Release v6.6.6.1

See the UPGRADE.md for all important technical changes.

• NEXT-33697 - Fix product slider unwanted slides on slider item clicks
• NEXT-31669 - Cache name fix
• NEXT-37673 - Improve data hash for calculation of product prices in cart
• NEXT-38216 - fix base-slider plugin _initAccessibilityTweaks method (Carlo Cecco)
• NEXT-38252 - Fix duplicate save-edits method error when saving order

Release v6.5.8.14

See the UPGRADE.md for all important technical changes.

• NEXT-34155 - Search for a composer.json in custom/static-plugins/
• NEXT-37462 - Upsert custom fields in app lifecycle
• NEXT-37684 - Fix updating thumbnails in strict mode (Philipp Zabel)
• NEXT-37480 - Fix issue promotions with rules cannot apply
• NEXT-37571 - Validate VAT Reg.No. format does not work correct
• NEXT-37600 - Change typehint in MediaUrlPlaceholderHandler
• NEXT-37593 - Fix issue promotions are not applied anymore when the max. uses per customer is reached
• NEXT-27410 - Fix price validation in custom fields
• NEXT-37567 - Sign static iframe module src
• NEXT-37991 - Fix many to many filtered join to same table
• NEXT-37745 - Undefined TCPDF constant caused by opcache preloading
• NEXT-38012 - Prevent overwriting of media path
• NEXT-37456 - Fix generate individual code more than 25 items
• NEXT-38050 - Add missing GROUP BY to EntityReader
• NEXT-38080 - Add criteria nesting level

Release v6.6.6.0

See the UPGRADE.md for all important technical changes.

• NEXT-28114 - Rework Storefront pagination to use anchor links
• NEXT-34379 - Add Email Idn handling
• NEXT-37350 - Allow attributed entity to have a many to many association with versioned entities (Nicky Gerritsen)
• NEXT-37127 - Add the possibility to add other test namespaces to the FeatureFlagExtension
• NEXT-36869 - Added 3D Viewer light intensity in Media config
• NEXT-33271 - Exclude custom fields of type text from possible float casting
• NEXT-37386 - Abstract and reduce rule condition components (Justus Maier)
• NEXT-37370 - Media thumbnails load incorrectly when switching remote thumbnail setting from disabled to enabled
• NEXT-37348 - Fix shipping address in order detail work not correct after changes
• NEXT-37418 - Add media option to dynamic url field (Elias Lackner)
• NEXT-35061 - Allow template to load without custom form type
• NEXT-37382 - Silently ignore admin ES errors
• NEXT-37467 - Improve admin component override logic (Benjamin Wittwer)
• NEXT-36117 - Affiliate and campaign code editable
• NEXT-36102 - Fix product slider not displaying products from dynamic product groups
• NEXT-37454 - Ignore old js script files during theme compile
• NEXT-26717 - Improve listing filter accessibility for screen readers
• NEXT-37443 - Only cast custom fields to floats when they are number types
• NEXT-37512 - Fix cms product slider offsetWidth error (Elias Lackner)
• NEXT-37464 - Fix accessibility violations according to AXE report
• NEXT-37146 - Fix customer groups seo url display
• NEXT-36445 - Fix missing salutation error when creating a customer
• NEXT-37462 - Upsert custom fields in app lifecycle
• NEXT-33696 - Improve focus handling for modal and offcanvas content
• NEXT-37272 - Replace assignment count in cms layout listing
• NEXT-37277 - Update @shopware-ag/meteor-icon-kit dependency
• NEXT-37525 - Allow empty tax provider results
• NEXT-26712 - Add visible focus states for wishlist buttons
• NEXT-26714 - Add language to reviews
• NEXT-37412 - Added a customer before delete flow trigger
• NEXT-37588 - Exclude folder categories from sitemap (Elias Lackner)
• NEXT-33697 - Improve the accessibility of slider elements
• NEXT-26682 - The user needs to be able to close triggered, additional content
• NEXT-37362 - Add system healthchecks structure
• NEXT-37684 - Fix updating thumbnails in strict mode (Philipp Zabel)
• NEXT-37667 - Add integration tests covering searching and reading translated entities (Sven Münnich)
• NEXT-33693 - Improve accessibility of image zoom modal
• NEXT-37699 - Add visibility to cms block defaults (Max)
• NEXT-37109 - Adjusted time zone hint at datepicker component
• NEXT-37605 - Allow singular shipping address in register route
• NEXT-37100 - Enforce message queue size
• NEXT-00000 - Add max length constant of text to ElasticSearch indexing (Marcus Müller)
• NEXT-37666 - Fix minor changelog linting and creation issues (Marcus Müller)
• NEXT-31802 - Fixed the currency display in account orders to use the correct currency of the order
• NEXT-37480 - Fix issue promotions with rules cannot apply
• NEXT-37571 - Validate VAT Reg.No. format does not work correct
• NEXT-26680 - Improved text scaling of the Storefront
• NEXT-37673 - Dont save cart on any request
• NEXT-37600 - Change typehint in MediaUrlPlaceholderHandler
• NEXT-33689 - Improved registration form accessibility
• NEXT-37559 - Removed language dropdown from Settings > Basic Information
• NEXT-37720 - Fix data-grid column ordering (Elias Lackner)
• NEXT-37593 - Fix issue promotions are not applied anymore when the max. uses per customer is reached
• NEXT-27410 - Fix price validation in custom fields
• NEXT-37567 - Sign static iframe module src
• NEXT-37724 - add-composer-name-to-plugin-list-command
• NEXT-31669 - Cache tagging
• NEXT-34338 - improve-cms-product-slider-variant-display
• NEXT-37715 - Make the promotionId within Order-Line-Item definition writable for AdminAPI
• NEXT-37759 - Improving admin performance for layouts with many elements
• [NEXT-37713 - Fix d...

Security Release v6.6.5.1

The following security issues have been fixed with this release:

• Blind SQL-injection in DAL aggregations (GHSA-p6w9-r443-r752)
• Server Side Template Injection in Twig using Context functions (GHSA-35jp-8cgg-p4wj)
• Server Side Template Injection in Twig using deprecation silence tag (GHSA-27wp-jvhw-v4xp)
• Improper Access Control with ManyToMany associations in store-api (GHSA-hhcq-ph6w-494g)

---

See the UPGRADE.md for all important technical changes.

• NEXT-37399 - Context object improvements
• NEXT-37397 - Improve aggregation name validation
• NEXT-37398 - Improve feature silent token validation
• NEXT-37545 - Fix filtering via decoration for payment and shipping method route
• NEXT-37555 - Change typehint in MediaUrlPlaceholderHandler (tinect)

Security Release v6.5.8.13

The following security issues have been fixed with this release:

• Blind SQL-injection in DAL aggregations (GHSA-p6w9-r443-r752)
• Server Side Template Injection in Twig using Context functions (GHSA-35jp-8cgg-p4wj)
• Server Side Template Injection in Twig using deprecation silence tag (GHSA-27wp-jvhw-v4xp)
• Improper Access Control with ManyToMany associations in store-api (GHSA-hhcq-ph6w-494g)

---

See the UPGRADE.md for all important technical changes.

• NEXT-34410 - Allow Twig array filters to accept null (Max)
• NEXT-34301 - Changed default recipient for mails send via the Flow Builder on the product review send trigger
• NEXT-36433 - Fix the inability to use admin order when the system default language is not available in the sales channel
• NEXT-35343 - The selected order language is not saved for a manually created orders
• NEXT-36924 - Fix StoreApiSeoResolver priority and add context check before accessing it (Marcel Romeike)
• NEXT-37034 - Fix automatically applied promotions does not work after save the order
• NEXT-37175 - Set correct asset path for bundle assets
• NEXT-37399 - Context object improvements
• NEXT-37348 - Fix shipping address in order detail work not correct after changes
• NEXT-37397 - Improve aggregation name validation
• NEXT-37398 - Improve feature silent token validation
• NEXT-36445 - Fix missing salutation error when creating a customer
• NEXT-37525 - Allow empty tax provider results

Release v6.6.5.0

See the UPGRADE.md for all important technical changes.

• NEXT-37141 - Add toggle to choose generate variants or only add variants (Alexander Menk)
• NEXT-0000 - Remove category criteria for editor links (Max)
• NEXT-337778 - Order placed incorrectly
• NEXT-37361 - Show all property filters when filterable properties are not restricted (Max)
• NEXT-31047 - Improve payment handlers & general payment process
• NEXT-21273 - Add Media Option to CMS Link Selector (Alexander Menk)
• NEXT-35756 - Add error handling to HttpClient service
• NEXT-34674 - Elasticsearch with special chars
• NEXT-36854 - Add customer impersonation (Benjamin Wittwer)
• NEXT-37357 - Improve admin login session (Benjamin Wittwer)
• NEXT-35618 - Fixed the headline for SEO in product detail page
• NEXT-36499 - Fix cms data mapping for nested translations (Christoph Pötz)
• NEXT-36528 - Add intra-community delivery label to all tax relevant documents (Marina Egner)
• NEXT-36872 - Add path required to run profiler to storefront url whitelist (Benedikt Brunner)
• NEXT-373559 - Run unit-setup in admin:unit:watch command (Max)
• NEXT-36782 - Add storage name to entity attributes
• NEXT-34382 - Fix company addresses to be shown twice
• NEXT-34808 - Total in cancellation invoices should be negative
• NEXT-36424 - Fix no matching sales channel found when creating order
• NEXT-35776 - Added URI to environment information
• NEXT-36982 - Fix media url loader with unset thumbnails (Elias Lackner)
• NEXT-35343 - The selected order language is not saved for a manually created orders
• NEXT-36983 - Add mediaUpdatedAt to thumbnailPattern for disabled thumbnail generation (tinect)
• NEXT-37360 - Fix administration input of linked prices and comma values (Max)
• NEXT-36924 - Fix StoreApiSeoResolver priority and add context check before accessing it (Marcel Romeike)
• NEXT-36876 - Fixed typo in language-widget
• NEXT-16551 - Add order and customer number filters to admin lists
• NEXT-36774 - Fix $super call stack exception
• NEXT-34642 - Add default value for augmented-reality media
• NEXT-36534 - Bulk edit with more than 25 selections broken
• NEXT-37067 - Fix dead form serialize utility guard (Justus Maier)
• NEXT-26705 - Add skip to content link to improve a11y
• NEXT-00000 - Fix performance issues in EntityLoadedEventFactory (Cedric Engler)
• NEXT-36837 - Fix rule condition price listprice percentage ratio to actually use ratios
• NEXT-12399 - Improve product search term scoring on exact matches (Elias Lackner)
• NEXT-37145 - Add twig blocks to sw-order-create-general-info.html.twig (Jörg Lautenschlager)
• NEXT-36862 - Adjust AR icon label and 3D placeholder
• NEXT-36927 - Don't remove cache cookies for 404 pages
• NEXT-37104 - Improve wishlist user experience (Elias Lackner)
• NEXT-16807 - Search by product number
• NEXT-37123 - Update Github playwright test image (Max)
• NEXT-30132 - Add API routes list endpoint
• NEXT-33726 - Allow adding default values to custom entities
• NEXT-34309 - Enhance plugin:list command output with information about plugins required by composer
• NEXT-31209 - Increase app payment timeout to 20 s
• NEXT-37072 - Only cleanup successfully delivered or permanently failed webhook events
• NEXT-37121 - Search by product number should redirect to detail page
• NEXT-36809 - Deprecate sw-select-number-field component
• NEXT-37034 - Fix automatically applied promotions does not work after save the order
• NEXT-37140 - Limit search term length for mysql search
• NEXT-37143 - Merge search preferences
• NEXT-37327 - Open Shopping Experience section settings when clicking on "Setting" in the context menu (Max)
• NEXT-37095 - Avoid negative reviews offset
• NEXT-37170 - Fix GitHub Jest & Lint workflows (Benjamin Wittwer)
• NEXT-21275 - Removed customer default payment method
• NEXT-37175 - Set correct asset path for bundle assets
• NEXT-37298 - Cleanup ACL rules for default layouts (Max)
• [NEXT-37237 - Fix admin customer sales channel & acl checks](./changelog/release-6-6-5...

Security Release v6.6.4.1

See the UPGRADE.md for all important technical changes.

• NEXT-37140 - Limit search term length for mysql search

Release v6.5.8.12

See the UPGRADE.md for all important technical changes.

• NEXT-31890 - Fix Bulk Edit one to many associations length evaluation and infinite requests (Lily Berkow)
• NEXT-28322 - buld and variant retry (Pascal Thesing)
• NEXT-36441 - slotId ApiAware
• NEXT-36479 - Move routing overwrite
• NEXT-16551 - Add order and customer number filters to admin lists
• NEXT-36534 - Bulk edit with more than 25 selections broken
• NEXT-36927 - Don't remove cache cookies for 404 pages
• NEXT-31209 - Increase app payment timeout to 20 s
• NEXT-37072 - Only cleanup successfully delivered or permanently failed webhook events
• NEXT-37140 - Limit search term length for mysql search

Release v6.6.4.0

See the UPGRADE.md for all important technical changes.

• NEXT-33234 - Implement Custom Field entity select for dynamic product groups (Rafael Kraut)
• NEXT-30845 - Fix admin grid headline actions resizing on using context menus (Joshua Behrens)
• NEXT-26302 - Improve alert color contrast and accessibility
• NEXT-34217 - 2024-03-22-update-register-from-validation
• NEXT-00000 - Fix verify user modal (Benjamin Wittwer)
• NEXT-36418 - Add missing module warn message (Benjamin Wittwer)
• NEXT-33827 - Added autostart for spatial via qr code
• NEXT-36283 - Add names and company of addresses to customer admin es search index (Marcus Müller)
• NEXT-34463 - Disable thumbnail generation and use external service
• NEXT-33049 - enable fetching files from urls without file extensions
• NEXT-34293 - Add wrapper component for sw-popover
• NEXT-36403 - Added full partial fields path check
• NEXT-36529 - Disable icon cache for the wishlist product box (Max)
• NEXT-33627 - Add technical name to import/export profiles
• NEXT-36090 - Remove required setting of custom fields
• NEXT-36358 - Validation input of the options before searching variant
• NEXT-0000 - Improve OneToOneAssociationField error message to include the path (Max)
• NEXT-36279 - Broken initial pagination of property values in the administration
• NEXT-36441 - slotId ApiAware
• NEXT-33675 - Remove unwanted aria-live attributes from sliders
• NEXT-35831 - Add system config values via yaml
• NEXT-34301 - Changed default recipient for mails send via the Flow Builder on the product review send trigger
• NEXT-36477 - Currency dependent pricing modal is broken
• NEXT-36415 - Fix shipping costs can not changes after order is submitted
• NEXT-35896 - Improve rating widget accessibility and add alt texts
• NEXT-36838 - Add discount id check when collecting promotions (Jasper Peeters)
• NEXT-36433 - Fix the inability to use admin order when the system default language is not available in the sales channel
• NEXT-36479 - Move routing overwrite
• NEXT-33111 - Search icon and hamburger menu are not align
• NEXT-36704 - Cleanup line items on recalculation (Jasper Peeters)
• NEXT-36511 - Promotions will be created with an error thrown in the admin
• NEXT-36564 - Changed extension icon overflow to hidden (Max)
• NEXT-36738 - Fix cms form data not cleared from localstorage after submission (Paik Paustian)
• NEXT-00000 - Add debug info to mail header when staging mode is enabled (Melvin Achterhuis)
• NEXT-36555 - Add admin url to staging banner (Melvin Achterhuis)
• NEXT-33734 - Change migration selection mode
• NEXT-33734 - Drop column helper method
• NEXT-36668 - Fix attribute compiler pass
• NEXT-36695 - Add maker commands for plugin scaffolding (Raffaele Carelle)
• NEXT-26717 - Replace Viewport Helper html pseudo element to improve screen reader accessibility
• NEXT-29835 - Scalar type serialization while import
• NEXT-36670 - Fix self-referencing parents
• NEXT-36780 - Improve composer executions while plugin lifecycle
• NEXT-34393 - Fix that invoices always show incl vat
• NEXT-36523 - Add extension component in product detail, order detail, customer detail and dashboard page
• NEXT-36834 - Fix persist default permissions when switching customer
• NEXT-36700 - Replace Vuex with Pinia
• NEXT-36874 - Add new context request attribute on customer login

Release v6.6.3.1

See the UPGRADE.md for all important technical changes.

• NEXT-36780 - Improve composer executions during plugin lifecycle