Release notes Shopware 6.7.5.0

Abstract

This release delivers targeted enhancements across tax logic, SEO, API, and core infrastructure. Key improvements include corrected tax-free handling for B2B/B2C customers, extended robots.txt configurability, and a new scheduled task for cleaning corrupted media files. Developers benefit from enriched OpenAPI documentation, new JWT helpers, and PHP 8.5 polyfill support, while storefront updates refine SEO URL protection and component extensibility. Critical fixes resolve issues such as product weight precision and guest checkout behaviour, ensuring greater platform stability and accuracy.

System requirements

• tested on PHP 8.2 and 8.4
• tested on MySQL 8 and MariaDB 11

Improvements

Tax Calculation Logic

The tax-free detection logic if the cart changed to handle B2B and B2C customers separately. Previously, enabling "Tax-free for B2C" in the country settings also affected B2B customers. Now, tax rules are applied correctly based on the customer type.

Robots.txt configuration

The rendering of the robots.txt file has been changed to support custom User-agent blocks and the full robots.txt standard. For a detailed guide on how to use the new features and extend the functionality, please refer to our documentation guide Extend robots.txt configuration.

Scheduled Task for cleaning up corrupted media entries

A new scheduled task media.cleanup_corrupted_media has been introduced. It detects and removes corrupted media records, such as entries created by interrupted or failed file uploads that have no corresponding file on the filesystem.

API

Add the possibility to specify indexer in context

When you want to specify which indexer should run, you can add the EntityIndexerRegistry::EXTENSION_INDEXER_ONLY extension to the context as follows:

$context->addExtension(EntityIndexerRegistry::EXTENSION_INDEXER_ONLY,
    new ArrayEntity([
        ProductIndexer::STOCK_UPDATER // Only execute STOCK_UPDATER.
    ]),
);

When making a call to the Sync API, specify the required indexer in the header:

curl -X POST "http://localhost:8000/api/_action/sync" \
-H "indexing-only: product.stock" \
#...

Core

Improved Store API OpenAPI documentation with field descriptions

The OpenAPI schema generator for Store API endpoints now includes descriptions for entity fields, making it easier for developers to understand the available fields and their purposes.

Additionally, available associations for each entity are now automatically listed in the OpenAPI operation descriptions, showing developers which relationships can be loaded.

To add descriptions to fields in your custom entity definitions, use the setDescription() method:

(new ManyToOneAssociationField('group', 'customer_group_id',
    CustomerGroupDefinition::class, 'id', false))
    ->addFlags(new ApiAware())
    ->setDescription('Customer group determining pricing and permissions')

Allow overwriting Doctrine wrapperClass on Primary/Replica setups

It's now possible to overwrite the wrapperClass of the Doctrine\DBAL\Connection instance. This is useful if you want to use e.g. Doctrine MySQL Comeback to automatically reconnect if the MySQL connection is lost.

composer require facile-it/doctrine-mysql-come-back ^3.0

Then specify the wrapperClass in the .env file:

DATABASE_URL=mysql://root:root@database/shopware?driverOptions[x_reconnect_attempts]=5&wrapperClass=Facile\DoctrineMySQLComeBack\Doctrine\DBAL\Connection

Robots.txt parsing

A new Shopware\Storefront\Page\Robots\Parser\RobotsDirectiveParser has been introduced to parse robots.txt files. This new service provides improved error tracking and adds new events for better extensibility.

As part of this change, the constructor for Shopware\Storefront\Page\Robots\Struct\DomainRuleStruct is now deprecated for string parameters. You should use the new parser to create a ParsedRobots object to pass to the constructor instead.

new JWT helper

Added new Shopware\Core\Framework\JWT\SalesChannel\JWTGenerator and Shopware\Core\Framework\JWT\Struct\JWTStruct to build general structure for encoding and decoding JWT.

Added PHP 8.5 polyfill

The new dependency symfony/polyfill-php85 was added, to make it possible to already use PHP 8.5 features, like array_first and array_last

Removal of old changelog handling

As we changed how we process and generate changelogs the "old" changelog files are no longer needed.

Therefore, we removed all the internal code used to generate and validate them. The whole Shopware\Core\Framework\Changelog namespace was removed.

The code is not needed anymore, you should adjust the RELEASE_INFO and UPGRADE files manually instead.

Deprecated the \Shopware\Core\Framework\Test\TestCaseHelper\ReflectionHelper

Refection has significantly improved in particular since PHP 8.1, therefore the Shopware\Core\Framework\Test\TestCaseHelper\ReflectionHelper was deprecated and will be removed in the next major release. See below for the explicit replacements:

- $property = ReflectionHelper->getProperty(MyClass::class, 'myProperty');
+ $property = \ReflectionProperty(MyClass::class, 'myProperty');

- $method = ReflectionHelper->getMethod(MyClass::class, 'myMethod');
+ $method = \ReflectionMethod(MyClass::class, 'myMethod');

- $propertyValue = ReflectionHelper->getPropertyValue($object, 'myProperty');
+ $propertyValue = \ReflectionProperty(MyClass::class, 'myProperty')->getValue($object);

- $fileName = ReflectionHelper->getFileName(MyClass::class);
+ $fileName = \ReflectionClass(MyClass::class)->getFileName();

New constraint to check for existing routes

The new constraint \Shopware\Core\Framework\Routing\Validation\Constraint\RouteNotBlocked checks if a route is available or already taken by another part of the application.

Multiple payment finalize calls allowed

With the feature flag REPEATED_PAYMENT_FINALIZE, the /payment-finalize endpoint can now be called multiple times using the same payment token.

This behaviour will be the default in the next major release. If the token has already been consumed, the user will be redirected directly to the finish page instead of triggering a PaymentException.

To support this behavior, a new consumed flag has been added to the payment token struct, which indicates if the token has already been processed. Payment tokens are no longer deleted immediately after use. A new scheduled task automatically removes expired tokens to keep the payment_token table clean.

Added sanitized HTML tag support for app snippets

Added sanitized HTML tag support for app snippets. App developers can now use HTML tags for better formatting within their snippets. The sanitizing uses the basic set of allowed HTML tags from the html_sanitizer config, ensuring that security-related tags such as script are automatically removed.

App custom entity association handling

The behaviour creating associations with custom entities in apps changed.

Now an exception will be thrown if the referenced table does not exist, instead of creating a reference to the non-existing table.

To allow the schema updater to skip creating associations if the referenced table does not exist, improving flexibility and robustness during schema updates, a new optional attribute ignore-missing-reference was added to association types (one-to-one, one-to-many, many-to-one, many-to-many).

Example usage:

<one-to-many name="custom_entity" reference="quote_comment" ignore-missing-reference="true" store-api-aware="false" on-delete="set-null" />

Translatable product manufacturer links

The link property of the product manufacturer entity is now translatable.

Administration

URL restrictions for product and category SEO URLs

When creating a SEO URL for a product or category, the URL is now checked for availability. Before it was possible to override existing URLs like account or maintenance with SEO URLs. Existing URLs are now blocked to be used as SEO URLs.

Refactor filters for the newsletter recipients list.

We now use the <mt-select> instead administration/src/module/sw-newsletter-recipient/component/sw-newsletter-recipient-filter-switch.

Because of that, we deprecate these twig blocks:

• sw_newsletter_recipient_list_sidebar_filter_status_not_set
• sw_newsletter_recipient_list_sidebar_filter_status_direct
• sw_newsletter_recipient_list_sidebar_filter_status_opt_in
• sw_newsletter_recipient_list_sidebar_filter_status_opt_out

These blocks will be removed in v6.8.0.0 without replacement. Use the parent blocks instead.

We also deprecate administration/src/module/sw-newsletter-recipient/component/sw-newsletter-recipient-filter-switch which will be removed with v6.8.0.0 and administration/src/module/sw-newsletter-recipient/page/sw-newsletter-recipient-list/index.js which will be private in v6.8.0.0.

Storefront

Language selector twig blocks

New extensible Twig blocks layout_header_actions_language_widget_content_inner and layout_header_actions_languages_widget_form_items_flag_inner have been added to the language selector to allow custom flag implementations.

context.token is no longer available in twig rendering context

The context.token variable is no longer available in twig rendering context to prevent potential security vulnerabilities. If you need to access the token, consider using alternative methods that do not expose it in the rendered HTML.

Usually inside the Twig storefront there is no need to handle the context token manually, as it is handled automatically via the session handling in the Storefront.

Added specific add-product-by-number template

The page_checkout_cart_add_product* blocks inside @Storefront/storefront/page/checkout/cart/index.html.twig are deprecated and a new template @Storefront/storefront/component/checkout/add-product-by-number.html.twig was added.

Instead of overwriting any of the page_checkout_cart_add_product* blocks inside @Storefront/storefront/page/checkout/cart/index.html.twig, extend the new @Storefront/storefront/component/checkout/add-product-by-number.html.twig file using the same blocks.

Change:

{% sw_extends '@Storefront/storefront/page/checkout/_page.html.twig' %}

{% block page_checkout_cart_add_product %}
    {# Your content #}
{% endblock %}

to:

{% sw_extends '@Storefront/storefront/component/checkout/add-product-by-number.html.twig' %}

{% block page_checkout_cart_add_product %}
    {# Your content #}
{% endblock %}

Hosting & Configuration

Sales Channel Replace URL Command

A new sales-channel:replace:url command was added to replace the url of a sales channel.

bin/console sales-channel:replace:url <previous_url> <new_url>

Changed CACHE_CONTEXT_HASH_RULES_OPTIMIZATION feature flag to CACHE_REWORK

The CACHE_CONTEXT_HASH_RULES_OPTIMIZATION feature flag was renamed to CACHE_REWORK to better reflect its purpose, as more changes will be toggled by that flag, to enable the new cache behaviour.

To enable the new cache behaviour, set the CACHE_REWORK feature flag to 1 in your .env file: Before:

CACHE_CONTEXT_HASH_RULES_OPTIMIZATION=1

Now:

CACHE_REWORK=1

To not break plugins that might check for the old flag unnecessarily, the old flag will be kept until the next major release, however, the flag has no effect anymore.

Staging configuration

The disabled delivery check in MailSender now checks for the Staging Mode core.staging, the shopware.staging.mailing.disable_delivery configuration and the config setting shopware.mailing.disable_delivery. Regardless of mode the config setting shopware.mailing.disable_delivery always allows disabling mail delivery.

Critical fixes

Product weight precision

The database column product.weight now uses DECIMAL(15,6) instead of DECIMAL(10,3) to keep gram-based measurements accurate when values are stored in kilograms.

Fixed bugs

• 13272 fix: dont expose context token in twig
• 13435 fix: blocked shipping method not switched
• 13401 fix: storefront missing system services (Storefront Analytics / Google Analytics)
• 13395 fix: guest behavior for address edit
• 13206 fix: Cheapest price of variant product applies across sales channels

See all fixed bugs in this release: https://github.com/shopware/shopware/milestone/20?closed=1

Credits

Thanks to all diligent friends for helping us make Shopware better and better with each pull request!

See all contributors on this page: https://github.com/shopware/shopware/releases/tag/v6.7.5.0#Contributors

More resources

• Detailed diff on Github to the former version
• Changelog on GitHub for this version.
• Release News corporate blog post
• Installation overview
• Update from a previous installation

Get in touch

Discuss about decisions, bugs you might stumble upon, etc in our community discord. See you there 😉