Bump bigdecimal from 3.3.1 to 4.0.1

Bumps [bigdecimal](https://github.com/ruby/bigdecimal) from 3.3.1 to 4.0.1.
- [Release notes](https://github.com/ruby/bigdecimal/releases)
- [Changelog](https://github.com/ruby/bigdecimal/blob/master/CHANGES.md)
- [Commits](https://github.com/ruby/bigdecimal/compare/v3.3.1...v4.0.1)

---
updated-dependencies:
- dependency-name: bigdecimal
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.browserslistrc

@@ -1,2 +0,0 @@
-defaults
-IE 11

.gitattributes

@@ -8,4 +8,3 @@
 # Same thing for following files, but they don't have an sh extension
 pre-commit eol=lf
 webpack-dev-server eol=lf
-install-bundler eol=lf

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,4 +1,4 @@
-#### What? Why?
+## What? Why?
 
 - Closes # <!-- Insert issue number here. -->
 
@@ -7,7 +7,7 @@
 
 
 
-#### What should we test?
+## What should we test?
 <!-- List which features should be tested and how.
      This can be similar to the Steps to Reproduce in the issue.
      Also think of other parts of the app which could be affected
@@ -16,7 +16,7 @@
 - Visit ... page.
 - 
 
-#### Release notes
+## Release notes
 
 <!-- Please select one for your PR and delete the other. -->
 
@@ -33,12 +33,12 @@ Changelog Category (reviewers may add a label for the release notes):
 The title of the pull request will be included in the release notes.
 
 
-#### Dependencies
+## Dependencies
 <!-- Does this PR depend on another one?
      Add the link or remove this section. -->
 
 
 
-#### Documentation updates
+## Documentation updates
 <!-- Are there any wiki pages that need updating after merging this PR?
      List them here or remove this section. -->

.github/dependabot.yml

@@ -31,6 +31,8 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    cooldown:
+      default-days: 7
 
     # Only specific requirements are specified in Gemfile, so don't touch it.
     versioning-strategy: lockfile-only
@@ -39,6 +41,8 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    cooldown:
+      default-days: 7
 
     # Only specific requirements are specified in package.json, so don't touch it.
     versioning-strategy: lockfile-only

.github/workflows/build.yml

@@ -46,7 +46,7 @@ jobs:
       - uses: actions/checkout@v3
 
       - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
+        uses: supercharge/redis-github-action@1.8.1
         with:
           redis-version: 6
 
@@ -124,7 +124,7 @@ jobs:
       - uses: actions/checkout@v3
 
       - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
+        uses: supercharge/redis-github-action@1.8.1
         with:
           redis-version: 6
 
@@ -211,7 +211,7 @@ jobs:
       - uses: actions/checkout@v3
 
       - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
+        uses: supercharge/redis-github-action@1.8.1
         with:
           redis-version: 6
 
@@ -290,7 +290,7 @@ jobs:
       - uses: actions/checkout@v3
 
       - name: Setup redis
-        uses: supercharge/redis-github-action@1.4.0
+        uses: supercharge/redis-github-action@1.8.1
         with:
           redis-version: 6
 

.rspec

@@ -1 +1 @@
---require base_spec_helper
+--require spec_helper

.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 1400 --no-auto-gen-timestamp`
-# using RuboCop version 1.81.6.
+# using RuboCop version 1.81.7.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -80,7 +80,7 @@ Metrics/BlockNesting:
   Exclude:
     - 'app/models/spree/payment/processing.rb'
 
-# Offense count: 48
+# Offense count: 49
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ClassLength:
   Exclude:
@@ -122,6 +122,7 @@ Metrics/ClassLength:
     - 'app/services/order_cycles/form_service.rb'
     - 'app/services/orders/sync_service.rb'
     - 'app/services/permissions/order.rb'
+    - 'app/services/products_renderer.rb'
     - 'app/services/sets/product_set.rb'
     - 'engines/order_management/app/services/order_management/order/updater.rb'
     - 'lib/open_food_network/enterprise_fee_calculator.rb'
@@ -133,7 +134,7 @@ Metrics/ClassLength:
     - 'lib/reporting/reports/enterprise_fee_summary/scope.rb'
     - 'lib/reporting/reports/xero_invoices/base.rb'
 
-# Offense count: 35
+# Offense count: 37
 # Configuration parameters: AllowedMethods, AllowedPatterns, Max.
 Metrics/CyclomaticComplexity:
   Exclude:
@@ -234,7 +235,7 @@ Naming/MethodParameterName:
   Exclude:
     - 'engines/dfc_provider/lib/dfc_provider/catalog_item.rb'
 
-# Offense count: 59
+# Offense count: 60
 # Configuration parameters: Mode, AllowedMethods, AllowedPatterns, AllowBangMethods, WaywardPredicates.
 # AllowedMethods: call
 # WaywardPredicates: nonzero?
@@ -335,6 +336,24 @@ Rails/OrderArguments:
     - 'spec/services/orders/generate_invoice_service_spec.rb'
     - 'spec/system/admin/order_cycles/simple_spec.rb'
 
+# Offense count: 3
+# This cop supports safe autocorrection (--autocorrect).
+Rails/Presence:
+  Exclude:
+    - 'app/controllers/admin/enterprises_controller.rb'
+    - 'app/models/spree/product.rb'
+
+# Offense count: 6
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Severity.
+Rails/RedirectBackOrTo:
+  Exclude:
+    - 'app/controllers/admin/order_cycles_controller.rb'
+    - 'app/controllers/locales_controller.rb'
+    - 'app/controllers/spree/admin/invoices_controller.rb'
+    - 'app/controllers/spree/admin/orders_controller.rb'
+    - 'app/controllers/spree/admin/return_authorizations_controller.rb'
+
 # Offense count: 1
 # Configuration parameters: TransactionMethods.
 Rails/TransactionExitStatement:

.ruby-version

@@ -1 +1 @@
-3.2.9
+3.4.8

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:3.2.9-alpine3.19 AS base
+FROM ruby:3.4.8-alpine3.19 AS base
 ENV LANG=C.UTF-8 \
     LC_ALL=C.UTF-8 \
     TZ=Europe/London \
@@ -31,4 +31,4 @@ FROM development-base
 COPY . $RAILS_ROOT
 COPY Gemfile Gemfile.lock ./
 RUN bundle install --jobs "$(nproc)"
-COPY --from=yarn-dependencies $RAILS_ROOT/node_modules ./node_modules
+COPY --from=yarn-dependencies $RAILS_ROOT/node_modules ./node_modules

Dockerfile.ubuntu

@@ -83,11 +83,8 @@ RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.z
 # Copy code and install app dependencies
 COPY . /usr/src/app/
 
-# Install Bundler
-RUN ./script/install-bundler
-
 # Install front-end dependencies
 RUN yarn install
 
 # Run bundler install in parallel with the amount of available CPUs
-RUN bundle install --jobs="$(nproc)"
+RUN bundle install --jobs="$(nproc)"

Gemfile

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-source 'https://rubygems.org'
+source 'https://gem.coop'
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 ruby File.read('.ruby-version').chomp
@@ -18,7 +18,7 @@ gem 'activemerchant'
 gem 'angular-rails-templates'
 gem 'ransack', '~> 4.1.0'
 gem 'responders'
-gem 'webpacker', '~> 5'
+gem 'shakapacker', '8.4.0'
 
 # Indirect dependency but we access it directly in JS specs.
 # It turns out to be hard to upgrade but please do if you can.
@@ -49,7 +49,7 @@ gem 'acts_as_list', '1.0.4'
 gem 'cancancan', '~> 1.15.0'
 gem 'digest'
 gem 'ffaker'
-gem 'highline', '2.0.3' # Necessary for the install generator
+gem 'highline'
 gem 'json'
 gem 'monetize', '~> 1.11'
 gem 'paranoia', '~> 2.4'
@@ -57,7 +57,8 @@ gem 'state_machines-activerecord'
 gem 'stringex', '~> 2.8.5', require: false
 
 gem 'paypal-sdk-merchant', '1.117.2'
-gem 'stripe', '~> 13'
+gem 'stripe', '~> 15'
+gem "taler"
 
 gem 'devise'
 gem 'devise-encryptable'
@@ -111,7 +112,7 @@ gem "turbo_power"
 gem "turbo-rails"
 
 gem 'combine_pdf'
-gem 'wicked_pdf'
+gem 'wicked_pdf', github: "openfoodfoundation/wicked_pdf", branch: "master"
 gem 'wkhtmltopdf-binary'
 
 gem 'immigrant'
@@ -126,7 +127,8 @@ gem 'angular_rails_csrf'
 
 gem 'jquery-rails', '4.4.0'
 gem 'jquery-ui-rails', '~> 4.2'
-gem "select2-rails", github: "openfoodfoundation/select2-rails", branch: "v349_with_thor_v1"
+gem "select2-rails", github: "openfoodfoundation/select2-rails",
+                     branch: "v349_with-relaxed-dependencies"
 
 gem 'good_migrations'
 

Gemfile.lock

@@ -10,13 +10,21 @@ GIT
 
 GIT
   remote: https://github.com/openfoodfoundation/select2-rails.git
-  revision: fc240e85fbdf1878ff3c39d972c0cd9a312f5ed4
-  branch: v349_with_thor_v1
+  revision: 9693e0cc5b04938da46692d3fa83aa8934791981
+  branch: v349_with-relaxed-dependencies
   specs:
     select2-rails (3.4.9)
-      sass-rails
       thor (>= 0.14)
 
+GIT
+  remote: https://github.com/openfoodfoundation/wicked_pdf.git
+  revision: bce498de547cdf00d037fdbec29fae844d69ee8e
+  branch: master
+  specs:
+    wicked_pdf (2.8.1)
+      activesupport
+      ostruct
+
 GIT
   remote: https://github.com/podia/stimulus_reflex_testing.git
   revision: abac2ee34de347c589795b4d1a8e83e0baafb201
@@ -46,7 +54,7 @@ PATH
     web (0.0.1)
 
 GEM
-  remote: https://rubygems.org/
+  remote: https://gem.coop/
   specs:
     Ascii85 (2.0.1)
     actioncable (7.1.6)
@@ -104,11 +112,12 @@ GEM
       rails-html-sanitizer (~> 1.6)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    active_storage_validations (1.1.4)
-      activejob (>= 5.2.0)
-      activemodel (>= 5.2.0)
-      activestorage (>= 5.2.0)
-      activesupport (>= 5.2.0)
+    active_storage_validations (3.0.3)
+      activejob (>= 6.1.4)
+      activemodel (>= 6.1.4)
+      activestorage (>= 6.1.4)
+      activesupport (>= 6.1.4)
+      marcel (>= 1.0.3)
     activejob (7.1.6)
       activesupport (= 7.1.6)
       globalid (>= 0.3.6)
@@ -158,12 +167,12 @@ GEM
       zeitwerk (>= 2.4, < 3.0)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
-    addressable (2.8.7)
-      public_suffix (>= 2.0.2, < 7.0)
+    addressable (2.8.8)
+      public_suffix (>= 2.0.2, < 8.0)
     aes_key_wrap (1.1.0)
     afm (0.2.2)
-    angular-rails-templates (1.3.1)
-      railties (>= 5.0, < 8.1)
+    angular-rails-templates (1.4.0)
+      railties (>= 5.0, < 8.2)
       sprockets (>= 3.0, < 5)
       sprockets-rails
       tilt
@@ -175,35 +184,38 @@ GEM
       activerecord (>= 3.1.0)
     ast (2.4.3)
     attr_required (1.0.2)
-    aws-eventstream (1.3.0)
-    aws-partitions (1.929.0)
-    aws-sdk-core (3.196.1)
+    aws-eventstream (1.4.0)
+    aws-partitions (1.1196.0)
+    aws-sdk-core (3.240.0)
       aws-eventstream (~> 1, >= 1.3.0)
-      aws-partitions (~> 1, >= 1.651.0)
-      aws-sigv4 (~> 1.8)
+      aws-partitions (~> 1, >= 1.992.0)
+      aws-sigv4 (~> 1.9)
+      base64
+      bigdecimal
       jmespath (~> 1, >= 1.6.1)
-    aws-sdk-kms (1.81.0)
-      aws-sdk-core (~> 3, >= 3.193.0)
-      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.151.0)
-      aws-sdk-core (~> 3, >= 3.194.0)
+      logger
+    aws-sdk-kms (1.118.0)
+      aws-sdk-core (~> 3, >= 3.239.1)
+      aws-sigv4 (~> 1.5)
+    aws-sdk-s3 (1.208.0)
+      aws-sdk-core (~> 3, >= 3.234.0)
       aws-sdk-kms (~> 1)
-      aws-sigv4 (~> 1.8)
-    aws-sigv4 (1.8.0)
+      aws-sigv4 (~> 1.5)
+    aws-sigv4 (1.12.1)
       aws-eventstream (~> 1, >= 1.0.2)
     base64 (0.3.0)
     bcp47_spec (0.2.1)
     bcrypt (3.1.20)
     benchmark (0.5.0)
-    bigdecimal (3.3.1)
+    bigdecimal (4.0.1)
     bindata (2.5.1)
     bindex (0.8.1)
-    bootsnap (1.18.3)
+    bootsnap (1.22.0)
       msgpack (~> 1.2)
     bugsnag (6.28.0)
       concurrent-ruby (~> 1.0)
     builder (3.3.0)
-    bullet (8.0.8)
+    bullet (8.1.0)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     cable_ready (5.0.6)
@@ -225,12 +237,12 @@ GEM
       xpath (~> 3.2)
     capybara-shadowdom (0.3.0)
       capybara
-    caxlsx (3.3.0)
+    caxlsx (4.0.0)
       htmlentities (~> 4.3, >= 4.3.4)
       marcel (~> 1.0)
       nokogiri (~> 1.10, >= 1.10.4)
       rubyzip (>= 1.3.0, < 3)
-    cgi (0.5.0)
+    cgi (0.5.1)
     childprocess (5.0.0)
     choice (0.2.0)
     chronic (0.10.2)
@@ -242,13 +254,13 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    combine_pdf (1.0.26)
+    combine_pdf (1.0.31)
       matrix
       ruby-rc4 (>= 0.1.5)
-    concurrent-ruby (1.3.5)
-    connection_pool (2.5.4)
+    concurrent-ruby (1.3.6)
+    connection_pool (2.5.5)
     cookiejar (0.3.4)
-    crack (1.0.0)
+    crack (1.0.1)
       bigdecimal
       rexml
     crass (1.0.6)
@@ -258,16 +270,16 @@ GEM
     cuprite (0.15)
       capybara (~> 3.0)
       ferrum (~> 0.14.0)
-    database_cleaner (2.0.2)
+    database_cleaner (2.1.0)
       database_cleaner-active_record (>= 2, < 3)
-    database_cleaner-active_record (2.1.0)
+    database_cleaner-active_record (2.2.2)
       activerecord (>= 5.a)
-      database_cleaner-core (~> 2.0.0)
+      database_cleaner-core (~> 2.0)
     database_cleaner-core (2.0.1)
-    datafoodconsortium-connector (1.1.0)
+    datafoodconsortium-connector (1.2.0)
       virtual_assembly-semantizer (~> 1.0, >= 1.0.5)
-    date (3.5.0)
-    debug (1.9.2)
+    date (3.5.1)
+    debug (1.11.0)
       irb (~> 1.10)
       reline (>= 0.3.8)
     devise (4.9.4)
@@ -286,7 +298,7 @@ GEM
     diff-lcs (1.6.2)
     digest (3.2.1)
     docile (1.4.1)
-    dotenv (3.1.2)
+    dotenv (3.2.0)
     drb (2.2.3)
     em-http-request (1.1.7)
       addressable (>= 2.3.4)
@@ -301,7 +313,7 @@ GEM
       eventmachine (>= 1.0.0.beta.1)
     email_validator (2.2.4)
       activemodel
-    erb (6.0.0)
+    erb (6.0.1)
     erubi (1.13.1)
     et-orbi (1.3.0)
       tzinfo
@@ -325,13 +337,13 @@ GEM
       concurrent-ruby (~> 1.1)
       webrick (~> 1.7)
       websocket-driver (>= 0.6, < 0.8)
-    ffaker (2.23.0)
-    ffi (1.16.3)
+    ffaker (2.25.0)
+    ffi (1.17.2)
     flipper (1.3.6)
       concurrent-ruby (< 2)
-    flipper-active_record (1.3.0)
-      activerecord (>= 4.2, < 8)
-      flipper (~> 1.3.0)
+    flipper-active_record (1.3.6)
+      activerecord (>= 4.2, < 9)
+      flipper (~> 1.3.6)
     flipper-ui (1.3.6)
       erubi (>= 1.0.0, < 2.0.0)
       flipper (~> 1.3.6)
@@ -354,7 +366,8 @@ GEM
     fog-xml (0.1.3)
       fog-core
       nokogiri (>= 1.5.11, < 2.0.0)
-    foreman (0.88.1)
+    foreman (0.90.0)
+      thor (~> 1.4)
     formatador (0.2.5)
     fugit (1.11.1)
       et-orbi (~> 1, >= 1.2.11)
@@ -375,7 +388,7 @@ GEM
       temple (>= 0.8.2)
       thor
       tilt
-    haml_lint (0.67.0)
+    haml_lint (0.68.0)
       haml (>= 5.0)
       parallel (~> 1.10)
       rainbow
@@ -383,9 +396,11 @@ GEM
       sysexits (~> 1.1)
     hashdiff (1.2.1)
     hashery (2.1.2)
-    hashie (5.0.0)
-    highline (2.0.3)
-    htmlentities (4.3.4)
+    hashie (5.1.0)
+      logger
+    highline (3.1.2)
+      reline
+    htmlentities (4.4.2)
     http_parser.rb (0.8.0)
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
@@ -402,8 +417,8 @@ GEM
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.8, >= 1.8.1)
       terminal-table (>= 1.5.1)
-    image_processing (1.12.2)
-      mini_magick (>= 4.9.5, < 5)
+    image_processing (1.14.0)
+      mini_magick (>= 4.9.5, < 6)
       ruby-vips (>= 2.0.17, < 3)
     imagen (0.2.0)
       parser (>= 2.5, != 2.5.1.1)
@@ -411,10 +426,11 @@ GEM
       activerecord (>= 3.0)
     invisible_captcha (2.3.0)
       rails (>= 5.2)
-    io-console (0.8.1)
+    io-console (0.8.2)
     ipaddress (0.8.3)
-    irb (1.15.3)
+    irb (1.17.0)
       pp (>= 0.6.0)
+      prism (>= 1.3.0)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
     jmespath (1.6.2)
@@ -448,7 +464,7 @@ GEM
       rspec (>= 2.0, < 4.0)
     jsonapi-serializer (2.2.0)
       activesupport (>= 4.2)
-    jwt (2.8.1)
+    jwt (2.10.2)
       base64
     knapsack_pro (8.4.0)
       rake
@@ -464,7 +480,7 @@ GEM
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     logger (1.7.0)
-    loofah (2.24.1)
+    loofah (2.25.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mail (2.9.0)
@@ -474,7 +490,7 @@ GEM
       net-pop
       net-smtp
     marcel (1.1.0)
-    matrix (0.4.2)
+    matrix (0.4.3)
     method_source (1.1.0)
     mime-types (3.7.0)
       logger
@@ -483,15 +499,17 @@ GEM
     mimemagic (0.4.3)
       nokogiri (~> 1)
       rake
-    mini_magick (4.13.2)
+    mini_magick (5.3.1)
+      logger
     mini_mime (1.1.5)
     mini_portile2 (2.8.6)
-    minitest (5.26.2)
+    minitest (6.0.1)
+      prism (~> 1.5)
     monetize (1.13.0)
       money (~> 6.12)
     money (6.16.0)
       i18n (>= 0.6.4, <= 2)
-    msgpack (1.7.2)
+    msgpack (1.8.0)
     multi_json (1.17.0)
     multi_xml (0.6.0)
     mutex_m (0.3.0)
@@ -506,9 +524,9 @@ GEM
       timeout
     net-smtp (0.5.1)
       net-protocol
-    newrelic_rpm (9.23.0)
+    newrelic_rpm (9.24.0)
     nio4r (2.7.5)
-    nokogiri (1.18.10)
+    nokogiri (1.19.0)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     nokogiri-html5-inference (0.3.0)
@@ -525,7 +543,7 @@ GEM
       logger
       rack (>= 2.2.3)
       rack-protection
-    omniauth-rails_csrf_protection (1.0.2)
+    omniauth-rails_csrf_protection (2.0.1)
       actionpack (>= 4.2)
       omniauth (~> 2.0)
     omniauth_openid_connect (0.8.0)
@@ -546,14 +564,15 @@ GEM
       webfinger (~> 2.0)
     orm_adapter (0.5.0)
     ostruct (0.6.1)
-    pagy (9.3.4)
+    package_json (0.2.0)
+    pagy (9.4.0)
     paper_trail (17.0.0)
       activerecord (>= 7.1)
       request_store (~> 1.4)
     parallel (1.27.0)
     paranoia (2.6.4)
       activerecord (>= 5.1, < 7.2)
-    parser (3.3.10.0)
+    parser (3.3.10.1)
       ast (~> 2.4.1)
       racc
     paypal-sdk-core (0.3.4)
@@ -571,15 +590,16 @@ GEM
     pp (0.6.3)
       prettyprint
     prettyprint (0.2.0)
-    prism (1.6.0)
+    prism (1.9.0)
     private_address_check (0.5.0)
-    pry (0.15.2)
+    pry (0.16.0)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    psych (5.2.6)
+      reline (>= 0.6.0)
+    psych (5.3.1)
       date
       stringio
-    public_suffix (6.0.2)
+    public_suffix (7.0.0)
     puffing-billy (4.0.2)
       addressable (~> 2.5)
       em-http-request (~> 1.1, >= 1.1.0)
@@ -608,7 +628,7 @@ GEM
     rack-protection (3.2.0)
       base64 (>= 0.1.0)
       rack (~> 2.2, >= 2.2.4)
-    rack-proxy (0.7.6)
+    rack-proxy (0.7.7)
       rack
     rack-rewrite (1.5.1)
     rack-session (1.0.2)
@@ -671,11 +691,10 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rdf (3.3.2)
+    rdf (3.3.1)
       bcp47_spec (~> 0.2)
-      bigdecimal (~> 3.1, >= 3.1.5)
       link_header (~> 0.0, >= 0.0.8)
-    rdoc (6.15.1)
+    rdoc (7.2.0)
       erb
       psych (>= 4.0.0)
       tsort
@@ -689,10 +708,10 @@ GEM
       io-console (~> 0.5)
     request_store (1.7.0)
       rack (>= 1.4)
-    responders (3.1.1)
-      actionpack (>= 5.2)
-      railties (>= 5.2)
-    rexml (3.4.2)
+    responders (3.2.0)
+      actionpack (>= 7.0)
+      railties (>= 7.0)
+    rexml (3.4.4)
     roadie (5.2.1)
       css_parser (~> 1.4)
       nokogiri (~> 1.15)
@@ -757,25 +776,25 @@ GEM
       rubocop-ast (>= 1.47.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.48.0)
+    rubocop-ast (1.49.0)
       parser (>= 3.3.7.2)
-      prism (~> 1.4)
+      prism (~> 1.7)
     rubocop-capybara (2.22.1)
       lint_roller (~> 1.1)
       rubocop (~> 1.72, >= 1.72.1)
     rubocop-factory_bot (2.28.0)
       lint_roller (~> 1.1)
       rubocop (~> 1.72, >= 1.72.1)
-    rubocop-rails (2.33.4)
+    rubocop-rails (2.34.2)
       activesupport (>= 4.2.0)
       lint_roller (~> 1.1)
       rack (>= 1.1)
       rubocop (>= 1.75.0, < 2.0)
       rubocop-ast (>= 1.44.0, < 2.0)
-    rubocop-rspec (3.7.0)
+    rubocop-rspec (3.9.0)
       lint_roller (~> 1.1)
-      rubocop (~> 1.72, >= 1.72.1)
-    rubocop-rspec_rails (2.31.0)
+      rubocop (~> 1.81)
+    rubocop-rspec_rails (2.32.0)
       lint_roller (~> 1.1)
       rubocop (~> 1.72, >= 1.72.1)
       rubocop-rspec (~> 3.5)
@@ -783,32 +802,33 @@ GEM
       rexml
     ruby-progressbar (1.13.0)
     ruby-rc4 (0.1.5)
-    ruby-vips (2.1.4)
+    ruby-vips (2.2.5)
       ffi (~> 1.12)
-    rubyzip (2.3.2)
+      logger
+    rubyzip (2.4.1)
     rufus-scheduler (3.8.2)
       fugit (~> 1.1, >= 1.1.6)
     rugged (1.9.0)
     sanitize (7.0.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.16.8)
-    sass (3.4.25)
-    sass-rails (5.0.8)
-      railties (>= 5.2.0)
-      sass (~> 3.1)
-      sprockets (>= 2.8, < 4.0)
-      sprockets-rails (>= 2.0, < 4.0)
-      tilt (>= 1.1, < 3)
     sd_notify (0.1.1)
     securerandom (0.4.1)
-    semantic_range (3.0.0)
+    semantic_range (3.1.0)
+    shakapacker (8.4.0)
+      activesupport (>= 5.2)
+      package_json
+      rack-proxy (>= 0.6.1)
+      railties (>= 5.2)
+      semantic_range (>= 2.3.0)
     shoulda-matchers (7.0.1)
       activesupport (>= 7.1)
-    sidekiq (7.2.4)
-      concurrent-ruby (< 2)
-      connection_pool (>= 2.3.0)
-      rack (>= 2.2.4)
-      redis-client (>= 0.19.0)
+    sidekiq (7.3.10)
+      base64
+      connection_pool (>= 2.3.0, < 3)
+      logger
+      rack (>= 2.2.4, < 3.3)
+      redis-client (>= 0.23.0, < 1)
     sidekiq-scheduler (5.0.3)
       rufus-scheduler (~> 3.2)
       sidekiq (>= 6, < 8)
@@ -819,9 +839,10 @@ GEM
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.13.2)
     simplecov_json_formatter (0.1.4)
-    spreadsheet_architect (5.0.0)
-      caxlsx (>= 3.3.0, < 4)
-      rodf (>= 1.0.0, < 2)
+    spreadsheet_architect (5.1.0)
+      caxlsx (<= 4.0)
+      csv
+      rodf
     spring (4.4.0)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
@@ -855,33 +876,32 @@ GEM
       railties (>= 5.2)
       redis (>= 4.0, < 6.0)
     stringex (2.8.6)
-    stringio (3.1.8)
-    stripe (13.5.1)
+    stringio (3.2.0)
+    stripe (15.5.0)
     swd (2.0.3)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
       faraday (~> 2.0)
       faraday-follow_redirects
     sysexits (1.2.0)
-    temple (0.8.2)
+    taler (0.1.0)
+    temple (0.10.4)
     terminal-table (4.0.0)
       unicode-display_width (>= 1.1.1, < 4)
-    thor (1.4.0)
+    thor (1.5.0)
     thread-local (1.1.0)
     tilt (2.6.1)
-    timeout (0.4.4)
+    timeout (0.6.0)
     tsort (0.2.0)
-    ttfunk (1.8.0)
-      bigdecimal (~> 3.1)
-    turbo-rails (2.0.5)
-      actionpack (>= 6.0.0)
-      activejob (>= 6.0.0)
-      railties (>= 6.0.0)
+    ttfunk (1.7.0)
+    turbo-rails (2.0.20)
+      actionpack (>= 7.1.0)
+      railties (>= 7.1.0)
     turbo_power (0.7.0)
       turbo-rails (>= 1.3.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    undercover (0.8.2)
+    undercover (0.8.3)
       base64
       bigdecimal
       imagen (>= 0.2.0)
@@ -891,8 +911,8 @@ GEM
       simplecov_json_formatter
     unicode-display_width (3.2.0)
       unicode-emoji (~> 4.1)
-    unicode-emoji (4.1.0)
-    uniform_notifier (1.17.0)
+    unicode-emoji (4.2.0)
+    uniform_notifier (1.18.0)
     uri (1.1.1)
     valid_email2 (5.2.3)
       activemodel (>= 3.2)
@@ -902,11 +922,12 @@ GEM
       public_suffix
     validates_lengths_from_database (0.8.0)
       activerecord (>= 4)
-    vcr (6.2.0)
-    view_component (3.12.1)
-      activesupport (>= 5.2.0, < 8.0)
-      concurrent-ruby (~> 1.0)
-      method_source (~> 1.0)
+    vcr (6.3.1)
+      base64
+    view_component (4.1.1)
+      actionview (>= 7.1.0, < 8.2)
+      activesupport (>= 7.1.0, < 8.2)
+      concurrent-ruby (~> 1)
     view_component_reflex (3.1.14.pre9)
       rails (>= 5.2, < 8.0)
       stimulus_reflex (>= 3.5.0.pre2)
@@ -924,30 +945,22 @@ GEM
       activesupport
       faraday (~> 2.0)
       faraday-follow_redirects
-    webmock (3.25.1)
+    webmock (3.26.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    webpacker (5.4.4)
-      activesupport (>= 5.2)
-      rack-proxy (>= 0.6.1)
-      railties (>= 5.2)
-      semantic_range (>= 2.3.0)
-    webrick (1.9.1)
+    webrick (1.9.2)
     websocket-driver (0.7.7)
       base64
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    whenever (1.0.0)
+    whenever (1.1.0)
       chronic (>= 0.6.3)
-    wicked_pdf (2.8.2)
-      activesupport
-      ostruct
     wkhtmltopdf-binary (0.12.6.10)
     xml-simple (1.1.8)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.7.3)
+    zeitwerk (2.7.4)
 
 PLATFORMS
   ruby
@@ -1005,7 +1018,7 @@ DEPENDENCIES
   good_migrations
   haml
   haml_lint
-  highline (= 2.0.3)
+  highline
   i18n
   i18n-js (~> 3.9.0)
   i18n-tasks
@@ -1069,6 +1082,7 @@ DEPENDENCIES
   rubocop-rspec_rails
   sd_notify
   select2-rails!
+  shakapacker (= 8.4.0)
   shoulda-matchers
   sidekiq
   sidekiq-scheduler
@@ -1082,7 +1096,8 @@ DEPENDENCIES
   stimulus_reflex
   stimulus_reflex_testing!
   stringex (~> 2.8.5)
-  stripe (~> 13)
+  stripe (~> 15)
+  taler
   turbo-rails
   turbo_power
   undercover
@@ -1094,13 +1109,12 @@ DEPENDENCIES
   web!
   web-console
   webmock
-  webpacker (~> 5)
   whenever
-  wicked_pdf
+  wicked_pdf!
   wkhtmltopdf-binary
 
 RUBY VERSION
-   ruby 3.2.9p265
+  ruby 3.4.8p72
 
 BUNDLED WITH
-   2.4.19
+  4.0.3

Procfile

@@ -1,5 +1,5 @@
 # Foreman Procfile. Start all dev server processes with: `foreman start`
 
 rails:      DEV_CACHING=true bundle exec rails s -p 3000
-webpack:    ./bin/webpack-dev-server
+webpack:    ./bin/shakapacker-dev-server
 sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default

Procfile.docker

@@ -1,5 +1,5 @@
 # Foreman Procfile for Docker env. Start all dev server processes with: `bundle exec foreman start -f Procfile.docker`
 
-webpack:    WEBPACKER_DEV_SERVER_HOST=0.0.0.0 ./bin/webpack-dev-server
+webpack:    SHAKAPACKER_DEV_SERVER_HOST=0.0.0.0 ./bin/shakapacker-dev-server
 sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default
-rails:      WEBPACKER_DEV_SERVER_HOST=0.0.0.0 DEV_CACHING=true bundle exec rails s -p 3000 -b 0.0.0.0
+rails:      SHAKAPACKER_DEV_SERVER_HOST=0.0.0.0 DEV_CACHING=true bundle exec rails s -p 3000 -b 0.0.0.0

app/assets/javascripts/admin/index_utils/directives/obj_for_update.js.coffee

@@ -38,16 +38,13 @@ angular.module("admin.indexUtils").directive "objForUpdate", (switchClass, pendi
     # To ensure the customer is still updated, we check on the $destroy event to see if
     # the attribute has changed, if so we queue up the change.
     scope.$on '$destroy', (value) ->
-      # No update
-      return if scope.object()[scope.attr] is scope.savedValue
+      currentValue = scope.object()[scope.attr] || ""
 
-      # For some reason the code attribute is removed from the object when cleared, so we add
-      # an emptyvalue so it gets updated properly
-      if scope.attr is "code" and scope.object()[scope.attr] is undefined
-        scope.object()["code"] = ""
+      # No update
+      return if currentValue is scope.savedValue
 
       # Queuing up change
-      addPendingChange(scope.attr, scope.object()[scope.attr])
+      addPendingChange(scope.attr, currentValue)
 
     # private
 

app/assets/javascripts/darkswarm/controllers/tmp_controller.js.coffee

@@ -1,2 +0,0 @@
-angular.module('Darkswarm').controller "TmpCtrl", ($scope)->
-  $scope.test = {foo: "bar"}

app/assets/stylesheets/mail.scss

@@ -1 +0,0 @@
-@import './mail/all.scss';

app/assets/stylesheets/mail/all.scss

@@ -1,3 +0,0 @@
-@import '../../../webpacker/css/admin/globals/palette.scss';
-@import 'email';
-@import 'payments_list';

app/components/ship_order_component.html.haml

@@ -1,4 +1,4 @@
-= render ConfirmModalComponent.new(id: dom_id(@order, :ship), confirm_reflexes: "click->Admin::OrdersReflex#ship", controller: "orders", reflex: "Admin::Orders#ship") do
+= render ConfirmModalComponent.new(id: dom_id(@order, :ship), confirm_actions: "click->modal#close", confirm_reflexes: "click->Admin::OrdersReflex#ship", controller: "orders", reflex: "Admin::Orders#ship") do
   %div{class: "margin-bottom-30"}
     %p= t('spree.admin.orders.shipment.mark_as_shipped_message_html')
   %div{class: "margin-bottom-30"}

app/components/webhook_endpoint_form_component.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class WebhookEndpointFormComponent < ViewComponent::Base
+  def initialize(webhooks:, webhook_type:)
+    @webhooks = webhooks
+    @webhook_type = webhook_type
+  end
+
+  private
+
+  attr_reader :webhooks, :webhook_type
+
+  def is_webhook_payment_status?
+    webhook_type == "payment_status_changed"
+  end
+end

app/components/webhook_endpoint_form_component/webhook_endpoint_form_component.html.haml

@@ -0,0 +1,27 @@
+-# Create new endpoints
+- if webhooks.empty? # Only one allowed for now.
+  %tr
+    %td= t("components.webhook_endpoint_form.event_types.#{webhook_type}")
+    %td
+      = form_with(url: helpers.account_webhook_endpoints_path, id: "#{webhook_type}_webhook_endpoint") do |f|
+        = f.url_field :'webhook_endpoint[url]', id: "#{webhook_type}_webhook_endpoint_url", placeholder: t('components.webhook_endpoint_form.url.create_placeholder'), required: true, size: 64
+        = f.hidden_field :'webhook_endpoint[webhook_type]', id: "#{webhook_type}_webhook_endpoint_webhook_type", value: webhook_type
+    %td.actions
+      = button_tag t(:create), class: 'button primary tiny no-margin', form: "#{webhook_type}_webhook_endpoint"
+
+-# Existing endpoints
+- webhooks.each do |webhook_endpoint|
+  %tr
+    %td= t("components.webhook_endpoint_form.event_types.#{webhook_type}")
+    %td= webhook_endpoint.url
+    %td.actions.endpoints-actions
+      - if webhook_endpoint.persisted?
+        = button_to helpers.account_webhook_endpoint_path(webhook_endpoint), method: :delete,
+                                                                             class: "tiny alert no-margin",
+                                                                             data: { confirm: I18n.t(:are_you_sure) } do
+          = I18n.t(:delete)
+
+        - if is_webhook_payment_status?
+          = form_tag helpers.webhook_endpoint_test_account_path(webhook_endpoint), class: "button_to", 'data-turbo': true do
+            = button_tag type: "submit", class: "tiny alert no-margin", data: { confirm: I18n.t(:are_you_sure) } do
+              = I18n.t("components.webhook_endpoint_form.test_endpoint")

app/controllers/admin/dfc_product_imports_controller.rb

@@ -15,8 +15,8 @@ module Admin
     def index
       # Fetch DFC catalog JSON for preview
       @catalog_url = params.require(:catalog_url).strip
-      @catalog_json = api.call(@catalog_url)
-      catalog = DfcCatalog.from_json(@catalog_json)
+      @catalog_data = api.call(@catalog_url)
+      catalog = DfcCatalog.from_json(@catalog_data)
 
       # Render table and let user decide which ones to import.
       @items = list_products(catalog)

app/controllers/admin/enterprises_controller.rb

@@ -162,6 +162,18 @@ module Admin
       end
     end
 
+    def destroy
+      if @object.destroy
+        flash.now[:success] = flash_message_for(@object, :successfully_removed)
+      else
+        flash.now[:error] = @object.errors.full_messages.to_sentence
+      end
+
+      respond_to do |format|
+        format.turbo_stream { render :destroy, status: :ok }
+      end
+    end
+
     protected
 
     def delete_custom_tab

app/controllers/admin/product_import_controller.rb

@@ -49,7 +49,7 @@ module Admin
         errors: @importer.errors.full_messages
       }
 
-      if helpers.feature?(:inventory, *spree_current_user.enterprises)
+      if helpers.inventory_enabled?(spree_current_user.enterprises)
         json[:results][:inventory_created] = @importer.inventory_created_count
         json[:results][:inventory_updated] = @importer.inventory_updated_count
       end
@@ -175,7 +175,7 @@ module Admin
 
     # Return an error if trying to import into inventories when inventory is disable
     def can_import_into_inventories?
-      return true if helpers.feature?(:inventory, *spree_current_user.enterprises) ||
+      return true if helpers.inventory_enabled?(spree_current_user.enterprises) ||
                      params.dig(:settings, "import_into") != 'inventories'
 
       redirect_to admin_product_import_url, notice: I18n.t(:product_import_inventory_disable)

app/controllers/admin/products_v3_controller.rb

@@ -7,6 +7,7 @@ module Admin
 
     before_action :init_filters_params
     before_action :init_pagination_params
+    before_action :init_none_tag
 
     def index
       fetch_products
@@ -179,6 +180,8 @@ module Admin
       product_query = OpenFoodNetwork::Permissions.new(spree_current_user)
         .editable_products.merge(product_scope_with_includes).ransack(ransack_query).result
 
+      product_query = apply_tags_filter(product_query)
+
       # Postgres requires ORDER BY expressions to appear in the SELECT list when using DISTINCT.
       # When the current ransack sort uses the computed stock columns, include them in the select
       # so the generated COUNT/DISTINCT query is valid.
@@ -225,12 +228,51 @@ module Admin
         query.merge!(Spree::Variant::SEARCH_KEY => @search_term)
       end
       query.merge!(variants_primary_taxon_id_in: @category_id) if @category_id.present?
-      query.merge!(variants_tags_name_in: @tags) if @tags.present?
       query.merge!(@q) if @q
 
       query
     end
 
+    # Apply tags filter with OR logic:
+    # - Products with variants having selected tags
+    # - OR products with variants having no tags (when "None" is selected)
+    #
+    # Note: This cannot be implemented using Ransack because Ransack applies
+    # AND semantics across associations and cannot express OR logic that combines
+    # the presence and absence of the same associated records.
+    def apply_tags_filter(base_query)
+      return base_query if @tags.blank?
+
+      tag_names = Array(@tags).dup
+      has_none_tag = (tag_names.delete(@none_tag_value) == @none_tag_value)
+
+      queries = []
+
+      if tag_names.any?
+        # Products with at least one variant having one of the selected tags
+        tagged_product_ids = Spree::Variant
+          .joins(taggings: :tag)
+          .where(tags: { name: tag_names })
+          .select(:product_id)
+
+        queries << base_query.where(id: tagged_product_ids)
+      end
+
+      if has_none_tag
+        # Products where no variants have any tags
+        tagged_product_ids = Spree::Variant
+          .joins(:taggings)
+          .select(:product_id)
+
+        queries << base_query.where.not(id: tagged_product_ids)
+      end
+
+      return base_query if queries.empty?
+
+      # Combine queries using ActiveRecord's or method
+      queries.reduce { |combined, query| combined.or(query) }
+    end
+
     # Optimise by pre-loading required columns
     def product_query_includes
       [
@@ -289,6 +331,10 @@ module Admin
         t('.error')
       end
     end
+
+    def init_none_tag
+      @none_tag_value = '""'
+    end
   end
 end
 # rubocop:enable Metrics/ClassLength

app/controllers/admin/resource_controller.rb

@@ -61,7 +61,7 @@ module Admin
 
     def destroy
       if @object.destroy
-        flash[:success] = flash_message_for(@object, :successfully_removed)
+        flash[:success] = Spree.t(:successfully_removed)
         respond_with(@object) do |format|
           format.html { redirect_to collection_url }
           format.js   { render partial: "spree/admin/shared/destroy" }
@@ -76,7 +76,7 @@ module Admin
     protected
 
     def resource_not_found
-      flash[:error] = flash_message_for(model_class.new, :not_found)
+      flash[:error] = Spree.t(:not_found)
       redirect_to collection_url
     end
 

app/controllers/admin/stripe_accounts_controller.rb

@@ -6,7 +6,7 @@ module Admin
   class StripeAccountsController < Spree::Admin::BaseController
     def connect
       payload = params.permit(:enterprise_id).to_h
-      key = Openfoodnetwork::Application.config.secret_token
+      key = Rails.application.secret_key_base
       url_params = { state: JWT.encode(payload, key, 'HS256'), scope: "read_write" }
       redirect_to Stripe::OAuth.authorize_url(url_params)
     end

app/controllers/admin/tag_rules_controller.rb

@@ -30,7 +30,7 @@ module Admin
 
       status = :ok
       if @rule.destroy
-        flash[:success] = Spree.t(:successfully_removed, resource: "Tag Rule")
+        flash[:success] = Spree.t(:successfully_removed, resource: Spree.t(:tag_rule))
       else
         flash.now[:error] = t(".destroy_error")
         status = :internal_server_error

app/controllers/admin/variant_overrides_controller.rb

@@ -44,6 +44,8 @@ module Admin
     def load_data
       @hubs = OpenFoodNetwork::Permissions.new(spree_current_user).
         variant_override_hubs.by_name
+      # Only display the ones with inventory enabled
+      @hubs = @hubs.select { |p| helpers.feature?(:inventory, p) }
 
       # Used in JS to look up the name of the producer of each product
       @producers = OpenFoodNetwork::Permissions.new(spree_current_user).

app/controllers/admin/vouchers_controller.rb

@@ -14,7 +14,7 @@ module Admin
       )
 
       if @voucher.save
-        flash[:success] = I18n.t(:successfully_created, resource: "Voucher")
+        flash[:success] = I18n.t(:successfully_created, resource: Spree.t(:voucher))
         redirect_to edit_admin_enterprise_path(@enterprise, anchor: :vouchers_panel)
       else
         render_error

app/controllers/concerns/manager_invitations.rb

@@ -4,7 +4,7 @@ module ManagerInvitations
   extend ActiveSupport::Concern
 
   def create_new_manager(email, enterprise)
-    password = Devise.friendly_token
+    password = SecureRandom.base58(64)
     new_user = Spree::User.create(email:, unconfirmed_email: email, password:)
     new_user.reset_password_token = Devise.friendly_token
     # Same time as used in Devise's lib/devise/models/recoverable.rb.

app/controllers/payment_gateways/taler_controller.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module PaymentGateways
+  class TalerController < BaseController
+    include OrderCompletion
+
+    # The Taler merchant backend has taken the payment.
+    # Now we just need to confirm that and update our local database
+    # before finalising the order.
+    def confirm
+      payment = Spree::Payment.find(params[:payment_id])
+      @order = payment.order
+      process_payment_completion!
+    end
+  end
+end

app/controllers/spree/admin/images_controller.rb

@@ -68,7 +68,7 @@ module Spree
         destroy_before
 
         if @object.destroy
-          flash[:success] = flash_message_for(@object, :successfully_removed)
+          flash[:success] = Spree.t(:successfully_removed)
         end
 
         redirect_to location_after_save

app/controllers/spree/admin/payment_methods_controller.rb

@@ -11,10 +11,11 @@ module Spree
       respond_to :html
 
       PAYMENT_METHODS = %w{
-        Spree::PaymentMethod::Check
         Spree::Gateway::PayPalExpress
         Spree::Gateway::StripeSCA
-      }.index_with(&:constantize).freeze
+        Spree::PaymentMethod::Check
+        Spree::PaymentMethod::Taler
+      }.freeze
 
       def create
         force_environment
@@ -95,7 +96,7 @@ module Spree
             @payment_method = PaymentMethod.find(params[:pm_id])
           end
         else
-          @payment_method = PAYMENT_METHODS.fetch(params[:provider_type], PaymentMethod).new
+          @payment_method = PaymentMethod.new(type: params[:provider_type])
         end
 
         render partial: 'provider_settings'
@@ -117,7 +118,7 @@ module Spree
       end
 
       def validate_payment_method_provider
-        valid_payment_methods = Rails.application.config.spree.payment_methods.map(&:to_s)
+        valid_payment_methods = PAYMENT_METHODS
         return if valid_payment_methods.include?(params[:payment_method][:type])
 
         flash[:error] = Spree.t(:invalid_payment_provider)
@@ -133,13 +134,11 @@ module Spree
       end
 
       def load_providers
-        providers = Gateway.providers.sort_by(&:name)
+        providers = PAYMENT_METHODS.dup
 
-        unless show_stripe?
-          providers.reject! { |provider| stripe_provider?(provider) }
-        end
+        providers.delete("Spree::Gateway::StripeSCA") unless show_stripe?
 
-        providers
+        providers.map(&:constantize)
       end
 
       # Show Stripe as an option if enabled, or if the
@@ -164,10 +163,6 @@ module Spree
         @payment_method.try(:type) == "Spree::Gateway::StripeSCA"
       end
 
-      def stripe_provider?(provider)
-        provider.name.ends_with?("StripeSCA")
-      end
-
       def base_params
         @base_params ||= PermittedAttributes::PaymentMethod.new(params[:payment_method]).
           call.to_h.with_indifferent_access

app/controllers/spree/admin/product_properties_controller.rb

@@ -16,7 +16,7 @@ module Spree
         @url_filters = ::ProductFilters.new.extract(request.query_parameters)
 
         if @object.destroy
-          flash[:success] = flash_message_for(@object, :successfully_removed)
+          flash[:success] = Spree.t(:successfully_removed)
         end
         # if destroy fails it won't show any errors to the user
         redirect_to spree.admin_product_product_properties_url(params[:product_id], @url_filters)

app/controllers/spree/admin/shipping_methods_controller.rb

@@ -36,7 +36,7 @@ module Spree
         end
 
         @object.touch :deleted_at
-        flash[:success] = flash_message_for(@object, :successfully_removed)
+        flash[:success] = Spree.t(:successfully_removed)
 
         respond_with(@object) do |format|
           format.html { redirect_to collection_url }

app/controllers/spree/admin/tax_categories_controller.rb

@@ -5,7 +5,7 @@ module Spree
     class TaxCategoriesController < ::Admin::ResourceController
       def destroy
         if @object.destroy
-          flash[:success] = flash_message_for(@object, :successfully_removed)
+          flash[:success] = Spree.t(:successfully_removed)
           respond_with(@object) do |format|
             format.html { redirect_to collection_url }
             format.js   { render partial: "spree/admin/shared/destroy" }

app/controllers/spree/user_sessions_controller.rb

@@ -9,7 +9,6 @@ module Spree
     include Spree::Core::ControllerHelpers::Auth
     include Spree::Core::ControllerHelpers::Common
     include Spree::Core::ControllerHelpers::Order
-    include CablecarResponses
 
     helper 'spree/base'
 
@@ -24,14 +23,12 @@ module Spree
       if spree_user_signed_in?
         flash[:success] = t('devise.success.logged_in_succesfully')
 
-        render cable_ready: cable_car.redirect_to(
-          url: return_url_or_default(after_sign_in_path_for(spree_current_user))
-        )
+        redirect_to return_url_or_default(after_sign_in_path_for(spree_current_user))
       else
-        render status: :unauthorized, cable_ready: cable_car.inner_html(
-          "#login-feedback",
-          partial("layouts/alert", locals: { type: "alert", message: t('devise.failure.invalid') })
-        )
+        message = t('devise.failure.invalid')
+        render turbo_stream: turbo_stream.update(
+          'login-feedback', partial: 'layouts/alert', locals: { message:, type: 'alert' }
+        ), status: :unprocessable_entity
       end
     end
 
@@ -60,11 +57,13 @@ module Spree
     end
 
     def render_unconfirmed_response
-      render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
-        "#login-feedback",
-        partial("layouts/alert", locals: { type: "alert", message: t(:email_unconfirmed),
-                                           unconfirmed: true, tab: "login" })
-      )
+      message = t(:email_unconfirmed)
+
+      render turbo_stream: turbo_stream.update(
+        'login-feedback',
+        partial: 'layouts/alert', locals: { type: "alert", message:, unconfirmed: true,
+                                            tab: "login", email: params.dig(:spree_user, :email) }
+      ), status: :unprocessable_entity
     end
 
     def ensure_valid_locale_persisted

app/controllers/spree/users_controller.rb

@@ -3,7 +3,6 @@
 module Spree
   class UsersController < ::BaseController
     include I18nHelper
-    include CablecarResponses
 
     layout 'darkswarm'
 
@@ -25,34 +24,17 @@ module Spree
       @unconfirmed_email = spree_current_user.unconfirmed_email
     end
 
-    # Endpoint for queries to check if a user is already registered
-    def registered_email
-      registered = Spree::User.find_by(email: params[:email]).present?
-
-      if registered
-        render status: :ok, cable_ready: cable_car.
-          inner_html(
-            "#login-feedback",
-            partial("layouts/alert",
-                    locals: { type: "alert", message: t('devise.failure.already_registered') })
-          ).
-          dispatch_event(name: "login:modal:open")
-      else
-        head :not_found
-      end
-    end
-
     def create
       @user = Spree::User.new(user_params)
 
       if @user.save
         flash[:success] = t('devise.user_registrations.spree_user.signed_up_but_unconfirmed')
-        render cable_ready: cable_car.redirect_to(url: main_app.root_path)
+        redirect_to main_app.root_path
       else
-        render status: :unprocessable_entity, cable_ready: cable_car.morph(
-          "#signup-tab",
-          partial("layouts/signup_tab", locals: { signup_form_user: @user })
-        )
+        render turbo_stream: turbo_stream.update(
+          'signup-tab',
+          partial: 'layouts/signup_tab', locals: { signup_form_user: @user }
+        ), status: :unprocessable_entity
       end
     end
 
@@ -97,13 +79,10 @@ module Spree
     end
 
     def render_alert_timestamp_error_message
-      render cable_ready: cable_car.inner_html(
-        "#signup-feedback",
-        partial("layouts/alert",
-                locals: {
-                  type: "alert",
-                  message: InvisibleCaptcha.timestamp_error_message
-                })
+      render turbo_stream: turbo_stream.update(
+        'signup-feedback',
+        partial: 'layouts/alert',
+        locals: { type: "alert", message: InvisibleCaptcha.timestamp_error_message }
       )
     end
   end

app/controllers/user_confirmations_controller.rb

@@ -3,7 +3,6 @@
 class UserConfirmationsController < DeviseController
   # Needed for access to current_ability, so we can authorize! actions
   include Spree::Core::ControllerHelpers::Auth
-  include CablecarResponses
 
   # GET /resource/confirmation?confirmation_token=abcdef
   def show
@@ -29,12 +28,12 @@ class UserConfirmationsController < DeviseController
         set_flash_message(:error, :confirmation_not_sent)
       end
     else
-      render cable_ready: cable_car.inner_html(
-        "##{params[:tab] || 'forgot'}-feedback",
-        partial("layouts/alert",
-                locals: { type: "success", message: t("devise.confirmations.send_instructions") })
+      flash.now[:sucess] = t("devise.confirmations.send_instructions")
+
+      return render turbo_stream: turbo_stream.update(
+        "#{params[:tab] || 'forgot'}-feedback",
+        partial: 'shared/flashes', locals: { flashes: flash }
       )
-      return
     end
 
     respond_with_navigational(resource){ redirect_to login_path }

app/controllers/user_passwords_controller.rb

@@ -1,37 +1,40 @@
 # frozen_string_literal: true
 
 class UserPasswordsController < Spree::UserPasswordsController
-  include CablecarResponses
-
   layout 'darkswarm'
 
   def create
     return render_unconfirmed_response if user_unconfirmed?
 
     self.resource = resource_class.send_reset_password_instructions(raw_params[resource_name])
+    status = :ok
 
     if resource.errors.empty?
-      render cable_ready: cable_car.inner_html(
-        "#forgot-feedback",
-        partial("layouts/alert", locals: { type: "success", message: t(:password_reset_sent) })
-      )
+      message, type = [t(:password_reset_sent), :success]
     else
-      render status: :not_found, cable_ready: cable_car.inner_html(
-        "#forgot-feedback",
-        partial("layouts/alert", locals: { type: "alert", message: t(:email_not_found) })
-      )
+      message, type = [t(:email_not_found), :alert]
+      status = :not_found
     end
+
+    render turbo_stream: turbo_stream.update(
+      'forgot-feedback',
+      partial: 'layouts/alert',
+      locals: { type:, message:, tab: 'forgot',
+                unconfirmed: false, email: params.dig(:spree_user, :email) }
+    ), status:
   end
 
   private
 
   def render_unconfirmed_response
-    render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
-      "#forgot-feedback",
-      partial("layouts/alert",
-              locals: { type: "alert", message: t(:email_unconfirmed),
-                        unconfirmed: true, tab: "forgot" })
-    )
+    message, type, unconfirmed, tab = [t(:email_unconfirmed), :alert, true, 'forgot']
+
+    render turbo_stream: turbo_stream.update(
+      'forgot-feedback',
+      partial: 'layouts/alert',
+      locals: { type:, message:, tab:,
+                unconfirmed:, email: params.dig(:spree_user, :email) }
+    ), status: :unprocessable_entity
   end
 
   def user_unconfirmed?

app/controllers/voucher_adjustments_controller.rb

@@ -90,11 +90,13 @@ class VoucherAdjustmentsController < BaseController
       voucher_code: voucher_params[:voucher_code], enterprise: @order.distributor
     )
     voucher = vine_voucher_validator.validate
+    errors = vine_voucher_validator.errors
 
-    return nil if vine_voucher_validator.errors[:not_found_voucher].present?
+    return nil if errors[:not_found_voucher].present?
 
-    if vine_voucher_validator.errors.present?
-      @order.errors.add(:voucher_code, I18n.t('checkout.errors.add_voucher_error'))
+    if errors.present?
+      message = errors[:invalid_voucher] || I18n.t('checkout.errors.add_voucher_error')
+      @order.errors.add(:voucher_code, message)
       return nil
     end
 

app/controllers/webhook_endpoints_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class WebhookEndpointsController < BaseController
-  before_action :load_resource, only: :destroy
+  before_action :load_resource, only: [:destroy, :test]
 
   def create
     webhook_endpoint = spree_current_user.webhook_endpoints.new(webhook_endpoint_params)
@@ -25,12 +25,30 @@ class WebhookEndpointsController < BaseController
     redirect_to redirect_path
   end
 
+  def test
+    at = Time.zone.now
+    test_payload = Payments::WebhookPayload.test_data.to_hash
+
+    WebhookDeliveryJob.perform_later(@webhook_endpoint.url, "payment.completed", test_payload, at:)
+
+    flash[:success] = t(".success")
+    respond_with do |format|
+      format.turbo_stream do
+        render turbo_stream: turbo_stream.update(
+          :flashes, partial: "shared/flashes", locals: { flashes: flash }
+        )
+      end
+    end
+  end
+
+  private
+
   def load_resource
     @webhook_endpoint = spree_current_user.webhook_endpoints.find(params[:id])
   end
 
   def webhook_endpoint_params
-    params.require(:webhook_endpoint).permit(:url)
+    params.require(:webhook_endpoint).permit(:url, :webhook_type)
   end
 
   def redirect_path

app/helpers/application_helper.rb

@@ -72,7 +72,23 @@ module ApplicationHelper
     end
   end
 
+  # Update "v1" to invalidate existing cache key
   def cache_key_with_locale(key, locale)
-    Array.wrap(key) + [locale.to_s, I18nDigests.for_locale(locale)]
+    Array.wrap(key) + ["v3", locale.to_s, I18nDigests.for_locale(locale)]
+  end
+
+  def pdf_stylesheet_pack_tag(source)
+    # With shakapacker dev server running, the wicked_pdf_stylesheet_pack_tag will produce a
+    # relative path, because we don't have `config.action_controller.asset_host`. Relative path
+    # can't be resolved by `wkhtmltopdf`. So we pass the wepacker dev server host and port to
+    # the shakapacker helper, so it generates the correct url.
+    # For more info: https://stackoverflow.com/questions/58490299/how-to-include-css-stylesheet-into-wicked-pdf/60541688#60541688
+    if running_in_development?
+      options = { media: "all",
+                  host: "#{Shakapacker.dev_server.host}:#{Shakapacker.dev_server.port}" }
+      stylesheet_pack_tag(source, **options)
+    else
+      wicked_pdf_stylesheet_pack_tag(source)
+    end
   end
 end

app/helpers/enterprises_helper.rb

@@ -63,8 +63,11 @@ module EnterprisesHelper
     url = object_url(enterprise)
     name = t(:delete)
     options = {}
-    options[:class] = "delete-resource"
-    options[:data] = { action: 'remove', confirm: enterprise_confirm_delete_message(enterprise) }
+    options[:data] = {
+      turbo: true,
+      'turbo-method': 'delete',
+      'turbo-confirm': enterprise_confirm_delete_message(enterprise)
+    }
     link_to_with_icon 'icon-trash', name, url, options
   end
 

app/helpers/spree/admin/base_helper.rb

@@ -147,6 +147,10 @@ module Spree
         dom_id(record, 'spree')
       end
 
+      def inventory_enabled?(enterprises)
+        !feature?(:variant_tag, *enterprises) && feature?(:inventory, *enterprises)
+      end
+
       private
 
       def attribute_name_for(field_name)

app/helpers/spree/admin/orders_helper.rb

@@ -120,7 +120,7 @@ module Spree
       end
 
       def cancel_event_link(order)
-        event_label = I18n.t("cancel", scope: "actions")
+        event_label = I18n.t("cancel_order", scope: "actions")
         button_link_to(event_label,
                        fire_admin_order_url(order, e: "cancel"),
                        method: :put, icon: "icon-cancel", form_id: "cancel_order_form")

app/models/application_record.rb

@@ -12,7 +12,10 @@ class ApplicationRecord < ActiveRecord::Base
   self.include_root_in_json = true
 
   def self.image_service
-    ENV["S3_BUCKET"].present? ? :amazon_public : :local
+    return :local if ENV["S3_BUCKET"].blank?
+    return :amazon_public if ENV["S3_ENDPOINT"].blank?
+
+    :s3_compatible_storage_public
   end
 
   # We might have a development environment without S3 but with a database

app/models/concerns/calculated_adjustments.rb

@@ -5,6 +5,18 @@ require "active_support/concern"
 module CalculatedAdjustments
   extend ActiveSupport::Concern
 
+  CALCULATORS = %w{
+    Calculator::DefaultTax
+    Calculator::FlatPercentItemTotal
+    Calculator::FlatPercentPerItem
+    Calculator::FlatRate
+    Calculator::FlexiRate
+    Calculator::None
+    Calculator::PerItem
+    Calculator::PriceSack
+    Calculator::Weight
+  }.freeze
+
   included do
     has_one :calculator, as: :calculable, class_name: "Spree::Calculator", dependent: :destroy
     accepts_nested_attributes_for :calculator
@@ -32,7 +44,11 @@ module CalculatedAdjustments
   end
 
   def calculator_type=(calculator_type)
-    klass = calculator_type.constantize if calculator_type
+    return unless calculator_type
+
+    return unless CALCULATORS.include?(calculator_type)
+
+    klass = calculator_type.constantize
     self.calculator = klass.new if klass && !calculator.is_a?(klass)
   end
 

app/models/enterprise.rb

@@ -50,11 +50,11 @@ class Enterprise < ApplicationRecord
   has_many :distributed_orders, class_name: 'Spree::Order',
                                 foreign_key: 'distributor_id',
                                 inverse_of: :distributor,
-                                dependent: :restrict_with_exception
+                                dependent: :restrict_with_error
 
   belongs_to :address, class_name: 'Spree::Address'
   belongs_to :business_address, optional: true, class_name: 'Spree::Address', dependent: :destroy
-  has_many :enterprise_fees, dependent: :restrict_with_exception
+  has_many :enterprise_fees, dependent: :restrict_with_error
   has_many :enterprise_roles, dependent: :destroy
   has_many :users, through: :enterprise_roles
   belongs_to :owner, class_name: 'Spree::User',
@@ -62,21 +62,22 @@ class Enterprise < ApplicationRecord
   has_many :distributor_payment_methods,
            inverse_of: :distributor,
            foreign_key: :distributor_id,
-           dependent: :restrict_with_exception
+           dependent: :restrict_with_error
   has_many :distributor_shipping_methods,
            inverse_of: :distributor,
            foreign_key: :distributor_id,
-           dependent: :restrict_with_exception
+           dependent: :restrict_with_error
   has_many :payment_methods, through: :distributor_payment_methods
   has_many :shipping_methods, through: :distributor_shipping_methods
   has_many :customers, dependent: :destroy
   has_many :inventory_items, dependent: :destroy
   has_many :tag_rules, dependent: :destroy
   has_one :stripe_account, dependent: :destroy
-  has_many :vouchers, dependent: :restrict_with_exception
+  has_many :vouchers, dependent: :restrict_with_error
   has_many :connected_apps, dependent: :destroy
   has_many :dfc_permissions, dependent: :destroy
   has_one :custom_tab, dependent: :destroy
+  has_one :semantic_link, as: :subject, dependent: :delete
 
   delegate :latitude, :longitude, :city, :state_name, to: :address
 
@@ -110,14 +111,14 @@ class Enterprise < ApplicationRecord
   end
 
   validates :logo,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+            processable_file: true,
+            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
   validates :promo_image,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+            processable_file: true,
+            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
   validates :white_label_logo,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+            processable_file: true,
+            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
   validates :terms_and_conditions, content_type: {
     in: "application/pdf",
     message: I18n.t(:enterprise_terms_and_conditions_type_error),

app/models/enterprise_group.rb

@@ -29,11 +29,11 @@ class EnterpriseGroup < ApplicationRecord
   has_one_attached :promo_image, service: image_service
 
   validates :logo,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+            processable_file: true,
+            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
   validates :promo_image,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+            processable_file: true,
+            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
 
   scope :by_position, -> { order('position ASC') }
   scope :on_front_page, -> { where(on_front_page: true) }

app/models/invoice/data_presenter.rb

@@ -95,8 +95,8 @@ class Invoice
     def display_line_item_tax_rate(item)
       all_tax_adjustments.select { |a|
         a.adjustable.type == 'Spree::LineItem' && a.adjustable.id == item.id
-      }.map(&:originator).map { |tr|
-        number_to_percentage(tr.amount * 100, precision: 1)
+      }.map(&:originator).map(&:amount).sort.map { |amount|
+        number_to_percentage(amount * 100, precision: 1)
       }.join(", ")
     end
 

app/models/spree/app_configuration.rb

@@ -31,7 +31,6 @@ module Spree
     preference :admin_products_per_page, :integer, default: 10
     # Should only be true if you don't need to track inventory
     preference :allow_backorder_shipping, :boolean, default: false
-    preference :allow_checkout_on_gateway_error, :boolean, default: false
     preference :allow_guest_checkout, :boolean, default: true
     preference :currency_decimal_mark, :string, default: "."
     preference :currency_symbol_position, :string, default: "before"

app/models/spree/image.rb

@@ -2,6 +2,8 @@
 
 module Spree
   class Image < Asset
+    ACCEPTED_CONTENT_TYPES = %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+
     has_one_attached :attachment, service: image_service do |attachment|
       attachment.variant :mini, resize_to_fill: [48, 48]
       attachment.variant :small, resize_to_fill: [227, 227]
@@ -11,8 +13,8 @@ module Spree
 
     validates :attachment,
               attached: true,
-              processable_image: true,
-              content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+              processable_file: true,
+              content_type: ACCEPTED_CONTENT_TYPES
     validate :no_attachment_errors
 
     def self.default_image_url(size)

app/models/spree/line_item.rb

@@ -24,6 +24,8 @@ module Spree
     before_validation :copy_price
     before_validation :copy_tax_category
     before_validation :copy_dimensions
+    before_validation :copy_product_name, on: :create
+    before_validation :copy_variant_name, on: :create
 
     validates :quantity, numericality: {
       only_integer: true,
@@ -250,6 +252,18 @@ module Spree
       adjustments.enterprise_fee
     end
 
+    def full_variant_name
+      return variant_name if variant_name.present?
+
+      variant.full_name
+    end
+
+    def full_product_name
+      return product_name if product_name.present?
+
+      variant.product.name
+    end
+
     private
 
     def computed_weight_from_variant
@@ -274,6 +288,18 @@ module Spree
       order.create_tax_charge!
     end
 
+    def copy_product_name
+      return if variant.nil? || variant.product.nil?
+
+      self.product_name = variant.product.name
+    end
+
+    def copy_variant_name
+      return if variant.nil?
+
+      self.variant_name = variant.full_name
+    end
+
     def update_inventory_before_destroy
       # This is necessary before destroying the line item
       #   so that update_inventory will restore stock to the variant

app/models/spree/order.rb

@@ -437,18 +437,13 @@ module Spree
     #
     # Returns:
     # - true if all pending_payments processed successfully
-    # - true if a payment failed, ie. raised a GatewayError
-    #   which gets rescued and converted to TRUE when
-    #   :allow_checkout_gateway_error is set to true
     # - false if a payment failed, ie. raised a GatewayError
-    #   which gets rescued and converted to FALSE when
-    #   :allow_checkout_on_gateway_error is set to false
+    #   which gets rescued and converted to FALSE
     #
     def process_payments!
       process_each_payment(&:process!)
     rescue Core::GatewayError => e
-      result = !!Spree::Config[:allow_checkout_on_gateway_error]
-      errors.add(:base, e.message) && (return result)
+      errors.add(:base, e.message) && (return false)
     end
 
     def process_payments_offline!

app/models/spree/payment.rb

@@ -101,6 +101,24 @@ module Spree
       end
 
       after_transition to: :completed, do: :set_captured_at
+      after_transition do |payment, transition|
+        # Catch any exceptions to prevent any rollback potentially
+        # preventing payment from going through
+        ActiveSupport::Notifications.instrument(
+          "ofn.payment_transition", payment: payment, event: transition.to
+        )
+      rescue StandardError => e
+        Rails.logger.fatal "ActiveSupport::Notification.instrument failed params: " \
+                           "<event_type:ofn.payment_transition> " \
+                           "<payment_id:#{payment.id}> " \
+                           "<event:#{transition.to}>"
+        Alert.raise(
+          e,
+          metadata: {
+            event_tye: "ofn.payment_transition", payment_id: payment.id, event: transition.to
+          }
+        )
+      end
     end
 
     def money

app/models/spree/payment/processing.rb

@@ -183,6 +183,7 @@ module Spree
 
         options.merge!({ billing_address: order.bill_address.try(:active_merchant_hash),
                          shipping_address: order.ship_address.try(:active_merchant_hash) })
+        options.merge!(payment: self)
 
         options
       end

app/models/spree/payment_method.rb

@@ -52,10 +52,6 @@ module Spree
         .where(environment: [Rails.env, "", nil])
     }
 
-    def self.providers
-      Rails.application.config.spree.payment_methods
-    end
-
     def configured?
       !stripe? || stripe_configured?
     end
@@ -93,8 +89,8 @@ module Spree
       type.demodulize.downcase
     end
 
-    def self.find_with_destroyed(*args)
-      unscoped { find(*args) }
+    def self.find_with_destroyed(*)
+      unscoped { find(*) }
     end
 
     def payment_profiles_supported?
@@ -118,8 +114,8 @@ module Spree
     end
 
     def self.clean_name
-      i18n_key = "spree.admin.payment_methods.providers.#{name.demodulize.downcase}"
-      I18n.t(i18n_key)
+      scope = "spree.admin.payment_methods.providers"
+      I18n.t(name.demodulize.downcase, scope:)
     end
 
     private

app/models/spree/payment_method/taler.rb

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+
+require "taler"
+
+module Spree
+  class PaymentMethod
+    # GNU Taler is a distributed, open source payment system.
+    # You need a hosted Taler backend server to process payments.
+    #
+    # For testing, you can use the official demo backend:
+    #
+    # - Merchant UX: https://backend.demo.taler.net
+    # - Username: sandbox
+    # - Password: sandbox
+    #
+    # Configure this payment method for testing with:
+    #
+    # - backend_url: https://backend.demo.taler.net/instances/sandbox
+    # - api_key: sandbox
+    class Taler < PaymentMethod
+      preference :backend_url, :string
+      preference :api_key, :password
+
+      # Name of the view to display during checkout
+      def method_type
+        "check" # empty view
+      end
+
+      def external_gateway?
+        true
+      end
+
+      # The backend provides this URL. It can look like this:
+      # https://backend.demo.taler.net/instances/blog/orders/2026..?token=S8Y..&session_id=b0b..
+      def external_payment_url(options)
+        order = options.fetch(:order)
+        payment = load_payment(order)
+
+        payment.source ||= self
+        payment.response_code ||= create_taler_order(payment)
+        payment.redirect_auth_url ||= fetch_order_url(payment)
+        payment.save! if payment.changed?
+
+        payment.redirect_auth_url
+      end
+
+      # Main method called by Spree::Payment::Processing during checkout
+      # when the user is redirected back to the app.
+      #
+      # The payment has already been made and we need to verify the success.
+      def purchase(_money, _source, gateway_options)
+        payment = gateway_options[:payment]
+
+        return unless payment.response_code
+
+        taler_order = client.fetch_order(payment.response_code)
+        status = taler_order["order_status"]
+        success = (status == "paid")
+        message = I18n.t(status, default: status, scope: "taler.order_status")
+
+        ActiveMerchant::Billing::Response.new(success, message)
+      end
+
+      private
+
+      def load_payment(order)
+        order.payments.checkout.where(payment_method: self).last
+      end
+
+      def create_taler_order(payment)
+        # We are ignoring currency for now so that we can test with the
+        # current demo backend only working with the KUDOS currency.
+        taler_amount = "KUDOS:#{payment.amount}"
+        urls = Rails.application.routes.url_helpers
+        new_order = client.create_order(
+          taler_amount,
+          I18n.t("payment_method_taler.order_summary"),
+          urls.payment_gateways_confirm_taler_url(payment_id: payment.id),
+        )
+
+        new_order["order_id"]
+      end
+
+      def fetch_order_url(payment)
+        order = client.fetch_order(payment.response_code)
+        order["order_status_url"]
+      end
+
+      def client
+        @client ||= ::Taler::Client.new(preferred_backend_url, preferred_api_key)
+      end
+    end
+  end
+end

app/models/webhook_endpoint.rb

@@ -2,5 +2,11 @@
 
 # Records a webhook url to send notifications to
 class WebhookEndpoint < ApplicationRecord
+  WEBHOOK_TYPES = %w(order_cycle_opened payment_status_changed).freeze
+
   validates :url, presence: true
+  validates :webhook_type, presence: true, inclusion: { in: WEBHOOK_TYPES }
+
+  scope :order_cycle_opened, -> { where(webhook_type: "order_cycle_opened") }
+  scope :payment_status, -> { where(webhook_type: "payment_status_changed") }
 end

app/services/image_importer.rb

@@ -11,7 +11,9 @@ class ImageImporter
 
     image = Spree::Image.create do |img|
       PrivateAddressCheck.only_public_connections do
-        img.attachment.attach(io: valid_url.open, filename:, metadata:)
+        io = valid_url.open
+        content_type = Marcel::MimeType.for(io)
+        img.attachment.attach(io:, filename:, metadata:, content_type:)
       end
     end
     product.image = image if image

app/services/line_item_syncer.rb

@@ -77,7 +77,7 @@ class LineItemSyncer
   end
 
   def add_order_update_issue(order, line_item)
-    issue_description = "#{line_item.product.name} - #{line_item.variant.full_name}"
+    issue_description = "#{line_item.product.name} - #{line_item.full_variant_name}"
     issue_description << " - #{stock_issue_description(line_item)}" if line_item.insufficient_stock?
     order_update_issues.add(order, issue_description)
   end

app/services/order_cycles/clone_service.rb

@@ -9,7 +9,7 @@ module OrderCycles
     def create
       oc = @original_order_cycle.dup
       oc.name = I18n.t("models.order_cycle.cloned_order_cycle_name", order_cycle: oc.name)
-      oc.orders_open_at = oc.orders_close_at = oc.mails_sent = oc.processed_at = nil
+      oc.orders_open_at = oc.orders_close_at = oc.mails_sent = oc.processed_at = oc.opened_at = nil
       oc.coordinator_fee_ids = @original_order_cycle.coordinator_fee_ids
       oc.preferred_product_selection_from_coordinator_inventory_only =
         @original_order_cycle.preferred_product_selection_from_coordinator_inventory_only

app/services/order_cycles/webhook_service.rb

@@ -11,10 +11,12 @@ module OrderCycles
         .merge(coordinator_name: order_cycle.coordinator.name)
 
       # Endpoints for coordinator owner
-      webhook_endpoints = order_cycle.coordinator.owner.webhook_endpoints
+      webhook_endpoints = order_cycle.coordinator.owner.webhook_endpoints.order_cycle_opened
 
       # Plus unique endpoints for distributor owners (ignore duplicates)
-      webhook_endpoints |= order_cycle.distributors.map(&:owner).flat_map(&:webhook_endpoints)
+      webhook_endpoints |= order_cycle.distributors.map(&:owner).flat_map { |owner|
+        owner.webhook_endpoints.order_cycle_opened
+      }
 
       webhook_endpoints.each do |endpoint|
         WebhookDeliveryJob.perform_later(endpoint.url, event, webhook_payload, at:)

app/services/payments/status_changed_listener_service.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+# Called by "ActiveSupport::Notifications" when an "ofn.payment_transition" occurs
+# Event originate from Spree::Payment event machine
+#
+module Payments
+  class StatusChangedListenerService
+    def call(_name, started, _finished, _unique_id, payload)
+      event = "payment.#{payload[:event]}"
+      Payments::WebhookService.create_webhook_job(payment: payload[:payment], event:, at: started)
+    end
+  end
+end

app/services/payments/webhook_payload.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+module Payments
+  class WebhookPayload
+    def initialize(payment:, order:, enterprise:)
+      @payment = payment
+      @order = order
+      @enterprise = enterprise
+    end
+
+    def to_hash
+      {
+        payment: @payment.slice(:updated_at, :amount, :state),
+        enterprise: @enterprise.slice(:abn, :acn, :name)
+          .merge(address: @enterprise.address.slice(:address1, :address2, :city, :zipcode)),
+        order: @order.slice(:total, :currency).merge(line_items: line_items)
+      }.with_indifferent_access
+    end
+
+    def self.test_data
+      new(payment: test_payment, order: test_order, enterprise: test_enterprise)
+    end
+
+    def self.test_payment
+      {
+        updated_at: Time.zone.now,
+        amount: 0.00,
+        state: "completed"
+      }
+    end
+
+    def self.test_order
+      order = Spree::Order.new(
+        total: 0.00,
+        currency: "AUD",
+      )
+
+      tax_category = Spree::TaxCategory.new(name: "VAT")
+      product = Spree::Product.new(name: "Test product")
+      Spree::Variant.new(product:, display_name: "")
+      order.line_items << Spree::LineItem.new(
+        quantity: 1,
+        price: 20.00,
+        tax_category:,
+        product:,
+        unit_presentation: "1kg"
+      )
+
+      order
+    end
+
+    def self.test_enterprise
+      enterprise = Enterprise.new(
+        abn: "65797115831",
+        acn: "",
+        name: "TEST Enterprise",
+      )
+      enterprise.address = Spree::Address.new(
+        address1: "1 testing street",
+        address2: "",
+        city: "TestCity",
+        zipcode: "1234"
+      )
+
+      enterprise
+    end
+
+    private_class_method :test_payment, :test_order, :test_enterprise
+
+    private
+
+    def line_items
+      @order.line_items.map do |li|
+        li.slice(:quantity, :price)
+          .merge(
+            tax_category_name: li.tax_category&.name,
+            product_name: li.product.name,
+            name_to_display: li.display_name,
+            unit_to_display: li.unit_presentation
+          )
+      end
+    end
+  end
+end

app/services/payments/webhook_service.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+# Create a webhook payload for a payment status event.
+# The payload will be delivered asynchronously.
+
+module Payments
+  class WebhookService
+    def self.create_webhook_job(payment:, event:, at:)
+      order = payment.order
+      payload = WebhookPayload.new(payment:, order:, enterprise: order.distributor).to_hash
+
+      coordinator = payment.order.order_cycle.coordinator
+      webhook_urls(coordinator).each do |url|
+        WebhookDeliveryJob.perform_later(url, event, payload, at:)
+      end
+    end
+
+    def self.webhook_urls(coordinator)
+      # url for coordinator owner
+      webhook_urls = coordinator.owner.webhook_endpoints.payment_status.pluck(:url)
+
+      # plus url for coordinator manager (ignore duplicate)
+      users_webhook_urls = coordinator.users.flat_map do |user|
+        user.webhook_endpoints.payment_status.pluck(:url)
+      end
+
+      webhook_urls | users_webhook_urls
+    end
+  end
+end

app/services/permitted_attributes/payment_method.rb

@@ -11,7 +11,7 @@ module PermittedAttributes
         [:name, :description, :type, :active,
          :environment, :display_on, :tag_list,
          :preferred_enterprise_id, :preferred_server, :preferred_login, :preferred_password,
-         :calculator_type, :preferred_api_key,
+         :calculator_type, :preferred_api_key, :preferred_backend_url,
          :preferred_signature, :preferred_solution, :preferred_landing_page, :preferred_logourl,
          :preferred_test_mode, :calculator_type, { distributor_ids: [] },
          { calculator_attributes: PermittedAttributes::Calculator.attributes }]

app/services/products_renderer.rb

@@ -44,7 +44,7 @@ class ProductsRenderer
 
       paginated_products = paginate(results)
 
-      if options[:inventory_enabled]
+      if inventory_enabled?
         # Scope results with variant_overrides
         paginated_products.each { |product| product_scoper.scope(product) }
       end
@@ -123,7 +123,7 @@ class ProductsRenderer
         includes(:default_price, :product).
         where(product_id: products)
 
-      if options[:inventory_enabled]
+      if inventory_enabled?
         # Scope results with variant_overrides
         scoper = OpenFoodNetwork::ScopeVariantToHub.new(distributor)
         variants = variants.each { |v| scoper.scope(v) }
@@ -143,4 +143,8 @@ class ProductsRenderer
       vs[v.product_id] << v
     end
   end
+
+  def inventory_enabled?
+    options[:inventory_enabled] && !options[:variant_tag_enabled]
+  end
 end

app/services/vine/voucher_validator_service.rb

@@ -2,6 +2,11 @@
 
 module Vine
   class VoucherValidatorService
+    VINE_ERRORS = {
+      # https://github.com/openfoodfoundation/vine/blob/main/app/Enums/ApiResponse.php
+      "This voucher has expired." => :expired,
+    }.freeze
+
     attr_reader :voucher_code, :errors
 
     def initialize(voucher_code:, enterprise:)
@@ -42,8 +47,10 @@ module Vine
     end
 
     def handle_errors(response)
-      if response[:status] == 400
-        errors[:invalid_voucher] = I18n.t("vine_voucher_validator_service.errors.invalid_voucher")
+      if [400, 409].include?(response[:status])
+        message = response[:body] && JSON.parse(response[:body]).dig("meta", "message")
+        key = VINE_ERRORS.fetch(message, :invalid_voucher)
+        errors[:invalid_voucher] = I18n.t("vine_voucher_validator_service.errors.#{key}")
       elsif response[:status] == 404
         errors[:not_found_voucher] =
           I18n.t("vine_voucher_validator_service.errors.not_found_voucher")

app/views/admin/dfc_product_imports/index.html.haml

@@ -12,7 +12,7 @@
   = form_with url: main_app.import_admin_dfc_product_imports_path, html: { "data-controller": "checked" } do |form|
     -# This is a very inefficient way of holding a json blob. Maybe base64 encode or store as a temporary file
     = form.hidden_field :enterprise_id, value: @enterprise.id
-    = form.hidden_field :catalog_json, value: @catalog_json
+    = form.hidden_field :catalog_json, value: @catalog_data.to_json
 
     %table
       %thead

app/views/admin/enterprises/_admin_index.html.haml

@@ -22,7 +22,7 @@
     %tbody
       = f.fields_for :collection do |enterprise_form|
         - enterprise = enterprise_form.object
-        %tr{class: "enterprise-#{enterprise.id}"}
+        %tr{class: "enterprise-#{enterprise.id}", id: "resource-#{enterprise.id}"}
           %td= link_to enterprise.name, main_app.edit_admin_enterprise_path(enterprise)
           %td
             = enterprise_form.check_box :is_primary_producer

app/views/admin/enterprises/destroy.turbo_stream.haml

@@ -0,0 +1,4 @@
+- unless flash[:error]
+  = turbo_stream.remove "resource-#{@object.id}"
+= turbo_stream.append "flashes" do
+  = render(partial: 'admin/shared/flashes', locals: { flashes: flash })

app/views/admin/enterprises/form/_dfc_permissions.html.haml

@@ -20,7 +20,6 @@
 :plain
   <solid-permissioning
     data-src="#{DfcProvider::Engine.routes.url_helpers.enterprise_platforms_url(@enterprise.id)}"
-    scopes-uri="https://cdn.startinblox.com/owl/dfc/taxonomies/scopes.jsonld"
     noRouter
     auto-lang
     lang="en"

app/views/admin/order_cycles/_advanced_settings.html.haml

@@ -2,7 +2,7 @@
   %h3= t('.title')
 
 = form_for [main_app, :admin, @order_cycle] do |f|
-  - if feature?(:inventory, @order_cycle.coordinator)
+  - if inventory_enabled?(@order_cycle.coordinator)
     .row
       .three.columns.alpha
         = f.label "enterprise_preferred_product_selection_from_coordinator_inventory_only", t('admin.order_cycles.edit.choose_products_from')

app/views/admin/order_cycles/_row.html.haml

@@ -18,7 +18,7 @@
       %span{ "ofn-with-tip": '{{ orderCycle.producerNames }}', "ng-show": 'orderCycle.producers.length > 3' }
         {{ orderCycle.producers.length }}
         = t('.suppliers')
-      %span{ "ng-hide": 'orderCycle.producers.length > 3', "ng-bind": 'orderCycle.producerNames' }
+      %span{ "ng-hide": 'orderCycle.producers.length > 3', "ng-bind-html": 'orderCycle.producerNames' }
     %td.coordinator{ "ng-show": 'columns.coordinator.visible', "ng-bind-html": 'orderCycle.coordinator.name' }
     %td.shops{ "ng-show": 'columns.shops.visible' }
       %span{ "ofn-with-tip": '{{ orderCycle.shopNames }}', "ng-show": 'orderCycle.shops.length > 3' }

app/views/admin/products_v3/_filters.html.haml

@@ -23,7 +23,7 @@
       - select_tag_options = { class: "fullwidth",
                                multiple: true ,
                                data: { controller: "tom-select", "tom-select-placeholder-value": t(".select_tag"), "tom-select-options-value": '{ "maxItems": 5 , "plugins": { "remove_button": {} , "no_active_items": {},  "checkbox_options": { "checkedClassNames": ["ts-checked"], "uncheckedClassNames": ["ts-unchecked"] } } }' } }
-      = select_tag :tags_name_in, options_for_select(available_tags, tags), select_tag_options
+      = select_tag :tags_name_in, options_for_select(available_tags.unshift([t('.tags.none'), @none_tag_value]), tags), select_tag_options
   .submit
     .search-button
       = button_tag t(".search"), class: "secondary icon-search relaxed", name: nil

app/views/admin/products_v3/_no_products.html.haml

@@ -7,5 +7,6 @@
   #no-products-actions
     %a{ href: "/admin/products/new", class: "button icon-plus", icon: "icon-plus" }
       = t(:new_product)
-    %a{ href: "/admin/products/import", class: "button icon-upload secondary", icon: "icon-upload" }
+    %a{ href: admin_product_import_path, class: "button icon-upload secondary", icon: "icon-upload" }
       = t(".import_products")
+

app/views/admin/products_v3/_variant_row.html.haml

@@ -9,7 +9,7 @@
 %td.col-sku.field.naked_inputs
   = f.text_field :sku, 'aria-label': t('admin.products_page.columns.sku')
   = error_message_on variant, :sku
-%td.col-unir_scale.field.naked_inputs{ 'data-controller': 'toggle-control', 'data-toggle-control-match-value': 'items' }
+%td.col-unit_scale.field.naked_inputs{ 'data-controller': 'toggle-control', 'data-toggle-control-match-value': 'items' }
   = f.hidden_field :variant_unit
   = f.hidden_field :variant_unit_scale
   = f.select :variant_unit_with_scale,
@@ -81,7 +81,7 @@
   = error_message_on variant, :tax_category
 - if variant_tag_enabled?(spree_current_user)
   %td.col-tags.field.naked_inputs
-    = render TagListInputComponent.new(name: f.field_name(:tag_list), tags: variant.tag_list, autocomplete_url: variant_tag_rules_admin_tag_rules_path(enterprise_id: variant.supplier_id), placeholder: t('.add_a_tag'), aria_label: t('admin.products_page.columns.tags'))
+    = render TagListInputComponent.new(name: f.field_name(:tag_list), tags: variant.tag_list, autocomplete_url: variant_tag_rules_admin_tag_rules_path(enterprise_id: variant.supplier_id), placeholder: t('.add_a_tag'), aria_label: t('admin.products_page.columns.tags')) if feature?(:variant_tag, variant.supplier)
 %td.col-inherits_properties.align-left
   -# empty
 %td.align-right

app/views/layouts/_alert.html.haml

@@ -1,5 +1,5 @@
 .alert-box{ class: "#{type}" }
   = message
   - if local_assigns[:unconfirmed]
-    %a{ "data-action": "login-modal#resend_confirmation", "data-tab": local_assigns[:tab] }
+    = link_to spree_user_confirmation_path(spree_user: { email: }, tab: local_assigns[:tab]), data: { turbo_method: :post } do
       = t('devise.confirmations.resend_confirmation_email')

app/views/layouts/_forgot_tab.html.haml

@@ -1,12 +1,12 @@
 #forgot-tab
-  = form_with url: spree_user_password_path, scope: :spree_user, data: { remote: "true" } do |form|
+  = form_with url: spree_user_password_path, scope: :spree_user, data: { turbo: true } do |form|
     .row
       .large-12.columns#forgot-feedback
 
     .row
       .large-12.columns
         = form.label :email, t(:signup_email)
-        = form.email_field :email, { tabindex: 1, inputmode: "email", "data-login-modal-target": "email", "data-action": "input->login-modal#emailOnInput" }
+        = form.email_field :email, { tabindex: 1, inputmode: "email" }
     .row
       .large-12.columns
         = form.submit t(:reset_password), { class: "button primary", tabindex: 2 }

app/views/layouts/_login_tab.html.haml

@@ -1,5 +1,5 @@
 #login-content
-  = form_with url: spree_user_session_path, scope: :spree_user, data: { remote: "true" } do |form|
+  = form_with url: spree_user_session_path, scope: :spree_user, data: { turbo: true } do |form|
     .row
       .large-12.columns#login-feedback
         - confirmation_result = request.query_parameters[:validation]
@@ -10,7 +10,7 @@
     .row
       .large-12.columns
         = form.label :email, t(:email)
-        = form.email_field :email, { tabindex: 1, inputmode: "email", autocomplete: "off", "data-login-modal-target": "email", "data-action": "input->login-modal#emailOnInput" }
+        = form.email_field :email, { tabindex: 1, inputmode: "email", autocomplete: "off" }
     .row
       .large-12.columns
         = form.label :password, t(:password)

app/views/layouts/_signup_tab.html.haml

@@ -1,14 +1,14 @@
 - signup_form_user = Spree::User.new if local_assigns[:signup_form_user].nil?
 
 #signup-tab
-  = form_with model: signup_form_user, url: spree.account_path, scope: :user, data: { remote: "true" } do |form|
+  = form_with model: signup_form_user, url: spree.account_path, scope: :user, data: { turbo: true } do |form|
     .row
       .large-12.columns#signup-feedback
 
     .row
       .large-12.columns
         = form.label :email, t(:signup_email)
-        = form.email_field :email, { tabindex: 1, "data-login-modal-target": "email", "data-action": "input->login-modal#emailOnInput" }
+        = form.email_field :email, { tabindex: 1 }
         = form.error_message_on :email
     .row
       .large-12.columns

app/views/layouts/darkswarm.html.haml

@@ -13,12 +13,12 @@
     - else
       = favicon_link_tag "/favicon-staging.ico"
     %link{href: "https://fonts.googleapis.com/css?family=Roboto:400,300italic,400italic,300,700,700italic|Oswald:300,400,700", rel: "stylesheet", type: "text/css"}
-    %link{href: asset_pack_path("media/fonts/OFN-v2.woff"), rel: "preload", as: "font", crossorigin: "anonymous"}
+    %link{href: asset_pack_path("static/OFN-v2.woff"), rel: "preload", as: "font", crossorigin: "anonymous"}
     = render "layouts/matomo_tag"
     = language_meta_tags
 
-    = stylesheet_pack_tag "darkswarm", "data-turbo-track": "reload"
-    = javascript_pack_tag "application", "data-turbo-track": "reload"
+    = stylesheet_pack_tag "darkswarm", "data-turbo-track": "reload", media: "screen"
+    = javascript_pack_tag "application", "data-turbo-track": "reload", defer: false  # do not use defer because our javascript currently depend on order of execution of loaded script.
 
     = render "layouts/shopfront_script" if @shopfront_layout
     = render "layouts/bugsnag_js"

app/views/layouts/mailer.html.haml

@@ -5,7 +5,7 @@
     %meta{:content => "text/html; charset=UTF-8", "http-equiv" => "Content-Type"}/
     %title
       = Spree::Config[:site_name]
-    = stylesheet_link_tag 'mail'
+    = stylesheet_pack_tag "mail", media: "screen"
   %body{:bgcolor => "#FFFFFF" }
     - unless @hide_ofn_navigation
       %table.head-wrap

app/views/layouts/registration.html.haml

@@ -14,9 +14,9 @@
     = render "layouts/matomo_tag"
     = language_meta_tags
 
-    = stylesheet_pack_tag "darkswarm"
+    = stylesheet_pack_tag "darkswarm", media: "screen"
     = javascript_include_tag "darkswarm/all"
-    = javascript_pack_tag "application"
+    = javascript_pack_tag "application", defer: false # do not use defer because our javascript currently depend on order of execution of loaded script.
 
     = csrf_meta_tags
 

app/views/spree/admin/orders/invoice.html.haml

@@ -1,4 +1,4 @@
-= wicked_pdf_stylesheet_link_tag "mail"
+= pdf_stylesheet_pack_tag "mail"
 
 %table{:width => "100%"}
   %tbody

app/views/spree/admin/orders/invoice2.html.haml

@@ -1,4 +1,4 @@
-= wicked_pdf_stylesheet_link_tag "mail"
+= pdf_stylesheet_pack_tag "mail"
 
 %table{:width => "100%"}
   %tbody

app/views/spree/admin/orders/invoice4.html.haml

@@ -1,4 +1,4 @@
-= wicked_pdf_stylesheet_link_tag "mail"
+= pdf_stylesheet_pack_tag "mail"
 
 %table{:width => "100%"}
   %tbody
@@ -102,4 +102,4 @@
   = render partial: 'spree/admin/orders/_invoice/order_note'
 
 .text-center
-  = link_to_platform_terms
+  = link_to_platform_terms

app/views/spree/admin/shared/_head.html.haml

@@ -25,7 +25,7 @@
 = render "spree/admin/shared/translations"
 = render "spree/admin/shared/routes"
 
-= javascript_pack_tag "admin", "data-turbo-track": "reload"
+= javascript_pack_tag "admin", "data-turbo-track": "reload", defer: false # do not use defer because our javascript currently depend on order of execution of loaded script.
 
 %script
   = raw "var AUTH_TOKEN = \"#{form_authenticity_token}\";"

app/views/spree/users/_webhook_endpoints.html.haml

@@ -10,24 +10,5 @@
         %th= t('.url.header')
         %th.actions
     %tbody
-      -# Existing endpoints
-      - @user.webhook_endpoints.each do |webhook_endpoint|
-        %tr
-          %td= t('.event_types.order_cycle_opened') # For now, we only support one type.
-          %td= webhook_endpoint.url
-          %td.actions
-            - if webhook_endpoint.persisted?
-              = button_to account_webhook_endpoint_path(webhook_endpoint), method: :delete,
-                class: "tiny alert no-margin",
-                data: { confirm: I18n.t(:are_you_sure)} do
-                = I18n.t(:delete)
-
-      -# Create new
-      - if @user.webhook_endpoints.empty? # Only one allowed for now.
-        %tr
-          %td= t('.event_types.order_cycle_opened') # For now, we only support one type.
-          %td
-            = form_for(@user.webhook_endpoints.build, url: account_webhook_endpoints_path, id: 'new_webhook_endpoint') do |f|
-              = f.url_field :url, placeholder: t('.url.create_placeholder'), required: true, size: 64
-          %td.actions
-            = button_tag t(:create), class: 'button primary tiny no-margin', form: 'new_webhook_endpoint'
+      = render WebhookEndpointFormComponent.new(webhooks: @user.webhook_endpoints.order_cycle_opened, webhook_type: "order_cycle_opened")
+      = render WebhookEndpointFormComponent.new(webhooks: @user.webhook_endpoints.payment_status, webhook_type: "payment_status_changed")

app/webpacker/controllers/login_modal_controller.js

@@ -1,8 +1,7 @@
 import { Controller } from "stimulus";
 
 export default class extends Controller {
-  static targets = ["background", "modal", "email"];
-  static values = { email: String };
+  static targets = ["background", "modal"];
 
   connect() {
     if (this.hasModalTarget) {
@@ -19,13 +18,6 @@ export default class extends Controller {
     window.dispatchEvent(new Event("login:modal:open"));
   }
 
-  emailOnInput(event) {
-    this.emailValue = event.currentTarget.value;
-    this.emailTargets.forEach((element) => {
-      element.value = this.emailValue;
-    });
-  }
-
   open = () => {
     if (!location.hash.substr(1).includes("/login")) {
       history.pushState({}, "", "#/login");
@@ -57,19 +49,6 @@ export default class extends Controller {
     }, 200);
   }
 
-  resend_confirmation(event) {
-    fetch("/user/spree_user/confirmation", {
-      method: "POST",
-      body: JSON.stringify({
-        spree_user: { email: this.emailValue },
-        tab: event.currentTarget.dataset.tab,
-      }),
-      headers: { "Content-type": "application/json; charset=UTF-8" },
-    })
-      .then((data) => data.json())
-      .then(CableReady.perform);
-  }
-
   returnHome() {
     window.location = "/";
   }

app/webpacker/css/admin/products_v3.scss

@@ -184,8 +184,9 @@
     }
 
     // Hide columns
-    $columns: "image", "name", "sku", "unit_scale", "unit", "price", "on_hand", "producer",
-      "category", "tax_category", "tags", "inherits_properties";
+    $columns:
+      "image", "name", "sku", "unit_scale", "unit", "price", "on_hand", "producer", "category",
+      "tax_category", "tags", "inherits_properties";
     @each $col in $columns {
       &.hide-#{$col} {
         .col-#{$col} {

app/webpacker/css/admin_v3/all.scss

@@ -2,19 +2,19 @@
 // While in feature-toggle, we inherit all files from old admin design.
 // Individual files may be copied in order to replace the old files.
 
-@import "vendor/assets/stylesheets/normalize";
-@import "vendor/assets/stylesheets/responsive-tables";
-@import "vendor/assets/stylesheets/jquery.powertip";
-@import "~jquery-ui/themes/base/core";
-@import "~jquery-ui/themes/base/button";
-@import "~jquery-ui/themes/base/resizable";
-@import "vendor/assets/stylesheets/jquery-ui-theme";
-@import "~jquery-ui/themes/base/dialog";
+@import "assets/stylesheets/normalize";
+@import "assets/stylesheets/responsive-tables";
+@import "assets/stylesheets/jquery.powertip";
+@import "jquery-ui/themes/base/core";
+@import "jquery-ui/themes/base/button";
+@import "jquery-ui/themes/base/resizable";
+@import "assets/stylesheets/jquery-ui-theme";
+@import "jquery-ui/themes/base/dialog";
 @import "../shared/ng-tags-input.min";
-@import "vendor/assets/stylesheets/select2.css.scss";
-@import "~flatpickr/dist/flatpickr";
-@import "~flatpickr/dist/themes/material_blue";
-@import "~shortcut-buttons-flatpickr/dist/themes/light";
+@import "assets/stylesheets/select2";
+@import "flatpickr/dist/flatpickr";
+@import "flatpickr/dist/themes/material_blue";
+@import "shortcut-buttons-flatpickr/dist/themes/light";
 
 @import "../admin/globals/functions";
 @import "globals/palette"; // admin_v3
@@ -123,13 +123,13 @@
 @import "shared/question-mark-icon";
 @import "../admin/question-mark-tooltip";
 
-@import "~tom-select/src/scss/tom-select.default";
+@import "tom-select/src/scss/tom-select.default";
 @import "components/tom_select"; // admin_v3
 
-@import "app/components/modal_component/modal_component";
-@import "app/components/vertical_ellipsis_menu_component/vertical_ellipsis_menu_component"; // admin_v3 and only V3
-@import "app/components/tag_list_input_component/tag_list_input_component";
-@import "app/webpacker/css/admin/trix.scss";
+@import "modal_component/modal_component";
+@import "vertical_ellipsis_menu_component/vertical_ellipsis_menu_component"; // admin_v3 and only V3
+@import "tag_list_input_component/tag_list_input_component";
+@import "admin/trix";
 
 @import "terms_of_service_banner"; // admin_v3
 

app/webpacker/css/darkswarm/account.scss

@@ -9,7 +9,8 @@
     }
   }
 
-  .saved_cards, .no_cards {
+  .saved_cards,
+  .no_cards {
     margin-bottom: 1em;
   }
 
@@ -26,7 +27,7 @@
     }
   }
 
-  .authorised_shops{
+  .authorised_shops {
     table {
       width: 100%;
     }
@@ -39,7 +40,9 @@
   a {
     color: $clr-brick;
 
-    &:hover, &:active, &:focus {
+    &:hover,
+    &:active,
+    &:focus {
       color: $clr-brick-med-bright;
     }
   }
@@ -60,7 +63,8 @@
     }
   }
 
-  i.ofn-i_059-producer, i.ofn-i_060-producer-reversed {
+  i.ofn-i_059-producer,
+  i.ofn-i_060-producer-reversed {
     font-size: 3rem;
     display: inline-block;
     margin-right: 0.25rem;
@@ -92,7 +96,8 @@
     visibility: hidden;
   }
 
-  .transaction-group {}
+  .transaction-group {
+  }
 
   table {
     border-radius: $radius-medium $radius-medium 0 0;
@@ -161,6 +166,15 @@ table {
     //
     // Unfortunately we can't use Scss's interpolation
     // https://sass-lang.com/documentation/interpolation. We're using a too old version perhaps?
-    right: calc(12px + 2*2px + 2*1px);
+    right: calc(12px + 2 * 2px + 2 * 1px);
+  }
+}
+
+// Webhook Endpoints
+td.endpoints-actions {
+  display: flex;
+
+  form {
+    padding-right: $padding-small;
   }
 }

app/webpacker/css/darkswarm/all.scss

@@ -1,10 +1,10 @@
 
-@import 'vendor/assets/stylesheets/autocomplete';
-@import 'vendor/assets/stylesheets/leaflet';
+@import 'assets/stylesheets/autocomplete';
+@import 'assets/stylesheets/leaflet';
 @import 'variables';
 @import '../shared/variables/layout';
 @import '../shared/utilities';
-@import '~foundation-sites/scss/foundation';
+@import 'foundation-sites/scss/foundation';
 
 @import 'big-input';
 @import 'branding';
@@ -77,4 +77,4 @@ ofn-modal {
 @import "../shared/question-mark-icon";
 @import '../admin/shared/scroll_bar';
 
-@import 'app/components/modal_component/modal_component';
+@import 'modal_component/modal_component';

app/webpacker/css/darkswarm/variables.scss

@@ -1,4 +1,4 @@
-@import "~foundation-sites/scss/foundation/components/global";
+@import "foundation-sites/scss/foundation/components/global";
 
 // Brand guide colours:
 // International: #81c26e

app/webpacker/css/mail/all.scss

@@ -0,0 +1,3 @@
+@import '../admin/globals/palette.scss';
+@import 'email';
+@import 'payments_list';