sharetribe

[11.0.0] - 2023-07-05

Added

• TikTok option to footers icons 839226a
• Index on token for export results 7f1eb83

Changed

• Links in comments are now nofollow f208d9d
• Changed how "has_connected_stripe" in CSV exports is defined 1a02b32

Removed

• Removed support for memcache #80058c0

Fixed

• Fixed PayPal IPN encoding issue 7a998c7
• Fixed an untranslated button in the new Admin panel fbdbc0a
• Fixed the syntax formatting in the Custom script field in the Admin panel https://github.com/sharetribe/sharetribe/commit/fbdbc0a04ea081f6270d5eaec580cff58ae2a68f
• Fixed incorrect authorization check 04395c1
• Fixed Stripe Connect onboarding in France e19727e
• Fixed fuzzy location issue with null or extreme coordinate values 3585d27

Security

• Updated Dalli dependencies 9579e9d
• Updated Ruby to 3.2.1 f133562
• Updated Ruby to 3.2.2 a0d2970
• Dependencies and Node update 274c97d

Upgrade from 10.3.0 to 11.0.0

The new version contains a Ruby upgrade to 3.2.2 and Node to v18.16, that you should review.

Using memcache is no longer supported. You should use Redis instead.

Otherwise, see the General update instructions.

[10.3.0] - 2023-02-07

Added

• Support for BYN currency #b1f25e
• Support for signing Google Maps Static Maps URLs #e9f44f
• Allow admins to enable/disable the Facebook and Twitter share buttons #6b6793
• Location data (EXIF) removal for listing pictures #ef55cf
• Support for Google Analytics 4 #050414
• Support for Stripe Connect Onboarding #b650ad

Changed

• Stop using the Facebook Login app defined in APP_CONFIG #a20392
• Always display the post listing button menu link on mobile #a20392
• Disable newrelic browser instrumentation and Newrelic agent #ef101f and #5a8f8a
• Improve test stability #648b58
• Update list of supported locales #4b7871
• Updates to Stripe support for Japan #16b0ba
• Update Twitter share button href #0b77c3
• Make CLP preview pages visible only to logged-in admins #3a4d38
• Store, instead of link, an Admin panel Home page image #16a19e
• Use the favicon as the Admin panel logo #857eb3
• Allow saving to remove the Google Analytics tracking code #421057
• Move the old_admin translation keys out of the main locale file #77e66d
• Reduce the use of a deprecated function #cfded1
• Remove all analytics defined in APP_CONFIG #97ec7a
• Change the way to validate the number of invitations allowed per day #83b053
• Use the YouTube nocookie player #ac91df
• Load the Facebook SDK only when necessary #a1d81e
• Improvements to interactions with disabled user accounts #7941b1
• Update the minimum listing price #367e7a
• Update the default Terms of Service and Privacy Policy content #378e7e
• Update font-family and get rid of "Source Sans Pro" #ce9c51
• Update Facebook API graph version (v10.0 to v15.0) #72f0cd

Fixed

• Fixed incorrect transaction sum display with buyer commission used #e64035
• Fixed country name not displayed in Admin panel in some cases #00c391
• Fixed NZ bank account format pattern and error message #feda96, #1e5afd, #a50508
• Fixed URL for CLP images when exporting #27242e
• Fixed impossibility to move CLP sections in preview-only mode #7a63f3
• Fixed CSV exports #ab2daa
• Fixed failing tests due to changing Facebook URL #276473
• Fixed the "Save changes" button not disabled if no changes in Essentials #b75a8a
• Fixed chrome driver installation leaving ci project dir not empty #0ecb98

Security

• Update Ruby version from 2.6.8 to 2.7.5 #22752a
• Dependencies updates #0431f4, #cd4876
• Update OS to bullseye #3330c0

Upgrade from 10.2.1 to 10.3.0

The new version contains a Ruby upgrade to 2.7.5, that you should review. Otherwise, see the General update instructions.

Security

• [Critical] Fix OS command injection vulnerability in installations of
  Sharetribe Go that do not set explicitly the sns_notification_token
  configuration variable (which is unset by default). Discoverer/Credits: Wang Sheng of State Grid Sichuan Electric Power Research Institute. #5b844f

Upgrade from 10.2.0 to 10.2.1

The new version contains a critical security fix that you should review. Otherwise, see the General update instructions.

Added

• New Admin panel additions and fixes, done through many many commits/PRs/branches that have admin2 or admin v2in their title
• Support for French overseas departments/regions IBAN #4369
• Custom Landing Page icon picker #12adad
• Add new body and css fields to the Custom script feature #46a066
• Redirect an already logged in user to the home page when they visit the login page #603eee
• Validation for the Google Analytics tracking ID field #46aff6

Changed

• Don't display payment details banner reminder for deleted listings #4371
• Cache fonts partial to avoid scss rendering on every page load #4367 and #f158cb9
• Minimum listing price refactor #08b61a
• Default first and last names values #20b662
• Update Facebook API graph version #0a90bb
• Update font-family to use the same one everywhere #41212e

Fixed

• Fixed error message in incorrect location in signup form #4360
• Fixed email notifications can be configured to use an unconfirmed address #4362
• Fixed incorrect use of plural in a review date text on Profile pages #4361
• Fixed wrong name in email notifications #d66b90
• Fixed UI overlay issue with profile picture on profile pages #2075e9
• Fixed incorrect commission fee shown on the transaction page for buyers if they are also admins #9e0176
• Fixed Facebook & LinkedIn logos too small on signup and login pages #3fdff2
• Fixed email sending feature producing error with certain sender names #5b4a40
• Fixed Custom Landing Page - BrowserDetectVideoAutoplay is not defined #55352e
• Fixed checkout fails when the total of minimum seller + buyer fees is higher than the listing price #fc077e
• Fixed module is not defined error #64f7d7

Security

• Upgrade Rails to 5.2.4.5 as well as gems #4366
• Dependencies update #4373, #037932, #b1c10a, #3e00b7, #cbf815, #7e0eb9, #1b9d66

Upgrade from 10.1.0 to 10.2.0

Nothing special. See the General update instructions.

Added

• New Admin panel, done through many many PRs that have admin2 or admin v2in their title
• Info text to Stripe form #4118
• Stripe support for Cyprus #4122
• Stripe support for Malta #4123
• Stripe support for Bulgaria #4124
• Add "paypal/stripe setup" in users csv export #4003, #4196
• UI for setting custom domain #4227, #4237, #4241, #4296, #4312
• reCAPTCHA support #4299
• Email notification to admins when changing the marketplace ident #4326
• Missing settings for two email notifications #4328
• Stripe support for Hungary #4295

Changed

• Increase Facebook and Twitter meta images size #4100
• Add more states to FINISHED_TX_STATES to allow user account deletion correctly #4109
• Update airbrake and newrelic #4111
• Remove default favicon and add type tag to favicon link #4140
• Make active storage service configurable #4143
• Specify the requested fields in Google Maps Places API query #4146
• Review text is required in edits from admins #4153
• Update Proxima font #4177
• Adjust CircleCI configuration for faster test runs #4274
• Make the Custom script plan_feature dependent #4289
• Fix job priorities #4294
• Email layout v2 - Link color consistency with marketplace color #4303
• Optimize polling for pending delayed jobs #4311
• Email layout v2 - Disable markdown formatting in listing description #4305
• Improve efficiency of community membership counting #4319
• Email layout v2 - Add note to email layout #4318
• Email layout v2 - Disable markdown formatting in listing description #4305
• Email layout v2 - Remove ability to change feature flag from Admin panel #4307
• Use the community default locale for CLP #4341
• Change the main font for Go UI to Proxima soft #4353

Removed

• Sunset PayPal in India #4338

Fixed

• Fixed query for booked dates in range #4091
• Fixed error when using daily availability management datepicker #4094
• Fixed confirming payment multiple times with Stripe #4102
• Fixed inconsistent transaction left after transition fails #4092
• Fixed CLP hero section with upload background image #4101
• Fixed search with fuzzy location #4103
• Fixed issue with error translation in some languages #4132
• Fixed user display_name #4130
• Fixed active map view on listing page #4145
• Fixed default setting automatic newsletters #4150
• Fixed bug with "Display name" not being used in transaction steps texts #4155
• Fixed no listing location makes clicks on "Show in the next newsletter" impossible #4181
• Fixed infinite scroll on homepage not working w/ Chromium 87 #4273
• Fixed test email not sent to admin if they have unsubscribed #4327
• Fixed inconsistency between the Unsubscribe link in the Receipt of payment email and the notification setting #4329
• Fixed rels deleted users #4340
• Fixed Facebook buttons cut off and misaligned #4348

Security

• Updated fileupload plugin #4136
• Update rails to 5.2.4.3 #4141
• Update rails to 5.2.4.4 #4231
• Upgrades node-sass and json #4233
• Add tests ensuring csrf protection for omniauth auth paths #4266
• Vulnerable dependencies updates - Axios, Nokogiri, Redcarpet #4325

Upgrade from 10.0.0 to 10.1.0

Nothing special. See the General update instructions.

Added

• Fuzzy location #4035
• Stripe support for Czech Republic #4049, #4069
• Allow admin to edit the button in Hero section #4051
• Stripe support for Romania #4066

Changed

• Go no longer uses Harmony for availability management. Functionality is now implemented fully in Go. See the upgrade instructions. #4020, #4037, #4043, #4048, #4071
• Copy texts for admin email notification of new entry in Contact form #4077

Fixed

• Fixed inbox doesn't consider commission status #4044
• Fixed encoding issue with PayPal #4045
• Fixed missing listing image in community updates email #4046
• Fixed scope of transations for testimonials to support Disputed #4063

Upgrade from 9.1.0 to 10.0.0

If you are not using Harmony for availability
management, there is nothing special. See the General update
instructions.

Otherwise, follow the instructions below.

Migrate Harmony data to Go

With this release, Go no longer uses Harmony as
backend for day- and night-based availability management. The functionality is
completely implemented within Go (there is no change in user-facing features).
However, this requires that some data from Harmony is migrated to Go's database.

1. Start by following the General update
   instructions, which will migrate the Go
   database to the latest version.

2. Backup also your Harmony database.

3. Run the following SQL queries to copy data over. The queries assume you are
   using the default production database names for both Go
   (sharetribe_production) and Harmony (harmony_production_db). If that's
   not the case, replace the database names accordingly.

   INSERT INTO sharetribe_production.listing_blocked_dates (listing_id, blocked_at, created_at, updated_at)
     SELECT
     l.id, e.start, e.created_at, e.updated_at
     FROM harmony_production_db.exceptions e
     LEFT JOIN harmony_production_db.bookables b ON e.bookable_id = b.id
     LEFT JOIN sharetribe_production.listings l ON b.ref_id = l.uuid
     LEFT JOIN sharetribe_production.listing_blocked_dates bd ON bd.listing_id = l.id AND bd.blocked_at = e.start
     WHERE
     e.deleted <> 1
     AND l.id IS NOT NULL
     AND e.start >= curdate()
     AND bd.id IS NULL
     GROUP BY e.id ;
   
   
   -- delete blocked dates that are deleted in Harmony but present in Go
   
   -- needs temporary table
   CREATE TABLE sharetribe_production.tmp LIKE sharetribe_production.listing_blocked_dates;
   INSERT INTO sharetribe_production.tmp
     SELECT sharetribe_production.listing_blocked_dates.*
     FROM sharetribe_production.listing_blocked_dates;
   CREATE TABLE sharetribe_production.tmp2 (id int(11) NOT NULL, PRIMARY KEY (id));
   
   INSERT INTO sharetribe_production.tmp2 (
     SELECT
     distinct(bd.id)
     FROM harmony_production_db.exceptions e
     INNER JOIN (
       SELECT e.id, e.bookable_id, start, max(updated_at) AS max_updated_at
       FROM harmony_production_db.exceptions e
       GROUP BY e.bookable_id, e.start
     ) e2 ON e.id = e2.id AND e.updated_at = e2.max_updated_at
     LEFT JOIN harmony_production_db.bookables b ON e.bookable_id = b.id
     LEFT JOIN sharetribe_production.listings l ON b.ref_id = l.uuid
     LEFT JOIN sharetribe_production.tmp bd ON bd.listing_id = l.id AND bd.blocked_at = e.start
     WHERE
     e.deleted = 1
     AND l.id IS NOT NULL
     AND e.start >= curdate()
     AND bd.id IS NOT NULL
     GROUP BY e.id);
   
   DELETE FROM sharetribe_production.listing_blocked_dates WHERE id IN (
     SELECT id FROM sharetribe_production.tmp2);
   DROP TABLE sharetribe_production.tmp;
   DROP TABLE sharetribe_production.tmp2;
   

You can now bring Go back up.

After the migration you can delete Harmony's database and remove the Harmony
service altogether from your system.

[9.1.0] - 2020-03-06

Added

• Custom Landing Page Editor
• New emails layout
• Support for Stripe capabilities
• Allow admin to mark completed cancel transactions #3889
• Added listing price and unit to csv export #3891
• Add listing price to RSS/Atom feed #3892
• Add link to delete closed listing #3893
• Add shipping address to Transaction view #3910
• Add a transaction state after canceled and improve the flow #3926
• Add support for Mexico accounts #3937
• Allow users to edit their username #3941
• Add "My transactions" view in user settings #3943
• Add GHS currency #3944
• Add support for HEIC images #3966
• Allow admin to update the marketplace ident #3972
• Allow admins to delete a user account #3975
• Retry paypal errored commission #3977
• New texts for Google Search Console #3979
• New Add text about GTM #3997
• Add "paypal/stripe setup" in users csv export #4003
• Admin can remove logo, square logo, cover photo, small cover photo, favicon, social media image #4012

Changed

• Send additional verification document if required #3897
• Change to dropdown for state values for Canada and Australia #3905
• Title in admin transaction view #3911
• No default option selected if pickup and shipping are offered #3938
• Stripe API version changed to 2019-12-03 #3948
• Hide "Newsletter" settings if newsletter has been disabled by admins #3959
• Change meta tag xx:image to use profile picture for user profiles#3960
• Update to Ruby 2.6.5 and a Debian Buster base Docker image #3967
• Delete invitations sent by a user who gets deleted forever #3973
• Show account restricted or pending in the smart way #3990
• Send MCC/Email/URL when updating a Connect account #3993
• Link to transaction should redirect to admin view #3998
• Update the forms to have phone placeholder and JPG information #4004
• Remove Google+ from CLP and Footer #4005
• Longer number of characters for Display name #4007
• Add the listing ID to PayPal's metadata #4013
• Validation if SEO variables are not correct #4014

Fixed

• Fixed users CSV export date field not required #3886
• Fixed notification for each new transaction #3887
• Fix meta title/description bug for social #3894
• Fixed payment JS in older browser #3920
• Fixed listing image width setup #3921
• Fixed day/night availability after payment intent failed or expired #3922
• Fixed check payment method presence when initiating payment #3935
• Fixed Stripe payment card declined without SCA #3952
• Fixed localization of PayPal payment description when charging the admin commission #3961
• Fixed incorrect count of listings when editing an Order type isn't correct #3964
• Fixed incorrect language in placeholder for social media tags #3995
• Fixed wrong receipt for the seller when there is Shipping involved #4009
• Fixed followers get notifications of rejected listings #4011

Security

• Updated gems: rubyzip 1.3.0, devise 4.7.1 #3899
• Bump loofah from 2.3.0 to 2.3.1 #3918
• Bump puma from 3.12.1 to 3.12.2 #3936
• Bump rack from 2.0.7 to 2.0.8 #3951
• Bump nokogiri from 1.10.5 to 1.10.8 #4010
• Bump puma from 3.12.2 to 3.12.4 #4021

Upgrade from 9.0.0 to 9.1.0

Ruby version updated from 2.6.2 to 2.6.5.

Using RVM, you can upgrade your local Ruby version like this:

rvm install ruby-2.6.5
rvm use ruby-2.6.5
gem install bundler
bundle install

Then follow the [#general-update-instructions].

Today, we are changing the license of Sharetribe Go from MIT to Sharetribe Community Public Licence. For 99.9% of the users of self-hosted Sharetribe Go, this doesn't change anything: the code is still available online, and you can download the code for free and run it on your servers to power your own marketplace business. You can also modify the code the way you wish while doing so. You can also make money offering setup or customization services on top of this code. The only practical change is that it's no longer allowed to provide the Sharetribe Go codebase as a SaaS offering.

Learn more about the change.

Changed

• Update Sharetribe Go Licence #3883

Upgrade from 8.1.0 to 9.0.0

Nothing special. See the [#general-update-instructions].

Added

• Stripe SCA paymentintent based preauth process #3791
• Stripe SCA finalize ui and management #3805
• Support for markdown in listing descriptions #3795, #3810, #3874
• Add "Whats new?" link in the sidebar #3822
• Add ready made cover pics link next to the cover pick chooser #3823
• Add "Terms, Privacy Policy and static content" table and links in "Basic details" tab #3827
• Add four new fields to the transactions CSV export #3845
• Allow admins to unskip reviews #3857
• Admin option to send a notification for each new transaction #3859
• Add new countries support: Estonia, Greece, Latvia, Lithuania, Poland, Slovakia, Slovenia #3872

Changed

• In shipping address replace country dropdown with text field #3815
• Use community currency for free transactions avoiding nil.to_money == 0 EUR #3816
• Edit some CSV exports #3828
• Change datetime format in all CSV exports #3844
• Remove username from signup #3853

Removed

• Remove google-site-verification from head and hardcoded GWT tag #3825, #3826

Fixed

• Order Type name for free listings was not updating cached fragment #3836
• Disabling top bar default links (about, contact) is not possible #3840

Upgrade from 8.0.0 to 8.1.0

Nothing special. See the [#general-update-instructions].

Added

• Use index hint for homepage query #3714
• Add Albanian to the list of unsupported languages #3718
• Add Macedonian to the list of unsupported languages #3725
• Ability for providers to delete listings #3756
• Stripe support for Singapore #3762
• Cache community count #3766
• Ability to export listings to a CSV file #3790
• Allow admins to disable direct messaging between users #3793
• Add .html_safe to content for title #3744

Changed

• Update to ruby 2.6.2 #3701
• Add more bot rules, disallow login paths #3715
• Update to Rails 5.2.3 #3722
• Prevent lowering minimum transaction size to less than minimum transaction fee with Stripe #3723
• Update to Node.js 10.15 #3735
• Updates to payment preference settings #3748
• Updated copy text from Ban to Disable #3755
• Category translation caching improvements #3761
• Stripe remove the MCC field and hardcode it #3771
• Move "Phone number" field down in US Stripe form #3775

Fixed

• Fix to the SEO tags without price translation string #3727
• Fix to payment settings causing internal error when PayPal has never been enabled #3732
• Fix to password reset #3763
• Fix to Stripe US account update #3765
• Fix to adding links to footer #3769
• Fix to validation for custom date fields #3772
• Fix to exclude expired listings when filtering for open #3773
• Fix to signup page description tag #3794

Upgrade from 7.6.0 to 8.0.0

Ruby version updated from 2.3.4 to 2.6.2.

Using RVM, you can upgrade your local Ruby version like this:

rvm install ruby-2.6.2
rvm use ruby-2.6.2
gem install bundler
bundle install

Make sure you have node 10.15 installed.

Then follow the [#general-update-instructions].

One more note: after the Rails upgrade, "Memcache" is possibly no longer working. It was never officially supported, and at Sharetribe we rely on Redis.

• If you use Redis, run Rails.cache.clear via the Rails console
• If you use Memcache, things might be broken and you might need to switch to Redis
• If you didn't use either, no special instructions

Added

• Reviews filters in admin panel #3589
• Marketplace logo in all marketplace emails #3581
• New element in the user dropdown menu in the topbar: My listings #3608
• Domain tab in the admin panel #3614
• Social media logins: Google and LinkedIn #3583
• SEO tab in the admin panel and the possibility to customize the metatags for your marketplace main page #3612
• Lithuanian as an unsupported language #3624
• SEO tags working on landing pages as well #3622
• Added the possibility to charge a commission from the buyer #3490
• New templates for the landing page footer #3645
• More SEO options to add custom tags to different marketplace pages #3647
• Ability to have pre-approved listings #3620
• Notifications about listings to approve #3646
• Better logging and error reporting with Stripe #3676
• Listen to account status and missing info from Stripe #3672
• Sending different notifications when a listing is new or edited #3692

Changed

• Link to closed listings redirects to listings table in profile settings #3607
• The way parameters are sent related to creating an connected account with Stripe #3637
• Updated Stripe API keys pattern regex #3660
• Updated Facebook login button in accordance to their branding demands #3696
• Updated Facebook API to version 3.2 #3679

Fixed

• Fix inefficient queries when admin tries to send emails to all members #3532
• Fixed failed list of listings #3604
• Being able to edit the Stripe connected account name and lastname through the UI #3653
• Handle Stripe API keys various lenghts #3667
• Issues with Stripe Payouts #3668
• Update CI to use Ubuntu-based image #3671

Security

• Update passenger gem to latest version #3609
• Update several gems to latest versions #3675

Upgrade from 7.5.0 to 7.6.0

Nothing special. See the [#general-update-instructions].

[7.5.0] - 2019-01-30

Added

• Social media sharing specific image #3455
• Edit reviews feature #3422
• New user segment for sending e-mails to users: "User who are allowed to post listings" #3461
• "Per unit" default pricing unit #3462
• Japan as supported country for Stripe #3472
• Puerto Rico as supported country for Stripe #3474
• Possibility to hide slogan and description from the cover photo #3477
• Transaction search and filter #3484 and #3504
• Listing search and filter #3496
• Customizable footer for Pro subscriptions #3374
• New section in admin panel to view and manage invitations #3505
• Add user_id to the listing CSV export #3511
• HSTS support #3512
• Add filters in User search and filters #3515
• Add Conversations search in admin panel #3521
• Admin can act as another user (post listings as, edit profile) #3525
• Admin can resend confirmation email #3529
• Add Review search in admin panel #3537
• Social media sharing specific texts #3538
• Custom link behind marketplace logo #3564
• Ability to edit default top bar menu links #3565
• Admins should be able to see closed listings #3582
• User can browse all their listings in a table #3584

Changed

• Make "Per unit" the default pricing unit for product marketplace #3462
• Better messaging for closed marketplaces #3465
• Allow 65 characters in the listing title #3497
• Characters are escaped in URLs #3546
• Updated list of supported and unsupported languages #3577

Deprecated

Removed

Fixed

• Bug in Hong Kong bank account form #3456
• Bug in transaction agreement text #3468
• Bug in availability per hour manager #3467
• Layout for social media image #3475
• Amazon Web service mail verification #3471
• Number of users when searching in the admin panel #3483

Security

• Fix referrer issue #3469
• Security dependencies update #3470
• Dependency update #3479

Upgrade from 7.4.0 to 7.5.0

HTTP Strict Transport Security is now enabled by default for sites that do not
use custom domain (communities.use_domain = false) when always_use_ssl is
set to true in the configuration. If you wish to disable it, set
hsts_max_age to 0.

Nothing else special. See the [#general-update-instructions].

[7.4.0] - 2018-10-09

Added

• View Listings page in the admin panel #3340
• Locations section in the custom landing pages #3341
• Background color and image for any section #3296
• Custom fields for user profiles #3332
• Add a section button for info-2-columns and info-3-columns in the custom landing pages #3362
• File name in the design tab and profile settings to show the stored file #3364
• Allow markdown in user profiles "About you" section #3370
• "Expired" status in View listings page #3387
• Allow spaces at the end of the e-mails in signup form #3394
• Added Puerto Rico as a Stripe supported country #3399
• Added support for INR with PayPal #3416
• Added support for ARS with PayPal #3415
• Direct link to the admin panel when logging in as admin user#3414
• Added checkmarks to the user fields #3441
• Added the use of session token in Google's autocomplete feature #3401
• Icons to payment provider's page #3444

Changed

• Rename admin panel sections #3350
• Rename save listings button #3355
• Video section variations on the custom landing pages #3367
• Renamed the default category to "default category" #3362
• Allow links in the custom user text fields #3373
• Google maps dynamic map for static maps in the listing page #3382
• Change Static map for embedded maps in the listing page #3395
• Update to Circle CI 2.0 #3360
• Profile image is only used once it has been processed #3427

Fixed

• Fix data deletion task to handle missing images #3349
• Requester name in waiting for confirmation messages in the inbox #3357
• Fixed bug in Hungarian Forint minimum transaction size #3366
• Stripe fee information in listing page #3384
• Display bug in checkbox user fields #3385
• Fixed a broken link when no date was selected for free "per day" and "per night" listings #3410
• Allow to leave dropdown option unselected if it is not mandatory #3446

Upgrade from 7.3.1 to 7.4.0

Nothing special. See the general upgrade instructions.

[7.3.1] - 2018-06-07

Release contains important security fixes.

Security

• [Critical] Fix several parameter validation bugs that opened the app to SQL injection
• Update sinatra dependency #3344
• Update multiple dependencies
• Present form auto-complete for Stripe secret keys #3338

Added

• Add soundcloud link support in custom landing page footer #3300
• Add checkbox for consent for receiving emails from admins to signup process #3318
• Add popup notification when giving admin rights to a new user #3329
• Add link to privacy policy in the signup page #3328
• Allow admins to disable end-user Analytics #3319
• Allow links in custom listing text fields #3297
• Add View reviews section in the admin panel #3267
• Add possibility to export transaction as CSV file #3245

Changed

• Improve user deletion to clear personal data more thoroughly #3325
• Delete automatically transactions that fail with Stripe #3326
• Prevent an admin from deleting their account if they are the only admin in the marketplace#3320
• Split first name and last name from Stripe account connection form #3317

Removed

• Remove feature flag for export transactions feature #3288

Fixed

• Fix Dockerfile issue where bundler was trying to install binaries in root-owner directory #3321. Thanks, Nick Meiremans.
• Fix Stripe payout scheduler #3309
• Fix last 4 digits of SSN passing to Stripe for US bank accounts #3282

Upgrade from 7.3.0 to 7.3.1

Nothing special. See the general upgrade instructions.

[7.3.0] - 2018-02-23

Added

• Per hour availability 3166
• Support for NZ bank account with Stripe 3165
• "View conversations" section in admin panel 3173
• Account tokens for Stripe bank account connections 3234

Changed

• Made user confirmation form more secure 3170

Removed

• Confirmation days x after end time of the transaction 3205

Fixed

• Improvements to PayPal workflow (IPNs) 3176
• Some bugs related to sending emails from admin#3183

Upgrade from 7.2.0 to 7.3.0

Nothing special. See the [#general-update-instructions].

Added

• Add rack-attack for request throttling #3078
• Stripe integration #3018
• Sending emails from admin to specified subset of users #3058
• Custom Scripts are now also enabled in Custom Landing Page #3080
• Allow admins to edit their Custom Outgoing Email and Sender Name #3106
• Allow admins to unban users 3108
• Ability to disable Stripe and PayPal 3112
• Allow admins to search users by name or email 3113
• Add an unsubscribe link to invitation emails 3136
• Add more information texts about holding funds with Stripe 3150

Changed

• Lowered daily limits for invitations from 50 to 10 3134
• Increased unsubscribe auth token validity from 1 week to 4 weeks 3138

Fixed

• Fixed correct use of outgoing email address, if configured, when sending manual emails to users #3058
• Fixed sounds of videos in Custom Landing Pages not working #3101
• Fixed listing image reordering when some images were deleted #3107
• Fixed incorrect use of name of receipt email 3127
• Fixed many bugs related to Stripe integration
• Fixed many bugs related to code refactoring

Upgrade from 7.1.0 to 7.2.0

Nothing special. See the General Update Instructions.

Added

• Added configuration for trusted proxies #3040

Changed

• Currencies can now be formatted with translations #3043
• Transaction status is now named Completed everywhere instead of Confirmed #3028
• WebTranslateIt API keys were updated #3029
• Force meta tags content to be HTML escaped #3047
• Upgrade to latest ruby 2.3.4 with latest rubygems (2.6.13+) #3056

Fixed

• Fixed image deletion in Android 3023
• Fixed changing the names of custom listing field options 3024
• Fixed image ordering usability in Android 3034
• Fixed not sending automatic emails to expired and deleted marketplaces 3044
• Fixed carousel black box rendering issue 3045
• Fixed datepicker issue with per night availability 3046
• Fixed listing checkbox layout issue on mobile 3048
• Fixed admin layout issue in Safari 3066
• Fixed error message layout placement when reviewing without grade 3067
• Fixed managing availability of rejected booking dates 3068

Upgrade from 7.0.0 to 7.1.0

Ruby version is updated from 2.3.1 to 2.3.4. The update contains fixes for several security vulnerabilities.

Using RVM, you can upgrade your local Ruby version like this:

rvm install ruby-2.3.4
rvm use ruby-2.3.4
gem install bundler
bundle install

Tag version: v7.0.0

Release title: v7.0.0

Describe this release:

Changed

• Updated Rails to 5.1.1 and Node to 7.8 #2976

Upgrade

Make sure you have node 7.8 installed.

Then follow the general upgrade instructions in https://github.com/sharetribe/sharetribe/blob/master/UPGRADE.md.

If foreman causes trouble with an error message:

'method_missing': undefined method 'this'

it's an issue with rubygems. This issue can be solved by updating rubygems with:

gem update --system

Added

• New feature: User can reorder listing images #2970

Changed

• Change instructions how to compile assets. This reduces the JavaScript bundle size drastically. c613cac

Fixed

• Fixed transaction button styles. Styles were broken in IE Edge. #2968
• Fixed admin UI language change. #2969
• Fix old mobile browser compatibility by removing dependency to Intl api. #2979

Security

• Fixed cross-community security issues #2978

Changed

• Migrate from database session store to cookie-based session store #2935

Removed

• Removed default twitter handle #2906

Fixed

• Fix cropped cover photo in big screens #2895
• Add missing padding to homepage search field in mobile view #2895
• Fix unwanted scrolling in listing page by removing comment text area auto focus #2917
• Fix faulty feature flag dependency handling #2932
• Fix map bug where multiple listings close to each other caused the icon cluster to disapper when zoomed closed enough #2942
• Fix issue #2885: Landing page always shows Sign up button for private marketplace, even if the user is logged in #2944

Security

• Upgrade Nokogiri and rubyzip gems #2943

Upgrade from 6.2.0 to 6.3.0

Migration from database session store to cookie-based session store

This release migrates from database session store to cookie-based session store. The migration is done seamlessly without users being logged out.

Make sure that you are using a cache store that can share cache between processes (such as FileStore, MemCacheStore or Redis) if you are running multiple server processes. The new session implementation caches user session data and if the cache is not shared between all server processes they will get out of sync and actions such as logout will only log out the user from one process but not from all processes. See this Rails Guides article to read more about Cache Stores in Rails.

Add a new scheduled task to clean up expired tokens. Run it once per day:

bundle exec rails runner ActiveSessionsHelper.cleanup

To read more, see Scheduled tasks.