v7.4.0

Minor Changes

• 9735d0c: Stop sending the privateMetafieldNamespaces field in webhook queries to avoid the API duplication warning, and added a new shopify.utils.versionPriorTo method to help with cases like this one where apps will need to stop doing something that was deprecated.
• 1d84c13: Add Web API runtime adapter

v7.3.1

Patch Changes

• a9ef2e2: Fix crypto module set up for node, so it doesn't break webpack apps
• 85e7478: [Internal] Improved tracking of webhook registration GraphQL calls

v7.3.0

Minor Changes

• 52047d6: Add optional parameter to billing.check and billing.request to modify return value to be a more detailed object.

• 9b8ef03: Added Subscription cancel capabilities for App Billing. Fixes #771

  Usage:

  const canceledSubscription = await shopify.billing.cancel({
    session,
    subscriptionId,
  });

  See Billing Guide for more details.

Patch Changes

• c700888: Deprecated privateMetafieldNamespaces field in HTTP webhook configurations
• b6e9f83: Add shop search param to default billing return URL for non-embedded apps
• 1867110: Return the performed operation for each handler when registering webhooks

v7.2.0

Minor Changes

• 57f3111: Add webhooks.validate method to support webhooks without callbacks
• 65eb416: Export BillingCheckParams, BillingRequestParams and session.getJwtSessionId

v7.1.0

Minor Changes

• 1a64d96: Added returnUrl as optional parameter to billing request function, improved returnUrl logic. See documentation of returnUrl parameter for more details.
• 89cca00: Discount functionality for App Billing. Fixes #731

Patch Changes

• 8de3c78: Removed setCrypto function to simplify runtimes

• 2628a7f: Add scopes validation for AuthScopes object and convert it to array. Fixes #1208, 1221

• d028ec0: Replace semver with compare-versions lib to reduce dependency on nodejs builtin-libs

• 7dcecb6: [Custom store apps only] Add new adminApiAccessToken parameter to config for when isCustomStoreApp is true. If set, it will be used for API access. apiSecretKey should now be set to the custom store app's API secret key, which is used to validate the HMAC of webhook events received from Shopify for a custom store app. Fixes #772, #800

  For apps that don't receive HTTP webhook events from Shopify, no change is required yet - apiSecretKey will be used for client authentication as the fallback option.

  Starting with the next major release

  • adminApiAccessToken will be mandatory for custom store apps and must be set to the Admin API access token
  • apiSecretKey will not be used for client authentication but must be set for HMAC validation of HTTP webhook events

  See setting up a custom store app for more details.

• 450c9e7: Add deprecation notice for removal of Node 14 support from next major release

• 9c095d1: Bumps jose from 4.13.1 to 4.14.1. See jose's changelog for more details.

• f04f0f6: apiKey configuration parameter is no longer mandatory when isCustomStoreApp is true. Fixes #782

• 464fd4f: Extend support for Event topic names

• e8966d5: Restoring REST resources for 2022-04, updates to certain resources for other API versions

• 8de6024: [Fix] Forward original graphql error message to client

• f09417c: Adds check for Google's Crawler in the authorization functions to prevent CookieNotFound error loops. Fixes #686

• cbffa2f: Add trial days and replacement behavior to usage billing mutation. Fixes #770

v7.0.0

Major Changes

• 5a68e4a: ⚠️ [Breaking] Return pagination info as part of .all() requests in REST resources, and remove the [PREV|NEXT]_PAGE_INFO static, thread unsafe attributes.
  Instead of returning a plain array of objects, it will now return an object containing that array, as well as the response headers and pagination info.

  This enables apps to use locally-scoped pagination info, which makes it possible to use pagination in a thread-safe way.

  You'll need to make 2 changes to use this version:

  1. Where you accessed resources from the response, you'll now access the data property.
  2. Where you accessed pagination data from the static variables, you'll now retrieve it from the response.

  const response = await shopify.rest.Product.all({
    /* ... */
  });
  
  // BEFORE
  const products: Product[] = response;
  const nextPageInfo = shopify.rest.Product.NEXT_PAGE_INFO;
  
  // AFTER
  const products: Product[] = response.data;
  const nextPageInfo = response.pageInfo?.nextPage;
  const responseHeaders = response.headers;

• fc2692f: ⚠️ [Breaking] Removing deprecated code:

  • The isPrivateApp param from shopifyApi() was removed in favour of isCustomStoreApp.
  • The isOnline param from shopify.auth.callback() was removed, because it's now handled automatically.

• 8acc71d: Adding support for 2023-04 API version.

  ⚠️ [Breaking] Removing support for 2022-04 and 2022-07 API versions.

• 2096f9e: The logger is now synchronous. This removes unnecessary await's from functions that use the logger but functionally don't need to await anything else. webhooks.addHandlers is the main impacted public method (it was async only because of the logging mechanism).

  Apps that use the default logging methods (which send to console) will not be impacted by this change. Apps that implement their own loggers may be impacted; async logging functions can still be used but they need to be handled as promises.

  // BEFORE
  const myLogFunction = async (severity, message) => {
    try {
      await MyService.log(severity, message);
      // After external call
    } catch {
      // Handle error
    }
  };
  
  // AFTER
  const myLogFunction = (severity, message) => {
    MyService.log(severity, message)
      .then(() => {
        // After external call
      })
      .catch(() => {
        // Handle error
      });
  };

Patch Changes

• f06912d: Bump jose from 4.11.2 to 4.13.1. See jose changelog for details.
• 89847ca: Bump @shopify/network from 1.5.1 to 3.2.1. See network changelog for details.
• 896ef0d: Add response headers to GraphqlQueryError. Fixes #553
• 97449f9: validateHmac will now check for a hmac or a signature query argument. Fixes #776