PrestaShop Core Monthly - August 2025

Welcome to the August edition of Core Monthly. This month brought an important security patch for 8.2, a new community feature in the back office, and a fresh call for contributions to expand the Admin API in PrestaShop 9.

Security: PrestaShop 8.2.3

A security-driven patch release for PrestaShop 8.2 is out. Version 8.2.3 fixes an email enumeration vulnerability on the back office password reset page. While PrestaShop 9 is not affected, we strongly recommend updating if you are on the 8.2.x branch. For full details, including workarounds and manual patch instructions, check out the security release announcement.

Community: Wall of Fame lands in the back office

Have you seen the new “Wall of Fame” in your back office? It’s a new page that celebrates the amazing people and companies who contribute to PrestaShop. Now, every merchant can see the faces and names behind the project, right from their admin panel. It’s our way of saying thank you and showing the world who powers PrestaShop. Curious how to get your name or company on the list? Find out in the full announcement.

Call for contributions: Let’s build the Admin API together

Remember our first call for contributions on hooks? It was a huge success! Now, it’s time for round two. At this year’s Friends of Presta (FoP) Days, you voted the Admin API as a top priority, and we listened. PrestaShop 9 comes with a solid foundation for a new Admin API, but it needs more endpoints to be truly useful for the ecosystem. This is where you come in. Let’s work together to build the API you need. We’ve prepared the documentation and are ready to help on Slack. Join the effort!

Other notable changes

Besides these big topics, August was busy with other improvements. We saw many fixes in the back office, including for translation exports and the enhanced flexibility of TinyMCE editor. The core received updates to its Symfony components and better error handling. The 8.2.x branch also got its share of maintenance work. For a full picture, check the detailed list of pull requests below. A big thank you to everyone who contributed!

Project releases

• Distribution API Client, v2.1.0 released on 2025-08-06.

• Faceted search module, v4.0.1 released on 2025-08-08.

A quick update about PrestaShop’s GitHub issues and pull requests:

• 76 new issues have been created in the project repositories;
• 77 have been closed, including 0 fixed issues on the core;
• 305 pull requests have been opened in the project repositories;
• 249 pull requests have been closed, including 182 merged pull requests.

Code changes in the ‘9.0.x’ branch

Back office

• #39407: Update CancelProductType to display only refundable quantities as available quantity to refund. Thank you, @iNem0o
• #39404: Allow filtering module list for translation export. Thank you, @kpodemski
• #39400: Fix: Help is displayed two times. Thank you, @Codencode
• #39375: Don’t allow delete default country. Thank you, @Touxten
• #39358: Create ModuleParser to parse module information. Thank you, @jolelievre
• #39340: Fix product / category access in BO when seo redirection related category is deleted. Thank you, @aomaxime
• #39333: Fix product access in BO when seo redirection related entity is deleted. Thank you, @aomaxime
• #39322: Update Distribution API Client to include the new wall of fame. Thank you, @jolelievre
• #39314: BO : Orders : Modal Discount reset when it’s hidden. Thank you, @Progi1984
• #39312: Fix ALT shop name.. Thank you, @Touxten
• #39297: Update PHPDoc of ActionsBarButtonInterface. Thank you, @Quetzacoalt91
• #39295: Admin API CQRSDelete can use CQRSCommand and empty bodies can be used. Thank you, @jolelievre
• #39292: BO : Fixed redirection when permission is not allowed. Thank you, @Progi1984
• #39287: Fix + simplify last positions and add comments to it. Thank you, @Hlavtox
• #39277: Make the TinyMCEEditor more flexible and extensible via module. Thank you, @Codencode
• #39272: BO : Fixed the memorization of the language used in Admin in the cookie (if option is enabled). Thank you, @Progi1984
• #39271: BO : TinyMCE : Fixed checkbox icon. Thank you, @Progi1984
• #39269: BO : Admin API : Fixed selectors for copying secret. Thank you, @Progi1984
• #39257: Add missing attribute tag on constraints. Thank you, @jolelievre
• #39209: BO : Fixed HTML in informations & warnings block. Thank you, @Progi1984
• #39203: BO : Invoices : Harmonize Helper Text. Thank you, @Progi1984
• #39196: Change 404 admin template. Thank you, @Hlavtox
• #39182: Improve warning on languages page. Thank you, @Hlavtox
• #39160: Fix OrderStateType form to show all languages, including disabled ones. Thank you, @Codencode
• #39053: Add logic to generate random password on employee profil. Thank you, @PoulainMaxime
• #37590: Patch tinymce fullscreen. Thank you, @nicohery

Core

• #39466: Update Symfony components after 6.4.25 release. Thank you, @nicosomb
• #39453: Fix CI with mysql suddenly going crazy over SSL certificate. Thank you, @jolelievre
• #39373: Small Refacto Store.php for semantic (backticks unification). Thank you, @ShaiMagal
• #39372: Refacto of few $_SERVER variables (Tools.php). Thank you, @ShaiMagal
• #39371: Refacto ConnectionsSource.php for little better performance. Thank you, @ShaiMagal
• #39364: Add genuine Czech republic bot (SeznamBot) to “isBot” function. Thank you, @ShaiMagal
• #39331: Fix: using dev version of ps_apiresources. Thank you, @PrestaEdit
• #39327: Fix symlink issues on install. Thank you, @boherm
• #39311: Backport Unify error handling in FO and get rid of Tools::displayError calls. Thank you, @Hlavtox
• #39264: Update Symfony components after 6.4.24 release. Thank you, @nicosomb
• #39260: Adding taxes for shipping cost if needed. Thank you, @lukaslau

Front office

• #39406: Display full history time. Thank you, @Hlavtox
• #39366: Add hook on rendertemplate in CheckoutStep. Thank you, @alexandrebrubeyonds
• #39245: Fix: Back Office becomes inaccessible if the employee’s assigned language is deleted. Thank you, @Codencode
• #39232: Fix some informations in README. Thank you, @Touxten
• #39010: Save address choice on click. Thank you, @Matt75

Installer

• #39336: Install : Configure : Hide password error on keyup. Thank you, @Progi1984

Tests

• #39329: Update api module and optimise API UI tests. Thank you, @jolelievre
• #39299: BO : Products - Bulk Actions : Fixed error when no permissions. Thank you, @Progi1984
• #39291: Functional Tests : Bump @prestashop-core/ui-testing. Thank you, @Progi1984
• #39285: BO : Export SQL from Grid : Format SQL. Thank you, @Progi1984
• #39284: Command prestashop:list:commands-and-queries : Filter CQRS with (1) or without (0) an endpoint. Thank you, @Progi1984

Code changes in the ‘8.2.x’ branch

Back office

• #39430: Fix quantity in delivery slip if we have a refunded product. Thank you, @Touxten
• #39337: Fix: Cannot use newline in textarea on product page. Thank you, @Codencode
• #39321: Update Distribution API Client to include the new wall of fame. Thank you, @jolelievre
• #39274: Added closure of the ‘deleteCategoriesForm’ form. Thank you, @Codencode
• #39208: Fix: Carrier search not working when editing order’s carrier. Thank you, @Codencode
• #38622: Fix: New product catalog does not load images in multi-store. Thank you, @Codencode

Front office

• #39191: Fix: recoverCart link does not log the user. Stuck to process checkout step 1. Thank you, @Codencode

Code changes in the ‘develop’ branch

Back office

• #39418: Discount attributes condition in form. Thank you, @jolelievre
• #39363: Condition based on countries. Thank you, @tleon
• #39341: Fix shipments “items”. Thank you, @M0rgan01
• #39338: Update CQRS discount commands and queries to handle the carriers. Thank you, @jolelievre
• #39302: Fix shipments tab. Thank you, @M0rgan01
• #39246: Discount condition based on supplier. Thank you, @tleon
• #39140: Condition based on categories. Thank you, @tleon
• #39137: Create merge shipment form. Thank you, @M0rgan01

Core

• #39424: Update CSSJanus to wikimedia/cssjanus. Thank you, @Krinkle
• #39405: Export module translations command. Thank you, @kpodemski
• #39349: chore: Fixed version in the README version badge. Thank you, @tyloo
• #39197: Added PrestaShop version in bin/console. Thank you, @Codencode

Tests

• #39256: Functional Tests : BO - Cart rules - Actions : Send a free gift. Thank you, @Progi1984

Code changes in modules, themes and tools

API Resources

• #58: Adapt CQRSDelete endpoints to use command, add allowEmptyBody. Thank you, @jolelievre
• #55: Attribute group endpoints. Thank you, @jolelievre

Auto Upgrade module

• #1450: Translation catalog update. Thank you, @github-actions
• #1448: Translation catalog update. Thank you, @github-actions
• #1443: Use Distribution API to download zip files needed for the tests with the local channel. Thank you, @Quetzacoalt91
• #1442: Upgrade to PHPStan 2 following Docker image updated to PrestaShop v9. Thank you, @Quetzacoalt91
• #1441: [FEAT] remove all folder on uninstall except backups. Thank you, @ga-devfront
• #1440: Translation catalog update. Thank you, @github-actions
• #1439: Add new hook: actionModifyHtmlPurifierConfig for make the TinyMCEEditor more flexible and extensible via module. Thank you, @Codencode
• #1437: Make display of release notes optional in update notification modal. Thank you, @Quetzacoalt91
• #1433: Provide absolute URL to fix routing issues. Thank you, @Hlavtox

Automated tests on pull requests

• #92: Create API client via command line before running UI tests. Thank you, @jolelievre

Available quantities statistics module

• #31: Provide absolute URL to fix routing issues. Thank you, @Hlavtox

Catalog evaluation statistics module

• #32: Provide absolute URL to fix routing issues. Thank you, @Hlavtox

Catalog statistics module

• #37: Provide absolute URL to fix routing issues. Thank you, @Hlavtox

Category tree links module

• #80: Fix the link since the page migration. Thank you, @Touxten

Changes in developer documentation sources

• #2028: Fix typo in contribute-to-core-api.md. Thank you, @PrestaEdit
• #2027: Improve documentation on how to use custom parameters. Thank you, @MattKelvin
• #2024: Update CRUD-forms.md. Thank you, @Prestaworks
• #2022: Template preload.html.twig is not defined FAQ. Thank you, @kpodemski
• #2021: more changes to PrestaShop 9 docs. Thank you, @kpodemski
• #2020: Update adding-configuration-page-modern.md. Thank you, @dali-rajab
• #2018: feat: add missing use. Thank you, @PrestaEdit
• #2017: Fix a few things on API doc. Thank you, @jolelievre
• #2016: fix: avoid $currentIndex. Thank you, @PrestaEdit
• #2013: Add create cqrs endpoint doc. Thank you, @tleon

Check payment module

• #66: Fix Workflow use actions/cache@v4 instead of V1 or V2. Thank you, @Touxten

Custom text module

• #77: Fix link and Update CI. Thank you, @Touxten

Distribution API

• #67: Enable updates to PS 8.2.2 and update recommended Update Assistant version. Thank you, @Quetzacoalt91
• #66: Add 8.2.2 to the list. Thank you, @Touxten

Distribution API Client

• #65: Backport improvement for the release process. Thank you, @nicosomb
• #63: Fix service declaration for TopContributorsController. Thank you, @nicosomb
• #61: Release v2.1.0. Thank you, @jolelievre
• #60: Include new wall of fame for module v2.1.0. Thank you, @jolelievre
• #59: feat: [wall-of-Fame]- fix #58 : contributors data based on PRs. Thank you, @mattgoud
• #57: [Wall of Fame] Improve responsive and add some css vars. Thank you, @mattgoud

Docker images

• #441: Stop installing a lib deleted on Debian Trixie. Thank you, @Quetzacoalt91
• #440: Use the Docker image maintained by Google to get gcloud instead of installing it manually. Thank you, @Quetzacoalt91
• #436: Replace deprecated usage of ::set-output in Github actions. Thank you, @PrestaEdit
• #435: Sync backlog of Docker images. Thank you, @github-actions
• #434: Add Classic Editions. Thank you, @Progi1984
• #433: Update generated Dockerfile with the version.py. Thank you, @Quetzacoalt91
• #430: Update python version. Thank you, @Quetzacoalt91
• #426: Enable build of multi-platform images (amd64, arm32 & arm64). Thank you, @Quetzacoalt91
• #424: Add generator of backlog based on Distribution API contents. Thank you, @Quetzacoalt91

Docker internal images

• #46: Setup creation of image for PrestaShop v9. Thank you, @Quetzacoalt91

Faceted search module

• #1160: Release 4.0.1. Thank you, @Hlavtox

Hummingbird theme

• #754: [IMPROVEMENTS] fix redirect to [object History] issue and refacto update file. Thank you, @tblivet
• #746: [ACCESSIBILITY - PART 1] Homepage improvements . Thank you, @tblivet
• #745: [FIX] Cart qty update warning. Thank you, @tblivet

PrestaShop Flashlight

• #167: Disables http2 if not supported by nginx. Thank you, @Alexandre-Lematre

PrestaShop contributors website

• #185: Release 2025-08-06. Thank you, @Progi1984
• #184: Deploy : Use config for traces:fetch:repositories & Added topcompanies_prs.json. Thank you, @Progi1984
• #183: fix: depecated set-output. Thank you, @PrestaEdit
• #182: Release 2025-08-01. Thank you, @Progi1984
• #181: Added contributors_prs.json. Thank you, @Progi1984

Presthubot

• #357: slack:notifier : Fixed report for nightly (Update Matrix & Fix error). Thank you, @Progi1984
• #356: Replace deprecated usage of ::set-output in Github actions. Thank you, @PrestaEdit

Stats Dashboard module

• #34: Provide absolute URL to fix routing issues. Thank you, @Hlavtox

The PrestaShop open source project

• #298: Add @Touxten. Thank you, @PrestaEdit

Traces

• #123: Add Beyonds. Thank you, @alexandrebrubeyonds
• #122: fix: use the good ranking. Thank you, @PrestaEdit
• #120: Added former/contractants PrestaShop SA employees (Batch 7). Thank you, @Progi1984
• #119: updated avatar for impSolutions. Thank you, @kpodemski
• #118: correct company for kpodemski. Thank you, @kpodemski
• #117: fix: declare the good name. Thank you, @PrestaEdit
• #116: feat: add repositories inside sections. Thank you, @PrestaEdit
• #115: Added former/contractants PrestaShop SA employees (Batch 6). Thank you, @Progi1984
• #114: Add repos into documentation section. Thank you, @PrestaEdit
• #113: Added former/contractants PrestaShop SA employees (Batch 5). Thank you, @Progi1984
• #112: Compute contributions by commit for all companies. Thank you, @jolelievre
• #111: feat: get archived repositories if not excluded (config file). Thank you, @PrestaEdit
• #110: Added sarahdib as PrestaShop employee. Thank you, @Progi1984
• #109: Added TopCompanies based on year or on PS version. Thank you, @Progi1984
• #108: Add contributors from PrestaShop SA -> ga-devfront & gericfo. Thank you, @ga-devfront
• #102: Added former/contractants PrestaShop SA employees (Batch 4). Thank you, @Progi1984
• #101: Generate Contributors file based on PRs. Thank you, @Progi1984
• #100: Added former/contractants PrestaShop SA employees (Batch 3). Thank you, @Progi1984
• #99: Update companies.json add me. Thank you, @Touxten

UI Testing Library

• #669: Add new method to update logs min level in database. Thank you, @jolelievre
• #657: Add method to get API Client row by clientId. Thank you, @jolelievre
• #656: Create new API global variables. Thank you, @jolelievre

Thank you to the contributors whose pull requests were merged since the last Core Monthly Report: @Alexandre-Lematre, @Codencode, @Hlavtox, @Krinkle, @M0rgan01, @Matt75, @MattKelvin, @PoulainMaxime, @PrestaEdit, @Prestaworks, @Progi1984, @Quetzacoalt91, @ShaiMagal, @Touxten, @alexandrebrubeyonds, @aomaxime, @boherm, @dali-rajab, @ga-devfront, @github-actions, @iNem0o, @jolelievre, @kpodemski, @lukaslau, @mattgoud, @nicohery, @nicosomb, @tblivet, @tleon, @tyloo!

Thank you to the contributors whose PRs haven’t been merged yet! And of course, a big thank you to all those who contribute with issues and comments on GitHub!

Coding is only just one of the ways you can contribute. Here are some ideas on how you can get involved in the project.

If you need help with contributing or have questions about it, feel free to contact me, @kpodemski, on the project’s Slack.

Happy contributin’ everyone!