liberu-genealogy / genealogy-old

Laravel 10.x backend using PHP 8.2. Family tree and genealogy data processing website software.
https://www.liberu.co.uk
MIT License
204 stars 59 forks source link

Bump laravel/cashier from 14.12.10 to 15.2.0 #2452

Open dependabot[bot] opened 10 months ago

dependabot[bot] commented 10 months ago

Bumps laravel/cashier from 14.12.10 to 15.2.0.

Release notes

Sourced from laravel/cashier's releases.

v15.2.0

v15.1.1

v15.1.0

v15.0.0

v14.14.0

v14.13.1

v14.13.0

v14.12.12

v14.12.11

Changelog

Sourced from laravel/cashier's changelog.

v15.2.0 - 2024-01-16

v15.1.1 - 2024-01-12

v15.1.0 - 2024-01-09

v15.0.0 - 2023-12-22

v14.14.0 - 2023-11-21

v14.13.1 - 2023-11-08

v14.13.0 - 2023-11-07

v14.12.12 - 2023-11-02

v14.12.11 - 2023-10-31

Upgrade guide

Sourced from laravel/cashier's upgrade guide.

Upgrade Guide

Upgrading To 15.0 From 14.x

Minimum Versions

The following required dependency versions have been updated:

  • The minimum PHP version is now v8.1
  • The minimum Laravel version is now v10.0

Stripe SDK Version

PR: laravel/cashier-stripe#1615

The Stripe SDK version is now fixed at v13.x.

Stripe API Version

PR: laravel/cashier-stripe#1615

The default Stripe API version for Cashier 15 is 2023-10-16. If this is the latest Stripe API version when you upgrade to this Cashier version, then we recommend you also upgrade your Stripe API version settings in your Stripe dashboard to this version after deploying the Cashier upgrade. If this is no longer the latest Stripe API version, we recommend you do not modify your Stripe API version settings.

If you use the Stripe PHP SDK directly, make sure to properly test your integration after updating.

Upgrading Your Webhook

You should ensure your webhook operates on the same API version as Cashier. To do so, you may use the cashier:webhook command from your production environment to create a new webhook that matches Cashier's Stripe API version:

php artisan cashier:webhook --disabled

This will create a new webhook in your Stripe dashboard with the same Stripe API version as Cashier. The webhook will be immediately disabled so it doesn't interfere with your existing production application until you are ready to enable it. By default, the webhook will be created using the APP_URL environment variable to determine the proper URL for your application. If you need to use a different URL, you can use the --url flag when invoking the command:

php artisan cashier:webhook --disabled --url "http://example.com/stripe/webhook"

You may use the following upgrade checklist to properly enable the new webhook:

  1. If you have webhook signature verification enabled, disable it on production by temporarily removing the STRIPE_WEBHOOK_SECRET environment variable.
  2. Add any extra Stripe events your application requires to the new webhook in your Stripe dashboard.
  3. Disable the old webhook in your Stripe dashboard.
  4. Enable the new webhook in your Stripe dashboard.
  5. Re-enable the new webhook secret by re-adding the STRIPE_WEBHOOK_SECRET environment variable in production with the secret from the new webhook.
  6. Remove the old webhook in your Stripe dashboard.

After following this process, your new webhook will be active and ready to receive events.

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)