Releases: craftcms/commerce
Releases · craftcms/commerce
5.6.5
- Cart requests that include a
couponCodeparam are now rate-limited. - Fixed a bug where redundant database queries could be executed when no subscription plans existed. (#4285)
- Fixed an error that occurred when executing a GraphQL query with
relatedTo*arguments withinhasProductorhasVariantfields. (#4297) - Fixed moderate-severity enumeration vulnerability. (GHSA-h5gm-x9wr-vhcm)
- Fixed low-severity business logic vulnerability. (GHSA-78vr-q6cf-c7p6)
4.11.2
- Cart requests that include a
couponCodeparam are now rate-limited. - Fixed moderate-severity enumeration vulnerability. (GHSA-h5gm-x9wr-vhcm)
- Fixed low-severity business logic vulnerability. (GHSA-78vr-q6cf-c7p6)
5.6.4
5.6.4
This tag was signed with the committer’s verified signature.
nfourtythree
Nathaniel Hammond
18cdd82
This commit was signed with the committer’s verified signature.
nfourtythree
Nathaniel Hammond
- Fixed a SQL error that occurred when processing a fulfillment on PostgreSQL. (#4291)
- Fixed a bug where custom field layout tabs were duplicated in the tab overflow menu on order edit pages. (#4293)
- Fixed a bug where the “Set default variant” action wasn’t immediately reflected in the variant index. (#4294)
- Fixed a PHP error that occurred when variants were missing an inventory item. (#3837)
4.11.1
- PDF download tokens now use Craft’s native token expiry.
5.6.3
5.6.3
This tag was signed with the committer’s verified signature.
brandonkelly
Brandon Kelly
d023ccb
This commit was signed with the committer’s verified signature.
brandonkelly
Brandon Kelly
- Improved product query performance. (#4281)
- PDF download tokens now use Craft’s native token expiry.
- Fixed a bug where the “Commerce” page within user account settings wasn’t retaining view options for orders, carts, and subscriptions.
- Fixed a PHP error that could occur when editing field layouts that contained Commerce Products fields. (#4282)
- Fixed a deadlock that could occur when saving products with many variants concurrently. (#4287)
5.6.2
5.6.2
This tag was signed with the committer’s verified signature.
lukeholder
Luke Holder
60575ae
This commit was signed with the committer’s verified signature.
lukeholder
Luke Holder
- Improved the performance of migrations when upgrading to Commerce 5. (#4277)
- Fixed a bug where variants weren’t getting saved if their auto-generated SKU wasn’t unique. (#4249)
- Fixed a PHP error that could occur when marking an inventory transfer as pending. (#4267)
- Fixed a bug where reordering disabled variants wasn’t working properly. (#4270)
- Fixed a bug where
craft\commerce\services\Carts::forgetCart()wasn’t working ifgetCart()was subsequently called. (#4279)
5.6.1.1
5.6.1.1
This tag was signed with the committer’s verified signature.
lukeholder
Luke Holder
c6f67e1
This commit was signed with the committer’s verified signature.
lukeholder
Luke Holder
4.11.0.1
4.11.0.1
This tag was signed with the committer’s verified signature.
lukeholder
Luke Holder
04797b8
This commit was signed with the committer’s verified signature.
lukeholder
Luke Holder
5.6.1
5.6.1
This tag was signed with the committer’s verified signature.
lukeholder
Luke Holder
6b9941b
This commit was signed with the committer’s verified signature.
lukeholder
Luke Holder
- Gateway edit screens now include billing and shipping address conditions. (#4259)
- Variant cards can now have “Default”, “Promotable”, and “Available for purchase” attributes.
- Fixed a bug where PDF URLs could have an incorrect domain. (#4248)
- Fixed a bug where user profile screens weren’t showing suspended and failed-to-start subscriptions. (#4219)
- Fixed a bug where carts weren’t respecting the
COMMERCE_PAYMENT_CURRENCYPHP constant. - Fixed a bug where variants’ tax and shipping category dropdowns weren’t respecting product type restrictions. (#4258)
5.6.0
5.6.0
This tag was signed with the committer’s verified signature.
brandonkelly
Brandon Kelly
83b7248
This commit was signed with the committer’s verified signature.
brandonkelly
Brandon Kelly
Administration
- Added the “UI Label Format” and “Variant UI Label Format” settings to product types. (#4178)
Extensibility
- Added
relatedToProductsandrelatedToVariantsGraphQL query arguments, enabling queries for elements related to specific products or variants. (#4202) - Added
craft\commerce\elements\db\ProductQuery::$savable. - Added
craft\commerce\elements\db\ProductQuery::savable(). - Added
craft\commerce\elements\db\VariantQuery::$savable. - Added
craft\commerce\elements\db\VariantQuery::editable(). - Added
craft\commerce\elements\db\VariantQuery::savable(). - Added
craft\commerce\helpers\ProductQuery::cleanseQueryCriteria(). - Added
craft\commerce\services\ShippingRuleCategories::getShippingRuleCategoriesByRuleIds(). - Added
craft\commerce\services\ShippingRuleCategories::getShippingRuleCategoriesByRuleIds(). craft\commerce\elements\db\ProductQuery::$editableis now nullable.craft\commerce\elements\db\VariantQuery::$editableis now nullable.
System
- Craft Commerce now requires Craft CMS 5.9.15 or later.
- Cart numbers are now generated using a cryptographically secure random number generator.
- Cart controller actions that accept an explicit cart number are now rate limited to mitigate enumeration attacks.
- Shipping rule categories are now eager loaded on shipping rules automatically. (#4220)
- Improved product index performance by not eager-loading variants for table attributes that are already fetched via SQL joins. (#4236)
- Fixed a bug where coupon codes were submitted too early while being entered on order edit screens.
- Fixed a bug where variants with empty SKUs didn’t show validation errors when saving a product after it was duplicated. (#4197)
- Fixed high-severity SQL injection vulnerabilities. (GHSA-875v-7m49-8x88, GHSA-r54v-qq87-px5r)
- Fixed a low-severity information disclosure vulnerability. (GHSA-3vxg-x5f8-f5qf)