Broadleaf Dev Central

Requirements

JDK 11 is now required for Broadleaf release trains 1.7.0-GA, and beyond.

New Features & Notable Changes

Feature/Notable Change	Related Services	Links
Disabled the SecurityEnhancer by default	AssetServices, TenantServices, ContentServices, CatalogServices, SandboxServices, ShippingServices, CartOperationServices, CatalogBrowseServices, PaymentTransactionServices
Introduced support for account cart approval flows	CartClient, CartOperationServices, OrderCommon, OrderClient, OrderServices, OrderOperationServices, NotificationServices, PaymentTransactionServices, MicroSecurityCommon, NextJs Starter
Introduced UpdateCartRequest to create CartActionAudit along with updating a cart

Feature/Notable Change

Related Services

Links

Disabled the SecurityEnhancer by default

AssetServices, TenantServices, ContentServices, CatalogServices, SandboxServices, ShippingServices, CartOperationServices, CatalogBrowseServices, PaymentTransactionServices

Introduced support for account cart approval flows

CartClient, CartOperationServices, OrderCommon, OrderClient, OrderServices, OrderOperationServices, NotificationServices, PaymentTransactionServices, MicroSecurityCommon, NextJs Starter

Introduced UpdateCartRequest to create CartActionAudit along with updating a cart

Upgrade Guide

API Changes

CartServices OpenAPI Docs

New Endpoints

Path Description

Path	Description
`GET /carts`	Read all carts by the given RSQL filters or request parameters
`PUT /carts/{id}`	Update a cart with UpdateCartRequest
`GET /carts/{cartId}/action-audits`	Read a cart’s cart action audits
`POST /carts/{cartId}/action-audits`	Create a cart action audits for a cart

GET /carts

Read all carts by the given RSQL filters or request parameters

PUT /carts/{id}

Update a cart with UpdateCartRequest

GET /carts/{cartId}/action-audits

Read a cart’s cart action audits

POST /carts/{cartId}/action-audits

Create a cart action audits for a cart

Endpoint Updates

Path Description of Changes

Path	Description of Changes
`GET /carts`	Endpoints that take a `customerId` parameter now accepts an optional `accountId` parameter to retrieve account carts, if `accountId` is not passed in, personal carts are retrieved

GET /carts

Endpoints that take a customerId parameter now accepts an optional accountId parameter to retrieve account carts, if accountId is not passed in, personal carts are retrieved

Liquibase Change Sets

Create/Update SQL	Drop SQL
PostgreSQL changelog PostgreSQL Index changelog Oracle changelog Oracle Index changelog MySQL changelog MySQL Index changelog MariaDB changelog MariaDB Index changelog YugabyteDB changelog YugabyteDB Index changelog

Create/Update SQL

Drop SQL

Configuration Properties

Added Properties

broadleaf.cart.web.security.register-security-enhancer
- Enables the previous whitelist of unsecured endpoints in the service. This was disabled by default as it is not needed to support frontend requests.
- Default value: false

Release Notes for 1.8.0-GA