Skip to content

Saleor

v3.23.6 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 13d Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

cart checkout commerce composable e-commerce ecommerce
+12 more
graphql headless headless-commerce multichannel oms order-management payments pim python shop shopping-cart store

ReleasePort's take

Moderate signal
editorial:auto 13d

Release 3.23.6 of Saleor fixes several bugs including graceful handling of invalid JSON strings and correcting checkout deliveries invalidation.

Why it matters: Patch to version 3.23.6 immediately to prevent crashes from malformed JSON or incorrect checkout delivery states.

Summary

AI summary

Fixed checkout deliveries invalidation bug.

Changes in this release

Bugfix Medium

Reject empty-string channel ID in channelDelete mutation by @lkostrowski in PR 19223 (3.23 release).

Reject empty-string channel ID in channelDelete mutation by @lkostrowski in PR 19223 (3.23 release).

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Fix crash when telemetry is disabled and lifespan is enabled by @NyanKiyoshi in PR 19227.

Fix crash when telemetry is disabled and lifespan is enabled by @NyanKiyoshi in PR 19227.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Fix checkout deliveries invalidation by @lkostrowski in PR 19229 (3.23 release).

Fix checkout deliveries invalidation by @lkostrowski in PR 19229 (3.23 release).

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Gracefully handle invalid json string by @lkostrowski in PR 19206.

Gracefully handle invalid json string by @lkostrowski in PR 19206.

Source: llm_adapter@2026-05-21

Confidence: low
Bugfix Medium

Gracefully handle invalid JSON strings.

Gracefully handle invalid JSON strings.

Source: granite4.1:30b@2026-05-21-audit

Confidence: low
Other Medium

Release 3.23.6 by @lkostrowski in PR 19231.

Release 3.23.6 by @lkostrowski in PR 19231.

Source: llm_adapter@2026-05-21

Confidence: low
Full changelog

What's Changed

  • Gracefully handle invalid json string by @lkostrowski in https://github.com/saleor/saleor/pull/19206
  • [3.23] Reject empty-string channel ID in channelDelete mutation by @lkostrowski in https://github.com/saleor/saleor/pull/19223
  • fix: crash when telemetry is disabled and lifespan is enabled by @NyanKiyoshi in https://github.com/saleor/saleor/pull/19227
  • [3.23] Fix: checkout delvieries invalidation by @lkostrowski in https://github.com/saleor/saleor/pull/19229
  • Release 3.23.6 by @lkostrowski in https://github.com/saleor/saleor/pull/19231

Full Changelog: https://github.com/saleor/saleor/compare/3.23.5...3.23.6

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Saleor

Get notified when new releases ship.

Sign up free

About Saleor

Django based open-sourced e-commerce storefront.

All releases →

Related context

Beta — feedback welcome: [email protected]