saleor
Saleor Core: the high performance, composable, headless commerce API.
BSD-3-CLAUSE License
Bot releases are visible (Hide)
Published by maarcingebala over 1 year ago
- Revert JWT expiration error code (#12253) (4864b4c0f)
- Fix create_replace_order for order lines with old_id (#12230) (bca311997)
Published by maarcingebala over 1 year ago
- Revert JWT expiration error code (#12248) (13b8e39d8)
Published by maarcingebala over 1 year ago
- Revert JWT expiration error code (#12251) (47335752b)
Published by maarcingebala over 1 year ago
- Revert JWT expiration error code (#12250) (06ff16aed)
Published by maarcingebala over 1 year ago
- Revert JWT expiration error code (#12249) (defda3608)
Published by maarcingebala over 1 year ago
- Fix JWT error codes (#12246) (545e7dc2d)
Published by IKarbowiak over 1 year ago
- Fix order shipping AvaTax tax calculations for JPY currency - #12234 by @IKarbowiak
- Do not require tax class for shipping tax calculation in AvaTax plugin - #12213 by @IKarbowiak
Published by IKarbowiak over 1 year ago
- Fix order shipping Avatax tax calculations for JPY currency - #12233 by @IKarbowiak
- Do not require tax class for shipping tax calculation in AvaTax plugin - #12211 by @IKarbowiak
- Fix integrity error with returning products with old ids - #12205 by @jakubkuc
- Fix deadlock between Adyen webhook and
checkoutComplete- #12200 by @korycins - Fix invalid discount calculation for specific product voucher that is applied once per order - #12197 by @IKarbowiak
- Fix loading
related_orderwhen related id is the oldorder_id- #12173 by @kadewu
Published by IKarbowiak over 1 year ago
- Fix order shipping Avatax tax calculations for JPY currency - #12232 by @IKarbowiak
- Do not require tax class for shipping tax calculation in AvaTax plugin - #12210 by @IKarbowiak
- Fix integrity error with returning products with old ids - #12204 by @jakubkuc
- Fix deadlock between Adyen webhook and
checkoutComplete- #12199 by @korycins - Fix invalid discount calculation for specific product voucher that is applied once per order - #12196 by @IKarbowiak
- Fix loading
related_orderwhen related id is the oldorder_id- #12172 by @kadewu
Published by IKarbowiak over 1 year ago
- Fix order shipping AvaTax tax calculations for JPY currency - #12231 by @IKarbowiak
- Do not require tax class for shipping tax calculation in AvaTax plugin - #12190 by @IKarbowiak
Published by maarcingebala over 1 year ago
Welcome to the 3.12 release of Saleor!
Breaking changes
-
Change the discount rounding mode - #12041 by @IKarbowiak
- Change the rounding mode from
ROUND_DOWNtoROUND_HALF_UP- it affects the discount amount and total price of future checkouts and orders with a percentage discount applied.
The discount amount might be 0.01 greater, and the total price might be 0.01 lower. E.g. if you had an order for $13 and applied a 12.5% discount, you would get $11.38 with a $1.62 discount, but now it will be calculated as $11.37 with $1.63 discount.
- Change the rounding mode from
-
Include specific products voucher in checkout discount - #12191 by @IKarbowiak
- Make the
specific productandapply once per ordervoucher discounts visible on theCheckout.discountfield.
Previously, the discount amount for these vouchers was shown as 0.
- Make the
-
stocksandchannelListingsinputs for previewProductVariantBulkUpdatemutation have been changed. Both inputs have been extended with:-
createinput - list of items that should be created -
updateinput - list of items that should be updated -
removeinput - list of objects ID's that should be removed
If your platform relies on this preview feature, make sure you update your mutations stocks and channel listings inputs from:
{ "stocks/channelListings": [ { ... } ] }to:
{ "stocks/channelListings": { "create": [ { ... } ] } } -
-
Media and image fields now default to returning 4K thumbnails instead of original uploads - #11996 by @patrys
GraphQL API
- Add support for AVIF images, added
AVIFandORIGINALtoThumbnailFormatEnum- #11998 by @patrys - Add support for bulk saving all attributes types in
BulkAttributeValueInput- #12095 by @SzymJ - Add the possibility to remove
stocksandchannel listingsinProductVariantBulkUpdatemutation. - Move
orderSettingsquery toChanneltype - #11417 by @kadewu:- Mutation
Channel.channelCreateandChannel.channelUpdatehave neworderSettingsinput. - Deprecate
Shop.orderSettingsquery. UseChannel.orderSettingsquery instead. - Deprecate
Shop.orderSettingsUpdatemutation. UseChannel.channelUpdateinstead.
- Mutation
- Add meta fields to
ProductMediamodel - #11894 by @zedzior - Make
oldPasswordargument onpasswordChangemutation optional; support accounts without usable passwords - @11999 by @rafalp - Introduce custom headers for webhook requests - #11978 by @zedzior
- Fix saving
metadatainProductVariantBulkCreateandProductVariantBulkupdatemutations - #12097 by @SzymJ - Improve GraphQL playground by storing headers in the local storage - #12176 by @zaiste
- Fixes for GraphiQL playground - #12192 by @zaiste
Other changes
- Enhance webhook's subscription query validation. Apply the validation and event inheritance to manifest validation - #11797 by @zedzior
- Fix GraphQL playground when the
operationNameis set across different tabs - #11936 by @zaiste - Add new asynchronous events related to media - #11918 by @zedzior
PRODUCT_MEDIA CREATEDPRODUCT_MEDIA_UPDATEDPRODUCT_MEDIA_DELETEDTHUMBNAIL_CREATED
- CORS is now handled in the ASGI layer - #11415 by @patrys
- Added native support for gzip compression - #11833 by @patrys
- Set flat rates as the default tax calculation strategy - #12069 by @maarcingebala
- Enables flat rates for channels in which no tax calculation method was set.
- Users created by the OIDC plugin now have unusable password set instead of empty string - #12103 by @rafalp
Published by maarcingebala over 1 year ago
- Fix
create_replace_orderfor order lines withold_id(#12194) (6945a26b2)
Published by korycins over 1 year ago
- Fix deadlock between adyen webhook and checkoutComplete (#12195) (b0d293d83f)
- Fix invalid discount calculaion for specific product voucher that is applied once per order (#12122) (4d418b41eb)
Published by NyanKiyoshi over 1 year ago
CVE-2023-26051: Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Severity: medium
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Affected versions: Saleor ≥ 2.0.0
CVE-2023-26052: Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Severity: low
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests.
Affected versions: Saleor ≥ 2.0.0
Full Changelog: https://github.com/saleor/saleor/compare/3.11.11...3.11.12
Published by NyanKiyoshi over 1 year ago
CVE-2023-26051: Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Severity: medium
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Affected versions: Saleor ≥ 2.0.0
CVE-2023-26052: Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Severity: low
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests.
Affected versions: Saleor ≥ 2.0.0
Full Changelog: https://github.com/saleor/saleor/compare/3.10.13...3.10.14
Published by NyanKiyoshi over 1 year ago
CVE-2023-26051: Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Severity: medium
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Affected versions: Saleor ≥ 2.0.0
CVE-2023-26052: Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Severity: low
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests.
Affected versions: Saleor ≥ 2.0.0
Full Changelog: https://github.com/saleor/saleor/compare/3.9.26...3.9.27
Published by NyanKiyoshi over 1 year ago
CVE-2023-26051: Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Severity: medium
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Affected versions: Saleor ≥ 2.0.0
CVE-2023-26052: Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Severity: low
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests.
Affected versions: Saleor ≥ 2.0.0
Full Changelog: https://github.com/saleor/saleor/compare/3.8.29...3.8.30
Published by NyanKiyoshi over 1 year ago
CVE-2023-26051: Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Severity: medium
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Affected versions: Saleor ≥ 2.0.0
CVE-2023-26052: Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Severity: low
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests.
Affected versions: Saleor ≥ 2.0.0
Full Changelog: https://github.com/saleor/saleor/compare/3.7.58...3.7.59
Published by NyanKiyoshi over 1 year ago
CVE-2023-26051: Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Severity: medium
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Affected versions: Saleor ≥ 2.0.0
CVE-2023-26052: Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Severity: low
Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests.
Affected versions: Saleor ≥ 2.0.0
Full Changelog: https://github.com/saleor/saleor/compare/3.1.47...3.1.48
Published by NyanKiyoshi over 1 year ago
What's Changed
- Fix CI by @maarcingebala in https://github.com/saleor/saleor/pull/12121
- Optimize order 0150_update_authorize_and_charge_status migration by @tomaszszymanski129 in https://github.com/saleor/saleor/pull/12080
- Optimize 0044_fulfill_checkout_line_new_fields migration by @tomaszszymanski129 in https://github.com/saleor/saleor/pull/12074
Full Changelog: https://github.com/saleor/saleor/compare/3.8.28...3.8.29