Changelog History
Page 4
-
v1.6.2 Changes
November 11, 2019- 🛠 #9931 [Payum] infinite loop on state machine exception fixed (@tautelis)
- #10733 Fix 10719 infinite order fixture loading (@igormukhingmailcom)
- 🛠 #10734 Added: TimestampableInterface to core TaxonInterface (fixes #10728) (@igormukhingmailcom)
- 📚 #10744 [Documentation][Book] Invoices (@CoderMaggie)
- #10748 Switch statement conditions (@mikemix)
- #10750 Fix compound form errors (@loic425)
- #10752 Translate attribute type on attributes grid (@loic425)
- 📄 #10755 [Docs] Add tag that stripe is outdated and add SCA note (@Tomanhez, @GSadee)
- ⬆️ #10760 Add JQuery Dirtyforms in UPGRADE-1.6.md (@maximehuran)
- #10761 Replace EntityManager#flush($entity) by EntityManager#flush() (@twojtylak)
- #10764 [Behat] Fix a typo on Paypal context (@loic425)
- 🚚 #10769 Remove unsupported RBAC plugin from command and docs (@GSadee)
- ⚡️ #10773 Update ad url (@kulczy)
- 🚚 #10776 [Behat] Remove final on product index and product variant index pages (@loic425)
- 0️⃣ #10781 Allow no default tax zone in channel fixtures (@pamil)
- ⚡️ #10784 [Docs] Installation guide update (@lchrusciel)
- #10790 [ShippingMethod] Do not allow to specify shipping charge below 0 (@Zales0123)
- 0️⃣ #10792 [Behat][Admin] Add scenarios for validating default locale for a channel (@GSadee)
- 0️⃣ #10793 [Admin][Channel] Validating default locale for a channel (@GSadee)
- #10805 [Addressing] Make sure the CountryNameExtension::translateCountryIsoCode() always returns a string (@vvasiloi)
- #10806 [Order] include order promotion adjustments in order promotion total (@vvasiloi)
- 🛠 #10819 Fixed: Typo/artifact (@igormukhingmailcom)
- #10820 Rename shop user factory to help autowiring (@loic425)
- #10821 Specify PHP version for SymfonyInsights (@pamil)
- 🚚 #10823 Remove unnecessary +x chmod on some files (@pamil)
- #10824 Use SessionInterface instead of Session in UserImpersonator (@pamil)
- 🔧 #10825 Fixed: Typo at grid configuration example (@igormukhingmailcom)
- ✅ #10826 Execute PHPUnit tests inside AdminApiBundle (@pamil)
- 🔧 #10832 Do not merge promotion action configuration (@pamil)
-
v1.6.1
October 09, 2019 -
v1.6.0 Changes
July 29, 2019- #10165 Product attribute fixtures improvements (@Zales0123, @pamil)
- #10401 Psalm (@loic425, @pamil)
- #10464 Do not crash when duplicated locales are passed to the fixture (@pamil)
- 👍 #10467 Drop support for Symfony 4.1 and 4.2 (@pamil)
- 🚚 #10468 Remove Symfony workarounds and add conflicts (@pamil)
- #10471 Add footer with Sylius version to the admin panel (@kulczy)
- #10472 [Admin] Index of payments (@Tomanhez)
- ⚡️ #10473 Update docs to follow Symfony 4 standards (@pamil)
- #10477 Improve bulk actions (@kulczy, @AdamKasp)
- #10482 [Promotion] Fix Action creation doc (@pierre-H)
- #10483 [Admin]Admin choose channel in product show page (@Tomanhez)
- 🛠 #10484 [Admin] Minor fixes payment shipment (@Tomanhez)
- #10485 [Promotion] Coupon prefix and suffix (@Zales0123)
- 🗄 #10488 Marked router dependency as deprecated in admin ImpersonateUserController (@SebLours)
- 👕 #10489 Make it possible to have no shipping methods for Order fixtures (@TiMESPLiNTER)
- #10491 [Admin] Form validation error (@Tomanhez)
- 🛠 #10492 [Admin] Minor fixes customer group validation form (@Tomanhez)
- 💻 #10494 [UI] Fix button groups radius (@kulczy)
- ⬆️ #10496 [UPGRADE] Mention locale requirement change in UPGRADE-1.5 (@Zales0123)
- 🛠 #10497 Minor Fixes - Admin choose channel in product show page (@Tomanhez)
- #10498 Add search bar css rule for Firefox (@aloupfor)
- #10499 [Admin] Fix css file (@GSadee)
- ⏪ #10508 Revert "Make it possible to have no shipping methods for Order fixtures" (@lchrusciel)
- #10509 [Admin] Add link to product in variant breadcrumb (@Tomanhez)
- #10510 Add avatar preview (@kulczy)
- #10514 [Admin] In sections : edit variant and edit product add button product show page in shop (@Tomanhez)
- #10516 Fix Psalm false-positives (@pamil)
- #10517 [Grid] Allow not to pass "apply_transition" button class (@Zales0123)
- #10518 [Admin] Unify order link in Orders, Payments, Shipments (@Tomanhez)
- #10520 [Admin] Unify payment and shipment labels (@GSadee)
- #10521 [Admin][Product] Disable show in shop button when product is disabled (@GSadee)
- #10522 Fix 'disabled' label (@kulczy)
- #10525 Bump lodash from 4.17.11 to 4.17.14 (@dependabot[@bot])
- #10529 [Fixtures] Improve fixtures. (@AdamKasp)
- 💻 #10531 Improve filters UI (@kulczy)
- #10534 [Fixtures] Variant name now is concatenated options value. (@AdamKasp)
- #10535 [Shop] Fix passed channel context service to be composite (@GSadee)
- 🔌 #10536 [Docs] Make Plugins and Plugin Development Guide more visible (@CoderMaggie)
- #10539 [Fixtures] Add tax category to product. (@AdamKasp)
- ⚡️ #10541 Update README.md (@AdamKasp)
- #10542 [Fixtures] Product fixtures in yaml. (@AdamKasp)
- #10546 Improve filters (@kulczy)
- 🚑 #10548 [HotFix?] Move mysql service to fix the build (@Zales0123)
-
v1.6.0-RC.1
August 27, 2019 -
v1.6.0-ALPHA.2 Changes
July 29, 2019- #10165 Product attribute fixtures improvements (@Zales0123, @pamil)
- #10401 Psalm (@loic425, @pamil)
- #10464 Do not crash when duplicated locales are passed to the fixture (@pamil)
- 👍 #10467 Drop support for Symfony 4.1 and 4.2 (@pamil)
- 🚚 #10468 Remove Symfony workarounds and add conflicts (@pamil)
- #10471 Add footer with Sylius version to the admin panel (@kulczy)
- #10472 [Admin] Index of payments (@Tomanhez)
- ⚡️ #10473 Update docs to follow Symfony 4 standards (@pamil)
- #10477 Improve bulk actions (@kulczy, @AdamKasp)
- #10482 [Promotion] Fix Action creation doc (@pierre-H)
- #10483 [Admin]Admin choose channel in product show page (@Tomanhez)
- 🛠 #10484 [Admin] Minor fixes payment shipment (@Tomanhez)
- #10485 [Promotion] Coupon prefix and suffix (@Zales0123)
- 🗄 #10488 Marked router dependency as deprecated in admin ImpersonateUserController (@SebLours)
- 👕 #10489 Make it possible to have no shipping methods for Order fixtures (@TiMESPLiNTER)
- #10491 [Admin] Form validation error (@Tomanhez)
- 🛠 #10492 [Admin] Minor fixes customer group validation form (@Tomanhez)
- 💻 #10494 [UI] Fix button groups radius (@kulczy)
- ⬆️ #10496 [UPGRADE] Mention locale requirement change in UPGRADE-1.5 (@Zales0123)
- 🛠 #10497 Minor Fixes - Admin choose channel in product show page (@Tomanhez)
- #10498 Add search bar css rule for Firefox (@aloupfor)
- #10499 [Admin] Fix css file (@GSadee)
- ⏪ #10508 Revert "Make it possible to have no shipping methods for Order fixtures" (@lchrusciel)
- #10509 [Admin] Add link to product in variant breadcrumb (@Tomanhez)
- #10510 Add avatar preview (@kulczy)
- #10514 [Admin] In sections : edit variant and edit product add button product show page in shop (@Tomanhez)
- #10516 Fix Psalm false-positives (@pamil)
- #10517 [Grid] Allow not to pass "apply_transition" button class (@Zales0123)
- #10518 [Admin] Unify order link in Orders, Payments, Shipments (@Tomanhez)
- #10520 [Admin] Unify payment and shipment labels (@GSadee)
- #10521 [Admin][Product] Disable show in shop button when product is disabled (@GSadee)
- #10522 Fix 'disabled' label (@kulczy)
- #10525 Bump lodash from 4.17.11 to 4.17.14 (@dependabot[@bot])
- #10529 [Fixtures] Improve fixtures. (@AdamKasp)
- 💻 #10531 Improve filters UI (@kulczy)
- #10534 [Fixtures] Variant name now is concatenated options value. (@AdamKasp)
- #10535 [Shop] Fix passed channel context service to be composite (@GSadee)
- 🔌 #10536 [Docs] Make Plugins and Plugin Development Guide more visible (@CoderMaggie)
- #10539 [Fixtures] Add tax category to product. (@AdamKasp)
- ⚡️ #10541 Update README.md (@AdamKasp)
- #10542 [Fixtures] Product fixtures in yaml. (@AdamKasp)
- #10546 Improve filters (@kulczy)
- 🚑 #10548 [HotFix?] Move mysql service to fix the build (@Zales0123)
-
v1.6.0-ALPHA.1 Changes
June 24, 2019🚀 Stable v1.6.0 release is scheduled for late August according to our release process.
- #10296 Product show page (@kulczy, @AdamKasp)
- 0️⃣ #10342 [Fixture] Togglable default locale loading (@lchrusciel)
- #10355 Adding a coupon generator command (@mamazu)
- #10361 Change master branch to v1.6.0-DEV (@pamil)
- #10383 [Behat] Make feature filenames consistent with others (@GSadee)
- #10388 Fix product show page margins (@kulczy)
- 🛠 #10391 [Admin][Product] Show page fixes (@AdamKasp)
- #10392 improved code quality (@oallain)
- 🔧 #10393 [Docs] Describe available configuration options for locale fixture (@lchrusciel)
- #10396 [Admin] Avoid javascript in saving positions (@Zales0123)
- #10399 Add info into install command about need of setting the locale in symfony config (@Holicz)
- #10400 Add discounts and totals in the cart (@kulczy, @bartoszpietrzak1994)
- #10406 [Fixtures] Added random generated order complete date (@AdamKasp)
- 🔒 #10409 Create SECURITY.md (@gabiudrescu, @pamil)
- 💻 #10417 [Admin] Order summary UI + discounts and taxes viewing logic (@kulczy, @AdamKasp)
- #10419 Add prices and discounts to the order summary box (@kulczy)
- #10420 Change order summary table (@kulczy, @AdamKasp)
- #10429 Add admin user avatar placeholder (@kulczy)
- #10438 Keep all prices in the same currency in checkout (@pamil)
- 🚚 #10441 [Inventory][Product] Move inventory to new tab (@AdamKasp)
- #10442 Add an alert about unsaved changes (@kulczy)
- #10443 Unify shipping row on the order summary table (@kulczy)
- #10444 Change dashboard view (@kulczy, @pamil)
- #10449 Administrator's avatar (@Tomanhez, @Zales0123)
- 🔧 #10451 [Admin] Add possibility to configure custom index route in routing (@GSadee)
- 🗄 #10453 Fix deprecation notice (@loevgaard)
- 💻 #10455 Improve admin product show page UI (@kulczy, @AdamKasp, @GSadee)
- #10460 AvatarImage Doctrine mapping fix (@bartoszpietrzak1994)
- #10461 Fix product show page elements (@kulczy)
-
v1.5.9 Changes
January 27, 2020CVE-2020-5218: Ability to switch channels via GET parameter enabled in production environments
⚡️ Please refer to the original security advisory for the most updated information.
Impact:
This vulnerability gives the ability to switch channels via the
_channel_code
GET parameter in production environments. This was meant to be enabled only when%kernel.debug%
is set to true.🔧 However, if no
sylius_channel.debug
is set explicitly in the configuration, the default value which is%kernel.debug%
will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false.Patches:
Patch has been provided for Sylius 1.3.x and newer - 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore.
↪ Workarounds:
🔧 Unsupported versions could be patched by adding the following configuration to run in production:
sylius\_channel: debug: false
Details
- #9050 Added LazyCustomerLoader for OrderType of SyliusAdminApiBundle (@jdeveloper, @lchrusciel)
- #9844 Fix ShippingPercentageDiscountPromotionActionCommand.php (@cosyz2010, @Zales0123)
- #10863 [SyliusUserBundle] Improve output of Promote/DemoteUserCommand (@markbeazley)
- #10901 Fix missing colon (@reyostallenberg)
- 🛠 #10909 [Taxation] [Shipping] Fixed issue with shipping zones available to select in tax rate form (and the other way) (@plewandowski)
- 📚 #10916 [Docs] Improve platform.sh documentation for deployment (@Tomanhez)
- #10922 fix: api URI for getting single product detail (@hsharghi)
- ⚡️ #10923 [Maintenance] Update PR template with supported versions (@lchrusciel)
- 👕 #10926 Add lint:container command to the build & fix errors reported by it (@pamil)
- 📄 #10935 [Docs] Platform.sh cookbook refinement (@CoderMaggie)
- #10938 [Payum][Paypal] Use full price instead of discounted one (@Prometee)
- #10943 Yaml standards (@sspooky13, @pamil)
- 0️⃣ #10947 [Channel] Prevent from adding default tax zone of a channel in a different scope than tax or all (@GSadee)
- 🚧 #10961 [Maintenance] Remove shipping bundle from spec namespace config (@lchrusciel)
- #10963 Fix phpspec also on 1.5 (@Zales0123, @pamil)
- #10964 [Behat] Disallow w3c in Behat Selenium session (@Zales0123)
- 🔌 #10979 [Installation] Inform about BitBagCommerce/SyliusCmsPlugin after installing Sylius (@AdamKasp)
- 🚚 #10995 Move Taxation core service from TaxationBundle to CoreBundle (@hmonglee)
- 🔒 #11005 SyliusGridBundle downgrade lock (@Tomanhez, @lchrusciel)
- 🛠 #11006 [API] Fixed OrderController save action issue in not html requests (@pfazzi)
- #11013 Fix typo in PromotionCouponFactoryInterface (@pamil)
- 📚 #11019 [Documentation] Add hint about disabling autowire when extending a controller (@adrianmarte)
- 🚀 #11022 Clarify release process regarding PHP versions + update the table (@pamil)
- #11024 Replace unbound behat/mink dependency with tagged friends-of-behat/mink fork (@pamil)
-
v1.5.8 Changes
December 05, 2019👻 CVE-2019-16768: Internal exception message exposure in login action.
Details:
👻 Exception messages from internal exceptions (like database exception) are wrapped by
🔒\Symfony\Component\Security\Core\Exception\AuthenticationServiceException
and propagated through the system to UI.
Therefore, some internal system information may leak and be visible to the customer.🌲 A validation message with the exception details will be presented to the user when one will try to log into the shop.
Solution:
🚀 This release patches the reported vulnerability. The
src/Sylius/Bundle/UiBundle/Resources/views/Security/_login.html.twig
file from Sylius should be overridden and{{ messages.error(last_error.message) }}
changed to{{ messages.error(last_error.messageKey) }}
.Details
- 🗄 #10835 Improve deprecation message for "Sylius\Bundle\CoreBundle\Application\Kernel" (@pamil)
- 📄 #10841 [Docs] Include link to ShopApi docs to REST API Reference (@Zales0123)
- #10846 [Order] Include order unit promotion adjustments and order item promotion adjustments in order promotion total (@Tomanhez)
- 🚚 #10849 Move ShopApi reference to main menu (@Zales0123)
- 📄 #10855 [Docs] Open external links in a new tab (@Zales0123)
- #10857 Change readme banner (@kulczy)
- #10880 [Promotion] Improve coupon generation validation message (@GSadee)
- 📄 #10881 Add docs banner (@kulczy)
- 🚀 #10891 Update release process docs for 1.2 (@pamil)
-
v1.5.7
December 04, 2019 -
v1.5.6 Changes
November 11, 2019- 🛠 #9931 [Payum] infinite loop on state machine exception fixed (@tautelis)
- 🛠 #10734 Added: TimestampableInterface to core TaxonInterface (fixes #10728) (@igormukhingmailcom)
- #10748 Switch statement conditions (@mikemix)
- #10750 Fix compound form errors (@loic425)
- #10752 Translate attribute type on attributes grid (@loic425)
- 📄 #10755 [Docs] Add tag that stripe is outdated and add SCA note (@Tomanhez, @GSadee)
- #10761 Replace EntityManager#flush($entity) by EntityManager#flush() (@twojtylak)
- #10764 [Behat] Fix a typo on Paypal context (@loic425)
- 🚚 #10769 Remove unsupported RBAC plugin from command and docs (@GSadee)
- ⚡️ #10773 Update ad url (@kulczy)
- 🚚 #10776 [Behat] Remove final on product index and product variant index pages (@loic425)
- 0️⃣ #10781 Allow no default tax zone in channel fixtures (@pamil)
- #10790 [ShippingMethod] Do not allow to specify shipping charge below 0 (@Zales0123)
- 0️⃣ #10792 [Behat][Admin] Add scenarios for validating default locale for a channel (@GSadee)
- 0️⃣ #10793 [Admin][Channel] Validating default locale for a channel (@GSadee)
- #10805 [Addressing] Make sure the CountryNameExtension::translateCountryIsoCode() always returns a string (@vvasiloi)
- #10806 [Order] include order promotion adjustments in order promotion total (@vvasiloi)
- 🛠 #10819 Fixed: Typo/artifact (@igormukhingmailcom)
- #10820 Rename shop user factory to help autowiring (@loic425)
- #10821 Specify PHP version for SymfonyInsights (@pamil)
- 🚚 #10823 Remove unnecessary +x chmod on some files (@pamil)
- #10824 Use SessionInterface instead of Session in UserImpersonator (@pamil)
- 🔧 #10825 Fixed: Typo at grid configuration example (@igormukhingmailcom)
- ✅ #10826 Execute PHPUnit tests inside AdminApiBundle (@pamil)
- 🔧 #10832 Do not merge promotion action configuration (@pamil)