ecommerce

https://leapgraph.com/graphql-api-security

This article mentions several add-on packages that Reaction may want to use. This issue is simply to investigate whether these vulnerabilities are present and try adding the packages to solve them.

Summary (*)

When trying to get a list of categories, or even only one category, if "image" field is filled but the image can't be found on filesystem the request will fail with "Error: Category image not found."
This shouldn't be the correct behavior as not being able to render an image for a category isn't an unrecoverable error, and we've been able to handle in frontend this kind of errors

Currently, catch block is the same for both methods in useForgotPasswordFactory (https://github.com/vuestorefront/vue-storefront/pull/5971/files/0e001721be751b0b0130915023ea0867722e1065#diff-89077440c1264480ee6ffbbcfb08d6c64c9881bea61ebbd8e0e5d260085b66ad):

err.message = err?.graphQLErrors?.[0]?.message || err.message;

Let's create an external function that takes care of that a

Prerequisites (mark completed items with an [x]):

• I have carried out troubleshooting steps and I believe I have found a bug.
• I have searched for similar bugs in both open and closed issues and cannot find a duplicate.

Describe the bug

There are still pieces of code that have the old woo purple #a36597 and secondary #a16696

Some shown here - https://github.com/woocomm

Sylius version affected: v1.4.4

Description

Sylius says the category is used and cannot be removed, when we try to remove an empty category.

We figured out that we had some products with the taxon as "Main Taxon".

Steps to reproduce

1. Add a taxon, keep it empty of products.
2. Update a product to use the newly created taxon as Main taxon.
3. Try to remove the taxo

Describe the bug

Previously reported here: PrestaShop/PrestaShop#25822 (comment)
In the BO > Customers > View customer page, in the Addresses block ( and Vouchers block),
If we delete the last address

Right now the wishlist page shows "Your wishlist is empty" before showing your wishlist items, that should be a loading state instead.

A while ago, we converted API controller specs into requests specs, see #2052. But those specs still have references from their old "life" that we can clean a little bit with a small effort.

In fact, their filenames still have the _controller_ part, which makes no sense now. Eg. solidus/api/spec/requests/spree/api/addresses_controller_spec.rb

Also, they contain references to the previo

Describe the bug
Due to adding templates feature the nuxt page is now shifted to the left.

How to reproduce
Steps to reproduce the behavior:

1. Go to nuxt homepage
2. See the error

Expected behavior
Layout is aligned according to designs.

Actual behavior
Layout is shifted

Screenshots
<img width="266" alt="Zrzut ekranu 2021-10-11 o 14 14 24" src="https://user-

Improve the tier prices feature - add info like "Buy 2 in x.xx$ and save x%"