v3.2.3

What's Changed

• Paginate variant autocomplete by @tvdeyen in #4662
• Update deprecated jQuery methods (Backport #4625 to v3.2) by @elia in #4674
• Restore --payment-method= for solidus:install on v3.2 by @elia in #4673
• Ensure puma 6 is not used in development by @elia in #4692
• make frontend installer shell-out commands more compatible by @elia in #4694
• Fix nil bundle_path while installing solidus_frontend by @elia in #4697

Full Changelog: v3.2.2...v3.2.3

v3.1.8

What's Changed

• [v3.1] Only default to activestorage adapter if Rails version is supported #4565 (tvdeyen)
• Fix key in the locale file #4513 (waiting-for-dev)
• [v3.1] Translate price country names #4509 (tvdeyen)
• [v3.1] Fix admin variants table UX #4506 (tvdeyen)
• [v3.1] Allow to extend user deletion logic #4472 (tvdeyen)

Full Changelog: v3.1.7...v3.1.8

v3.0.8

What's Changed

• [v3.0] Only default to activestorage adapter if Rails version is supported #4568 (tvdeyen)
• [v3.0] Fix Ransack error when searching for orders by customer name #4521 (tvdeyen)
• Fix key in the locale file #4514 (waiting-for-dev)
• [v3.0] Translate price country names #4510 (tvdeyen)
• [v3.0] Fix admin variants table UX #4507 (tvdeyen)
• [v3.0] Allow to extend user deletion logic #4473 (tvdeyen)

Full Changelog: v3.0.7...v3.0.8

v3.2.0

What's Changed

• Remove deprecated name-related Address fields by @filippoliverani in #3820
• Remove awesome_nested_set override for Rails 6.1 compatibility by @kennyadsl in #3893
• Load ActionMailer previews lazily by @aldesantis in #3900
• Lock money gem in development until next release by @kennyadsl in #3909
• Move Spree::Address#name attribute to the db by @filippoliverani in #3908
• Show 'guest' correctly in order customer details by @nirebu in #3910
• [Admin] Automatically check edited return items in RMA form by @spaghetticode in #3904
• Fix ActionMailer preview loading by @aldesantis in #3901
• Convert jQuery data attribute to number by @spaghetticode in #3899
• Remove all code deprecated in Solidus v2.x by @kennyadsl in #3818
• Discard Paranoia by @cedum in #3488
• Migrate default billing addresses to address book by @mamhoff in #3838
• Set dummy app forgery protection to false by @FrancescoAiello01 in #3887
• Enable ActiveStorage specs against Rails 6.1 by @kennyadsl in #3886
• Pre-select current tax category on product form by @spaghetticode in #3936
• Align Rubocop ruby version to gemspec by @spaghetticode in #3935
• Skip adding webpacker gem when generating dummyapp by @SamuelMartini in #3922
• allow customize database credentials for test app by @ccarruitero in #3921
• Avoid too many prompts during solidus:install generator by @kennyadsl in #3937
• Install Active Storage by default on new stores by @kennyadsl in #3938
• Fix factory loading by @elia in #3907
• Only use #original_message in Api::BaseController#parameter_missing_error if defined by @dividedharmony in #3940
• Allow users to create blank issues in GitHub by @kennyadsl in #3943
• Bump redcarpet from 3.4.0 to 3.5.1 in /guides by @dependabot in #3890
• Remove Deprecation Warning in ActiveModel Errors by @Azeem838 in #3946
• Add English variants to select2_local directory by @michaelmichael in #3895
• Fix circular reference in factory by @waiting-for-dev in #3959
• Inline the attachment form for taxon icons by @elia in #3932
• Relax Money dependency in development by @kennyadsl in #3958
• Remove deprecated attachment_partial_name by @kennyadsl in #3974
• Switch to maintained Paperclip fork by @filippoliverani in #3913
• Improve Active Storage configuration for in-memory Dummy App by @kennyadsl in #3970
• Add Active Storage in Dummy App for extensions by @kennyadsl in #3969
• Add Address name data migration rake task by @spaghetticode in #3933
• Bump elliptic from 6.5.3 to 6.5.4 in /guides by @dependabot in #3981
• Improve address name migration task output by @kennyadsl in #3982
• Fix for incorrect deprecation class by @tmtrademarked in #3991
• Allow accessing preferences on models that do not have any set by @kennyadsl in #3998
• Use Spree.user_class instead of Spree::LegacyUser in production code by @mamhoff in #3995
• Add Post-Install message to Solidus 3.0 by @kennyadsl in #3985
• Include Preference Handling as a Module by @mamhoff in #4015
• Bump y18n from 3.2.1 to 3.2.2 in /guides by @dependabot in #4016
• DRY-up BogusCreditCard model and remove invasive refund spec stub by @spaghetticode in #4002
• Only run spring stop in install generator if spring is available by @Noah-Silvera in #3999
• Switch to the correct ActiveStorage variant syntax by @filippoliverani in #4003
• Bump removal horizon for 3.x deprecations by @kennyadsl in #4025
• Image attachment content type validation fix for ActiveStorage by @cpfergus1 in #4021
• Rescue FileNotFoundError exception on failed image downloads by @cpfergus1 in #4026
• Add CHANGELOG entries for 2.11.x and 3.0 by @kennyadsl in #3975
• Master now tracks 3.1.0 by @kennyadsl in #4033
• Improve Solidus events documentation by @spaghetticode in #3819
• Use more appropriate language for woman's t-shirt in sample data by @Noah-Silvera in #4031
• Let the PriceSelector return a Spree::Price by @swively in #3925
• Update order_tabs Order number format by @brchristian in #3835
• eager load records instead of n+1 for update_positions by @BenMorganIO in #3875
• Allow Variant to check stock by stock_location by @MadelineCollier in #3884
• Fix order checkout flow completion with custom steps by @nerfologist in #3950
• Don't hack into ActionMailer to add our mail previews path by @elia in #3961
• Allow customer returns to reference existing ReturnItems on create through API by @forkata in #4007
• Consolidation of promotion code batch form fields into partial. by @cpfergus1 in #3957
• Promotion rule product limit improvements by @nirnaeth in #3934
• Normalize email required checks by @elia in #3879
• Moving API attribute helpers to API config by @snada in #4039
• Improve Customizing Attributes documentation by @dhughesbc in #3979
• Fix solidus stock locations sorting by @ikraamg in #3954
• Add docker-compose development environment by @waiting-for-dev in #3947
• Improve the extensibility of Rules::ItemTotal by @elia in #3431
• Handle permalink attribute on product create by @nandita2010 in #4024
• Review install instructions in README and Guides by @kennyadsl in #4034
• Load defaults for the latest Rails minor version in the dummy app by @waiting-for-dev in #4035
• Use symbols in polymorphic path for event_links by @tvdeyen in #4048
• Bump lodash from 4.17.19 to 4.17.21 in /guides by @dependabot in #4051
• Bump hosted-git-info from 2.7.1 to 2.8.9 in /guides by @dependabot in #4053
• Fix links in CHANGELOG.md by @bogdanvlviv in #4057
• Fix "Cancel" URL link on reimbursement edit page by @spaghetticode in #4061
• [ADMIN] Properly format flash error message by @spaghetticode in #3996
• Unhardcode admin base url in 'stock_location_stock_item' template by @ok32 in #4063
• Add UUID to StoreCredit#generate_authorization_code by @spaghetticode in #4060
• Fix customer return validation for return items without inventory units by @willianveiga in #4068
• Update the Nebulab's logo on README.md by @mfrecchiami in #4079
• Support Ruby 3 by @waiting-for-dev in #4072
• Fix detecting exec js version by adding minimal requirement for autoprefixer-rails by @waiting-for-dev in #4077
• Permit return_items_attributes return_reason_id by @spaghetticode in #4080
• Fix Spree::Promotion.has_actions scope by @mamhoff in #4056
• Move currently_valid_prices to a method by @waiting-for-dev in #4073
• Fix Request Bodies in API Documentation by @kennyadsl in #4066
• Small English correction...

v3.1.7

What's Changed

• Fix user restricted stock management v3.1 by @rmparr in #4400
• [v3.1] Only install ActiveStorage adapter on supported Rails versions by @tvdeyen in #4403
• [v3.1] Remove N+1 from admin users by @tvdeyen in #4420
• [v3.1] Fix delete response in admin users controller by @tvdeyen in #4416
• Support CVE-2022-32224 Rails security updates - backport to v3.1 by @gsmendoza in #4453

Full Changelog: v3.1.6...v3.1.7

v3.0.7

What's Changed

• Backport #4228 to V3.0 by @jcsanti in #4232
• [BACKPORT] Reintroduce inverse_of: :product for variants association by @spaghetticode in #4235
• Authorize uuid for existing object in sortable table by @julienanne in #4300
• [3.0] Fixes using ActiveStorage adapter with libvips as variant processor by @waiting-for-dev in #4325
• [v3.0] Fix creating refund with amount in foreign format by @tvdeyen in #4346
• [v3.0] Enhance refund admin UI by @tvdeyen in #4350
• [v3.0] Update in-memory shipments of order in order_shipping by @tvdeyen in #4336
• [v3.0] Make more room for long values in Order Summary by @tvdeyen in #4354
• [v3.0] Fix refund form (again) by @tvdeyen in #4361
• [v3.0] Fix creating store credit with amount in foreign format by @tvdeyen in #4392
• Fix user restricted stock management v3.0 by @rmparr in #4399
• [v3.0] Only install ActiveStorage adapter on supported Rails versions by @tvdeyen in #4404
• [v3.0] Backport docker development environment by @waiting-for-dev in #4407
• [v3.0] Remove N+1 from admin users by @tvdeyen in #4421
• [v3.0] Fix delete response in admin users controller by @tvdeyen in #4417
• Support CVE-2022-32224 Rails security updates - backport to v3.0 by @gsmendoza in #4454

Full Changelog: v3.0.5...v3.0.7

v2.11.17

Breaking changes

NOTE: This release contains a breaking change due to the backport of the fixes for CVE-2022-32224 in #4455, specifically due to the switch to YAML.safe_load in Spree::LogEntry here.

To ensure compatibility with this change, you may need to update your app configuration for Spree::AppConfiguration#log_entry_permitted_classes and ensure it includes any constants that may be serialized in YAML in addition to the already allowed ones by core or any extensions you may use.

What's Changed

• Fix user restricted stock management v2.11 by @rmparr in #4398
• [v2.11] Backport docker development environment by @waiting-for-dev in #4408
• [v2.11] Remove N+1 from admin users by @tvdeyen in #4422
• [v2.11] Fix delete response in admin users controller by @tvdeyen in #4418
• Support CVE-2022-32224 Rails security updates - backport to v2.11 by @gsmendoza in #4455

Full Changelog: v2.11.16...v2.11.17

v2.11.15

• V2.11 - Fix non auto populated customer info #4247 (nbelzer)
• [BACKPORT] Reintroduce inverse_of: :product for variants association #4234 (spaghetticode)
• Backport #4228 to V2.11 #4230 (jcsanti)
• v2.11 fix(Address): Set name from firstname and lastname on update #4224 (tvdeyen)
• Backport #3913 to V2.11 #4174 (spaghetticode)

v2.11.14

• Fix CSRF forgery protection bypass for Spree::OrdersController#populate GHSA-h3fg-h5v3-vf8m

v2.11.13

• Fix ReDos vulnerability on Spree::EmailValidator::EMAIL_REGEXP GHSA-qxmr-qxh6-2cc9
• Use SSL on fonts.googleapis.com scss import #4212 RyanofWoods