workarea 3.5.11 → 3.5.16

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c77283733bfd69f17520bd7a8cb2cbdbe92a40e32b3e5d054cabfa1f7220f0d0
-  data.tar.gz: 42604aa6d298d777ccb7ec14be2ba4d814bf57ec4e4d01ac6cc2055d26421ad1
+  metadata.gz: 39991bc8577724552faa38d465eaedf2494c0a322ad88f3cd8472b0b9ca21453
+  data.tar.gz: b9dcc936f93f1af302dfe4fafcf83708d47f22a271efbe10b7e234f97a5f09f8
 SHA512:
-  metadata.gz: 10756a71b8e4857e2c4f89fe49221ad1aba10f94651b5ac7667dc380bddf554aa2788b1abfb6a29ec9f14e0dacd76200a06b7457d98d4778d6922e8c64ae8a73
-  data.tar.gz: b5eff8ccd10b8b4145f279f744e616bf37a0ebad7122951542c82dc54cf65a958fef018ed681df6617c9c29ae57db0b2ab05356a639388c0e3619f717140370a
+  metadata.gz: 0bf217bed75b403e7ff9677618bb3ac94d76c76d901d7f56f71ff44f3540d584be379f5cf5627940fa755203262476eba7d74cbf3a44a8503dad4f45a950f7e5
+  data.tar.gz: f2ea65dbb8af02f3858b8164b2575120a00527d7c41716bda0dd284ef3eca3bb3227f7930b8fc53f35658ad4d6b69b518dbb0c8ec6baa753b4579a1f5deaf3ef

data/CHANGELOG.md

@@ -1,3 +1,360 @@
+Workarea 3.5.16 (2020-07-22)
+--------------------------------------------------------------------------------
+
+*   Add js module to allow inserting remote requests onto the page
+
+
+    Matt Duffy
+
+*   Configure Sliced Credit Card Attributes
+
+    To prevent an unnecessary decoration of the `Workarea::Payment` class,
+    the attributes sliced out of the Hash given to `Workarea::Payment#set_credit_card`
+    is now configurable in initializers. This same set of attributes is also
+    used in the `Users::CreditCardsController`, so the configuration will be
+    reused when users are attempting to add a new credit card to their
+    account.
+
+    WORKAREA-257
+
+    Tom Scott
+
+*   Setup PlaceOrderIntegrationTest in a Method
+
+    Currently, decorating the PlaceOrderIntegrationTest to edit the way its
+    set up (such as when adding an additional step) is impossible, you have
+    to basically copy everything out of the `setup` block and duplicate it
+    in your tests. Setup blocks should be methods anyway, so convert this to
+    a method and allow it to be decorated in host apps.
+
+    Tom Scott
+
+*   Fix `Hash#[]` Access On Administrable Options
+
+    Accessing administrable options on `Workarea.config` can produce
+    unexpected results if you don't use the traditional method accessor
+    syntax. For example, an admin field like this:
+
+    ```ruby
+    Workarea::Configuration.define_fields do
+    field :my_admin_setting, type: :string, default: 'default value'
+    end
+    ```
+
+    ...will only be available at `Workarea.config.my_admin_setting`:
+
+    ```ruby
+    Workarea.config.my_admin_setting # => "default value"
+    Workarea.config[:my_admin_setting] # => nil
+    ```
+
+    To resolve this, the code for fetching a key's value from the database
+    has been moved out of `#method_missing` and into an override of `#[]`.
+    [Since the OrderedOptions superclass already overrides this][1] to call
+    `#[]`, we can safely move this code and still maintain all functionality.
+
+    [1]: https://github.com/rails/rails/blob/fbe2433be6e052a1acac63c7faf287c52ed3c5ba/activesupport/lib/active_support/ordered_options.rb#L41-L58
+
+    Tom Scott
+
+*   Fix race condition when merging user metrics
+
+
+    Ben Crouse
+
+*   Improve Content Area Select UX
+
+    Remove the current content name and replace it with a static label
+    indicating what the `<select>` menu to the right of it is selecting,
+    which is the current content area. This UI only displays when there are
+    multiple areas for a given `Content`.
+
+    WORKAREA-244
+
+    Tom Scott
+
+*   Changes to support package product kits
+
+
+    Matt Duffy
+
+*   Update inventory and fulfillment sku policy info text, allow appending
+
+
+    Matt Duffy
+
+
+
+Workarea 3.5.15 (2020-07-07)
+--------------------------------------------------------------------------------
+
+*   Patch Jbuilder to Support Varying Cache
+
+    Previously, admins were not able to see up-to-date data in API requests
+    due to the `#cache!` method in Jbuilder not being patched to skip
+    caching when an admin is logged in. To resolve this, Workarea now
+    applies the same patch to Jbuilder as it does to ActionView. Reading
+    from the cache is now skipped if you're logged in as an admin, and cache
+    keys are appended with the configured `Cache::Varies` just the same as
+    in regular Haml views.
+
+    WORKAREA-243
+
+    Tom Scott
+
+*   Bump rack version
+
+    Fixes CVE-2020-8184
+
+    Ben Crouse
+
+*   Add Permissions Append Point to User Workflow
+
+    This allows a plugin (such as API) to specify permissions categories when
+    admins are either editing or creating a user.
+
+    WORKAREA-240
+
+    Tom Scott
+
+
+
+Workarea 3.5.14 (2020-06-25)
+--------------------------------------------------------------------------------
+
+*   Reset Geocoder between tests
+
+    This ensures individual tests monkeying around with Geocoder config will
+    get restored before the next test runs.
+
+    Ben Crouse
+
+*   Fix indexing categorization changesets for deleted releases
+
+    A category can have orphan changesets (from deleted releases) that cause
+    an error when indexing the percolation document for that category.
+
+    Ben Crouse
+
+*   Disable previewing for already published, unscheduled releases
+
+    Due to the previewing in the search index, previewing a published and
+    unscheduled release can cause issues that require it to go through
+    scheduling to get reindexed.
+
+    Ben Crouse
+
+*   Use Display Name For Applied Facet Values
+
+    When rendering the applied filters, wrap the given facet value in
+    the `facet_value_display_name` helper, ensuring that the value rendered
+    is always human readable. This addresses an issue where if the applied
+    filter value is that of a BSON ID, referencing a model somewhere, the
+    BSON ID was rendered in place of the model's name.
+
+    WORKAREA-122
+
+    Tom Scott
+
+*   Fix Segments Workflow Setup Duplication
+
+    The setup form for the new custom segment workflow did not include the
+    ID of an existing segment (if persisted) in the form when submitted,
+    causing multiple duplicate segment records to be created when users go
+    back to the setup step in the workflow. None of the other steps are
+    affected because the ID appears in the URL, but the setup step does a
+    direct POST to `/admin/create_segments`, thus causing this problem.
+
+    WORKAREA-219
+
+    Tom Scott
+
+*   Fix index duplicates after a release is removed
+
+    When a release is deleted, its changes must be reindexed to fix previews
+    for releases scheduled after it. This manifests as duplicate products
+    when previewing releases.
+
+    Ben Crouse
+
+*   Fix Promo Code Counts in Admin
+
+    Previously, promo codes could only be generated once through the admin,
+    so rendering the count of all promo codes as the count requested to be
+    generated was working out. However, as CSV imports and API updates became
+    more widespread, this began to break down as the `#count` field would
+    have to be updated each time a new set of promo codes were added.
+    Instead of reading from this pre-defined field on the code list, render
+    the actual count of promo codes from the database on the code list and
+    promo codes admin pages.
+
+    WORKAREA-199
+
+    Tom Scott
+
+*   Fix indexing after a release publishes
+
+    Due to potential changes in the index, publishing a release can result
+    in duplicate products when previewing.
+
+    Ben Crouse
+
+*   Update queue for release reschedule indexing
+
+    This should be in the releases queue, which has top priority. This will
+    help decrease the latency to accurate previews.
+
+    Ben Crouse
+
+
+
+Workarea 3.5.13 (2020-06-11)
+--------------------------------------------------------------------------------
+
+*   Fix duplicate products in release previews for featured product changes
+
+    When featured product changes stack in a release, duplicates will show
+    when previewing. This is due to the product's Elasticsearch documents
+    missing changeset IDs for releases scheduled after the release that
+    document is for. This fixes by indexing those release IDs as well.
+
+    Note that this will require a reindex to see the fix immediately. But
+    there's no harm in letting it roll out as products gradually get
+    reindexed.
+
+    Ben Crouse
+
+*   Fix reindexing of featured product resorting within a release
+
+    Resorting featured products within a release causes an inaccurate set of
+    changes from Mongoid's perspective, since it is only looking at what's
+    live vs what's going to be released. The changes within the release
+    aren't represented. This can manifest as incorrect sorts when previewing
+    in the storefront.
+
+    Ben Crouse
+
+*   Add additional append points to admin system.
+
+    Adds append points to product details, product content, variant and inventory sku.
+
+    Jeff Yucis
+
+*   Bump Geocoder
+
+    This fixes an irrelevant bundler-audit CVE warning, and adds/updates a bunch of Geocoder lookup options. See https://github.com/alexreisner/geocoder/blob/master/CHANGELOG.md for more info.
+
+    Ben Crouse
+
+*   Fix releases shifting day on the calendar when scrolling
+
+    This was caused by legacy timezone code that's irrelevant since we
+    shifted to a fix server-side timezone for the admin.
+
+    Ben Crouse
+
+*   Add QueuePauser to pause sidekiq queues, pause for search reindexing
+
+    WORKAREA-236
+
+    Matt Duffy
+
+*   Add index for releasable fields on changets, correct order fraud index
+
+    WORKAREA-235
+
+    Matt Duffy
+
+*   Handle error from attempting to fetch missing S3 CORS configuration
+
+    WORKAREA-234
+
+    Matt Duffy
+
+*   Fix storefront indexing when releases are rescheduled
+
+    When releases get rescheduled, the storefront index can end up with
+    duplicate and/or incorrect entries. This adds a worker which updates the
+    index with minimal querying/updating.
+
+    Ben Crouse
+
+*   Don't assume promo codes for indexing discounts
+
+    A custom discount may be implemented that doesn't use promo codes.
+
+    Ben Crouse
+
+*   Bump rack-attack to latest version
+
+    This fixes rack-attack keys without TTLs set piling up in Redis. This has caused hosting problems.
+
+    Ben Crouse
+
+*   Bump Kaminari dependency to fix security alert
+
+
+    Ben Crouse
+
+*   Fix query caching in Releasable
+
+    When reloading a model to get an instance for a release, if the model
+    had already been loaded, a cached version of the model was returned.
+    This causes incorrect values on the instance you thought you were getting
+    for a release.
+
+    This first manifested as a bug where adding a featured product that
+    had a release change to make it active caused reindexing to make it
+    active but it shouldn't have been.
+
+    Ben Crouse
+
+*   Fix incorrect shipping options error flash message
+
+    A flash error incorrectly showed when the order doesn't require shipping,
+    and addresses are updated.
+
+    Ben Crouse
+
+
+
+Workarea 3.5.12 (2020-05-26)
+--------------------------------------------------------------------------------
+
+*   Fix incorrect import errors
+
+    When an import fails due to a missing `DataFile::Import` document, the
+    `ProcessImport` worker will raise a nil error due to the ensure. This
+    fixes by ensuring the `DocumentNotFound` error gets raised.
+
+    Ben Crouse
+
+*   Remove caching from direct upload CORS requests
+
+    The caching continues to give us problems, and this isn't a high-traffic
+    part of the system so there isn't a practical need for it.
+
+    Ben Crouse
+
+*   Add paranoid fallback for segment metrics lookup
+
+    Although this should never happen, giving a user incorrect segments
+    could have important consequences. If the email cookie is removed or
+    missing for some other reason, it doesn't hurt to fallback to looking up
+    based on the user model (even though this is an additional query) when
+    we know they're logged in.
+
+    Ben Crouse
+
+*   Don't set a blank tracking email in checkout
+
+    Doing this has the potential to create an incorrect tracking email,
+    which could cause a visitor's segments to change in checkout.
+
+    Ben Crouse
+
+
+
 Workarea 3.5.11 (2020-05-13)
 --------------------------------------------------------------------------------
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workarea
 version: !ruby/object:Gem::Version
-  version: 3.5.11
+  version: 3.5.16
 platform: ruby
 authors:
 - Ben Crouse
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-13 00:00:00.000000000 Z
+date: 2020-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: workarea-core
@@ -16,56 +16,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
 - !ruby/object:Gem::Dependency
   name: workarea-storefront
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
 - !ruby/object:Gem::Dependency
   name: workarea-admin
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
 - !ruby/object:Gem::Dependency
   name: workarea-testing
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.11
+        version: 3.5.16
 description: Workarea is an enterprise-grade Ruby on Rails commerce platform.
 email:
 - bcrouse@workarea.com