Merge pull request #12778 from chahmedejaz/bugfix/12596-fix-annoying-oc-warning-display

[BUU] Fix Messy flash notifications on new products page
12596: keep flash[:notice] check
2026-01-13 18:46:49 +00:00 · 2024-08-16 10:29:43 +10:00 · 2024-08-15 14:50:32 +05:00 · 2024-08-15 10:43:13 +02:00 · 2024-08-15 16:56:59 +10:00 · 2024-08-15 05:59:17 +05:00
1229 changed files with 56400 additions and 21873 deletions
--- a/.env
+++ b/.env
@@ -10,10 +10,10 @@ TIMEZONE="Melbourne"
 DEFAULT_COUNTRY_CODE="AU"

 # Locale for translation.
-LOCALE="en"
+LOCALE="en_AU"

 # For multilingual - ENV doesn't have array so pass it as string with commas
-AVAILABLE_LOCALES="en,es"
+AVAILABLE_LOCALES="en_AU,es"

 # Spree zone.
 CHECKOUT_ZONE="Australia"
@@ -42,14 +42,6 @@ SMTP_PASSWORD="f00d"
 # Javascript error reporting via Bugsnag.
 # BUGSNAG_JS_KEY=""

-# SingleSignOn login for Discourse
-#
-# DISCOURSE_SSO_SECRET should be a random string. It must be the same as provided to your Discourse instance.
-# DISCOURSE_SSO_SECRET=""
-#
-# DISCOURSE_URL must be the URL of your Discourse instance.
-# DISCOURSE_URL="https://noticeboard.openfoodnetwork.org.au"
-
 # see="https://developers.google.com/maps/documentation/javascript/get-api-key
 # GOOGLE_MAPS_API_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 # see https://developers.google.com/maps/documentation/javascript/localization#Region
--- a/.env.development
+++ b/.env.development
@@ -5,6 +5,11 @@
 #
 #     cp .env.development .env.local

+# Locale for translation. Using a locale other than `en` tests the
+# successful fallback to `en`. You will also see up-to-date text used
+# in production
+LOCALE="en_AU"
+
 VERBOSE_QUERY_LOGS=true

 SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
--- a/.env.test
+++ b/.env.test
@@ -1,6 +1,9 @@
 # ENV vars for the test environment
 # Override locally with `.env.test.local`

+# Locale for translation.
+LOCALE="en_TEST"
+
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"

 SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
--- a/.github/ISSUE_TEMPLATE/release.md
+++ b/.github/ISSUE_TEMPLATE/release.md
@@ -45,7 +45,7 @@ The full process is described at https://github.com/openfoodfoundation/openfoodn

 [Ready To Go]: https://github.com/orgs/openfoodfoundation/projects/8?filterQuery=status%3A%22Ready+to+go+%F0%9F%9A%80%22
 [Transifex pull request]: https://github.com/openfoodfoundation/openfoodnetwork/pulls?utf8=%E2%9C%93&q=is%3Apr+is%3Aopen+head%3Atransifex
-[Draft new release]: https://github.com/openfoodfoundation/openfoodnetwork/releases/new?tag=v&title=v+Code+Name&body=Congrats%0A%0ADescription%0A%0A
+[Draft new release]: https://github.com/openfoodfoundation/openfoodnetwork/releases/new?title=v+Code+Name&body=Congrats%0A%0ADescription%0A%0A
 [releases]: https://github.com/openfoodfoundation/openfoodnetwork/releases
 [#instance-managers]: https://app.slack.com/client/T02G54U79/CG7NJ966B
 [#testing]: https://openfoodnetwork.slack.com/app_redirect?channel=C02TZ6X00
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,3 +1,8 @@
+# Dependabot configuration
+#
+# The `directory` and `schedule.interval` options are mandatory.
+# Most of the configuration here is not used for security updates though.
+
 version: 2
 updates:

@@ -5,7 +10,7 @@ updates:
    directory: "/"
    schedule:
      interval: "daily"
-    open-pull-requests-limit: 10
+
    # Only specific requirements are specified in Gemfile, so don't touch it.
    versioning-strategy: lockfile-only

@@ -13,5 +18,6 @@ updates:
    directory: "/"
    schedule:
      interval: "daily"
+
    # All versions are specified in package.json, so please update them.
    versioning-strategy: increase
--- a/.github/workflows/auto-author-assign.yml
+++ b/.github/workflows/auto-author-assign.yml
@@ -0,0 +1,14 @@
+name: Auto Author Assign
+
+on:
+  pull_request_target:
+    types: [opened, reopened]
+
+permissions:
+  pull-requests: write
+
+jobs:
+  assign-author:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: toshimaru/auto-author-assign@v2.1.0
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -55,17 +55,18 @@ jobs:
        with:
          bundler-cache: true # runs 'bundle install' and caches installed gems automatically

+      # JS is required in order for webpacker to compile, in order to render templates containing image urls
      - uses: actions/setup-node@v3
        with:
          node-version-file: .node-version
+          cache: yarn

      - name: Install JS dependencies
        run: yarn install --frozen-lockfile

      - name: Set up database
        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
+          bin/rake db:create db:schema:load

      - name: Run tests
        env:
@@ -83,7 +84,7 @@ jobs:
          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb}" 
        run: |
          git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-          bundle exec rake knapsack_pro:rspec
+          bin/rake knapsack_pro:rspec

  models:
    runs-on: ubuntu-22.04
@@ -106,10 +107,10 @@ jobs:
        # [n] - where the n is a number of parallel jobs you want to run your tests on.
        # Use a higher number if you have slow tests to split them between more parallel jobs.
        # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [5]
+        ci_node_total: [4]
        # Indexes for parallel jobs (starting from zero).
        # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3, 4]
+        ci_node_index: [0, 1, 2, 3]
    steps:
      - uses: actions/checkout@v3

@@ -123,20 +124,11 @@ jobs:
        with:
          bundler-cache: true # runs 'bundle install' and caches installed gems automatically

-      - uses: actions/setup-node@v3
-        with:
-          node-version-file: .node-version
-
-      - name: Install JS dependencies
-        run: yarn install --frozen-lockfile
-
      - name: Set up database
        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
+          bin/rake db:create db:schema:load

      - name: Run tests
-
        env:
          KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: 09476e2ce491c12083df62768667c674
          KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
@@ -150,9 +142,8 @@ jobs:
          # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
          #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/models/**/*_spec.rb}" 
-        
        run: |
-          bundle exec rake knapsack_pro:rspec
+          bin/rake knapsack_pro:rspec

  system_admin:
    runs-on: ubuntu-22.04
@@ -175,10 +166,10 @@ jobs:
        # [n] - where the n is a number of parallel jobs you want to run your tests on.
        # Use a higher number if you have slow tests to split them between more parallel jobs.
        # Remember to update the value of the `ci_node_index` below to (0..n-1).
-        ci_node_total: [13]
+        ci_node_total: [14]
        # Indexes for parallel jobs (starting from zero).
        # E.g. use [0, 1] for 2 parallel jobs, [0, 1, 2] for 3 parallel jobs, etc.
-        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12] 
+        ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13]
    steps:
      - uses: actions/checkout@v3

@@ -195,14 +186,14 @@ jobs:
      - uses: actions/setup-node@v3
        with:
          node-version-file: .node-version
+          cache: yarn

      - name: Install JS dependencies
        run: yarn install --frozen-lockfile

      - name: Set up database
        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
+          bin/rake db:create db:schema:load

      - name: Run tests

@@ -221,13 +212,13 @@ jobs:
          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/admin/**/*_spec.rb}" 

        run: |
-          bundle exec rake knapsack_pro:queue:rspec
+          bin/rake knapsack_pro:queue:rspec

      - name: Archive failed tests screenshots
        if: failure()
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: failed-tests-screenshots
+          name: failed-admin-tests-screenshots
          path: tmp/capybara/screenshots/*.png
          retention-days: 7
          if-no-files-found: ignore
@@ -273,14 +264,14 @@ jobs:
      - uses: actions/setup-node@v3
        with:
          node-version-file: .node-version
+          cache: yarn

      - name: Install JS dependencies
        run: yarn install --frozen-lockfile

      - name: Set up database
        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
+          bin/rake db:create db:schema:load

      - name: Run tests

@@ -299,13 +290,13 @@ jobs:
          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/system/consumer/**/*_spec.rb}" 

        run: |
-          bundle exec rake knapsack_pro:queue:rspec
+          bin/rake knapsack_pro:queue:rspec

      - name: Archive failed tests screenshots
        if: failure()
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: failed-tests-screenshots
+          name: failed-consumer-tests-screenshots
          path: tmp/capybara/screenshots/*.png
          retention-days: 7
          if-no-files-found: ignore
@@ -348,17 +339,18 @@ jobs:
        with:
          bundler-cache: true # runs 'bundle install' and caches installed gems automatically

+      # JS is required in order for webpacker to compile, in order to render templates linking to mail.css
      - uses: actions/setup-node@v3
        with:
          node-version-file: .node-version
+          cache: yarn

      - name: Install JS dependencies
        run: yarn install --frozen-lockfile

      - name: Set up database
        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
+          bin/rake db:create db:schema:load

      - name: Run tests

@@ -377,16 +369,7 @@ jobs:
          KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/lib/**/*_spec.rb,spec/migrations/**/*_spec.rb,spec/serializers/**/*_spec.rb,engines/**/*_spec.rb}"

        run: |
-          bundle exec rake knapsack_pro:rspec
-
-      - name: Archive failed tests screenshots
-        if: failure()
-        uses: actions/upload-artifact@v3
-        with:
-          name: failed-tests-screenshots
-          path: tmp/capybara/screenshots/*.png
-          retention-days: 7
-          if-no-files-found: ignore
+          bin/rake knapsack_pro:rspec

  test_the_rest:
    runs-on: ubuntu-22.04
@@ -426,20 +409,20 @@ jobs:
        with:
          bundler-cache: true # runs 'bundle install' and caches installed gems automatically

+      # JS is required in order for webpacker to compile, in order to render templates linking to mail.css
      - uses: actions/setup-node@v3
        with:
          node-version-file: .node-version
+          cache: yarn

      - name: Install JS dependencies
        run: yarn install --frozen-lockfile

      - name: Set up database
        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
+          bin/rake db:create db:schema:load

      - name: Run tests
-
        env:
          KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: e3b8800198d2d89b70c7edbdd85f8fd8
          KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
@@ -453,10 +436,8 @@ jobs:
          # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
          #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
          KNAPSACK_PRO_TEST_FILE_EXCLUDE_PATTERN: "{engines/**/*_spec.rb,spec/models/**/*_spec.rb,spec/controllers/**/*_spec.rb,spec/serializers/**/*_spec.rb,spec/lib/**/*_spec.rb,spec/migrations/**/*_spec.rb,spec/system/**/*_spec.rb}"
-                                            
-        
        run: |
-          bundle exec rake knapsack_pro:rspec
+          bin/rake knapsack_pro:rspec

  non_knapsack_jest_karma:
    runs-on: ubuntu-22.04
@@ -476,11 +457,7 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
-        with: 
-          redis-version: 6
-
+      # Rails is required for the Karma rake script
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
@@ -489,16 +466,13 @@ jobs:
      - uses: actions/setup-node@v3
        with:
          node-version-file: .node-version
+          cache: yarn

      - name: Install JS dependencies
        run: yarn install --frozen-lockfile

-      - name: Set up database
-        run: |
-          bundle exec rake db:create
-          bundle exec rake db:schema:load
      - name: Run JS tests
-        run: bundle exec rake karma:run
+        run: bin/rake karma:run

      - name: Run jest tests
        run: yarn jest
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -7,10 +7,11 @@ jobs:
    name: runner / rubocop
    runs-on: ubuntu-latest
    steps:
-      - name: Check out code
-        uses: actions/checkout@v1
+      - uses: actions/checkout@v3

      - uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true # runs 'bundle install' and caches installed gems automatically

      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)

@@ -21,6 +22,8 @@ jobs:
          rubocop_extensions: rubocop-rails:gemfile rubocop-rspec:gemfile
          reporter: github-pr-check
          level: error
+          filter_mode: nofilter
+          use_bundler: true
          fail_on_error: true
  prettier:
    name: runner / prettier
--- a/.rspec
+++ b/.rspec
@@ -0,0 +1 @@
+--require base_spec_helper
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -5,8 +5,12 @@
 # The configuration is split into three files. Look into those files for more details.
 #
 require:
+  - rubocop-capybara
+  - rubocop-factory_bot
  - rubocop-rails
  - rubocop-rspec
+  - rubocop-rspec_rails
+
 inherit_from:

  # The automatically generated todo list to ignore all current violations.
--- a/.rubocop_styleguide.yml
+++ b/.rubocop_styleguide.yml
@@ -3,7 +3,6 @@
 # These are the rules we agreed upon and we work towards.
 AllCops:
  NewCops: enable
-  SuggestExtensions: false
  Exclude:
    - bin/**/*
    - db/**/*
@@ -116,6 +115,11 @@ Rails/OutputSafety:
  Exclude:
    - spec/**/*

+Rails/RedundantActiveRecordAllMethod:
+  AllowedReceivers:
+    - ActionMailer::Preview
+    - ActiveSupport::TimeZone
+
 Rails/SkipsModelValidations:
  AllowedMethods:
    - touch
@@ -125,6 +129,16 @@ Rails/SkipsModelValidations:
    - update_column
    - update_columns

+Rails/UnknownEnv:
+  Environments:
+    - development
+    - production
+    - staging
+    - test
+
+Rails/WhereExists:
+  EnforcedStyle: where # Cf. conversion https://github.com/openfoodfoundation/openfoodnetwork/pull/12363
+
 Style/Documentation:
  Enabled: false

--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -1,50 +1,18 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400 --no-auto-gen-timestamp`
-# using RuboCop version 1.62.1.
+# using RuboCop version 1.64.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.

-# Offense count: 16
-# Configuration parameters: AllowedMethods.
-# AllowedMethods: enums
-Lint/ConstantDefinitionInBlock:
-  Exclude:
-    - 'lib/tasks/import_product_images.rake'
-    - 'lib/tasks/users.rake'
-    - 'spec/controllers/spree/admin/base_controller_spec.rb'
-    - 'spec/helpers/serializer_helper_spec.rb'
-    - 'spec/lib/reports/line_items_spec.rb'
-    - 'spec/models/spree/ability_spec.rb'
-    - 'spec/models/spree/gateway_spec.rb'
-    - 'spec/models/spree/preferences/configuration_spec.rb'
-    - 'spec/models/spree/preferences/preferable_spec.rb'
-    - 'spec/validators/date_time_string_validator_spec.rb'
-    - 'spec/validators/integer_array_validator_spec.rb'
-
-# Offense count: 6
-# Configuration parameters: IgnoreLiteralBranches, IgnoreConstantBranches.
-Lint/DuplicateBranch:
-  Exclude:
-    - 'app/helpers/spree/admin/base_helper.rb'
-    - 'app/models/enterprise.rb'
-    - 'app/models/spree/calculator.rb'
-    - 'app/models/spree/preference.rb'
-    - 'app/models/spree/preferences/preferable.rb'
-
-# Offense count: 2
-Lint/DuplicateMethods:
-  Exclude:
-    - 'lib/discourse/single_sign_on.rb'
-
 # Offense count: 1
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Lint/DuplicateRequire:
+# This cop supports safe autocorrection (--autocorrect).
+Layout/EmptyLines:
  Exclude:
-    - 'spec/lib/open_food_network/scope_variants_to_search_spec.rb'
+    - 'app/services/products_renderer.rb'

-# Offense count: 18
+# Offense count: 16
 # Configuration parameters: AllowComments, AllowEmptyLambdas.
 Lint/EmptyBlock:
  Exclude:
@@ -60,11 +28,10 @@ Lint/EmptyBlock:
    - 'spec/jobs/subscription_placement_job_spec.rb'
    - 'spec/models/product_import/entry_validator_spec.rb'

-# Offense count: 6
+# Offense count: 4
 # Configuration parameters: AllowComments.
 Lint/EmptyClass:
  Exclude:
-    - 'spec/controllers/spree/admin/base_controller_spec.rb'
    - 'spec/lib/reports/report_loader_spec.rb'

 # Offense count: 1
@@ -118,7 +85,7 @@ Lint/UselessMethodDefinition:
  Exclude:
    - 'app/models/spree/gateway.rb'

-# Offense count: 26
+# Offense count: 24
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes, Max.
 Metrics/AbcSize:
  Exclude:
@@ -137,11 +104,9 @@ Metrics/AbcSize:
    - 'app/models/spree/order/checkout.rb'
    - 'app/models/spree/preferences/preferable_class_methods.rb'
    - 'app/models/spree/return_authorization.rb'
-    - 'lib/discourse/single_sign_on.rb'
    - 'lib/open_food_network/order_cycle_form_applicator.rb'
    - 'lib/open_food_network/order_cycle_permissions.rb'
    - 'lib/spree/core/controller_helpers/order.rb'
-    - 'lib/tasks/enterprises.rake'
    - 'spec/services/orders/checkout_restart_service_spec.rb'

 # Offense count: 9
@@ -197,12 +162,12 @@ Metrics/ClassLength:
    - 'app/models/spree/user.rb'
    - 'app/models/spree/variant.rb'
    - 'app/models/spree/zone.rb'
-    - 'app/reflexes/products_reflex.rb'
+    - 'app/reflexes/admin/orders_reflex.rb'
    - 'app/serializers/api/cached_enterprise_serializer.rb'
    - 'app/serializers/api/enterprise_shopfront_serializer.rb'
    - 'app/services/cart_service.rb'
-    - 'app/services/orders/sync_service.rb'
    - 'app/services/order_cycles/form_service.rb'
+    - 'app/services/orders/sync_service.rb'
    - 'engines/order_management/app/services/order_management/order/updater.rb'
    - 'lib/open_food_network/enterprise_fee_calculator.rb'
    - 'lib/open_food_network/order_cycle_form_applicator.rb'
@@ -213,7 +178,7 @@ Metrics/ClassLength:
    - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
    - 'lib/reporting/reports/xero_invoices/base.rb'

-# Offense count: 34
+# Offense count: 32
 # Configuration parameters: AllowedMethods, AllowedPatterns, Max.
 Metrics/CyclomaticComplexity:
  Exclude:
@@ -223,7 +188,6 @@ Metrics/CyclomaticComplexity:
    - 'app/helpers/checkout_helper.rb'
    - 'app/helpers/order_cycles_helper.rb'
    - 'app/helpers/spree/admin/navigation_helper.rb'
-    - 'app/models/enterprise.rb'
    - 'app/models/enterprise_relationship.rb'
    - 'app/models/product_import/entry_validator.rb'
    - 'app/models/spree/ability.rb'
@@ -237,7 +201,6 @@ Metrics/CyclomaticComplexity:
    - 'app/models/spree/tax_rate.rb'
    - 'app/models/spree/variant.rb'
    - 'app/models/spree/zone.rb'
-    - 'lib/discourse/single_sign_on.rb'
    - 'lib/open_food_network/enterprise_issue_validator.rb'
    - 'lib/reporting/reports/xero_invoices/base.rb'
    - 'lib/spree/core/controller_helpers/order.rb'
@@ -245,7 +208,7 @@ Metrics/CyclomaticComplexity:
    - 'lib/spree/localized_number.rb'
    - 'spec/models/product_importer_spec.rb'

-# Offense count: 25
+# Offense count: 24
 # Configuration parameters: CountComments, Max, CountAsOne, AllowedMethods, AllowedPatterns.
 Metrics/MethodLength:
  Exclude:
@@ -259,7 +222,6 @@ Metrics/MethodLength:
    - 'app/models/spree/order/checkout.rb'
    - 'app/models/spree/payment/processing.rb'
    - 'app/models/spree/preferences/preferable_class_methods.rb'
-    - 'lib/discourse/single_sign_on.rb'
    - 'lib/open_food_network/order_cycle_form_applicator.rb'
    - 'lib/open_food_network/order_cycle_permissions.rb'
    - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
@@ -267,7 +229,7 @@ Metrics/MethodLength:
    - 'lib/spree/localized_number.rb'
    - 'lib/tasks/sample_data/product_factory.rb'

-# Offense count: 48
+# Offense count: 49
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ModuleLength:
  Exclude:
@@ -297,6 +259,7 @@ Metrics/ModuleLength:
    - 'spec/controllers/payment_gateways/stripe_controller_spec.rb'
    - 'spec/controllers/spree/admin/adjustments_controller_spec.rb'
    - 'spec/controllers/spree/admin/payment_methods_controller_spec.rb'
+    - 'spec/controllers/spree/admin/variants_controller_spec.rb'
    - 'spec/lib/open_food_network/address_finder_spec.rb'
    - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
    - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
@@ -390,41 +353,209 @@ Naming/VariableNumber:
    - 'spec/models/spree/tax_rate_spec.rb'
    - 'spec/requests/api/orders_spec.rb'

-# Offense count: 11
-# Configuration parameters: Include.
-# Include: app/models/**/*.rb
-Rails/HasManyOrHasOneDependent:
+# Offense count: 142
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: ResponseMethods.
+# ResponseMethods: response, last_response
+RSpecRails/HaveHttpStatus:
  Exclude:
-    - 'app/models/enterprise.rb'
-    - 'app/models/spree/address.rb'
-    - 'app/models/spree/stock_item.rb'
-    - 'app/models/spree/tax_rate.rb'
-    - 'app/models/spree/variant.rb'
-
-# Offense count: 26
-# Configuration parameters: Include.
-# Include: app/helpers/**/*.rb
-Rails/HelperInstanceVariable:
-  Exclude:
-    - 'app/helpers/injection_helper.rb'
-    - 'app/helpers/shared_helper.rb'
-    - 'app/helpers/spree/admin/orders_helper.rb'
-    - 'app/helpers/spree/orders_helper.rb'
+    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
+    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
+    - 'spec/controllers/api/v0/base_controller_spec.rb'
+    - 'spec/controllers/api/v0/customers_controller_spec.rb'
+    - 'spec/controllers/api/v0/enterprises_controller_spec.rb'
+    - 'spec/controllers/api/v0/logos_controller_spec.rb'
+    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
+    - 'spec/controllers/api/v0/orders_controller_spec.rb'
+    - 'spec/controllers/api/v0/product_images_controller_spec.rb'
+    - 'spec/controllers/api/v0/products_controller_spec.rb'
+    - 'spec/controllers/api/v0/promo_images_controller_spec.rb'
+    - 'spec/controllers/api/v0/reports/packing_report_spec.rb'
+    - 'spec/controllers/api/v0/reports_controller_spec.rb'
+    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
+    - 'spec/controllers/api/v0/statuses_controller_spec.rb'
+    - 'spec/controllers/api/v0/taxons_controller_spec.rb'
+    - 'spec/controllers/api/v0/terms_and_conditions_controller_spec.rb'
+    - 'spec/controllers/api/v0/variants_controller_spec.rb'
+    - 'spec/controllers/cart_controller_spec.rb'
+    - 'spec/controllers/checkout_controller_spec.rb'
+    - 'spec/controllers/enterprises_controller_spec.rb'
+    - 'spec/controllers/line_items_controller_spec.rb'
+    - 'spec/controllers/shop_controller_spec.rb'
+    - 'spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb'
+    - 'spec/controllers/spree/admin/orders_controller_spec.rb'
+    - 'spec/controllers/spree/admin/products_controller_spec.rb'
+    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
+    - 'spec/controllers/spree/orders_controller_spec.rb'
+    - 'spec/controllers/stripe/callbacks_controller_spec.rb'
+    - 'spec/controllers/stripe/webhooks_controller_spec.rb'
+    - 'spec/controllers/user_passwords_controller_spec.rb'
+    - 'spec/controllers/user_registrations_controller_spec.rb'
+    - 'spec/requests/api/routes_spec.rb'
+    - 'spec/requests/checkout/stripe_sca_spec.rb'
+    - 'spec/requests/home_controller_spec.rb'
+    - 'spec/requests/omniauth_callbacks_controller_spec.rb'
+    - 'spec/services/embedded_page_service_spec.rb'
+    - 'spec/support/api_helper.rb'

 # Offense count: 8
-# Configuration parameters: Include.
-# Include: spec/**/*.rb, test/**/*.rb
-Rails/I18nLocaleAssignment:
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: numeric, symbolic, be_status
+RSpecRails/HttpStatus:
  Exclude:
-    - 'spec/controllers/user_registrations_controller_spec.rb'
-    - 'spec/helpers/i18n_helper_spec.rb'
-    - 'spec/models/spree/variant_spec.rb'
-    - 'spec/system/admin/order_cycles/list_spec.rb'
+    - 'spec/controllers/spree/admin/products_controller_spec.rb'
+    - 'spec/requests/api/orders_spec.rb'

-# Offense count: 3
-Rails/I18nLocaleTexts:
+# Offense count: 144
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: Inferences.
+RSpecRails/InferredSpecType:
  Exclude:
-    - 'app/controllers/admin/stripe_accounts_controller.rb'
+    - 'engines/dfc_provider/spec/requests/addresses_spec.rb'
+    - 'engines/dfc_provider/spec/requests/catalog_items_spec.rb'
+    - 'engines/dfc_provider/spec/requests/enterprise_groups/affiliated_by_spec.rb'
+    - 'engines/dfc_provider/spec/requests/enterprise_groups_spec.rb'
+    - 'engines/dfc_provider/spec/requests/enterprises_spec.rb'
+    - 'engines/dfc_provider/spec/requests/offers_spec.rb'
+    - 'engines/dfc_provider/spec/requests/persons_spec.rb'
+    - 'engines/dfc_provider/spec/requests/social_medias_spec.rb'
+    - 'engines/dfc_provider/spec/requests/supplied_products_spec.rb'
+    - 'engines/web/spec/helpers/cookies_policy_helper_spec.rb'
+    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/column_preferences_controller_spec.rb'
+    - 'spec/controllers/admin/customers_controller_spec.rb'
+    - 'spec/controllers/admin/enterprises_controller_spec.rb'
+    - 'spec/controllers/admin/inventory_items_controller_spec.rb'
+    - 'spec/controllers/admin/invoice_settings_controller_spec.rb'
+    - 'spec/controllers/admin/matomo_settings_controller_spec.rb'
+    - 'spec/controllers/admin/order_cycles_controller_spec.rb'
+    - 'spec/controllers/admin/product_import_controller_spec.rb'
+    - 'spec/controllers/admin/proxy_orders_controller_spec.rb'
+    - 'spec/controllers/admin/reports_controller_spec.rb'
+    - 'spec/controllers/admin/schedules_controller_spec.rb'
+    - 'spec/controllers/admin/stripe_accounts_controller_spec.rb'
+    - 'spec/controllers/admin/stripe_connect_settings_controller_spec.rb'
+    - 'spec/controllers/admin/subscription_line_items_controller_spec.rb'
+    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
+    - 'spec/controllers/admin/tag_rules_controller_spec.rb'
+    - 'spec/controllers/admin/terms_of_service_files_controller_spec.rb'
+    - 'spec/controllers/admin/variant_overrides_controller_spec.rb'
+    - 'spec/controllers/api/v0/customers_controller_spec.rb'
+    - 'spec/controllers/api/v0/enterprise_fees_controller_spec.rb'
+    - 'spec/controllers/api/v0/enterprises_controller_spec.rb'
+    - 'spec/controllers/api/v0/exchange_products_controller_spec.rb'
+    - 'spec/controllers/api/v0/logos_controller_spec.rb'
+    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
+    - 'spec/controllers/api/v0/orders_controller_spec.rb'
+    - 'spec/controllers/api/v0/product_images_controller_spec.rb'
+    - 'spec/controllers/api/v0/products_controller_spec.rb'
+    - 'spec/controllers/api/v0/promo_images_controller_spec.rb'
+    - 'spec/controllers/api/v0/reports/packing_report_spec.rb'
+    - 'spec/controllers/api/v0/reports_controller_spec.rb'
+    - 'spec/controllers/api/v0/shipments_controller_spec.rb'
+    - 'spec/controllers/api/v0/shops_controller_spec.rb'
+    - 'spec/controllers/api/v0/statuses_controller_spec.rb'
+    - 'spec/controllers/api/v0/terms_and_conditions_controller_spec.rb'
+    - 'spec/controllers/api/v0/variants_controller_spec.rb'
+    - 'spec/controllers/base_controller_spec.rb'
+    - 'spec/controllers/cart_controller_spec.rb'
+    - 'spec/controllers/checkout_controller_spec.rb'
+    - 'spec/controllers/enterprises_controller_spec.rb'
+    - 'spec/controllers/groups_controller_spec.rb'
+    - 'spec/controllers/line_items_controller_spec.rb'
+    - 'spec/controllers/payment_gateways/paypal_controller_spec.rb'
+    - 'spec/controllers/payment_gateways/stripe_controller_spec.rb'
+    - 'spec/controllers/registration_controller_spec.rb'
+    - 'spec/controllers/shop_controller_spec.rb'
+    - 'spec/controllers/shops_controller_spec.rb'
+    - 'spec/controllers/spree/admin/adjustments_controller_spec.rb'
+    - 'spec/controllers/spree/admin/base_controller_spec.rb'
+    - 'spec/controllers/spree/admin/countries_controller_spec.rb'
+    - 'spec/controllers/spree/admin/general_settings_controller_spec.rb'
+    - 'spec/controllers/spree/admin/orders/customer_details_controller_spec.rb'
+    - 'spec/controllers/spree/admin/orders/invoices_spec.rb'
+    - 'spec/controllers/spree/admin/orders/payments/payments_controller_refunds_spec.rb'
+    - 'spec/controllers/spree/admin/orders/payments/payments_controller_spec.rb'
+    - 'spec/controllers/spree/admin/orders_controller_spec.rb'
+    - 'spec/controllers/spree/admin/overview_controller_spec.rb'
+    - 'spec/controllers/spree/admin/payment_methods_controller_spec.rb'
+    - 'spec/controllers/spree/admin/products_controller_spec.rb'
+    - 'spec/controllers/spree/admin/return_authorizations_controller_spec.rb'
+    - 'spec/controllers/spree/admin/search_controller_spec.rb'
+    - 'spec/controllers/spree/admin/shipping_categories_controller_spec.rb'
+    - 'spec/controllers/spree/admin/shipping_methods_controller_spec.rb'
+    - 'spec/controllers/spree/admin/tax_rates_controller_spec.rb'
+    - 'spec/controllers/spree/admin/tax_settings_controller_spec.rb'
+    - 'spec/controllers/spree/admin/variants_controller_spec.rb'
+    - 'spec/controllers/spree/api_keys_controller_spec.rb'
+    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
+    - 'spec/controllers/spree/orders_controller_spec.rb'
+    - 'spec/controllers/spree/user_sessions_controller_spec.rb'
+    - 'spec/controllers/spree/users_controller_spec.rb'
+    - 'spec/controllers/stripe/callbacks_controller_spec.rb'
+    - 'spec/controllers/stripe/webhooks_controller_spec.rb'
+    - 'spec/controllers/user_confirmations_controller_spec.rb'
+    - 'spec/controllers/user_passwords_controller_spec.rb'
+    - 'spec/controllers/user_registrations_controller_spec.rb'
+    - 'spec/controllers/webhook_endpoints_controller_spec.rb'
+    - 'spec/helpers/admin/enterprises_helper_spec.rb'
+    - 'spec/helpers/admin/orders_helper_spec.rb'
+    - 'spec/helpers/admin/reports_helper_spec.rb'
+    - 'spec/helpers/admin/subscriptions_helper_spec.rb'
+    - 'spec/helpers/application_helper_spec.rb'
+    - 'spec/helpers/checkout_helper_spec.rb'
+    - 'spec/helpers/i18n_helper_spec.rb'
+    - 'spec/helpers/injection_helper_spec.rb'
+    - 'spec/helpers/link_helper_spec.rb'
+    - 'spec/helpers/navigation_helper_spec.rb'
+    - 'spec/helpers/order_cycles_helper_spec.rb'
+    - 'spec/helpers/serializer_helper_spec.rb'
+    - 'spec/helpers/shop_helper_spec.rb'
+    - 'spec/helpers/spree/admin/base_helper_spec.rb'
+    - 'spec/helpers/spree/admin/general_settings_helper_spec.rb'
+    - 'spec/helpers/spree/admin/orders_helper_spec.rb'
+    - 'spec/helpers/spree/orders_helper_spec.rb'
+    - 'spec/helpers/tax_helper_spec.rb'
+    - 'spec/helpers/terms_and_conditions_helper_spec.rb'
+    - 'spec/jobs/connect_app_job_spec.rb'
+    - 'spec/mailers/producer_mailer_spec.rb'
+    - 'spec/mailers/subscription_mailer_spec.rb'
+    - 'spec/models/column_preference_spec.rb'
+    - 'spec/models/connected_app_spec.rb'
+    - 'spec/models/customer_spec.rb'
+    - 'spec/models/invoice_spec.rb'
+    - 'spec/models/oidc_account_spec.rb'
+    - 'spec/models/proxy_order_spec.rb'
+    - 'spec/models/report_blob_spec.rb'
+    - 'spec/models/semantic_link_spec.rb'
+    - 'spec/models/spree/gateway/stripe_sca_spec.rb'
+    - 'spec/models/subscription_spec.rb'
+    - 'spec/models/tag_rule/filter_order_cycles_spec.rb'
+    - 'spec/models/tag_rule/filter_payment_methods_spec.rb'
+    - 'spec/models/tag_rule/filter_products_spec.rb'
+    - 'spec/models/tag_rule/filter_shipping_methods_spec.rb'
+    - 'spec/models/tag_rule_spec.rb'
+    - 'spec/models/webhook_endpoint_spec.rb'
+    - 'spec/requests/admin/images_spec.rb'
+    - 'spec/requests/admin/product_import_spec.rb'
+    - 'spec/requests/admin/vouchers_spec.rb'
+    - 'spec/requests/api/orders_spec.rb'
+    - 'spec/requests/api/routes_spec.rb'
+    - 'spec/requests/api/v1/customers_spec.rb'
+    - 'spec/requests/api_docs_spec.rb'
+    - 'spec/requests/checkout/paypal_spec.rb'
+    - 'spec/requests/checkout/routes_spec.rb'
+    - 'spec/requests/checkout/stripe_sca_spec.rb'
+    - 'spec/requests/errors_spec.rb'
+    - 'spec/requests/home_controller_spec.rb'
+    - 'spec/requests/large_request_spec.rb'
+    - 'spec/requests/omniauth_callbacks_controller_spec.rb'
+    - 'spec/requests/spree/admin/overview_spec.rb'
+    - 'spec/requests/spree/admin/payments_spec.rb'
+    - 'spec/requests/voucher_adjustments_spec.rb'
+    - 'spec/routing/stripe_spec.rb'

 # Offense count: 22
 # Configuration parameters: IgnoreScopes, Include.
@@ -470,85 +601,7 @@ Rails/LexicallyScopedActionFilter:
    - 'app/controllers/spree/admin/zones_controller.rb'
    - 'app/controllers/spree/users_controller.rb'

-# Offense count: 6
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/NegateInclude:
-  Exclude:
-    - 'app/controllers/admin/resource_controller.rb'
-    - 'app/models/calculator/weight.rb'
-    - 'app/models/product_import/spreadsheet_entry.rb'
-    - 'app/services/order_cart_reset.rb'
-    - 'lib/spree/localized_number.rb'
-    - 'spec/support/matchers/table_matchers.rb'
-
-# Offense count: 32
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/Pluck:
-  Exclude:
-    - 'app/controllers/admin/variant_overrides_controller.rb'
-    - 'app/services/cart_service.rb'
-    - 'lib/reporting/report_headers_builder.rb'
-    - 'spec/controllers/admin/bulk_line_items_controller_spec.rb'
-    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
-    - 'spec/controllers/api/v0/order_cycles_controller_spec.rb'
-    - 'spec/controllers/api/v0/orders_controller_spec.rb'
-    - 'spec/controllers/api/v0/products_controller_spec.rb'
-    - 'spec/controllers/api/v0/shops_controller_spec.rb'
-    - 'spec/controllers/api/v0/states_controller_spec.rb'
-    - 'spec/controllers/api/v0/taxons_controller_spec.rb'
-    - 'spec/helpers/spree/admin/orders_helper_spec.rb'
-    - 'spec/lib/reports/lettuce_share_report_spec.rb'
-    - 'spec/lib/reports/users_and_enterprises_report_spec.rb'
-    - 'spec/serializers/api/admin/for_order_cycle/supplied_product_serializer_spec.rb'
-    - 'spec/support/api_helper.rb'
-
-# Offense count: 1
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: conservative, aggressive
-Rails/PluckInWhere:
-  Exclude:
-    - 'app/models/spree/variant.rb'
-
-# Offense count: 4
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: AllowedReceivers.
-# AllowedReceivers: ActionMailer::Preview, ActiveSupport::TimeZone
-Rails/RedundantActiveRecordAllMethod:
-  Exclude:
-    - 'app/models/spree/tax_rate.rb'
-    - 'app/models/spree/user.rb'
-    - 'app/models/spree/variant.rb'
-    - 'spec/system/admin/product_import_spec.rb'
-
-# Offense count: 20
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/RedundantPresenceValidationOnBelongsTo:
-  Exclude:
-    - 'app/models/enterprise_fee.rb'
-    - 'app/models/exchange.rb'
-    - 'app/models/inventory_item.rb'
-    - 'app/models/order_cycle.rb'
-    - 'app/models/spree/address.rb'
-    - 'app/models/spree/line_item.rb'
-    - 'app/models/spree/order.rb'
-    - 'app/models/spree/product_property.rb'
-    - 'app/models/spree/return_authorization.rb'
-    - 'app/models/spree/state.rb'
-    - 'app/models/spree/stock_item.rb'
-    - 'app/models/spree/stock_movement.rb'
-    - 'app/models/spree/tax_rate.rb'
-    - 'app/models/subscription_line_item.rb'
-    - 'app/models/tag_rule.rb'
-    - 'app/models/variant_override.rb'
-
-# Offense count: 1
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/RelativeDateConstant:
-  Exclude:
-    - 'lib/tasks/data/remove_transient_data.rb'
-
-# Offense count: 58
+# Offense count: 56
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: Include.
 # Include: spec/controllers/**/*.rb, spec/requests/**/*.rb, test/controllers/**/*.rb, test/integration/**/*.rb
@@ -568,26 +621,6 @@ Rails/ResponseParsedBody:
    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
    - 'spec/controllers/user_registrations_controller_spec.rb'

-# Offense count: 1
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/RootPathnameMethods:
-  Exclude:
-    - 'spec/lib/reports/orders_and_fulfillment/order_cycle_customer_totals_report_spec.rb'
-
-# Offense count: 1
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/SelectMap:
-  Exclude:
-    - 'app/models/enterprise.rb'
-
-# Offense count: 4
-# Configuration parameters: ForbiddenMethods, AllowedMethods.
-# ForbiddenMethods: decrement!, decrement_counter, increment!, increment_counter, insert, insert!, insert_all, insert_all!, toggle!, touch, touch_all, update_all, update_attribute, update_column, update_columns, update_counters, upsert, upsert_all
-Rails/SkipsModelValidations:
-  Exclude:
-    - 'app/models/variant_override.rb'
-    - 'spec/models/spree/line_item_spec.rb'
-
 # Offense count: 7
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
@@ -596,8 +629,8 @@ Rails/TimeZone:
  Exclude:
    - 'app/models/spree/gateway/pay_pal_express.rb'
    - 'spec/controllers/spree/credit_cards_controller_spec.rb'
-    - 'spec/services/orders/customer_cancellation_service_spec.rb'
    - 'spec/services/order_cycles/webhook_service_spec.rb'
+    - 'spec/services/orders/customer_cancellation_service_spec.rb'

 # Offense count: 1
 # Configuration parameters: TransactionMethods.
@@ -616,77 +649,12 @@ Rails/UniqueValidationWithoutIndex:
    - 'app/models/spree/tax_category.rb'
    - 'app/models/spree/zone.rb'

-# Offense count: 1
-# Configuration parameters: Severity, Environments.
-# Environments: development, test, production
-Rails/UnknownEnv:
-  Exclude:
-    - 'app/models/spree/app_configuration.rb'
-
-# Offense count: 7
-# Configuration parameters: Severity.
-Rails/UnusedRenderContent:
-  Exclude:
-    - 'app/controllers/admin/bulk_line_items_controller.rb'
-    - 'app/controllers/admin/tag_rules_controller.rb'
-    - 'app/controllers/api/v0/enterprise_fees_controller.rb'
-    - 'app/controllers/api/v0/products_controller.rb'
-    - 'app/controllers/api/v0/taxons_controller.rb'
-    - 'app/controllers/api/v0/variants_controller.rb'
-
-# Offense count: 54
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/WhereEquals:
-  Exclude:
-    - 'app/controllers/spree/admin/products_controller.rb'
-    - 'app/mailers/producer_mailer.rb'
-    - 'app/models/enterprise.rb'
-    - 'app/models/enterprise_fee.rb'
-    - 'app/models/enterprise_group.rb'
-    - 'app/models/enterprise_relationship.rb'
-    - 'app/models/exchange.rb'
-    - 'app/models/order_cycle.rb'
-    - 'app/models/product_import/entry_processor.rb'
-    - 'app/models/proxy_order.rb'
-    - 'app/models/schedule.rb'
-    - 'app/models/spree/line_item.rb'
-    - 'app/models/spree/order.rb'
-    - 'app/models/spree/payment_method.rb'
-    - 'app/models/spree/product.rb'
-    - 'app/models/spree/shipping_method.rb'
-    - 'app/models/spree/variant.rb'
-    - 'app/models/subscription.rb'
-    - 'app/serializers/api/enterprise_shopfront_serializer.rb'
-    - 'app/serializers/api/order_serializer.rb'
-    - 'lib/open_food_network/enterprise_fee_calculator.rb'
-    - 'lib/open_food_network/order_cycle_permissions.rb'
-    - 'lib/reporting/reports/products_and_inventory/base.rb'
-    - 'lib/tasks/data.rake'
-    - 'lib/tasks/data/anonymize_data.rake'
-    - 'lib/tasks/data/remove_transient_data.rb'
-    - 'spec/services/product_tag_rules_filterer_spec.rb'
-
-# Offense count: 8
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: exists, where
-Rails/WhereExists:
-  Exclude:
-    - 'app/controllers/spree/admin/overview_controller.rb'
-    - 'app/controllers/spree/admin/tax_rates_controller.rb'
-    - 'app/controllers/spree/user_sessions_controller.rb'
-    - 'app/models/spree/preferences/store.rb'
-    - 'lib/tasks/sample_data/customer_factory.rb'
-    - 'lib/tasks/sample_data/group_factory.rb'
-    - 'lib/tasks/sample_data/order_cycle_factory.rb'
-    - 'lib/tasks/sample_data/taxon_factory.rb'
-
 # Offense count: 1
 Security/Open:
  Exclude:
    - 'app/services/image_importer.rb'

-# Offense count: 9
+# Offense count: 7
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/ArrayIntersect:
  Exclude:
@@ -695,7 +663,6 @@ Style/ArrayIntersect:
    - 'app/models/tag_rule/filter_payment_methods.rb'
    - 'app/models/tag_rule/filter_products.rb'
    - 'app/models/tag_rule/filter_shipping_methods.rb'
-    - 'app/services/order_syncer.rb'
    - 'lib/open_food_network/tag_rule_applicator.rb'
    - 'spec/support/matchers/select2_matchers.rb'

@@ -706,7 +673,7 @@ Style/CaseEquality:
  Exclude:
    - 'spec/models/spree/payment_spec.rb'

-# Offense count: 25
+# Offense count: 23
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: nested, compact
@@ -733,7 +700,6 @@ Style/ClassAndModuleChildren:
    - 'app/serializers/api/taxon_serializer.rb'
    - 'app/serializers/api/variant_serializer.rb'
    - 'lib/open_food_network/locking.rb'
-    - 'spec/controllers/spree/admin/base_controller_spec.rb'
    - 'spec/models/spree/payment_method_spec.rb'

 # Offense count: 1
@@ -786,12 +752,6 @@ Style/HashEachMethods:
    - 'spec/models/product_importer_spec.rb'
    - 'spec/support/cancan_helper.rb'

-# Offense count: 1
-# Configuration parameters: MinBranchesCount.
-Style/HashLikeCase:
-  Exclude:
-    - 'app/models/enterprise.rb'
-
 # Offense count: 4
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/MapToHash:
@@ -880,19 +840,6 @@ Style/RedundantInitialize:
  Exclude:
    - 'spec/models/spree/gateway_spec.rb'

-# Offense count: 2
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/RedundantInterpolation:
-  Exclude:
-    - 'lib/tasks/karma.rake'
-    - 'spec/base_spec_helper.rb'
-
-# Offense count: 8
-# This cop supports safe autocorrection (--autocorrect).
-Style/RedundantLineContinuation:
-  Exclude:
-    - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
-
 # Offense count: 19
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: AllowedMethods, AllowedPatterns.
@@ -902,69 +849,10 @@ Style/ReturnNilInPredicateMethodDefinition:
    - 'app/serializers/api/admin/customer_serializer.rb'
    - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'

-# Offense count: 204
-Style/Send:
-  Exclude:
-    - 'spec/controllers/admin/subscriptions_controller_spec.rb'
-    - 'spec/controllers/payment_gateways/paypal_controller_spec.rb'
-    - 'spec/controllers/spree/admin/base_controller_spec.rb'
-    - 'spec/controllers/spree/orders_controller_spec.rb'
-    - 'spec/helpers/order_cycles_helper_spec.rb'
-    - 'spec/jobs/subscription_confirm_job_spec.rb'
-    - 'spec/jobs/subscription_placement_job_spec.rb'
-    - 'spec/lib/open_food_network/address_finder_spec.rb'
-    - 'spec/lib/open_food_network/enterprise_fee_applicator_spec.rb'
-    - 'spec/lib/open_food_network/enterprise_fee_calculator_spec.rb'
-    - 'spec/lib/open_food_network/order_cycle_form_applicator_spec.rb'
-    - 'spec/lib/open_food_network/permissions_spec.rb'
-    - 'spec/lib/open_food_network/tag_rule_applicator_spec.rb'
-    - 'spec/lib/reports/xero_invoices_report_spec.rb'
-    - 'spec/lib/stripe/webhook_handler_spec.rb'
-    - 'spec/models/calculator/weight_spec.rb'
-    - 'spec/models/enterprise_spec.rb'
-    - 'spec/models/exchange_spec.rb'
-    - 'spec/models/spree/order_inventory_spec.rb'
-    - 'spec/models/spree/payment_spec.rb'
-    - 'spec/models/spree/return_authorization_spec.rb'
-    - 'spec/models/tag_rule/filter_order_cycles_spec.rb'
-    - 'spec/models/tag_rule/filter_payment_methods_spec.rb'
-    - 'spec/models/tag_rule/filter_products_spec.rb'
-    - 'spec/models/tag_rule/filter_shipping_methods_spec.rb'
-    - 'spec/services/cart_service_spec.rb'
-    - 'spec/services/products_renderer_spec.rb'
-    - 'spec/services/variant_units/option_value_namer_spec.rb'
-    - 'spec/support/localized_number_helper.rb'
-
-# Offense count: 4
+# Offense count: 3
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
  Exclude:
    - 'app/helpers/spree/admin/navigation_helper.rb'
    - 'app/services/embedded_page_service.rb'
    - 'engines/order_management/app/services/order_management/subscriptions/validator.rb'
-    - 'lib/discourse/single_sign_on.rb'
-
-# Offense count: 25
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: Mode.
-Style/StringConcatenation:
-  Exclude:
-    - 'app/controllers/admin/stripe_connect_settings_controller.rb'
-    - 'app/helpers/discourse_helper.rb'
-    - 'app/helpers/enterprises_helper.rb'
-    - 'app/helpers/spree/admin/base_helper.rb'
-    - 'app/mailers/spree/user_mailer.rb'
-    - 'app/models/enterprise.rb'
-    - 'app/models/spree/credit_card.rb'
-    - 'app/models/spree/payment_method.rb'
-    - 'app/serializers/api/cached_enterprise_serializer.rb'
-    - 'app/serializers/api/enterprise_shopfront_list_serializer.rb'
-    - 'app/services/embedded_page_service.rb'
-    - 'app/services/products_renderer.rb'
-    - 'lib/spree/api/controller_setup.rb'
-    - 'lib/spree/core/environment_extension.rb'
-    - 'spec/models/spree/line_item_spec.rb'
-    - 'spec/models/spree/product_spec.rb'
-    - 'spec/services/embedded_page_service_spec.rb'
-    - 'spec/support/features/datepicker_helper.rb'
-    - 'spec/system/admin/products_spec.rb'
--- a/GETTING_STARTED.md
+++ b/GETTING_STARTED.md
@@ -29,7 +29,7 @@ Fetch the latest version of `master` from `upstream` (ie. the main repo):
 This project needs specific ruby/bundler versions as well as node/yarn specific versions. For a local setup you will need:

 * Install or change your Ruby version according to the one specified at [.ruby-version](https://github.com/openfoodfoundation/openfoodnetwork/blob/master/.ruby-version) file.
-    - To manage versions, it's recommended to use [rbenv](https://github.com/rbenv/rbenv).
+    - To manage versions, it's recommended to use [rbenv](https://github.com/rbenv/rbenv) or [RVM](https://rvm.io/).
 * Install [nodenv](https://github.com/nodenv/nodenv) to ensure the correct [.node-version](https://github.com/openfoodfoundation/openfoodnetwork/blob/master/.node-version) is used.
    - [nodevn](https://github.com/nodenv/nodenv) is recommended as a node version manager.
 * PostgreSQL database
--- a/10
+++ b/10
@@ -16,10 +16,8 @@ gem "image_processing"

 gem 'activemerchant', '>= 1.78.0'
 gem 'angular-rails-templates', '>= 0.3.0'
-gem 'awesome_nested_set'
 gem 'ransack', '~> 4.1.0'
 gem 'responders'
-gem 'rexml'
 gem 'webpacker', '~> 5'

 gem 'i18n'
@@ -103,8 +101,10 @@ gem 'redis'
 gem 'sidekiq'
 gem 'sidekiq-scheduler'

-gem "cable_ready", "5.0.1"
-gem "stimulus_reflex", "3.5.0.rc3"
+gem "cable_ready"
+gem "stimulus_reflex"
+
+gem "turbo-rails"

 gem 'combine_pdf'
 gem 'wicked_pdf'
@@ -164,7 +164,7 @@ group :test, :development do
  gem 'rspec-sql'
  gem 'rswag'
  gem 'shoulda-matchers'
-  gem 'stimulus_reflex_testing'
+  gem 'stimulus_reflex_testing', github: "podia/stimulus_reflex_testing", branch: :main
  gem 'timecop'
 end

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -17,6 +17,14 @@ GIT
      sass-rails
      thor (>= 0.14)

+GIT
+  remote: https://github.com/podia/stimulus_reflex_testing.git
+  revision: abac2ee34de347c589795b4d1a8e83e0baafb201
+  branch: main
+  specs:
+    stimulus_reflex_testing (0.3.1)
+      stimulus_reflex (>= 3.3.0)
+
 PATH
  remote: engines/catalog
  specs:
@@ -153,42 +161,41 @@ GEM
      activerecord (>= 3.1.0, < 8)
    ast (2.4.2)
    attr_required (1.0.2)
-    awesome_nested_set (3.6.0)
-      activerecord (>= 4.0.0, < 7.2)
    aws-eventstream (1.3.0)
-    aws-partitions (1.899.0)
-    aws-sdk-core (3.191.4)
+    aws-partitions (1.929.0)
+    aws-sdk-core (3.196.1)
      aws-eventstream (~> 1, >= 1.3.0)
      aws-partitions (~> 1, >= 1.651.0)
      aws-sigv4 (~> 1.8)
      jmespath (~> 1, >= 1.6.1)
-    aws-sdk-kms (1.78.0)
-      aws-sdk-core (~> 3, >= 3.191.0)
+    aws-sdk-kms (1.81.0)
+      aws-sdk-core (~> 3, >= 3.193.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.146.0)
-      aws-sdk-core (~> 3, >= 3.191.0)
+    aws-sdk-s3 (1.151.0)
+      aws-sdk-core (~> 3, >= 3.194.0)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.8)
    aws-sigv4 (1.8.0)
      aws-eventstream (~> 1, >= 1.0.2)
    base64 (0.2.0)
    bcp47_spec (0.2.1)
-    bcrypt (3.1.19)
+    bcrypt (3.1.20)
    bigdecimal (3.0.2)
    bindata (2.5.0)
    bindex (0.8.1)
    bootsnap (1.18.3)
      msgpack (~> 1.2)
-    bugsnag (6.26.3)
+    bugsnag (6.26.4)
      concurrent-ruby (~> 1.0)
    builder (3.2.4)
    bullet (7.1.6)
      activesupport (>= 3.0.0)
      uniform_notifier (~> 1.11)
-    cable_ready (5.0.1)
+    cable_ready (5.0.5)
      actionpack (>= 5.2)
      actionview (>= 5.2)
      activesupport (>= 5.2)
+      observer (~> 0.1)
      railties (>= 5.2)
      thread-local (>= 1.1.0)
    cancancan (1.15.0)
@@ -207,6 +214,7 @@ GEM
      nokogiri (~> 1.10, >= 1.10.4)
      rubyzip (>= 1.3.0, < 3)
    cgi (0.3.6)
+    childprocess (5.0.0)
    choice (0.2.0)
    chronic (0.10.2)
    coderay (1.1.3)
@@ -220,14 +228,15 @@ GEM
    combine_pdf (1.0.26)
      matrix
      ruby-rc4 (>= 0.1.5)
-    concurrent-ruby (1.2.3)
+    concurrent-ruby (1.3.1)
    connection_pool (2.4.1)
    crack (1.0.0)
      bigdecimal
      rexml
    crass (1.0.6)
-    css_parser (1.16.0)
+    css_parser (1.17.1)
      addressable
+    csv (3.3.0)
    cuprite (0.15)
      capybara (~> 3.0)
      ferrum (~> 0.14.0)
@@ -237,14 +246,14 @@ GEM
      activerecord (>= 5.a)
      database_cleaner-core (~> 2.0.0)
    database_cleaner-core (2.0.1)
-    datafoodconsortium-connector (1.0.0.pre.alpha.10)
+    datafoodconsortium-connector (1.0.0.pre.alpha.12)
      virtual_assembly-semantizer (~> 1.0, >= 1.0.5)
    date (3.3.4)
-    debug (1.9.1)
+    debug (1.9.2)
      irb (~> 1.10)
      reline (>= 0.3.8)
    debugger-linecache (1.2.0)
-    devise (4.9.3)
+    devise (4.9.4)
      bcrypt (~> 3.0)
      orm_adapter (~> 0.1)
      railties (>= 4.1.0)
@@ -252,14 +261,14 @@ GEM
      warden (~> 1.2.3)
    devise-encryptable (0.2.0)
      devise (>= 2.1.0)
-    devise-i18n (1.12.0)
+    devise-i18n (1.12.1)
      devise (>= 4.9.0)
    devise-token_authenticatable (1.1.0)
      devise (>= 4.0.0, < 5.0.0)
    diff-lcs (1.5.1)
    digest (3.1.1)
    docile (1.4.0)
-    dotenv (3.1.0)
+    dotenv (3.1.2)
    email_validator (2.2.4)
      activemodel
    erubi (1.12.0)
@@ -285,16 +294,17 @@ GEM
      websocket-driver (>= 0.6, < 0.8)
    ffaker (2.23.0)
    ffi (1.16.3)
-    flipper (0.26.2)
+    flipper (1.3.0)
      concurrent-ruby (< 2)
-    flipper-active_record (0.26.2)
+    flipper-active_record (1.3.0)
      activerecord (>= 4.2, < 8)
-      flipper (~> 0.26.2)
-    flipper-ui (0.26.2)
+      flipper (~> 1.3.0)
+    flipper-ui (1.3.0)
      erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 0.26.2)
-      rack (>= 1.4, < 3)
-      rack-protection (>= 1.5.3, <= 4.0.0)
+      flipper (~> 1.3.0)
+      rack (>= 1.4, < 4)
+      rack-protection (>= 1.5.3, < 5.0.0)
+      rack-session (>= 1.0.2, < 3.0.0)
      sanitize (< 7)
    fog-aws (2.0.1)
      fog-core (~> 1.38)
@@ -311,7 +321,7 @@ GEM
    fog-xml (0.1.3)
      fog-core
      nokogiri (>= 1.5.11, < 2.0.0)
-    foreman (0.87.2)
+    foreman (0.88.1)
    formatador (0.2.5)
    fugit (1.8.1)
      et-orbi (~> 1, >= 1.2.7)
@@ -319,7 +329,9 @@ GEM
    fuubar (2.5.1)
      rspec-core (~> 3.0)
      ruby-progressbar (~> 1.4)
-    geocoder (1.8.2)
+    geocoder (1.8.3)
+      base64 (>= 0.1.0)
+      csv (>= 3.0.0)
    globalid (1.2.1)
      activesupport (>= 6.1)
    gmaps4rails (2.1.2)
@@ -335,7 +347,7 @@ GEM
    hashie (5.0.0)
    highline (2.0.3)
    htmlentities (4.3.4)
-    i18n (1.14.4)
+    i18n (1.14.5)
      concurrent-ruby (~> 1.0)
    i18n-js (3.9.2)
      i18n (>= 0.6.6)
@@ -344,13 +356,13 @@ GEM
      ruby-vips (>= 2.0.17, < 3)
    immigrant (0.3.6)
      activerecord (>= 3.0)
-    invisible_captcha (2.2.0)
+    invisible_captcha (2.3.0)
      rails (>= 5.2)
-    io-console (0.7.1)
+    io-console (0.7.2)
    ipaddress (0.8.3)
-    irb (1.11.0)
+    irb (1.12.0)
      rdoc
-      reline (>= 0.3.8)
+      reline (>= 0.4.2)
    jmespath (1.6.2)
    jquery-rails (4.4.0)
      rails-dom-testing (>= 1, < 3)
@@ -358,7 +370,7 @@ GEM
      thor (>= 0.14, < 2.0)
    jquery-ui-rails (4.2.1)
      railties (>= 3.2.16)
-    json (2.7.1)
+    json (2.7.2)
    json-canonicalization (1.0.0)
    json-jwt (1.16.6)
      activesupport (>= 4.2)
@@ -383,13 +395,14 @@ GEM
      activesupport (>= 4.2)
    jwt (2.8.1)
      base64
-    knapsack_pro (6.0.4)
+    knapsack_pro (7.4.0)
      rake
    language_server-protocol (3.17.0.3)
-    launchy (2.5.2)
+    launchy (3.0.0)
      addressable (~> 2.8)
-    letter_opener (1.9.0)
-      launchy (>= 2.2, < 3)
+      childprocess (~> 5.0)
+    letter_opener (1.10.0)
+      launchy (>= 2.2, < 4)
    link_header (0.0.8)
    listen (3.9.0)
      rb-fsevent (~> 0.10, >= 0.10.3)
@@ -402,9 +415,9 @@ GEM
      net-imap
      net-pop
      net-smtp
-    marcel (1.0.2)
+    marcel (1.0.4)
    matrix (0.4.2)
-    method_source (1.0.0)
+    method_source (1.1.0)
    mime-types (3.5.2)
      mime-types-data (~> 3.2015)
    mime-types-data (3.2023.1205)
@@ -413,8 +426,8 @@ GEM
      rake
    mini_magick (4.11.0)
    mini_mime (1.1.5)
-    mini_portile2 (2.8.5)
-    minitest (5.22.3)
+    mini_portile2 (2.8.6)
+    minitest (5.23.1)
    monetize (1.13.0)
      money (~> 6.12)
    money (6.16.0)
@@ -431,24 +444,27 @@ GEM
      net-protocol
    net-protocol (0.2.2)
      timeout
-    net-smtp (0.4.0.1)
+    net-smtp (0.5.0)
      net-protocol
-    newrelic_rpm (9.7.1)
-    nio4r (2.7.0)
-    nokogiri (1.16.3)
+    newrelic_rpm (9.9.0)
+    nio4r (2.7.1)
+    nokogiri (1.16.5)
      mini_portile2 (~> 2.8.2)
      racc (~> 1.4)
+    nokogiri-html5-inference (0.3.0)
+      nokogiri (~> 1.14)
    oauth2 (1.4.11)
      faraday (>= 0.17.3, < 3.0)
      jwt (>= 1.0, < 3.0)
      multi_json (~> 1.3)
      multi_xml (~> 0.5)
      rack (>= 1.2, < 4)
+    observer (0.1.2)
    omniauth (2.1.2)
      hashie (>= 3.4.6)
      rack (>= 2.2.3)
      rack-protection
-    omniauth-rails_csrf_protection (1.0.1)
+    omniauth-rails_csrf_protection (1.0.2)
      actionpack (>= 4.2)
      omniauth (~> 2.0)
    omniauth_openid_connect (0.7.1)
@@ -476,7 +492,7 @@ GEM
    parallel (1.24.0)
    paranoia (2.6.3)
      activerecord (>= 5.1, < 7.2)
-    parser (3.3.0.5)
+    parser (3.3.2.0)
      ast (~> 2.4.1)
      racc
    paypal-sdk-core (0.3.4)
@@ -497,15 +513,15 @@ GEM
      method_source (~> 1.0)
    psych (5.1.2)
      stringio
-    public_suffix (5.0.4)
+    public_suffix (5.0.5)
    puma (6.4.2)
      nio4r (~> 2.0)
    query_count (1.1.1)
      activerecord (>= 4.2)
      railties (>= 4.2)
    raabro (1.4.0)
-    racc (1.7.3)
-    rack (2.2.8.1)
+    racc (1.8.0)
+    rack (2.2.9)
    rack-mini-profiler (2.3.4)
      rack (>= 1.2.0)
    rack-oauth2 (2.2.1)
@@ -521,9 +537,11 @@ GEM
    rack-proxy (0.7.6)
      rack
    rack-rewrite (1.5.1)
+    rack-session (1.0.2)
+      rack (< 3)
    rack-test (2.1.0)
      rack (>= 1.3)
-    rack-timeout (0.6.3)
+    rack-timeout (0.7.0)
    rails (7.0.8)
      actioncable (= 7.0.8)
      actionmailbox (= 7.0.8)
@@ -566,7 +584,7 @@ GEM
      thor (~> 1.0)
      zeitwerk (~> 2.5)
    rainbow (3.1.1)
-    rake (13.1.0)
+    rake (13.2.1)
    ransack (4.1.1)
      activerecord (>= 6.1.5)
      activesupport (>= 6.1.5)
@@ -577,26 +595,27 @@ GEM
    rdf (3.3.1)
      bcp47_spec (~> 0.2)
      link_header (~> 0.0, >= 0.0.8)
-    rdoc (6.6.2)
+    rdoc (6.6.3.1)
      psych (>= 4.0.0)
    redcarpet (3.6.0)
-    redis (5.1.0)
-      redis-client (>= 0.17.0)
-    redis-client (0.20.0)
+    redis (5.2.0)
+      redis-client (>= 0.22.0)
+    redis-client (0.22.1)
      connection_pool
-    regexp_parser (2.9.0)
-    reline (0.4.1)
+    regexp_parser (2.9.2)
+    reline (0.5.0)
      io-console (~> 0.5)
    request_store (1.5.1)
      rack (>= 1.4)
    responders (3.1.1)
      actionpack (>= 5.2)
      railties (>= 5.2)
-    rexml (3.2.6)
-    roadie (5.2.0)
+    rexml (3.2.8)
+      strscan (>= 3.0.9)
+    roadie (5.2.1)
      css_parser (~> 1.4)
      nokogiri (~> 1.15)
-    roadie-rails (3.1.0)
+    roadie-rails (3.2.0)
      railties (>= 5.1, < 8.0)
      roadie (~> 5.0)
    rodf (1.2.0)
@@ -627,7 +646,7 @@ GEM
      rspec-support (~> 3.13)
    rspec-retry (0.6.2)
      rspec-core (> 3.3)
-    rspec-sql (0.0.1)
+    rspec-sql (0.0.2)
      activesupport
      rspec
    rspec-support (3.13.1)
@@ -646,7 +665,7 @@ GEM
    rswag-ui (2.13.0)
      actionpack (>= 3.1, < 7.2)
      railties (>= 3.1, < 7.2)
-    rubocop (1.62.1)
+    rubocop (1.64.1)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
@@ -657,21 +676,24 @@ GEM
      rubocop-ast (>= 1.31.1, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.31.2)
-      parser (>= 3.3.0.4)
+    rubocop-ast (1.31.3)
+      parser (>= 3.3.1.0)
    rubocop-capybara (2.20.0)
      rubocop (~> 1.41)
    rubocop-factory_bot (2.25.1)
      rubocop (~> 1.41)
-    rubocop-rails (2.24.0)
+    rubocop-rails (2.24.1)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
      rubocop (>= 1.33.0, < 2.0)
      rubocop-ast (>= 1.31.1, < 2.0)
-    rubocop-rspec (2.27.1)
+    rubocop-rspec (2.29.2)
      rubocop (~> 1.40)
      rubocop-capybara (~> 2.17)
      rubocop-factory_bot (~> 2.22)
+      rubocop-rspec_rails (~> 2.28)
+    rubocop-rspec_rails (2.28.3)
+      rubocop (~> 1.40)
    ruby-graphviz (1.2.5)
      rexml
    ruby-progressbar (1.13.0)
@@ -681,7 +703,7 @@ GEM
    rubyzip (2.3.2)
    rufus-scheduler (3.8.2)
      fugit (~> 1.1, >= 1.1.6)
-    sanitize (6.0.2)
+    sanitize (6.1.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
    sass (3.4.25)
@@ -695,7 +717,7 @@ GEM
    semantic_range (3.0.0)
    shoulda-matchers (6.2.0)
      activesupport (>= 5.2.0)
-    sidekiq (7.2.2)
+    sidekiq (7.2.4)
      concurrent-ruby (< 2)
      connection_pool (>= 2.3.0)
      rack (>= 2.2.4)
@@ -713,7 +735,7 @@ GEM
    spreadsheet_architect (5.0.0)
      caxlsx (>= 3.3.0, < 4)
      rodf (>= 1.0.0, < 2)
-    spring (4.1.3)
+    spring (4.2.1)
    spring-commands-rspec (1.0.4)
      spring (>= 0.9.1)
    spring-commands-rubocop (0.4.0)
@@ -732,21 +754,21 @@ GEM
    state_machines-activerecord (0.9.0)
      activerecord (>= 6.0)
      state_machines-activemodel (>= 0.9.0)
-    stimulus_reflex (3.5.0.rc3)
+    stimulus_reflex (3.5.1)
      actioncable (>= 5.2, < 8)
      actionpack (>= 5.2, < 8)
      actionview (>= 5.2, < 8)
      activesupport (>= 5.2, < 8)
      cable_ready (~> 5.0)
      nokogiri (~> 1.0)
+      nokogiri-html5-inference (~> 0.3)
      rack (>= 2, < 4)
      railties (>= 5.2, < 8)
      redis (>= 4.0, < 6.0)
-    stimulus_reflex_testing (0.3.0)
-      stimulus_reflex (>= 3.3.0)
    stringex (2.8.6)
    stringio (3.1.0)
-    stripe (10.12.0)
+    stripe (11.1.0)
+    strscan (3.1.0)
    swd (2.0.3)
      activesupport (>= 3)
      attr_required (>= 0.0.5)
@@ -759,12 +781,16 @@ GEM
    timecop (0.9.8)
    timeout (0.4.1)
    ttfunk (1.7.0)
+    turbo-rails (2.0.5)
+      actionpack (>= 6.0.0)
+      activejob (>= 6.0.0)
+      railties (>= 6.0.0)
    tzinfo (2.0.6)
      concurrent-ruby (~> 1.0)
    unicode-display_width (2.5.0)
    uniform_notifier (1.16.0)
    uri (0.13.0)
-    valid_email2 (5.2.1)
+    valid_email2 (5.2.3)
      activemodel (>= 3.2)
      mail (~> 2.5)
    validate_url (1.0.15)
@@ -773,7 +799,7 @@ GEM
    validates_lengths_from_database (0.8.0)
      activerecord (>= 4)
    vcr (6.2.0)
-    view_component (3.11.0)
+    view_component (3.12.1)
      activesupport (>= 5.2.0, < 8.0)
      concurrent-ruby (~> 1.0)
      method_source (~> 1.0)
@@ -781,7 +807,7 @@ GEM
      rails (>= 5.2, < 8.0)
      stimulus_reflex (>= 3.5.0.pre2)
      view_component (>= 2.28.0)
-    virtual_assembly-semantizer (1.0.5)
+    virtual_assembly-semantizer (1.1.1)
      json-ld (~> 3.2, >= 3.2.3)
    warden (1.2.9)
      rack (>= 2.0.9)
@@ -794,7 +820,7 @@ GEM
      activesupport
      faraday (~> 2.0)
      faraday-follow_redirects
-    webmock (3.23.0)
+    webmock (3.23.1)
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
@@ -811,11 +837,11 @@ GEM
      chronic (>= 0.6.3)
    wicked_pdf (2.6.3)
      activesupport
-    wkhtmltopdf-binary (0.12.6.6)
+    wkhtmltopdf-binary (0.12.6.7)
    xml-simple (1.1.8)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.6.13)
+    zeitwerk (2.6.15)

 PLATFORMS
  ruby
@@ -835,13 +861,12 @@ DEPENDENCIES
  angularjs-file-upload-rails (~> 2.4.1)
  angularjs-rails (= 1.8.0)
  arel-helpers (~> 2.12)
-  awesome_nested_set
  aws-sdk-s3
  bigdecimal (= 3.0.2)
  bootsnap
  bugsnag
  bullet
-  cable_ready (= 5.0.1)
+  cable_ready
  cancancan (~> 1.15.0)
  capybara
  catalog!
@@ -920,7 +945,6 @@ DEPENDENCIES
  redcarpet
  redis
  responders
-  rexml
  roadie-rails
  roo
  rspec-rails (>= 3.5.2)
@@ -943,11 +967,12 @@ DEPENDENCIES
  spring-commands-rspec
  spring-commands-rubocop
  state_machines-activerecord
-  stimulus_reflex (= 3.5.0.rc3)
-  stimulus_reflex_testing
+  stimulus_reflex
+  stimulus_reflex_testing!
  stringex (~> 2.8.5)
  stripe
  timecop
+  turbo-rails
  valid_email2
  validates_lengths_from_database
  vcr
--- a/app/assets/javascripts/admin/all.js
+++ b/app/assets/javascripts/admin/all.js
@@ -10,7 +10,6 @@
 //= require jquery.ui.all
 //= require jquery.powertip
 //= require jquery.cookie
-//= require jquery.jstree/jquery.jstree
 //= require jquery.vAlign
 //= require angular
 //= require angular-resource
--- a/app/assets/javascripts/admin/bulk_product_update.js.coffee
+++ b/app/assets/javascripts/admin/bulk_product_update.js.coffee
@@ -47,8 +47,8 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
    removeClearedValues()
    params = {
      'q[name_cont]': $scope.q.query,
-      'q[supplier_id_eq]': $scope.q.producerFilter,
-      'q[primary_taxon_id_eq]': $scope.q.categoryFilter,
+      'q[variants_supplier_id_eq]': $scope.q.producerFilter,
+      'q[variants_primary_taxon_id_eq]': $scope.q.categoryFilter,
      'q[s]': $scope.sorting,
      import_date: $scope.q.importDateFilter,
      page: $scope.page,
@@ -126,8 +126,11 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
    DisplayProperties.setShowVariants 0, showVariants

  $scope.addVariant = (product) ->
+    # Set new variant category to same as last product variant category to keep compactibility with deleted variant callback to set new variant category
+    newVariantId = $scope.nextVariantId();
+    newVariantCategoryId = product.variants[product.variants.length - 1]?.category_id
    product.variants.push
-      id: $scope.nextVariantId()
+      id: newVariantId
      unit_value: null
      unit_description: null
      on_demand: false
@@ -136,7 +139,9 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
      on_hand: null
      price: null
      tax_category_id: null
+      category_id: newVariantCategoryId
    DisplayProperties.setShowVariants product.id, true
+    DirtyProducts.addVariantProperty(product.id, newVariantId, 'category_id', newVariantCategoryId)


  $scope.nextVariantId = ->
@@ -216,8 +221,8 @@ angular.module("ofn.admin").controller "AdminProductEditCtrl", ($scope, $timeout
        products: productsToSubmit
        filters:
          'q[name_cont]': $scope.q.query
-          'q[supplier_id_eq]': $scope.q.producerFilter
-          'q[primary_taxon_id_eq]': $scope.q.categoryFilter
+          'q[variants_supplier_id_eq]': $scope.q.producerFilter
+          'q[variants_primary_taxon_id_eq]': $scope.q.categoryFilter
          'q[s]': $scope.sorting
          import_date: $scope.q.importDateFilter
        page: $scope.page
@@ -313,9 +318,6 @@ filterSubmitProducts = (productsToFilter) ->
        if product.hasOwnProperty("name")
          filteredProduct.name = product.name
          hasUpdatableProperty = true
-        if product.hasOwnProperty("producer_id")
-          filteredProduct.supplier_id = product.producer_id
-          hasUpdatableProperty = true
        if product.hasOwnProperty("price")
          filteredProduct.price = product.price
          hasUpdatableProperty = true
@@ -332,9 +334,6 @@ filterSubmitProducts = (productsToFilter) ->
        if product.hasOwnProperty("on_demand") and filteredVariants.length == 0 #only update if no variants present
          filteredProduct.on_demand = product.on_demand
          hasUpdatableProperty = true
-        if product.hasOwnProperty("category_id")
-          filteredProduct.primary_taxon_id = product.category_id
-          hasUpdatableProperty = true
        if product.hasOwnProperty("inherits_properties")
          filteredProduct.inherits_properties = product.inherits_properties
          hasUpdatableProperty = true
@@ -375,9 +374,15 @@ filterSubmitVariant = (variant) ->
    if variant.hasOwnProperty("tax_category_id")
      filteredVariant.tax_category_id = variant.tax_category_id
      hasUpdatableProperty = true
+    if variant.hasOwnProperty("category_id")
+      filteredVariant.primary_taxon_id = variant.category_id
+      hasUpdatableProperty = true
    if variant.hasOwnProperty("display_as")
      filteredVariant.display_as = variant.display_as
      hasUpdatableProperty = true
+    if variant.hasOwnProperty("producer_id")
+      filteredVariant.supplier_id = variant.producer_id
+      hasUpdatableProperty = true
  {filteredVariant: filteredVariant, hasUpdatableProperty: hasUpdatableProperty}


--- a/app/assets/javascripts/admin/index_utils/filters/attr_filter.js.coffee
+++ b/app/assets/javascripts/admin/index_utils/filters/attr_filter.js.coffee
@@ -1,12 +1,16 @@
 # Used like a regular angular filter where an object is passed
 # Adds the additional special case that a value of 0 for the filter
 # acts as a bypass for that particular attribute
+
+# NOTE the name doesn't reflect what the filter does, it only fiters on the variant.producer_id
 angular.module("admin.indexUtils").filter "attrFilter", ($filter) ->
  return (objects, filters) ->
-    Object.keys(filters).reduce (filtered, attr) ->
-      filter = filters[attr]
-      return filtered if !filter? || filter == 0
-      return $filter('filter')(filtered, (object) ->
-        object[attr] == filter
-      )
-    , objects
+    filter = filters["producer_id"]
+
+    return objects if !filter? || filter == 0
+
+    return $filter('filter')(objects, (product) ->
+      for variant in product.variants
+        return true if variant["producer_id"] == filter
+      false
+    , true)
--- a/app/assets/javascripts/admin/index_utils/services/columns.js.coffee
+++ b/app/assets/javascripts/admin/index_utils/services/columns.js.coffee
@@ -31,7 +31,7 @@ angular.module("admin.indexUtils").factory 'Columns', ($rootScope, $http, $injec
    savePreferences: (action_name) =>
      $http
        method: "PUT"
-        url: "/admin/column_preferences/bulk_update"
+        url: "/admin/column_preferences/bulk_update.json"
        data:
          action_name: action_name
          column_preferences: (preference for column_name, preference of @columns)
--- a/app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee
+++ b/app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee
@@ -27,7 +27,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
    "order_bill_address_full_name_reversed",
    "order_bill_address_full_name_with_comma",
    "order_bill_address_full_name_with_comma_reversed",
-    "variant_product_supplier_name",
+    "variant_supplier_name",
    "order_email",
    "order_number",
    "product_name"].join("_or_") + "_cont"
@@ -81,7 +81,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
      "q[order_shipment_state_not_eq]": "shipped",
      "q[order_completed_at_not_null]": "true",
      "q[order_distributor_id_eq]": $scope.distributorFilter,
-      "q[variant_product_supplier_id_eq]": $scope.supplierFilter,
+      "q[variant_supplier_id_eq]": $scope.supplierFilter,
      "q[order_order_cycle_id_eq]": $scope.orderCycleFilter,
      "q[order_completed_at_gteq]": if formattedStartDate then formattedStartDate else undefined,
      "q[order_completed_at_lt]": if formattedEndDate then formattedEndDate else undefined,
@@ -105,7 +105,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
      Dereferencer.dereferenceAttr $scope.line_items, "supplier", Enterprises.byID
      $scope.loadOrders()
      RequestMonitor.load $q.all([$scope.orders.$promise]).then ->
-        Dereferencer.dereferenceAttr $scope.line_items, "order", Orders.byID  
+        Dereferencer.dereferenceAttr $scope.line_items, "order", Orders.byID
        Dereferencer.dereferenceAttr $scope.orders, "distributor", Enterprises.byID
        Dereferencer.dereferenceAttr $scope.orders, "order_cycle", OrderCycles.byID
        $scope.bulk_order_form.$setPristine()
@@ -133,7 +133,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
    return $http(
      method: 'GET'
      url: "/admin/orders/#{order.number}/fire?e=cancel&send_cancellation_email=#{sendEmailCancellation}&restock_items=#{restock_items}")
-  
+
  $scope.deleteLineItem = (lineItem) ->
    if lineItem.order.item_count == 1
      ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) ->
@@ -167,7 +167,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
              $scope.cancelOrder(order, sendEmailCancellation, restock_items).then(-> $scope.refreshData())
            else
              Promise.all(LineItems.delete(item) for item in items).then(-> $scope.refreshData())
-      , "js.admin.deleting_item_will_cancel_order")   
+      , "js.admin.deleting_item_will_cancel_order")
    else
      ofnDeleteLineItemsAlert(() ->
        Promise.all(LineItems.delete(item) for item in lineItemsToDelete).then(-> $scope.refreshData())
@@ -199,7 +199,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
    $scope.refreshData()

  $scope.getLineItemScale = (lineItem) ->
-    if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume") 
+    if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume")
      lineItem.units_product.variant_unit_scale
    else
      1
@@ -252,7 +252,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
    scale = $scope.getScale(unitsProduct, unitsVariant)
    if scale
      $scope.getFormattedValueWithUnitName(value, unitsProduct, unitsVariant, scale)
-    else 
+    else
      ''

  $scope.fulfilled = (sumOfUnitValues) ->
--- a/app/assets/javascripts/admin/order_cycles/controllers/edit.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/controllers/edit.js.coffee
@@ -3,6 +3,7 @@ angular.module('admin.orderCycles')
    $controller('AdminOrderCycleBasicCtrl', {$scope: $scope, ocInstance: ocInstance})

    order_cycle_id = $location.absUrl().match(/\/admin\/order_cycles\/(\d+)/)[1]
+    $scope.order_cycle_id = order_cycle_id
    $scope.order_cycle = OrderCycle.load(order_cycle_id)
    $scope.enterprises = Enterprise.index(order_cycle_id: order_cycle_id)
    $scope.enterprise_fees = EnterpriseFee.index(order_cycle_id: order_cycle_id)
@@ -18,6 +19,8 @@ angular.module('admin.orderCycles')

    $scope.submit = ($event, destination) ->
      $event.preventDefault()
+      $scope.order_cycle?.trigger_action = $($event.target).data('trigger-action');
+      $scope.order_cycle?.confirm = $($event.target).data('confirm');
      StatusMessage.display 'progress', t('js.saving')
      OrderCycle.update(destination, $scope.order_cycle_form)

@@ -25,4 +28,4 @@ angular.module('admin.orderCycles')
      if $scope.order_cycle_form?.$dirty
        t('admin.unsaved_confirm_leave')

-    NavigationCheck.register(warnAboutUnsavedChanges)
+    NavigationCheck.register(warnAboutUnsavedChanges)
--- a/app/assets/javascripts/admin/order_cycles/controllers/incoming_controller.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/controllers/incoming_controller.js.coffee
@@ -1,8 +1,9 @@
-angular.module('admin.orderCycles').controller 'AdminOrderCycleIncomingCtrl', ($scope, $rootScope, $controller, $location, Enterprise, OrderCycle, ExchangeProduct, ocInstance) ->
+angular.module('admin.orderCycles').controller 'AdminOrderCycleIncomingCtrl', ($scope, $rootScope, $controller, $location, Enterprise, EnterpriseFee, OrderCycle, ExchangeProduct, ocInstance) ->
  $controller('AdminOrderCycleExchangesCtrl', {$scope: $scope, ocInstance: ocInstance, $location: $location})

  $scope.view = 'incoming'
-
+  # NB: weirdly at this next line $scope.order_cycle.id comes out undefined so we use $scope.order_cycle_id instead
+  $scope.enterprise_fees = EnterpriseFee.index(order_cycle_id: $scope.order_cycle_id, per_item: true)
  $scope.exchangeTotalVariants = (exchange) ->
    return unless $scope.enterprises? && $scope.enterprises[exchange.enterprise_id]?

--- a/app/assets/javascripts/admin/order_cycles/controllers/simple_edit.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/controllers/simple_edit.js.coffee
@@ -22,6 +22,8 @@ angular.module('admin.orderCycles').controller "AdminSimpleEditOrderCycleCtrl",

  $scope.submit = ($event, destination) ->
    $event.preventDefault()
+    $scope.order_cycle?.trigger_action = $($event.target).data('trigger-action');
+    $scope.order_cycle?.confirm = $($event.target).data('confirm');
    StatusMessage.display 'progress', t('js.saving')
    OrderCycle.mirrorIncomingToOutgoingProducts()
    OrderCycle.update(destination, $scope.order_cycle_form) if OrderCycle.confirmNoDistributors()
--- a/app/assets/javascripts/admin/order_cycles/services/enterprise_fee.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/services/enterprise_fee.js.coffee
@@ -6,6 +6,8 @@ angular.module('admin.orderCycles').factory('EnterpriseFee', ($resource) ->
      params:
        order_cycle_id: '@order_cycle_id'
        coordinator_id: '@coordinator_id'
+        per_item: '@per_item'
+        per_order: '@per_order'
  })

  {
--- a/app/assets/javascripts/admin/order_cycles/services/order_cycle.js.coffee
+++ b/app/assets/javascripts/admin/order_cycles/services/order_cycle.js.coffee
@@ -161,7 +161,11 @@ angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, $
          StatusMessage.display('failure', t('js.order_cycles.create_failure'))

    update: (destination, form) ->
-      oc = new OrderCycleResource({order_cycle: this.dataForSubmit()})
+      oc = new OrderCycleResource({
+          order_cycle: this.dataForSubmit(),
+          confirm: this.order_cycle.confirm,
+          trigger_action: this.order_cycle.trigger_action
+        })
      oc.$update {order_cycle_id: this.order_cycle.id, reloading: (if destination? then 1 else 0)}, (data) =>
        form.$setPristine() if form
        if destination?
@@ -171,6 +175,8 @@ angular.module('admin.orderCycles').factory 'OrderCycle', ($resource, $window, $
      , (response) ->
        if response.data.errors?
          StatusMessage.display('failure', response.data.errors[0])
+        else if (response.data.trigger_action)
+          StatusMessage.display('notice', t('js.order_cycles.unsaved_changes'), response.data.trigger_action)
        else
          StatusMessage.display('failure', t('js.order_cycles.update_failure'))

--- a/app/assets/javascripts/admin/products/controllers/units_controller.js.coffee
+++ b/app/assets/javascripts/admin/products/controllers/units_controller.js.coffee
@@ -1,3 +1,4 @@
+# Controller for "New Products" form (spree/admin/products/new)
 angular.module("admin.products")
  .controller "unitsCtrl", ($scope, VariantUnitManager, OptionValueNamer, UnitPrices, PriceParser) ->
    $scope.product = { master: {} }
@@ -12,13 +13,15 @@ angular.module("admin.products")

    $scope.variant_unit_options = VariantUnitManager.variantUnitOptions()

+    # Extract variant_unit and variant_unit_scale from dropdown variant_unit_with_scale,
+    # and update hidden product fields
    $scope.processVariantUnitWithScale = ->
      if $scope.product.variant_unit_with_scale
-        match = $scope.product.variant_unit_with_scale.match(/^([^_]+)_([\d\.]+)$/)
+        match = $scope.product.variant_unit_with_scale.match(/^([^_]+)_([\d\.]+)$/) # matches string like "weight_1000"
        if match
          $scope.product.variant_unit = match[1]
          $scope.product.variant_unit_scale = parseFloat(match[2])
-        else
+        else # "items"
          $scope.product.variant_unit = $scope.product.variant_unit_with_scale
          $scope.product.variant_unit_scale = null
      else if $scope.product.variant_unit
@@ -32,6 +35,8 @@ angular.module("admin.products")
      else
        $scope.product.variant_unit = $scope.product.variant_unit_scale = null

+    # Extract unit_value and unit_description from text field unit_value_with_description,
+    # and update hidden variant fields
    $scope.processUnitValueWithDescription = ->
      if $scope.product.master.hasOwnProperty("unit_value_with_description")
        match = $scope.product.master.unit_value_with_description.match(/^([\d\.,]+(?= *|$)|)( *)(.*)$/)
@@ -45,6 +50,7 @@ angular.module("admin.products")
        value = window.bigDecimal.divide(value, $scope.product.variant_unit_scale, 2) if $scope.product.master.unit_value && $scope.product.variant_unit_scale
        $scope.product.master.unit_value_with_description = value + " " + $scope.product.master.unit_description

+    # Calculate unit price based on product price and variant_unit_scale
    $scope.processUnitPrice = ->
      price = $scope.product.price
      scale = $scope.product.variant_unit_scale
--- a/app/assets/javascripts/admin/products/services/option_value_namer.js.coffee
+++ b/app/assets/javascripts/admin/products/services/option_value_namer.js.coffee
@@ -1,4 +1,5 @@
 angular.module("admin.products").factory "OptionValueNamer", (VariantUnitManager) ->
+  # Javascript clone of VariantUnits::OptionValueNamer, for bulk product editing.
  class OptionValueNamer
    constructor: (@variant) ->

--- a/app/assets/javascripts/admin/spree/taxons/taxon_tree_menu.js.coffee
+++ b/app/assets/javascripts/admin/spree/taxons/taxon_tree_menu.js.coffee
@@ -1,21 +0,0 @@
-root = exports ? this
-
-root.taxon_tree_menu = (obj, context) ->
-
-  base_url = Spree.url(Spree.routes.taxonomy_taxons)
-  admin_base_url = Spree.url(Spree.routes.admin_taxonomy_taxons)
-  edit_url = Spree.url(Spree.routes.admin_taxonomy_taxons + '/' + obj.attr("id") + "/edit");
-
-  create:
-    label: "<i class='icon-plus'></i> " + Spree.translations.add,
-    action: (obj) -> context.create(obj)
-  rename:
-    label: "<i class='icon-pencil'></i> " + Spree.translations.rename,
-    action: (obj) -> context.rename(obj)
-  remove:
-    label: "<i class='icon-trash'></i> " + Spree.translations.remove,
-    action: (obj) -> context.remove(obj)
-  edit:
-    separator_before: true,
-    label: "<i class='icon-edit'></i> " + Spree.translations.edit,
-    action: (obj) -> window.location = edit_url.toString()
--- a/app/assets/javascripts/admin/spree/taxons/taxonomy.js.coffee
+++ b/app/assets/javascripts/admin/spree/taxons/taxonomy.js.coffee
@@ -1,139 +0,0 @@
-handle_ajax_error = (XMLHttpRequest, textStatus, errorThrown) ->
-  $.jstree.rollback(last_rollback)
-  $("#ajax_error").show().html("<strong>" + server_error + "</strong><br />" + taxonomy_tree_error)
-
-handle_move = (e, data) ->
-  last_rollback = data.rlbk
-  position = data.rslt.cp
-  node = data.rslt.o
-  new_parent = data.rslt.np
-
-  url = new URL(Spree.routes.admin_taxonomy_taxons)
-  url.pathname = url.pathname + '/' + node.attr("id") 
-  data = {
-    _method: "put",
-    "taxon[position]": position,
-    "taxon[parent_id]": if !isNaN(new_parent.attr("id")) then new_parent.attr("id") else undefined
-  }
-  $.ajax
-    type: "POST",
-    dataType: "json",
-    url: url.toString(),
-    data: data,
-    error: handle_ajax_error
-
-  true
-
-handle_create = (e, data) ->
-  last_rollback = data.rlbk
-  node = data.rslt.obj
-  name = data.rslt.name
-  position = data.rslt.position
-  new_parent = data.rslt.parent
-
-  data = {
-    "taxon[name]": name,
-    "taxon[position]": position
-    "taxon[parent_id]": if !isNaN(new_parent.attr("id")) then new_parent.attr("id") else undefined
-  }
-  $.ajax
-    type: "POST",
-    dataType: "json",
-    url: base_url.toString(),
-    data: data,
-    error: handle_ajax_error,
-    success: (data,result) ->
-      node.attr('id', data.id)
-
-handle_rename = (e, data) ->
-  last_rollback = data.rlbk
-  node = data.rslt.obj
-  name = data.rslt.new_name
-  # change the name inside the main input field as well if taxon is the root one
-  document.getElementById("taxonomy_name").value = name if node.parents("[id]").attr("id") == "taxonomy_tree"
-
-  url = new URL(base_url)
-  url.pathname = url.pathname + '/' + node.attr("id")
-
-  $.ajax
-    type: "POST",
-    dataType: "json",
-    url: url.toString(),
-    data: {_method: "put", "taxon[name]": name },
-    error: handle_ajax_error
-
-handle_delete = (e, data) ->
-  last_rollback = data.rlbk
-  node = data.rslt.obj
-  delete_url = new URL(base_url)
-  delete_url.pathname = delete_url.pathname + '/' + node.attr("id")
-  if confirm(Spree.translations.are_you_sure_delete)
-    $.ajax
-      type: "POST",
-      dataType: "json",
-      url: delete_url.toString(),
-      data: {_method: "delete"},
-      error: handle_ajax_error
-  else
-    $.jstree.rollback(last_rollback)
-    last_rollback = null
-
-root = exports ? this
-root.setup_taxonomy_tree = (taxonomy_id) ->
-  if taxonomy_id != undefined
-    # this is defined within admin/taxonomies/edit
-    root.base_url = Spree.url(Spree.routes.taxonomy_taxons)
-
-    $.ajax
-      url: base_url.pathname.replace("/taxons", "/jstree"),
-      success: (taxonomy) ->
-        last_rollback = null
-
-        conf =
-          json_data:
-            data: taxonomy,
-            ajax:
-              url: (e) ->
-                base_url.pathname + '/' + e.attr('id') + '/jstree'
-          themes:
-            theme: "apple",
-            url: "/assets/jquery.jstree/themes/apple/style.css"
-          strings:
-            new_node: new_taxon,
-            loading: Spree.translations.loading + "..."
-          crrm:
-            move:
-              check_move: (m) ->
-                position = m.cp
-                node = m.o
-                new_parent = m.np
-
-                # no parent or cant drag and drop
-                if !new_parent || node.attr("rel") == "root"
-                  return false
-
-                # can't drop before root
-                if new_parent.attr("id") == "taxonomy_tree" && position == 0
-                  return false
-
-                true
-          contextmenu:
-            items: (obj) ->
-              taxon_tree_menu(obj, this)
-          plugins: ["themes", "json_data", "dnd", "crrm", "contextmenu"]
-
-        $("#taxonomy_tree").jstree(conf)
-          .bind("move_node.jstree", handle_move)
-          .bind("remove.jstree", handle_delete)
-          .bind("create.jstree", handle_create)
-          .bind("rename.jstree", handle_rename)
-          .bind "loaded.jstree", ->
-            $(this).jstree("core").toggle_node($('.jstree-icon').first())
-
-    $("#taxonomy_tree a").on "dblclick", (e) ->
-      $("#taxonomy_tree").jstree("rename", this)
-
-    # surpress form submit on enter/return
-    $(document).keypress (e) ->
-      if e.keyCode == 13
-        e.preventDefault()
--- a/app/assets/javascripts/admin/utils/services/status_message.js.coffee
+++ b/app/assets/javascripts/admin/utils/services/status_message.js.coffee
@@ -10,7 +10,9 @@ angular.module("admin.utils").factory "StatusMessage", ->

    statusMessage:
      text: ""
-      style: {}
+      style: {},
+      type: null,
+      actionName: null

    invalidMessage: ""

@@ -23,11 +25,15 @@ angular.module("admin.utils").factory "StatusMessage", ->
    active: ->
      @statusMessage.text != ''

-    display: (type, text) ->
+    display: (type, text, actionName = null) ->
      @statusMessage.text = text
+      @statusMessage.type = type
+      @statusMessage.actionName = actionName
      @statusMessage.style = @types[type].style
      null

    clear: ->
      @statusMessage.text = ''
      @statusMessage.style = {}
+      @statusMessage.type = null
+      @statusMessage.actionName = null
--- a/app/assets/javascripts/admin/variant_overrides/directives/track_inheritance.js.coffee
+++ b/app/assets/javascripts/admin/variant_overrides/directives/track_inheritance.js.coffee
@@ -2,10 +2,10 @@ angular.module("admin.variantOverrides").directive "trackInheritance", (VariantO
  require: "ngModel"
  link: (scope, element, attrs, ngModel) ->
    # This is a bit hacky, but it allows us to load the inherit property on the VO, but then not submit it
-    scope.inherit = angular.equals scope.variantOverrides[scope.hub_id][scope.variant.id], VariantOverrides.newFor scope.hub_id, scope.variant.id
+    scope.inherit = angular.equals scope.variantOverrides[scope.hub_id][scope.variant.id], VariantOverrides.newFor scope.hub_id, scope.variant

    ngModel.$parsers.push (viewValue) ->
      if ngModel.$dirty && viewValue
-        DirtyVariantOverrides.inherit scope.hub_id, scope.variant.id, scope.variantOverrides[scope.hub_id][scope.variant.id].id
+        DirtyVariantOverrides.inherit scope.hub_id, scope.variant, scope.variantOverrides[scope.hub_id][scope.variant.id].id
        scope.displayDirty()
      viewValue
--- a/app/assets/javascripts/admin/variant_overrides/filters/hub_permissions_filter.js.coffee
+++ b/app/assets/javascripts/admin/variant_overrides/filters/hub_permissions_filter.js.coffee
@@ -2,4 +2,8 @@ angular.module("admin.variantOverrides").filter "hubPermissions", ($filter) ->
  return (products, hubPermissions, hub_id) ->
    return [] if !hub_id
    return [] if !hubPermissions[hub_id]
-    return $filter('filter')(products, ((product) -> hubPermissions[hub_id].indexOf(product.producer_id) > -1), true)
+
+    return $filter('filter')(products, ((product) ->
+      for variant in product.variants
+        return hubPermissions[hub_id].indexOf(variant.producer_id) > -1
+     ), true)
--- a/app/assets/javascripts/admin/variant_overrides/services/dirty_variant_overrides.js.coffee
+++ b/app/assets/javascripts/admin/variant_overrides/services/dirty_variant_overrides.js.coffee
@@ -12,11 +12,11 @@ angular.module("admin.variantOverrides").factory "DirtyVariantOverrides", ($http
        @add(hub_id, variant_id, vo_id)
        @dirtyVariantOverrides[hub_id][variant_id][attr] = value

-    inherit: (hub_id, variant_id, vo_id) ->
-      @add(hub_id, variant_id, vo_id)
-      blankVo = angular.copy(VariantOverrides.inherit(hub_id, variant_id))
+    inherit: (hub_id, variant, vo_id) ->
+      @add(hub_id, variant.id, vo_id)
+      blankVo = angular.copy(VariantOverrides.inherit(hub_id, variant))
      delete blankVo[attr] for attr, value of blankVo when attr not in @requiredAttrs()
-      @dirtyVariantOverrides[hub_id][variant_id] = blankVo
+      @dirtyVariantOverrides[hub_id][variant.id] = blankVo

    count: ->
      count = 0
--- a/app/assets/javascripts/admin/variant_overrides/services/variant_overrides.js.coffee
+++ b/app/assets/javascripts/admin/variant_overrides/services/variant_overrides.js.coffee
@@ -13,17 +13,18 @@ angular.module("admin.variantOverrides").factory "VariantOverrides", (variantOve
        @variantOverrides[hub.id] ||= {}
        for product in products
          for variant in product.variants
-            @inherit(hub.id, variant.id) unless @variantOverrides[hub.id][variant.id]
+            @inherit(hub.id, variant) unless @variantOverrides[hub.id][variant.id]

-    inherit: (hub_id, variant_id) ->
+    inherit: (hub_id, variant) ->
      # This method is called from the trackInheritance directive, to reinstate inheritance
-      @variantOverrides[hub_id][variant_id] ||= {}
-      angular.extend @variantOverrides[hub_id][variant_id], @newFor hub_id, variant_id
+      @variantOverrides[hub_id][variant.id] ||= {}
+      angular.extend @variantOverrides[hub_id][variant.id], @newFor(hub_id, variant)

-    newFor: (hub_id, variant_id) ->
+    newFor: (hub_id, variant) ->
      # These properties need to match those checked in VariantOverrideSet.deletable?
      hub_id: hub_id
-      variant_id: variant_id
+      variant_id: variant.id
+      producer_id: variant.producer_id
      sku: null
      price: null
      count_on_hand: null
--- a/app/assets/javascripts/darkswarm/controllers/products_controller.js.coffee
+++ b/app/assets/javascripts/darkswarm/controllers/products_controller.js.coffee
@@ -4,15 +4,18 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
  $scope.query = ""
  $scope.taxonSelectors = FilterSelectorsService.createSelectors()
  $scope.propertySelectors = FilterSelectorsService.createSelectors()
+  $scope.producerPropertySelectors = FilterSelectorsService.createSelectors()
  $scope.filtersActive = true
  $scope.page = 1
  $scope.per_page = 10
  $scope.order_cycle = OrderCycle.order_cycle
  $scope.supplied_taxons = null
  $scope.supplied_properties = null
+  $scope.supplied_producer_properties = null
  $scope.showFilterSidebar = false
  $scope.activeTaxons = []
  $scope.activeProperties = []
+  $scope.activeProducerProperties = []

  # Update filters after initial load of shop tab
  $timeout =>
@@ -45,6 +48,12 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
        $scope.supplied_properties[property.id] = Properties.properties_by_id[property.id]
      )

+    OrderCycleResource.producerProperties params, (data)=>
+      $scope.supplied_producer_properties = {}
+      data.map( (property) ->
+        $scope.supplied_producer_properties[property.id] = Properties.properties_by_id[property.id]
+      )
+
  $scope.loadMore = ->
    if ($scope.page * $scope.per_page) <= Products.products.length
      $scope.loadMoreProducts()
@@ -52,6 +61,7 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
  $scope.$watch 'query', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue
  $scope.$watchCollection 'activeTaxons', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue
  $scope.$watchCollection 'activeProperties', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue
+  $scope.$watchCollection 'activeProducerProperties', (newValue, oldValue) -> $scope.loadProducts() if newValue != oldValue

  $scope.loadProducts = ->
    $scope.page = 1
@@ -66,9 +76,10 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
      id: $scope.order_cycle.order_cycle_id,
      page: page || $scope.page,
      per_page: $scope.per_page,
-      'q[name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_supplier_name_cont]': $scope.query,
+      'q[name_or_meta_keywords_or_variants_display_as_or_variants_display_name_or_variants_supplier_name_cont]': $scope.query,
      'q[with_properties][]': $scope.activeProperties,
-      'q[primary_taxon_id_in_any][]': $scope.activeTaxons
+      'q[with_variants_supplier_properties][]': $scope.activeProducerProperties,
+      'q[variants_primary_taxon_id_in_any][]': $scope.activeTaxons
    }

  $scope.searchKeypress = (e)->
@@ -86,6 +97,12 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
      Properties.properties_by_id[property_id].name
    ).join($scope.filtersJoinWord()) if $scope.activeProperties?

+  $scope.appliedProducerPropertiesList = ->
+    $scope.activeProducerProperties.map( (property_id) ->
+      Properties.properties_by_id[property_id].name
+    ).join($scope.filtersJoinWord()) if $scope.activeProducerProperties?
+
+
  $scope.filtersJoinWord = ->
    $sce.trustAsHtml(" <span class='join-word'>#{t('products_or')}</span> ")

@@ -99,6 +116,7 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
  $scope.clearFilters = ->
    $scope.taxonSelectors.clearAll()
    $scope.propertySelectors.clearAll()
+    $scope.producerPropertySelectors.clearAll()

  $scope.refreshStaleData = ->
    # If the products template has already been loaded but the controller is being initialized
@@ -109,7 +127,7 @@ angular.module('Darkswarm').controller "ProductsCtrl", ($scope, $sce, $filter, $
      $scope.loadProducts()

  $scope.filtersCount = () ->
-    $scope.taxonSelectors.totalActive() + $scope.propertySelectors.totalActive()
+    $scope.taxonSelectors.totalActive() + $scope.propertySelectors.totalActive() + $scope.producerPropertySelectors.totalActive()

  $scope.toggleFilterSidebar = ->
    $scope.showFilterSidebar = !$scope.showFilterSidebar
--- a/app/assets/javascripts/darkswarm/controllers/registration/registration_controller.js.coffee
+++ b/app/assets/javascripts/darkswarm/controllers/registration/registration_controller.js.coffee
@@ -42,8 +42,17 @@ angular.module('Darkswarm').controller "RegistrationCtrl", ($scope, Registration
  $scope.toggleAddressConfirmed = ->
    $scope.addressConfirmed = !$scope.addressConfirmed
    if $scope.addressConfirmed
+      $scope.setLatLongIfUsingOpenStreetMap()
      $scope.enterprise.address.latitude = $scope.latLong.latitude
      $scope.enterprise.address.longitude = $scope.latLong.longitude
    else
      $scope.enterprise.address.latitude = null
      $scope.enterprise.address.longitude = null
+
+  # When OpenStreetMaps is enabled the latitude and longitude are calculated via a Stimulus
+  # controller, so they need to be read from data properties to be accessible here.
+  $scope.setLatLongIfUsingOpenStreetMap = ->
+    openStreetMap = document.getElementById("open-street-map")
+    if !$scope.latLong && openStreetMap && openStreetMap.dataset.latitude && openStreetMap.dataset.longitude
+      $scope.latLong = { latitude: openStreetMap.dataset.latitude, longitude: openStreetMap.dataset.longitude }
+
--- a/app/assets/javascripts/darkswarm/services/order_cycle_resource.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/order_cycle_resource.js.coffee
@@ -18,4 +18,11 @@ angular.module('Darkswarm').factory 'OrderCycleResource', ($resource) ->
      url: '/api/v0/order_cycles/:id/properties.json'
      params:
        id: '@id'
+    'producerProperties':
+      method: 'GET'
+      isArray: true
+      url: '/api/v0/order_cycles/:id/producer_properties.json'
+      params:
+        id: '@id'
+
  })
--- a/app/assets/javascripts/darkswarm/services/products.js.coffee
+++ b/app/assets/javascripts/darkswarm/services/products.js.coffee
@@ -39,7 +39,7 @@ angular.module('Darkswarm').factory 'Products', (OrderCycleResource, OrderCycle,

    dereference: ->
      for product in @fetched_products
-        product.supplier = Shopfront.producers_by_id[product.supplier.id]
+        product.supplier = Shopfront.producers_by_id[product.variants[0].supplier.id]
        Dereferencer.dereference product.taxons, Taxons.taxons_by_id

        product.properties = angular.copy(product.properties_with_values)
--- a/app/assets/javascripts/templates/admin/columns_dropdown.html.haml
+++ b/app/assets/javascripts/templates/admin/columns_dropdown.html.haml
@@ -5,8 +5,9 @@
  %div.menu{ 'ng-show' => "expanded" }
    .menu_items
      .menu_item{ "ng-repeat": "column in columns", "ng-click": "toggle(column);" }
-        %input.redesigned-input{ type: "checkbox", "ng-checked": "column.visible" }
-        {{ column.name }}
+        %input{ type: "checkbox", "ng-checked": "column.visible" }
+        %span
+          {{ column.name }}
      %hr
      %div.menu_item.text-center
        %input.fullwidth.orange{ type: "button", "ng-value": "saved() ? 'Saved': 'Saving'", "ng-show": "saved() || saving", "ng-disabled": "saved()" }
--- a/app/assets/javascripts/templates/admin/save_bar.html.haml
+++ b/app/assets/javascripts/templates/admin/save_bar.html.haml
@@ -1,7 +1,7 @@
 #save-bar.animate-show{ "ng-show": 'dirty || persist || StatusMessage.active()' }
  .container
    .seven.columns.alpha
-      %h5#status-message{ "ng-show": "StatusMessage.invalidMessage == ''", "ng-style": 'StatusMessage.statusMessage.style' }
+      %h5#status-message{ "ng-show": "StatusMessage.invalidMessage == ''", "ng-style": 'StatusMessage.statusMessage.style', data: { 'order-cycle-form-target': 'statusMessage' }, "ng-attr-data-type": "{{StatusMessage.statusMessage.type}}", "ng-attr-data-action-name": "{{StatusMessage.statusMessage.actionName}}" }
        {{ StatusMessage.statusMessage.text || "&nbsp;" }}
      %h5#status-message{ style: 'color: #C85136', "ng-show": "StatusMessage.invalidMessage !== ''" }
        {{ StatusMessage.invalidMessage || "&nbsp;" }}
--- a/app/components/help_modal_component.rb
+++ b/app/components/help_modal_component.rb
@@ -2,6 +2,6 @@

 class HelpModalComponent < ModalComponent
  def initialize(id:, close_button: true)
-    super(id:, close_button:)
+    super
  end
 end
--- a/app/components/modal_component/modal_component.scss
+++ b/app/components/modal_component/modal_component.scss
@@ -24,6 +24,19 @@
    max-width: 100%;
    height: auto;
  }
+
+  .flex-column {
+    display: flex;
+    flex-direction: column;
+  }
+
+  .gap-1 {
+    gap: 1rem;
+  }
+
+  .gap-2 {
+    gap: 2rem;
+  }
 }

 /* prevent arrow on selected admin menu item appearing above modal */
--- a/app/components/multiple_checked_select_component/multiple_checked_select_component.html.haml
+++ b/app/components/multiple_checked_select_component/multiple_checked_select_component.html.haml
@@ -9,5 +9,5 @@
    %div.menu_items
      - @options.each do |option|
        %label.menu_item{ "data-multiple-checked-select-target": "option", "data-value": option[1], "data-label": option[0] }
-          %input.redesigned-input{ type: "checkbox", checked: @selected.include?(option[1]), name: "#{@name}[]", value: option[1] }
-          = option[0]
+          %input{ type: "checkbox", checked: @selected.include?(option[1]), name: "#{@name}[]", value: option[1] }
+          %span= option[0]
--- a/app/components/searchable_dropdown_component.rb
+++ b/app/components/searchable_dropdown_component.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+class SearchableDropdownComponent < ViewComponent::Base
+  REMOVED_SEARCH_PLUGIN = { 'tom-select-options-value': '{ "plugins": [] }' }.freeze
+  MINIMUM_OPTIONS_FOR_SEARCH_FIELD = 11 # at least 11 options are required for the search field
+
+  def initialize(
+    form:,
+    name:,
+    options:,
+    selected_option:,
+    placeholder_value:,
+    include_blank: false,
+    aria_label: ''
+  )
+    @f = form
+    @name = name
+    @options = options
+    @selected_option = selected_option
+    @placeholder_value = placeholder_value
+    @include_blank = include_blank
+    @aria_label = aria_label
+  end
+
+  private
+
+  attr_reader :f, :name, :options, :selected_option, :placeholder_value, :include_blank, :aria_label
+
+  def classes
+    "fullwidth #{remove_search_plugin? ? 'no-input' : ''}"
+  end
+
+  def data
+    {
+      controller: "tom-select",
+      'tom-select-placeholder-value': placeholder_value
+    }.merge(remove_search_plugin? ? REMOVED_SEARCH_PLUGIN : {})
+  end
+
+  def remove_search_plugin?
+    @remove_search_plugin ||= options.count < MINIMUM_OPTIONS_FOR_SEARCH_FIELD
+  end
+end
--- a/app/components/searchable_dropdown_component/searchable_dropdown_component.html.haml
+++ b/app/components/searchable_dropdown_component/searchable_dropdown_component.html.haml
@@ -0,0 +1 @@
+= f.select name, options_for_select(options, selected_option), { include_blank: }, class: classes, data:, 'aria-label': aria_label
--- a/app/controllers/admin/bulk_line_items_controller.rb
+++ b/app/controllers/admin/bulk_line_items_controller.rb
@@ -35,7 +35,7 @@ module Admin
      order.with_lock do
        if order.contents.update_item(@line_item, line_item_params)
          # No Content, does not trigger ng resource auto-update
-          render body: nil, status: :no_content
+          head :no_content
        else
          render json: { errors: @line_item.errors }, status: :precondition_failed
        end
@@ -49,7 +49,7 @@ module Admin
      authorize! :update, order

      order.contents.remove(@line_item.variant)
-      render body: nil, status: :no_content # No Content, does not trigger ng resource auto-update
+      head :no_content # No Content, does not trigger ng resource auto-update
    end

    private
--- a/app/controllers/admin/column_preferences_controller.rb
+++ b/app/controllers/admin/column_preferences_controller.rb
@@ -4,17 +4,25 @@ module Admin
  class ColumnPreferencesController < Admin::ResourceController
    before_action :load_collection, only: [:bulk_update]

-    respond_to :json
-
    def bulk_update
      @cp_set.collection.each { |cp| authorize! :bulk_update, cp }

-      if @cp_set.save
-        render json: @cp_set.collection, each_serializer: Api::Admin::ColumnPreferenceSerializer
-      elsif @cp_set.errors.present?
-        render json: { errors: @cp_set.errors }, status: :bad_request
-      else
-        render body: nil, status: :internal_server_error
+      respond_to do |format|
+        if @cp_set.save
+          format.json {
+            render json: @cp_set.collection, each_serializer: Api::Admin::ColumnPreferenceSerializer
+          }
+          format.turbo_stream {
+            flash.now[:success] = t('.success')
+            render :bulk_update, locals: { action: permitted_params[:action_name] }
+          }
+        else
+          format.json { render json: { errors: @cp_set.errors }, status: :bad_request }
+          format.turbo_stream {
+            flash.now[:error] = @cp_set.errors.full_messages.to_sentence
+            render :bulk_update, locals: { action: permitted_params[:action_name] }
+          }
+        end
      end
    end

@@ -28,11 +36,26 @@ module Admin
    end

    def load_collection
-      collection_hash = Hash[permitted_params[:column_preferences].
-        each_with_index.map { |cp, i| [i, cp] }]
-      collection_hash.select!{ |_i, cp| cp[:action_name] == permitted_params[:action_name] }
-      @cp_set = Sets::ColumnPreferenceSet.new(@column_preferences,
-                                              collection_attributes: collection_hash)
+      collection_attributes = nil
+
+      respond_to do |format|
+        format.json do
+          collection_attributes = Hash[permitted_params[:column_preferences].
+            each_with_index.map { |cp, i| [i, cp] }]
+          collection_attributes.select!{ |_i, cp|
+            cp[:action_name] == permitted_params[:action_name]
+          }
+        end
+        format.all do
+          # Inject action name and user ID for each column_preference
+          collection_attributes = permitted_params[:column_preferences].to_h.each_value { |cp|
+            cp[:action_name] = permitted_params[:action_name]
+            cp[:user_id] = spree_current_user.id
+          }
+        end
+      end
+
+      @cp_set = Sets::ColumnPreferenceSet.new(@column_preferences, collection_attributes:)
    end

    def collection
--- a/app/controllers/admin/connected_app_settings_controller.rb
+++ b/app/controllers/admin/connected_app_settings_controller.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Admin
+  class ConnectedAppSettingsController < Spree::Admin::BaseController
+    def update
+      Spree::Config.set(connected_apps_enabled:)
+
+      respond_to do |format|
+        format.html {
+          flash[:success] = t(:successfully_updated, resource: t('.resource'))
+          redirect_to main_app.edit_admin_connected_app_settings_path
+        }
+      end
+    end
+
+    private
+
+    def connected_apps_enabled
+      params.require(:preferences).require(:connected_apps_enabled).compact_blank.join(",")
+    end
+  end
+end
--- a/app/controllers/admin/connected_apps_controller.rb
+++ b/app/controllers/admin/connected_apps_controller.rb
@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Admin
+  class ConnectedAppsController < ApplicationController
+    def create
+      authorize! :admin, enterprise
+
+      attributes = {}
+      attributes[:type] = connected_app_params[:type] if connected_app_params[:type]
+
+      app = ConnectedApp.create!(enterprise_id: enterprise.id, **attributes)
+      app.connect(api_key: spree_current_user.spree_api_key,
+                  channel: SessionChannel.for_request(request))
+
+      render_panel
+    end
+
+    def destroy
+      authorize! :admin, enterprise
+
+      app = enterprise.connected_apps.find(params.require(:id))
+      app.destroy
+
+      render_panel
+    end
+
+    private
+
+    def enterprise
+      @enterprise ||= Enterprise.find(params.require(:enterprise_id))
+    end
+
+    def render_panel
+      redirect_to "#{edit_admin_enterprise_path(enterprise)}#/connected_apps_panel"
+    end
+
+    def connected_app_params
+      params.permit(:type)
+    end
+  end
+end
--- a/app/controllers/admin/dfc_product_imports_controller.rb
+++ b/app/controllers/admin/dfc_product_imports_controller.rb
@@ -20,7 +20,7 @@ module Admin

      catalog_url = params.require(:catalog_url)

-      json_catalog = DfcRequest.new(spree_current_user).get(catalog_url)
+      json_catalog = fetch_catalog(catalog_url)
      graph = DfcIo.import(json_catalog)

      # * First step: import all products for given enterprise.
@@ -34,6 +34,10 @@ module Admin

    private

+    def fetch_catalog(url)
+      DfcRequest.new(spree_current_user).call(url)
+    end
+
    # Most of this code is the same as in the DfcProvider::SuppliedProductsController.
    def import_product(subject, enterprise)
      return unless subject.is_a? DataFoodConsortium::Connector::SuppliedProduct
--- a/app/controllers/admin/enterprise_fees_controller.rb
+++ b/app/controllers/admin/enterprise_fees_controller.rb
@@ -65,7 +65,9 @@ module Admin
        order_cycle ||= OrderCycle.new(coordinator:) if coordinator.present?
        enterprises = OpenFoodNetwork::OrderCyclePermissions.new(spree_current_user,
                                                                 order_cycle).visible_enterprises
-        EnterpriseFee.for_enterprises(enterprises).order('enterprise_id', 'fee_type', 'name')
+
+        fees = EnterpriseFee.for_enterprises(enterprises).order('enterprise_id', 'fee_type', 'name')
+        filter_fees(fees)
      else
        collection = EnterpriseFee.managed_by(spree_current_user).order('enterprise_id',
                                                                        'fee_type', 'name')
@@ -74,6 +76,12 @@ module Admin
      end
    end

+    def filter_fees(fees)
+      fees = fees.per_item if params[:per_item]
+      fees = fees.per_order if params[:per_order]
+      fees
+    end
+
    def collection_actions
      [:index, :for_order_cycle, :bulk_update]
    end
--- a/app/controllers/admin/enterprises_controller.rb
+++ b/app/controllers/admin/enterprises_controller.rb
@@ -189,10 +189,7 @@ module Admin
          .visible_enterprises

        if enterprises.present?
-          enterprises.includes(
-            supplied_products:
-              [:supplier, :variants, :image]
-          )
+          enterprises.includes(supplied_products: [:variants, :image])
        end
      when :index
        if spree_current_user.admin?
--- a/app/controllers/admin/order_cycles_controller.rb
+++ b/app/controllers/admin/order_cycles_controller.rb
@@ -11,6 +11,7 @@ module Admin
    before_action :remove_protected_attrs, only: [:update]
    before_action :require_order_cycle_set_params, only: [:bulk_update]
    around_action :protect_invalid_destroy, only: :destroy
+    before_action :verify_datetime_change, only: :update

    def index
      respond_to do |format|
@@ -235,7 +236,7 @@ module Admin
      else
        begin
          yield
-        rescue ActiveRecord::InvalidForeignKey
+        rescue ActiveRecord::InvalidForeignKey, ActiveRecord::DeleteRestrictionError
          redirect_to main_app.admin_order_cycles_url
          flash[:error] = I18n.t('admin.order_cycles.destroy_errors.orders_present')
        end
@@ -294,5 +295,22 @@ module Admin
        collection_attributes: [:id] + PermittedAttributes::OrderCycle.basic_attributes
      ).to_h.with_indifferent_access
    end
+
+    # Check that order cycle datetime values changed if it has existing orders
+    def verify_datetime_change
+      return unless params[:order_cycle][:confirm]
+      return unless @order_cycle.orders.exists?
+      return if same_dates(@order_cycle.orders_open_at, order_cycle_params[:orders_open_at]) &&
+                same_dates(@order_cycle.orders_close_at, order_cycle_params[:orders_close_at])
+
+      render json: { trigger_action: params[:order_cycle][:trigger_action] },
+             status: :unprocessable_entity
+    end
+
+    def same_dates(date, string)
+      false unless date && string
+
+      DateTime.parse(string).to_fs(:short) == date.to_fs(:short)
+    end
  end
 end
--- a/app/controllers/admin/product_import_controller.rb
+++ b/app/controllers/admin/product_import_controller.rb
@@ -4,6 +4,8 @@ require 'roo'

 module Admin
  class ProductImportController < Spree::Admin::BaseController
+    TMPDIR_PREFIX = "product_import-"
+
    before_action :validate_upload_presence, except: %i[index guide validate_data]

    def index
@@ -101,8 +103,7 @@ module Admin

    def save_uploaded_file(upload)
      extension = File.extname(upload.original_filename)
-      directory = Dir.mktmpdir 'product_import'
-      File.open(File.join(directory, "import#{extension}"), 'wb') do |f|
+      File.open(File.join(mktmpdir, "import#{extension}"), 'wb') do |f|
        data = UploadSanitizer.new(upload.read).call
        f.write(data)
        f.path
@@ -126,6 +127,14 @@ module Admin
      ProductImport::ProductImporter
    end

+    def mktmpdir
+      Dir::Tmpname.create(TMPDIR_PREFIX, Rails.root.join('tmp') ) { |tmpname| Dir.mkdir(tmpname) }
+    end
+
+    def tmpdir_base
+      Rails.root.join('tmp', TMPDIR_PREFIX).to_s
+    end
+
    def file_path
      @file_path ||= validate_file_path(sanitize_file_path(params[:filepath]))
    end
@@ -134,8 +143,9 @@ module Admin
      FilePathSanitizer.new.sanitize(file_path, on_error: method(:raise_invalid_file_path))
    end

+    # Ensure file is under the safe tmp directory
    def validate_file_path(file_path)
-      return file_path if file_path.to_s.match?(TEMP_FILE_PATH_REGEX)
+      return file_path if file_path.to_s.match?(%r{^#{tmpdir_base}[A-Za-z0-9-]*/import\.csv$})

      raise_invalid_file_path
    end
@@ -145,6 +155,5 @@ module Admin
                  notice: I18n.t(:product_import_no_data_in_spreadsheet_notice)
      raise 'Invalid File Path'
    end
-    TEMP_FILE_PATH_REGEX = %r{^/tmp/product_import[A-Za-z0-9-]*/import\.csv$}
  end
 end
--- a/app/controllers/admin/products_v3_controller.rb
+++ b/app/controllers/admin/products_v3_controller.rb
@@ -1,7 +1,214 @@
 # frozen_string_literal: true

+# rubocop:disable Metrics/ClassLength
 module Admin
  class ProductsV3Controller < Spree::Admin::BaseController
-    def index; end
+    helper ProductsHelper
+
+    before_action :init_filters_params
+    before_action :init_pagination_params
+
+    def index
+      fetch_products
+      render "index", locals: { producers:, categories:, tax_category_options:, flash: }
+
+      session[:products_return_to_url] = request.url
+    end
+
+    def bulk_update
+      product_set = product_set_from_params
+
+      product_set.collection.each { |p| authorize! :update, p }
+      @products = product_set.collection # use instance variable mainly for testing
+
+      if product_set.save
+        flash[:success] = I18n.t('admin.products_v3.bulk_update.success')
+        redirect_to [:index,
+                     { page: @page, per_page: @per_page, search_term: @search_term,
+                       producer_id: @producer_id, category_id: @category_id }]
+      elsif product_set.errors.present?
+        @error_counts = { saved: product_set.saved_count, invalid: product_set.invalid.count }
+
+        render "index", status: :unprocessable_entity,
+                        locals: { producers:, categories:, tax_category_options:, flash: }
+      end
+    end
+
+    def destroy
+      @record = ProductScopeQuery.new(
+        spree_current_user,
+        { id: params[:id] }
+      ).find_product
+
+      @record.destroyed_by = spree_current_user
+      status = :ok
+
+      if @record.destroy
+        flash.now[:success] = t('.delete_product.success')
+      else
+        flash.now[:error] = t('.delete_product.error')
+        status = :internal_server_error
+      end
+
+      respond_with do |format|
+        format.turbo_stream { render :destroy_product_variant, status: }
+      end
+    end
+
+    def destroy_variant
+      @record = Spree::Variant.active.find(params[:id])
+      authorize! :delete, @record
+
+      status = :ok
+      if VariantDeleter.new.delete(@record)
+        flash.now[:success] = t('.delete_variant.success')
+      else
+        flash.now[:error] = t('.delete_variant.error')
+        status = :internal_server_error
+      end
+
+      respond_with do |format|
+        format.turbo_stream { render :destroy_product_variant, status: }
+      end
+    end
+
+    def clone
+      @product = Spree::Product.find(params[:id])
+      status = :ok
+
+      begin
+        @cloned_product = @product.duplicate
+        flash.now[:success] = t('.success')
+
+        @product_index = "-#{@cloned_product.id}"
+        @producer_options = producers
+        @category_options = categories
+        @tax_category_options = tax_category_options
+      rescue ActiveRecord::ActiveRecordError => _e
+        flash.now[:error] = t('.error')
+        status = :unprocessable_entity
+        @product_index = "-1" # Create a unique enough index
+      end
+
+      respond_with do |format|
+        format.turbo_stream { render :clone, status: }
+      end
+    end
+
+    def index_url(params)
+      "/admin/products?#{params.to_query}" # todo: fix routing so this can be automaticly generated
+    end
+
+    private
+
+    def init_filters_params
+      # params comes from the form
+      # _params comes from the url
+      # priority is given to params from the form (if present) over url params
+      @search_term = params[:search_term] || params[:_search_term]
+      @producer_id = params[:producer_id] || params[:_producer_id]
+      @category_id = params[:category_id] || params[:_category_id]
+    end
+
+    def init_pagination_params
+      # prority is given to element dataset (if present) over url params
+      @page = params[:page].presence || 1
+      @per_page = params[:per_page].presence || 15
+      @q = params.permit(q: {})[:q] || { s: 'name asc' }
+    end
+
+    def producers
+      producers = OpenFoodNetwork::Permissions.new(spree_current_user)
+        .managed_product_enterprises.is_primary_producer.by_name
+      producers.map { |p| [p.name, p.id] }
+    end
+
+    def categories
+      Spree::Taxon.order(:name).map { |c| [c.name, c.id] }
+    end
+
+    def tax_category_options
+      Spree::TaxCategory.order(:name).pluck(:name, :id)
+    end
+
+    def fetch_products
+      product_query = OpenFoodNetwork::Permissions.new(spree_current_user)
+        .editable_products.merge(product_scope).ransack(ransack_query).result
+      @pagy, @products = pagy(product_query.order(:name), items: @per_page, page: @page,
+                                                          size: [1, 2, 2, 1])
+    end
+
+    def product_scope
+      user = spree_current_user
+      scope = if user.has_spree_role?("admin") || user.enterprises.present?
+                Spree::Product
+              else
+                Spree::Product.active
+              end
+
+      scope.includes(product_query_includes).distinct
+    end
+
+    def ransack_query
+      query = {}
+      query.merge!(variants_supplier_id_in: @producer_id) if @producer_id.present?
+      if @search_term.present?
+        query.merge!(Spree::Variant::SEARCH_KEY => @search_term)
+      end
+      query.merge!(variants_primary_taxon_id_in: @category_id) if @category_id.present?
+      query.merge!(@q) if @q
+
+      query
+    end
+
+    # Optimise by pre-loading required columns
+    def product_query_includes
+      [
+        :image,
+        { variants: [
+          :default_price,
+          :primary_taxon,
+          :product,
+          :stock_items,
+          :tax_category,
+          :supplier,
+        ] },
+      ]
+    end
+
+    # Similar to spree/admin/products_controller
+    def product_set_from_params
+      # Form field names:
+      #   '[products][0][id]' (hidden field)
+      #   '[products][0][name]'
+      #   '[products][0][variants_attributes][0][id]' (hidden field)
+      #   '[products][0][variants_attributes][0][display_name]'
+      #
+      # Resulting in params:
+      #     "products" => {
+      #       "0" =>  {
+      #         "id" => "123"
+      #         "name" => "Pommes",
+      #         "variants_attributes" => {
+      #           "0" => {
+      #           "id" => "1234",
+      #           "display_name" => "Large box",
+      #         }
+      #       }
+      #     }
+      collection_hash = products_bulk_params[:products]
+        .transform_values { |product|
+          # Convert variants_attributes form hash to an array if present
+          product[:variants_attributes] &&= product[:variants_attributes].values
+          product
+        }.with_indifferent_access
+      Sets::ProductSet.new(collection_attributes: collection_hash)
+    end
+
+    def products_bulk_params
+      params.permit(products: ::PermittedAttributes::Product.attributes)
+        .to_h.with_indifferent_access
+    end
  end
 end
+# rubocop:enable Metrics/ClassLength
--- a/app/controllers/admin/reports_controller.rb
+++ b/app/controllers/admin/reports_controller.rb
@@ -61,6 +61,9 @@ module Admin
    def render_in_background
      cable_ready[ScopedChannel.for_id(params[:uuid])]
        .inner_html(
+          selector: "#report-go",
+          html: helpers.button(t(:go), "report__submit-btn", "submit", disabled: true)
+        ).inner_html(
          selector: "#report-table",
          html: render_to_string(partial: "admin/reports/loading")
        ).scroll_into_view(
--- a/app/controllers/admin/resource_controller.rb
+++ b/app/controllers/admin/resource_controller.rb
@@ -146,7 +146,7 @@ module Admin
      return nil if parent_data.blank?

      @parent ||= parent_data[:model_class].
-        public_send("find_by", parent_data[:find_by] => params["#{model_name}_id"])
+        find_by(parent_data[:find_by] => params["#{model_name}_id"])
      instance_variable_set("@#{model_name}", @parent)
    end

@@ -229,7 +229,7 @@ module Admin
    end

    def member_action?
-      !collection_actions.include? action
+      collection_actions.exclude? action
    end

    def new_actions
--- a/app/controllers/admin/stripe_accounts_controller.rb
+++ b/app/controllers/admin/stripe_accounts_controller.rb
@@ -16,14 +16,14 @@ module Admin
      authorize! :destroy, stripe_account

      if stripe_account.deauthorize_and_destroy
-        flash[:success] = "Stripe account disconnected."
+        flash[:success] = I18n.t('stripe.success_code.disconnected')
      else
-        flash[:error] = "Failed to disconnect Stripe."
+        flash[:error] = I18n.t('stripe.error_code.disconnect_failure')
      end

      redirect_to main_app.edit_admin_enterprise_path(stripe_account.enterprise)
    rescue ActiveRecord::RecordNotFound
-      flash[:error] = "Failed to disconnect Stripe."
+      flash[:error] = I18n.t('stripe.error_code.disconnect_failure')
      redirect_to spree.admin_dashboard_path
    end

--- a/app/controllers/admin/stripe_connect_settings_controller.rb
+++ b/app/controllers/admin/stripe_connect_settings_controller.rb
@@ -37,7 +37,7 @@ module Admin

    def obfuscated_secret_key
      key = Stripe.api_key
-      key.first(8) + "****" + key.last(4)
+      "#{key.first(8)}****#{key.last(4)}"
    end

    def settings_params
--- a/app/controllers/admin/tag_rules_controller.rb
+++ b/app/controllers/admin/tag_rules_controller.rb
@@ -5,7 +5,7 @@ module Admin
    respond_to :json

    respond_override destroy: { json: {
-      success: lambda { render body: nil, status: :no_content }
+      success: lambda { head :no_content }
    } }

    def map_by_tag
--- a/app/controllers/admin/variant_overrides_controller.rb
+++ b/app/controllers/admin/variant_overrides_controller.rb
@@ -88,7 +88,7 @@ module Admin
    end

    def modified_variant_overrides_ids
-      variant_overrides_params.map { |vo| vo[:id] }
+      variant_overrides_params.pluck(:id)
    end

    def collection_actions
--- a/app/controllers/api/v0/enterprise_fees_controller.rb
+++ b/app/controllers/api/v0/enterprise_fees_controller.rb
@@ -9,7 +9,7 @@ module Api
        authorize! :destroy, enterprise_fee

        if enterprise_fee.destroy
-          render plain: I18n.t(:successfully_removed), status: :no_content
+          head :no_content
        else
          render plain: enterprise_fee.errors.full_messages.first, status: :forbidden
        end
--- a/app/controllers/api/v0/order_cycles_controller.rb
+++ b/app/controllers/api/v0/order_cycles_controller.rb
@@ -7,9 +7,11 @@ module Api
      include ApiActionCaching

      skip_authorization_check
-      skip_before_action :authenticate_user, :ensure_api_key, only: [:taxons, :properties]
+      skip_before_action :authenticate_user, :ensure_api_key, only: [
+        :taxons, :properties, :producer_properties
+      ]

-      caches_action :taxons, :properties,
+      caches_action :taxons, :properties, :producer_properties,
                    expires_in: CacheService::FILTERS_EXPIRY,
                    cache_path: proc { |controller| controller.request.url }

@@ -41,7 +43,13 @@ module Api

      def properties
        render plain: ActiveModel::ArraySerializer.new(
-          product_properties | producer_properties, each_serializer: Api::PropertySerializer
+          product_properties, each_serializer: Api::PropertySerializer
+        ).to_json
+      end
+
+      def producer_properties
+        render plain: ActiveModel::ArraySerializer.new(
+          load_producer_properties, each_serializer: Api::PropertySerializer
        ).to_json
      end

@@ -58,7 +66,7 @@ module Api
          select('DISTINCT spree_properties.*')
      end

-      def producer_properties
+      def load_producer_properties
        producers = Enterprise.
          joins(:supplied_products).
          where(spree_products: { id: distributed_products })
@@ -70,22 +78,7 @@ module Api
      end

      def search_params
-        permitted_search_params = params.slice :q, :page, :per_page
-
-        if permitted_search_params.key? :q
-          permitted_search_params[:q].slice!(*permitted_ransack_params)
-        end
-
-        permitted_search_params
-      end
-
-      def permitted_ransack_params
-        [
-          "#{[:name, :meta_keywords, :variants_display_as,
-              :variants_display_name, :supplier_name]
-          .join('_or_')}_cont",
-          :with_properties, :primary_taxon_id_in_any
-        ]
+        params.slice :q, :page, :per_page
      end

      def distributor
@@ -101,8 +94,9 @@ module Api
      end

      def distributed_products
-        OrderCycles::DistributedProductsService.new(distributor, order_cycle,
-                                                    customer).products_relation
+        OrderCycles::DistributedProductsService.new(
+          distributor, order_cycle, customer
+        ).products_relation.pluck(:id)
      end
    end
  end
--- a/app/controllers/api/v0/products_controller.rb
+++ b/app/controllers/api/v0/products_controller.rb
@@ -42,8 +42,9 @@ module Api
        authorize! :delete, Spree::Product
        @product = product_finder.find_product
        authorize! :delete, @product
+        @product.destroyed_by = current_api_user
        @product.destroy
-        render json: @product, serializer: Api::Admin::ProductSerializer, status: :no_content
+        head :no_content
      end

      def bulk_products
@@ -53,7 +54,7 @@ module Api
      end

      def overridable
-        @products = product_finder.paged_products_for_producers
+        @products = product_finder.products_for_producers

        render_paged_products @products, ::Api::Admin::ProductSimpleSerializer
      end
--- a/app/controllers/api/v0/taxonomies_controller.rb
+++ b/app/controllers/api/v0/taxonomies_controller.rb
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-module Api
-  module V0
-    class TaxonomiesController < Api::V0::BaseController
-      respond_to :json
-
-      skip_authorization_check only: :jstree
-
-      def jstree
-        @taxonomy = Spree::Taxonomy.find(params[:id])
-        render json: @taxonomy.root, serializer: Api::TaxonJstreeSerializer
-      end
-    end
-  end
-end
--- a/app/controllers/api/v0/taxons_controller.rb
+++ b/app/controllers/api/v0/taxons_controller.rb
@@ -5,12 +5,10 @@ module Api
    class TaxonsController < Api::V0::BaseController
      respond_to :json

-      skip_authorization_check only: [:index, :show, :jstree]
+      skip_authorization_check only: [:index, :show]

      def index
-        @taxons = if taxonomy
-                    taxonomy.root.children
-                  elsif params[:ids]
+        @taxons = if params[:ids]
                    Spree::Taxon.where(id: raw_params[:ids].split(","))
                  else
                    Spree::Taxon.ransack(raw_params[:q]).result
@@ -18,23 +16,9 @@ module Api
        render json: @taxons, each_serializer: Api::TaxonSerializer
      end

-      def jstree
-        @taxon = taxon
-        render json: @taxon.children, each_serializer: Api::TaxonJstreeSerializer
-      end
-
      def create
        authorize! :create, Spree::Taxon
        @taxon = Spree::Taxon.new(taxon_params)
-        @taxon.taxonomy_id = params[:taxonomy_id]
-        taxonomy = Spree::Taxonomy.find_by(id: params[:taxonomy_id])
-
-        if taxonomy.nil?
-          @taxon.errors.add(:taxonomy_id, I18n.t(:invalid_taxonomy_id, scope: 'spree.api'))
-          invalid_resource!(@taxon) && return
-        end
-
-        @taxon.parent_id = taxonomy.root.id unless params.dig(:taxon, :parent_id)

        if @taxon.save
          render json: @taxon, serializer: Api::TaxonSerializer, status: :created
@@ -55,25 +39,19 @@ module Api
      def destroy
        authorize! :delete, Spree::Taxon
        taxon.destroy
-        render json: taxon, serializer: Api::TaxonSerializer, status: :no_content
+        head :no_content
      end

      private

-      def taxonomy
-        return if params[:taxonomy_id].blank?
-
-        @taxonomy ||= Spree::Taxonomy.find(params[:taxonomy_id])
-      end
-
      def taxon
-        @taxon ||= taxonomy.taxons.find(params[:id])
+        @taxon = Spree::Taxon.find(params[:id])
      end

      def taxon_params
        return if params[:taxon].blank?

-        params.require(:taxon).permit([:name, :parent_id, :position])
+        params.require(:taxon).permit([:name, :position])
      end
    end
  end
--- a/app/controllers/api/v0/variants_controller.rb
+++ b/app/controllers/api/v0/variants_controller.rb
@@ -44,7 +44,7 @@ module Api
        authorize! :delete, @variant

        VariantDeleter.new.delete(@variant)
-        render json: @variant, serializer: Api::VariantSerializer, status: :no_content
+        head :no_content
      end

      private
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -28,7 +28,6 @@ class ApplicationController < ActionController::Base
  helper 'injection'
  helper 'markdown'
  helper 'footer_links'
-  helper 'discourse'
  helper 'checkout'
  helper 'link'
  helper 'terms_and_conditions'
@@ -61,7 +60,7 @@ class ApplicationController < ActionController::Base
    rescue StandardError
      'unknown'
    end}")
-    super(options, response_status)
+    super
  end

  def set_checkout_redirect
--- a/app/controllers/discourse_sso_controller.rb
+++ b/app/controllers/discourse_sso_controller.rb
@@ -1,52 +0,0 @@
-# frozen_string_literal: true
-
-require 'discourse/single_sign_on'
-
-class DiscourseSsoController < ApplicationController
-  include SharedHelper
-  include DiscourseHelper
-
-  before_action :require_config
-
-  def login
-    if require_activation?
-      redirect_to discourse_url
-    else
-      redirect_to discourse_login_url
-    end
-  end
-
-  def sso
-    if spree_current_user
-      begin
-        redirect_to sso_url
-      rescue TypeError
-        render plain: "Bad SingleSignOn request.", status: :bad_request
-      end
-    else
-      redirect_to login_path
-    end
-  end
-
-  private
-
-  def sso_url
-    secret = discourse_sso_secret!
-    sso = Discourse::SingleSignOn.parse(request.query_string, secret)
-    sso.email = spree_current_user.email
-    sso.username = spree_current_user.login
-    sso.external_id = spree_current_user.id
-    sso.sso_secret = secret
-    sso.admin = admin_user?
-    sso.require_activation = require_activation?
-    sso.to_url(discourse_sso_url)
-  end
-
-  def require_config
-    raise ActionController::RoutingError, 'Not Found' unless discourse_configured?
-  end
-
-  def require_activation?
-    !admin_user? && !spree_current_user.confirmed?
-  end
-end
--- a/app/controllers/spree/admin/base_controller.rb
+++ b/app/controllers/spree/admin/base_controller.rb
@@ -19,15 +19,18 @@ module Spree

      before_action :authorize_admin
      before_action :set_locale
-      before_action :warn_invalid_order_cycles, if: :html_request?
+      before_action :warn_invalid_order_cycles, if: :page_load_request?

      # Warn the user when they have an active order cycle with hubs that are not ready
      # for checkout (ie. does not have valid shipping and payment methods).
      def warn_invalid_order_cycles
-        return if flash[:notice].present?
+        return if flash[:notice].present? || session[:displayed_order_cycle_warning]

        warning = OrderCycles::WarningService.new(spree_current_user).call
-        flash[:notice] = warning if warning.present?
+        return if warning.blank?
+
+        flash.now[:notice] = warning
+        session[:displayed_order_cycle_warning] = true
      end

      protected
@@ -81,6 +84,12 @@ module Spree

      private

+      def page_load_request?
+        return false if request.format.include?('turbo')
+
+        html_request?
+      end
+
      def html_request?
        request.format.html?
      end
--- a/app/controllers/spree/admin/images_controller.rb
+++ b/app/controllers/spree/admin/images_controller.rb
@@ -3,6 +3,8 @@
 module Spree
  module Admin
    class ImagesController < ::Admin::ResourceController
+      helper ::Admin::ProductsHelper
+
      # This will make resource controller redirect correctly after deleting product images.
      # This can be removed after upgrading to Spree 2.1.
      # See here https://github.com/spree/spree/commit/334a011d2b8e16355e4ae77ae07cd93f7cbc8fd1
@@ -17,7 +19,10 @@ module Spree
      def new
        @url_filters = ::ProductFilters.new.extract(request.query_parameters)

-        render layout: !request.xhr?
+        respond_with do |format|
+          format.turbo_stream { render :edit }
+          format.all { render layout: !request.xhr? }
+        end
      end

      def edit
@@ -32,13 +37,14 @@ module Spree

        if @object.save
          flash[:success] = flash_message_for(@object, :successfully_created)
-          redirect_to location_after_save
+
+          respond_to do |format|
+            format.html { redirect_to location_after_save }
+            format.turbo_stream { render :update }
+          end
        else
-          respond_with(@object)
+          respond_with_error(@object.errors)
        end
-      rescue ActiveStorage::IntegrityError
-        @object.errors.add :attachment, :integrity_error
-        respond_with(@object)
      end

      def update
@@ -47,13 +53,14 @@ module Spree

        if @object.update(permitted_resource_params)
          flash[:success] = flash_message_for(@object, :successfully_updated)
-          redirect_to location_after_save
+
+          respond_to do |format|
+            format.html { redirect_to location_after_save }
+            format.turbo_stream
+          end
        else
-          respond_with(@object)
+          respond_with_error(@object.errors)
        end
-      rescue ActiveStorage::IntegrityError
-        @object.errors.add :attachment, :integrity_error
-        respond_with(@object)
      end

      def destroy
@@ -103,6 +110,14 @@ module Spree
          :attachment, :viewable_id, :alt
        )
      end
+
+      def respond_with_error(errors)
+        @errors = errors.map(&:full_message)
+        respond_to do |format|
+          format.html { respond_with(@object) }
+          format.turbo_stream { render :edit }
+        end
+      end
    end
  end
 end
--- a/app/controllers/spree/admin/invoices_controller.rb
+++ b/app/controllers/spree/admin/invoices_controller.rb
@@ -15,12 +15,19 @@ module Spree
        invoice_pdf = filepath(invoice_id)

        send_file(invoice_pdf, type: 'application/pdf', disposition: :inline)
+      rescue ActionController::MissingFile
+        render "errors/not_found", status: :not_found, formats: :html
      end

      def generate
        @order = Order.find_by(number: params[:order_id])
-        authorize! :invoice, @order
-        ::Orders::GenerateInvoiceService.new(@order).generate_or_update_latest_invoice
+        if @order.distributor.can_invoice?
+          authorize! :invoice, @order
+          ::Orders::GenerateInvoiceService.new(@order).generate_or_update_latest_invoice
+        else
+          flash[:error] = t(:must_have_valid_business_number,
+                            enterprise_name: @order.distributor.name)
+        end
        redirect_back(fallback_location: spree.admin_dashboard_path)
      end

--- a/app/controllers/spree/admin/product_properties_controller.rb
+++ b/app/controllers/spree/admin/product_properties_controller.rb
@@ -8,6 +8,7 @@ module Spree
      before_action :setup_property, only: [:index]

      def index
+        @supplier = @product.variants.first.supplier
        @url_filters = ::ProductFilters.new.extract(request.query_parameters)
      end

--- a/app/controllers/spree/admin/products_controller.rb
+++ b/app/controllers/spree/admin/products_controller.rb
@@ -10,8 +10,10 @@ module Spree
      include OpenFoodNetwork::SpreeApiKeyLoader
      include OrderCyclesHelper
      include EnterprisesHelper
+      helper ::Admin::ProductsHelper

      before_action :load_data
+      before_action :load_producers, only: [:index, :new]
      before_action :load_form_data, only: [:index, :new, :create, :edit, :update]
      before_action :load_spree_api_key, only: [:index, :variant_overrides]
      before_action :strip_new_properties, only: [:create, :update]
@@ -41,6 +43,7 @@ module Spree
            flash[:success] = flash_message_for(@object, :successfully_created)
            redirect_after_save
          else
+            load_producers
            # Re-fill the form with deleted params on product
            @on_hand = request.params[:product][:on_hand]
            @on_demand = request.params[:product][:on_demand]
@@ -52,14 +55,9 @@ module Spree
      def update
        @url_filters = ::ProductFilters.new.extract(request.query_parameters)

-        original_supplier_id = @product.supplier_id
        delete_stock_params_and_set_after do
          params[:product] ||= {} if params[:clear_product_properties]
          if @object.update(permitted_resource_params)
-            if original_supplier_id != @product.supplier_id
-              ExchangeVariantDeleter.new.delete(@product)
-            end
-
            flash[:success] = flash_message_for(@object, :successfully_updated)
          end
          redirect_to spree.edit_admin_product_url(@object, @url_filters)
@@ -157,12 +155,15 @@ module Spree
      end

      def load_form_data
-        @producers = OpenFoodNetwork::Permissions.new(spree_current_user).
-          managed_product_enterprises.is_primary_producer.by_name
        @taxons = Spree::Taxon.order(:name)
        @import_dates = product_import_dates.uniq.to_json
      end

+      def load_producers
+        @producers = OpenFoodNetwork::Permissions.new(spree_current_user).
+          managed_product_enterprises.is_primary_producer.by_name
+      end
+
      def product_import_dates
        options = [{ id: '0', name: '' }]
        product_import_dates_query.collect(&:import_date).
@@ -173,12 +174,10 @@ module Spree

      def product_import_dates_query
        Spree::Variant.
-          select('DISTINCT spree_variants.import_date').
-          joins(:product).
-          where('spree_products.supplier_id IN (?)', editable_enterprises.collect(&:id)).
+          select('import_date').distinct.
+          where(supplier_id: editable_enterprises.collect(&:id)).
          where.not(spree_variants: { import_date: nil }).
-          where(spree_variants: { deleted_at: nil }).
-          order('spree_variants.import_date DESC')
+          order('import_date DESC')
      end

      def strip_new_properties
--- a/app/controllers/spree/admin/taxonomies_controller.rb
+++ b/app/controllers/spree/admin/taxonomies_controller.rb
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module Spree
-  module Admin
-    class TaxonomiesController < ::Admin::ResourceController
-      respond_to :json, only: [:get_children]
-
-      def get_children
-        @taxons = Taxon.find(params[:parent_id]).children
-      end
-
-      private
-
-      def location_after_save
-        if @taxonomy.created_at == @taxonomy.updated_at
-          spree.edit_admin_taxonomy_url(@taxonomy)
-        else
-          spree.admin_taxonomies_url
-        end
-      end
-
-      def permitted_resource_params
-        params.require(:taxonomy).permit(:name)
-      end
-    end
-  end
-end
--- a/app/controllers/spree/admin/taxons_controller.rb
+++ b/app/controllers/spree/admin/taxons_controller.rb
@@ -2,122 +2,70 @@

 module Spree
  module Admin
-    class TaxonsController < Spree::Admin::BaseController
-      respond_to :html, :json, :js
+    class TaxonsController < ::Admin::ResourceController
+      before_action :set_taxon, except: %i[create index new]

-      def edit
-        @taxonomy = Taxonomy.find(params[:taxonomy_id])
-        @taxon = @taxonomy.taxons.find(params[:id])
-        @permalink_part = @taxon.permalink.split("/").last
+      def index
+        @taxons = Taxon.order(:name)
      end

+      def new
+        @taxon = Taxon.new
+      end
+
+      def edit; end
+
      def create
-        @taxonomy = Taxonomy.find(params[:taxonomy_id])
-        @taxon = @taxonomy.taxons.build(params[:taxon])
+        @taxon = Spree::Taxon.new(taxon_params)
        if @taxon.save
-          respond_with(@taxon) do |format|
-            format.json { render json: @taxon.to_json }
-          end
+          flash[:success] = flash_message_for(@taxon, :successfully_created)
+          redirect_to edit_admin_taxon_path(@taxon.id)
        else
-          flash[:error] = Spree.t('errors.messages.could_not_create_taxon')
-          respond_with(@taxon) do |format|
-            format.html do
-              if redirect_to @taxonomy
-                spree.edit_admin_taxonomy_url(@taxonomy)
-              else
-                spree.admin_taxonomies_url
-              end
-            end
-          end
+          render :new, status: :unprocessable_entity
        end
      end

      def update
-        @taxonomy = Taxonomy.find(params[:taxonomy_id])
-        @taxon = @taxonomy.taxons.find(params[:id])
-        parent_id = params[:taxon][:parent_id]
-        new_position = params[:taxon][:position]
-
-        if parent_id || new_position # taxon is being moved
-          new_parent = parent_id.nil? ? @taxon.parent : Taxon.find(parent_id.to_i)
-          new_position = new_position.nil? ? -1 : new_position.to_i
-
-          # Bellow is a very complicated way of finding where in nested set we
-          # should actually move the taxon to achieve sane results,
-          # JS is giving us the desired position, which was awesome for previous setup,
-          # but now it's quite complicated to find where we should put it as we have
-          # to differenciate between moving to the same branch, up down and into
-          # first position.
-          new_siblings = new_parent.children
-          if new_position <= 0 && new_siblings.empty?
-            @taxon.move_to_child_of(new_parent)
-          elsif new_parent.id != @taxon.parent_id
-            if new_position.zero?
-              @taxon.move_to_left_of(new_siblings.first)
-            else
-              @taxon.move_to_right_of(new_siblings[new_position - 1])
-            end
-          elsif new_position < new_siblings.index(@taxon)
-            @taxon.move_to_left_of(new_siblings[new_position]) # we move up
-          else
-            @taxon.move_to_right_of(new_siblings[new_position - 1]) # we move down
-          end
-          # Reset legacy position, if any extensions still rely on it
-          new_parent.children.reload.each do |t|
-            t.update_columns(
-              position: t.position,
-              updated_at: Time.zone.now
-            )
-          end
-
-          if parent_id
-            @taxon.reload
-            @taxon.set_permalink
-            @taxon.save!
-            @update_children = true
-          end
-        end
-
-        if params.key? "permalink_part"
-          parent_permalink = @taxon.permalink.split("/")[0...-1].join("/")
-          parent_permalink += "/" if parent_permalink.present?
-          params[:taxon][:permalink] = parent_permalink + params[:permalink_part]
-        end
-        # check if we need to rename child taxons if parent name or permalink changes
-        if params[:taxon][:name] != @taxon.name || params[:taxon][:permalink] != @taxon.permalink
-          @update_children = true
-        end
-
        if @taxon.update(taxon_params)
          flash[:success] = flash_message_for(@taxon, :successfully_updated)
-        end
-
-        # rename child taxons
-        if @update_children
-          @taxon.descendants.each do |taxon|
-            taxon.reload
-            taxon.set_permalink
-            taxon.save!
-          end
-        end
-
-        respond_with(@taxon) do |format|
-          format.html { redirect_to spree.edit_admin_taxonomy_url(@taxonomy) }
-          format.json { render json: @taxon.to_json }
+          redirect_to edit_admin_taxon_path(@taxon.id)
+        else
+          render :edit, status: :unprocessable_entity
        end
      end

      def destroy
-        @taxon = Taxon.find(params[:id])
-        @taxon.destroy
-        respond_with(@taxon) { |format| format.json { render json: '' } }
+        status = if @taxon.destroy
+                   flash_message = t('.delete_taxon.success')
+                   status = :ok
+                 else
+                   flash_message = t('.delete_taxon.error')
+                   status = :unprocessable_entity
+                 end
+
+        respond_to do |format|
+          format.html {
+            flash[:success] = flash_message if status == :ok
+            flash[:error] = flash_message if status == :unprocessable_entity
+            redirect_to admin_taxons_path
+          }
+          format.turbo_stream {
+            flash[:success] = flash_message if status == :ok
+            flash[:error] = flash_message if status == :unprocessable_entity
+            render :destroy_taxon, status:
+          }
+        end
      end

      private

+      def set_taxon
+        @taxon = Taxon.find(params[:id])
+      end
+
      def taxon_params
        params.require(:taxon).permit(
-          :name, :parent_id, :position, :icon, :description, :permalink, :taxonomy_id,
+          :name, :position, :icon, :description, :permalink,
          :meta_description, :meta_keywords, :meta_title, :dfc_id
        )
      end
--- a/app/controllers/spree/admin/variants_controller.rb
+++ b/app/controllers/spree/admin/variants_controller.rb
@@ -46,7 +46,13 @@ module Spree
      def update
        @url_filters = ::ProductFilters.new.extract(request.query_parameters)

+        original_supplier_id = @object.supplier_id
+
        if @object.update(permitted_resource_params)
+          if original_supplier_id != @object.supplier_id
+            ExchangeVariantDeleter.new.delete(@object)
+          end
+
          flash[:success] = flash_message_for(@object, :successfully_updated)
          redirect_to spree.admin_product_variants_url(params[:product_id], @url_filters)
        else
@@ -113,6 +119,8 @@ module Spree
      private

      def load_data
+        @producers = OpenFoodNetwork::Permissions.new(spree_current_user).
+          managed_product_enterprises.is_primary_producer.by_name
        @tax_categories = TaxCategory.order(:name)
        @shipping_categories = ShippingCategory.order(:name)
      end
--- a/app/controllers/spree/orders_controller.rb
+++ b/app/controllers/spree/orders_controller.rb
@@ -60,7 +60,7 @@ module Spree
      @insufficient_stock_lines = []
      @order = order_to_update
      unless @order
-        flash[:error] = t(:order_not_found)
+        flash[:error] = t(:order_not_updated)
        redirect_to(main_app.root_path) && return
      end

@@ -82,7 +82,7 @@ module Spree
          format.html do
            if params.key?(:checkout)
              @order.next_transition.run_callbacks if @order.cart?
-              redirect_to main_app.checkout_step_path(@order.checkout_steps.first)
+              redirect_to main_app.checkout_step_path("address")
            elsif @order.complete?
              redirect_to main_app.order_path(@order)
            else
--- a/app/controllers/spree/users_controller.rb
+++ b/app/controllers/spree/users_controller.rb
@@ -47,14 +47,8 @@ module Spree
      @user = Spree::User.new(user_params)

      if @user.save
-        render cable_ready: cable_car.inner_html(
-          "#signup-feedback",
-          partial("layouts/alert",
-                  locals: {
-                    type: "success",
-                    message: t('devise.user_registrations.spree_user.signed_up_but_unconfirmed')
-                  })
-        )
+        flash[:success] = t('devise.user_registrations.spree_user.signed_up_but_unconfirmed')
+        render cable_ready: cable_car.redirect_to(url: main_app.root_path)
      else
        render status: :unprocessable_entity, cable_ready: cable_car.morph(
          "#signup-tab",
--- a/app/helpers/admin/enterprises_helper.rb
+++ b/app/helpers/admin/enterprises_helper.rb
@@ -14,6 +14,10 @@ module Admin
      producers.size == 1 ? producers.first.id : nil
    end

+    def managed_by_user?(enterprise)
+      enterprise.in?(spree_current_user.enterprises)
+    end
+
    def enterprise_side_menu_items(enterprise)
      is_shop = enterprise.sells != "none"
      show_properties = !!enterprise.is_primary_producer
@@ -22,7 +26,8 @@ module Admin
      show_enterprise_fees = can?(:manage_enterprise_fees,
                                  enterprise) && (is_shop || enterprise.is_primary_producer)
      show_connected_apps = can?(:manage_connected_apps, enterprise) &&
-                            feature?(:connected_apps, spree_current_user, enterprise)
+                            feature?(:connected_apps, spree_current_user, enterprise) &&
+                            Spree::Config.connected_apps_enabled.present?

      build_enterprise_side_menu_items(
        is_shop:,
@@ -34,6 +39,11 @@ module Admin
      )
    end

+    def connected_apps_enabled
+      connected_apps_enabled = Spree::Config.connected_apps_enabled&.split(',') || []
+      ConnectedApp::TYPES & connected_apps_enabled
+    end
+
    private

    def build_enterprise_side_menu_items(
@@ -62,8 +72,8 @@ module Admin
        { name: 'inventory_settings', icon_class: "icon-list-ol", show: is_shop },
        { name: 'tag_rules', icon_class: "icon-random", show: is_shop },
        { name: 'shop_preferences', icon_class: "icon-shopping-cart", show: is_shop },
-        { name: 'users', icon_class: "icon-user", show: true },
        { name: 'white_label', icon_class: "icon-leaf", show: true },
+        { name: 'users', icon_class: "icon-user", show: true },
        { name: 'connected_apps', icon_class: "icon-puzzle-piece", show: show_connected_apps },
      ]
    end
--- a/app/helpers/admin/injection_helper.rb
+++ b/app/helpers/admin/injection_helper.rb
@@ -162,7 +162,7 @@ module Admin
    def admin_inject_available_units
      admin_inject_json "admin.products",
                        "availableUnits",
-                        Spree::Config.available_units
+                        CurrentConfig.get(:available_units)
    end

    def admin_inject_json(ng_module, name, data)
--- a/app/helpers/admin/orders_helper.rb
+++ b/app/helpers/admin/orders_helper.rb
@@ -11,9 +11,25 @@ module Admin
    def order_adjustments_for_display(order)
      order.adjustments +
        voucher_included_tax_representations(order) +
+        additional_tax_total_representation(order) +
        order.all_adjustments.payment_fee.eligible
    end

+    def additional_tax_total_representation(order)
+      adjustment = Spree::Adjustment.additional.tax.where(
+        order_id: order.id, adjustable_type: 'Spree::Adjustment'
+      ).sum(:amount)
+
+      return [] unless adjustment != 0
+
+      [
+        AdjustmentData.new(
+          I18n.t("admin.orders.edit.tax_on_fees"),
+          adjustment
+        )
+      ]
+    end
+
    def voucher_included_tax_representations(order)
      return [] unless VoucherAdjustmentsService.new(order).voucher_included_tax.negative?

--- a/app/helpers/admin/products_helper.rb
+++ b/app/helpers/admin/products_helper.rb
@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Admin
+  module ProductsHelper
+    def product_image_form_path(product)
+      if product.image.present?
+        edit_admin_product_image_path(product.id, product.image.id)
+      else
+        new_admin_product_image_path(product.id)
+      end
+    end
+
+    def prepare_new_variant(product)
+      product.variants.build
+    end
+
+    def unit_value_with_description(variant)
+      precised_unit_value = nil
+
+      if variant.unit_value
+        scaled_unit_value = variant.unit_value / (variant.product.variant_unit_scale || 1)
+        precised_unit_value = number_with_precision(
+          scaled_unit_value,
+          precision: nil,
+          strip_insignificant_zeros: true,
+          significant: false,
+        )
+      end
+
+      [precised_unit_value, variant.unit_description].compact_blank.join(" ")
+    end
+
+    def products_return_to_url(url_filters)
+      if feature?(:admin_style_v3, spree_current_user)
+        return session[:products_return_to_url] || admin_products_url
+      end
+
+      "#{admin_products_path}#{url_filters.empty? ? '' : "#?#{url_filters.to_query}"}"
+    end
+  end
+end
--- a/app/helpers/bulk_form_builder.rb
+++ b/app/helpers/bulk_form_builder.rb
@@ -8,6 +8,6 @@ class BulkFormBuilder < ActionView::Helpers::FormBuilder
      opts[:class] = "#{opts[:class]} changed".strip
    end

-    super(field, **opts)
+    super
  end
 end
--- a/app/helpers/discourse_helper.rb
+++ b/app/helpers/discourse_helper.rb
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module DiscourseHelper
-  def discourse_configured?
-    discourse_url.present?
-  end
-
-  def discourse_url
-    ENV.fetch('DISCOURSE_URL', nil)
-  end
-
-  def discourse_login_url
-    discourse_url + '/login'
-  end
-
-  def discourse_sso_url
-    discourse_url + '/session/sso_login'
-  end
-
-  def discourse_url!
-    discourse_url || raise('Missing Discourse URL')
-  end
-
-  def discourse_sso_secret!
-    ENV['DISCOURSE_SSO_SECRET'] || raise('Missing SSO secret')
-  end
-end
--- a/app/helpers/enterprises_helper.rb
+++ b/app/helpers/enterprises_helper.rb
@@ -31,7 +31,7 @@ module EnterprisesHelper

  def enterprises_options(enterprises)
    enterprises.map { |enterprise|
-      [enterprise.name + ": " + enterprise.address.address1 + ", " + enterprise.address.city,
+      ["#{enterprise.name}: #{enterprise.address.address1}, #{enterprise.address.city}",
       enterprise.id.to_i]
    }
  end
--- a/app/helpers/i18n_helper.rb
+++ b/app/helpers/i18n_helper.rb
@@ -2,7 +2,7 @@

 module I18nHelper
  def locale_options
-    OpenFoodNetwork::I18nConfig.available_locales.map do |locale|
+    OpenFoodNetwork::I18nConfig.selectable_locales.map do |locale|
      [t('language_name', locale:), locale]
    end
  end
--- a/app/helpers/injection_helper.rb
+++ b/app/helpers/injection_helper.rb
@@ -154,7 +154,6 @@ module InjectionHelper
  end

  def enterprise_injection_data
-    @enterprise_injection_data ||= OpenFoodNetwork::EnterpriseInjectionData.new
-    { data: @enterprise_injection_data }
+    @enterprise_injection_data ||= { data: OpenFoodNetwork::EnterpriseInjectionData.new }
  end
 end
--- a/app/helpers/mailer_helper.rb
+++ b/app/helpers/mailer_helper.rb
@@ -10,4 +10,8 @@ module MailerHelper
      link_to ofn, "https://www.openfoodnetwork.org"
    end
  end
+
+  def order_reply_email(order)
+    order.distributor.email_address.presence || order.distributor.contact.email
+  end
 end
--- a/app/helpers/map_helper.rb
+++ b/app/helpers/map_helper.rb
@@ -2,7 +2,9 @@

 module MapHelper
  def using_google_maps?
-    ENV["GOOGLE_MAPS_API_KEY"].present? || google_maps_configured_with_geocoder_api_key?
+    !ContentConfig.open_street_map_enabled && (
+      ENV["GOOGLE_MAPS_API_KEY"].present? || google_maps_configured_with_geocoder_api_key?
+    )
  end

  private
--- a/app/helpers/shared_helper.rb
+++ b/app/helpers/shared_helper.rb
@@ -1,16 +1,6 @@
 # frozen_string_literal: true

 module SharedHelper
-  def distributor_link_class(distributor)
-    cart = current_order(true)
-    @active_distributors ||= Enterprise.distributors_with_active_order_cycles
-
-    klass = "shop-distributor"
-    klass += " empties-cart" unless cart.line_items.empty? || cart.distributor == distributor
-    klass += @active_distributors.include?(distributor) ? ' active' : ' inactive'
-    klass
-  end
-
  def enterprise_user?
    spree_current_user&.enterprises&.count.to_i > 0
  end
--- a/app/helpers/spree/admin/base_helper.rb
+++ b/app/helpers/spree/admin/base_helper.rb
@@ -33,8 +33,6 @@ module Spree
        when :boolean
          hidden_field_tag(name, 0) +
            check_box_tag(name, 1, value, preference_field_options(options))
-        when :string
-          text_field_tag(name, value, preference_field_options(options))
        when :password
          password_field_tag(name, value, preference_field_options(options))
        when :text
@@ -88,8 +86,6 @@ module Spree
            { size: 10, class: 'input_integer', step: :any }
          when :boolean
            {}
-          when :string
-            { size: 10, class: 'input_string fullwidth' }
          when :password
            { size: 10, class: 'password_string fullwidth' }
          when :text
@@ -112,7 +108,7 @@ module Spree

        object.preferences.keys.map { |key|
          preference_label = form.label("preferred_#{key}",
-                                        Spree.t(key.to_s.gsub("_from_list", "")) + ": ")
+                                        "#{Spree.t(key.to_s.gsub('_from_list', ''))}: ")
          preference_field = preference_field_for(
            form,
            "preferred_#{key}",
@@ -124,7 +120,7 @@ module Spree

      def link_to_add_fields(name, target, options = {})
        name = '' if options[:no_text]
-        css_classes = options[:class] ? options[:class] + " spree_add_fields" : "spree_add_fields"
+        css_classes = options[:class] ? "#{options[:class]} spree_add_fields" : "spree_add_fields"
        link_to_with_icon('icon-plus',
                          name,
                          'javascript:',
--- a/app/helpers/spree/admin/orders_helper.rb
+++ b/app/helpers/spree/admin/orders_helper.rb
@@ -3,20 +3,20 @@
 module Spree
  module Admin
    module OrdersHelper
-      def event_links
+      def event_links(order)
        links = []
-        links << cancel_event_link if @order.can_cancel?
-        links << resume_event_link if @order.can_resume?
+        links << cancel_event_link(order) if order.can_cancel?
+        links << resume_event_link(order) if order.can_resume?
        links.join('&nbsp;').html_safe # rubocop:disable Rails/OutputSafety
      end

      def generate_invoice_button(order)
        if order.distributor.can_invoice?
-          button_link_to t(:create_or_update_invoice), generate_admin_order_invoices_path(@order),
+          button_link_to t(:create_or_update_invoice), generate_admin_order_invoices_path(order),
                         data: { method: 'post' }, icon: 'icon-plus'
        else
          button_link_to t(:create_or_update_invoice), "#", data: {
-            confirm: t(:must_have_valid_business_number, enterprise_name: @order.distributor.name)
+            confirm: t(:must_have_valid_business_number, enterprise_name: order.distributor.name)
          }, icon: 'icon-plus'
        end
      end
@@ -26,82 +26,85 @@ module Spree
      end

      def order_links(order)
-        @order ||= order
        links = []
-        links << edit_order_link unless action_name == "edit"
-        links.concat(complete_order_links) if @order.complete? || @order.resumed?
-        links << ship_order_link if @order.ready_to_ship?
-        links << cancel_order_link if @order.can_cancel?
+        links << edit_order_link(order) unless action_name == "edit"
+        links.concat(complete_order_links(order)) if order.complete? || order.resumed?
+        links << ship_order_link if order.ready_to_ship?
+        links << cancel_order_link(order) if order.can_cancel?
        links
      end

+      def order_shipment_ready?(order)
+        order.ready_to_ship?
+      end
+
      private

-      def complete_order_links
-        [resend_confirmation_link] + invoice_links
+      def complete_order_links(order)
+        [resend_confirmation_link(order)] + invoice_links(order)
      end

-      def invoice_links
+      def invoice_links(order)
        return [] unless Spree::Config[:enable_invoices?]

-        [send_invoice_link, print_invoice_link]
+        [send_invoice_link(order), print_invoice_link(order)]
      end

-      def send_invoice_link
-        if @order.distributor.can_invoice?
-          send_invoice_link_with_url
+      def send_invoice_link(order)
+        if order.distributor.can_invoice?
+          send_invoice_link_with_url(order)
        else
-          send_invoice_link_without_url
+          send_invoice_link_without_url(order)
        end
      end

-      def print_invoice_link
-        if @order.distributor.can_invoice?
-          print_invoice_link_with_url
+      def print_invoice_link(order)
+        if order.distributor.can_invoice?
+          print_invoice_link_with_url(order)
        else
-          notify_about_required_enterprise_number
+          notify_about_required_enterprise_number(order)
        end
      end

-      def edit_order_link
+      def edit_order_link(order)
        { name: t(:edit_order),
-          url: spree.edit_admin_order_path(@order),
+          url: spree.edit_admin_order_path(order),
          icon: 'icon-edit' }
      end

-      def resend_confirmation_link
+      def resend_confirmation_link(order)
        { name: t(:resend_confirmation),
-          url: spree.resend_admin_order_path(@order),
+          url: spree.resend_admin_order_path(order),
          icon: 'icon-email',
          confirm: t(:confirm_resend_order_confirmation) }
      end

-      def send_invoice_link_with_url
+      def send_invoice_link_with_url(order)
        { name: t(:send_invoice),
-          url: invoice_admin_order_path(@order),
+          url: invoice_admin_order_path(order),
          icon: 'icon-email',
          confirm: t(:confirm_send_invoice) }
      end

-      def send_invoice_link_without_url
+      def send_invoice_link_without_url(order)
        { name: t(:send_invoice),
          url: "#",
          icon: 'icon-email',
-          confirm: t(:must_have_valid_business_number, enterprise_name: @order.distributor.name) }
+          confirm: t(:must_have_valid_business_number, enterprise_name: order.distributor.name) }
      end

-      def print_invoice_link_with_url
+      def print_invoice_link_with_url(order)
        { name: t(:print_invoice),
-          url: spree.print_admin_order_path(@order),
+          url: spree.print_admin_order_path(order),
          icon: 'icon-print',
          target: "_blank" }
      end

-      def notify_about_required_enterprise_number
+      def notify_about_required_enterprise_number(order)
        { name: t(:print_invoice),
          url: "#",
          icon: 'icon-print',
-          confirm: t(:must_have_valid_business_number, enterprise_name: @order.distributor.name) }
+          confirm: t(:must_have_valid_business_number, enterprise_name: order.distributor.name) }
      end

      def ship_order_link
@@ -110,24 +113,24 @@ module Spree
          icon: 'icon-truck' }
      end

-      def cancel_order_link
+      def cancel_order_link(order)
        { name: t(:cancel_order),
-          url: spree.fire_admin_order_path(@order.number, e: 'cancel'),
+          url: spree.fire_admin_order_path(order.number, e: 'cancel'),
          icon: 'icon-trash' }
      end

-      def cancel_event_link
+      def cancel_event_link(order)
        event_label = I18n.t("cancel", scope: "actions")
        button_link_to(event_label,
-                       fire_admin_order_url(@order, e: "cancel"),
+                       fire_admin_order_url(order, e: "cancel"),
                       method: :put, icon: "icon-cancel", form_id: "cancel_order_form")
      end

-      def resume_event_link
+      def resume_event_link(order)
        event_label = I18n.t("resume", scope: "actions")
        confirm_message = I18n.t("admin.orders.edit.order_sure_want_to", event: event_label)
        button_link_to(event_label,
-                       fire_admin_order_url(@order, e: "resume"),
+                       fire_admin_order_url(order, e: "resume"),
                       method: :put, icon: "icon-resume",
                       data: { confirm: confirm_message })
      end
--- a/app/helpers/spree/admin/taxons_helper.rb
+++ b/app/helpers/spree/admin/taxons_helper.rb
@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-module Spree
-  module Admin
-    module TaxonsHelper
-      def taxon_path(taxon)
-        taxon.ancestors.reverse.collect(&:name).join( " >> ")
-      end
-    end
-  end
-end
--- a/app/helpers/spree/orders_helper.rb
+++ b/app/helpers/spree/orders_helper.rb
@@ -17,17 +17,18 @@ module Spree

    def changeable_orders
      # Only returns open order for the current user + shop + oc combo
-      return @changeable_orders unless @changeable_orders.nil?
-      return @changeable_orders = [] unless spree_current_user &&
-                                            current_distributor && current_order_cycle
-      return @changeable_orders = [] unless current_distributor.allow_order_changes?
+      @changeable_orders ||= if spree_current_user &&
+                                current_order_cycle && current_distributor&.allow_order_changes?

-      @changeable_orders = Spree::Order.complete.where(
-        state: 'complete',
-        user_id: spree_current_user.id,
-        distributor_id: current_distributor.id,
-        order_cycle_id: current_order_cycle.id
-      )
+                               Spree::Order.complete.where(
+                                 state: 'complete',
+                                 user_id: spree_current_user.id,
+                                 distributor_id: current_distributor.id,
+                                 order_cycle_id: current_order_cycle.id
+                               )
+                             else
+                               []
+                             end
    end

    def changeable_orders_link_path
--- a/app/jobs/bulk_invoice_job.rb
+++ b/app/jobs/bulk_invoice_job.rb
@@ -7,9 +7,10 @@ class BulkInvoiceJob < ApplicationJob

  def perform(order_ids, filepath, options = {})
    @options = options
-    orders = sorted_orders(order_ids)
-    orders.filter!(&:invoiceable?) if OpenFoodNetwork::FeatureToggle.enabled?(:invoices,
-                                                                              current_user)
+
+    # The `find` method returns records in the same order as the given ids.
+    orders = Spree::Order.find(order_ids)
+
    orders.each(&method(:generate_invoice))

    ensure_directory_exists filepath
@@ -21,12 +22,6 @@ class BulkInvoiceJob < ApplicationJob

  private

-  # Ensures the records are returned in the same order the ids were originally given in
-  def sorted_orders(order_ids)
-    orders_by_id = Spree::Order.where(id: order_ids).to_a.index_by(&:id)
-    order_ids.map { |id| orders_by_id[id.to_i] }
-  end
-
  def renderer
    @renderer ||= InvoiceRenderer.new
  end
--- a/app/jobs/connect_app_job.rb
+++ b/app/jobs/connect_app_job.rb
@@ -4,7 +4,7 @@ class ConnectAppJob < ApplicationJob
  include CableReady::Broadcaster

  def perform(app, token, channel: nil)
-    url = "https://n8n.openfoodnetwork.org.uk/webhook/regen/connect-enterprise"
+    url = I18n.t("connect_app.url")
    event = "connect-app"
    enterprise = app.enterprise
    payload = {
@@ -17,10 +17,10 @@ class ConnectAppJob < ApplicationJob

    return unless channel

-    selector = "#edit_enterprise_#{enterprise.id} #connected-app-discover-regen"
+    selector = "#connected-app-discover-regen.enterprise_#{enterprise.id}"
    html = ApplicationController.render(
-      partial: "admin/enterprises/form/connected_apps",
-      locals: { enterprise: },
+      partial: "admin/enterprises/form/connected_apps/discover_regen",
+      locals: { enterprise:, connected_app: enterprise.connected_apps.discover_regen.first },
    )

    cable_ready[channel].morph(selector:, html:).broadcast
--- a/app/jobs/report_job.rb
+++ b/app/jobs/report_job.rb
@@ -39,10 +39,14 @@ class ReportJob < ApplicationJob
  end

  def broadcast_result(channel, format, blob)
-    cable_ready[channel].inner_html(
-      selector: "#report-table",
-      html: actioncable_content(format, blob)
-    ).broadcast
+    cable_ready[channel]
+      .inner_html(
+        selector: "#report-go",
+        html: Spree::Admin::BaseController.helpers.button(I18n.t(:go), "report__submit-btn")
+      ).inner_html(
+        selector: "#report-table",
+        html: actioncable_content(format, blob)
+      ).broadcast
  end

  def broadcast_error(channel)
@@ -53,7 +57,14 @@ class ReportJob < ApplicationJob
  end

  def actioncable_content(format, blob)
-    return blob.result if format.to_sym == :html
+    if format.to_sym == :html
+      return blob.result if blob.byte_size < 10**6 # 1 MB
+
+      return render(
+        partial: "admin/reports/display",
+        locals: { file_url: blob.expiring_service_url }
+      )
+    end

    render(partial: "admin/reports/download", locals: { file_url: blob.expiring_service_url })
  end
--- a/app/mailers/producer_mailer.rb
+++ b/app/mailers/producer_mailer.rb
@@ -52,7 +52,7 @@ class ProducerMailer < ApplicationMailer
  def distributors_pickup_times_for(line_items)
    @order_cycle.distributors.
      joins(:distributed_orders).
-      where("spree_orders.id IN (?)", line_items.map(&:order_id).uniq).
+      where(spree_orders: { id: line_items.map(&:order_id).uniq }).
      map do |distributor|
      [distributor.name, @order_cycle.pickup_time_for(distributor)]
    end
@@ -60,11 +60,12 @@ class ProducerMailer < ApplicationMailer

  def line_items_from(order_cycle, producer)
    @line_items ||= Spree::LineItem.
-      includes(variant: [:product]).
+      includes(variant: :product).
+      joins(variant: :product).
      from_order_cycle(order_cycle).
-      sorted_by_name_and_unit_value.
-      merge(Spree::Product.with_deleted.in_supplier(producer)).
-      merge(Spree::Order.by_state(["complete", "resumed"]))
+      merge(Spree::Variant.with_deleted.where(supplier: producer)).
+      merge(Spree::Order.by_state(["complete", "resumed"])).
+      sorted_by_name_and_unit_value
  end

  def total_from_line_items(line_items)
@@ -81,7 +82,7 @@ class ProducerMailer < ApplicationMailer
    line_items.map do |line_item|
      {
        sku: line_item.variant.sku,
-        supplier_name: line_item.product.supplier.name,
+        supplier_name: line_item.variant.supplier.name,
        product_and_full_name: line_item.product_and_full_name,
        quantity: line_item.quantity,
        first_name: line_item.order.billing_address.first_name,
--- a/app/mailers/spree/user_mailer.rb
+++ b/app/mailers/spree/user_mailer.rb
@@ -25,7 +25,7 @@ module Spree
      @user = user
      I18n.with_locale valid_locale(@user) do
        mail(to: user.email,
-             subject: t(:welcome_to) + ' ' + Spree::Config[:site_name])
+             subject: "#{t(:welcome_to)} #{Spree::Config[:site_name]}")
      end
    end

--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`= f.select name, options_for_select(options, selected_option), { include_blank: }, class: classes, data:, 'aria-label': aria_label`