1c51406cf4f652d31bef937408d5855f71fbc75

data/app/models/concerns/spree/user_payment_source.rb

@@ -9,7 +9,7 @@ module Spree
       end
 
       def payment_sources
-        credit_cards.with_payment_profile.not_expired.where(payment_method: Spree::PaymentMethod.active).not_removed
+        credit_cards.capturable.not_expired.where(payment_method: Spree::PaymentMethod.active).not_removed
       end
 
       def drop_payment_source(source)

data/app/models/spree/credit_card.rb

@@ -39,6 +39,7 @@ module Spree
     end
 
     scope :with_payment_profile, -> { where.not(gateway_customer_profile_id: nil) }
+    scope :capturable, -> { where.not(gateway_customer_profile_id: nil).or(where.not(gateway_payment_profile_id: nil)) }
     scope :default, -> { where(default: true) }
     scope :not_expired, lambda {
       where('CAST(spree_credit_cards.year AS DECIMAL) > ?', Time.current.year).
@@ -50,6 +51,14 @@ module Spree
     # needed for some of the ActiveMerchant gateways (eg. SagePay)
     alias_attribute :brand, :cc_type
 
+    store_accessor :private_metadata, :wallet
+
+    # Returns the type of wallet the card is associated with, eg. "apple_pay", "google_pay", etc.
+    # @return [String]
+    def wallet_type
+      wallet&.[]('type')
+    end
+
     # ActiveMerchant::Billing::CreditCard added this accessor used by some gateways.
     # More info: https://github.com/spree/spree/issues/6209
     #
@@ -115,6 +124,8 @@ module Spree
       @verification_value = value.to_s.gsub(/\s/, '')
     end
 
+    # Returns the last 4 digits of the card number.
+    # @return [String], eg. "4338"
     def set_last_digits
       self.last_digits ||= number.to_s.length <= 4 ? number : number.to_s.slice(-4..-1)
     end
@@ -129,10 +140,13 @@ module Spree
     end
 
     # Show the card number, with all but last 4 numbers replace with "X". (XXXX-XXXX-XXXX-4338)
+    # @return [String]
     def display_number
       "XXXX-XXXX-XXXX-#{last_digits}"
     end
 
+    # Show the card brand, eg. "VISA", "MASTERCARD", etc.
+    # @return [String]
     def display_brand
       brand.present? ? brand.upcase : Spree.t(:no_cc_type)
     end
@@ -140,14 +154,21 @@ module Spree
     # ActiveMerchant needs first_name/last_name because we pass it a Spree::CreditCard and it calls those methods on it.
     # Looking at the ActiveMerchant source code we should probably be calling #to_active_merchant before passing
     # the object to ActiveMerchant but this should do for now.
+    #
+    # Returns the first name of the cardholder.
+    # @return [String]
     def first_name
       name.to_s.split(/[[:space:]]/, 2)[0]
     end
 
+    # Returns the last name of the cardholder.
+    # @return [String]
     def last_name
       name.to_s.split(/[[:space:]]/, 2)[1]
     end
 
+    # Returns an ActiveMerchant::Billing::CreditCard object.
+    # @return [ActiveMerchant::Billing::CreditCard]
     def to_active_merchant
       ActiveMerchant::Billing::CreditCard.new(
         number: number,

data/app/models/spree/gateway.rb

@@ -67,7 +67,7 @@ module Spree
 
     def sources_by_order(order)
       source_ids = order.payments.where(source_type: payment_source_class.to_s, payment_method_id: id).pluck(:source_id).uniq
-      payment_source_class.where(id: source_ids).with_payment_profile
+      payment_source_class.where(id: source_ids).capturable
     end
 
     def reusable_sources(order)
@@ -75,7 +75,7 @@ module Spree
         sources_by_order order
       else
         if order.user_id
-          credit_cards.where(user_id: order.user_id).with_payment_profile
+          credit_cards.where(user_id: order.user_id).capturable
         else
           []
         end

data/app/models/spree/payment.rb

@@ -32,7 +32,7 @@ module Spree
     has_many :refunds, inverse_of: :payment
 
     validates :payment_method, presence: true
-    validates :source, presence: true, if: -> { payment_method&.source_required? }
+    validates :source, presence: true, if: :source_required?
     validate :payment_method_available_for_order, on: :create
 
     before_validation :validate_source
@@ -50,6 +50,7 @@ module Spree
     after_destroy :update_order
 
     attr_accessor :source_attributes, :request_env, :capture_on_dispatch
+    attribute :skip_source_requirement, :boolean, default: false
 
     after_initialize :build_source
 
@@ -247,6 +248,12 @@ module Spree
       source_class.respond_to?(:display_name) ? source_class.display_name : source_class.name.demodulize.split(/(?=[A-Z])/).join(' ')
     end
 
+    def source_required?
+      return false if skip_source_requirement
+
+      payment_method&.source_required?
+    end
+
     private
 
     def set_amount

data/app/models/spree/product/slugs.rb

@@ -11,11 +11,15 @@ module Spree
         friendly_id :slug_candidates, use: [:history, :slugged, :scoped, :mobility], scope: spree_base_uniqueness_scope, slug_limit: 255
 
         Product::Translation.class_eval do
-          before_save :set_slug
           acts_as_paranoid
           # deleted translation values also need to be accessible for index views listing deleted resources
           default_scope { unscope(where: :deleted_at) }
 
+          before_validation :set_slug
+          before_validation :ensure_slug_is_unique
+
+          validates :slug, presence: true, uniqueness: { allow_blank: true, case_sensitive: true, scope: [*::Spree.base_class.spree_base_uniqueness_scope, :locale] }
+
           private
 
           def set_slug
@@ -31,6 +35,11 @@ module Spree
               slug.to_url
             end
           end
+
+          def ensure_slug_is_unique
+            slug_exists = self.class.where(slug: slug, locale: locale).where.not(id: id).exists?
+            self.slug = [slug, SecureRandom.uuid].join('-') if slug_exists
+          end
         end
 
         before_validation :downcase_slug
@@ -57,8 +66,6 @@ module Spree
       def slug_candidates
         if defined?(:deleted_at) && deleted_at.present?
           [
-            ['deleted', :name],
-            ['deleted', :name, :sku],
             ['deleted', :name, :uuid_for_friendly_id]
           ]
         else
@@ -91,7 +98,7 @@ module Spree
         set_slug
         update_column(:slug, slug)
 
-        new_slug = ->(rec) { "deleted-#{rec.id}_#{rec.slug}"[..254] }
+        new_slug = ->(rec) { "deleted-#{rec.slug}-#{uuid_for_friendly_id}"[..254] }
 
         translations.with_deleted.each { |rec| rec.update_columns(slug: new_slug.call(rec)) }
         slugs.with_deleted.each { |rec| rec.update_column(:slug, new_slug.call(rec)) }

data/app/models/spree/tax_rate.rb

@@ -33,6 +33,17 @@ module Spree
 
     self.whitelisted_ransackable_attributes = %w[amount zone_id tax_category_id included_in_price name]
 
+    # Virtual attribute for percentage display in admin forms
+    def amount_percentage
+      return nil if amount.nil?
+
+      (amount * 100).round(2)
+    end
+
+    def amount_percentage=(value)
+      self.amount = value.present? ? (value.to_f / 100) : nil
+    end
+
     # Gets the array of TaxRates appropriate for the specified tax zone
     def self.match(order_tax_zone)
       return [] unless order_tax_zone

data/app/views/spree/invitation_mailer/invitation_email.html.erb

@@ -10,7 +10,7 @@
 
 <% if spree.respond_to?(:admin_invitation_url) %>
   <p>
-    <%= link_to Spree.t('invitation_mailer.invitation_email.link_text'), spree.admin_invitation_url(@invitation, token: @invitation.token, host: @invitation.store.formatted_url) %>
+    <%= link_to Spree.t(:accept), spree.admin_invitation_url(@invitation, token: @invitation.token, host: @invitation.store.formatted_url) %>
   </p>
 <% end %>
 

data/config/locales/en.yml

@@ -874,6 +874,7 @@ en:
     current: Current
     current_password: Current password
     custom_code: Custom code
+    custom_domains: Custom domains
     custom_font_code: Custom font code
     customer: Customer
     customer_details: Customer Details
@@ -1854,6 +1855,7 @@ en:
     select_stores: Select Store(s)
     select_user: Select customer
     selected_quantity_not_available: selected of %{item} is not available.
+    send_consumer_transactional_emails: Send Customer Transactional Emails
     send_copy_of_all_mails_to: Send Copy of All Mails To
     send_mails_as: Send Mails As
     send_message: Send message

data/lib/generators/spree/dummy/dummy_generator.rb

@@ -39,6 +39,13 @@ module Spree
       opts[:skip_test] = true
       opts[:skip_bootsnap] = true
       opts[:skip_asset_pipeline] = true # skip installing propshaft, we're still using sprockets as a dependency
+      opts[:skip_docker] = true
+      opts[:skip_rubocop] = true
+      opts[:skip_brakeman] = true
+      opts[:skip_ci] = true
+      opts[:skip_kamal] = true
+      opts[:skip_devcontainer] = true
+      opts[:skip_solid] = true
 
       puts 'Generating dummy Rails application...'
       invoke Rails::Generators::AppGenerator,
@@ -73,46 +80,11 @@ module Spree
       end
     end
 
-    def test_dummy_clean
-      inside dummy_path do
-        remove_file '.gitignore'
-        remove_file 'doc'
-        remove_file 'Gemfile'
-        remove_file 'lib/tasks'
-        remove_file 'app/assets/images/rails.png'
-        remove_file 'app/assets/javascripts/application.js'
-        remove_file 'public/index.html'
-        remove_file 'public/robots.txt'
-        remove_file 'README'
-        remove_file 'test'
-        remove_file 'vendor'
-        remove_file 'spec'
-      end
-    end
-
-    def inject_content_security_policy
-      inside dummy_path do
-        inject_into_file 'config/initializers/content_security_policy.rb', %Q[
-  p.script_src  :self, :https, :unsafe_inline, :http, :unsafe_eval
-        ], before: /^end/, verbose: true
-      end
-    end
-
     attr_reader :lib_name
     attr_reader :database
 
     protected
 
-    def inject_require_for(requirement)
-      inject_into_file 'config/application.rb', %Q[
-begin
-  require '#{requirement}'
-rescue LoadError
-  # #{requirement} is not available.
-end
-      ], before: /require '#{@lib_name}'/, verbose: true
-    end
-
     def inject_yaml_permitted_classes
       inside dummy_path do
         inject_into_file 'config/application.rb', %Q[
@@ -140,10 +112,6 @@ end
     end
     alias store_application_definition! application_definition
 
-    def camelized
-      @camelized ||= name.gsub(/\W/, '_').squeeze('_').camelize
-    end
-
     def remove_directory_if_exists(path)
       remove_dir(path) if File.directory?(path)
     end

data/lib/generators/spree/install/install_generator.rb

@@ -46,24 +46,6 @@ module Spree
       template 'config/initializers/spree.rb', 'config/initializers/spree.rb'
     end
 
-    def additional_tweaks
-      return unless File.exist? 'public/robots.txt'
-
-      append_file 'public/robots.txt', <<-ROBOTS.strip_heredoc
-        User-agent: *
-        Disallow: /checkout
-        Disallow: /cart
-        Disallow: /orders
-        Disallow: /user
-        Disallow: /account
-        Disallow: /api
-        Disallow: /password
-        Disallow: /api_tokens
-        Disallow: /cart_link
-        Disallow: /account_link
-      ROBOTS
-    end
-
     # Currently we only support devise, in the future we will also add support for default Rails authentication
     def install_authentication
       if @authentication == 'devise'
@@ -121,7 +103,6 @@ module Spree
       say_status :copying, 'migrations'
       silence_stream(STDOUT) do
         silence_warnings { rake 'active_storage:install:migrations' }
-        silence_warnings { rake 'action_mailbox:install:migrations' }
         silence_warnings { rake 'action_text:install:migrations' }
         silence_warnings { rake 'spree:install:migrations' }
         silence_warnings { rake 'spree_api:install:migrations' }

data/lib/spree/core/configuration.rb

@@ -54,7 +54,7 @@ module Spree
       preference :require_master_price, :boolean, default: false
       preference :restock_inventory, :boolean, default: true # Determines if a return item is restocked automatically once it has been received
       preference :return_eligibility_number_of_days, :integer, default: 365
-      preference :send_core_emails, :boolean, default: true # Default mail headers settings
+      preference :send_core_emails, :boolean, default: true, deprecated: true # Default mail headers settings
       preference :shipping_instructions, :boolean, deprecated: true
       preference :show_only_complete_orders_by_default, :boolean, deprecated: true
       preference :show_variant_full_price, :boolean, default: false # Displays variant full price or difference with product price. Default false to be compatible with older behavior

data/lib/spree/core/engine.rb

@@ -299,7 +299,7 @@ module Spree
       end
 
       initializer 'spree.core.checking_migrations' do
-        Migrations.new(config, engine_name).check
+        Migrations.new(config, engine_name).check unless Rails.env.test?
       end
 
       initializer 'spree.core.assets' do |app|

data/lib/spree/core/version.rb

@@ -1,5 +1,5 @@
 module Spree
-  VERSION = '5.1.3'.freeze
+  VERSION = '5.1.5'.freeze
 
   def self.version
     VERSION

data/lib/spree/core.rb

@@ -91,7 +91,7 @@ module Spree
   end
 
   def self.root_domain
-    @@root_domain ||= Rails.application.routes.default_url_options[:host] || 'lvh.me'
+    @@root_domain
   end
 
   def self.queues

data/lib/spree/permitted_attributes.rb

@@ -257,11 +257,11 @@ module Spree
 
     @@store_credit_category_attributes = [:name]
 
-    @@taxonomy_attributes = [:name]
+    @@taxonomy_attributes = [:name, :position]
 
     @@tax_category_attributes = [:name, :tax_code,:description, :is_default]
 
-    @@tax_rate_attributes = [:name, :amount, :zone_id, :tax_category_id, :included_in_price, :show_rate_in_label, :calculator_type, calculator_attributes: {}]
+    @@tax_rate_attributes = [:name, :amount, :amount_percentage, :zone_id, :tax_category_id, :included_in_price, :show_rate_in_label, :calculator_type, calculator_attributes: {}]
 
     @@taxon_attributes = [
       :name, :parent_id, :position, :icon, :description, :permalink, :hide_from_nav,

data/lib/spree/testing_support/common_rake.rb

@@ -21,16 +21,16 @@ namespace :common do
 
     skip_javascript = ['spree/api', 'spree/core', 'spree/sample', 'spree/emails'].include?(ENV['LIB_NAME'])
 
-    Spree::DummyGenerator.start [
-      "--lib_name=#{ENV['LIB_NAME']}",
-      "--skip_javascript=#{skip_javascript}"
+    dummy_app_args = [
+      "--lib_name=#{ENV['LIB_NAME']}"
     ]
+    if skip_javascript
+      dummy_app_args << '--skip_javascript'
+    end
+    Spree::DummyGenerator.start dummy_app_args
 
-    # install frontend libraries
     unless skip_javascript
-      system('bin/rails importmap:install')
-      system('bin/rails turbo:install')
-      system('bin/rails stimulus:install')
+      system('bin/rails importmap:install turbo:install stimulus:install')
     end
 
     # install devise if it's not the legacy user, useful for testing storefront
@@ -52,21 +52,39 @@ namespace :common do
       "--authentication=#{args[:authentication]}"
     ]
 
-    puts 'Setting up dummy database...'
-    system('bin/rails db:environment:set RAILS_ENV=test > /dev/null 2>&1')
-    system('bundle exec rake db:drop db:create > /dev/null 2>&1')
-    Spree::DummyModelGenerator.start
-    system('bundle exec rake db:migrate > /dev/null 2>&1')
+    if !skip_javascript || ENV['LIB_NAME'] == 'spree/emails'
+      puts 'Precompiling assets...'
+      system('bundle exec rake assets:precompile > /dev/null 2>&1')
+    end
+
+    unless ENV['NO_MIGRATE']
+      puts 'Setting up dummy database...'
+      system('bin/rails db:environment:set RAILS_ENV=test > /dev/null 2>&1')
+      system('bundle exec rake db:drop db:create > /dev/null 2>&1')
+      Spree::DummyModelGenerator.start
+      system('bundle exec rake db:migrate > /dev/null 2>&1')
+    end
 
     begin
       require "generators/#{ENV['LIB_NAME']}/install/install_generator"
       puts 'Running extension installation generator...'
-      "#{ENV['LIB_NAME'].camelize}::Generators::InstallGenerator".constantize.start(['--auto-run-migrations'])
+
+      if ENV['NO_MIGRATE']
+        "#{ENV['LIB_NAME'].camelize}::Generators::InstallGenerator".constantize.start([])
+      else
+        "#{ENV['LIB_NAME'].camelize}::Generators::InstallGenerator".constantize.start(['--auto-run-migrations'])
+      end
     rescue LoadError
       puts 'Skipping installation no generator to run...'
     end
+  end
 
-    system('bundle exec rake assets:precompile > /dev/null 2>&1') if !skip_javascript || ENV['LIB_NAME'] == 'spree/emails'
+  task :db_setup do |_t|
+    puts 'Setting up dummy database...'
+    system('bin/rails db:environment:set RAILS_ENV=test > /dev/null 2>&1')
+    system('bundle exec rake db:drop db:create > /dev/null 2>&1')
+    Spree::DummyModelGenerator.start
+    system('bundle exec rake db:migrate > /dev/null 2>&1')
   end
 
   task :seed do |_t|

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: spree_core
 version: !ruby/object:Gem::Version
-  version: 5.1.3
+  version: 5.1.5
 platform: ruby
 authors:
 - Sean Schofield
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-07-20 00:00:00.000000000 Z
+date: 2025-08-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n-tasks
@@ -1382,9 +1382,9 @@ licenses:
 - BSD-3-Clause
 metadata:
   bug_tracker_uri: https://github.com/spree/spree/issues
-  changelog_uri: https://github.com/spree/spree/releases/tag/v5.1.3
+  changelog_uri: https://github.com/spree/spree/releases/tag/v5.1.5
   documentation_uri: https://docs.spreecommerce.org/
-  source_code_uri: https://github.com/spree/spree/tree/v5.1.3
+  source_code_uri: https://github.com/spree/spree/tree/v5.1.5
 post_install_message:
 rdoc_options: []
 require_paths: