v2.14.2

Highlights

Price List Metadata Support

Price lists now support custom metadata fields, enabling you to store additional business context and custom attributes alongside your pricing configurations. This adds flexibility for commerce applications that need to track extra information like campaign names, seasonal markers, or custom business logic flags.

Native Price List Filtering Performance

The products listing API now resolves price_list_id filters directly through the index engine rather than post-processing results. This significantly improves query performance when filtering products by price lists, especially for large product catalogs.

Features

• feat(pricing,medusa,dashboard,types): add metadata support for price lists by @NicolasGorga in #15238
• feat(index, medusa): resolve price_list_id natively via index engine by @srindom in #15249
• feat(medusa,js-sdk,types): add POST /admin/payment-collections/:id/payment-sessions by @GBreg19 in #15169

Bugs

• fix(medusa): speed up products list with price_list_id filter by @srindom in #15247
• fix(dashboard): allow clearing optional collection, type, and country fields by @bqst in #14012
• fix(medusa): API workflow subscription by @v0eak in #15134
• fix: replace dead via.placeholder URL by @kiluazen in #15170
• fix(framework): preserve rawBody for text and urlencoded body parsers by @rnagulapalle in #15202
• fix(auth): preserve app_metadata and user_metadata across token refresh by @saheersk in #15137
• fix(dashboard,region): fix currency code unset when updating region by @shahednasser in #15228
• fix(dashboard): fix type import targeting framework instead of types by @NicolasGorga in #15232
• fix: pass container to MedusaAppLoader in runMigrationScripts to resolve AwilixResolutionError by @AKIB473 in #15103
• fix(dashboard): pick existing rules field in PricingDetailsSchema (closes #15207) by @mvanhorn in #15208
• fix(dashboard): compute selected value for eq operator in promo rule value form by @NicolasGorga in #15201
• fix(core-flows): cancel-order credit line ignores pre-existing refunds by @langovoi in #15153
• fix(medusa,types,loyalty-plugin): remove unused parameter + export step by @shahednasser in #15189

Documentation

• docs: fix typo in tutorial summary by @houdayec in #15243
• docs: add TSDocs for a0e57e4 by @shahednasser in #15244
• docs: add TSDocs for 243e885 by @shahednasser in #15242
• docs: use cookies on server and client by @shahednasser in #15245
• docs: add TSDocs for aa40764 by @shahednasser in #15236
• docs: changes to intro pages by @shahednasser in #15235
• docs: add TSDocs for a961731 by @shahednasser in #15230
• docs: fix admin.path reserved paths typedoc and add standalone build guidance by @ashif323 in #15193
• docs: change announcement indicator to green by @shahednasser in #15225

Chores

• chore: change changeset to patch by @shahednasser in #15250
• chore: wire up release pipeline with draft release notes by @shahednasser in #15246
• chore(dashboard): fix type and lint errors (16/16) by @shahednasser in #15224
• chore(dashboard): fix type and lint errors (15/n) by @shahednasser in #15223
• chore(dashboard): fix type and lint errors (9/n) by @shahednasser in #15217
• chore(dashboard): fix type and lint errors (12/n) by @shahednasser in #15220
• chore(dashboard): fix type and lint errors (8/n) by @shahednasser in #15216
• chore(dashboard): fix type and lint errors (14/n) by @shahednasser in #15222
• chore(dashboard): fix type and lint errors (13/n) by @shahednasser in #15221
• chore(dashboard): fix type and lint errors (11/n) by @shahednasser in #15219
• chore(dashboard): fix type and lint errors (10/n) by @shahednasser in #15218
• chore(dashboard): fix type and lint errors (6/n) by @shahednasser in #15214
• chore(dashboard): fix type and lint errors (7/n) by @shahednasser in #15215
• chore(dashboard): fix type and lint errors (4/n) by @shahednasser in #15212
• chore(dashboard): fix type and lint errors (5/n) by @shahednasser in #15213
• chore(dashboard): fix type and lint errors (3/n) by @shahednasser in #15211
• chore(dashboard): fix type and lint errors (2/n) by @shahednasser in #15210
• chore(dashboard): fix type and lint errors (1/n) by @shahednasser in #15209
• chore(docs): Generated + Updated UI Reference (automated) by @github-actions in #15198
• chore(docs): Update version in documentation (automated) by @github-actions in #15197

New Contributors

• @houdayec made their first contribution in #15243
• @kiluazen made their first contribution in #15170
• @rnagulapalle made their first contribution in #15202
• @saheersk made their first contribution in #15137
• @AKIB473 made their first contribution in #15103
• @mvanhorn made their first contribution in #15208
• @langovoi made their first contribution in #15153
• @ashif323 made their first contribution in #15193

Full Changelog: v2.14.1...v2.14.2

v2.14.1

Highlights

Fix currency and translation management regression in admin dashboard

A regression in the admin dashboard that affected currency code and translation management has been fixed. This issue was caused by incorrect usage of Zod's z.record function after the upgrade to Zod v4, which broke form validation for currencies and translations.

#15194

Features

• feat(create-medusa-app,medusa): ask to install claude code plugin by @shahednasser in #15182

Bugs

• fix(dashboard): use two-arg z.record for Zod v4 in currencies and translations forms by @ornakash in #15194

Documentation

• docs: generate OAS for 2.14.0 by @shahednasser in #15188

Chores

• chore(docs): Generated References (automated) by @app/github-actions in #15187
• chore(docs): Generated + Updated UI Reference (automated) by @app/github-actions in #15186
• chore(docs): Generated DML JSON files (automated) by @app/github-actions in #15185
• chore(docs): Update version in documentation (automated) by @app/github-actions in #15184
• chore(docs): doc changes for next release (automated) by @shahednasser in #15048
• Chore: Release by @app/github-actions in #15046

Full Changelog: v2.14.0...v2.14.1

v2.14.0

Highlights

This release open sources the Loyalty plugin and includes breaking changes related to Zod, account creation, and more. Please read carefully before updating.

Zod Updated to v4

🚧 Breaking change

Medusa has been upgraded its Zod dependency from v3 to v4. This includes updates to all internal validation schemas and type definitions. For most users, this upgrade is seamless, but if you're using custom validation schemas or directly interacting with Zod types in your project, you may need to:

1. Explicitly install Zod v4.2.0 if you have Zod installed in your backend.
2. Update your Zod usage based on their migration guide. We've also drafted the following prompt that you can use with agents like Claude Code to migrate your Zod usage:

Zod Migration Agent Prompt

I've updated my project to v2.14.0 of Medusa, which upgrades Zod to v4. This is a breaking change. Migrate all Zod v3 usage in my project to Zod v4.

Do NOT modify anything inside node_modules or the Medusa packages themselves — only migrate my custom code (e.g. custom API routes, modules, workflows, plugins, validators, admin customizations).

## Breaking changes to fix

### Error customization
- Replace `invalid_type_error` and `required_error` options with the unified `error` param
  - BEFORE: z.string({ invalid_type_error: "Not a string", required_error: "Required" })
  - AFTER:  z.string({ error: (issue) => issue.input === undefined ? "Required" : "Not a string" })
- Rename `errorMap` option to `error` wherever used

### ZodError
- Replace `.format()` and `.flatten()` calls with `z.treeifyError(err)`
- Remove `.formErrors` usage (identical to deprecated `.flatten()`)
- Replace `.addIssue()` / `.addIssues()` calls with direct pushes to `err.issues`

### z.string() format validators
- Replace `z.string().email()` with `z.email()` (top-level)
- Replace `z.string().url()` with `z.url()` (top-level)
- Replace `z.string().uuid()` with `z.uuid()` — note: now RFC 9562 strict; use `z.guid()` if lenient matching is needed
- Replace `z.string().ip()` with `z.ipv4()` or `z.ipv6()` depending on intent
- Replace `z.string().cidr()` with `z.cidrv4()` or `z.cidrv6()` depending on intent
- Replace `z.string().emoji()` with `z.emoji()` (top-level)
- Replace `z.string().base64url()` — note it no longer accepts padding

### z.number()
- Remove any inputs passing Infinity or -Infinity — they are now rejected
- Review `.safe()` usage — it now behaves like `.int()` and rejects floats

### z.object()
- Replace `.strict()` with `z.strictObject({ ... })`
- Replace `.passthrough()` with `z.looseObject({ ... })`
- Replace `.strip()` — it's now the default; just remove it
- Remove `.nonstrict()` — deleted entirely
- Remove `.deepPartial()` — deleted; implement manually if needed
- Replace `.merge(other)` with `.extend(other.shape)` or spreading shapes

### z.nativeEnum()
- Replace `z.nativeEnum(MyEnum)` with `z.enum(MyEnum)` — `z.enum()` now handles
  native TypeScript enums directly

### z.array()
- Review `.nonempty()` usage — it now returns `string[]` (not a tuple), so type
  inference changes if you relied on the first-element guarantee

### z.record()
- Replace single-argument `z.record(valueSchema)` with `z.record(z.string(), valueSchema)`

### .refine()
- Remove type predicate functions from `.refine()` — they no longer narrow types
- Remove any use of `ctx.path` inside refine callbacks — unavailable in v4
- Remove function as second argument to `.refine()` for custom error messages;
  use the `error` option in the options object instead:
  - BEFORE: schema.refine(fn, (val) => ({ message: `${val} is invalid` }))
  - AFTER:  schema.refine(fn, { error: (issue) => `${issue.input} is invalid` })

### Removed APIs
- Remove `z.ostring()`, `z.onumber()`, `z.oboolean()` — use `z.string().optional()` etc.
- Remove `z.literal()` with symbol values
- Remove `.create()` static factory calls — use the `z.*()` functions directly
- Remove `z.promise()` wrappers — await the value before parsing instead

### Internal / advanced usage
- Replace `._def` access with `._zod.def` if you introspect Zod schema internals
- Replace `ZodEffects` type references with the appropriate new types

## Instructions

1. Search the entire project (excluding node_modules) for Zod imports and usage.
2. For each file, apply the relevant fixes above.
3. After migrating, build the Medusa project (`medusa build`) which will run TypeScript type checking to catch any remaining type errors introduced by the generics restructure (ZodType now uses only Output and Input generics instead of three).
4. Run any existing tests to verify runtime behavior is unchanged.
5. Summarize what was changed per file.

#14309

---

React v19 Support in Icons Package

🚧 Breaking change

The Medusa Icons package has been upgraded to support React v19. If you've installed the icons package directly and haven't upgraded to React v19 yet, you may need to update your React version or pin to an earlier version of the icons package. Otherwise, no action is needed.

#14791

---

Monorepo Project Structure for New Applications

🚧 Breaking change

The create-medusa-app command and medusa new CLI now create projects using a monorepo structure based on the dtc-starter template. This provides better separation of concerns between the backend and storefront applications, and allows you to deploy your project to Medusa Cloud seamlessly.

yarn dlx create-medusa-app@latest my-medusa-store
# Creates a monorepo with separate backend and storefront packages

With this change, the medusa-starter-default and the Next.js Starter Storefront repositories are now deprecated in favor of the unified monorepo approach.

#14999

---

HTTP Types Consistent with Zod Schemas

🚧 Breaking change

We've updated our HTTP types exported from @medusajs/framework/types to match exactly the Zod schemas used to validate API routes in the Medusa core. This change doesn't impact most users, and it doesn't impact the API routes interfaces. However, if you've explicitly used or relied any of the following types, make sure to apply the required changes.

HTTP types breaking changes

Renamed types

• InventoryLevel renamed to AdminInventoryLevel.
• AdminPricePreferenceParams renamed to AdminGetPricePreferenceParams.

Properties made required

• AdminCreatePricePreference.attribute and .value: changed from optional string? to required string.
• AdminCreateProductVariantInventoryKit.required_quantity: changed from optional to required.

Properties removed

• AdminProductCategoryListParams.name: removed from the filter type.
• BaseClaimListParams.q: search query field removed (also affects AdminClaimListParams).
• StoreCustomerAddressFilters.company and .province: removed from store-facing address filters.

Properties with changed types

• AdminCreateProductVariantPrice.rules: changed from { region_id: string } | null to Record<string, string> — null is no longer a valid value.
• AdminUpdateProductVariant.prices: changed from AdminCreateProductVariantPrice[] to AdminUpdateProductVariantPrice[].
• AdminInventoryItemsParams.location_levels: changed from Record<"location_id", string | string[]> to { location_id?: string | string[] }.
• metadata in AdminCreateCollection, AdminUpdateCollection, AdminCreateOrderFulfillment, AdminCreateOrderShipment, AdminCreateProductCategory, AdminUpdateProductCategory: changed from Record<string, any> to Record<string, unknown> | null.
• AdminCreateFulfillmentItem.line_item_id and .inventory_item_id: changed from string | undefined to string | null.
• Address string fields in StoreAddAddress, OrderAddress, AdminFulfillmentDeliveryAddress, BaseCreateCustomerAddress, and BaseUpdateCustomerAddress (first_name, last_name, phone, company, address_1, address_2, city, country_code, province, postal_code, address_name): changed from string | undefined to string | null.

---

Open Source Loyalty Plugin

The Loyalty Plugin that was previously only available to Medusa Cloud users is now open sourced. It provides features related to gift cards and account credits. You can also build on top of it features like loyalty points, referrals, and more.

To use the Loyalty Plugin, you must install it manually. Run the following command to install it:

yarn add @medusajs/loyalty-plugin # replace with your package manager

Then, add it to your list of plugins in medusa-config.ts:

// medusa-config.ts
import { loadEnv, defineConfig } from '@medusajs/framework/utils'

loadEnv(process.env.NODE_ENV || 'development', process.cwd())

module.exports = defineConfig({
  // ...
  plugins: [
    {
      resolve: "@medusajs/loyalty-plugin",
      options: { },
    }
  ],
})

Finally, run migrations to create the necessary tables:

npx medusa db:migrate

#14711

---

Enhanced JavaScript SDK with ESM Support

The Medusa JavaScript SDK now includes explicit .js extensions for all relative imports, ensuring full ESM compliance and better compatibility with modern bundlers and Node.js environments.

#15037

---

Repository-wide Currency C...

v2.13.6

This release includes an update for MikroORM dependencies to v6.6.12 due to recent security vulnerabilities. While Medusa's core API routes were not impacted by the security vulnerability as they're guarded with Zod validation, it may impact custom API routes if they're not properly guarded. So, we highly recommend updating your Medusa project to avoid potential security vulnerabilities.

There are no breaking changes at Medusa's level due to this update. However, if you use MikroORM and the entity manager in your code, we advise you to read MikroORM's v6.5 and v6.6 release announcements for potential changes.

What's Changed

Features

• feat(http-types-generator): Add an HTTP types generator and validator for Zod schemas by @shahednasser in #14988

Bugs

• fix: Add hosting section to README by @sradevski in #14969

Documentation

• chore: update yarn.lock by @shahednasser in #14944
• chore(docs): Updated UI Reference (automated) by @github-actions[bot] in #14947
• chore(docs): Updated API Reference (automated) by @github-actions[bot] in #14948
• chore(docs): Generated References (automated) by @github-actions[bot] in #14952
• chore: update version in docs by @shahednasser in #14949
• docs: fix data model index documentation not working by @shahednasser in #14959
• chore: support documentation changes automation by @shahednasser in #14968
• docs-utils: automate cloud doc changes by @shahednasser in #14974
• docs: changes to Cloud plans by @shahednasser in #14958
• docs: fix cloud pricing page by @shahednasser in #14979
• Correct 'Buy Y' to 'Get Y' in promotion instructions by @NicolasGorga in #14990
• docs: add note on Redis service plan availability by @shahednasser in #15004
• docs: update Bloom link to correct URL by @shahednasser in #15022
• docs: fix posthog capture for md event by @shahednasser in #15023
• chore: update glob to latest version by @shahednasser in #15005

Chores

• chore: fix example in tsdocs of translations js sdk by @shahednasser in #14953
• chore: add syncing for docs relaese branch by @shahednasser in #14970
• chore: automate TSDocs generation by @shahednasser in #14980
• chore: fix automation actions to add line break by @shahednasser in #14982
• chore: add new rules to the writing-docs skill by @shahednasser in #14983
• chore: set base branch for claude action by @shahednasser in #14989
• chore: fix claude token + run install and build in www by @shahednasser in #14992
• chore: change build command to build packages only in workflows by @shahednasser in #14994
• chore: update claude action prompt with clear guidelines on skill loading by @shahednasser in #14998
• chore(core-flows): Fix comments for removePriceListPricesWorkflow input ids by @NicolasGorga in #15000
• chore: fix PR update for docs automation by @shahednasser in #15002
• chore: fix error in updating docs automation pr by @shahednasser in #15003
• chore: update mikro-orm to 6.6.12 by @shahednasser in #15018
• chore: automate releases by @olivermrbl in #15029

Other Changes

• fix(cli): close leaked file descriptor in clearProject by @buley in #14917
• fix: use exponential backoff in Redis lock acquisition retries by @peterlgh7 in #14954
• Chore: Release by @github-actions[bot] in #15030

New Contributors

• @buley made their first contribution in #14917

Full Changelog: v2.13.5...v2.13.6

v2.13.5

Features

• feat: Improve filtering for workflow executions by @sradevski in #14898
• feat(dashboard,medusa,types): improve order timeline UI by @NicolasGorga in #14935

Bugs

• fix(dashboard): handle single-line errors (without file details) by @shahednasser in #14914
• fix(dashboard): use product default fields on Admin dashboard exports by @NicolasGorga in #14931
• fix: Update injected storefront envvars for Cloud by @sradevski in #14918

Documentation

• chore(docs): Generated References (automated) by @github-actions[bot] in #14893
• chore(docs): Updated API Reference (automated) by @github-actions[bot] in #14892
• docs: add note clarifying pnpm support by @shahednasser in #14896
• docs: added integration docs for Bloom by @shahednasser in #14907
• docs: add S3 info, storefront runtime, and guide on renaming repos for Cloud by @shahednasser in #14908
• docs: redesign docs content by @shahednasser in #14909
• docs: fixes following content redesign by @shahednasser in #14912

Chores

• chore(docs): Update version in documentation (automated) by @github-actions[bot] in #14890
• chore(docs): Updated UI Reference (automated) by @github-actions[bot] in #14891
• Chore/increase stale thresholds by @NicolasGorga in #14929
• chore: disable rbac user link when ff is off by @carlos-r-l-rodrigues in #14933

Other Changes

• fix: replace hardcoded fulfillment status strings with i18n translati… by @bittoby in #14837
• Expose payment & fulfillment status helpers by @pepijn-vanvlaanderen in #14302
• fix(i18n): add missing Brazilian Portuguese translations by @VicenzoMF in #14915
• fix: use in-memory modules if REDIS_URL unset by @peterlgh7 in #14932

New Contributors

• @bittoby made their first contribution in #14837
• @VicenzoMF made their first contribution in #14915

Full Changelog: v2.13.4...v2.13.5

v2.13.4

Features

• feat(order,payment): make return and refund reason translatable by @NicolasGorga in #14797
• feat: carry over promotions flag on claims by @fPolic in #14842
• feat(dashboard): show error details in development mode by @shahednasser in #14875

Bugs

• fix(core-flows): ensure reason ids is an array in validateReturnReasons util by @NicolasGorga in #14836
• fix(ui): propagate data table scroll by @fPolic in #14849

Documentation

• chore(docs): Updated UI Reference (automated) by @github-actions[bot] in #14822
• docs: remove ignored resources from references by @shahednasser in #14841
• docs: add plaintext doc message to markdown content responses by @shahednasser in #14888

Chores

• chore(docs): Update version in documentation (automated) by @github-actions[bot] in #14821
• chore: add ignore tags for rbac by @shahednasser in #14839
• chore: Fix zod imports in RBAC by @olivermrbl in #14866

Other Changes

• fix: exit build with error if types generation fails by @peterlgh7 in #14852
• docs(resources): fix venue schema import in ticket booking guide by @flatplanetpl in #14868

New Contributors

• @flatplanetpl made their first contribution in #14868

Full Changelog: v2.13.3...v2.13.4

v2.13.3: Fixes regression with entity on query config

Highlights

Fixes regression with undefined entity on req.queryConfig

In v2.13.2 req.queryConfig started including an entity property even when its value was undefined. This caused routes that spread req.queryConfig into query.graph() to have their entity property overwritten by undefined, resulting in the exception: Service with alias "undefined" was not found error. This release fixes the issue by only setting the entity property in req.queryConfig when it indeed has a value.

#14815

Bugs

• fix(core-flows): prevent exception when deleting product/variant with orphaned inventory by @NicolasGorga in #14805
• fix(framework): remoteQueryConfig undefined entity regression by @NicolasGorga in #14815

Chores

• chore(types): add external_id to product list params type by @asgerjensen in #14802

Full Changelog: v2.13.2...v2.13.3

v2.13.2: Admin dashboard fixes and DX improvements

⚠️ Warning: v2.13.2 introduces a regression that causes req.queryConfig to include entity: undefined, which can break routes that spread req.queryConfig into query.graph() (e.g., query.graph({entity: "some_entity", ...req.queryConfig })), resulting in a Service with alias "undefined" was not found error. Please upgrade to v2.13.3, which fixes this issue. See #14815 for details.

Highlights

Fix credit line computation on order cancellation and refunding

When cancelling an order with multiple payments (some cancelled or pending), the credit line amount was being incorrectly computed based on all payment amounts, regardless of status. This could result in large negative pending differences. The computation now only considers captured amounts, ensuring accurate credit line totals.

#14670

When refunding an order's payments, the credit line amount was being incorrectly computed based on all payments, regardless of the outcome of their corresponding refund. The computation now only takes into account successful refunds.

#14781

Filter orders by total amount (view configuration FF enabled) and define max file upload size

Provided the View Configurations feature flag is enabled, the order table now allows filtering orders by their total amount by mapping the value to the underlying order_summary field.

#14146

We previously introduced a 1MB limit on file uploads. To attend to different use cases, this release introduces the ability to configure this limit through the medusa-config file. This can be configured as shown below:

// medusa-config.ts
  import { defineConfig } from "@medusajs/framework/utils"

  export default defineConfig({
    admin: {
      // Set max upload size to 10MB
      maxUploadFileSize: 10 * 1024 * 1024,

      // Or disable the limit entirely
      // maxUploadFileSize: Infinity,
    },
    // ... other config
  })

#14720

Show all plugin settings routes in the dashboard

Up until now, only the first plugin's settings routes have appeared in the admin dashboard. If multiple plugins register settings pages, only one would show. All plugin settings route children are now correctly merged and displayed.

#14461

Fix create-medusa-app storefront installation when using pnpm

When installing Medusa with pnpm and enabling the Next.js Starter Storefront, an error was raised mentioning pnpm is not available. This release includes dynamic resolution of the package manager set in package.json to match the one being used by the user.

#14681

Test files no longer break medusa develop

Previously, having test files (.spec.ts, .test.ts) inside src/workflows, src/subscribers, or src/jobs directories would cause jest is not defined errors when running medusa develop. The resource auto-loader now excludes test files and __tests__/ directories, so they can be placed alongside the source code without issues.

#14292

Stripe Payment provider improvements

Previously, if a refund was performed in the Stripe dashboard directly, when trying to create the corresponding Medusa refund, the Stripe provider would throw an error. We know handle this scenario gracefully.

14746

Deleting a customer in Stripe is a permanent action, and if the createPaymentSessionWorkflow failed, this action was performed as part of a compensation function, trapping the customer in a loop when trying to create the account holder in subsequent attempts. We now avoid compensating the createPaymentAccountHolderStep inside the workflow.

14112

Translations no longer crash on primitive arrays

If an entity had a JSONB column containing an array of primitive values (e.g., ["foo", "bar"]), the translation utility would crash with a TypeError when attempting to treat strings as translatable entities. This is now handled gracefully.

#14565

Features

• feat(medusa): filter query fields (RBAC field filtering) by @carlos-r-l-rodrigues in #14588
• feat: add forbidden error 403 by @carlos-r-l-rodrigues in #14665
• feat: Allow passing session_token to S3 credentials when using an access key by @sradevski in #14778
• feat: Add dynamodb packages as dependencies by @sradevski in #14721
• feat: Introduce filtering by orders total on the Admin UI by @adevinwild in #14146
• feat(admin): add configurable maximum file upload size by @arjusmoon860 in #14720
• feat(medusa,types): add metadata field to AdminUpsertStockLocationAddress and validators by @bouazzaayyoub in #14557

Bugs

• fix(framework): exclude test files from resource auto-loading by @florianhv in #14292
• fix(orchestration): continueOnPermanentFailure when timeout by @carlos-r-l-rodrigues in #14719
• fix(core-flows): only consider captures amounts for credit line amount computation by @NicolasGorga in #14670
• fix(dashboard): settingsRoutes list error (all plugin settings routes now visible) by @chuxi in #14461
• fix(dashboard): pass product ID explicitly to edit option form by @marlinjai in #14631
• fix(dashboard): Added the __BASE__ prefix to the datatable row on click by @adevinwild in #14118
• fix(dashboard): fix toggleable number cell set value by @NicolasGorga in #14619
• fix(dashboard): fix view configurations order filters by @NicolasGorga in #14620
• fix(admin): Fix table cell stacking in RTL languages by @iharshyadav in #14568
• fix(utils): Translations crash on primitive arrays by @Mohammed-AlSharafi in #14565
• fix(types): fix item type for shipping option price calculation by @shahednasser in #14725
• fix(types): make images of product variant optional by @shahednasser in #14689
• fix(js-sdk): fix return type of listAddresses by @shahednasser in #14712
• fix(icons): default viewBox by @fPolic in #14700
• fix(create-medusa-app): fix installations with storefronts for pnpm by @shahednasser in #14681
• fix(cart): add completed_at to FilterableCartProps interface by @webgodo in #14658
• fix(medusa-cli): verbose log level event name typo by @nenadfilipovic-builtt in #14669
• fix: correct provirder typo to provider across files by @Anexus5919 in #14614
• fix: add marked_shipped_by to create order shipment by @Fadyy22 in #14660
• fix(core-flows): credit only successful refunds upon order cancellation by @NicolasGorga in #14781
• fix(ui): stale filters when selecting a view by @adevinwild in #14160
• fix(dashboard): Initialize complete price structure for variants in price list edit by @docloulou in #14273
• fix(core-flows,order): avoid returning recreated credit lines due to version bumping as new credit lines in
  createOrderCreditLinesWorkflow by @NicolasGorga in #14715
• fix(payment-stripe): handle refunds happening outside of Medusa by @NicolasGorga in #14746
• fix(payment-stripe): Prevent the Stripe payment provider to delete Stripe customers by @adevinwild in #14112
• fix(dashboard): handle undefined payment_collections in order table calculations by @bqst in #14523
• fix(admin): use is_tax_inclusive as column id in store add-currencies form by @webgodo in #14677
• fix(medusa): resolve user_id from user linked to secret key on draft order edit with api-key auth by @NicolasGorga in #14053

Documentation

• docs: added support in Cloud for Next.js 16 by @shahednasser in #14729
• docs: add missing section on custom validation for admin custom auth by @shahednasser in #14682
• docs: add constraint for loops in workflows by @shahednasser in #14639
• docs: add tanstack start solid to supported storefront framework in Cloud by @shahednasser in #14649
• docs: fix Dockerfile COPY command for .yarn/releases directory by @alexander-wolf in #14710
• docs: update API reference for the loyalty plugin by @shahednasser in #14750
• docs: added information about Claude Code storefront plugin by @shahednasser in #14685
• docs: add a...

v2.13.1: Fixes regression with totals on order listing

Highlights

Fixes regression with totals on order listing

This release fixes a bug introduced in v2.13.0 around total fields selection when listing orders. The bug occurs when loading order items with their relations using the select-in strategy:

1. The code maps field selections from items.* to items.item.* to load OrderLineItem data
2. However, critical OrderItem fields like quantity live on items.detail, not on items.item
3. These fields were being dropped during the mapping process
4. Without quantity data, the order totals couldn't be calculated correctly

The select-in strategy is used when listing orders with pagination options, which is for example used in the GET /admin/orders and GET /admin/draft-orders endpoints.

This fix adds compensatory logic that ensures when items.item.* fields are selected, the corresponding items.* fields are also selected or preserved. This prevents the data required for order calculations from being removed.

Bugs

• fix(medusa): use http type for batch translation settings request by @shahednasser in #14612
• fix(core-flows): recompute adjustments for draft orders after changes are added by @fPolic in #14511
• fix(order): item relation loading in select-in path by @fPolic in #14629

Documentation

• docs: changes for v2.13.0 by @shahednasser in #14524
• chore(docs): Updated API Reference (automated) by @github-actions[bot] in #14609
• docs: fix references pipeline + generate references for v2.13.0 by @shahednasser in #14623

Chores

• chore(docs): Updated UI Reference (automated) by @github-actions[bot] in #14608
• chore(docs): Generated DML JSON files (automated) by @github-actions[bot] in #14607
• chore(docs): Update version in documentation (automated) by @github-actions[bot] in #14611
• chore(medusa): default medusa policies by @carlos-r-l-rodrigues in #14542

Full Changelog: v2.13.0...v2.13.1

v2.13.0: Improved Translations, Priority-based event processing, Better pnpm support

Highlights

Zod dependency restructuring

🚧 Breaking change

This release adds zod as a dependency of @medusajs/framework.

This change has been marked as breaking although for the vast majority of projects, existing zod imports will continue to work through either as a direct dependency (if zod is installed directly in your project), or a transitive dependency.

Developers using pnpm couldn't access zod due to strict dependency isolation. Since zod is essential for Medusa development, making it a framework export ensures consistent versioning and accessibility, similar to other third-party libraries used in Medusa.

Migration

Update your zod imports from:

import { z } from "zod"

To:

import { z } from "@medusajs/framework/zod"

We've added a codemod to automate this migration. After updating to the latest version, run:

npx medusa codemod replace-zod-imports

#14441
#14520

---

Improved Translations

Translation Settings Management UI

This release adds a new admin dashboard interface for managing translation settings, allowing merchants to configure which entities and fields are translatable directly from the UI.

Translatable modifier in the Data Model API

This release adds a new .translatable() modifier for text properties in the Data Model API.

Example Usage:

const Store = model.define("store", {
  name: model.text().translatable(),
  description: model.text().translatable(),
})

These two changes to Translations improve the experience of managing translatable entities and their translatable fields. When the translatable modifier from the Data Model API is used, the entity will automatically be marked as translatable. This will make it available for configuration in the admin dashboard. Merchants can select what fields of each entity needs translation.

In https://github.com/medusajs/medusa/releases/tag/v2.12.4, we added support for translating custom entities by specifying them in the module options of Translations. This option has been removed in favor of the changes in this release. As described above, entities that has any field with the .translatable() modifier will be marked as translatable.

The following are required actions, if you have already translated data models from custom modules:

• Remove the entities option from the translation module in medusa-config.ts
• Add the .translatable() property to fields in your data model definitions
• Configure the translatable entities from the new management view in the admin dashboard

Existing translations for custom data models will remain as is after the upgrade.

Translations is still an experimental feature. Enable it in your project by following the guide in our documentation.

#14494
#14541

---

Priority-based event processing

This release introduces a priority queue system for event processing to improve system responsiveness and prevent internal events from blocking critical business operations.

Key Changes

• Event processing now uses priority levels to determine processing order (lower number = higher priority)
• Internal system events are automatically assigned the lowest priority to prevent queue overload
• Critical business events like order placement are processed first with high priority (priority 10)
• All other events default to standard priority (priority 100)
• Priority can be customized at message, emit, or module level for fine-grained control

This ensures that important customer-facing events (e.g., order confirmations) are processed immediately, even during high-volume internal system operations.

#14476

---

Improved support for pnpm

This release resolves common issues with pnpm for new installations.

create-medusa-app now installs Medusa with the package manager you're using:

yarn dlx create-medusa-app@latest # install with yarn
pnpm dlx create-medusa-app@latest # install with pnpm
npx create-medusa-app@latest # install with npm

You can alternatively use the --use-npm, --use-yarn, or --use-pnpm options to specify the package manager to use.

Note: we recommend using yarn or pnpm to install dependencies. npm is known to be slower.

---

Filtering admin notifications

This release introduces a fixed filter, channel=feed, on notifications fetched for the notification drawer in Medusa Admin.

This was always intended to ensure we only show notifications that are purpose-built for the notification drawer. Other channel notifications will break the rendering of the drawer, since they don't have the required content format for the component.

#14549

---

React Router upgrade

This release bumps react-router-dom from 6.20.1 to 6.30.3 to eliminate a security vulnerability. See advisory here.

If your project has react-router-dom installed explicitly, please upgrade to version 6.30.3.

---

Claude Code Plugins

We've published new Claude Code plugins to assist you in your development with Medusa. The medusa-dev plugin gives Claude the knowledge to help you in building customizations in your backend, admin, and storefront.

To install the plugin:

claude # start claude code
/plugin marketplace add medusajs/medusa-claude-plugins
/plugin install medusa-dev@medusa

Then, you can ask Claude Code to build Medusa features, fix bugs, and more. Claude Code will use the skills in the plugin to provide you with accurate and relevant Medusa code.

For example, you can run the following prompts to create a product reviews feature:

Implement a product reviews feature. Authenticated customers can add reviews. Admin users can view and approve or reject reviews from the dashboard

Features

• feat(DML): Add a new translatable property modifier applicable on text by @adrien2p in #14494
• feat(deps,framework): add zod as framework dependency by @shahednasser in #14441
• feat(create-medusa-app): add support for pnpm and specifying package manager by @shahednasser in #14443
• feat(events): Implement default priority-based event processing by @adrien2p in #14476
• feat(config): Default event worker concurrency to 3 on cloud by @adrien2p in #14477
• feat(core-flows,types,utils,medusa): Translate tax lines by @NicolasGorga in #14359
• feat(medusa-cli): add codemod command + codemod for replacing zod imports by @shahednasser in #14520
• feat(translation,fulfillment,customer,product,region,tax,core-flows,medusa,types): Implement dynamic translation settings management by @NicolasGorga in #14536
• Feat(): improve module typings in medusa config and prepare event config typings by @adrien2p in #14478
• feat(medusa): Prevent build command from throwing on missing config by @adrien2p in #14540
• feat(core-flows): Allow payment session status captured to be processable upon cart completion by @NicolasGorga in #14527
• feat(create-medusa-app): add facts for Claude Code plugin and MCP server by @shahednasser in #14578
• feat(dashboard,translation,js-sdk,medusa,types): Translation settings management UI by @NicolasGorga in #14541

Bugs

• fix: Add schema only flag on Medusa app loader by @adrien2p in #14502
• fix(core-flows): Avoid throwing if no prices found for variant when adding to cart custom price item by @NicolasGorga in #14528
• fix(utils): fix import of caching and translation modules to be from @medusajs/medusa by @shahednasser in #14519
• fix(dashboard): filter feed channel notifications in admin dashboard by @NicolasGorga in #14549
• fix(core-flows): pass created_by to fulfillment input by @NicolasGorga in #14561
• fix: fix validation in posthog analytics identify by @peterlgh7 in #14562
• fix(core-flows): Prevent calling list methods unnecessarily in various update workflows by @NicolasGorga in #14567
• fix(docs): Remove spread operators and let mergeConfig handle merging by @NicolasGorga in #14558
• fix(create-medusa-app): fix error handling when thrown error is a string by @shahednasser in #14555
• fix(utils): support both path and parentPath in migration file by @riqwan in #14576
• fix(cli): show clear error when running outside a Medusa project by @shahednasser in h...