spree_core 5.4.0.beta6 → 5.4.0.beta8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d1e118b3f3198080c2006abcd4956ae76608cf6a6a99ed7f16df2380839fe98f
-  data.tar.gz: 8f05ff3e72814788a15c7c145ea62f1f9efb603b5dcd18fcedcd07774274db7a
+  metadata.gz: d8297e501dfb71ba02dbd003c3f2a6fa035585a07cca4cf3f7e039eb92bb55c6
+  data.tar.gz: 87546d3659afc8573cf33cd9b3b2ceac6e351f7f8e30969626991c7c39da8773
 SHA512:
-  metadata.gz: b6b0596bb455d278630cf6df3e1927034c703f15e4319c856cec8eaa798e871ec671597a3bf07f3cb20846b775a460f77df8e828184fc2b1200c4a394760c361
-  data.tar.gz: c3693f84de9a1b1c26e3572f8c350a498050765242453b3b2a95d3a6956d06476a54db89ec3f21c0ba4bd0eea27edad7da2a2b1ada5f79d9a1eaf70a44084a28
+  metadata.gz: 8983ae8234112c480dc54e302bd7d56557b11418af19a0ca6d65aa182ed06195c828ae69dc122209c23057149febb28b4c9e410a460e9dba2b09978240788997
+  data.tar.gz: e62cdc311fe8a2a256442b38e84df024e5c145ef47dc3c2cf5981e923bf5e3558c3b6937c3a64d101eb0783f5c493fdfbc3e75db004740d45599fa9d8ddfc80a

data/app/helpers/spree/base_helper.rb

@@ -114,10 +114,8 @@ module Spree
 
       base_url = if options[:relative]
                    ''
-                 elsif store.respond_to?(:formatted_custom_domain) && store.formatted_custom_domain.present?
-                   store.formatted_custom_domain
                  else
-                   store.formatted_url
+                   store.storefront_url
                  end
 
       localize = if options[:locale].present?
@@ -151,15 +149,15 @@ module Spree
     # we should always try to render image of the default variant
     # same as it's done on PDP
     def default_image_for_product(product)
-      Spree::Deprecation.warn('BaseHelper#default_image_for_product is deprecated and will be removed in Spree 5.5. Please use product.default_image instead')
+      Spree::Deprecation.warn('BaseHelper#default_image_for_product is deprecated and will be removed in Spree 6.0. Please use product.primary_media instead')
 
-      product.default_image
+      product.primary_media
     end
 
     def default_image_for_product_or_variant(product_or_variant)
-      Spree::Deprecation.warn('BaseHelper#default_image_for_product_or_variant is deprecated and will be removed in Spree 5.5. Please use product_or_variant.default_image instead')
+      Spree::Deprecation.warn('BaseHelper#default_image_for_product_or_variant is deprecated and will be removed in Spree 6.0. Please use product_or_variant.primary_media instead')
 
-      product_or_variant.default_image
+      product_or_variant.primary_media
     end
 
     def base_cache_key

data/app/jobs/spree/payments/handle_webhook_job.rb

@@ -0,0 +1,22 @@
+module Spree
+  module Payments
+    class HandleWebhookJob < Spree::BaseJob
+      queue_as Spree.queues.payment_webhooks
+
+      retry_on ActiveRecord::Deadlocked, wait: 5.seconds, attempts: 3
+      retry_on ActiveRecord::LockWaitTimeout, wait: 5.seconds, attempts: 3
+      discard_on ActiveRecord::RecordNotFound
+
+      def perform(payment_method_id:, action:, payment_session_id:)
+        payment_method = Spree::PaymentMethod.find(payment_method_id)
+        payment_session = Spree::PaymentSession.find(payment_session_id)
+
+        Spree::Dependencies.payments_handle_webhook_service.constantize.call(
+          payment_method: payment_method,
+          action: action.to_sym,
+          payment_session: payment_session
+        )
+      end
+    end
+  end
+end

data/app/mailers/spree/base_mailer.rb

@@ -37,7 +37,7 @@ module Spree
     # this is only a fail-safe solution if developer didn't set this in environment files
     # http://guides.rubyonrails.org/action_mailer_basics.html#generating-urls-in-action-mailer-views
     def ensure_default_action_mailer_url_host(store_url = nil)
-      host_url = store_url.presence || current_store.try(:url_or_custom_domain)
+      host_url = store_url.presence || current_store.try(:storefront_url)
 
       return if host_url.blank?
 

data/app/models/concerns/spree/user_methods.rb

@@ -18,6 +18,13 @@ module Spree
       # Enable lifecycle events for user models
       publishes_lifecycle_events
 
+      # Password reset token (Rails 7.1+ signed token, no DB column needed)
+      # Token auto-invalidates when password changes (salt changes)
+      # Expiration is configurable via Spree::Config.customer_password_reset_expires_in (in minutes)
+      generates_token_for :password_reset, expires_in: Spree::Config.customer_password_reset_expires_in.minutes do
+        password_salt&.last(10) || encrypted_password&.last(10)
+      end
+
       # we need to have this callback before any dependent: :destroy associations
       # https://github.com/rails/rails/issues/3458
       before_validation :clone_billing_address, if: :use_billing?
@@ -35,6 +42,7 @@ module Spree
       has_many :promotion_rule_users, class_name: 'Spree::PromotionRuleUser', foreign_key: :user_id, dependent: :destroy
       has_many :promotion_rules, through: :promotion_rule_users, class_name: 'Spree::PromotionRule'
       has_many :orders, foreign_key: :user_id, class_name: 'Spree::Order'
+      has_many :carts, -> { incomplete }, foreign_key: :user_id, class_name: 'Spree::Order'
       has_many :completed_orders, -> { complete }, foreign_key: :user_id, class_name: 'Spree::Order'
       has_many :store_credits, class_name: 'Spree::StoreCredit', foreign_key: :user_id, dependent: :destroy
       has_many :wishlists, class_name: 'Spree::Wishlist', foreign_key: :user_id, dependent: :destroy
@@ -58,6 +66,14 @@ module Spree
       #
       attr_accessor :confirm_email, :terms_of_service
 
+      def self.find_by_password_reset_token(token)
+        find_by_token_for(:password_reset, token)
+      end
+
+      def self.find_by_password_reset_token!(token)
+        find_by_token_for!(:password_reset, token)
+      end
+
       def self.multi_search(query)
         sanitized_query = sanitize_query_for_multi_search(query)
         return none if query.blank?

data/app/models/spree/allowed_origin.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Spree
+  class AllowedOrigin < Spree.base_class
+    has_prefix_id :ao
+
+    include Spree::SingleStoreResource
+
+    belongs_to :store, class_name: 'Spree::Store'
+
+    validates :store, :origin, presence: true
+    validates :origin, uniqueness: { scope: [:store_id, *spree_base_uniqueness_scope] }
+    validate :origin_must_be_valid_http_url
+
+    private
+
+    def origin_must_be_valid_http_url
+      return if origin.blank?
+
+      uri = URI.parse(origin)
+
+      unless uri.is_a?(URI::HTTP) || uri.is_a?(URI::HTTPS)
+        errors.add(:origin, :invalid)
+        return
+      end
+
+      if uri.host.blank?
+        errors.add(:origin, :invalid)
+        return
+      end
+
+      # Origins must not have a path, query, or fragment
+      if uri.path.present? && uri.path != '/'
+        errors.add(:origin, :must_be_origin_only)
+      end
+
+      if uri.query.present? || uri.fragment.present?
+        errors.add(:origin, :must_be_origin_only)
+      end
+    rescue URI::InvalidURIError
+      errors.add(:origin, :invalid)
+    end
+  end
+end

data/app/models/spree/asset.rb

@@ -1,20 +1,42 @@
 module Spree
   class Asset < Spree.base_class
-    has_prefix_id :asset  # Stripe: file_
+    has_prefix_id :media
 
     include Support::ActiveStorage
+    include Rails.application.routes.url_helpers
+    include Spree::ImageMethods # legacy, will be removed in Spree 6
     include Spree::Metafields
     include Spree::Metadata
 
+    # Legacy styles support (was in Spree::Image::Configuration::ActiveStorage)
+    # @deprecated Will be removed in Spree 6
+    def self.styles
+      @styles ||= Spree::Config.product_image_variant_sizes.transform_values do |dimensions|
+        "#{dimensions[0]}x#{dimensions[1]}>"
+      end
+    end
+
+    def default_style
+      :small
+    end
+
     publishes_lifecycle_events
 
     EXTERNAL_URL_METAFIELD_KEY = 'external.url'
+    MEDIA_TYPES = %w[image video external_video].freeze
+
+    after_initialize { self.media_type ||= 'image' }
 
     belongs_to :viewable, polymorphic: true, touch: true
     acts_as_list scope: [:viewable_id, :viewable_type]
 
     delegate :key, :attached?, :variant, :variable?, :blob, :filename, :variation, to: :attachment
 
+    validates :media_type, inclusion: { in: MEDIA_TYPES }
+    validates :attachment, attached: true, content_type: Rails.application.config.active_storage.web_image_content_types,
+              if: -> { media_type == 'image' }
+    validates :external_video_url, presence: true, if: -> { media_type.in?(%w[video external_video]) }
+
     WEBP_SAVER_OPTIONS = {
       strip: true,
       quality: 75,
@@ -43,14 +65,46 @@ module Spree
 
     default_scope { includes(attachment_attachment: :blob) }
 
+    # STI was disabled in Spree::Image, keep it disabled here
+    self.inheritance_column = nil
+
     store_accessor :private_metadata, :session_uploaded_assets_uuid
     scope :with_session_uploaded_assets_uuid, lambda { |uuid|
       where(session_id: uuid)
     }
     scope :with_external_url, ->(url) { url.present? ? with_metafield_key_value(EXTERNAL_URL_METAFIELD_KEY, url.strip) : none }
 
+    # Callbacks merged from Spree::Image
+    after_commit :touch_product_variants, if: :should_touch_product_variants?, on: :update
+    after_commit :update_viewable_thumbnail_on_create, on: :create
+    after_commit :update_viewable_thumbnail_on_destroy, on: :destroy
+    after_commit :update_viewable_thumbnail_on_reorder, on: :update, if: :saved_change_to_position?
+    after_commit :update_viewable_thumbnail_on_viewable_change, on: :update, if: :saved_change_to_viewable_id?
+
+    after_create :increment_viewable_media_count
+    after_destroy :decrement_viewable_media_count
+
     def product
-      @product ||= viewable_type == 'Spree::Variant' ? viewable&.product : nil
+      @product ||= case viewable_type
+                   when 'Spree::Variant' then viewable&.product
+                   when 'Spree::Product' then viewable
+                   end
+    end
+
+    def focal_point
+      return nil if focal_point_x.nil? || focal_point_y.nil?
+
+      { x: focal_point_x, y: focal_point_y }
+    end
+
+    def focal_point=(point)
+      if point.nil?
+        self.focal_point_x = nil
+        self.focal_point_y = nil
+      else
+        self.focal_point_x = point[:x]
+        self.focal_point_y = point[:y]
+      end
     end
 
     def external_url
@@ -66,7 +120,71 @@ module Spree
     end
 
     def event_prefix
-      'asset'
+      'media'
+    end
+
+    # @deprecated
+    def styles
+      Spree::Deprecation.warn("Asset#styles is deprecated and will be removed in Spree 6.0. Please use active storage variants with cdn_image_url")
+
+      self.class.styles.map do |_, size|
+        width, height = size.chop.split('x').map(&:to_i)
+
+        {
+          url: generate_url(size: size),
+          size: size,
+          width: width,
+          height: height
+        }
+      end
+    end
+
+    private
+
+    def touch_product_variants
+      viewable.product.variants.touch_all
+    end
+
+    def should_touch_product_variants?
+      viewable.is_a?(Spree::Variant) &&
+        viewable.is_master? &&
+        viewable.product.has_variants? &&
+        saved_change_to_position?
+    end
+
+    def increment_viewable_media_count
+      case viewable_type
+      when 'Spree::Variant'
+        Spree::Variant.increment_counter(:media_count, viewable_id)
+        Spree::Product.increment_counter(:media_count, viewable.product_id)
+      when 'Spree::Product'
+        Spree::Product.increment_counter(:media_count, viewable_id)
+      end
+    end
+
+    def decrement_viewable_media_count
+      case viewable_type
+      when 'Spree::Variant'
+        Spree::Variant.decrement_counter(:media_count, viewable_id)
+        Spree::Product.decrement_counter(:media_count, viewable.product_id)
+      when 'Spree::Product'
+        Spree::Product.decrement_counter(:media_count, viewable_id)
+      end
     end
+
+    def update_viewable_thumbnail
+      case viewable_type
+      when 'Spree::Variant'
+        viewable.update_thumbnail!
+        viewable.product.update_thumbnail!
+      when 'Spree::Product'
+        viewable.update_thumbnail!
+      end
+    end
+
+    alias update_viewable_thumbnail_on_create update_viewable_thumbnail
+    alias update_viewable_thumbnail_on_destroy update_viewable_thumbnail
+    alias update_viewable_thumbnail_on_reorder update_viewable_thumbnail
+    alias update_viewable_thumbnail_on_viewable_change update_viewable_thumbnail
   end
 end

data/app/models/spree/cart_promotion.rb

@@ -0,0 +1,7 @@
+module Spree
+  # Cart-facing view of an OrderPromotion.
+  # Same table, different prefix ID (cp_) for the Cart API.
+  class CartPromotion < OrderPromotion
+    has_prefix_id :cpromo
+  end
+end

data/app/models/spree/checkout/default_requirements.rb

@@ -0,0 +1,51 @@
+module Spree
+  module Checkout
+    # Built-in checkout requirements that map to the standard Spree checkout flow.
+    #
+    # Checks line items, email, shipping address, shipping method, and payment.
+    # In Spree 6 these same checks will read from the +Cart+ model instead of
+    # the state machine — the API contract stays identical.
+    #
+    # @see Requirements
+    class DefaultRequirements
+      # @param order [Spree::Order]
+      def initialize(order)
+        @order = order
+      end
+
+      # @return [Array<Hash{Symbol => String}>] unmet default requirements as
+      #   +{ step:, field:, message: }+ hashes
+      def call
+        [].tap do |r|
+          r << req('cart', 'line_items', Spree.t('checkout_requirements.line_items_required')) unless @order.line_items.any?
+          r << req('address', 'email', Spree.t('checkout_requirements.email_required')) unless @order.email.present?
+          r << req('address', 'ship_address', Spree.t('checkout_requirements.ship_address_required')) if @order.requires_ship_address? && @order.ship_address.blank?
+          r << req('delivery', 'shipping_method', Spree.t('checkout_requirements.shipping_method_required')) if delivery_required? && !shipping_method_selected?
+          r << req('payment', 'payment', Spree.t('checkout_requirements.payment_required')) if payment_required? && !payment_satisfied?
+        end
+      end
+
+      private
+
+      def delivery_required?
+        @order.has_checkout_step?('delivery') && @order.delivery_required?
+      end
+
+      def shipping_method_selected?
+        @order.shipments.any? && @order.shipments.all? { |s| s.shipping_method.present? }
+      end
+
+      def payment_required?
+        @order.has_checkout_step?('payment') && @order.payment_required?
+      end
+
+      def payment_satisfied?
+        @order.payments.valid.any?
+      end
+
+      def req(step, field, message)
+        { step: step, field: field, message: message }
+      end
+    end
+  end
+end

data/app/models/spree/checkout/registry.rb

@@ -0,0 +1,112 @@
+module Spree
+  module Checkout
+    # Global registry for custom checkout steps and requirements.
+    #
+    # Provides a composable extension point so developers can add, remove, or
+    # reorder checkout steps and attach extra requirements to existing steps —
+    # all without subclassing or monkey-patching.
+    #
+    # Registered steps and requirements are evaluated by {Requirements} at
+    # serialization time to produce the +requirements+ array on the Cart API.
+    #
+    # @example Add a custom step
+    #   Spree::Checkout::Registry.register_step(
+    #     name: :loyalty,
+    #     before: :payment,
+    #     satisfied: ->(order) { order.loyalty_verified? },
+    #     requirements: ->(order) { [{ step: 'loyalty', field: 'loyalty_number', message: 'Required' }] }
+    #   )
+    #
+    # @example Add a requirement to an existing step
+    #   Spree::Checkout::Registry.add_requirement(
+    #     step: :payment,
+    #     field: :po_number,
+    #     message: 'PO number is required',
+    #     satisfied: ->(order) { order.po_number.present? }
+    #   )
+    #
+    # @example Remove a step
+    #   Spree::Checkout::Registry.remove_step(:loyalty)
+    class Registry
+      class << self
+        # Register a new custom checkout step.
+        #
+        # @param name [String, Symbol] unique step identifier
+        # @param satisfied [Proc] lambda accepting an order, returns true when step is complete
+        # @param requirements [Proc] lambda accepting an order, returns Array of requirement hashes
+        # @param options [Hash] additional options forwarded to {Step} (+:before+, +:after+, +:applicable+)
+        # @return [Array<Step>] the updated steps list
+        def register_step(name:, satisfied:, requirements:, **options)
+          steps << Step.new(name: name, satisfied: satisfied, requirements: requirements, **options)
+        end
+
+        # Add an extra requirement to an existing checkout step.
+        #
+        # @param step [String, Symbol] checkout step this requirement belongs to
+        # @param field [String, Symbol] field identifier
+        # @param message [String] human-readable validation message
+        # @param satisfied [Proc] lambda accepting an order, returns true when met
+        # @param options [Hash] additional options forwarded to {Requirement} (+:applicable+)
+        # @return [Array<Requirement>] the updated requirements list
+        def add_requirement(step:, field:, message:, satisfied:, **options)
+          requirements << Requirement.new(step: step, field: field, message: message, satisfied: satisfied, **options)
+        end
+
+        # Remove a previously registered step by name.
+        #
+        # @param name [String, Symbol] step name to remove
+        # @return [Array<Step>] the updated steps list
+        def remove_step(name)
+          steps.reject! { |s| s.name == name.to_s }
+        end
+
+        # Remove a previously registered requirement by step and field.
+        #
+        # @param step [String, Symbol] checkout step the requirement belongs to
+        # @param field [String, Symbol] field identifier
+        # @return [Array<Requirement>] the updated requirements list
+        def remove_requirement(step:, field:)
+          requirements.reject! { |r| r.step == step.to_s && r.field == field.to_s }
+        end
+
+        # Returns steps sorted by +before+/+after+ constraints relative to the checkout flow.
+        #
+        # The sort order is derived from {Spree::Order.checkout_step_names} so it
+        # stays in sync with any customizations to the checkout state machine.
+        # Steps with +before:+/+after:+ anchors are ordered by the anchor's position;
+        # steps without constraints are appended at the end.
+        #
+        # @return [Array<Step>] steps in display order
+        def ordered_steps
+          return steps if steps.empty?
+
+          step_order = Spree::Order.checkout_step_names.map(&:to_s)
+          positioned, unpositioned = steps.partition { |s| s.before || s.after }
+
+          sorted = positioned.sort_by do |s|
+            anchor = s.before || s.after
+            idx = step_order.index(anchor)
+            # before: inserts just before the anchor, after: just after
+            idx ? (s.before ? idx - 0.5 : idx + 0.5) : Float::INFINITY
+          end
+
+          sorted + unpositioned
+        end
+
+        # @return [Array<Step>] all registered steps
+        def steps = (@steps ||= [])
+
+        # @return [Array<Requirement>] all registered requirements
+        def requirements = (@requirements ||= [])
+
+        # Clear all registered steps and requirements. Intended for testing.
+        #
+        # @return [void]
+        def reset!
+          @steps = []
+          @requirements = []
+        end
+      end
+    end
+  end
+end

data/app/models/spree/checkout/requirement.rb

@@ -0,0 +1,49 @@
+module Spree
+  module Checkout
+    # Value object representing a single additional requirement registered via {Registry}.
+    #
+    # Unlike {Step}, a Requirement attaches extra validation to an *existing* checkout step
+    # rather than introducing a new step.
+    #
+    # @example Require a PO number for B2B orders at the payment step
+    #   Spree::Checkout::Registry.add_requirement(
+    #     step: :payment,
+    #     field: :po_number,
+    #     message: 'PO number is required for business accounts',
+    #     satisfied: ->(order) { order.po_number.present? },
+    #     applicable: ->(order) { order.account&.business? }
+    #   )
+    class Requirement
+      # @return [String] checkout step this requirement belongs to
+      attr_reader :step
+
+      # @return [String] field identifier (e.g. +"po_number"+, +"tax_id"+)
+      attr_reader :field
+
+      # @return [String] human-readable message shown when the requirement is not met
+      attr_reader :message
+
+      # @param step [String, Symbol] checkout step this requirement belongs to
+      # @param field [String, Symbol] field identifier
+      # @param message [String] human-readable validation message
+      # @param satisfied [Proc] lambda accepting an order, returns true when met
+      # @param applicable [Proc] lambda accepting an order, returns true when this requirement applies
+      #   (defaults to always applicable)
+      def initialize(step:, field:, message:, satisfied:, applicable: ->(_) { true })
+        @step = step.to_s
+        @field = field.to_s
+        @message = message
+        @satisfied_proc = satisfied
+        @applicable_proc = applicable
+      end
+
+      # @param order [Spree::Order]
+      # @return [Boolean] whether the requirement has been met
+      def satisfied?(order) = @satisfied_proc.call(order)
+
+      # @param order [Spree::Order]
+      # @return [Boolean] whether this requirement applies to the given order
+      def applicable?(order) = @applicable_proc.call(order)
+    end
+  end
+end

data/app/models/spree/checkout/requirements.rb

@@ -0,0 +1,56 @@
+module Spree
+  module Checkout
+    # Aggregates all checkout requirements for an order.
+    #
+    # Combines built-in checks from {DefaultRequirements} with custom steps and
+    # requirements registered in {Registry}. The resulting array of hashes is
+    # exposed on the Cart API as the +requirements+ attribute.
+    #
+    # Each requirement hash has the shape:
+    #   { step: String, field: String, message: String }
+    #
+    # @example
+    #   reqs = Spree::Checkout::Requirements.new(order)
+    #   reqs.call  # => [{ step: "address", field: "email", message: "Email address is required" }]
+    #   reqs.met?  # => false
+    class Requirements
+      # @param order [Spree::Order]
+      def initialize(order)
+        @order = order
+      end
+
+      # @return [Array<Hash{Symbol => String}>] all unmet requirements
+      def call
+        default + from_registered_steps + from_additional_requirements
+      end
+
+      # @return [Boolean] true when all requirements are satisfied
+      def met?
+        call.empty?
+      end
+
+      private
+
+      # @return [Array<Hash>] built-in checkout requirements
+      def default
+        DefaultRequirements.new(@order).call
+      end
+
+      # @return [Array<Hash>] requirements from unsatisfied registered steps
+      def from_registered_steps
+        Registry.ordered_steps
+          .select { |s| s.applicable?(@order) }
+          .reject { |s| s.satisfied?(@order) }
+          .flat_map { |s| s.requirements(@order) }
+      end
+
+      # @return [Array<Hash>] requirements from unsatisfied registered requirements
+      def from_additional_requirements
+        Registry.requirements
+          .select { |r| r.applicable?(@order) }
+          .reject { |r| r.satisfied?(@order) }
+          .map { |r| { step: r.step, field: r.field, message: r.message } }
+      end
+    end
+  end
+end

data/app/models/spree/checkout/step.rb

@@ -0,0 +1,52 @@
+module Spree
+  module Checkout
+    # Value object representing a custom checkout step registered via {Registry}.
+    #
+    # @example Register a loyalty step before payment
+    #   Spree::Checkout::Registry.register_step(
+    #     name: :loyalty,
+    #     before: :payment,
+    #     satisfied: ->(order) { order.loyalty_verified? },
+    #     requirements: ->(order) { [{ step: 'loyalty', field: 'loyalty_number', message: 'Enter loyalty number' }] }
+    #   )
+    class Step
+      # @return [String] step name
+      attr_reader :name
+
+      # @return [String, nil] name of the checkout step this should be placed after
+      attr_reader :after
+
+      # @return [String, nil] name of the checkout step this should be placed before
+      attr_reader :before
+
+      # @param name [String, Symbol] unique step identifier
+      # @param satisfied [Proc] lambda accepting an order, returns true when the step is complete
+      # @param requirements [Proc] lambda accepting an order, returns Array of requirement hashes
+      #   (+{ step:, field:, message: }+) describing what is still needed
+      # @param applicable [Proc] lambda accepting an order, returns true when this step applies
+      #   (defaults to always applicable)
+      # @param after [String, Symbol, nil] place this step after the named checkout step
+      # @param before [String, Symbol, nil] place this step before the named checkout step
+      def initialize(name:, satisfied:, requirements:, applicable: ->(_) { true }, after: nil, before: nil)
+        @name = name.to_s
+        @after = after&.to_s
+        @before = before&.to_s
+        @satisfied_proc = satisfied
+        @requirements_proc = requirements
+        @applicable_proc = applicable
+      end
+
+      # @param order [Spree::Order]
+      # @return [Boolean] whether the step's conditions have been met
+      def satisfied?(order) = @satisfied_proc.call(order)
+
+      # @param order [Spree::Order]
+      # @return [Array<Hash{Symbol => String}>] outstanding requirement hashes (+{ step:, field:, message: }+)
+      def requirements(order) = @requirements_proc.call(order)
+
+      # @param order [Spree::Order]
+      # @return [Boolean] whether this step applies to the given order
+      def applicable?(order) = @applicable_proc.call(order)
+    end
+  end
+end

data/app/models/spree/image/configuration/active_storage.rb

@@ -1,22 +1,10 @@
+# @deprecated This module is now a no-op. All logic has been moved to Spree::Asset.
+# Will be removed in Spree 6.0.
 module Spree
   class Image < Asset
     module Configuration
       module ActiveStorage
         extend ActiveSupport::Concern
-
-        included do
-          # Returns image styles derived from Spree::Config.product_image_variant_sizes
-          # Format: { variant_name: 'WxH>' } for API compatibility
-          def self.styles
-            @styles ||= Spree::Config.product_image_variant_sizes.transform_values do |dimensions|
-              "#{dimensions[0]}x#{dimensions[1]}>"
-            end
-          end
-
-          def default_style
-            :small
-          end
-        end
       end
     end
   end