This release includes an update for MikroORM dependencies to v6.6.12 due to recent security vulnerabilities. While Medusa's core API routes were not impacted by the security vulnerability as they're guarded with Zod validation, it may impact custom API routes if they're not properly guarded. So, we highly recommend updating your Medusa project to avoid potential security vulnerabilities.
There are no breaking changes at Medusa's level due to this update. However, if you use MikroORM and the entity manager in your code, we advise you to read MikroORM's v6.5 and v6.6 release announcements for potential changes.
What's Changed
Features
- feat(http-types-generator): Add an HTTP types generator and validator for Zod schemas by @shahednasser in #14988
Bugs
- fix: Add hosting section to README by @sradevski in #14969
Documentation
- chore: update yarn.lock by @shahednasser in #14944
- chore(docs): Updated UI Reference (automated) by @github-actions[bot] in #14947
- chore(docs): Updated API Reference (automated) by @github-actions[bot] in #14948
- chore(docs): Generated References (automated) by @github-actions[bot] in #14952
- chore: update version in docs by @shahednasser in #14949
- docs: fix data model index documentation not working by @shahednasser in #14959
- chore: support documentation changes automation by @shahednasser in #14968
- docs-utils: automate cloud doc changes by @shahednasser in #14974
- docs: changes to Cloud plans by @shahednasser in #14958
- docs: fix cloud pricing page by @shahednasser in #14979
- Correct 'Buy Y' to 'Get Y' in promotion instructions by @NicolasGorga in #14990
- docs: add note on Redis service plan availability by @shahednasser in #15004
- docs: update Bloom link to correct URL by @shahednasser in #15022
- docs: fix posthog capture for md event by @shahednasser in #15023
- chore: update glob to latest version by @shahednasser in #15005
Chores
- chore: fix example in tsdocs of translations js sdk by @shahednasser in #14953
- chore: add syncing for docs relaese branch by @shahednasser in #14970
- chore: automate TSDocs generation by @shahednasser in #14980
- chore: fix automation actions to add line break by @shahednasser in #14982
- chore: add new rules to the writing-docs skill by @shahednasser in #14983
- chore: set base branch for claude action by @shahednasser in #14989
- chore: fix claude token + run install and build in www by @shahednasser in #14992
- chore: change build command to build packages only in workflows by @shahednasser in #14994
- chore: update claude action prompt with clear guidelines on skill loading by @shahednasser in #14998
- chore(core-flows): Fix comments for removePriceListPricesWorkflow input ids by @NicolasGorga in #15000
- chore: fix PR update for docs automation by @shahednasser in #15002
- chore: fix error in updating docs automation pr by @shahednasser in #15003
- chore: update mikro-orm to 6.6.12 by @shahednasser in #15018
- chore: automate releases by @olivermrbl in #15029
Other Changes
- fix(cli): close leaked file descriptor in clearProject by @buley in #14917
- fix: use exponential backoff in Redis lock acquisition retries by @peterlgh7 in #14954
- Chore: Release by @github-actions[bot] in #15030
New Contributors
Full Changelog: v2.13.5...v2.13.6