As we enter May, let’s recap the key accomplishments within the PrestaShop project during April. We focused on vital security upgrades, namely PrestaShop 8.0.4 and, as well as putting the final touches on PrestaShop 8.1. A new project organization was also introduced, and the developer documentation received several updates. Read on to learn more about the latest developments in the PrestaShop project.

Core Monthly banner

New project organization

On April 19th, 2023, @eternoendless unveiled “a clearer, more transparent, more collaborative organization” for the project, that has been under development for the past few months. This revamped organization aims to streamline decision-making within the project. To learn more about the new structure, how it will function, and the next steps, we highly recommend reading the dedicated article on the Build blog. The organization was also presented during April’s Live Update, you can watch the replay here.

PrestaShop and 8.0.4

In April, the PrestaShop project released important security fixes for versions 1.7.8 and 8.0, addressing multiple vulnerabilities. These include a critical SQL filter bypass (GHSA-p379-cxqh-q822) that could lead to arbitrary write requests using “SQL Manager,” a high-severity arbitrary file read issue (GHSA-8r4m-5p6p-52rp), a high-severity XSS injection vulnerability through the Validate::isCleanHTML method (GHSA-fh7r-996q-gvcp), and a moderate-severity CSRF token fixation (GHSA-3g43-x7qr-96ph). The fixes have been implemented to bolster the platform’s security and protect users from potential threats. If you use PrestaShop 1.7.8 or 8.0 I highly recommend you to upgrade your store to the latest version.

The upgrades are small and do not require any database changes. You can implement those changes by simply replacing the files on your server. During the 8.0.4 and upgrade process using the autoupgrade module, some issues were encountered, which were likely caused by the psgdpr module. However, it’s not the only reason for failed upgrades, and further investigation is needed.

PrestaShop 8.1

As PrestaShop 8.1 nears its second beta release, the project is focusing on several key elements necessary for a successful launch. Two of these crucial aspects include completing the translation catalog export and making the autoupgrade module compatible with PrestaShop 8.1. These efforts will enable the community to translate the new version and ensure a seamless upgrade process. You can follow the release process in the dedicated issue on GitHub.

Developer documentation improvements

April brought yet another round of enhancements to the DevDocs! This month, we introduced a revamped homepage for the documentation, emphasizing the main content sections. Additionally, we added a section featuring the most viewed pages in the docs.

Alongside these updates, we welcomed several improvements from the community and three significant additions to the documentation:

You can see the full list of changes here.

Upgrades in native modules

Not that much happened around the modules in April, but something worth mentioning is a refactored version of the psgdpr module. The new 2.0.0 version caused some troubles, so it was reverted to the previous version. The module is now back to v1, and we are working on the new version to fix issues reported by the community. You can follow the progress in this issue.

Other than that, there are some wording improvements and other minor fixes in the modules.

PrestaShop Project Live Update May ‘23

Just a quick word on the “Live Update” - we had to shuffle things around a bit and postpone the original date. But no worries, we’ve now locked in a new date! So, grab your coffee and join us for the update on Wednesday, May 17th, 2023 at 4 pm (Paris time) on YouTube.

And that wraps up our Core Monthly summary for April! Don’t forget to join us on May 17th for the “PrestaShop Project Live” update. We’ll see you there!

Project releases

A quick update about PrestaShop’s GitHub issues and pull requests:

Code changes in the ‘develop’ branch

Back office



  • #32362: Remove deprecated files. Thank you, @FabienPapet
  • #32325: Factorize language selection into a single LocaleChoiceType. Thank you, @FabienPapet
  • #32232: Remove unused functions getUrlRewriteInformation & getUrlRewriteInformations. Thank you, @eternoendless
  • #32189: Remove deprecated displayFlags. Thank you, @eternoendless
  • #32187: No longer try to include obsolete errors.php and admin.php. Thank you, @eternoendless
  • #32043: Building all assets goes 🏎️. Thank you, @0x346e3730
  • #32014: Fix linter. Thank you, @lartist
  • #31997: Removed message by typehinting the class GetProfileForEditingHandler. Thank you, @Progi1984
  • #31996: Remove triggered errors and deprecated for Grid. Thank you, @Progi1984
  • #31995: Remove deprecated message in Pagination class by typehinting. Thank you, @Progi1984
  • #31994: Removed method renderForm in namespace PrestaShopBundle\Controller. Thank you, @Progi1984
  • #31993: Remove deprecated methods in LogRepository & RequestSqlRepository. Thank you, @Progi1984
  • #31992: Remove deprecated classes TypeaheadRedirectionTargetTransformer and TranslateTextType in namespace PrestaShopBundle\Form\Admin. Thank you, @Progi1984
  • #31991: Remove deprecated classes TranslationFinder and TranslationFinderTrait in namespace PrestaShopBundle\Translation\Provider. Thank you, @Progi1984
  • #31976: Nicer docker compose & co for fast dev environment startup. Thank you, @tswfi
  • #31961: Add discounted unit price and initial price to formatted specific price. Thank you, @tswfi
  • #31894: Removed deprecated in Adapter namespace. Thank you, @Progi1984
  • #31705: Remove deprecated upload classes. Thank you, @matthieu-rolland
  • #31683: Set possibility to ignore warnings and notices in dev mode. Thank you, @web-cooking-factory
  • #31421: Remove Tools::encrypt() and Tools::encryptIV() (deprecated). Thank you, @FabienPapet
  • #31420: Migrate cookie constants usages to PSR4. Thank you, @FabienPapet
  • #28102: Removed pear/archive_tar dependency. Thank you, @Progi1984

Front office



Code changes in the ‘8.0.x’ branch

Back office



  • #32112: Handle fallback in Tools::clearSf2Cache when container is not available. Thank you, @jolelievre

Web services

  • #32044: Fix WS error: add product with empty unit-price. Thank you, @boherm

Code changes in the ‘8.1.x’ branch

Back office


Front office



  • #32251: Functional Tests : BO - Design - Image Settings - Check product image format. Thank you, @Progi1984
  • #32221: UI Tests : Unskip tests now that #31812 is fixed. Thank you, @Progi1984
  • #32153: Functional tests - Add new test ‘BO > Logs > Log by email’. Thank you, @nesrineabdmouleh
  • #32149: Functional tests - Add some tests in ‘Customer service > Merchandise return’ page. Thank you, @nesrineabdmouleh
  • #32123: Nightly : Support for HTTPS. Thank you, @Progi1984
  • #32082: Functional tests - Add new test ‘CRUD cart rule > Actions > Apply to specific product’. Thank you, @nesrineabdmouleh
  • #32041: UI Tests : Use HTTPS. Thank you, @Progi1984
  • #32040: UI Tests : Fixed commands. Thank you, @Progi1984
  • #32032: Functional Tests : Move FO tests to classic directory. Thank you, @Progi1984
  • #32025: Functional Tests : CLDR - Search a currency by enable/disable. Thank you, @Progi1984
  • #32018: Functional tests - Add some tests in ‘BO > Cart rules > Create cart rule > Condition tab’. Thank you, @nesrineabdmouleh
  • #31895: Functional tests - Refacto ‘BO > Customer service’. Thank you, @nesrineabdmouleh
  • #31888: Functional Tests : BO - Design - Image Settings - Image Generation on creation. Thank you, @Progi1984

Code changes in the ‘1.7.8.x’ branch

Back office


  • #32144: Nightly : Migrate from to Thank you, @Progi1984

Code changes in modules, themes and tools

Auto Upgrade module

  • #579: Nightly : Migrate from to Thank you, @Progi1984
  • #578: Update composer.lock. Thank you, @ValentinGratz
  • #577: Helper for adding hooks in upgrade scripts. Thank you, @kpodemski
  • #562: Update product page feature flag values. Thank you, @jolelievre

Automated tests on Pull Requests

Changes in developer documentation site

Changes in developer documentation sources

Changes in developer documentation theme

  • #30: Modify link to support, move gitinfo location. Thank you, @thomasnares
  • #29: Improve homepage of Devdocs and footer with git-info . Thank you, @thomasnares
  • #28: Improve version selector in sidebar. Thank you, @thomasnares

Currency selector

Customer reassurance block module

Dashboard Products module

  • #50: Fix category retrive for bestsellers. Thank you, @mflasquin
  • #62: Removed deprecated methods displayNumber in class Tools. Thank you, @Progi1984

Distribution API

Docker images

Email Alerts module

Example modules

Faceted search module

  • #733: Replace oudated jquerySortable plugin by SortableJS lib. Thank you, @leemyongpakvn

GDPR module

Google Analytics module

Google Sitemap module

Hummingbird theme

Issues Bot

  • #104: Fix removing Waiting for author label behaviour. Thank you, @boherm
  • #103: Fix license headers. Thank you, @matks


  • #5: Fixed wording & configuration page. Thank you, @Progi1984
  • #4: Bump phpstan/phpstan from 1.10.13 to 1.10.14. Thank you, @dependabot
  • #3: Bump phpstan/phpstan from 1.10.11 to 1.10.13. Thank you, @dependabot
  • #2: Bump phpstan/phpstan from 1.9.8 to 1.10.11. Thank you, @dependabot
  • #1: Improvements on the module. Thank you, @Progi1984
  • #167: Replaces deprecated setHookDispatcher method. Thank you, @0x346e3730

MJML Theme Converter


  • #1: Remove v2.0.0 for GPDR addon. Thank you, @nicosomb

Nightly board

Pages not found module

PrestaShop test scenarios


  • #124: Bump phpstan/phpstan from 1.10.13 to 1.10.14. Thank you, @dependabot
  • #123: Bump guzzlehttp/guzzle from 7.5.0 to 7.5.1. Thank you, @dependabot
  • #122: Bump phpunit/phpunit from 9.6.6 to 9.6.7. Thank you, @dependabot
  • #121: Nightly : Migrate from to Thank you, @Progi1984
  • #120: Bump phpstan/phpstan from 1.10.11 to 1.10.13. Thank you, @dependabot
  • #119: Bump phpstan/phpstan from 1.10.10 to 1.10.11. Thank you, @dependabot
  • #118: Bump symfony/var-dumper from 5.4.21 to 5.4.22. Thank you, @dependabot
  • #117: Bump symfony/dotenv from 5.4.21 to 5.4.22. Thank you, @dependabot
  • #116: Bump phpstan/phpstan from 1.10.9 to 1.10.10. Thank you, @dependabot
  • #115: Bump symfony/console from 5.4.21 to 5.4.22. Thank you, @dependabot


  • #139: Reproduce webhook behavior as cli. Thank you, @lartist

Product Comments module

QA nightly results

The PrestaShop open source project

Theme customization module

  • #56: fix(bo): replace deprecated translation method. Thank you, @tleon
  • #55: Replace removed deprecated methods in PS9. Thank you, @0x346e3730

Theme for the PrestaShop open source project website


  • #38: Bump guzzlehttp/psr7 from 1.9.0 to 1.9.1. Thank you, @dependabot

Wishlist block module

  • #217: Update phpdevtools to v4, phpcsfixer to v3 with Updated composer.lock. Thank you, @leemyongpakvn
  • #212: Update eslint, downgrade copywebpack, remove uglify. Thank you, @leemyongpakvn

Thank you to the contributors whose pull requests were merged since the last Core Monthly Report: @0x346e3730, @AdrienPlx, @FabienPapet, @Hlavtox, @JBLach, @JevgenijVisockij, @LaBisquerie, @MaxencePerrinPrestashop, @PrestaEdit, @Prestaworks, @Progi1984, @Tofandel, @ValentinGratz, @aleksiuno, @boherm, @boubkerbribri, @cvng, @davidglezz, @dependabot, @elodie-bil3, @eternoendless, @fabienVernieres, @fox-john, @ga-devfront, @jolelievre, @kpodemski, @lartist, @laurentrousseau918, @leagris, @leemyongpakvn, @matks, @matthieu-rolland, @mflasquin, @micka-fdz, @nesrineabdmouleh, @nicosomb, @sowbiba, @thomasnares, @tleon, @tswfi, @web-cooking-factory, @zuk3975!

Thank you to the contributors whose PRs haven’t been merged yet! And of course, a big thank you to all those who contribute with issues and comments on GitHub!

Coding is only just one of the ways you can contribute. Here are some ideas on how you can get involved in the project.

If you need help with contributing or have questions about it, feel free to contact me, @kpodemski, on the project’s Slack.

Happy contributin’ everyone!