Merge tag 'v1.10.0'

# Conflicts:
#	Gemfile.lock

.circleci/config.yml

@@ -82,7 +82,7 @@ jobs:
 
       - run:
           name: Running rails db:migrate shouldn't cause changes
-          command: bash ./.circleci/db_schema_check
+          command: bash ./bin/db_schema_check
 
   'Minitest':
     parameters:
@@ -106,7 +106,7 @@ jobs:
       - when:
           condition: << parameters.use-core-repo >>
           steps:
-            - run: ./bin/checkout-and-link-core-repo
+            - run: ./.circleci/checkout-and-link-core-repo
 
       # Install dependencies
       - ruby/bundle-install
@@ -159,7 +159,7 @@ jobs:
       - when:
           condition: << parameters.use-core-repo >>
           steps:
-            - run: ./bin/checkout-and-link-core-repo
+            - run: ./.circleci/checkout-and-link-core-repo
 
       # Install dependencies
       - ruby/bundle-install
@@ -216,7 +216,7 @@ jobs:
       - when:
           condition: << parameters.use-core-repo >>
           steps:
-            - run: ./bin/checkout-and-link-core-repo
+            - run: ./.circleci/checkout-and-link-core-repo
 
       # Install dependencies
       - ruby/bundle-install
@@ -266,7 +266,7 @@ jobs:
       - when:
           condition: << parameters.use-core-repo >>
           steps:
-            - run: ./bin/checkout-and-link-core-repo
+            - run: ./.circleci/checkout-and-link-core-repo
 
       # Install dependencies
       - ruby/bundle-install
@@ -321,7 +321,7 @@ jobs:
       - when:
           condition: << parameters.use-core-repo >>
           steps:
-            - run: ./bin/checkout-and-link-core-repo
+            - run: ./.circleci/checkout-and-link-core-repo
 
       # Install dependencies
       - ruby/bundle-install

.github/workflows/_database_schema_check.yml

@@ -42,5 +42,5 @@ jobs:
 
       - name: Database Schema Check
         id: db-schema-check
-        run : ./.circleci/db_schema_check
+        run : ./bin/db_schema_check
         continue-on-error: false

Gemfile

@@ -112,7 +112,7 @@ end
 
 # We use a constant here so that we can ensure that all of the bullet_train-*
 # packages are on the same version.
-BULLET_TRAIN_VERSION = "1.9.0"
+BULLET_TRAIN_VERSION = "1.10.0"
 
 # Core packages.
 gem "bullet_train", BULLET_TRAIN_VERSION
@@ -177,7 +177,9 @@ group :test do
   # Write system tests by pointing and clicking in your browser.
   gem "magic_test"
 
-  # Increase parallelism to run CircleCI tests across multiple nodes
+  # Increase parallelism to run CI tests across multiple nodes
+  # Note: You need to ensure that ENV["KNAPSACK_PRO_CI_NODE_INDEX"] is set if you want to use this.
+  # See test/test_helper.rb for additional context around that env var.
   gem "knapsack_pro"
 end
 

Gemfile.lock

@@ -122,7 +122,7 @@ GEM
     bootsnap (1.17.1)
       msgpack (~> 1.2)
     builder (3.2.4)
-    bullet_train (1.9.0)
+    bullet_train (1.10.0)
       awesome_print
       bullet_train-has_uuid
       bullet_train-roles
@@ -155,7 +155,7 @@ GEM
       unicode-emoji
       valid_email
       xxhash
-    bullet_train-api (1.9.0)
+    bullet_train-api (1.10.0)
       bullet_train
       bullet_train-super_scaffolding
       colorizer
@@ -166,61 +166,61 @@ GEM
       pagy_cursor
       rack-cors
       rails (>= 6.0.0)
-    bullet_train-fields (1.9.0)
+    bullet_train-fields (1.10.0)
       chronic
       cloudinary
       phonelib
       rails (>= 6.0.0)
-    bullet_train-has_uuid (1.9.0)
+    bullet_train-has_uuid (1.10.0)
       rails (>= 6.0.0)
-    bullet_train-incoming_webhooks (1.9.0)
+    bullet_train-incoming_webhooks (1.10.0)
       bullet_train
       bullet_train-api
       bullet_train-super_scaffolding
       rails (>= 6.0.0)
-    bullet_train-integrations (1.9.0)
+    bullet_train-integrations (1.10.0)
       rails (>= 6.0.0)
-    bullet_train-integrations-stripe (1.9.0)
+    bullet_train-integrations-stripe (1.10.0)
       omniauth
       omniauth-rails_csrf_protection
       omniauth-stripe-connect
       rails (>= 6.0.0)
       stripe
-    bullet_train-obfuscates_id (1.9.0)
+    bullet_train-obfuscates_id (1.10.0)
       hashids
       rails (>= 6.0.0)
-    bullet_train-outgoing_webhooks (1.9.0)
+    bullet_train-outgoing_webhooks (1.10.0)
       public_suffix
       rails (>= 6.0.0)
-    bullet_train-roles (1.9.0)
+    bullet_train-roles (1.10.0)
       active_hash
       activesupport
       cancancan
     bullet_train-routes (1.0.0)
       rails (>= 6.0.0)
-    bullet_train-scope_questions (1.9.0)
+    bullet_train-scope_questions (1.10.0)
       rails (>= 6.0.0)
-    bullet_train-scope_validator (1.9.0)
+    bullet_train-scope_validator (1.10.0)
       rails
-    bullet_train-sortable (1.9.0)
+    bullet_train-sortable (1.10.0)
       rails (>= 6.0.0)
-    bullet_train-super_load_and_authorize_resource (1.9.0)
+    bullet_train-super_load_and_authorize_resource (1.10.0)
       cancancan
       rails (>= 6.0.0)
-    bullet_train-super_scaffolding (1.9.0)
+    bullet_train-super_scaffolding (1.10.0)
       colorizer
       indefinite_article
       masamune-ast (~> 2.0.2)
       rails (>= 6.0.0)
-    bullet_train-themes (1.9.0)
+    bullet_train-themes (1.10.0)
       bullet_train-fields
       nice_partials (~> 0.9)
       rails (>= 6.0.0)
-    bullet_train-themes-light (1.9.0)
+    bullet_train-themes-light (1.10.0)
       bullet_train-themes-tailwind_css
       masamune-ast (~> 2.0.2)
       rails (>= 6.0.0)
-    bullet_train-themes-tailwind_css (1.9.0)
+    bullet_train-themes-tailwind_css (1.10.0)
       bullet_train-themes
       rails (>= 6.0.0)
     cable_ready (5.0.5)
@@ -459,7 +459,7 @@ GEM
       ast (~> 2.4.1)
       racc
     pg (1.5.4)
-    phonelib (0.9.3)
+    phonelib (0.10.1)
     possessive (1.0.1)
     postmark (1.25.0)
       json
@@ -645,7 +645,7 @@ GEM
     stimulus-rails (1.3.0)
       railties (>= 6.0.0)
     stringio (3.0.8)
-    stripe (13.1.2)
+    stripe (13.2.0)
     strscan (3.1.0)
     terser (1.1.20)
       execjs (>= 0.3.0, < 3)
@@ -701,24 +701,24 @@ DEPENDENCIES
   avo (>= 3.1.7)
   aws-sdk-s3
   bootsnap
-  bullet_train (= 1.9.0)
-  bullet_train-api (= 1.9.0)
-  bullet_train-fields (= 1.9.0)
-  bullet_train-has_uuid (= 1.9.0)
-  bullet_train-incoming_webhooks (= 1.9.0)
-  bullet_train-integrations (= 1.9.0)
-  bullet_train-integrations-stripe (= 1.9.0)
-  bullet_train-obfuscates_id (= 1.9.0)
-  bullet_train-outgoing_webhooks (= 1.9.0)
-  bullet_train-roles (= 1.9.0)
-  bullet_train-scope_questions (= 1.9.0)
-  bullet_train-scope_validator (= 1.9.0)
-  bullet_train-sortable (= 1.9.0)
-  bullet_train-super_load_and_authorize_resource (= 1.9.0)
-  bullet_train-super_scaffolding (= 1.9.0)
-  bullet_train-themes (= 1.9.0)
-  bullet_train-themes-light (= 1.9.0)
-  bullet_train-themes-tailwind_css (= 1.9.0)
+  bullet_train (= 1.10.0)
+  bullet_train-api (= 1.10.0)
+  bullet_train-fields (= 1.10.0)
+  bullet_train-has_uuid (= 1.10.0)
+  bullet_train-incoming_webhooks (= 1.10.0)
+  bullet_train-integrations (= 1.10.0)
+  bullet_train-integrations-stripe (= 1.10.0)
+  bullet_train-obfuscates_id (= 1.10.0)
+  bullet_train-outgoing_webhooks (= 1.10.0)
+  bullet_train-roles (= 1.10.0)
+  bullet_train-scope_questions (= 1.10.0)
+  bullet_train-scope_validator (= 1.10.0)
+  bullet_train-sortable (= 1.10.0)
+  bullet_train-super_load_and_authorize_resource (= 1.10.0)
+  bullet_train-super_scaffolding (= 1.10.0)
+  bullet_train-themes (= 1.10.0)
+  bullet_train-themes-light (= 1.10.0)
+  bullet_train-themes-tailwind_css (= 1.10.0)
   capybara (~> 3.39)
   capybara-email
   capybara-lockstep

config/initializers/doorkeeper.rb

@@ -368,7 +368,7 @@
   # The user doesn't have control over the authorization process, so clients
   # aren't limited by scope, and could potentially have the same capabilities
   # as the user themselves. See the second link above for countermeasures.
-  grant_flows %w[authorization_code password implicit client_credentials]
+  grant_flows %w[authorization_code client_credentials]
 
   # Allows to customize OAuth grant flows that +each+ application support.
   # You can configure a custom block (or use a class respond to `#call`) that must

package.json

@@ -2,9 +2,9 @@
   "name": "app",
   "private": true,
   "dependencies": {
-    "@bullet-train/bullet-train": "1.9.0",
-    "@bullet-train/bullet-train-sortable": "1.9.0",
-    "@bullet-train/fields": "1.9.0",
+    "@bullet-train/bullet-train": "1.10.0",
+    "@bullet-train/bullet-train-sortable": "1.10.0",
+    "@bullet-train/fields": "1.10.0",
     "@esbuild-plugins/node-globals-polyfill": "^0.2.3",
     "@fullhuman/postcss-purgecss": "6.0.0",
     "@hotwired/turbo-rails": "^8.0.12",

test/controllers/api/test.rb

@@ -1,28 +1,22 @@
 class Api::Test < ActionDispatch::IntegrationTest
   def access_token
-    params = {
-      client_id: @platform_application.uid,
-      client_secret: @platform_application.secret,
-      grant_type: "password",
-      scope: "read write delete"
-    }
-
-    post "/oauth/token", params: params
-    assert_response :success
-    response.parsed_body["access_token"]
+    access_token = Doorkeeper::AccessToken.create!(
+      resource_owner_id: @user.id,
+      token: SecureRandom.hex,
+      application: @platform_application,
+      scopes: "read write delete"
+    )
+    access_token.token
   end
 
   def another_access_token
-    params = {
-      client_id: @another_platform_application.uid,
-      client_secret: @another_platform_application.secret,
-      grant_type: "password",
-      scope: "read write delete"
-    }
-
-    post "/oauth/token", params: params
-    assert_response :success
-    response.parsed_body["access_token"]
+    access_token = Doorkeeper::AccessToken.create!(
+      resource_owner_id: @another_user.id,
+      token: SecureRandom.hex,
+      application: @another_platform_application,
+      scopes: "read write delete"
+    )
+    access_token.token
   end
 
   setup do