v2.5.9

What's Changed

• Adapt to new Solidus default branch name by @waiting-for-dev in #245
• Ensure the admin sign in root path fallback is '/admin' by @elia in #246
• Adapt to the new default branch name of main by @waiting-for-dev in #247
• Fix failing spec for admin logout by @rainerdema in #249
• [Rails 7.1] Add empty :new action to Spree::UsersController by @mamhoff in #250

New Contributors

• @rainerdema made their first contribution in #249
• @mamhoff made their first contribution in #250

Full Changelog: v2.5.8...v2.5.9

v2.5.8

What's Changed

• Fix the standard generator alias and remove interactivity from seeds by @elia in #233
• Notify CI failures on Slack by @waiting-for-dev in #235
• Fix CI on Solidus v3.1 by explicitly fetching solidus_frontend from GH by @waiting-for-dev in #241
• Remove Slack notifications for CI failures by @waiting-for-dev in #238
• Update CI configuration by @waiting-for-dev in #242
• Allow Solidus 4 by @kennyadsl in #243
• Migrate to the new release process by @kennyadsl in #244

Full Changelog: v2.5.6...v2.5.8

v2.5.7

v2.5.7 (2022-10-31)

Full Changelog

Merged pull requests:

• Fix the standard generator alias and remove interactivity from seeds #233 (elia)

v2.5.6

Revert "Utilize Devise location helpers for redirecting" #232

v2.5.5

What's Changed

• Fix build by @gsmendoza in #219
• Stop using try_spree_current_user by @elia in #221
• Fix keyword usage for Ruby 3.x support on specs by @jtapia in #226
• Update to use forked solidus_frontend when needed by @waiting-for-dev in #227
• Specs and setup process housekeeping by @elia in #222
• Fix locale inconsistence and remove redundant template by @bitberry-dev in #224
• Run the CI on all supported ruby versions by @elia in #229
• Update to the latest solidus_dev_support defaults by @elia in #220
• Utilize Devise location helpers for redirecting by @cpfergus1 in #228

New Contributors

• @gsmendoza made their first contribution in #219
• @bitberry-dev made their first contribution in #224
• @cpfergus1 made their first contribution in #228

Full Changelog: v2.5.4...v2.5.5

v2.5.4

Full Changelog

Fixed bugs:

• Fix authentication bypass by CSRF weakness GHSA-xm34-v85h-9pg2

v2.2.0

Solidus Auth Devise v2.2.0 (2019-06-13)

• Add DB index to reset_password_token field
• Add missing pessimistic versioning
• Add missing translation to spree.change_my_password
• Allow Spree::Admin::UserPasswordsController to be accessed from admin
• Disable backend footer profile edit link if role cannot edit users
• Fix issue with redirections using routes like new_spree_user_session_url
• Fix migration 20101026184950 down method
• Fix to not reuse spree_current_user as @user
• Replace Spree.t with I18n.t
• Lock mysql2 to 0.4.x
• Lock SQLite3 to version 1.3
• Remove FactoryBot warnings
• Configure CI to ensure support on ruby 2.3 + Solidus 2.4 - 2.8

v1.5.0

• Add call to set_current_order on sign in. This replaces a before filter that
  is being eliminated from Solidus controllers where set_current_order was
  called excessively.

• Update backend views to only reference backend routes (#57)

• Devise dependency updates

  The locked versions of Devise and Devise-Encryptable have been updated.
  Devise, in particular, has been bumped to a new major version, which removes
  support for the following:

  • Rails 3.2. and 4.0
  • Ruby 1.9 and 2.0

  These losses are deemed acceptable, as Solidus' core itself does not
  support any of these versions.

  For more details on the changes, see the Devise changelog:
  https://github.com/plataformatec/devise/blob/master/CHANGELOG.md

  Similar changes in devise-encryptable, with details in the changelog:
  https://github.com/plataformatec/devise-encryptable/blob/master/Changelog.md

v1.2.0

• Use new access denied extension point #12
• Explicitly include UserMethods on Spree::User
• Fix install generator, which was previously not running
• Skip config/initializers/devise.rb if it exists
• Remove deprecation warnings

All changes: v1.1.0...v1.2.0