sharetribe

Added

• Add support for redis as cache store #2786
• Add support for using PayPal in fake mode for development purposes. Read more #2598
• Add support for linking to member invitation page in CLP #2859
• New feature: Hide irrelevant search filters when a category or subcategory is selected #2882
• Landing page Markdown support #2887
• Add instructions how to configure Harmony service #2892

Changed

• Redirect user to the page where user was before login/sign up #2758
• Updated NPM packages #2762

Fixed

• Fixed broken transaction button styles #2723
• Fixed number of issues in the Order Types form #2858
• Fixed an issue which caused sign up to fail partially if the Facebook profile picture upload failed #2886

Upgrade from 6.1.0 to 6.2.0

NPM packages are updated, run npm install to get the latest packages.

Changed

• Updated Node.js to the latest LTS (long term support) version 6.9 #2655
• Updated NPM packages #2655
• Update react_on_rails gem #2655
• Upgrade Facebook SDK from v2.2 to v2.8 #2666
• Instruct crawlers not to follow auth paths, add crawling delay for bots that support the directive #2693

Fixed

• Avoid redirect to correct S3 bucket endpoint when bucket is not in us-east-1 region #2605
• Added missing database indexes #2621, #2634, #2670
• Fix bug: rake assets:precompile fails if MySQL is not available. Issue fixed by upgrading money-rails gem from 1.3 to 1.4 #2612 by @nicolaracco

Security

• Fixed insecure gem urls in Gemfile #2635

Upgrade from 6.0.0 to 6.1.0

In this release we are introducing layout changes that require new image styles. Therefore, a migration is added to reprocess all images from open listings into new styles. This does not require any precautions, but if your marketplace has a lot of open listings the time required for image reprocessing can be reduced by increasing the number of workers until all CreateSquareImagesJob jobs have been processed.

This release updates Node.js to the latest LTS (long term support) version 6.9. You should update your local Node.js to the same version and run npm install to update the NPM packages. There is now a strict enforcement for the Node.js version, and building the frontend bundles fail when using an unsupported version of Node.js.

Alongside the updated NPM packages, also the react_on_rails gem is updated to match the NPM package version, and requires running bundle install to install the latest version.

Removed

• Dropped official support for MySQL server version 5.6. Only MySQL 5.7 is officialy supported. This release contains no other changes.

Upgrade from 5.12.0 to 6.0.0

Release 6.0.0 drops official support for MySQL server version 5.6. Please upgrade to 5.7 when upgrading Sharetribe. See the upgrade notes from release 5.12.0 for more information.

Added

• Added date picker for "per night" listing unit type #2481
• SEO: Added rel=next and rel=prev links to give a hint to crawlers about the paginated content #2505
• Added New layout admin page where marketplace admins can enable new layout designs for the whole marketplace or just for themselves to try out #2338 and #2469
• Added functionality to edit Post a new listing button text #2448
• Sitemap #2492, thanks Dan Moore (@mooreds) for helping!
• Mocha test setup for new frontend architecture #2550

Deprecated

• Deprecated use of MySQL server version 5.6.x 2566

Removed

• Removed configuration for TravisCI (CircleCI now fully in use) #2489

Changed

• Updated React on Rails to 6.0.5 #2428 and #2472
• Updated React Storybook to version 2.13.0 #2528
• Changed ActiveRecord schema format to :sql #2531
• Upgraded Paperclip and Delayed::Paperclip, dropped deprecated AWS SDK v1 #2522
• Upgraded mysql2 dependency #2565

Fixed

• Correctly add https or http to links generated in community.rb #2459
• Transactions in initiated state showed wrong total price in the transaction page if the item quantity was more than one #2452
• Fix bug in infinite scroll: The current page was not taken into account #2532
• Fix bug: Testimonial reminders were sent even if user had disabled them #2557
• Fix regression: Add quantity pickers to non-payment transactions #2568

Upgrade from 5.11.0 to 5.12.0

IMPORTANT: This release deprecates use of MySQL server version 5.6.x. Please, consider upgrading to MySQL 5.7. Support for MySQL 5.6 will be dropped with the next release of Sharetribe. From this point onward, versions other than 5.7 might work, but are not guaranteed to work with Sharetribe. Make sure to back up your database before upgrading MySQL server. For general upgrade instructions, see the official MySQL upgrade instructions.

If you are using S3 and are using an AWS region other than us-east-1, you need to update your config.yml file and set the s3_region configuration option to the AWS region you are using. As with all configuration options, you can also pass it as an environment variable.

Changed

• RAILS_ENV=production environment added to the rake assets:compile command in README #2440 by @pcm211

Removed

• Remove Braintree support completely #2424, #2435

Upgrade from 5.10.0 to 5.11.0

This version is the second phase of removing support for Braintree payments. Old payment data for Braintree transactions will be removed in the migrations. If you want to save this data, you should take a backup before updating.

After the upgrade to 5.10.0 no new transactions could be started with Braintree anymore, and before upgrading to this version you should make sure that there are no ongoing Braintree transactions. You can check the status of each transaction in the transaction view in the admin panel. All transaction statuses should be either Conversation, Confirmed, Canceled, or Rejected.

Removed

• Disable Braintree payments #2423

Upgrade from 5.9.0 to 5.10.0

This version starts the two step process of disabling Braintree payments. In the first phase new payments are disabled with Braintree. The main purpose of this version is to ensure that there will be no new Braintree transactions. Existing transactions can be completed still after this update.

This version changes existing transaction processes, so taking a backup before upgrading is recommended.

Reasoning behind removing Braintree support can be seen in the Community forum post.

Added

• Add support for using CDN for dynamic assets (uploaded images, custom compiled stylesheets) when S3 is otherwise in use #2314
• Add possibility to choose between light and dark background image filter for hero and info sections in custom landing pages #2310
• Add Pinterest link support in custom landing page footer #2356

Changed

• Remove the need for CSS compilation per marketplace #2325
• Update default colors #2365

Removed

• Removed Checkout Finland payment gateway #2408 #2406

Fixed

• Security: Rails and gems updated #2393, #2318
• Fix some asset links not respecting asset_host setting on landing pages #2320
• Fix JS errors in development by replacing babel-polyfill with es6-shim #2087

Upgrade from 5.8.0 to 5.9.0

This release removes the need to run CSS compilation workers. There is no CSS compilation per marketplace anymore. The Procfile has been updated, so if you run on Heroku, the css_compile worker should disappear after deployment.

NPM packages have been updated, run npm install to ensure you have the correct versions installed.

Added

• Add whitelabel_branding based on features #2052
• Onboarding topbar and wizard enabled for everyone #2250
• Ability to add Google Maps API key #2172
• Landing page. See the documentation

Changed

• Facebook sign up/login uses API version 2.2 instead of 2.0 #2280
• Improved documentation #2271

Fixed

• Fix some React dependency issues caused startup timing/ordering #2046 and #2053
• Fix issue that caused Google Maps Geocoder to return wrong location if the listing address contained an ampersand (&) #2075
• Fix pluralization error for Turkish (tr-TR) #2292

Upgrade from 5.7.1 to 5.8.0

This release doesn't require any extra actions.

Fixed

• Fix missing map icon #2032

Added

• Add instructions for handling libv8 installation problems #2023

Upgrade from 5.7.0 to 5.7.1

This is a bug fix release and does not require any extra actions.

Added

• Add a new job queue (css_compile) for css compilations #1815
• Add a warning message which will be shown 15 minutes before the next scheduled maintenance #1835
• Expose used feature flags to Google Tag Manager #1856
• React on Rails development environment #1918.
• Add ability to create a new account with username or email which is already in use in another marketplace #1753 #1939
• Prevents cookies from leaking to subdomains, fixes #1992, adds a new configuration key: cookie_session_key #1966

Changed

• Marketplace ID is removed from the Admin Settings URL #1839
• The application now depends on React components, which need to be built to run Sharetribe. Instructions here. This change is related to React on Rails environment #1918.
• Update Ruby to 2.3.1 #2020

Deprecated

• Google Analytics and Kissmetrics tracking snippets are deprecated in favor of Google Tag Manager #1857

Removed

• Delete duplicated memberships from the database #1838
• Remove ability to join other marketplaces with an existing account #1753 #1939

Fixed

• Errors from Braintree API were ignored #1832 by @priviterag
• Fallback language handling was broken #1869
• Confirmation pending page redirects to homepage if the account is already confirmed #1976
• Fix bug: "Resend confirmation instructions" button didn't resend the confirmation email #1963

Security

• Updated Paperclip gem #1836
• Unauthorized users were able to upload new listing images #1866
• Change session expiration time from one year to one month #1877
• Correctly reset old password and salt #1961

Upgrade from 5.6.0 to 5.7.0

Separate CSS compilation workers

This release adds a new Delayed Job queue "css_compile". All CSS compilations during the deployment are added to this queue. However, CSS compilations triggered from the admin UI do NOT go into this queue, instead they are added to the "default" queue.

A new worker is added to the Procfile to work for the new queue. If you're hosting in Heroku, you will see a new worker there.

This change doesn't require any changes, if you are compiling the stylesheets synchronously using the rake sharetribe:generate_customization_stylesheets_immediately command during the deployment. However, if you are compiling the stylesheets asynchronously using the rake sharetribe:generate_customization_stylesheets command, then you need to make sure that you have at least one worker working for the "css_compile" queue.

Ruby version 2.2.4 -> 2.3.1

Ruby version is updated from 2.2.4 to 2.3.1. The update should bring performance improvements.

Using RVM, you can upgrade your local Ruby version like this:

rvm install ruby-2.3.1
rvm use ruby-2.3.1
gem install bundler
bundle install

React on Rails build environment

React on Rails build environment is added in this release. This means that build environment needs to have node set up. With Heroku this can be set with heroku buildpacks:add --index 1 heroku/nodejs. For other environments - see npm instructions, nvm, or n. In addition, production environments should have NODE_ENV=production set.

After bundle install, you should also install npm packages:

npm install

User account migrations

This doesn't apply to OS version as it doesn't officially support running multiple marketplaces in one Sharetribe instance.

This release removes the ability for one user to belong to multiple marketplaces. From now on one user belongs to one and only one marketplace.

Because of that, this release contains quite a few migrations which will duplicate existing user accounts, if they belong to multiple communities. For example, if one user belongs to three communities, two new users will be created so that each user belongs to only one community.

The migrations are not safe to run while the application is running, so we recommend you to put the application on maintenance mode while running the migrations. Also, as always, remember to take database backup before migrating.

Session separation

This release separates cookies by subdomain so that foo.sharetribe.com and bar.sharetribe.com have now separate session cookies. In order to migrate old sessions as smoothly as possible a new configuration option cookie_session_key has been added to config.defaults.yml. If you want to use custom session key, this variable must be set as an environment variable before deployment. Otherwise, session cookies might overlap and cause issues with log in.

Added

• Add default queue name to jobs #1814

Changed

• Update Ruby to 2.2.4 #1774

Fixed

• Wrong action was executed when radio buttons were clicked back and forth #1802

Security

• Redirect to HTTPS (if configured) before requesting HTTP basic authentication: #1793

Upgrade from 5.5.0 to 5.6.0

Ruby version is updated from 2.1.8 to 2.2.4. The update should reduce memory usage and improve performance.

Using RVM, you can upgrade your local Ruby version like this:

rvm install ruby-2.2.4
rvm use ruby-2.2.4
gem install bundler
bundle install

Changed

• Migrate legacy passwords to Devise's Bcrypt hashing #1781
• Add listing id to option selections table: #1761 and #1762
• Support optional site-wide HTTP basic authentication: #1766

Fixed

• Fixed broken FontAwesome asset path #1756
• Listing author wasn't able to give feedback if the transaction starter skipped the feedback #1767

Security

• Update Rails to 4.2.5.2 #1786

Upgrade from 5.4.0 to 5.5.0

This release removes the support for legacy hashing algorithm that was used with the legacy "ASI" service.

If use_asi_encryptor was configured to false (default) then you can safely upgrade and roll back this release.

However, if use_asi_encryptor was configured to true then you can not roll back this released without losing user authentication data. If you need to roll back, users need to request new password by clicking the "Forgot password link".

Changed

• Update Ruby to 2.1.8 #1750

Security

• Update JSON Web Token gem #1723

Fixed

• Configure Delayed Job queue adapter for ActiveJob #1749

Upgrade from 5.3.0 to 5.4.0

Ruby version is updated from 2.1.2 to 2.1.8. The update contains security and bug fixes.

Using RVM, you can upgrade your local Ruby version like this:

rvm install ruby-2.1.8
rvm use ruby-2.1.8
gem install bundler
bundle install

Changed

• Updated Rails to 4.2.5.1 #1691

Upgrade from 5.2.x to 5.3.0

This version contains some changes to the caching logic. The Rails cache needs to be cleared before upgrading.

Upgrade path:

1. Upgrade to version 5.2.2
2. Clear Rails cache (run Rails.cache.clear)
3. Upgrade to version 5.3.0

Added

• Initial support for upcoming new search platform. #1404

Changed

• Save model attributes to cache instead of model instances #1714

Changed

• Updated Rails to 4.1.14.1 #1678
• Always log deprecation warnings to stderr #1693

Removed

• Removed environment variable devise_allow_insecure_token_lookup. #1675

Fixed

• Fixed Mercury Editor image uploader #1694

Security

• Updated Devise gem to version 3.5 #1675
• Updated Sprockets gem to version 2.12.4 #1692
• Remove HTTP end-point that let unauthorized caller to destroy images uploaded via Mercury Editor #1695

Added

• Added secret_key_base #1671
• Added pessimistic version number for all the gems in Gemfile. Now we can safely run bundle update to update gems with patch level updates. #1663
• Added a new environment variable delayed_job_max_run_time which controls the maximum time for a single Delayed Job job. #1668
• Added a new environment variable devise_allow_insecure_token_lookup for seamless migration from earlier versions. See UPGRADE.md for more information. #1672

Changed

• Upgraded jQuery from 1.8.3 to 1.11.1 #1667
• Updated Devise gem to version 3.1. #1672

Removed

• Gemfile clean up. Removed bunch of unused gems. #1625
• Removed ability to downgrade to Rails 3. #1669

Fixed

• Updating a listing field changes the sorting order #1673

Security

• Updated Gems with known security issues #1667 #1676

Upgrade from 5.0.x or 5.1.x to 5.2.0

• After updating, you are not able to downgrade to Rails 3 (version 4.6.0). Do not upgrade until you are sure that you don't need to roll back to Rails 3.

• You need to set secret_key_base to environment variables or to config.yml for production environment. Default values for development and test environments are provided.

  Run SecureRandom.hex(64) in rails console or irb to generate a new key.

• This version changes the way how password reset tokens are being stored to the database. Due to this, tokens that are created with the earlier versions do not work anymore.

  For seamless migration, set the environment variable devise_allow_insecure_token_lookup to true. After you are sure you have migrated all the reset tokens to the new format, you can remove the environment variable.

Added

• Marketplace admins can select if the custom field creates a search filter on the homepage #1653
• CHANGELOG, UPGRADE and RELEASE files #1658

Rails updated to from 3.2 to 4.0.

Before updating to your Sharetribe installations to 5.0.0, make sure that your current version is 4.6.0 or newer.

After you have deployed the new version you need to clear Rails cache by running to following command in your production application Rails console:

Rails.cache.clear

If something goes wrong, you can safely roll back this version back to 4.6.0. You don't need to roll back the database migrations. You may need to empty the cache again after the rollback.

This is the last Sharetribe release using Rails 3.2. You should update to this release before moving forward to the Rails 4 release.