Custom Script Injection

• Site-wide scripts (/admin/settings → Custom Scripts) — head + body injection on every Liquid storefront page. Intended for GTM, GA4, chat widgets. Stored in analytics_config.custom_head_script / custom_body_script.
• Order Confirmation scripts (/admin/preferences → Checkout Scripts) — head + body injection scoped exclusively to the Thank You page. Intended for Google Ads conversion events, Facebook Pixel Purchase, TikTok purchase events. Fires only when (!error && order) — the error branch never triggers, preventing inflated conversion counts. Stored in analytics_config.order_status_head_script / order_status_body_script.
• Disjoint JSONB keys — site-wide and order-status scripts now live in separate keys. The previous collision (last save wins) is fixed.
• CSP nonce auto-injection — injectScriptNonce() in the Liquid render service patches every <script> tag with the per-request nonce; merchants do not add nonces manually.
• Multi-script support — paste a Google Ads snippet with two <script> tags; both execute via document.createElement('script').
• Platform governance — super-admin can disable custom scripts globally via PATCH /platform/analytics. Merchant editor shows a clear hint when disabled.

Admin Polish

• Dashboard default analytics window flipped from 7d to 30d for a more stable baseline on low-traffic shops.
• /admin/settings removed duplicate Payment + Domain blocks — those surfaces live on their dedicated pages now.
• /admin/markets tax_inclusive checkbox renamed "Tax Inclusive (VAT-style)" with inline two-branch numeric explainer.

Markets

• Primary Market guarantee — every shop has exactly one primary market at all times, enforced at three independent layers: DB partial unique index, Ent mutation hooks, and a service-layer atomic PromoteToPrimary transaction. Cannot be deleted or deactivated.
• Per-market locales — default_locale + available_locales[] chip selector in admin. The primary market's default_locale drives the platform translation source language.
• Tax & duty modes — tax_inclusive (VAT-style vs sales-tax-style) and duty_mode (DDP vs DDU) per market, with inline explainer text in the admin showing concrete numeric examples for both branches.
• Language switcher in Minimal theme — endonym names (русский, Deutsch, ქართული) sourced from internal/markets/endonym.go (19 entries, region-variant fallback). Fixed the previous bug where the dropdown rendered empty for every shop.
• Orphan locale handling — visitor cookie referencing an inactive market locale is cleared via Set-Cookie: Max-Age=0; storefront falls back to default_locale.
• Promote-to-primary workflow — admin confirm dialog explains translation-source impact. Atomic DB transaction prevents a shop from being left without a primary market.

Migration

• cmd/migrate-shop-locale-to-primary reconciled legacy shop.locale across all existing shops (idempotent; ran on prod, all 7 shops already aligned).

Multi-Currency

• Automatic exchange rates from OpenExchangeRates, refreshed every 6 hours via Temporal cron. Manual force-refresh button available in the admin at /admin/settings/currencies.
• Per-currency mode — auto (live feed) or manual (merchant-entered rate). Mixable per currency.
• Markup & rounding — per-currency markup percentage (0–25%) applied after rate conversion, plus four rounding strategies: none, nearest .99, nearest .95, nearest whole. The per-currency row can override the shop default (explicit "no rounding" is honoured even when the shop default is .99).
• Zero-decimal currencies — JPY, KRW, HUF, ISK, CLP, VND, BIF, RWF, XAF, XOF skip the cents-math rounding step. A ¥3,714 price stays ¥3,714.
• Storefront cookie — cartly_currency persists the visitor's display currency across pages and sessions. Secure; SameSite=Lax on HTTPS.
• Stale-rate banner — visible on the storefront when the display rate is older than 24 hours.
• Liquid fx_context — shop.fx_context bundle available in every Liquid template (including inside {% render %} snippets via engine globals).
• Storefront JS — window.cartlyFX (boilerplate/assets/fx-converter.js) for client-side currency conversion and pickers.

Hardening

• Cross-tenant scoping on manual refresh — one merchant cannot trigger rate updates for other shops.
• ISO 4217 validation on supported_currencies input; XSS hardening on Liquid currency-option attributes.
• cartly_currency and cartly_locale cookies now carry the Secure attribute on HTTPS storefronts.

Clarity

• New marketplace theme — editorial premium aesthetic with warm-gold accent and Playfair Display headings. Featured on AppStore themes home as the default catalogue entry for new shops.
• Filter-rail PLP — sidebar facets (Typesense-backed), sort dropdown, active-filter chips, mobile filter-sheet drawer, and pagination.
• Sticky-info PDP — media gallery stays above the fold while product info scrolls; bundle, reviews, and recently-viewed sections ship out of the box.
• AJAX Quick-Add — product cards include a Quick-Add button that opens a variant drawer without navigating away from the collection page.
• Wishlist with auth-gate — heart buttons trigger a login-required modal for guests; authenticated customers save to their account wishlist.
• Polymorphic article/blog templates — articles include structured data, share buttons, and a related-articles band. Blog listing supports category filtering.
• Themed 404 — two-column hero with a help band; lost visitors see branded content instead of a blank error screen.
• Full i18n — all customer-facing strings use the | t filter. Seven locales: en, de, es, fr, ru, uk, he.

Customer Account on Liquid

• /account/* routes served by Go Liquid renderer — every marketplace theme now renders the customer dashboard, auth screens, order history, and account settings in its own design language.
• 7 themes ported: Clarity, Mono, TechPro, Minimal, Crafter, Vogue, Linen — all 28 customer template files in the platform embed FS under backend/internal/theme/embed/customers/.
• 11 POST handlers — /customer/account/* forms use POST-Redirect-Get (303 PRG) with Redis flash messages for success/error feedback.
• Session bridge — __Host-cartly_customer_token JWT alongside legacy _customer_session cookie; existing sessions are not broken.
• Merchants can fork and customise any customers/*.liquid template in the code editor.

Team Invitations

• Invite teammates to the merchant admin via email. New ShopInvitation entity with create/list/revoke/resend/accept lifecycle.
• Public accept page at /_site/accept-invite/:token; login and register honour ?next= for seamless post-accept redirect.
• Admin → Settings → Team shows a Pending Invitations section with per-invite revoke and resend actions.

Multi-Currency Store Credit

• store_credit_transaction gained original_amount_cents + original_currency — cross-border refunds now preserve the amount and currency paid, instead of silently converting via shop currency.
• Hybrid currency validator warns on mismatched credits without blocking checkout (Strict mode tracked separately).
• Admin customer detail shows Store Credit balance with FX equivalent, transaction history, and original_amount per row.
• Refund-to-credit preview block on order detail.

Customer-Facing Returns

• Customers can now create return requests from /account/returns — closes the self-serve RMA loop that was previously merchant-only via /admin/returns.

Admin & Storefront Hardening

• Admin UX: page-based edit routes for Metafields definitions, Metaobjects definitions and entries, shipping zones, and company locations. Sales channels admin with list/create/rotate/revoke tokens. Gift card soft-archive, media alt-text editing, settings quick-links.
• Security: audit waves 5 and 6 closed 66 issues — JWT revocation, OriginCheck same-host fallback for custom domains, webhook v2 signature with timestamp, WASM memory cap, OAuth state binding. No merchant action required.

Auto-detected filters

• Variant option filters (Color, Size, …), product tags, vendor, availability, and price range appear automatically on collection pages — no theme changes required.
• Powered by Typesense facet counts; ISR cache key extended per filter param set.

Merchant configuration

• Settings → Storefront Filters — reorder, hide, relabel, change display type (chips / swatches / range / radio / checkbox), scope GLOBAL or per collection.
• Reindex CTA with progress bar (uses import_job row for progress tracking).

Custom filters via Metafields

• MetafieldDefinitions gain a "Available as filter on collection pages" toggle. Allowed field types: single_line_text, number_integer, number_decimal, boolean, color, metaobject_reference, list.single_line_text.
• Creating a filterable definition auto-triggers Typesense schema update and ReindexShopWorkflow.

Storefront Liquid globals

• collection.filters with per-value url_to_add / url_to_remove helpers.
• collection.current_tags, collection.products_count, collection.url_clear_all.
• URL scheme: filter.v.option.color=Red&filter.v.price.gte=2000 (sort and page preserved).

Developer guide →

New visual language

• Dark-first Vercel-inspired theme — full --adm-* CSS token system; light mode available via localStorage preference.
• Pre-paint theme bridge — inline script in <head> eliminates flash-of-wrong-theme on load; post-mount useEffect re-applies and persists.
• 60+ admin routes migrated — products, orders, customers, collections, discounts, apps, settings, billing, platform, and developer portal all updated.

Mobile foundation

• Responsive layout down to 375px with safe-area insets for notched devices.
• Bottom-sheet navigation pattern on small viewports.
• AdminTopbar and AdminMobileNav components — unified across all routes.

Accessibility & polish

• 138 post-audit findings addressed — 67 P0/P1 issues closed under systematic conformance sweep.
• Focus management, ARIA labels, keyboard navigation improvements across form and modal components.
• cartly-admin wrapper required on full-screen app routes for token cascade.

Theme editor improvements

• Section Groups — header-group and footer-group schema support; Visual Editor shows dedicated Header / Footer tabs.
• Alternate template editing — templates/<base>.<suffix>.json auto-discovered; entity edit form shows Theme template dropdown.
• SSE hot reload — real-time file-save events broadcast to Visual Editor preview and code editor simultaneously.
• Stricter schema validation — Monaco lints on every keystroke; same rules run offline via scripts/audit-section-schemas.mjs.
• Draft 404 noise cleanup; password.liquid auto-open suppression; ErrorBoundary on editor routes.

Linen marketplace theme

• New theme in the marketplace — off-white editorial aesthetic (#F6F5F1 palette, Cormorant Garamond + DM Sans, accent #8B6F47).
• 26 sections: announcement-bar, header (sticky + condensed), footer, hero, icon-row, product-grid, image-with-text, product-tabs, marquee, lookbook, stats, testimonials, inverse-cta, FAQ, newsletter, blog-posts, main-product, main-collection, main-cart, main-article, main-search, main-customer-login, main-404, product-recommendations, product-reviews, related-articles.
• Pagination and /collections/all first-class in liquidrender; themed 404 gating; ISR cache key extended for paginated/sorted/filtered collections.

Section Groups guide →

Theme architecture

• Layered resolver — sections, snippets, layouts, assets, and locales now live in the platform embed FS by default. Merchants only acquire a DB row when they explicitly edit a file. Platform deploys flow into stock files automatically.
• Lazy install — fresh shops carry only their page graph and design tokens in the DB. Existing shops thinned — 14 installs migrated.

Code editor

• Custom / New / Synced badges in the file tree, plus filter chips (All / Modified / Synced) with live counts.
• Fork-on-edit — stock files open read-only; click "Edit file" (or ⌘E) to confirm the fork.
• Compare with original — inline Monaco diff editor with hide-unchanged-regions.
• Upstream updated banner — amber banner with View diff / Sync upstream when the platform ships a new version of a section you forked.
• Preview button in the toolbar — opens the storefront in a new tab via signed token.
• Sync All upstream — bulk revert any forked files where upstream has changed.
• Smart "Create new section" — modal generates a working scaffold with HTML, five typed settings, and a preset.

Visual editor

• + Add panel aggregates stock embed sections without copying their files into your shop. Forks happen only when you edit code.
• Open in Visual Editor action on templates/*.json from the code editor.

Public site polish

• Working /blog category filters, Category dropdown in admin, unified hero/card layout with rotating gradients.
• Functional /developers sidebar search.
• apps.cartly.pro logo cross-domain link.

Read the Theme Development guide →

Zapier & Make.com Integration

• REST Hook triggers — 7 instant triggers: order.created, order.updated, order.fulfilled, order.canceled, product.created, product.updated, customer.created
• cart.abandoned — new webhook event fired when a cart is abandoned after the configured delay
• Actions (4) — Create Customer, Update Order, Adjust Inventory, Create Discount via /apps/api/* endpoints
• Searches (2) — Find Customer by email, Find Order by number
• OAuth consent page — browser-redirect flow for Zapier/Make authorization without admin session
• Webhook headers — X-Cartly-Hmac-Sha256, X-Cartly-Shop-Domain, X-Cartly-Webhook-Id on every delivery
• Marketplace listings at apps.cartly.pro

Mercado Pago Payment Gateway

• LATAM coverage — supports BRL, ARS, MXN, CLP, COP, PEN, UYU (7 currencies)
• Checkout Pro — redirect-based hosted payment page with Pix, OXXO, Boleto, and card support
• Webhook pattern — "Callback as Trigger, API as Source of Truth": callback triggers status fetch via Mercado Pago API; no signature forgery possible
• Admin settings — access token, country selector, sandbox/production toggle, test connection button
• Listed at apps.cartly.pro/mercadopago

TBC Bank Checkout (Georgia)

• GEL payments — native Georgian card payments via TBC Bank hosted payment page
• 3D Secure — full 3DS flow supported
• Webhook verification — status confirmed via API call, not signature (TBC Bank pattern)
• Admin settings — API key, secret, sandbox/production toggle

Product Reviews Storefront Toggle

• Show/hide toggle — new "Show reviews on storefront" setting in Admin → Reviews
• Pro plan check — IsStorefrontEnabled() respects both built-in toggle and Pro marketplace install
• All themes updated — review sections in Vogue, TechPro, Crafter, and Minimal wrapped in {%- if product.reviews_enabled -%} guard

Platform Announcements — Dynamic i18n Banners

• DB-driven — replaces hardcoded site banner; announcements managed from /platform/announcements
• Public API — GET /cms/announcement?locale= returns active announcement for requested locale
• 7 locales — ru, de, fr, es, uk, ka, he supported
• HTML support — links and formatting in message body
• Merchant admin — localized banner with 5-day cookie dismiss

Custom Domains — Direct to Origin

• Origin SSL — custom domains now verified and SSL provisioned on the origin server via Let's Encrypt / certbot, removing the 10-domain Gcore CDN limit
• CNAME recommended — point shop.yourdomain.com to shops.mycartly.pro, or use an A record to the origin IP
• No CDN limit — unlimited custom domains; each gets its own certificate

Advanced Discounts Engine

• BOGO (Buy One Get One) — Buy X items, get Y items at a discount or free; cheapest-first rule applied automatically
• Auto-apply discounts — No code required; discounts discovered and applied at cart level automatically
• Product & Collection scoping — Restrict FIXED and PERCENT discount types to specific products or collections
• DiscountBreakdown API — Multiple discounts can stack; full breakdown returned per line item
• Admin UI — New fields for BOGO config, auto-apply toggle, and product/collection scoping

COD & Bank Transfer Payments

• Cash on Delivery (COD) — Enable COD as a checkout payment method with custom instructions for your customers
• Bank Transfer — Accept bank transfers; configure IBAN, account details, and payment instructions shown at checkout
• Admin UI — Enable/disable each method from Settings → Payments
• Offline order flow — Orders placed via COD/bank transfer are created immediately with pending payment status

Fulfillment & Shipping Labels

• Manual fulfillment — Enter tracking number with carrier autocomplete; fulfillment email sent to customer
• Packing slips & pick lists — Printable PDF views generated for any order or batch of orders
• Shipping label purchase — Buy labels directly via integration connectors (e.g. Shippo); rates fetched and label URL returned

Conversion Analytics

• Funnel tracking — Conversion events tracked: view → add_to_cart → checkout → purchase
• Dashboard funnel card — Visual funnel visualization with step-by-step conversion rates on the Analytics dashboard
• Event pipeline — Lightweight event ingestion with per-shop aggregation

Store Credit & Gift Card Ledger

• Customer store credit ledger — Full transaction history: credits, debits, adjustments; balance always accurate
• RMA refund to store credit — Refund approved return requests to store credit instead of original payment method
• Apply at checkout — Customers can redeem store credit during checkout; partial redemption supported
• Admin panel — View customer credit balance and add manual adjustments with an audit note

Abandoned Cart Recovery

• Per-shop configuration — Enable/disable abandoned cart recovery from Settings
• Configurable delay — Choose recovery email delay: 1h, 3h, 6h, 12h, or 24h after cart abandonment
• Cron-based sender — Background job identifies and emails customers with abandoned carts; includes a cart recovery link

Two features that put merchants in control of their deliverability and brand identity: configure your own email provider and attach a custom domain with automatic SSL — all from the admin panel.

Bring Your Own Email

• Provider support — Connect any SMTP server, SendGrid, Resend, Mailgun, or Amazon SES from Settings → Email
• Test Connection — A verification email is sent to your address before credentials are saved, so misconfigured providers are caught immediately
• Encryption at rest — All credentials are encrypted with AES-256-GCM using a platform-managed key; no plain-text secrets in the database
• Onboarding step — Email configuration is now step 4 of the 6-step new-merchant wizard
• Payment guard — Stripe and PayPal activation is blocked until email_configured = true, ensuring transactional emails work before your first sale
• Graceful failure — Order confirmation emails sent through your provider are non-blocking; delivery errors are logged but never fail the order

Custom Domains

• DNS wizard — The domain setup page shows exact DNS records: an A record pointing to Gcore Anycast 81.28.12.12, or a CNAME to shops.cartly.pro
• Auto-verify — The DNS verification button checks propagation in real time; on success, the domain is immediately registered as a Gcore CDN secondary hostname
• Edge SSL — Let's Encrypt certificates are provisioned automatically at the Gcore edge within seconds of domain verification — no certbot, no manual renewal
• Subdomain auto-registration — Every new shop gets a yourstore.cartly.pro subdomain registered at signup via an exponential-backoff retry loop (5 attempts, ~30 s window)
• Origin hidden — All storefront traffic flows through Gcore Anycast; the origin IP is never exposed to DNS or end users

Infrastructure

• The entire Cartly platform now runs behind Gcore CDN (resource 965866). Wildcard DNS *.cartly.pro points to Gcore Anycast 81.28.12.12, giving every merchant shop automatic edge caching and DDoS protection with zero configuration
• Platform transactional email migrated to Zoho Mail (smtp.zoho.com:465)

• Metaobjects available in Liquid templates as metaobjects.TYPE.entries
• GraphQL: admin_only definitions return empty on storefront
• Dynamic field type resolution from definition schema
• Redis version counter cache invalidation + Gcore CDN purge on mutations
• Safety limits: 50 entries per type, 250 total in Liquid context

AI Translations

• Field-level translation buttons inline with every translatable field
• 15 languages supported, including 6 built-in storefront locales
• AI Generate mode for SEO-optimized content creation
• Billing limits per plan with chars_exceeded error handling

Tags Management

• TagInput with autocomplete from existing tags and count badges
• TagManager dialog: rename, merge, delete tags across all products
• Tag-based collection filtering

Platform AI

• Gemini API key and model selection for platform admins
• AI usage dashboard with call breakdown and token metrics
• Dynamic provider: settings take effect without service restart

Checkout Extensibility

• Rule-based engine for discount, shipping, payment, and validation customization
• Visual RuleBuilder and ActionBuilder in admin panel
• WASM runtime (wazero) for advanced custom logic
• Checkout Branding editor with CSS variable injection
• 8 Extension Points for third-party app UI injection
• 52 E2E tests + 34 Go unit tests

Phase 1: Self-Serve Returns (RMA)

• Customers can submit return requests from order detail page
• Temporal RMAWorkflow with Approve/Reject signals
• Automated refund processing on approval

Phase 2: Passwordless Login

• OTP via email and SMS (Twilio, AWS SNS adapters)
• Magic Link login (signed, 15-minute expiry)
• Smooth tab UI on login page

Phase 3: Customer Headless API

• SAT/CAT-authenticated endpoints for profile, addresses, wishlist, returns
• App Session Token delegation for embedded apps

Phase 4: Portal Extension Points

• 6 extension slots in customer portal (header, footer, sidebar, account, order, return)
• Apps register Liquid/iframe/remote blocks per slot

Phase 5: B2B Company Hierarchy

• Company, Location, Membership entities with full CRUD
• Role-based access control (admin, buyer, viewer)
• Per-location budget limits with Temporal budget-reset workflow

Phase 6: Enterprise SSO (OIDC)

• OIDC flow: init → provider → callback → auto-membership
• Encrypted client secrets in DB
• Supports Google Workspace, Azure AD, Okta, custom OIDC

Inventory Locations

• Create and manage multiple warehouses, retail stores, and fulfillment centers
• Per-location stock tracking with available/reserved/incoming fields
• Location type badge (warehouse/retail/dropship)

Stock Management

• Set inventory levels per variant × location
• Transfer stock between locations via API and admin UI
• Low-stock alerts with configurable threshold
• Automatic legacy sync: variant.inventory mirrors sum of all locations

Fulfillment

• Location picker in fulfillment modal (when >1 active locations)
• Pass location_id to POST /admin/orders/:id/fulfill
• Background cleanup: expired reservations released every 5 minutes

Developer Portal

• 5 new guide pages — Headless API v1, Cross-Border Markets, GitHub Theme Sync, Custom Data (Metafields/Metaobjects), App Extensions
• Help Center — new article: Selling in Multiple Currencies

Storefront

• Liquid theme engine — full Shopify-compatible Liquid rendering (layouts, sections, snippets, templates)
• 5 built-in themes — Minimal, Canvas, Mono, Flow, Bold with unique CSS variables and dark mode

Admin

• Markets detail page — fixed crash when countries field is null
• Marketplace — "Installed" badge prevents duplicate installs
• Custom domain management + impersonate without password (platform admin)
• Number inputs — empty string now treated as 0 instead of NaN

Testing

• 53 Playwright E2E tests across 4 spec files — all green
• Coverage: Markets admin, Storefront API (SAT), Cart CRUD, Customer auth, GitHub Theme Sync, Translations

Liquid Theme Engine

• Shopify-compatible Liquid rendering — full template engine powered by theme_files JSONB storage, supporting layouts, sections, snippets, and templates
• Section schemas — JSON-driven section settings with live preview support

5 Marketplace Themes

• Minimal — Clean editorial aesthetic for fashion and lifestyle brands
• Canvas — Rich visual storytelling for luxury and artisan products
• Mono — Sleek monochrome design for tech and gadget stores
• Flow — Soft organic layout for wellness and beauty brands
• Bold — High-energy urban design for streetwear and sneaker drops

Monaco Code Editor

• Full in-browser IDE for editing theme files with Liquid syntax highlighting
• Access to layouts, sections, snippets, templates, assets, and config

AJAX Cart & Variant Selector

• Slide-out drawer cart with quantity updates — no page reload required
• Live variant switching with price, image, and availability updates

Predictive Search

• Live search suggestions for products, collections, and articles as you type

Asset Serving

• Theme CSS/JS served from /shops/:id/theme/assets/:filename with proper cache headers

Custom Domain Routing

• Merchant custom domains mapped to storefronts with automatic SSL provisioning via certbot

Real-Time Status Page

• Live status dashboard at /status
• Health monitor for DB, Redis, Typesense, Temporal, S3, Stripe, SMTP
• 90-day uptime heatmap
• Incident management

Help Center

• 40+ articles in 10 categories at /help
• Search, sidebar nav, breadcrumbs

Compliance

• Cookie Policy, AUP, SLA, Security, DPA

Improvements

• Grouped footer, nav CMS editor, analytics governance, marketplace fixes

App Store (apps.cartly.pro)

• Launched Cartly App Store — a marketplace for apps, themes, and integrations
• Browse by type: Apps, Themes, Integrations
• Category filtering and full-text search powered by Typesense
• Listing detail pages with reviews, screenshots, and feature lists
• CSS-rendered theme preview cards with color swatches
• SEO-optimized with JSON-LD (WebSite, SoftwareApplication), Open Graph, and canonical URLs

Public API — App Store (no auth required)

• GET /appstore/listings — Browse listings with pagination, type and category filters
• GET /appstore/listings/:slug — Listing detail with current release and review summary
• GET /appstore/listings/:slug/reviews — Paginated reviews for a listing
• GET /appstore/categories — Categories with listing counts
• GET /appstore/featured — Featured listings (up to 12)
• GET /appstore/search?q= — Full-text search across all listings

Admin API — Marketplace Management

• POST /admin/marketplace/publish — Create a new marketplace listing
• POST /admin/marketplace/:id/submit-update — Submit new release version
• POST /admin/marketplace/:id/unpublish — Deactivate a listing
• GET /admin/marketplace/my-listings — Your shop's published listings
• GET /admin/marketplace/browse — Browse all available listings
• POST /admin/marketplace/install/:id — Install listing (creates connector, theme, or OAuth flow)
• POST /admin/marketplace/uninstall/:id — Remove installed listing
• GET /admin/marketplace/installed — Installed listings for your shop
• POST /admin/marketplace/review/:id — Submit a review (1–5 stars)
• GET /admin/marketplace/updates — Check for available updates
• POST /admin/marketplace/apply-update/:id — Apply update to installed app

Platform API — Moderation

• GET /platform/marketplace/queue — Releases pending moderation
• POST /platform/marketplace/releases/:id/approve — Approve a release
• POST /platform/marketplace/releases/:id/reject — Reject a release
• POST /platform/marketplace/releases/:id/sandbox-install — Sandbox testing
• GET /platform/marketplace/stats — Marketplace statistics

• Multi-tenant e-commerce platform with isolated shop environments
• Visual page builder with drag-and-drop sections
• Stripe payment integration with zero lost orders guarantee
• GraphQL Storefront API for headless commerce
• Typesense-powered full-text search with typo tolerance
• Built-in blog and SEO tools
• OAuth 2.0 app marketplace with App Bridge protocol
• Temporal-powered workflows for checkout, imports, and billing
• Platform admin panel with shop management and analytics
• Email campaign system with SMTP, templates, and sequences