workarea 3.5.11 → 3.5.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +357 -0
- metadata +10 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 39991bc8577724552faa38d465eaedf2494c0a322ad88f3cd8472b0b9ca21453
|
4
|
+
data.tar.gz: b9dcc936f93f1af302dfe4fafcf83708d47f22a271efbe10b7e234f97a5f09f8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0bf217bed75b403e7ff9677618bb3ac94d76c76d901d7f56f71ff44f3540d584be379f5cf5627940fa755203262476eba7d74cbf3a44a8503dad4f45a950f7e5
|
7
|
+
data.tar.gz: f2ea65dbb8af02f3858b8164b2575120a00527d7c41716bda0dd284ef3eca3bb3227f7930b8fc53f35658ad4d6b69b518dbb0c8ec6baa753b4579a1f5deaf3ef
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,360 @@
|
|
1
|
+
Workarea 3.5.16 (2020-07-22)
|
2
|
+
--------------------------------------------------------------------------------
|
3
|
+
|
4
|
+
* Add js module to allow inserting remote requests onto the page
|
5
|
+
|
6
|
+
|
7
|
+
Matt Duffy
|
8
|
+
|
9
|
+
* Configure Sliced Credit Card Attributes
|
10
|
+
|
11
|
+
To prevent an unnecessary decoration of the `Workarea::Payment` class,
|
12
|
+
the attributes sliced out of the Hash given to `Workarea::Payment#set_credit_card`
|
13
|
+
is now configurable in initializers. This same set of attributes is also
|
14
|
+
used in the `Users::CreditCardsController`, so the configuration will be
|
15
|
+
reused when users are attempting to add a new credit card to their
|
16
|
+
account.
|
17
|
+
|
18
|
+
WORKAREA-257
|
19
|
+
|
20
|
+
Tom Scott
|
21
|
+
|
22
|
+
* Setup PlaceOrderIntegrationTest in a Method
|
23
|
+
|
24
|
+
Currently, decorating the PlaceOrderIntegrationTest to edit the way its
|
25
|
+
set up (such as when adding an additional step) is impossible, you have
|
26
|
+
to basically copy everything out of the `setup` block and duplicate it
|
27
|
+
in your tests. Setup blocks should be methods anyway, so convert this to
|
28
|
+
a method and allow it to be decorated in host apps.
|
29
|
+
|
30
|
+
Tom Scott
|
31
|
+
|
32
|
+
* Fix `Hash#[]` Access On Administrable Options
|
33
|
+
|
34
|
+
Accessing administrable options on `Workarea.config` can produce
|
35
|
+
unexpected results if you don't use the traditional method accessor
|
36
|
+
syntax. For example, an admin field like this:
|
37
|
+
|
38
|
+
```ruby
|
39
|
+
Workarea::Configuration.define_fields do
|
40
|
+
field :my_admin_setting, type: :string, default: 'default value'
|
41
|
+
end
|
42
|
+
```
|
43
|
+
|
44
|
+
...will only be available at `Workarea.config.my_admin_setting`:
|
45
|
+
|
46
|
+
```ruby
|
47
|
+
Workarea.config.my_admin_setting # => "default value"
|
48
|
+
Workarea.config[:my_admin_setting] # => nil
|
49
|
+
```
|
50
|
+
|
51
|
+
To resolve this, the code for fetching a key's value from the database
|
52
|
+
has been moved out of `#method_missing` and into an override of `#[]`.
|
53
|
+
[Since the OrderedOptions superclass already overrides this][1] to call
|
54
|
+
`#[]`, we can safely move this code and still maintain all functionality.
|
55
|
+
|
56
|
+
[1]: https://github.com/rails/rails/blob/fbe2433be6e052a1acac63c7faf287c52ed3c5ba/activesupport/lib/active_support/ordered_options.rb#L41-L58
|
57
|
+
|
58
|
+
Tom Scott
|
59
|
+
|
60
|
+
* Fix race condition when merging user metrics
|
61
|
+
|
62
|
+
|
63
|
+
Ben Crouse
|
64
|
+
|
65
|
+
* Improve Content Area Select UX
|
66
|
+
|
67
|
+
Remove the current content name and replace it with a static label
|
68
|
+
indicating what the `<select>` menu to the right of it is selecting,
|
69
|
+
which is the current content area. This UI only displays when there are
|
70
|
+
multiple areas for a given `Content`.
|
71
|
+
|
72
|
+
WORKAREA-244
|
73
|
+
|
74
|
+
Tom Scott
|
75
|
+
|
76
|
+
* Changes to support package product kits
|
77
|
+
|
78
|
+
|
79
|
+
Matt Duffy
|
80
|
+
|
81
|
+
* Update inventory and fulfillment sku policy info text, allow appending
|
82
|
+
|
83
|
+
|
84
|
+
Matt Duffy
|
85
|
+
|
86
|
+
|
87
|
+
|
88
|
+
Workarea 3.5.15 (2020-07-07)
|
89
|
+
--------------------------------------------------------------------------------
|
90
|
+
|
91
|
+
* Patch Jbuilder to Support Varying Cache
|
92
|
+
|
93
|
+
Previously, admins were not able to see up-to-date data in API requests
|
94
|
+
due to the `#cache!` method in Jbuilder not being patched to skip
|
95
|
+
caching when an admin is logged in. To resolve this, Workarea now
|
96
|
+
applies the same patch to Jbuilder as it does to ActionView. Reading
|
97
|
+
from the cache is now skipped if you're logged in as an admin, and cache
|
98
|
+
keys are appended with the configured `Cache::Varies` just the same as
|
99
|
+
in regular Haml views.
|
100
|
+
|
101
|
+
WORKAREA-243
|
102
|
+
|
103
|
+
Tom Scott
|
104
|
+
|
105
|
+
* Bump rack version
|
106
|
+
|
107
|
+
Fixes CVE-2020-8184
|
108
|
+
|
109
|
+
Ben Crouse
|
110
|
+
|
111
|
+
* Add Permissions Append Point to User Workflow
|
112
|
+
|
113
|
+
This allows a plugin (such as API) to specify permissions categories when
|
114
|
+
admins are either editing or creating a user.
|
115
|
+
|
116
|
+
WORKAREA-240
|
117
|
+
|
118
|
+
Tom Scott
|
119
|
+
|
120
|
+
|
121
|
+
|
122
|
+
Workarea 3.5.14 (2020-06-25)
|
123
|
+
--------------------------------------------------------------------------------
|
124
|
+
|
125
|
+
* Reset Geocoder between tests
|
126
|
+
|
127
|
+
This ensures individual tests monkeying around with Geocoder config will
|
128
|
+
get restored before the next test runs.
|
129
|
+
|
130
|
+
Ben Crouse
|
131
|
+
|
132
|
+
* Fix indexing categorization changesets for deleted releases
|
133
|
+
|
134
|
+
A category can have orphan changesets (from deleted releases) that cause
|
135
|
+
an error when indexing the percolation document for that category.
|
136
|
+
|
137
|
+
Ben Crouse
|
138
|
+
|
139
|
+
* Disable previewing for already published, unscheduled releases
|
140
|
+
|
141
|
+
Due to the previewing in the search index, previewing a published and
|
142
|
+
unscheduled release can cause issues that require it to go through
|
143
|
+
scheduling to get reindexed.
|
144
|
+
|
145
|
+
Ben Crouse
|
146
|
+
|
147
|
+
* Use Display Name For Applied Facet Values
|
148
|
+
|
149
|
+
When rendering the applied filters, wrap the given facet value in
|
150
|
+
the `facet_value_display_name` helper, ensuring that the value rendered
|
151
|
+
is always human readable. This addresses an issue where if the applied
|
152
|
+
filter value is that of a BSON ID, referencing a model somewhere, the
|
153
|
+
BSON ID was rendered in place of the model's name.
|
154
|
+
|
155
|
+
WORKAREA-122
|
156
|
+
|
157
|
+
Tom Scott
|
158
|
+
|
159
|
+
* Fix Segments Workflow Setup Duplication
|
160
|
+
|
161
|
+
The setup form for the new custom segment workflow did not include the
|
162
|
+
ID of an existing segment (if persisted) in the form when submitted,
|
163
|
+
causing multiple duplicate segment records to be created when users go
|
164
|
+
back to the setup step in the workflow. None of the other steps are
|
165
|
+
affected because the ID appears in the URL, but the setup step does a
|
166
|
+
direct POST to `/admin/create_segments`, thus causing this problem.
|
167
|
+
|
168
|
+
WORKAREA-219
|
169
|
+
|
170
|
+
Tom Scott
|
171
|
+
|
172
|
+
* Fix index duplicates after a release is removed
|
173
|
+
|
174
|
+
When a release is deleted, its changes must be reindexed to fix previews
|
175
|
+
for releases scheduled after it. This manifests as duplicate products
|
176
|
+
when previewing releases.
|
177
|
+
|
178
|
+
Ben Crouse
|
179
|
+
|
180
|
+
* Fix Promo Code Counts in Admin
|
181
|
+
|
182
|
+
Previously, promo codes could only be generated once through the admin,
|
183
|
+
so rendering the count of all promo codes as the count requested to be
|
184
|
+
generated was working out. However, as CSV imports and API updates became
|
185
|
+
more widespread, this began to break down as the `#count` field would
|
186
|
+
have to be updated each time a new set of promo codes were added.
|
187
|
+
Instead of reading from this pre-defined field on the code list, render
|
188
|
+
the actual count of promo codes from the database on the code list and
|
189
|
+
promo codes admin pages.
|
190
|
+
|
191
|
+
WORKAREA-199
|
192
|
+
|
193
|
+
Tom Scott
|
194
|
+
|
195
|
+
* Fix indexing after a release publishes
|
196
|
+
|
197
|
+
Due to potential changes in the index, publishing a release can result
|
198
|
+
in duplicate products when previewing.
|
199
|
+
|
200
|
+
Ben Crouse
|
201
|
+
|
202
|
+
* Update queue for release reschedule indexing
|
203
|
+
|
204
|
+
This should be in the releases queue, which has top priority. This will
|
205
|
+
help decrease the latency to accurate previews.
|
206
|
+
|
207
|
+
Ben Crouse
|
208
|
+
|
209
|
+
|
210
|
+
|
211
|
+
Workarea 3.5.13 (2020-06-11)
|
212
|
+
--------------------------------------------------------------------------------
|
213
|
+
|
214
|
+
* Fix duplicate products in release previews for featured product changes
|
215
|
+
|
216
|
+
When featured product changes stack in a release, duplicates will show
|
217
|
+
when previewing. This is due to the product's Elasticsearch documents
|
218
|
+
missing changeset IDs for releases scheduled after the release that
|
219
|
+
document is for. This fixes by indexing those release IDs as well.
|
220
|
+
|
221
|
+
Note that this will require a reindex to see the fix immediately. But
|
222
|
+
there's no harm in letting it roll out as products gradually get
|
223
|
+
reindexed.
|
224
|
+
|
225
|
+
Ben Crouse
|
226
|
+
|
227
|
+
* Fix reindexing of featured product resorting within a release
|
228
|
+
|
229
|
+
Resorting featured products within a release causes an inaccurate set of
|
230
|
+
changes from Mongoid's perspective, since it is only looking at what's
|
231
|
+
live vs what's going to be released. The changes within the release
|
232
|
+
aren't represented. This can manifest as incorrect sorts when previewing
|
233
|
+
in the storefront.
|
234
|
+
|
235
|
+
Ben Crouse
|
236
|
+
|
237
|
+
* Add additional append points to admin system.
|
238
|
+
|
239
|
+
Adds append points to product details, product content, variant and inventory sku.
|
240
|
+
|
241
|
+
Jeff Yucis
|
242
|
+
|
243
|
+
* Bump Geocoder
|
244
|
+
|
245
|
+
This fixes an irrelevant bundler-audit CVE warning, and adds/updates a bunch of Geocoder lookup options. See https://github.com/alexreisner/geocoder/blob/master/CHANGELOG.md for more info.
|
246
|
+
|
247
|
+
Ben Crouse
|
248
|
+
|
249
|
+
* Fix releases shifting day on the calendar when scrolling
|
250
|
+
|
251
|
+
This was caused by legacy timezone code that's irrelevant since we
|
252
|
+
shifted to a fix server-side timezone for the admin.
|
253
|
+
|
254
|
+
Ben Crouse
|
255
|
+
|
256
|
+
* Add QueuePauser to pause sidekiq queues, pause for search reindexing
|
257
|
+
|
258
|
+
WORKAREA-236
|
259
|
+
|
260
|
+
Matt Duffy
|
261
|
+
|
262
|
+
* Add index for releasable fields on changets, correct order fraud index
|
263
|
+
|
264
|
+
WORKAREA-235
|
265
|
+
|
266
|
+
Matt Duffy
|
267
|
+
|
268
|
+
* Handle error from attempting to fetch missing S3 CORS configuration
|
269
|
+
|
270
|
+
WORKAREA-234
|
271
|
+
|
272
|
+
Matt Duffy
|
273
|
+
|
274
|
+
* Fix storefront indexing when releases are rescheduled
|
275
|
+
|
276
|
+
When releases get rescheduled, the storefront index can end up with
|
277
|
+
duplicate and/or incorrect entries. This adds a worker which updates the
|
278
|
+
index with minimal querying/updating.
|
279
|
+
|
280
|
+
Ben Crouse
|
281
|
+
|
282
|
+
* Don't assume promo codes for indexing discounts
|
283
|
+
|
284
|
+
A custom discount may be implemented that doesn't use promo codes.
|
285
|
+
|
286
|
+
Ben Crouse
|
287
|
+
|
288
|
+
* Bump rack-attack to latest version
|
289
|
+
|
290
|
+
This fixes rack-attack keys without TTLs set piling up in Redis. This has caused hosting problems.
|
291
|
+
|
292
|
+
Ben Crouse
|
293
|
+
|
294
|
+
* Bump Kaminari dependency to fix security alert
|
295
|
+
|
296
|
+
|
297
|
+
Ben Crouse
|
298
|
+
|
299
|
+
* Fix query caching in Releasable
|
300
|
+
|
301
|
+
When reloading a model to get an instance for a release, if the model
|
302
|
+
had already been loaded, a cached version of the model was returned.
|
303
|
+
This causes incorrect values on the instance you thought you were getting
|
304
|
+
for a release.
|
305
|
+
|
306
|
+
This first manifested as a bug where adding a featured product that
|
307
|
+
had a release change to make it active caused reindexing to make it
|
308
|
+
active but it shouldn't have been.
|
309
|
+
|
310
|
+
Ben Crouse
|
311
|
+
|
312
|
+
* Fix incorrect shipping options error flash message
|
313
|
+
|
314
|
+
A flash error incorrectly showed when the order doesn't require shipping,
|
315
|
+
and addresses are updated.
|
316
|
+
|
317
|
+
Ben Crouse
|
318
|
+
|
319
|
+
|
320
|
+
|
321
|
+
Workarea 3.5.12 (2020-05-26)
|
322
|
+
--------------------------------------------------------------------------------
|
323
|
+
|
324
|
+
* Fix incorrect import errors
|
325
|
+
|
326
|
+
When an import fails due to a missing `DataFile::Import` document, the
|
327
|
+
`ProcessImport` worker will raise a nil error due to the ensure. This
|
328
|
+
fixes by ensuring the `DocumentNotFound` error gets raised.
|
329
|
+
|
330
|
+
Ben Crouse
|
331
|
+
|
332
|
+
* Remove caching from direct upload CORS requests
|
333
|
+
|
334
|
+
The caching continues to give us problems, and this isn't a high-traffic
|
335
|
+
part of the system so there isn't a practical need for it.
|
336
|
+
|
337
|
+
Ben Crouse
|
338
|
+
|
339
|
+
* Add paranoid fallback for segment metrics lookup
|
340
|
+
|
341
|
+
Although this should never happen, giving a user incorrect segments
|
342
|
+
could have important consequences. If the email cookie is removed or
|
343
|
+
missing for some other reason, it doesn't hurt to fallback to looking up
|
344
|
+
based on the user model (even though this is an additional query) when
|
345
|
+
we know they're logged in.
|
346
|
+
|
347
|
+
Ben Crouse
|
348
|
+
|
349
|
+
* Don't set a blank tracking email in checkout
|
350
|
+
|
351
|
+
Doing this has the potential to create an incorrect tracking email,
|
352
|
+
which could cause a visitor's segments to change in checkout.
|
353
|
+
|
354
|
+
Ben Crouse
|
355
|
+
|
356
|
+
|
357
|
+
|
1
358
|
Workarea 3.5.11 (2020-05-13)
|
2
359
|
--------------------------------------------------------------------------------
|
3
360
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: workarea
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.5.
|
4
|
+
version: 3.5.16
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ben Crouse
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-07-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: workarea-core
|
@@ -16,56 +16,56 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 3.5.
|
19
|
+
version: 3.5.16
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 3.5.
|
26
|
+
version: 3.5.16
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: workarea-storefront
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 3.5.
|
33
|
+
version: 3.5.16
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 3.5.
|
40
|
+
version: 3.5.16
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: workarea-admin
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
45
|
- - '='
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 3.5.
|
47
|
+
version: 3.5.16
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - '='
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 3.5.
|
54
|
+
version: 3.5.16
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: workarea-testing
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
59
|
- - '='
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: 3.5.
|
61
|
+
version: 3.5.16
|
62
62
|
type: :runtime
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - '='
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: 3.5.
|
68
|
+
version: 3.5.16
|
69
69
|
description: Workarea is an enterprise-grade Ruby on Rails commerce platform.
|
70
70
|
email:
|
71
71
|
- bcrouse@workarea.com
|