Changelog History
Page 3
-
v4.1.0.rc2
February 04, 2020 -
v4.1.0.rc1 Changes
February 01, 2020 -
v4.0.5
November 10, 2020 -
v4.0.4 Changes
October 15, 2020๐ โ ๏ธ This security release is recommended for all Spree 4.0 installations โ ๏ธ
๐ Fixes security issue ensuring that doorkeeper_token is valid when authenticating requests in API v2 calls
-
v4.0.3 Changes
December 04, 2019This security release is recommended for all Spree 4.0 installations
๐ Fixes security issue with API v2 Order information 72e1d44
๐ An attacker could expose Order information using brute force to guess Order numbers. This patch fixes it by requiring Order token to obtain Order information from API v2 Order Status endpoint.
-
v4.0.2 Changes
November 21, 2019๐ This patch release contains bug fixes backported from the master branch. We'd like to thank all the contributors who made this happen ๐
API
-
v4.0.1 Changes
October 29, 2019๐ This patch release contains bug fixes backported from the master branch. We'd like to thank all the contributors who made this happen ๐
Admin Panel
- ๐ fixes #9614
-
v4.0.0 Changes
October 09, 2019Major/New Features
๐ฑ Rails 6.0 support ๐ฅ ๐ฅ ๐ฅ
Spree 4.0 is fully compatible with Rails 6.0 and the new default Zeitwerk code autoloader.
๐ฑ Storefront and Admin Panel moved to Bootstrap 4.2 ๐จ
โก๏ธ We've migrated both the default Spree frontend and Admin Panel from Bootstrap 3 to Bootstrap 4.2. This update brings all of the new features and fixes introduced in Bootstrap 4, 4.1 and 4.2. Accessibility and RWD were also improved in the process.
โฌ๏ธ Besides the Spree Frontend and Admin Panel we've also upgraded all extensions that required fixes, that is:
- Auth Devise
- I18n
- Multi Currency
- ๐ Analytics Trackers
- Digital
- Social
- Editor
- Recently Viewed
- Related Products
- Static Content
- Email to friend
- Volume Pricing
- Braintree vzero
- Product Assembly
- Avatax Certified
โก๏ธ If you use any of those extensions please update them along with the Spree update.
โ Address Book support ๐
โ Previously for multiple addresses support you had to use the Spree Address Book extension. We've decided that this was an inconsistency (user account already supported multiple credit cards) and moved this code into the core Spree and improved it.
Thanks to this signed in customers can manage multiple addresses in the Checkout and Account for both Shipping and Billing.
JSON-LD structured data support ๐
๐ To support schema.org we've replaced the old Microdata code with the new recommended JSON-LD format. This will make your store more future proof and improve SEO in the coming months.
Installation
โ Add Spree gems to Gemfile
gem 'spree', '~\> 4.0'gem 'spree\_auth\_devise', '~\> 4.0'gem 'spree\_gateway', '~\> 3.6'
โ Run
bundle install
๐ Use the install generators to set up Spree
rails g spree:install --user\_class=Spree::User rails g spree:auth:install rails g spree\_gateway:install
โฌ๏ธ Upgrade
โฌ๏ธ Official Spree 3.7 to 4.0 upgrade guide
Noteworthy changes
Please review each of the noteworthy changes to ensure your customizations or extensions are not affected. If you are affected by a change and have any suggestions please submit a PR to help the next person!
โ Added presence and uniqueness validation for
Country#iso
andCountry#iso3
attributesโ Added additional default zones (Asia, South America, Middle East)
๐ Fixed potential XSS on Product Page
โ Added ability to set time parts of a promotion period
๐ Use API v2 for country state and zip in the Checkout address form
โ Added id to currency & security card divs in Admin Panel General Settings for easier override
โ Added
.cache
class in Admin Panel General Settings for easier overrideAdded
Order#valid_promotions
andOrder#valid_promotion_ids
methodsโก๏ธ Updated
factory_bot
to5.0
โก๏ธ Updated
cancancan
to3.0
โก๏ธ Updated
Capybara
to3.24
โก๏ธ Updated
rspec-rails
to4.0
โก๏ธ Updated
ransack
to3.2.0
๐ Moved
ProductScopes
into a ConcernDeprecated
TestingSupport::ControllerRequests
methods likespree_get
,spree_post
etcโ Removed deprecated
OrderContents
โ Removed deprecated
Address#iso_name
methodโ Removed deprecated
Adjustment#open
andAdjustment#closed
scopesโ Removed deprecated
BaseHelper#variant_options
methodโ Removed deprecated
Order#set_currency
methodRemoved deprecated
Order#register_line_item_comparison_hook
methodโ Removed deprecated
Order#guest_token
methodโ Removed deprecated
Address#same_as
methodRemoved deprecated hash case in
Order#create_line_items_from_params
Removed deprecated
Order#line_item_options_match
โ Removed deprecated
OrdersController#populate
andOrdersController#populate_redirect
actionsโ Removed deprecated
RespondWith
moduleReplaced
Spree::ProductScopes
with a concern๐ Replaced deprecated
chromedriver-helper
withwebdrivers
gemReplaced
ControllerRequests#spree_
methods with standard get/post/put/etcโฌ๏ธ Dropped
acts-as-taggable-on
dependency and tag support. This will be later moved into an extension afteracts-as-taggable-on
will fully support Rails 6.0โฌ๏ธ Dropped
Paperclip
supportโฌ๏ธ Dropped
deface
dependencyโฌ๏ธ Dropped
versioncake
dependencyโฌ๏ธ Dropped
rspec-collection_matchers
dependencyโฌ๏ธ Dropped
rspec-its
dependencyFull Changelog
You can view the full changes using Github Compare.