workarea 3.5.12 → 3.5.17

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 53e91744b51c27790ff6d4732cd4e0544b1f4d982e345b891bc81ac42ce01b61
-  data.tar.gz: b3377d38298fa0f9218484a18edfadbf73c73254b355208eaf04058d1cd10adc
+  metadata.gz: 3a8cace53094c2ac105388ab7f3c4bbf854143b5db054146db26676d93b43c7e
+  data.tar.gz: 2b4ec90d8cf33f5032e8968c2000bd861ff7e12fec510cdda5e36f556b198958
 SHA512:
-  metadata.gz: eb10f8908f77d083247875cfd5d84a8e5e3dd0ec3ed9201f368b397269af735963aaa095bca37f120d5d87389b6ec49c1e006a239f5e71b906030050543bcd3c
-  data.tar.gz: b9c12429041f570241e24315878c63f8e12a0a62722e5604251f262a2292594111c4768e6f5425d582b388d36d515c89c47cf60ec5d3d751f6e07c709c298cea
+  metadata.gz: 40ce2e17562d044f89d5fbad27e5d612e3920dce129bdc7a184dc6ce6eab8638d3698e2fc1379e97fb5bb1d57005fb0d830d1aad2f536f114c1722fb5f66fc83
+  data.tar.gz: 335b5fbd76fe7483b283b52be962d04f862f112eb3c8cbc75c90141af6d900ec9c3b852f0aec44caffaa9b91a76d852c58193e0b23e02c3ed58fe4cd39f7a1a4

data/CHANGELOG.md

@@ -1,3 +1,386 @@
+Workarea 3.5.17 (2020-08-19)
+--------------------------------------------------------------------------------
+
+*   Fix missing release changes for CSV importing with embedded models
+
+    Trying to update an embedded model via CSV import with a release causes
+    an existing changeset for the root model to get destroyed. This happens
+    because the CSV import calls `#save` on the root, which has no changes
+    so it removes the changeset.
+
+    This patch fixes by iterating over the models the CSV row might affect
+    and calling `#save` on the embedded ones first (if necessary) to ensure
+    the changesets get correctly created and to avoid calling the save on
+    the root without changes which removes the existing changeset.
+
+    Ben Crouse
+
+*   Return Status of `Checkout#update`
+
+    For APIs and other consumers of the Checkout model, return a boolean
+    response from the `#update` method to signify whether the operation
+    succeeded or failed. This response is used directly in the API to return
+    an `:unprocessable_entity` response code when an update operation fails.
+
+    WORKAREA-253
+
+    Tom Scott
+
+*   Remove port from host configuration in installer
+
+    Ports aren't part of hosts, this causes problems when the value is used
+    like a true host.
+
+    This PR also fixes mailer links with missing ports as a result of this
+    change.
+
+    Ben Crouse
+
+*   Bump Chartkick to fix bundler audit warning
+
+    The vulnerability won't affect Workarea in use, but it'll be easier to fix builds doing this.
+
+    Ben Crouse
+
+*   Allow inquiry subjects to be localized
+
+    WORKAREA-238
+
+    Matt Duffy
+
+*   Update inquiry subject documentation
+
+    WORKAREA-238
+
+    Matt Duffy
+
+*   Remove order summary append point from mailer that is meant for storefront views
+
+
+    Matt Duffy
+
+
+
+Workarea 3.5.16 (2020-07-22)
+--------------------------------------------------------------------------------
+
+*   Add js module to allow inserting remote requests onto the page
+
+
+    Matt Duffy
+
+*   Configure Sliced Credit Card Attributes
+
+    To prevent an unnecessary decoration of the `Workarea::Payment` class,
+    the attributes sliced out of the Hash given to `Workarea::Payment#set_credit_card`
+    is now configurable in initializers. This same set of attributes is also
+    used in the `Users::CreditCardsController`, so the configuration will be
+    reused when users are attempting to add a new credit card to their
+    account.
+
+    WORKAREA-257
+
+    Tom Scott
+
+*   Setup PlaceOrderIntegrationTest in a Method
+
+    Currently, decorating the PlaceOrderIntegrationTest to edit the way its
+    set up (such as when adding an additional step) is impossible, you have
+    to basically copy everything out of the `setup` block and duplicate it
+    in your tests. Setup blocks should be methods anyway, so convert this to
+    a method and allow it to be decorated in host apps.
+
+    Tom Scott
+
+*   Fix `Hash#[]` Access On Administrable Options
+
+    Accessing administrable options on `Workarea.config` can produce
+    unexpected results if you don't use the traditional method accessor
+    syntax. For example, an admin field like this:
+
+    ```ruby
+    Workarea::Configuration.define_fields do
+    field :my_admin_setting, type: :string, default: 'default value'
+    end
+    ```
+
+    ...will only be available at `Workarea.config.my_admin_setting`:
+
+    ```ruby
+    Workarea.config.my_admin_setting # => "default value"
+    Workarea.config[:my_admin_setting] # => nil
+    ```
+
+    To resolve this, the code for fetching a key's value from the database
+    has been moved out of `#method_missing` and into an override of `#[]`.
+    [Since the OrderedOptions superclass already overrides this][1] to call
+    `#[]`, we can safely move this code and still maintain all functionality.
+
+    [1]: https://github.com/rails/rails/blob/fbe2433be6e052a1acac63c7faf287c52ed3c5ba/activesupport/lib/active_support/ordered_options.rb#L41-L58
+
+    Tom Scott
+
+*   Fix race condition when merging user metrics
+
+
+    Ben Crouse
+
+*   Improve Content Area Select UX
+
+    Remove the current content name and replace it with a static label
+    indicating what the `<select>` menu to the right of it is selecting,
+    which is the current content area. This UI only displays when there are
+    multiple areas for a given `Content`.
+
+    WORKAREA-244
+
+    Tom Scott
+
+*   Changes to support package product kits
+
+
+    Matt Duffy
+
+*   Update inventory and fulfillment sku policy info text, allow appending
+
+
+    Matt Duffy
+
+
+
+Workarea 3.5.15 (2020-07-07)
+--------------------------------------------------------------------------------
+
+*   Patch Jbuilder to Support Varying Cache
+
+    Previously, admins were not able to see up-to-date data in API requests
+    due to the `#cache!` method in Jbuilder not being patched to skip
+    caching when an admin is logged in. To resolve this, Workarea now
+    applies the same patch to Jbuilder as it does to ActionView. Reading
+    from the cache is now skipped if you're logged in as an admin, and cache
+    keys are appended with the configured `Cache::Varies` just the same as
+    in regular Haml views.
+
+    WORKAREA-243
+
+    Tom Scott
+
+*   Bump rack version
+
+    Fixes CVE-2020-8184
+
+    Ben Crouse
+
+*   Add Permissions Append Point to User Workflow
+
+    This allows a plugin (such as API) to specify permissions categories when
+    admins are either editing or creating a user.
+
+    WORKAREA-240
+
+    Tom Scott
+
+
+
+Workarea 3.5.14 (2020-06-25)
+--------------------------------------------------------------------------------
+
+*   Reset Geocoder between tests
+
+    This ensures individual tests monkeying around with Geocoder config will
+    get restored before the next test runs.
+
+    Ben Crouse
+
+*   Fix indexing categorization changesets for deleted releases
+
+    A category can have orphan changesets (from deleted releases) that cause
+    an error when indexing the percolation document for that category.
+
+    Ben Crouse
+
+*   Disable previewing for already published, unscheduled releases
+
+    Due to the previewing in the search index, previewing a published and
+    unscheduled release can cause issues that require it to go through
+    scheduling to get reindexed.
+
+    Ben Crouse
+
+*   Use Display Name For Applied Facet Values
+
+    When rendering the applied filters, wrap the given facet value in
+    the `facet_value_display_name` helper, ensuring that the value rendered
+    is always human readable. This addresses an issue where if the applied
+    filter value is that of a BSON ID, referencing a model somewhere, the
+    BSON ID was rendered in place of the model's name.
+
+    WORKAREA-122
+
+    Tom Scott
+
+*   Fix Segments Workflow Setup Duplication
+
+    The setup form for the new custom segment workflow did not include the
+    ID of an existing segment (if persisted) in the form when submitted,
+    causing multiple duplicate segment records to be created when users go
+    back to the setup step in the workflow. None of the other steps are
+    affected because the ID appears in the URL, but the setup step does a
+    direct POST to `/admin/create_segments`, thus causing this problem.
+
+    WORKAREA-219
+
+    Tom Scott
+
+*   Fix index duplicates after a release is removed
+
+    When a release is deleted, its changes must be reindexed to fix previews
+    for releases scheduled after it. This manifests as duplicate products
+    when previewing releases.
+
+    Ben Crouse
+
+*   Fix Promo Code Counts in Admin
+
+    Previously, promo codes could only be generated once through the admin,
+    so rendering the count of all promo codes as the count requested to be
+    generated was working out. However, as CSV imports and API updates became
+    more widespread, this began to break down as the `#count` field would
+    have to be updated each time a new set of promo codes were added.
+    Instead of reading from this pre-defined field on the code list, render
+    the actual count of promo codes from the database on the code list and
+    promo codes admin pages.
+
+    WORKAREA-199
+
+    Tom Scott
+
+*   Fix indexing after a release publishes
+
+    Due to potential changes in the index, publishing a release can result
+    in duplicate products when previewing.
+
+    Ben Crouse
+
+*   Update queue for release reschedule indexing
+
+    This should be in the releases queue, which has top priority. This will
+    help decrease the latency to accurate previews.
+
+    Ben Crouse
+
+
+
+Workarea 3.5.13 (2020-06-11)
+--------------------------------------------------------------------------------
+
+*   Fix duplicate products in release previews for featured product changes
+
+    When featured product changes stack in a release, duplicates will show
+    when previewing. This is due to the product's Elasticsearch documents
+    missing changeset IDs for releases scheduled after the release that
+    document is for. This fixes by indexing those release IDs as well.
+
+    Note that this will require a reindex to see the fix immediately. But
+    there's no harm in letting it roll out as products gradually get
+    reindexed.
+
+    Ben Crouse
+
+*   Fix reindexing of featured product resorting within a release
+
+    Resorting featured products within a release causes an inaccurate set of
+    changes from Mongoid's perspective, since it is only looking at what's
+    live vs what's going to be released. The changes within the release
+    aren't represented. This can manifest as incorrect sorts when previewing
+    in the storefront.
+
+    Ben Crouse
+
+*   Add additional append points to admin system.
+
+    Adds append points to product details, product content, variant and inventory sku.
+
+    Jeff Yucis
+
+*   Bump Geocoder
+
+    This fixes an irrelevant bundler-audit CVE warning, and adds/updates a bunch of Geocoder lookup options. See https://github.com/alexreisner/geocoder/blob/master/CHANGELOG.md for more info.
+
+    Ben Crouse
+
+*   Fix releases shifting day on the calendar when scrolling
+
+    This was caused by legacy timezone code that's irrelevant since we
+    shifted to a fix server-side timezone for the admin.
+
+    Ben Crouse
+
+*   Add QueuePauser to pause sidekiq queues, pause for search reindexing
+
+    WORKAREA-236
+
+    Matt Duffy
+
+*   Add index for releasable fields on changets, correct order fraud index
+
+    WORKAREA-235
+
+    Matt Duffy
+
+*   Handle error from attempting to fetch missing S3 CORS configuration
+
+    WORKAREA-234
+
+    Matt Duffy
+
+*   Fix storefront indexing when releases are rescheduled
+
+    When releases get rescheduled, the storefront index can end up with
+    duplicate and/or incorrect entries. This adds a worker which updates the
+    index with minimal querying/updating.
+
+    Ben Crouse
+
+*   Don't assume promo codes for indexing discounts
+
+    A custom discount may be implemented that doesn't use promo codes.
+
+    Ben Crouse
+
+*   Bump rack-attack to latest version
+
+    This fixes rack-attack keys without TTLs set piling up in Redis. This has caused hosting problems.
+
+    Ben Crouse
+
+*   Bump Kaminari dependency to fix security alert
+
+
+    Ben Crouse
+
+*   Fix query caching in Releasable
+
+    When reloading a model to get an instance for a release, if the model
+    had already been loaded, a cached version of the model was returned.
+    This causes incorrect values on the instance you thought you were getting
+    for a release.
+
+    This first manifested as a bug where adding a featured product that
+    had a release change to make it active caused reindexing to make it
+    active but it shouldn't have been.
+
+    Ben Crouse
+
+*   Fix incorrect shipping options error flash message
+
+    A flash error incorrectly showed when the order doesn't require shipping,
+    and addresses are updated.
+
+    Ben Crouse
+
+
+
 Workarea 3.5.12 (2020-05-26)
 --------------------------------------------------------------------------------
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workarea
 version: !ruby/object:Gem::Version
-  version: 3.5.12
+  version: 3.5.17
 platform: ruby
 authors:
 - Ben Crouse
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-26 00:00:00.000000000 Z
+date: 2020-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: workarea-core
@@ -16,56 +16,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
 - !ruby/object:Gem::Dependency
   name: workarea-storefront
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
 - !ruby/object:Gem::Dependency
   name: workarea-admin
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
 - !ruby/object:Gem::Dependency
   name: workarea-testing
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.12
+        version: 3.5.17
 description: Workarea is an enterprise-grade Ruby on Rails commerce platform.
 email:
 - bcrouse@workarea.com