Files
templates/blueprints
Mauricio Siu 987fdf3c09 fix: composer security audit blocked pinned shopware/core, bump to 6.7.12.1
Bootstrap died with exit 2 because Composer >= 2.9 enables
audit.block-insecure by default: shopware/core v6.7.8.2 is now affected
by 9 security advisories (all fixed in 6.7.10.1+), so
'composer create-project shopware/production:6.7.8.2' failed to resolve
dependencies and the whole stack never started.

- Bump the pinned Shopware version to 6.7.12.1 (latest, advisory-free).
- Disable audit.block-insecure in the bootstrap's global composer config
  so advisories published after a version is pinned cannot brick fresh
  one-click deploys.
- Use APP_URL=http://${main_domain} per template conventions; an https
  APP_URL breaks storefront sales-channel matching when the Dokploy
  domain is served over plain http.

Verified on a Dokploy instance: full bootstrap + deployment-helper
install completed in ~4 min, storefront and /admin both return HTTP 200.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-07-08 02:26:08 -06:00
..