May 2026 release

Release: 5.2.2605.600+sts

The following is a list of the release's bug fixes and enhancements. Some bug fixes may address existing support articles. A comprehensive list is at the bottom of this page.

Release highlights

• Promotions – Additional configurations are available for further promotions customization. See Database definitions to view the schema changes. 
  • Added the Max Discount Amount option to Discount Product List promotion results, letting administrators cap percentage-based discounts to protect margins on high-value items. See Promotion result type descriptions.
  • Added a new promotion criteria type, Order Bill To Customer List, that targets promotions to orders placed by specific bill-to customers. Administrators assign customers to the criteria by customer number or bulk import. See Promotion rule type descriptions.
• Custom impersonation roles – Added a configurable Can Impersonate permission for custom Admin Console roles, giving administrators granular control over who can act on behalf of storefront users. The four built-in roles (ISC_System, ISC_Implementer, ISC_Admin, ISC_User) retain impersonation by default; custom roles must be granted it explicitly. See Roles for details.
• .NET 10 upgrade – Upgraded Configured Commerce to .NET 10 for long-term support through November 2029 and improved runtime performance. Implementors must update local development environments and custom extension projects to target net10.0 from 5.2.2605 and forward. See .NET 8.0+ local development environment for updated setup instructions.

Breaking changes

Low risk

• Configured Commerce has been updated to use .NET 10.0 instead of .NET 8.0. Partners must have the latest .NET 10 SDK installed and modify their extensions project to target .NET 10.0 for any projects that are .NET 8.0+.
• Moved Insite.Common.Providers.DefaultFileSystemProvider and Insite.Common.Providers.FileSystemProvider out of the public surface area. They are only used for theme bundling and do not appear to be used by any customer implementations directly.
• After upgrading from5.2.2602.424+sts, 5.2.2603.389+sts, or 5.2.2604.558+sts, if you have ALL CAPS attribute names containing spaces or special characters (for example, "MY ATTRIBUTES"), run a Full Search Index Rebuild and wait up to 12 hours for Attribute Sync to complete to restore correct behavior.
• The following two files were moved out of the public surface area. They are only used for theme bundling and do not appear to be used by any customer implementations directly.
  • Insite.Common.Providers.DefaultFileSystemProvider
  • Insite.Common.Providers.FileSystemProvider
• The following properties have been deprecated for some time and are now removed from the netcore code.
  • SiteContext.Website
  • SiteContext.UserProfile
  • SiteContext.Language
  • SiteContext.Currency
  • SiteContext.Warehouse
  • SiteContext.Persona
  • SiteContext.RememberedUserProfile
• The following property was removed. This is a binary breaking change.
  • BaseApiController.Request

• Added several methods for IPaymentService and IPaymentGateway. IPaymentService and IPaymentGateway are not extensible.

  • HandleBnplCallbackAsync
  • GetBnplTransactionStatus
  • HandleBnplRedirect

Enhancements

• Enabled Azure AD B2C single sign-on for .NET Core storefronts. The authentication handler now resolves the emails claim that Azure AD B2C provides, restoring SSO functionality that was unavailable on the .NET Core code path. See Enable Opti ID for details.
• Added a Sort Order column and drag-and-drop reordering to the product cross-sells view in the Admin Console. Administrators now control the exact display sequence of cross-sell products on the storefront. See Set up cross-sells for details.
• Added the IGatewayPropertyResolver interface for Spreedly-based payment integrations. Implementors can override gateway properties such as the gateway token at transaction time, enabling storefronts to route transactions to different payment gateways based on context. See Override gateway properties at transaction time in Set custom values for Gateway-specific fields for details.
• Added read-only Spire CMS data pages to the Admin Console for troubleshooting: Nodes, Pages, Page Versions, and Page URLs (accessible via direct URL only). This lets administrators inspect CMS data directly without database access. See Admin Console data pages for details.
• Added audit logging for the Payment Service in the Admin Console. Visits and configuration changes in the Payment Service now appear in the audit log alongside existing Admin Console activity.
• Added audit logging for the Search Service in the Admin Console. Visits to the Search Service now display in the audit log alongside existing Admin Console activity.
• Sorted files alphabetically during bundle generation to produce consistent output across operating systems. Storefronts deployed on Linux containers now generate identical bundles to Windows-based builds, eliminating theme-rendering inconsistencies.
• Aligned the local and partner nginx upload-size configuration with production and sandbox environments, increasing the default request body limit to match production settings.
• Hid archived websites from the View Website header menu and the CMS Dashboard. Content editors now see only active websites when navigating between sites.
• Added an import prompt for standard Optimizely Data Platform (ODP) job definitions when the Enable ODP Tracking setting is turned on. The Admin Console now offers to install the ODP data-export job definitions, so administrators no longer need to create them manually. See Enable ODP in Configured Commerce for details.
• Removed Spreedly as a selectable standalone payment gateway. The gateway selector no longer lists Spreedly outside the Payment Service, and the Admin Console displays a provisioning message when an existing configuration references Spreedly. Storefronts using the direct Spreedly integration must migrate to the Payment Service. See Configure Payment Service for details.
• Added automatic population of the Language ID field on customer orders placed from the storefront. ODP order events now include the correct website_language value, enabling language-aware analytics and segmentation.
• Updated the Budget Management page to enable or disable the User and Ship-To dropdowns based on the budget enforcement level. At Customer level, both dropdowns are disabled; at Ship-To level, the User dropdown is disabled; at User level, the Ship-To dropdown is disabled. See Budget Management overview or Configure a budget for details.
• Added a variant child-product selector to the VMI Order History Product filter. Selecting a styled product now opens an options modal for picking a specific variant, replacing the previous behavior of requiring the exact child product number. See Vendor Managed Inventory overview for details.
• Added a Category advanced filter to the Admin Console Products page. Administrators now filter the product list by regular and dynamic categories. See Filter records in the admin console for details.
• Improved ETag cache delete-lock handling under high-load conditions. Cache delete operations now use batched queries with READPAST hints, reducing deadlock risk during traffic spikes.
• Added early request-abort detection for disconnected clients. Request processing now checks for client disconnection and exits early, freeing server resources during traffic spikes.
• Improved the Proactive Query Analyzer to rank findings by estimated CPU impact and report the top three in the nightly maintenance job log, giving administrators visibility into the most resource-intensive queries.
• Added parallel query-plan detection to the Proactive Query Analyzer. High-frequency queries using parallel execution plans are now flagged in the nightly maintenance log so administrators can identify queries that cause performance inconsistency.
• Improved error handling for integration jobs so that job-status updates no longer fail when the underlying GetIntegrationJob call encounters an error. Failed jobs now correctly record their status instead of appearing stuck.
• Added database-lock diagnostics for query timeouts. When a query times out, the system captures lock and blocking-session information to a diagnostic table, helping identify root causes during post-incident analysis. The feature is controlled by the Enable DB Lock Diagnostics system setting.
• Enabled ETag-based cache-control headers for Spire CMS pages with a configurable shared max-age duration. Sites with server-side rendering disabled now return publicly cacheable responses, improving time to first byte and reducing server load under high traffic. See Turn on eTag caching for details.
• Improved security.
• *Improved Retail Search indexing to process only website/language combinations active in both the database and the Search Service. Previously, indexing attempted every active combination, causing errors or wasted work on websites not configured in the Search Service. Non-configured combinations are now logged for review, and indexing aborts with a logged error if no valid combinations remain.
• *Azure AD B2C single sign-on (SSO) now works on .NET Core sites. Authentication resolves the emails claim correctly, which previously prevented B2C SSO from working with the .NET Core code path.
• *Extended custom entity registration to the Integration API.  The GenerateCustomEntityDefinitions startup task now runs for the Storefront, Admin, and Integration apps, so entity definitions added by extensions are available through every app and not just the Storefront and Admin. See Where the entity is registered for more details.
• *Added support to bypass CVV in credit card transactions for Adyen payment gateway.
• *Added support for the ?bundle=false query parameter on .NET sites. Appending this parameter to a page URL serves individual JavaScript and CSS files instead of bundles, simplifying browser debugging. See Client-side configurations.
• *Added the Use Modified Date for Lookback setting to Commerce Search v3 system settings. This setting controls whether deactivated-product lookback uses the ModifiedOn or DeactivateOn date for Retail Search indexing.
• *Optimized the categoryTree attribute to remove duplicates and cap values at 400, preventing indexing failures on large catalogs.

Bug fixes

• Fixed the Add to List dialog to hide the Schedule an email reminder checkbox when Enable List Reminders is off, preventing creation of reminders that cannot be edited or deleted.
• Fixed sorting on the Storefront User Administration page so the Name column now sorts by first name, matching the displayed First Name + Last Name order.
• Fixed the reorder toast notification on the Order Details page displaying the page title instead of the order number when a Web Order Number is not present. The toast now falls back to the ERP Order Number.
• Fixed content translation errors with full culture-code language tags such as en-US and fr-FR. The single-value translation path now normalizes culture codes consistently, matching the behavior that already worked correctly for bulk translations.
• Fixed a layout issue in Admin Console System Settings where the ApplicationInsightsDisabledDatabaseTracking field label overlapped with its Yes/No toggle in the Developer section.
• Fixed checkout errors in Keep Me Signed In sessions when Stripe Radar is enabled. The Stripe Radar session now loads globally on page load instead of per-component, resolving timing issues that prevented checkout.
• Fixed the newsletter subscription checkbox on the Create Account page that appeared unchecked after a guest placed an order with the subscription option selected. The checkbox now pre-populates from the guest's existing subscription preference.
• Fixed Adyen recurring payment errors when using TokenEx IFrame with saved cards. Configured Commerce now persists Adyen's recurringDetailReference to the user payment profile and routes repeat purchases through ContAuth, so shoppers reuse a saved card without re-entering the CVV.
• Fixed .NET Core integration jobs getting stuck due to IUnitOfWork scoping. Recurring scheduled jobs such as nightly maintenance now run reliably, and failed jobs no longer prevent subsequent scheduled runs.
• Fixed Spire product list and search pages stripping third-party URL parameters. Custom query-string parameters such as tracking tags now persist through filter navigation.
• Fixed the ODP remove_from_cart event not firing when a shopper uses the Remove All action on the cart page. The event now sends correct item data to ODP for both individual and bulk cart removals.
• Fixed variant product search by customer product number. Searching for a CustomerProductNumber assigned to a specific variant now returns that variant instead of redirecting to the parent product's default variant.
• *Fixed inconsistent bundle file sorting on .NET Core. Files within bundles are now sorted alphabetically to match .NET Framework, ensuring consistent bundle output across platforms.
• *Fixed a 1 MB request size cap in the local NetCore nginx configuration that did not match production. Local and partner environments now accept requests up to 120 MB, matching production and sandbox.
  Fixed an issue on .NET Core sites where the Export Product RSS Feed job failed with errors when the Product RSS Feed Include Variants setting was enabled. This also resolves related Entity Framework (EF) context disposal exceptions that occurred during site startup and integration jobs.
• *Fixed an issue where single-field content translation through the Generate Translation modal failed when languages were configured with full culture codes (for example, en-US, fr-FR, pt-BR, or zh-CN). The translation path now normalizes language tags consistently, matching the behavior of bulk product translations.
• *Fixed a filter parsing error in Google Retail Search that occurred when no products had StockedWarehouses data. Previously, the indexer did not register the stockedWarehouses attribute was not registered during indexing if no warehouse assignments existed, causing Stocked Items Only searches to fail and fall back to Elasticsearch. The indexer now registers the attribute so the filter works regardless of warehouse data.
• *Fixed an issue where configuring the same allowedParents value on multiple page types caused only one page type to display in the page type selector. The filtering logic now uses case-insensitive matching so valid page types display correctly.
• *Fixed an issue on the Order Details page where clicking Reorder displayed the page title in the toaster notification instead of the order number. This occurred when an order had an ERP order number but no web order number. The toaster now falls back to the ERP order number. For more information, see Turn on reordering.
• *Fixed an issue where S3 file streaming failed in environments without Amazon Web Services (AWS) metadata (for example, Kubernetes pods without AWS environment variables). The RegionFinder in the AWS SDK could not resolve the signing region, causing file read operations to fail. The S3 client configuration now uses AuthenticationRegion for the read path. This provides the signing region without interfering with global endpoint routing.
• *Fixed sorting on the Storefront User Administration page so the Name column now sorts by first name, matching the displayed First Name + Last Name order.
• *Fixed the Add to List dialog to hide the Schedule an email reminder checkbox when Enable List Reminders is off, so administrators can no longer create reminders that cannot be edited or deleted.
• *Fixed the issue where category names appeared blank in the storefront menu after switching the site language.
• *Fixed the issue where integration jobs failed with the Error occurred getting IntegrationJob for Connection Internal log error on .NET 8+ environments.
• *Fixed the issue where Admin Console users signed in with Opti ID were redirected to the homepage instead of the login page after session timeout (.NET 4.8 only).
• *Fixed the issue where Commerce Search v3 attribute filters appeared as duplicates and did not apply. This occurred when attribute names were in ALL CAPS and contain spaces or special characters. 

• cumulativebreakingchanges_configuredcommercecloud.xlsx60 KB