Commit Graph

5 Commits

Author SHA1 Message Date
Mauricio Siu
987fdf3c09 fix: composer security audit blocked pinned shopware/core, bump to 6.7.12.1
Bootstrap died with exit 2 because Composer >= 2.9 enables
audit.block-insecure by default: shopware/core v6.7.8.2 is now affected
by 9 security advisories (all fixed in 6.7.10.1+), so
'composer create-project shopware/production:6.7.8.2' failed to resolve
dependencies and the whole stack never started.

- Bump the pinned Shopware version to 6.7.12.1 (latest, advisory-free).
- Disable audit.block-insecure in the bootstrap's global composer config
  so advisories published after a version is pinned cannot brick fresh
  one-click deploys.
- Use APP_URL=http://${main_domain} per template conventions; an https
  APP_URL breaks storefront sales-channel matching when the Dokploy
  domain is served over plain http.

Verified on a Dokploy instance: full bootstrap + deployment-helper
install completed in ~4 min, storefront and /admin both return HTTP 200.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-07-08 02:26:08 -06:00
Mauricio Siu
3a56077d39 Merge remote-tracking branch 'origin/canary' into zrja/shopware-v1
# Conflicts:
#	meta.json
2026-07-08 00:06:22 -06:00
zrja
fed39e395e fix: address remaining shopware review notes 2026-04-09 04:35:36 +02:00
zrja
3100430dc5 fix: address shopware review feedback 2026-04-09 04:15:42 +02:00
zrja
ac5f9b995a feat: add shopware blueprint 2026-04-09 04:10:55 +02:00