Vue Storefront is now Alokai! Learn More
@vue-storefront/magento-api

@vue-storefront/magento-api

8.0.2

Patch Changes

  • FIXED type for built-in tokenExtension

8.0.1

Patch Changes

Security vulnerability fixes across multiple packages

This change addresses critical security vulnerabilities identified in the dependency audit across several packages. The fixes primarily target dependency updates and security patches to resolve high and critical severity issues.

Before fix:

  • 40 vulnerabilities found (Packages audited: 3081)
  • Severity breakdown: 23 Low | 8 Moderate | 2 High | 7 Critical

After fix:

  • 24 vulnerabilities found (Packages audited: 3115)
  • Severity breakdown: 22 Low | 2 Moderate | 0 High | 0 Critical

Key improvements:

  • Eliminated all 7 critical vulnerabilities
  • Resolved 2 high severity vulnerabilities
  • Reduced moderate vulnerabilities from 8 to 2
  • Overall 40% reduction in total vulnerabilities (40 → 24)

The remaining low and moderate vulnerabilities are either false positives or require major version updates that would introduce breaking changes.

  • FIX Improve Magento route types with proper union types
  • Replaced generic RoutableInterface with a new Route union type that properly represents different route variants
  • Added specific types for CategoryInterfaceRoute, CategoryTreeRoute, CmsPageRoute, and ProductRoute with their respective properties
  • Updated the route API function to use the new Route type for better type safety and IntelliSense support
  • Each route type now includes proper __typename discrimination for better runtime type checking
  • Updated dependencies:
    • @vsf-enterprise/magento-types@4.0.1

8.0.0

Major Changes

FEATURE

  • placeOrder unified API method: Added placeOrder method to the unified API for Magento.

CHANGED

  • placeOrder response structure: The placeOrder method now returns detailed order information using the orderV2 field instead of the basic order field. Update your code to access order data from response.data.placeOrder.orderV2 instead of response.data.placeOrder.order
  • magento schema updated: Updated Magento GraphQL schema from 2.4.6 to 2.4.8, which may introduce new types and fields or modify existing ones.
  • magento-sdk: Is now using the middlewareModule from @alokai/connect/sdk and become a Proxy SDK module to align with recent architecture changes.

Patch Changes

  • Updated dependencies:
    • @vsf-enterprise/magento-types@4.0.0

7.0.0

Major Changes

  • CHANGED Guarantee compatibility with @alokai/connect package.
  • CHANGED Updated the package for compatibility with Node.js 22.

Key Updates:

  • Upgraded to the latest version of Node.js 22
  • Updated CI pipelines to use Node.js 22 for consistency.
  • Updated .nvmrc or .node-version files to specify Node.js version 22.14.
  • Upgraded @types/node to version ^22.13.17 for compatibility with the latest Node.js features.

Recommendations:

  • Use Node.js version 22.14.0 or higher for optimal performance, security, and compatibility.
  • While Node.js 20 is technically supported, it is not recommended as it may cause compatibility issues with certain packages and has not been thoroughly tested. CHANGED Replaced core dependencies with a new @alokai/connect package. @vue-storefront/middleware, @vue-storefront/sdk, vue-storefront/logger, vue-storefront/unified-data-model, @vue-storefront/multistore were replaced with @alokai/connect. The replacement preserves the same functionality and interface as the original packages. To read more about the @alokai/connect package, please refer to the documentation.

Patch Changes

  • Updated dependencies:
    • @alokai/connect@1.0.0
    • @vsf-enterprise/magento-types@3.0.0

7.0.0-rc.5

Patch Changes

  • Updated dependencies:
    • @alokai/connect@1.0.0-rc.4

7.0.0-rc.4

Major Changes

  • CHANGED Updated the package for compatibility with Node.js 22.

Key Updates:

  • Upgraded to the latest version of Node.js 22
  • Updated CI pipelines to use Node.js 22 for consistency.
  • Updated .nvmrc or .node-version files to specify Node.js version 22.14.
  • Upgraded @types/node to version ^22.13.17 for compatibility with the latest Node.js features.

Recommendations:

  • Use Node.js version 22.14.0 or higher for optimal performance, security, and compatibility.
  • While Node.js 20 is technically supported, it is not recommended as it may cause compatibility issues with certain packages and has not been thoroughly tested.

Patch Changes

  • Updated dependencies:
    • @vsf-enterprise/magento-types@3.0.0-rc.0
    • @alokai/connect@1.0.0-rc.3

7.0.0-rc.3

Patch Changes

  • Updated dependencies:
    • @alokai/connect@1.0.0-rc.2

7.0.0-rc.2

Patch Changes

  • Updated dependencies:
    • @alokai/connect@1.0.0-rc.1

7.0.0-rc.1

Major Changes

Update packages to work with connect rc version

Patch Changes

  • Updated dependencies:
    • @alokai/connect@1.0.0-rc.0

7.0.0-rc.0

Major Changes

CHANGED Replaced core dependencies with a new @alokai/connect package. @vue-storefront/middleware, @vue-storefront/sdk, vue-storefront/logger, vue-storefront/unified-data-model were replaced with @alokai/connect. The replacement preserves the same functionality and interface as the original packages. To read more about the @alokai/connect package, please refer to the documentation. You will also find a migration guide in the documentation.

6.3.0

Minor Changes

  • 9f61ba2b: CHANGED Replaced consola with Alokai Logger. To learn more about logger, visit Alokai Logger.

6.2.0

Minor Changes

  • aa9e8a96: ADDED cookieOptions config. This option allows you to customize the cookie options which are set for a given cookie name.
    Example:
    {
  integrations: {
    magento: {
      location: "@vue-storefront/magento-api/server",
      configuration: {
        // ...
        cookieOptions: {
          "vsf-customer": {
            secure: process.env.NODE_ENV === 'production',
            sameSite: process.env.NODE_ENV === 'production' ? 'none' : 'strict',
          }
        }
      },
    },
  },
}

6.1.0

Minor Changes

  • a89d1e10: ** CHANGED ** - increase the HttpAgent socket timeout from 10s to 30s to prevent timeout errors on slow connections.

6.0.0

Major Changes

  • 983eb70e: CHANGE - Update middleware to 5.1.0

5.0.1

Patch Changes

  • 158a648f: Remove unused vulnerable dependency "@nuxtjs/composition-api"

5.0.0

Major Changes

  • 018d73d3: - BREAKING Updated @vue-storefront/middleware version to 4.1.0. Make sure this version is used in your project.
    {
  ...
  "dependencies": {
-   "@vue-storefront/middleware": "3.x.x",
+   "@vue-storefront/middleware": "4.1.0"
  }
}

4.0.1 (deprecated)

This package version is deprecated. Please use the next major version.

Patch Changes

  • d65bb6ee: CHANGED Updated @vue-storefront/middleware version to 4.x.x.

4.0.0

Major Changes

  • e4709f9a: Changed minimum Node version from 16 to 18. The condition that was forcing the Node version to be lower than 19 is also removed.

Patch Changes

  • Updated dependencies e4709f9a
    • @vue-storefront/magento-types@2.0.0

3.1.1

Patch Changes

  • 3065ee76: ADDED CategoriesQuery type for categories endpoint.
  • 101d9905: FIXED: Added export of Endpoints type, because it was missing.

3.1.0

Minor Changes

  • 6dc90582: CHANGED Enhanced default GQL productDetailsQuery with new fields: stock_status and only_x_left_in_stock. #1521

Patch Changes

  • 6672edfb: CHANGED Update TSDocs of API methods. Now, they contain examples of usage.

3.0.0

Major Changes

  • 8b8fdff0: - CHANGED Endpoints interface. Previously, each endpoint contained context param, which is internal and shouldn't be exposed in the final interface. Now, Endpoints interface properties don't contain context param. If you need to use context param, you should use ApiMethods type.
    - import { Endpoints } from '@vue-storefront/magento-api';
+ import { ApiMethods } from '@vue-storefront/magento-api';
    • CHANGED Removed ContextualizedEndpoints type. Use Endpoints instead.
    - import { ContextualizedEndpoints } from '@vue-storefront/magento-api';
+ import { Endpoints } from '@vue-storefront/magento-api';
    • REMOVED MagentoApiMethods interface. Use Endpoints instead.
    - import { MagentoApiMethods } from '@vue-storefront/magento-api';
+ import { Endpoints } from '@vue-storefront/magento-api';

2.7.0

Minor Changes

  • 8b2a0c35: ADDED categories endpoint that allows fetching a list of categories that match the specified filter. CHANGED categoryList endpoint is now deprecated in favor of the new categories endpoint.

Patch Changes

  • Updated dependencies 8b2a0c35
    • @vue-storefront/magento-types@1.2.0

2.6.0

Minor Changes

  • 7ce4f9ed: CHANGED Enhanced default GQL queries
    • CategorySearchQuery new fields:
      • url_key - The url key assigned to the category.
      • children - Child categories tree.
        • include_in_menu
        • is_anchor
        • level
        • name
        • position
        • product_count
        • uid
        • url_key
        • url_path
        • url_suffix
    // get category `children` categories

const category = sdk.commerce.categorySearch();
const children = category.children;
    • CategoryListQuery new fields:
      • children.url_key - The url key assigned to the category.
    // get `url_key` of category children

const categoryList = sdk.commerce.categoryList();

for (let categoryChildren of categoryList.children) {
  const url_key = categoryChildren.url_key;
}

    // get ConfigurableProduct `variants` products

const products = sdk.commerce.products();

for (let product of products) {
  if (product.__typename === "ConfigurableProduct") {
    const variants = products.variants;
  }
}

Patch Changes

2.5.0

Minor Changes

  • eda02ee7: CHANGED Update addConfigurableProductsToCart and addBundleProductsToCart methods to align with the rest of the API methods. It is an internal change that does not affect the public API.

Patch Changes

  • 06362368: CHANGED Context from type to interface to allow declaration merging.

2.4.3

Patch Changes

  • adc748ef: * Updated @apollo/client dependency from version ^3.6.9 to version 3.8.7 in the api-client package.
  • adc748ef: * Fixed a bug in the GraphQL mutation in the generateCustomerToken API. Replaced the ${generateCustomerToken} template string with ${generateCustomerTokenGQL.query} in the mutation to address the bug.

2.4.2

Patch Changes

  • Updated dependencies 045784a6
    • @vue-storefront/magento-types@1.0.2

2.4.1

Patch Changes

  • 78edfd5c: * Fixed a bug in the GraphQL mutation in the generateCustomerToken API. Replaced the ${generateCustomerToken} template string with ${generateCustomerTokenGQL.query} in the mutation to address the bug.

2.4.0

Minor Changes

  • d634cdbe: ## Changes
    This change adds support for custom queries in the route method of both the api-client and sdk modules. The route query has also been extended with a CategoryInterface fragment. These changes improve the flexibility and functionality of the route method, allowing for more customization and control over the data returned.

    api-client

    • Expanded the route query to include a CategoryInterface fragment.
    • Introduced support for customQueries within the route API method.

    sdk

    • Now includes support for customQueries in the route SDK method.

Patch Changes

  • 992734bf: ## Changes
    This change adds support for custom queries in the generateCustomerToken method of both the api-client and sdk modules.

    api-client

    • Introduced support for customQueries within the route API method.

    sdk

    • Now includes support for customQueries in the route SDK method.

2.3.0

Minor Changes

  • a9ea521f: Added Compatibility: Now supports domain-based store resolving with the Unified MultiStore module.

2.2.0

Minor Changes

  • 07d2087a: Bumped @vue-storefront/middleware version to ^3.5.0 which introduces support for HTTP GET requests.

2.1.1

Patch Changes

  • Turn off query deduplication to prevent any potential session leaks.

2.1.0

Minor Changes

  • Add node 18 support

2.0.1

Patch Changes

  • Fix products and productDetails endpoints to return 200 instead of 500 when no products found