Bump active_storage_validations from 1.1.4 to 3.0.3

Bumps [active_storage_validations](https://github.com/igorkasyanchuk/active_storage_validations) from 1.1.4 to 3.0.3.
- [Release notes](https://github.com/igorkasyanchuk/active_storage_validations/releases)
- [Changelog](https://github.com/igorkasyanchuk/active_storage_validations/blob/master/CHANGES.md)
- [Commits](https://github.com/igorkasyanchuk/active_storage_validations/commits/3.0.03)

---
updated-dependencies:
- dependency-name: active_storage_validations
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.browserslistrc

@@ -0,0 +1,2 @@
+defaults
+IE 11

.gitattributes

@@ -8,3 +8,4 @@
 # Same thing for following files, but they don't have an sh extension
 pre-commit eol=lf
 webpack-dev-server eol=lf
+install-bundler eol=lf

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,4 +1,4 @@
-## What? Why?
+#### What? Why?
 
 - Closes # <!-- Insert issue number here. -->
 
@@ -7,7 +7,7 @@
 
 
 
-## What should we test?
+#### What should we test?
 <!-- List which features should be tested and how.
      This can be similar to the Steps to Reproduce in the issue.
      Also think of other parts of the app which could be affected
@@ -16,7 +16,7 @@
 - Visit ... page.
 - 
 
-## Release notes
+#### Release notes
 
 <!-- Please select one for your PR and delete the other. -->
 
@@ -33,12 +33,12 @@ Changelog Category (reviewers may add a label for the release notes):
 The title of the pull request will be included in the release notes.
 
 
-## Dependencies
+#### Dependencies
 <!-- Does this PR depend on another one?
      Add the link or remove this section. -->
 
 
 
-## Documentation updates
+#### Documentation updates
 <!-- Are there any wiki pages that need updating after merging this PR?
      List them here or remove this section. -->

.github/dependabot.yml

@@ -31,8 +31,6 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
-    cooldown:
-      default-days: 7
 
     # Only specific requirements are specified in Gemfile, so don't touch it.
     versioning-strategy: lockfile-only
@@ -41,8 +39,6 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
-    cooldown:
-      default-days: 7
 
     # Only specific requirements are specified in package.json, so don't touch it.
     versioning-strategy: lockfile-only

.rspec

@@ -1 +1 @@
---require spec_helper
+--require base_spec_helper

.ruby-version

@@ -1 +1 @@
-3.4.8
+3.2.9

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:3.4.8-alpine3.19 AS base
+FROM ruby:3.2.9-alpine3.19 AS base
 ENV LANG=C.UTF-8 \
     LC_ALL=C.UTF-8 \
     TZ=Europe/London \
@@ -31,4 +31,4 @@ FROM development-base
 COPY . $RAILS_ROOT
 COPY Gemfile Gemfile.lock ./
 RUN bundle install --jobs "$(nproc)"
-COPY --from=yarn-dependencies $RAILS_ROOT/node_modules ./node_modules
+COPY --from=yarn-dependencies $RAILS_ROOT/node_modules ./node_modules

Dockerfile.ubuntu

@@ -83,8 +83,11 @@ RUN wget https://chromedriver.storage.googleapis.com/2.41/chromedriver_linux64.z
 # Copy code and install app dependencies
 COPY . /usr/src/app/
 
+# Install Bundler
+RUN ./script/install-bundler
+
 # Install front-end dependencies
 RUN yarn install
 
 # Run bundler install in parallel with the amount of available CPUs
-RUN bundle install --jobs="$(nproc)"
+RUN bundle install --jobs="$(nproc)"

Gemfile

@@ -18,7 +18,7 @@ gem 'activemerchant'
 gem 'angular-rails-templates'
 gem 'ransack', '~> 4.1.0'
 gem 'responders'
-gem 'shakapacker', '8.4.0'
+gem 'webpacker', '~> 5'
 
 # Indirect dependency but we access it directly in JS specs.
 # It turns out to be hard to upgrade but please do if you can.
@@ -49,7 +49,7 @@ gem 'acts_as_list', '1.0.4'
 gem 'cancancan', '~> 1.15.0'
 gem 'digest'
 gem 'ffaker'
-gem 'highline'
+gem 'highline', '2.0.3' # Necessary for the install generator
 gem 'json'
 gem 'monetize', '~> 1.11'
 gem 'paranoia', '~> 2.4'
@@ -57,8 +57,7 @@ gem 'state_machines-activerecord'
 gem 'stringex', '~> 2.8.5', require: false
 
 gem 'paypal-sdk-merchant', '1.117.2'
-gem 'stripe', '~> 15'
-gem "taler"
+gem 'stripe', '~> 13'
 
 gem 'devise'
 gem 'devise-encryptable'
@@ -112,7 +111,7 @@ gem "turbo_power"
 gem "turbo-rails"
 
 gem 'combine_pdf'
-gem 'wicked_pdf', github: "openfoodfoundation/wicked_pdf", branch: "master"
+gem 'wicked_pdf'
 gem 'wkhtmltopdf-binary'
 
 gem 'immigrant'
@@ -127,8 +126,7 @@ gem 'angular_rails_csrf'
 
 gem 'jquery-rails', '4.4.0'
 gem 'jquery-ui-rails', '~> 4.2'
-gem "select2-rails", github: "openfoodfoundation/select2-rails",
-                     branch: "v349_with-relaxed-dependencies"
+gem "select2-rails", github: "openfoodfoundation/select2-rails", branch: "v349_with_thor_v1"
 
 gem 'good_migrations'
 

Gemfile.lock

@@ -10,21 +10,13 @@ GIT
 
 GIT
   remote: https://github.com/openfoodfoundation/select2-rails.git
-  revision: 9693e0cc5b04938da46692d3fa83aa8934791981
-  branch: v349_with-relaxed-dependencies
+  revision: fc240e85fbdf1878ff3c39d972c0cd9a312f5ed4
+  branch: v349_with_thor_v1
   specs:
     select2-rails (3.4.9)
+      sass-rails
       thor (>= 0.14)
 
-GIT
-  remote: https://github.com/openfoodfoundation/wicked_pdf.git
-  revision: bce498de547cdf00d037fdbec29fae844d69ee8e
-  branch: master
-  specs:
-    wicked_pdf (2.8.1)
-      activesupport
-      ostruct
-
 GIT
   remote: https://github.com/podia/stimulus_reflex_testing.git
   revision: abac2ee34de347c589795b4d1a8e83e0baafb201
@@ -112,7 +104,7 @@ GEM
       rails-html-sanitizer (~> 1.6)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    active_storage_validations (3.0.2)
+    active_storage_validations (3.0.3)
       activejob (>= 6.1.4)
       activemodel (>= 6.1.4)
       activestorage (>= 6.1.4)
@@ -167,8 +159,8 @@ GEM
       zeitwerk (>= 2.4, < 3.0)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
-    addressable (2.8.8)
-      public_suffix (>= 2.0.2, < 8.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     aes_key_wrap (1.1.0)
     afm (0.2.2)
     angular-rails-templates (1.4.0)
@@ -185,8 +177,8 @@ GEM
     ast (2.4.3)
     attr_required (1.0.2)
     aws-eventstream (1.4.0)
-    aws-partitions (1.1196.0)
-    aws-sdk-core (3.240.0)
+    aws-partitions (1.1191.0)
+    aws-sdk-core (3.239.2)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.992.0)
       aws-sigv4 (~> 1.9)
@@ -197,7 +189,7 @@ GEM
     aws-sdk-kms (1.118.0)
       aws-sdk-core (~> 3, >= 3.239.1)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.208.0)
+    aws-sdk-s3 (1.206.0)
       aws-sdk-core (~> 3, >= 3.234.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
@@ -242,7 +234,7 @@ GEM
       marcel (~> 1.0)
       nokogiri (~> 1.10, >= 1.10.4)
       rubyzip (>= 1.3.0, < 3)
-    cgi (0.5.0)
+    cgi (0.5.1)
     childprocess (5.0.0)
     choice (0.2.0)
     chronic (0.10.2)
@@ -257,10 +249,10 @@ GEM
     combine_pdf (1.0.31)
       matrix
       ruby-rc4 (>= 0.1.5)
-    concurrent-ruby (1.3.5)
-    connection_pool (2.5.5)
+    concurrent-ruby (1.3.6)
+    connection_pool (3.0.2)
     cookiejar (0.3.4)
-    crack (1.0.1)
+    crack (1.0.0)
       bigdecimal
       rexml
     crass (1.0.6)
@@ -298,7 +290,7 @@ GEM
     diff-lcs (1.6.2)
     digest (3.2.1)
     docile (1.4.1)
-    dotenv (3.2.0)
+    dotenv (3.1.8)
     drb (2.2.3)
     em-http-request (1.1.7)
       addressable (>= 2.3.4)
@@ -313,7 +305,7 @@ GEM
       eventmachine (>= 1.0.0.beta.1)
     email_validator (2.2.4)
       activemodel
-    erb (6.0.1)
+    erb (6.0.0)
     erubi (1.13.1)
     et-orbi (1.3.0)
       tzinfo
@@ -388,7 +380,7 @@ GEM
       temple (>= 0.8.2)
       thor
       tilt
-    haml_lint (0.68.0)
+    haml_lint (0.67.0)
       haml (>= 5.0)
       parallel (~> 1.10)
       rainbow
@@ -397,8 +389,7 @@ GEM
     hashdiff (1.2.1)
     hashery (2.1.2)
     hashie (5.0.0)
-    highline (3.1.2)
-      reline
+    highline (2.0.3)
     htmlentities (4.4.2)
     http_parser.rb (0.8.0)
     i18n (1.14.7)
@@ -501,7 +492,7 @@ GEM
       logger
     mini_mime (1.1.5)
     mini_portile2 (2.8.6)
-    minitest (5.26.2)
+    minitest (5.27.0)
     monetize (1.13.0)
       money (~> 6.12)
     money (6.16.0)
@@ -524,6 +515,7 @@ GEM
     newrelic_rpm (9.24.0)
     nio4r (2.7.5)
     nokogiri (1.18.10)
+      mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     nokogiri-html5-inference (0.3.0)
       nokogiri (~> 1.14)
@@ -560,7 +552,6 @@ GEM
       webfinger (~> 2.0)
     orm_adapter (0.5.0)
     ostruct (0.6.1)
-    package_json (0.2.0)
     pagy (9.4.0)
     paper_trail (17.0.0)
       activerecord (>= 7.1)
@@ -586,15 +577,15 @@ GEM
     pp (0.6.3)
       prettyprint
     prettyprint (0.2.0)
-    prism (1.7.0)
+    prism (1.6.0)
     private_address_check (0.5.0)
     pry (0.15.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    psych (5.3.1)
+    psych (5.2.6)
       date
       stringio
-    public_suffix (7.0.0)
+    public_suffix (6.0.2)
     puffing-billy (4.0.2)
       addressable (~> 2.5)
       em-http-request (~> 1.1, >= 1.1.0)
@@ -623,7 +614,7 @@ GEM
     rack-protection (3.2.0)
       base64 (>= 0.1.0)
       rack (~> 2.2, >= 2.2.4)
-    rack-proxy (0.7.7)
+    rack-proxy (0.7.6)
       rack
     rack-rewrite (1.5.1)
     rack-session (1.0.2)
@@ -693,7 +684,7 @@ GEM
       logger (~> 1.5)
       ostruct (~> 0.6)
       readline (~> 0.0)
-    rdoc (7.0.1)
+    rdoc (6.16.0)
       erb
       psych (>= 4.0.0)
       tsort
@@ -813,23 +804,23 @@ GEM
     sanitize (7.0.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.16.8)
+    sass (3.4.25)
+    sass-rails (5.0.8)
+      railties (>= 5.2.0)
+      sass (~> 3.1)
+      sprockets (>= 2.8, < 4.0)
+      sprockets-rails (>= 2.0, < 4.0)
+      tilt (>= 1.1, < 3)
     sd_notify (0.1.1)
     securerandom (0.4.1)
-    semantic_range (3.1.0)
-    shakapacker (8.4.0)
-      activesupport (>= 5.2)
-      package_json
-      rack-proxy (>= 0.6.1)
-      railties (>= 5.2)
-      semantic_range (>= 2.3.0)
+    semantic_range (3.0.0)
     shoulda-matchers (7.0.1)
       activesupport (>= 7.1)
-    sidekiq (7.3.10)
-      base64
-      connection_pool (>= 2.3.0, < 3)
-      logger
-      rack (>= 2.2.4, < 3.3)
-      redis-client (>= 0.23.0, < 1)
+    sidekiq (7.2.4)
+      concurrent-ruby (< 2)
+      connection_pool (>= 2.3.0)
+      rack (>= 2.2.4)
+      redis-client (>= 0.19.0)
     sidekiq-scheduler (5.0.3)
       rufus-scheduler (~> 3.2)
       sidekiq (>= 6, < 8)
@@ -877,22 +868,21 @@ GEM
       railties (>= 5.2)
       redis (>= 4.0, < 6.0)
     stringex (2.8.6)
-    stringio (3.2.0)
-    stripe (15.5.0)
+    stringio (3.1.8)
+    stripe (13.5.1)
     swd (2.0.3)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
       faraday (~> 2.0)
       faraday-follow_redirects
     sysexits (1.2.0)
-    taler (0.1.0)
-    temple (0.10.4)
+    temple (0.8.2)
     terminal-table (4.0.0)
       unicode-display_width (>= 1.1.1, < 4)
     thor (1.4.0)
     thread-local (1.1.0)
     tilt (2.6.1)
-    timeout (0.4.4)
+    timeout (0.5.0)
     tsort (0.2.0)
     ttfunk (1.8.0)
       bigdecimal (~> 3.1)
@@ -913,7 +903,7 @@ GEM
       simplecov_json_formatter
     unicode-display_width (3.2.0)
       unicode-emoji (~> 4.1)
-    unicode-emoji (4.2.0)
+    unicode-emoji (4.1.0)
     uniform_notifier (1.17.0)
     uri (1.1.1)
     valid_email2 (5.2.3)
@@ -924,8 +914,7 @@ GEM
       public_suffix
     validates_lengths_from_database (0.8.0)
       activerecord (>= 4)
-    vcr (6.3.1)
-      base64
+    vcr (6.2.0)
     view_component (4.1.1)
       actionview (>= 7.1.0, < 8.2)
       activesupport (>= 7.1.0, < 8.2)
@@ -947,10 +936,15 @@ GEM
       activesupport
       faraday (~> 2.0)
       faraday-follow_redirects
-    webmock (3.26.1)
+    webmock (3.25.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
+    webpacker (5.4.4)
+      activesupport (>= 5.2)
+      rack-proxy (>= 0.6.1)
+      railties (>= 5.2)
+      semantic_range (>= 2.3.0)
     webrick (1.9.2)
     websocket-driver (0.7.7)
       base64
@@ -958,11 +952,14 @@ GEM
     websocket-extensions (0.1.5)
     whenever (1.1.0)
       chronic (>= 0.6.3)
+    wicked_pdf (2.8.2)
+      activesupport
+      ostruct
     wkhtmltopdf-binary (0.12.6.10)
     xml-simple (1.1.8)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.7.4)
+    zeitwerk (2.7.3)
 
 PLATFORMS
   ruby
@@ -1020,7 +1017,7 @@ DEPENDENCIES
   good_migrations
   haml
   haml_lint
-  highline
+  highline (= 2.0.3)
   i18n
   i18n-js (~> 3.9.0)
   i18n-tasks
@@ -1084,7 +1081,6 @@ DEPENDENCIES
   rubocop-rspec_rails
   sd_notify
   select2-rails!
-  shakapacker (= 8.4.0)
   shoulda-matchers
   sidekiq
   sidekiq-scheduler
@@ -1098,8 +1094,7 @@ DEPENDENCIES
   stimulus_reflex
   stimulus_reflex_testing!
   stringex (~> 2.8.5)
-  stripe (~> 15)
-  taler
+  stripe (~> 13)
   turbo-rails
   turbo_power
   undercover
@@ -1111,12 +1106,13 @@ DEPENDENCIES
   web!
   web-console
   webmock
+  webpacker (~> 5)
   whenever
-  wicked_pdf!
+  wicked_pdf
   wkhtmltopdf-binary
 
 RUBY VERSION
-  ruby 3.4.8p72
+   ruby 3.2.9p265
 
 BUNDLED WITH
-  4.0.3
+   2.4.19

Procfile

@@ -1,5 +1,5 @@
 # Foreman Procfile. Start all dev server processes with: `foreman start`
 
 rails:      DEV_CACHING=true bundle exec rails s -p 3000
-webpack:    ./bin/shakapacker-dev-server
+webpack:    ./bin/webpack-dev-server
 sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default

Procfile.docker

@@ -1,5 +1,5 @@
 # Foreman Procfile for Docker env. Start all dev server processes with: `bundle exec foreman start -f Procfile.docker`
 
-webpack:    SHAKAPACKER_DEV_SERVER_HOST=0.0.0.0 ./bin/shakapacker-dev-server
+webpack:    WEBPACKER_DEV_SERVER_HOST=0.0.0.0 ./bin/webpack-dev-server
 sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default
-rails:      SHAKAPACKER_DEV_SERVER_HOST=0.0.0.0 DEV_CACHING=true bundle exec rails s -p 3000 -b 0.0.0.0
+rails:      WEBPACKER_DEV_SERVER_HOST=0.0.0.0 DEV_CACHING=true bundle exec rails s -p 3000 -b 0.0.0.0

app/assets/javascripts/admin/index_utils/directives/obj_for_update.js.coffee

@@ -38,13 +38,16 @@ angular.module("admin.indexUtils").directive "objForUpdate", (switchClass, pendi
     # To ensure the customer is still updated, we check on the $destroy event to see if
     # the attribute has changed, if so we queue up the change.
     scope.$on '$destroy', (value) ->
-      currentValue = scope.object()[scope.attr] || ""
-
       # No update
-      return if currentValue is scope.savedValue
+      return if scope.object()[scope.attr] is scope.savedValue
+
+      # For some reason the code attribute is removed from the object when cleared, so we add
+      # an emptyvalue so it gets updated properly
+      if scope.attr is "code" and scope.object()[scope.attr] is undefined
+        scope.object()["code"] = ""
 
       # Queuing up change
-      addPendingChange(scope.attr, currentValue)
+      addPendingChange(scope.attr, scope.object()[scope.attr])
 
     # private
 

app/assets/javascripts/darkswarm/controllers/tmp_controller.js.coffee

@@ -0,0 +1,2 @@
+angular.module('Darkswarm').controller "TmpCtrl", ($scope)->
+  $scope.test = {foo: "bar"}

app/assets/stylesheets/mail.scss

@@ -0,0 +1 @@
+@import './mail/all.scss';

app/assets/stylesheets/mail/all.scss

@@ -0,0 +1,3 @@
+@import '../../../webpacker/css/admin/globals/palette.scss';
+@import 'email';
+@import 'payments_list';

app/components/ship_order_component.html.haml

@@ -1,4 +1,4 @@
-= render ConfirmModalComponent.new(id: dom_id(@order, :ship), confirm_actions: "click->modal#close", confirm_reflexes: "click->Admin::OrdersReflex#ship", controller: "orders", reflex: "Admin::Orders#ship") do
+= render ConfirmModalComponent.new(id: dom_id(@order, :ship), confirm_reflexes: "click->Admin::OrdersReflex#ship", controller: "orders", reflex: "Admin::Orders#ship") do
   %div{class: "margin-bottom-30"}
     %p= t('spree.admin.orders.shipment.mark_as_shipped_message_html')
   %div{class: "margin-bottom-30"}

app/components/webhook_endpoint_form_component.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-class WebhookEndpointFormComponent < ViewComponent::Base
-  def initialize(webhooks:, webhook_type:)
-    @webhooks = webhooks
-    @webhook_type = webhook_type
-  end
-
-  private
-
-  attr_reader :webhooks, :webhook_type
-
-  def is_webhook_payment_status?
-    webhook_type == "payment_status_changed"
-  end
-end

app/components/webhook_endpoint_form_component/webhook_endpoint_form_component.html.haml

@@ -1,27 +0,0 @@
--# Create new endpoints
-- if webhooks.empty? # Only one allowed for now.
-  %tr
-    %td= t("components.webhook_endpoint_form.event_types.#{webhook_type}")
-    %td
-      = form_with(url: helpers.account_webhook_endpoints_path, id: "#{webhook_type}_webhook_endpoint") do |f|
-        = f.url_field :'webhook_endpoint[url]', id: "#{webhook_type}_webhook_endpoint_url", placeholder: t('components.webhook_endpoint_form.url.create_placeholder'), required: true, size: 64
-        = f.hidden_field :'webhook_endpoint[webhook_type]', id: "#{webhook_type}_webhook_endpoint_webhook_type", value: webhook_type
-    %td.actions
-      = button_tag t(:create), class: 'button primary tiny no-margin', form: "#{webhook_type}_webhook_endpoint"
-
--# Existing endpoints
-- webhooks.each do |webhook_endpoint|
-  %tr
-    %td= t("components.webhook_endpoint_form.event_types.#{webhook_type}")
-    %td= webhook_endpoint.url
-    %td.actions.endpoints-actions
-      - if webhook_endpoint.persisted?
-        = button_to helpers.account_webhook_endpoint_path(webhook_endpoint), method: :delete,
-                                                                             class: "tiny alert no-margin",
-                                                                             data: { confirm: I18n.t(:are_you_sure) } do
-          = I18n.t(:delete)
-
-        - if is_webhook_payment_status?
-          = form_tag helpers.webhook_endpoint_test_account_path(webhook_endpoint), class: "button_to", 'data-turbo': true do
-            = button_tag type: "submit", class: "tiny alert no-margin", data: { confirm: I18n.t(:are_you_sure) } do
-              = I18n.t("components.webhook_endpoint_form.test_endpoint")

app/controllers/admin/enterprises_controller.rb

@@ -162,18 +162,6 @@ module Admin
       end
     end
 
-    def destroy
-      if @object.destroy
-        flash.now[:success] = flash_message_for(@object, :successfully_removed)
-      else
-        flash.now[:error] = @object.errors.full_messages.to_sentence
-      end
-
-      respond_to do |format|
-        format.turbo_stream { render :destroy, status: :ok }
-      end
-    end
-
     protected
 
     def delete_custom_tab

app/controllers/admin/products_v3_controller.rb

@@ -7,7 +7,6 @@ module Admin
 
     before_action :init_filters_params
     before_action :init_pagination_params
-    before_action :init_none_tag
 
     def index
       fetch_products
@@ -180,8 +179,6 @@ module Admin
       product_query = OpenFoodNetwork::Permissions.new(spree_current_user)
         .editable_products.merge(product_scope_with_includes).ransack(ransack_query).result
 
-      product_query = apply_tags_filter(product_query)
-
       # Postgres requires ORDER BY expressions to appear in the SELECT list when using DISTINCT.
       # When the current ransack sort uses the computed stock columns, include them in the select
       # so the generated COUNT/DISTINCT query is valid.
@@ -228,51 +225,12 @@ module Admin
         query.merge!(Spree::Variant::SEARCH_KEY => @search_term)
       end
       query.merge!(variants_primary_taxon_id_in: @category_id) if @category_id.present?
+      query.merge!(variants_tags_name_in: @tags) if @tags.present?
       query.merge!(@q) if @q
 
       query
     end
 
-    # Apply tags filter with OR logic:
-    # - Products with variants having selected tags
-    # - OR products with variants having no tags (when "None" is selected)
-    #
-    # Note: This cannot be implemented using Ransack because Ransack applies
-    # AND semantics across associations and cannot express OR logic that combines
-    # the presence and absence of the same associated records.
-    def apply_tags_filter(base_query)
-      return base_query if @tags.blank?
-
-      tag_names = Array(@tags).dup
-      has_none_tag = (tag_names.delete(@none_tag_value) == @none_tag_value)
-
-      queries = []
-
-      if tag_names.any?
-        # Products with at least one variant having one of the selected tags
-        tagged_product_ids = Spree::Variant
-          .joins(taggings: :tag)
-          .where(tags: { name: tag_names })
-          .select(:product_id)
-
-        queries << base_query.where(id: tagged_product_ids)
-      end
-
-      if has_none_tag
-        # Products where no variants have any tags
-        tagged_product_ids = Spree::Variant
-          .joins(:taggings)
-          .select(:product_id)
-
-        queries << base_query.where.not(id: tagged_product_ids)
-      end
-
-      return base_query if queries.empty?
-
-      # Combine queries using ActiveRecord's or method
-      queries.reduce { |combined, query| combined.or(query) }
-    end
-
     # Optimise by pre-loading required columns
     def product_query_includes
       [
@@ -331,10 +289,6 @@ module Admin
         t('.error')
       end
     end
-
-    def init_none_tag
-      @none_tag_value = '""'
-    end
   end
 end
 # rubocop:enable Metrics/ClassLength

app/controllers/admin/resource_controller.rb

@@ -61,7 +61,7 @@ module Admin
 
     def destroy
       if @object.destroy
-        flash[:success] = Spree.t(:successfully_removed)
+        flash[:success] = flash_message_for(@object, :successfully_removed)
         respond_with(@object) do |format|
           format.html { redirect_to collection_url }
           format.js   { render partial: "spree/admin/shared/destroy" }
@@ -76,7 +76,7 @@ module Admin
     protected
 
     def resource_not_found
-      flash[:error] = Spree.t(:not_found)
+      flash[:error] = flash_message_for(model_class.new, :not_found)
       redirect_to collection_url
     end
 

app/controllers/admin/stripe_accounts_controller.rb

@@ -6,7 +6,7 @@ module Admin
   class StripeAccountsController < Spree::Admin::BaseController
     def connect
       payload = params.permit(:enterprise_id).to_h
-      key = Rails.application.secret_key_base
+      key = Openfoodnetwork::Application.config.secret_token
       url_params = { state: JWT.encode(payload, key, 'HS256'), scope: "read_write" }
       redirect_to Stripe::OAuth.authorize_url(url_params)
     end

app/controllers/admin/tag_rules_controller.rb

@@ -30,7 +30,7 @@ module Admin
 
       status = :ok
       if @rule.destroy
-        flash[:success] = Spree.t(:successfully_removed, resource: Spree.t(:tag_rule))
+        flash[:success] = Spree.t(:successfully_removed, resource: "Tag Rule")
       else
         flash.now[:error] = t(".destroy_error")
         status = :internal_server_error

app/controllers/admin/vouchers_controller.rb

@@ -14,7 +14,7 @@ module Admin
       )
 
       if @voucher.save
-        flash[:success] = I18n.t(:successfully_created, resource: Spree.t(:voucher))
+        flash[:success] = I18n.t(:successfully_created, resource: "Voucher")
         redirect_to edit_admin_enterprise_path(@enterprise, anchor: :vouchers_panel)
       else
         render_error

app/controllers/payment_gateways/taler_controller.rb

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-module PaymentGateways
-  class TalerController < BaseController
-    include OrderCompletion
-
-    # The Taler merchant backend has taken the payment.
-    # Now we just need to confirm that and update our local database
-    # before finalising the order.
-    def confirm
-      payment = Spree::Payment.find(params[:payment_id])
-      @order = payment.order
-      process_payment_completion!
-    end
-  end
-end

app/controllers/spree/admin/images_controller.rb

@@ -68,7 +68,7 @@ module Spree
         destroy_before
 
         if @object.destroy
-          flash[:success] = Spree.t(:successfully_removed)
+          flash[:success] = flash_message_for(@object, :successfully_removed)
         end
 
         redirect_to location_after_save

app/controllers/spree/admin/payment_methods_controller.rb

@@ -11,11 +11,10 @@ module Spree
       respond_to :html
 
       PAYMENT_METHODS = %w{
+        Spree::PaymentMethod::Check
         Spree::Gateway::PayPalExpress
         Spree::Gateway::StripeSCA
-        Spree::PaymentMethod::Check
-        Spree::PaymentMethod::Taler
-      }.freeze
+      }.index_with(&:constantize).freeze
 
       def create
         force_environment
@@ -96,7 +95,7 @@ module Spree
             @payment_method = PaymentMethod.find(params[:pm_id])
           end
         else
-          @payment_method = PaymentMethod.new(type: params[:provider_type])
+          @payment_method = PAYMENT_METHODS.fetch(params[:provider_type], PaymentMethod).new
         end
 
         render partial: 'provider_settings'
@@ -118,7 +117,7 @@ module Spree
       end
 
       def validate_payment_method_provider
-        valid_payment_methods = PAYMENT_METHODS
+        valid_payment_methods = Rails.application.config.spree.payment_methods.map(&:to_s)
         return if valid_payment_methods.include?(params[:payment_method][:type])
 
         flash[:error] = Spree.t(:invalid_payment_provider)
@@ -134,11 +133,13 @@ module Spree
       end
 
       def load_providers
-        providers = PAYMENT_METHODS.dup
+        providers = Gateway.providers.sort_by(&:name)
 
-        providers.delete("Spree::Gateway::StripeSCA") unless show_stripe?
+        unless show_stripe?
+          providers.reject! { |provider| stripe_provider?(provider) }
+        end
 
-        providers.map(&:constantize)
+        providers
       end
 
       # Show Stripe as an option if enabled, or if the
@@ -163,6 +164,10 @@ module Spree
         @payment_method.try(:type) == "Spree::Gateway::StripeSCA"
       end
 
+      def stripe_provider?(provider)
+        provider.name.ends_with?("StripeSCA")
+      end
+
       def base_params
         @base_params ||= PermittedAttributes::PaymentMethod.new(params[:payment_method]).
           call.to_h.with_indifferent_access

app/controllers/spree/admin/product_properties_controller.rb

@@ -16,7 +16,7 @@ module Spree
         @url_filters = ::ProductFilters.new.extract(request.query_parameters)
 
         if @object.destroy
-          flash[:success] = Spree.t(:successfully_removed)
+          flash[:success] = flash_message_for(@object, :successfully_removed)
         end
         # if destroy fails it won't show any errors to the user
         redirect_to spree.admin_product_product_properties_url(params[:product_id], @url_filters)

app/controllers/spree/admin/shipping_methods_controller.rb

@@ -36,7 +36,7 @@ module Spree
         end
 
         @object.touch :deleted_at
-        flash[:success] = Spree.t(:successfully_removed)
+        flash[:success] = flash_message_for(@object, :successfully_removed)
 
         respond_with(@object) do |format|
           format.html { redirect_to collection_url }

app/controllers/spree/admin/tax_categories_controller.rb

@@ -5,7 +5,7 @@ module Spree
     class TaxCategoriesController < ::Admin::ResourceController
       def destroy
         if @object.destroy
-          flash[:success] = Spree.t(:successfully_removed)
+          flash[:success] = flash_message_for(@object, :successfully_removed)
           respond_with(@object) do |format|
             format.html { redirect_to collection_url }
             format.js   { render partial: "spree/admin/shared/destroy" }

app/controllers/spree/user_sessions_controller.rb

@@ -9,6 +9,7 @@ module Spree
     include Spree::Core::ControllerHelpers::Auth
     include Spree::Core::ControllerHelpers::Common
     include Spree::Core::ControllerHelpers::Order
+    include CablecarResponses
 
     helper 'spree/base'
 
@@ -23,12 +24,14 @@ module Spree
       if spree_user_signed_in?
         flash[:success] = t('devise.success.logged_in_succesfully')
 
-        redirect_to return_url_or_default(after_sign_in_path_for(spree_current_user))
+        render cable_ready: cable_car.redirect_to(
+          url: return_url_or_default(after_sign_in_path_for(spree_current_user))
+        )
       else
-        message = t('devise.failure.invalid')
-        render turbo_stream: turbo_stream.update(
-          'login-feedback', partial: 'layouts/alert', locals: { message:, type: 'alert' }
-        ), status: :unprocessable_entity
+        render status: :unauthorized, cable_ready: cable_car.inner_html(
+          "#login-feedback",
+          partial("layouts/alert", locals: { type: "alert", message: t('devise.failure.invalid') })
+        )
       end
     end
 
@@ -57,13 +60,11 @@ module Spree
     end
 
     def render_unconfirmed_response
-      message = t(:email_unconfirmed)
-
-      render turbo_stream: turbo_stream.update(
-        'login-feedback',
-        partial: 'layouts/alert', locals: { type: "alert", message:, unconfirmed: true,
-                                            tab: "login", email: params.dig(:spree_user, :email) }
-      ), status: :unprocessable_entity
+      render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
+        "#login-feedback",
+        partial("layouts/alert", locals: { type: "alert", message: t(:email_unconfirmed),
+                                           unconfirmed: true, tab: "login" })
+      )
     end
 
     def ensure_valid_locale_persisted

app/controllers/spree/users_controller.rb

@@ -3,6 +3,7 @@
 module Spree
   class UsersController < ::BaseController
     include I18nHelper
+    include CablecarResponses
 
     layout 'darkswarm'
 
@@ -24,17 +25,34 @@ module Spree
       @unconfirmed_email = spree_current_user.unconfirmed_email
     end
 
+    # Endpoint for queries to check if a user is already registered
+    def registered_email
+      registered = Spree::User.find_by(email: params[:email]).present?
+
+      if registered
+        render status: :ok, cable_ready: cable_car.
+          inner_html(
+            "#login-feedback",
+            partial("layouts/alert",
+                    locals: { type: "alert", message: t('devise.failure.already_registered') })
+          ).
+          dispatch_event(name: "login:modal:open")
+      else
+        head :not_found
+      end
+    end
+
     def create
       @user = Spree::User.new(user_params)
 
       if @user.save
         flash[:success] = t('devise.user_registrations.spree_user.signed_up_but_unconfirmed')
-        redirect_to main_app.root_path
+        render cable_ready: cable_car.redirect_to(url: main_app.root_path)
       else
-        render turbo_stream: turbo_stream.update(
-          'signup-tab',
-          partial: 'layouts/signup_tab', locals: { signup_form_user: @user }
-        ), status: :unprocessable_entity
+        render status: :unprocessable_entity, cable_ready: cable_car.morph(
+          "#signup-tab",
+          partial("layouts/signup_tab", locals: { signup_form_user: @user })
+        )
       end
     end
 
@@ -79,10 +97,13 @@ module Spree
     end
 
     def render_alert_timestamp_error_message
-      render turbo_stream: turbo_stream.update(
-        'signup-feedback',
-        partial: 'layouts/alert',
-        locals: { type: "alert", message: InvisibleCaptcha.timestamp_error_message }
+      render cable_ready: cable_car.inner_html(
+        "#signup-feedback",
+        partial("layouts/alert",
+                locals: {
+                  type: "alert",
+                  message: InvisibleCaptcha.timestamp_error_message
+                })
       )
     end
   end

app/controllers/user_confirmations_controller.rb

@@ -3,6 +3,7 @@
 class UserConfirmationsController < DeviseController
   # Needed for access to current_ability, so we can authorize! actions
   include Spree::Core::ControllerHelpers::Auth
+  include CablecarResponses
 
   # GET /resource/confirmation?confirmation_token=abcdef
   def show
@@ -28,12 +29,12 @@ class UserConfirmationsController < DeviseController
         set_flash_message(:error, :confirmation_not_sent)
       end
     else
-      flash.now[:sucess] = t("devise.confirmations.send_instructions")
-
-      return render turbo_stream: turbo_stream.update(
-        "#{params[:tab] || 'forgot'}-feedback",
-        partial: 'shared/flashes', locals: { flashes: flash }
+      render cable_ready: cable_car.inner_html(
+        "##{params[:tab] || 'forgot'}-feedback",
+        partial("layouts/alert",
+                locals: { type: "success", message: t("devise.confirmations.send_instructions") })
       )
+      return
     end
 
     respond_with_navigational(resource){ redirect_to login_path }

app/controllers/user_passwords_controller.rb

@@ -1,40 +1,37 @@
 # frozen_string_literal: true
 
 class UserPasswordsController < Spree::UserPasswordsController
+  include CablecarResponses
+
   layout 'darkswarm'
 
   def create
     return render_unconfirmed_response if user_unconfirmed?
 
     self.resource = resource_class.send_reset_password_instructions(raw_params[resource_name])
-    status = :ok
 
     if resource.errors.empty?
-      message, type = [t(:password_reset_sent), :success]
+      render cable_ready: cable_car.inner_html(
+        "#forgot-feedback",
+        partial("layouts/alert", locals: { type: "success", message: t(:password_reset_sent) })
+      )
     else
-      message, type = [t(:email_not_found), :alert]
-      status = :not_found
+      render status: :not_found, cable_ready: cable_car.inner_html(
+        "#forgot-feedback",
+        partial("layouts/alert", locals: { type: "alert", message: t(:email_not_found) })
+      )
     end
-
-    render turbo_stream: turbo_stream.update(
-      'forgot-feedback',
-      partial: 'layouts/alert',
-      locals: { type:, message:, tab: 'forgot',
-                unconfirmed: false, email: params.dig(:spree_user, :email) }
-    ), status:
   end
 
   private
 
   def render_unconfirmed_response
-    message, type, unconfirmed, tab = [t(:email_unconfirmed), :alert, true, 'forgot']
-
-    render turbo_stream: turbo_stream.update(
-      'forgot-feedback',
-      partial: 'layouts/alert',
-      locals: { type:, message:, tab:,
-                unconfirmed:, email: params.dig(:spree_user, :email) }
-    ), status: :unprocessable_entity
+    render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
+      "#forgot-feedback",
+      partial("layouts/alert",
+              locals: { type: "alert", message: t(:email_unconfirmed),
+                        unconfirmed: true, tab: "forgot" })
+    )
   end
 
   def user_unconfirmed?

app/controllers/voucher_adjustments_controller.rb

@@ -90,13 +90,11 @@ class VoucherAdjustmentsController < BaseController
       voucher_code: voucher_params[:voucher_code], enterprise: @order.distributor
     )
     voucher = vine_voucher_validator.validate
-    errors = vine_voucher_validator.errors
 
-    return nil if errors[:not_found_voucher].present?
+    return nil if vine_voucher_validator.errors[:not_found_voucher].present?
 
-    if errors.present?
-      message = errors[:invalid_voucher] || I18n.t('checkout.errors.add_voucher_error')
-      @order.errors.add(:voucher_code, message)
+    if vine_voucher_validator.errors.present?
+      @order.errors.add(:voucher_code, I18n.t('checkout.errors.add_voucher_error'))
       return nil
     end
 

app/controllers/webhook_endpoints_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class WebhookEndpointsController < BaseController
-  before_action :load_resource, only: [:destroy, :test]
+  before_action :load_resource, only: :destroy
 
   def create
     webhook_endpoint = spree_current_user.webhook_endpoints.new(webhook_endpoint_params)
@@ -25,30 +25,12 @@ class WebhookEndpointsController < BaseController
     redirect_to redirect_path
   end
 
-  def test
-    at = Time.zone.now
-    test_payload = Payments::WebhookPayload.test_data.to_hash
-
-    WebhookDeliveryJob.perform_later(@webhook_endpoint.url, "payment.completed", test_payload, at:)
-
-    flash[:success] = t(".success")
-    respond_with do |format|
-      format.turbo_stream do
-        render turbo_stream: turbo_stream.update(
-          :flashes, partial: "shared/flashes", locals: { flashes: flash }
-        )
-      end
-    end
-  end
-
-  private
-
   def load_resource
     @webhook_endpoint = spree_current_user.webhook_endpoints.find(params[:id])
   end
 
   def webhook_endpoint_params
-    params.require(:webhook_endpoint).permit(:url, :webhook_type)
+    params.require(:webhook_endpoint).permit(:url)
   end
 
   def redirect_path

app/helpers/application_helper.rb

@@ -72,23 +72,7 @@ module ApplicationHelper
     end
   end
 
-  # Update "v1" to invalidate existing cache key
   def cache_key_with_locale(key, locale)
-    Array.wrap(key) + ["v3", locale.to_s, I18nDigests.for_locale(locale)]
-  end
-
-  def pdf_stylesheet_pack_tag(source)
-    # With shakapacker dev server running, the wicked_pdf_stylesheet_pack_tag will produce a
-    # relative path, because we don't have `config.action_controller.asset_host`. Relative path
-    # can't be resolved by `wkhtmltopdf`. So we pass the wepacker dev server host and port to
-    # the shakapacker helper, so it generates the correct url.
-    # For more info: https://stackoverflow.com/questions/58490299/how-to-include-css-stylesheet-into-wicked-pdf/60541688#60541688
-    if running_in_development?
-      options = { media: "all",
-                  host: "#{Shakapacker.dev_server.host}:#{Shakapacker.dev_server.port}" }
-      stylesheet_pack_tag(source, **options)
-    else
-      wicked_pdf_stylesheet_pack_tag(source)
-    end
+    Array.wrap(key) + [locale.to_s, I18nDigests.for_locale(locale)]
   end
 end

app/helpers/enterprises_helper.rb

@@ -63,11 +63,8 @@ module EnterprisesHelper
     url = object_url(enterprise)
     name = t(:delete)
     options = {}
-    options[:data] = {
-      turbo: true,
-      'turbo-method': 'delete',
-      'turbo-confirm': enterprise_confirm_delete_message(enterprise)
-    }
+    options[:class] = "delete-resource"
+    options[:data] = { action: 'remove', confirm: enterprise_confirm_delete_message(enterprise) }
     link_to_with_icon 'icon-trash', name, url, options
   end
 

app/models/application_record.rb

@@ -12,10 +12,7 @@ class ApplicationRecord < ActiveRecord::Base
   self.include_root_in_json = true
 
   def self.image_service
-    return :local if ENV["S3_BUCKET"].blank?
-    return :amazon_public if ENV["S3_ENDPOINT"].blank?
-
-    :s3_compatible_storage_public
+    ENV["S3_BUCKET"].present? ? :amazon_public : :local
   end
 
   # We might have a development environment without S3 but with a database

app/models/enterprise.rb

@@ -50,11 +50,11 @@ class Enterprise < ApplicationRecord
   has_many :distributed_orders, class_name: 'Spree::Order',
                                 foreign_key: 'distributor_id',
                                 inverse_of: :distributor,
-                                dependent: :restrict_with_error
+                                dependent: :restrict_with_exception
 
   belongs_to :address, class_name: 'Spree::Address'
   belongs_to :business_address, optional: true, class_name: 'Spree::Address', dependent: :destroy
-  has_many :enterprise_fees, dependent: :restrict_with_error
+  has_many :enterprise_fees, dependent: :restrict_with_exception
   has_many :enterprise_roles, dependent: :destroy
   has_many :users, through: :enterprise_roles
   belongs_to :owner, class_name: 'Spree::User',
@@ -62,18 +62,18 @@ class Enterprise < ApplicationRecord
   has_many :distributor_payment_methods,
            inverse_of: :distributor,
            foreign_key: :distributor_id,
-           dependent: :restrict_with_error
+           dependent: :restrict_with_exception
   has_many :distributor_shipping_methods,
            inverse_of: :distributor,
            foreign_key: :distributor_id,
-           dependent: :restrict_with_error
+           dependent: :restrict_with_exception
   has_many :payment_methods, through: :distributor_payment_methods
   has_many :shipping_methods, through: :distributor_shipping_methods
   has_many :customers, dependent: :destroy
   has_many :inventory_items, dependent: :destroy
   has_many :tag_rules, dependent: :destroy
   has_one :stripe_account, dependent: :destroy
-  has_many :vouchers, dependent: :restrict_with_error
+  has_many :vouchers, dependent: :restrict_with_exception
   has_many :connected_apps, dependent: :destroy
   has_many :dfc_permissions, dependent: :destroy
   has_one :custom_tab, dependent: :destroy
@@ -111,14 +111,14 @@ class Enterprise < ApplicationRecord
   end
 
   validates :logo,
-            processable_file: true,
-            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
   validates :promo_image,
-            processable_file: true,
-            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
   validates :white_label_logo,
-            processable_file: true,
-            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
   validates :terms_and_conditions, content_type: {
     in: "application/pdf",
     message: I18n.t(:enterprise_terms_and_conditions_type_error),

app/models/enterprise_group.rb

@@ -29,11 +29,11 @@ class EnterpriseGroup < ApplicationRecord
   has_one_attached :promo_image, service: image_service
 
   validates :logo,
-            processable_file: true,
-            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
   validates :promo_image,
-            processable_file: true,
-            content_type: ::Spree::Image::ACCEPTED_CONTENT_TYPES
+            processable_image: true,
+            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
 
   scope :by_position, -> { order('position ASC') }
   scope :on_front_page, -> { where(on_front_page: true) }

app/models/invoice/data_presenter.rb

@@ -95,8 +95,8 @@ class Invoice
     def display_line_item_tax_rate(item)
       all_tax_adjustments.select { |a|
         a.adjustable.type == 'Spree::LineItem' && a.adjustable.id == item.id
-      }.map(&:originator).map(&:amount).sort.map { |amount|
-        number_to_percentage(amount * 100, precision: 1)
+      }.map(&:originator).map { |tr|
+        number_to_percentage(tr.amount * 100, precision: 1)
       }.join(", ")
     end
 

app/models/spree/app_configuration.rb

@@ -31,6 +31,7 @@ module Spree
     preference :admin_products_per_page, :integer, default: 10
     # Should only be true if you don't need to track inventory
     preference :allow_backorder_shipping, :boolean, default: false
+    preference :allow_checkout_on_gateway_error, :boolean, default: false
     preference :allow_guest_checkout, :boolean, default: true
     preference :currency_decimal_mark, :string, default: "."
     preference :currency_symbol_position, :string, default: "before"

app/models/spree/image.rb

@@ -2,8 +2,6 @@
 
 module Spree
   class Image < Asset
-    ACCEPTED_CONTENT_TYPES = %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
-
     has_one_attached :attachment, service: image_service do |attachment|
       attachment.variant :mini, resize_to_fill: [48, 48]
       attachment.variant :small, resize_to_fill: [227, 227]
@@ -13,8 +11,8 @@ module Spree
 
     validates :attachment,
               attached: true,
-              processable_file: true,
-              content_type: ACCEPTED_CONTENT_TYPES
+              processable_image: true,
+              content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
     validate :no_attachment_errors
 
     def self.default_image_url(size)

app/models/spree/line_item.rb

@@ -24,8 +24,6 @@ module Spree
     before_validation :copy_price
     before_validation :copy_tax_category
     before_validation :copy_dimensions
-    before_validation :copy_product_name, on: :create
-    before_validation :copy_variant_name, on: :create
 
     validates :quantity, numericality: {
       only_integer: true,
@@ -252,18 +250,6 @@ module Spree
       adjustments.enterprise_fee
     end
 
-    def full_variant_name
-      return variant_name if variant_name.present?
-
-      variant.full_name
-    end
-
-    def full_product_name
-      return product_name if product_name.present?
-
-      variant.product.name
-    end
-
     private
 
     def computed_weight_from_variant
@@ -288,18 +274,6 @@ module Spree
       order.create_tax_charge!
     end
 
-    def copy_product_name
-      return if variant.nil? || variant.product.nil?
-
-      self.product_name = variant.product.name
-    end
-
-    def copy_variant_name
-      return if variant.nil?
-
-      self.variant_name = variant.full_name
-    end
-
     def update_inventory_before_destroy
       # This is necessary before destroying the line item
       #   so that update_inventory will restore stock to the variant

app/models/spree/order.rb

@@ -437,13 +437,18 @@ module Spree
     #
     # Returns:
     # - true if all pending_payments processed successfully
+    # - true if a payment failed, ie. raised a GatewayError
+    #   which gets rescued and converted to TRUE when
+    #   :allow_checkout_gateway_error is set to true
     # - false if a payment failed, ie. raised a GatewayError
-    #   which gets rescued and converted to FALSE
+    #   which gets rescued and converted to FALSE when
+    #   :allow_checkout_on_gateway_error is set to false
     #
     def process_payments!
       process_each_payment(&:process!)
     rescue Core::GatewayError => e
-      errors.add(:base, e.message) && (return false)
+      result = !!Spree::Config[:allow_checkout_on_gateway_error]
+      errors.add(:base, e.message) && (return result)
     end
 
     def process_payments_offline!

app/models/spree/payment.rb

@@ -101,24 +101,6 @@ module Spree
       end
 
       after_transition to: :completed, do: :set_captured_at
-      after_transition do |payment, transition|
-        # Catch any exceptions to prevent any rollback potentially
-        # preventing payment from going through
-        ActiveSupport::Notifications.instrument(
-          "ofn.payment_transition", payment: payment, event: transition.to
-        )
-      rescue StandardError => e
-        Rails.logger.fatal "ActiveSupport::Notification.instrument failed params: " \
-                           "<event_type:ofn.payment_transition> " \
-                           "<payment_id:#{payment.id}> " \
-                           "<event:#{transition.to}>"
-        Alert.raise(
-          e,
-          metadata: {
-            event_tye: "ofn.payment_transition", payment_id: payment.id, event: transition.to
-          }
-        )
-      end
     end
 
     def money

app/models/spree/payment/processing.rb

@@ -183,7 +183,6 @@ module Spree
 
         options.merge!({ billing_address: order.bill_address.try(:active_merchant_hash),
                          shipping_address: order.ship_address.try(:active_merchant_hash) })
-        options.merge!(payment: self)
 
         options
       end

app/models/spree/payment_method.rb

@@ -52,6 +52,10 @@ module Spree
         .where(environment: [Rails.env, "", nil])
     }
 
+    def self.providers
+      Rails.application.config.spree.payment_methods
+    end
+
     def configured?
       !stripe? || stripe_configured?
     end
@@ -89,8 +93,8 @@ module Spree
       type.demodulize.downcase
     end
 
-    def self.find_with_destroyed(*)
-      unscoped { find(*) }
+    def self.find_with_destroyed(*args)
+      unscoped { find(*args) }
     end
 
     def payment_profiles_supported?
@@ -114,8 +118,8 @@ module Spree
     end
 
     def self.clean_name
-      scope = "spree.admin.payment_methods.providers"
-      I18n.t(name.demodulize.downcase, scope:)
+      i18n_key = "spree.admin.payment_methods.providers.#{name.demodulize.downcase}"
+      I18n.t(i18n_key)
     end
 
     private

app/models/spree/payment_method/taler.rb

@@ -1,94 +0,0 @@
-# frozen_string_literal: true
-
-require "taler"
-
-module Spree
-  class PaymentMethod
-    # GNU Taler is a distributed, open source payment system.
-    # You need a hosted Taler backend server to process payments.
-    #
-    # For testing, you can use the official demo backend:
-    #
-    # - Merchant UX: https://backend.demo.taler.net
-    # - Username: sandbox
-    # - Password: sandbox
-    #
-    # Configure this payment method for testing with:
-    #
-    # - backend_url: https://backend.demo.taler.net/instances/sandbox
-    # - api_key: sandbox
-    class Taler < PaymentMethod
-      preference :backend_url, :string
-      preference :api_key, :password
-
-      # Name of the view to display during checkout
-      def method_type
-        "check" # empty view
-      end
-
-      def external_gateway?
-        true
-      end
-
-      # The backend provides this URL. It can look like this:
-      # https://backend.demo.taler.net/instances/blog/orders/2026..?token=S8Y..&session_id=b0b..
-      def external_payment_url(options)
-        order = options.fetch(:order)
-        payment = load_payment(order)
-
-        payment.source ||= self
-        payment.response_code ||= create_taler_order(payment)
-        payment.redirect_auth_url ||= fetch_order_url(payment)
-        payment.save! if payment.changed?
-
-        payment.redirect_auth_url
-      end
-
-      # Main method called by Spree::Payment::Processing during checkout
-      # when the user is redirected back to the app.
-      #
-      # The payment has already been made and we need to verify the success.
-      def purchase(_money, _source, gateway_options)
-        payment = gateway_options[:payment]
-
-        return unless payment.response_code
-
-        taler_order = client.fetch_order(payment.response_code)
-        status = taler_order["order_status"]
-        success = (status == "paid")
-        message = I18n.t(status, default: status, scope: "taler.order_status")
-
-        ActiveMerchant::Billing::Response.new(success, message)
-      end
-
-      private
-
-      def load_payment(order)
-        order.payments.checkout.where(payment_method: self).last
-      end
-
-      def create_taler_order(payment)
-        # We are ignoring currency for now so that we can test with the
-        # current demo backend only working with the KUDOS currency.
-        taler_amount = "KUDOS:#{payment.amount}"
-        urls = Rails.application.routes.url_helpers
-        new_order = client.create_order(
-          taler_amount,
-          I18n.t("payment_method_taler.order_summary"),
-          urls.payment_gateways_confirm_taler_url(payment_id: payment.id),
-        )
-
-        new_order["order_id"]
-      end
-
-      def fetch_order_url(payment)
-        order = client.fetch_order(payment.response_code)
-        order["order_status_url"]
-      end
-
-      def client
-        @client ||= ::Taler::Client.new(preferred_backend_url, preferred_api_key)
-      end
-    end
-  end
-end

app/models/webhook_endpoint.rb

@@ -2,11 +2,5 @@
 
 # Records a webhook url to send notifications to
 class WebhookEndpoint < ApplicationRecord
-  WEBHOOK_TYPES = %w(order_cycle_opened payment_status_changed).freeze
-
   validates :url, presence: true
-  validates :webhook_type, presence: true, inclusion: { in: WEBHOOK_TYPES }
-
-  scope :order_cycle_opened, -> { where(webhook_type: "order_cycle_opened") }
-  scope :payment_status, -> { where(webhook_type: "payment_status_changed") }
 end

app/services/image_importer.rb

@@ -11,9 +11,7 @@ class ImageImporter
 
     image = Spree::Image.create do |img|
       PrivateAddressCheck.only_public_connections do
-        io = valid_url.open
-        content_type = Marcel::MimeType.for(io)
-        img.attachment.attach(io:, filename:, metadata:, content_type:)
+        img.attachment.attach(io: valid_url.open, filename:, metadata:)
       end
     end
     product.image = image if image

app/services/line_item_syncer.rb

@@ -77,7 +77,7 @@ class LineItemSyncer
   end
 
   def add_order_update_issue(order, line_item)
-    issue_description = "#{line_item.product.name} - #{line_item.full_variant_name}"
+    issue_description = "#{line_item.product.name} - #{line_item.variant.full_name}"
     issue_description << " - #{stock_issue_description(line_item)}" if line_item.insufficient_stock?
     order_update_issues.add(order, issue_description)
   end

app/services/order_cycles/webhook_service.rb

@@ -11,12 +11,10 @@ module OrderCycles
         .merge(coordinator_name: order_cycle.coordinator.name)
 
       # Endpoints for coordinator owner
-      webhook_endpoints = order_cycle.coordinator.owner.webhook_endpoints.order_cycle_opened
+      webhook_endpoints = order_cycle.coordinator.owner.webhook_endpoints
 
       # Plus unique endpoints for distributor owners (ignore duplicates)
-      webhook_endpoints |= order_cycle.distributors.map(&:owner).flat_map { |owner|
-        owner.webhook_endpoints.order_cycle_opened
-      }
+      webhook_endpoints |= order_cycle.distributors.map(&:owner).flat_map(&:webhook_endpoints)
 
       webhook_endpoints.each do |endpoint|
         WebhookDeliveryJob.perform_later(endpoint.url, event, webhook_payload, at:)

app/services/payments/status_changed_listener_service.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-# Called by "ActiveSupport::Notifications" when an "ofn.payment_transition" occurs
-# Event originate from Spree::Payment event machine
-#
-module Payments
-  class StatusChangedListenerService
-    def call(_name, started, _finished, _unique_id, payload)
-      event = "payment.#{payload[:event]}"
-      Payments::WebhookService.create_webhook_job(payment: payload[:payment], event:, at: started)
-    end
-  end
-end

app/services/payments/webhook_payload.rb

@@ -1,84 +0,0 @@
-# frozen_string_literal: true
-
-module Payments
-  class WebhookPayload
-    def initialize(payment:, order:, enterprise:)
-      @payment = payment
-      @order = order
-      @enterprise = enterprise
-    end
-
-    def to_hash
-      {
-        payment: @payment.slice(:updated_at, :amount, :state),
-        enterprise: @enterprise.slice(:abn, :acn, :name)
-          .merge(address: @enterprise.address.slice(:address1, :address2, :city, :zipcode)),
-        order: @order.slice(:total, :currency).merge(line_items: line_items)
-      }.with_indifferent_access
-    end
-
-    def self.test_data
-      new(payment: test_payment, order: test_order, enterprise: test_enterprise)
-    end
-
-    def self.test_payment
-      {
-        updated_at: Time.zone.now,
-        amount: 0.00,
-        state: "completed"
-      }
-    end
-
-    def self.test_order
-      order = Spree::Order.new(
-        total: 0.00,
-        currency: "AUD",
-      )
-
-      tax_category = Spree::TaxCategory.new(name: "VAT")
-      product = Spree::Product.new(name: "Test product")
-      Spree::Variant.new(product:, display_name: "")
-      order.line_items << Spree::LineItem.new(
-        quantity: 1,
-        price: 20.00,
-        tax_category:,
-        product:,
-        unit_presentation: "1kg"
-      )
-
-      order
-    end
-
-    def self.test_enterprise
-      enterprise = Enterprise.new(
-        abn: "65797115831",
-        acn: "",
-        name: "TEST Enterprise",
-      )
-      enterprise.address = Spree::Address.new(
-        address1: "1 testing street",
-        address2: "",
-        city: "TestCity",
-        zipcode: "1234"
-      )
-
-      enterprise
-    end
-
-    private_class_method :test_payment, :test_order, :test_enterprise
-
-    private
-
-    def line_items
-      @order.line_items.map do |li|
-        li.slice(:quantity, :price)
-          .merge(
-            tax_category_name: li.tax_category&.name,
-            product_name: li.product.name,
-            name_to_display: li.display_name,
-            unit_to_display: li.unit_presentation
-          )
-      end
-    end
-  end
-end

app/services/payments/webhook_service.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-# Create a webhook payload for a payment status event.
-# The payload will be delivered asynchronously.
-
-module Payments
-  class WebhookService
-    def self.create_webhook_job(payment:, event:, at:)
-      order = payment.order
-      payload = WebhookPayload.new(payment:, order:, enterprise: order.distributor).to_hash
-
-      coordinator = payment.order.order_cycle.coordinator
-      webhook_urls(coordinator).each do |url|
-        WebhookDeliveryJob.perform_later(url, event, payload, at:)
-      end
-    end
-
-    def self.webhook_urls(coordinator)
-      # url for coordinator owner
-      webhook_urls = coordinator.owner.webhook_endpoints.payment_status.pluck(:url)
-
-      # plus url for coordinator manager (ignore duplicate)
-      users_webhook_urls = coordinator.users.flat_map do |user|
-        user.webhook_endpoints.payment_status.pluck(:url)
-      end
-
-      webhook_urls | users_webhook_urls
-    end
-  end
-end

app/services/permitted_attributes/payment_method.rb

@@ -11,7 +11,7 @@ module PermittedAttributes
         [:name, :description, :type, :active,
          :environment, :display_on, :tag_list,
          :preferred_enterprise_id, :preferred_server, :preferred_login, :preferred_password,
-         :calculator_type, :preferred_api_key, :preferred_backend_url,
+         :calculator_type, :preferred_api_key,
          :preferred_signature, :preferred_solution, :preferred_landing_page, :preferred_logourl,
          :preferred_test_mode, :calculator_type, { distributor_ids: [] },
          { calculator_attributes: PermittedAttributes::Calculator.attributes }]

app/services/vine/voucher_validator_service.rb

@@ -2,11 +2,6 @@
 
 module Vine
   class VoucherValidatorService
-    VINE_ERRORS = {
-      # https://github.com/openfoodfoundation/vine/blob/main/app/Enums/ApiResponse.php
-      "This voucher has expired." => :expired,
-    }.freeze
-
     attr_reader :voucher_code, :errors
 
     def initialize(voucher_code:, enterprise:)
@@ -47,10 +42,8 @@ module Vine
     end
 
     def handle_errors(response)
-      if [400, 409].include?(response[:status])
-        message = response[:body] && JSON.parse(response[:body]).dig("meta", "message")
-        key = VINE_ERRORS.fetch(message, :invalid_voucher)
-        errors[:invalid_voucher] = I18n.t("vine_voucher_validator_service.errors.#{key}")
+      if response[:status] == 400
+        errors[:invalid_voucher] = I18n.t("vine_voucher_validator_service.errors.invalid_voucher")
       elsif response[:status] == 404
         errors[:not_found_voucher] =
           I18n.t("vine_voucher_validator_service.errors.not_found_voucher")

app/views/admin/enterprises/_admin_index.html.haml

@@ -22,7 +22,7 @@
     %tbody
       = f.fields_for :collection do |enterprise_form|
         - enterprise = enterprise_form.object
-        %tr{class: "enterprise-#{enterprise.id}", id: "resource-#{enterprise.id}"}
+        %tr{class: "enterprise-#{enterprise.id}"}
           %td= link_to enterprise.name, main_app.edit_admin_enterprise_path(enterprise)
           %td
             = enterprise_form.check_box :is_primary_producer

app/views/admin/enterprises/destroy.turbo_stream.haml

@@ -1,4 +0,0 @@
-- unless flash[:error]
-  = turbo_stream.remove "resource-#{@object.id}"
-= turbo_stream.append "flashes" do
-  = render(partial: 'admin/shared/flashes', locals: { flashes: flash })

app/views/admin/order_cycles/_row.html.haml

@@ -18,7 +18,7 @@
       %span{ "ofn-with-tip": '{{ orderCycle.producerNames }}', "ng-show": 'orderCycle.producers.length > 3' }
         {{ orderCycle.producers.length }}
         = t('.suppliers')
-      %span{ "ng-hide": 'orderCycle.producers.length > 3', "ng-bind-html": 'orderCycle.producerNames' }
+      %span{ "ng-hide": 'orderCycle.producers.length > 3', "ng-bind": 'orderCycle.producerNames' }
     %td.coordinator{ "ng-show": 'columns.coordinator.visible', "ng-bind-html": 'orderCycle.coordinator.name' }
     %td.shops{ "ng-show": 'columns.shops.visible' }
       %span{ "ofn-with-tip": '{{ orderCycle.shopNames }}', "ng-show": 'orderCycle.shops.length > 3' }

app/views/admin/products_v3/_filters.html.haml

@@ -23,7 +23,7 @@
       - select_tag_options = { class: "fullwidth",
                                multiple: true ,
                                data: { controller: "tom-select", "tom-select-placeholder-value": t(".select_tag"), "tom-select-options-value": '{ "maxItems": 5 , "plugins": { "remove_button": {} , "no_active_items": {},  "checkbox_options": { "checkedClassNames": ["ts-checked"], "uncheckedClassNames": ["ts-unchecked"] } } }' } }
-      = select_tag :tags_name_in, options_for_select(available_tags.unshift([t('.tags.none'), @none_tag_value]), tags), select_tag_options
+      = select_tag :tags_name_in, options_for_select(available_tags, tags), select_tag_options
   .submit
     .search-button
       = button_tag t(".search"), class: "secondary icon-search relaxed", name: nil

app/views/admin/products_v3/_no_products.html.haml

@@ -7,6 +7,5 @@
   #no-products-actions
     %a{ href: "/admin/products/new", class: "button icon-plus", icon: "icon-plus" }
       = t(:new_product)
-    %a{ href: admin_product_import_path, class: "button icon-upload secondary", icon: "icon-upload" }
+    %a{ href: "/admin/products/import", class: "button icon-upload secondary", icon: "icon-upload" }
       = t(".import_products")
-

app/views/admin/products_v3/_variant_row.html.haml

@@ -9,7 +9,7 @@
 %td.col-sku.field.naked_inputs
   = f.text_field :sku, 'aria-label': t('admin.products_page.columns.sku')
   = error_message_on variant, :sku
-%td.col-unit_scale.field.naked_inputs{ 'data-controller': 'toggle-control', 'data-toggle-control-match-value': 'items' }
+%td.col-unir_scale.field.naked_inputs{ 'data-controller': 'toggle-control', 'data-toggle-control-match-value': 'items' }
   = f.hidden_field :variant_unit
   = f.hidden_field :variant_unit_scale
   = f.select :variant_unit_with_scale,

app/views/layouts/_alert.html.haml

@@ -1,5 +1,5 @@
 .alert-box{ class: "#{type}" }
   = message
   - if local_assigns[:unconfirmed]
-    = link_to spree_user_confirmation_path(spree_user: { email: }, tab: local_assigns[:tab]), data: { turbo_method: :post } do
+    %a{ "data-action": "login-modal#resend_confirmation", "data-tab": local_assigns[:tab] }
       = t('devise.confirmations.resend_confirmation_email')

app/views/layouts/_forgot_tab.html.haml

@@ -1,12 +1,12 @@
 #forgot-tab
-  = form_with url: spree_user_password_path, scope: :spree_user, data: { turbo: true } do |form|
+  = form_with url: spree_user_password_path, scope: :spree_user, data: { remote: "true" } do |form|
     .row
       .large-12.columns#forgot-feedback
 
     .row
       .large-12.columns
         = form.label :email, t(:signup_email)
-        = form.email_field :email, { tabindex: 1, inputmode: "email" }
+        = form.email_field :email, { tabindex: 1, inputmode: "email", "data-login-modal-target": "email", "data-action": "input->login-modal#emailOnInput" }
     .row
       .large-12.columns
         = form.submit t(:reset_password), { class: "button primary", tabindex: 2 }

app/views/layouts/_login_tab.html.haml

@@ -1,5 +1,5 @@
 #login-content
-  = form_with url: spree_user_session_path, scope: :spree_user, data: { turbo: true } do |form|
+  = form_with url: spree_user_session_path, scope: :spree_user, data: { remote: "true" } do |form|
     .row
       .large-12.columns#login-feedback
         - confirmation_result = request.query_parameters[:validation]
@@ -10,7 +10,7 @@
     .row
       .large-12.columns
         = form.label :email, t(:email)
-        = form.email_field :email, { tabindex: 1, inputmode: "email", autocomplete: "off" }
+        = form.email_field :email, { tabindex: 1, inputmode: "email", autocomplete: "off", "data-login-modal-target": "email", "data-action": "input->login-modal#emailOnInput" }
     .row
       .large-12.columns
         = form.label :password, t(:password)

app/views/layouts/_signup_tab.html.haml

@@ -1,14 +1,14 @@
 - signup_form_user = Spree::User.new if local_assigns[:signup_form_user].nil?
 
 #signup-tab
-  = form_with model: signup_form_user, url: spree.account_path, scope: :user, data: { turbo: true } do |form|
+  = form_with model: signup_form_user, url: spree.account_path, scope: :user, data: { remote: "true" } do |form|
     .row
       .large-12.columns#signup-feedback
 
     .row
       .large-12.columns
         = form.label :email, t(:signup_email)
-        = form.email_field :email, { tabindex: 1 }
+        = form.email_field :email, { tabindex: 1, "data-login-modal-target": "email", "data-action": "input->login-modal#emailOnInput" }
         = form.error_message_on :email
     .row
       .large-12.columns

app/views/layouts/darkswarm.html.haml

@@ -13,12 +13,12 @@
     - else
       = favicon_link_tag "/favicon-staging.ico"
     %link{href: "https://fonts.googleapis.com/css?family=Roboto:400,300italic,400italic,300,700,700italic|Oswald:300,400,700", rel: "stylesheet", type: "text/css"}
-    %link{href: asset_pack_path("static/OFN-v2.woff"), rel: "preload", as: "font", crossorigin: "anonymous"}
+    %link{href: asset_pack_path("media/fonts/OFN-v2.woff"), rel: "preload", as: "font", crossorigin: "anonymous"}
     = render "layouts/matomo_tag"
     = language_meta_tags
 
     = stylesheet_pack_tag "darkswarm", "data-turbo-track": "reload", media: "screen"
-    = javascript_pack_tag "application", "data-turbo-track": "reload", defer: false  # do not use defer because our javascript currently depend on order of execution of loaded script.
+    = javascript_pack_tag "application", "data-turbo-track": "reload"
 
     = render "layouts/shopfront_script" if @shopfront_layout
     = render "layouts/bugsnag_js"

app/views/layouts/mailer.html.haml

@@ -5,7 +5,7 @@
     %meta{:content => "text/html; charset=UTF-8", "http-equiv" => "Content-Type"}/
     %title
       = Spree::Config[:site_name]
-    = stylesheet_pack_tag "mail", media: "screen"
+    = stylesheet_link_tag 'mail', media: "screen"
   %body{:bgcolor => "#FFFFFF" }
     - unless @hide_ofn_navigation
       %table.head-wrap

app/views/layouts/registration.html.haml

@@ -16,7 +16,7 @@
 
     = stylesheet_pack_tag "darkswarm", media: "screen"
     = javascript_include_tag "darkswarm/all"
-    = javascript_pack_tag "application", defer: false # do not use defer because our javascript currently depend on order of execution of loaded script.
+    = javascript_pack_tag "application"
 
     = csrf_meta_tags
 

app/views/spree/admin/orders/invoice.html.haml

@@ -1,4 +1,4 @@
-= pdf_stylesheet_pack_tag "mail"
+= wicked_pdf_stylesheet_link_tag "mail"
 
 %table{:width => "100%"}
   %tbody

app/views/spree/admin/orders/invoice2.html.haml

@@ -1,4 +1,4 @@
-= pdf_stylesheet_pack_tag "mail"
+= wicked_pdf_stylesheet_link_tag "mail"
 
 %table{:width => "100%"}
   %tbody

app/views/spree/admin/orders/invoice4.html.haml

@@ -1,4 +1,4 @@
-= pdf_stylesheet_pack_tag "mail"
+= wicked_pdf_stylesheet_link_tag "mail"
 
 %table{:width => "100%"}
   %tbody
@@ -102,4 +102,4 @@
   = render partial: 'spree/admin/orders/_invoice/order_note'
 
 .text-center
-  = link_to_platform_terms
+  = link_to_platform_terms

app/views/spree/admin/shared/_head.html.haml

@@ -25,7 +25,7 @@
 = render "spree/admin/shared/translations"
 = render "spree/admin/shared/routes"
 
-= javascript_pack_tag "admin", "data-turbo-track": "reload", defer: false # do not use defer because our javascript currently depend on order of execution of loaded script.
+= javascript_pack_tag "admin", "data-turbo-track": "reload"
 
 %script
   = raw "var AUTH_TOKEN = \"#{form_authenticity_token}\";"

app/views/spree/users/_webhook_endpoints.html.haml

@@ -10,5 +10,24 @@
         %th= t('.url.header')
         %th.actions
     %tbody
-      = render WebhookEndpointFormComponent.new(webhooks: @user.webhook_endpoints.order_cycle_opened, webhook_type: "order_cycle_opened")
-      = render WebhookEndpointFormComponent.new(webhooks: @user.webhook_endpoints.payment_status, webhook_type: "payment_status_changed")
+      -# Existing endpoints
+      - @user.webhook_endpoints.each do |webhook_endpoint|
+        %tr
+          %td= t('.event_types.order_cycle_opened') # For now, we only support one type.
+          %td= webhook_endpoint.url
+          %td.actions
+            - if webhook_endpoint.persisted?
+              = button_to account_webhook_endpoint_path(webhook_endpoint), method: :delete,
+                class: "tiny alert no-margin",
+                data: { confirm: I18n.t(:are_you_sure)} do
+                = I18n.t(:delete)
+
+      -# Create new
+      - if @user.webhook_endpoints.empty? # Only one allowed for now.
+        %tr
+          %td= t('.event_types.order_cycle_opened') # For now, we only support one type.
+          %td
+            = form_for(@user.webhook_endpoints.build, url: account_webhook_endpoints_path, id: 'new_webhook_endpoint') do |f|
+              = f.url_field :url, placeholder: t('.url.create_placeholder'), required: true, size: 64
+          %td.actions
+            = button_tag t(:create), class: 'button primary tiny no-margin', form: 'new_webhook_endpoint'

app/webpacker/controllers/login_modal_controller.js

@@ -1,7 +1,8 @@
 import { Controller } from "stimulus";
 
 export default class extends Controller {
-  static targets = ["background", "modal"];
+  static targets = ["background", "modal", "email"];
+  static values = { email: String };
 
   connect() {
     if (this.hasModalTarget) {
@@ -18,6 +19,13 @@ export default class extends Controller {
     window.dispatchEvent(new Event("login:modal:open"));
   }
 
+  emailOnInput(event) {
+    this.emailValue = event.currentTarget.value;
+    this.emailTargets.forEach((element) => {
+      element.value = this.emailValue;
+    });
+  }
+
   open = () => {
     if (!location.hash.substr(1).includes("/login")) {
       history.pushState({}, "", "#/login");
@@ -49,6 +57,19 @@ export default class extends Controller {
     }, 200);
   }
 
+  resend_confirmation(event) {
+    fetch("/user/spree_user/confirmation", {
+      method: "POST",
+      body: JSON.stringify({
+        spree_user: { email: this.emailValue },
+        tab: event.currentTarget.dataset.tab,
+      }),
+      headers: { "Content-type": "application/json; charset=UTF-8" },
+    })
+      .then((data) => data.json())
+      .then(CableReady.perform);
+  }
+
   returnHome() {
     window.location = "/";
   }

app/webpacker/css/admin_v3/all.scss

@@ -2,19 +2,19 @@
 // While in feature-toggle, we inherit all files from old admin design.
 // Individual files may be copied in order to replace the old files.
 
-@import "assets/stylesheets/normalize";
-@import "assets/stylesheets/responsive-tables";
-@import "assets/stylesheets/jquery.powertip";
-@import "jquery-ui/themes/base/core";
-@import "jquery-ui/themes/base/button";
-@import "jquery-ui/themes/base/resizable";
-@import "assets/stylesheets/jquery-ui-theme";
-@import "jquery-ui/themes/base/dialog";
+@import "vendor/assets/stylesheets/normalize";
+@import "vendor/assets/stylesheets/responsive-tables";
+@import "vendor/assets/stylesheets/jquery.powertip";
+@import "~jquery-ui/themes/base/core";
+@import "~jquery-ui/themes/base/button";
+@import "~jquery-ui/themes/base/resizable";
+@import "vendor/assets/stylesheets/jquery-ui-theme";
+@import "~jquery-ui/themes/base/dialog";
 @import "../shared/ng-tags-input.min";
-@import "assets/stylesheets/select2";
-@import "flatpickr/dist/flatpickr";
-@import "flatpickr/dist/themes/material_blue";
-@import "shortcut-buttons-flatpickr/dist/themes/light";
+@import "vendor/assets/stylesheets/select2.css.scss";
+@import "~flatpickr/dist/flatpickr";
+@import "~flatpickr/dist/themes/material_blue";
+@import "~shortcut-buttons-flatpickr/dist/themes/light";
 
 @import "../admin/globals/functions";
 @import "globals/palette"; // admin_v3
@@ -123,13 +123,13 @@
 @import "shared/question-mark-icon";
 @import "../admin/question-mark-tooltip";
 
-@import "tom-select/src/scss/tom-select.default";
+@import "~tom-select/src/scss/tom-select.default";
 @import "components/tom_select"; // admin_v3
 
-@import "modal_component/modal_component";
-@import "vertical_ellipsis_menu_component/vertical_ellipsis_menu_component"; // admin_v3 and only V3
-@import "tag_list_input_component/tag_list_input_component";
-@import "admin/trix";
+@import "app/components/modal_component/modal_component";
+@import "app/components/vertical_ellipsis_menu_component/vertical_ellipsis_menu_component"; // admin_v3 and only V3
+@import "app/components/tag_list_input_component/tag_list_input_component";
+@import "app/webpacker/css/admin/trix.scss";
 
 @import "terms_of_service_banner"; // admin_v3
 

app/webpacker/css/darkswarm/account.scss

@@ -9,8 +9,7 @@
     }
   }
 
-  .saved_cards,
-  .no_cards {
+  .saved_cards, .no_cards {
     margin-bottom: 1em;
   }
 
@@ -27,7 +26,7 @@
     }
   }
 
-  .authorised_shops {
+  .authorised_shops{
     table {
       width: 100%;
     }
@@ -40,9 +39,7 @@
   a {
     color: $clr-brick;
 
-    &:hover,
-    &:active,
-    &:focus {
+    &:hover, &:active, &:focus {
       color: $clr-brick-med-bright;
     }
   }
@@ -63,8 +60,7 @@
     }
   }
 
-  i.ofn-i_059-producer,
-  i.ofn-i_060-producer-reversed {
+  i.ofn-i_059-producer, i.ofn-i_060-producer-reversed {
     font-size: 3rem;
     display: inline-block;
     margin-right: 0.25rem;
@@ -96,8 +92,7 @@
     visibility: hidden;
   }
 
-  .transaction-group {
-  }
+  .transaction-group {}
 
   table {
     border-radius: $radius-medium $radius-medium 0 0;
@@ -166,15 +161,6 @@ table {
     //
     // Unfortunately we can't use Scss's interpolation
     // https://sass-lang.com/documentation/interpolation. We're using a too old version perhaps?
-    right: calc(12px + 2 * 2px + 2 * 1px);
-  }
-}
-
-// Webhook Endpoints
-td.endpoints-actions {
-  display: flex;
-
-  form {
-    padding-right: $padding-small;
+    right: calc(12px + 2*2px + 2*1px);
   }
 }

app/webpacker/css/darkswarm/all.scss

@@ -1,10 +1,10 @@
 
-@import 'assets/stylesheets/autocomplete';
-@import 'assets/stylesheets/leaflet';
+@import 'vendor/assets/stylesheets/autocomplete';
+@import 'vendor/assets/stylesheets/leaflet';
 @import 'variables';
 @import '../shared/variables/layout';
 @import '../shared/utilities';
-@import 'foundation-sites/scss/foundation';
+@import '~foundation-sites/scss/foundation';
 
 @import 'big-input';
 @import 'branding';
@@ -77,4 +77,4 @@ ofn-modal {
 @import "../shared/question-mark-icon";
 @import '../admin/shared/scroll_bar';
 
-@import 'modal_component/modal_component';
+@import 'app/components/modal_component/modal_component';

app/webpacker/css/darkswarm/variables.scss

@@ -1,4 +1,4 @@
-@import "foundation-sites/scss/foundation/components/global";
+@import "~foundation-sites/scss/foundation/components/global";
 
 // Brand guide colours:
 // International: #81c26e

app/webpacker/css/mail/all.scss

@@ -1,3 +0,0 @@
-@import '../admin/globals/palette.scss';
-@import 'email';
-@import 'payments_list';

app/webpacker/js/turbo.js

@@ -9,7 +9,7 @@ document.addEventListener("turbo:frame-missing", (event) => {
   event.preventDefault();
 
   // show error message instead
-  showHttpError(event.detail.response?.status);
+  showError(event.detail.response?.status);
 });
 
 document.addEventListener("turbo:submit-end", (event) => {

app/webpacker/packs/mail.scss

@@ -1 +0,0 @@
-@import "../css/mail/all.scss";

babel.config.js

@@ -1,6 +1,72 @@
-module.exports = function (api) {
-  const defaultConfigFunc = require("shakapacker/package/babel/preset.js");
-  const resultConfig = defaultConfigFunc(api);
+module.exports = function(api) {
+  var validEnv = ['development', 'test', 'production']
+  var currentEnv = api.env()
+  var isDevelopmentEnv = api.env('development')
+  var isProductionEnv = api.env('production')
+  var isTestEnv = api.env('test')
 
-  return resultConfig;
-};
+  if (!validEnv.includes(currentEnv)) {
+    throw new Error(
+      'Please specify a valid `NODE_ENV` or ' +
+        '`BABEL_ENV` environment variables. Valid values are "development", ' +
+        '"test", and "production". Instead, received: ' +
+        JSON.stringify(currentEnv) +
+        '.'
+    )
+  }
+
+  return {
+    presets: [
+      isTestEnv && [
+        '@babel/preset-env',
+        {
+          targets: {
+            node: 'current'
+          }
+        }
+      ],
+      (isProductionEnv || isDevelopmentEnv) && [
+        '@babel/preset-env',
+        {
+          forceAllTransforms: true,
+          useBuiltIns: 'entry',
+          corejs: 3,
+          modules: false,
+          exclude: ['transform-typeof-symbol']
+        }
+      ]
+    ].filter(Boolean),
+    plugins: [
+      'babel-plugin-macros',
+      '@babel/plugin-syntax-dynamic-import',
+      isTestEnv && 'babel-plugin-dynamic-import-node',
+      '@babel/plugin-transform-destructuring',
+      [
+        '@babel/plugin-proposal-class-properties',
+        {
+          loose: true
+        }
+      ],
+      [
+        '@babel/plugin-proposal-object-rest-spread',
+        {
+          useBuiltIns: true
+        }
+      ],
+      [
+        '@babel/plugin-transform-runtime',
+        {
+          helpers: false
+        }
+      ],
+      [
+        '@babel/plugin-transform-regenerator',
+        {
+          async: false
+        }
+      ],
+      ["@babel/plugin-proposal-private-property-in-object", { "loose": true }],
+      ["@babel/plugin-proposal-private-methods", { "loose": true }]
+    ].filter(Boolean)
+  }
+}

bin/setup

@@ -1,10 +1,4 @@
 #!/usr/bin/env ruby
-#
-# Install dependencies and migrate data during production deployments or
-# when updating your development environment.
-#
-# Take care when changing it and consider the ofn-install repository for
-# the context of deployments.
 require "fileutils"
 
 # path to your application root.
@@ -22,13 +16,13 @@ FileUtils.chdir APP_ROOT do
   # Add necessary setup steps to this file.
 
   puts "== Installing dependencies =="
-
+  system! "script/install-bundler"
   # Check first (it's quicker), then install new gems if necessary
   system("bundle check 2> /dev/null") || system!(BUNDLE_ENV, "bundle install")
 
   # Install JavaScript dependencies
-  system!("script/nodenv-install.sh")
-  system!("bin/yarn")
+  system("script/nodenv-install.sh")
+  system("bin/yarn")
 
   # puts "\n== Copying sample files =="
   # unless File.exist?("config/database.yml")
@@ -37,16 +31,6 @@ FileUtils.chdir APP_ROOT do
 
   puts "\n== Preparing database, removing old logs and tempfiles =="
   system! "bin/rails db:prepare log:clear tmp:clear"
-  system! "rm -f tmp/capybara/screenshots/*.png"
-  system! "rm -f tmp/invoices/*.pdf"
-  system! "rm -f tmp/javascripts/*.js"
-  system! "rm -f tmp/karma_unit.js*"
-  system! "rm -rf tmp/product_import-*"
-
-  puts "\n== Removing any precompiled assets that would be out of date now =="
-  system! "rm -rf public/assets/"
-  system! "rm -rf public/packs/"
-  system! "rm -rf public/packs-test/"
 
   puts "\n== Restarting application server =="
   # system! "bin/rails restart"

bin/shakapacker

@@ -1,13 +0,0 @@
-#!/usr/bin/env ruby
-
-ENV["RAILS_ENV"] ||= "development"
-ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", __FILE__)
-
-require "bundler/setup"
-require "shakapacker"
-require "shakapacker/webpack_runner"
-
-APP_ROOT = File.expand_path("..", __dir__)
-Dir.chdir(APP_ROOT) do
-  Shakapacker::WebpackRunner.run(ARGV)
-end

bin/shakapacker-dev-server

@@ -1,13 +0,0 @@
-#!/usr/bin/env ruby
-
-ENV["RAILS_ENV"] ||= "development"
-ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", __FILE__)
-
-require "bundler/setup"
-require "shakapacker"
-require "shakapacker/dev_server_runner"
-
-APP_ROOT = File.expand_path("..", __dir__)
-Dir.chdir(APP_ROOT) do
-  Shakapacker::DevServerRunner.run(ARGV)
-end

bin/webpack

@@ -0,0 +1,19 @@
+#!/usr/bin/env ruby
+
+ENV["RAILS_ENV"] ||= ENV["RACK_ENV"] || "development"
+ENV["NODE_ENV"]  ||= "development"
+ENV["NODE_OPTIONS"] ||= "--openssl-legacy-provider"
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "bundler/setup"
+
+require "webpacker"
+require "webpacker/webpack_runner"
+
+APP_ROOT = File.expand_path("..", __dir__)
+Dir.chdir(APP_ROOT) do
+  Webpacker::WebpackRunner.run(ARGV)
+end

bin/webpack-dev-server

@@ -0,0 +1,19 @@
+#!/usr/bin/env ruby
+
+ENV["RAILS_ENV"] ||= ENV["RACK_ENV"] || "development"
+ENV["NODE_ENV"]  ||= "development"
+ENV["NODE_OPTIONS"] ||= "--openssl-legacy-provider"
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require "bundler/setup"
+
+require "webpacker"
+require "webpacker/dev_server_runner"
+
+APP_ROOT = File.expand_path("..", __dir__)
+Dir.chdir(APP_ROOT) do
+  Webpacker::DevServerRunner.run(ARGV)
+end

bin/yarn

@@ -1,16 +1,9 @@
 #!/usr/bin/env ruby
-
-APP_ROOT = File.expand_path("..", __dir__)
+APP_ROOT = File.expand_path('..', __dir__)
 Dir.chdir(APP_ROOT) do
-  yarn = ENV["PATH"].split(File::PATH_SEPARATOR).
-    select { |dir| File.expand_path(dir) != __dir__ }.
-    product(["yarn", "yarnpkg", "yarn.cmd", "yarn.ps1"]).
-    map { |dir, file| File.expand_path(file, dir) }.
-    find { |file| File.executable?(file) }
-
-  if yarn
-    exec yarn, *ARGV
-  else
+  begin
+    exec "yarnpkg", *ARGV
+  rescue Errno::ENOENT
     $stderr.puts "Yarn executable was not detected in the system."
     $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
     exit 1

compose.yaml

@@ -53,9 +53,9 @@ services:
       OFN_REDIS_URL: redis://redis/
       OFN_REDIS_JOBS_URL: redis://redis
       OFN_REDIS_TEST_URL: redis://redis/3
-      SHAKAPACKER_DEV_SERVER_HOST: webpack
-      SHAKAPACKER_DEV_SERVER_PORT: 3035
-      SHAKAPACKER_DEV_SERVER_PUBLIC: localhost:3035
+      WEBPACKER_DEV_SERVER_HOST: webpack
+      WEBPACKER_DEV_SERVER_PORT: 3035
+      WEBPACKER_DEV_SERVER_PUBLIC: localhost:3035
 
     command: >
       sh -lc 'rm -f tmp/pids/server.pid;
@@ -89,7 +89,7 @@ services:
     build: .
     command: >
       sh -lc 'until [ -f /bundles/.Gemfile.lock.sha ] && sha256sum -c /bundles/.Gemfile.lock.sha >/dev/null 2>&1; do sleep 0.5; done;
-              exec ./bin/shakapacker-dev-server'
+              exec ./bin/webpack-dev-server'
     ports:
       - "3035:3035"
     volumes:
@@ -102,7 +102,7 @@ services:
       retries: 30
 
     environment:
-      SHAKAPACKER_DEV_SERVER_HOST: 0.0.0.0
+      WEBPACKER_DEV_SERVER_HOST: 0.0.0.0
 volumes:
   gems:
   postgres:

config/application.rb

@@ -58,15 +58,10 @@ module Openfoodnetwork
       Spree::Core::Engine.routes.default_url_options[:host] = ENV["SITE_URL"] if Rails.env == 'test'
     end
 
+    # We reload the routes here
+    #   so that the appended/prepended routes are available to the application.
     config.after_initialize do
-      # We reload the routes here
-      #   so that the appended/prepended routes are available to the application.
       Rails.application.routes_reloader.reload!
-
-      # Subscribe to payment transition events
-      ActiveSupport::Notifications.subscribe(
-        "ofn.payment_transition", Payments::StatusChangedListenerService.new
-      )
     end
 
     initializer "spree.environment", before: :load_config_initializers do |app|
@@ -76,6 +71,14 @@ module Openfoodnetwork
       end
     end
 
+    initializer "spree.register.payment_methods" do |app|
+      Rails.application.reloader.to_prepare do
+        app.config.spree.payment_methods = [
+          Spree::PaymentMethod::Check
+        ]
+      end
+    end
+
     initializer "spree.mail.settings" do |_app|
       Rails.application.reloader.to_prepare do
         Spree::Core::MailSettings.init
@@ -123,6 +126,14 @@ module Openfoodnetwork
       end
     end
 
+    # Register Spree payment methods
+    initializer "spree.gateway.payment_methods", :after => "spree.register.payment_methods" do |app|
+      Rails.application.reloader.to_prepare do
+        app.config.spree.payment_methods << Spree::Gateway::StripeSCA
+        app.config.spree.payment_methods << Spree::Gateway::PayPalExpress
+      end
+    end
+
     initializer "ofn.reports" do |app|
       module ::Reporting; end
       Rails.application.reloader.to_prepare do
@@ -195,16 +206,7 @@ module Openfoodnetwork
 
     Rails.autoloaders.main.ignore(Rails.root.join('app/webpacker'))
 
-    config.active_storage.service =
-      if ENV["S3_BUCKET"].present?
-        if ENV["S3_ENDPOINT"].present?
-          :s3_compatible_storage
-        else
-          :amazon
-        end
-      else
-        :local
-      end
+    config.active_storage.service = ENV["S3_BUCKET"].present? ? :amazon : :local
     config.active_storage.content_types_to_serve_as_binary -= ["image/svg+xml"]
     config.active_storage.variable_content_types += ["image/svg+xml"]
     config.active_storage.url_options = config.action_controller.default_url_options

config/environments/test.rb

@@ -74,6 +74,9 @@ Rails.application.configure do
     allowed_warnings = [
       # List strings here to allow matching deprecations.
       #
+      # `Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2
+      "Rails.application.secrets",
+
       "Passing the class as positional argument",
 
       # Spree::CreditCard model aliases `cc_type` and has a method called `cc_type=` defined. Starting in Rails 7.2 `brand=` will not be calling `cc_type=` anymore. You may want to additionally define `brand=` to preserve the current behavior.

config/initializers/assets.rb

@@ -19,5 +19,6 @@ Rails.application.config.assets.precompile += [
   'web/all.js',
   'darkswarm/all.js',
   'shared/*',
+  'mail.scss',
   '*.jpg', '*.jpeg', '*.png', '*.gif' '*.svg',
 ]

config/initializers/content_security_policy.rb

@@ -7,7 +7,7 @@
 Rails.application.config.content_security_policy do |policy|
   policy.default_src :self, :https
   policy.font_src :self, :https, :data, "fonts.gstatic.com"
-  policy.img_src :self, :https, :data, ENV.fetch("S3_CORS_POLICY_DOMAIN", "*.s3.amazonaws.com")
+  policy.img_src :self, :https, :data, "*.s3.amazonaws.com"
   policy.img_src :self, :http, :data, ENV["SITE_URL"] if Rails.env.development?
   policy.object_src :none
   policy.frame_ancestors :none