chore: version 2026 21 1144

.coderabbit.yaml

@@ -0,0 +1,91 @@
+
+language: "en-US"
+
+# Customize tone so CodeRabbit reviews with clear guidelines for FastStore
+tone_instructions: >
+  Review FastStore PRs focusing on performance, SEO, accessibility, and TypeScript safety. Be concise and actionable.
+
+early_access: false
+enable_free_tier: true
+
+reviews:
+  auto_review:
+    enabled: true
+    base_branches:
+      - "dev"
+      - ".*"
+  # Review tone (chill vs assertive)
+  profile: "chill"
+
+  # Provide a high level summary of PR changes
+  high_level_summary: true
+
+  # Optional: include extra review behaviours
+  request_changes_workflow: false
+  high_level_summary_in_walkthrough: false
+  auto_title_placeholder: "@coderabbitai"
+
+  # Helpful flags
+  review_status: true
+  commit_status: false
+  collapse_walkthrough: false
+  changed_files_summary: true
+
+# Path filters to exclude things like output, generated files, and build folders
+  path_filters:
+    - "packages/**"
+    - "!**/dist/**"
+    - "!**/.next/**"
+    - "!**/node_modules/**"
+    - "!**/@generated/**"
+    - "!**/storybook-static/**"
+    - "src/**"
+    - "apps/**"
+    - "!dist/**"
+    - "!.next/**"
+    - "!node_modules/**"
+
+  # Optional path specific instructions (useful for FastStore code patterns)
+  path_instructions:
+      - path: "packages/**/src/components/**"
+        instructions: |
+          Component code:
+          - Ensure React hooks follow rules of hooks (no conditional hooks, proper dependencies)
+          - Check rendering performance (avoid heavy operations on render, use memo/useMemo/useCallback when appropriate)
+          - Favor lazy loading for large components using dynamic imports
+          - Use semantic HTML and proper ARIA labels for accessibility
+          - Ensure components are properly typed with TypeScript
+
+      - path: "packages/core/src/pages/**"
+        instructions: |
+          Page-level code (Model in MVC - data fetching):
+          - Ensure correct use of Next.js conventions (getStaticProps, getServerSideProps, File System Routing)
+          - Validate SEO-related tags (meta tags, structured data, Open Graph)
+          - Performance implications: static generation vs SSR vs ISR
+          - Proper error handling (404, 500 pages)
+          - Static data fetching should happen here, dynamic enrichment in components
+
+      - path: "packages/**/src/sdk/**"
+        instructions: |
+          SDK code:
+          - Custom hooks should follow React hooks conventions
+          - GraphQL queries should be optimized (avoid over-fetching, use fragments)
+          - Business logic should be separated from UI concerns
+
+      - path: "packages/api/src/**"
+        instructions: |
+          GraphQL API code:
+          - TypeDefs should follow GraphQL best practices
+          - Resolvers should be platform-agnostic when possible
+          - Proper error handling and validation
+          - Consider performance implications of resolvers
+          - Type safety with generated types
+
+      - path: "packages/**/*.ts"
+        instructions: |
+          TypeScript files:
+          - Ensure type safety and avoid type assertions when possible
+          - Consider bundle size impact of dependencies
+
+chat:
+  auto_reply: true

CHANGELOG.md

@@ -21,6 +21,24 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
 
 - version 20251223 ([#3161](https://github.com/vtex/faststore/issues/3161)) ([ad5e8d1](https://github.com/vtex/faststore/commit/ad5e8d12fe45f1fb8e1134165172bf1c6b2a91e2))
 
+# [3.96.0-dev.21](https://github.com/vtex/faststore/compare/v3.96.0-dev.20...v3.96.0-dev.21) (2026-01-08)
+
+### Bug Fixes
+
+- Prevent Partytown cross-origin errors in iframe environments ([#3155](https://github.com/vtex/faststore/issues/3155)) ([997252e](https://github.com/vtex/faststore/commit/997252e9a18807f4c26c350197d4f2d139de58f8))
+
+# [3.96.0-dev.20](https://github.com/vtex/faststore/compare/v3.96.0-dev.19...v3.96.0-dev.20) (2026-01-08)
+
+### Bug Fixes
+
+- Add slug field to landing page schema - CROC-185 ([#3166](https://github.com/vtex/faststore/issues/3166)) ([41b9878](https://github.com/vtex/faststore/commit/41b987825ee5ebb7d311eef33e2ca65034dc130d))
+
+# [3.96.0-dev.19](https://github.com/vtex/faststore/compare/v3.96.0-dev.18...v3.96.0-dev.19) (2026-01-08)
+
+### Features
+
+- logout clear storage ([#3163](https://github.com/vtex/faststore/issues/3163)) ([1fbacc3](https://github.com/vtex/faststore/commit/1fbacc3b3e32b4f83a2f56c1f97eb0f8ff843f61))
+
 # 3.96.0-dev.18 (2025-12-24)
 
 **Note:** Version bump only for package faststore

packages/api/src/platforms/vtex/clients/commerce/index.ts

@@ -224,26 +224,27 @@ export const VtexCommerce = (
         refreshOutdatedData = true,
         channel = ctx.storage.channel,
       }: {
-        id: string
+        id?: string
         refreshOutdatedData?: boolean
         channel?: Required<Channel>
       }): Promise<OrderForm> => {
         const { salesChannel } = channel
-        const params = new URLSearchParams({
-          refreshOutdatedData: refreshOutdatedData.toString(),
-          sc: salesChannel,
-        })
-
         const headers: HeadersInit = withCookie({
           'content-type': 'application/json',
           'X-FORWARDED-HOST': forwardedHost,
         })
+        const params = new URLSearchParams({ sc: salesChannel })
+        if (id) {
+          params.set('refreshOutdatedData', refreshOutdatedData.toString())
+        }
+        const url = `${base}/api/checkout/pub/orderForm${id ? `/${id}` : ''}?${params.toString()}`
 
         return fetchAPI(
-          `${base}/api/checkout/pub/orderForm/${id}?${params.toString()}`,
+          url,
           {
             ...BASE_INIT,
             headers,
+            ...(id ? {} : { body: '{}' }),
           },
           { storeCookies }
         )

packages/api/src/platforms/vtex/resolvers/validateCart.ts

@@ -254,13 +254,6 @@ const isOrderFormStale = (form: OrderForm, sessionJwt: SessionJwt) => {
   return newEtag !== oldEtag
 }
 
-// Returns the regionalized orderForm
-const getOrderForm = async (id: string, { clients: { commerce } }: Context) => {
-  return commerce.checkout.orderForm({
-    id,
-  })
-}
-
 const clearOrderFormMessages = async (
   id: string,
   { clients: { commerce } }: Context
@@ -360,10 +353,6 @@ export const validateCart = async (
     ctx.headers.cookie,
     'checkout.vtex.com'
   )
-  const orderNumber =
-    orderFormIdFromCookie !== '' ? orderFormIdFromCookie : order?.orderNumber
-
-  const { acceptedOffer, shouldSplitItem } = order
   const {
     clients: { commerce },
     loaders: { skuLoader },
@@ -381,7 +370,11 @@ export const validateCart = async (
   }
 
   // Step1: Get OrderForm from VTEX Commerce
-  const orderForm = await getOrderForm(orderNumber, ctx)
+  const orderForm = await commerce.checkout.orderForm({
+    id: orderFormIdFromCookie || undefined,
+    channel: ctx.storage.channel,
+  })
+  const orderNumber = orderForm.orderFormId
 
   // Clear messages so it doesn't keep populating toasts on a loop
   // In the next validateCart mutation it will only have messages if a new message is created on orderForm
@@ -392,6 +385,8 @@ export const validateCart = async (
   const sessionCookie = parse(ctx?.headers?.cookie ?? '')?.vtex_session
   const sessionJwt = parseJwt(sessionCookie)
 
+  const { acceptedOffer, shouldSplitItem } = order
+
   // Step1.5: Check if another system changed the orderForm with this orderNumber
   // If so, this means the user interacted with this cart elsewhere and expects
   // to see this new cart state instead of what's stored on the user's browser.

packages/api/test/integration/mutations.test.ts

@@ -41,14 +41,19 @@ const createRunner = () => {
   return async (query: string, variables?: any) => {
     const schema = await schemaPromise
     const context = contextFactory({})
+    const orderFormCookie =
+      'checkout.vtex.com=__ofid=edbe3b03c8c94827a37ec5a6a4648fd2'
 
     return execute(
       schema,
       parse(query),
       null,
       {
         ...context,
-        headers: { 'content-type': 'application/json', cookie: '' },
+        headers: {
+          'content-type': 'application/json',
+          cookie: orderFormCookie,
+        },
       },
       variables
     )

packages/api/test/mocks/ValidateCartMutation.ts

@@ -261,7 +261,7 @@ export const InvalidCart = {
 // Valid Cart
 
 export const checkoutOrderFormValidFetch = {
-  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2?refreshOutdatedData=true&sc=1',
+  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2?sc=1&refreshOutdatedData=true',
   init: {
     method: 'POST',
     headers: { 'content-type': 'application/json', 'X-FORWARDED-HOST': '' },
@@ -288,7 +288,7 @@ export const checkoutOrderFormCustomDataValidFetch = {
 // "Invalid" Cart
 
 export const checkoutOrderFormInvalidFetch = {
-  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2?refreshOutdatedData=true&sc=1',
+  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2?sc=1&refreshOutdatedData=true',
   init: {
     method: 'POST',
     headers: { 'content-type': 'application/json', 'X-FORWARDED-HOST': '' },
@@ -300,7 +300,7 @@ export const checkoutOrderFormInvalidFetch = {
 }
 
 export const checkoutOrderFormItemsInvalidFetch = {
-  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2/items?allowOutdatedData=paymentData&sc=1',
+  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2/items?sc=1&allowOutdatedData=paymentData',
   init: {
     method: 'PATCH',
     headers: {
@@ -531,7 +531,7 @@ export const productSearchPage1Count1Fetch = {
 
 // Stale Cart
 export const checkoutOrderFormStaleFetch = {
-  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2?refreshOutdatedData=true&sc=1',
+  info: 'https://storeframework.vtexcommercestable.com.br/api/checkout/pub/orderForm/edbe3b03c8c94827a37ec5a6a4648fd2?sc=1&refreshOutdatedData=true',
   init: {
     method: 'POST',
     headers: { 'content-type': 'application/json', 'X-FORWARDED-HOST': '' },

packages/cli/CHANGELOG.md

@@ -17,6 +17,18 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
 
 - version 20251223 ([#3161](https://github.com/vtex/faststore/issues/3161)) ([ad5e8d1](https://github.com/vtex/faststore/commit/ad5e8d12fe45f1fb8e1134165172bf1c6b2a91e2))
 
+# [3.96.0-dev.21](https://github.com/vtex/faststore/compare/v3.96.0-dev.20...v3.96.0-dev.21) (2026-01-08)
+
+**Note:** Version bump only for package @faststore/cli
+
+# [3.96.0-dev.20](https://github.com/vtex/faststore/compare/v3.96.0-dev.19...v3.96.0-dev.20) (2026-01-08)
+
+**Note:** Version bump only for package @faststore/cli
+
+# [3.96.0-dev.19](https://github.com/vtex/faststore/compare/v3.96.0-dev.18...v3.96.0-dev.19) (2026-01-08)
+
+**Note:** Version bump only for package @faststore/cli
+
 # 3.96.0-dev.18 (2025-12-24)
 
 **Note:** Version bump only for package @faststore/cli

packages/cli/README.md

@@ -25,6 +25,7 @@ npm install -g @faststore/cli
 ```
 
 <!-- usage -->
+
 ```sh-session
 $ npm install -g @faststore/cli
 $ faststore COMMAND
@@ -36,19 +37,23 @@ USAGE
   $ faststore COMMAND
 ...
 ```
+
 <!-- usagestop -->
 
 ## Commands
 
 <!-- commands -->
-* [`faststore build [ACCOUNT] [PATH]`](#faststore-build-account-path)
-* [`faststore cms-sync [PATH]`](#faststore-cms-sync-path)
-* [`faststore create [PATH]`](#faststore-create-path)
-* [`faststore dev [ACCOUNT] [PATH] [PORT]`](#faststore-dev-account-path-port)
-* [`faststore generate-graphql [PATH]`](#faststore-generate-graphql-path)
-* [`faststore help [COMMAND]`](#faststore-help-command)
-* [`faststore start [ACCOUNT] [PATH] [PORT]`](#faststore-start-account-path-port)
-* [`faststore test [PATH]`](#faststore-test-path)
+
+- [Installation](#installation)
+- [Commands](#commands)
+- [`faststore build [ACCOUNT] [PATH]`](#faststore-build-account-path)
+- [`faststore cms-sync [PATH]`](#faststore-cms-sync-path)
+- [`faststore create [PATH]`](#faststore-create-path)
+- [`faststore dev [ACCOUNT] [PATH] [PORT]`](#faststore-dev-account-path-port)
+- [`faststore generate-graphql [PATH]`](#faststore-generate-graphql-path)
+- [`faststore help [COMMAND]`](#faststore-help-command)
+- [`faststore start [ACCOUNT] [PATH] [PORT]`](#faststore-start-account-path-port)
+- [`faststore test [PATH]`](#faststore-test-path)
 
 ## `faststore build [ACCOUNT] [PATH]`
 
@@ -176,4 +181,5 @@ ARGUMENTS
 ```
 
 _See code: [dist/commands/test.js](https://github.com/vtex/faststore/blob/v3.96.2/dist/commands/test.js)_
+
 <!-- commandsstop -->

packages/core/CHANGELOG.md

@@ -17,6 +17,24 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
 
 - version 20251223 ([#3161](https://github.com/vtex/faststore/issues/3161)) ([ad5e8d1](https://github.com/vtex/faststore/commit/ad5e8d12fe45f1fb8e1134165172bf1c6b2a91e2))
 
+# [3.96.0-dev.21](https://github.com/vtex/faststore/compare/v3.96.0-dev.20...v3.96.0-dev.21) (2026-01-08)
+
+### Bug Fixes
+
+- Prevent Partytown cross-origin errors in iframe environments ([#3155](https://github.com/vtex/faststore/issues/3155)) ([997252e](https://github.com/vtex/faststore/commit/997252e9a18807f4c26c350197d4f2d139de58f8))
+
+# [3.96.0-dev.20](https://github.com/vtex/faststore/compare/v3.96.0-dev.19...v3.96.0-dev.20) (2026-01-08)
+
+### Bug Fixes
+
+- Add slug field to landing page schema - CROC-185 ([#3166](https://github.com/vtex/faststore/issues/3166)) ([41b9878](https://github.com/vtex/faststore/commit/41b987825ee5ebb7d311eef33e2ca65034dc130d))
+
+# [3.96.0-dev.19](https://github.com/vtex/faststore/compare/v3.96.0-dev.18...v3.96.0-dev.19) (2026-01-08)
+
+### Features
+
+- logout clear storage ([#3163](https://github.com/vtex/faststore/issues/3163)) ([1fbacc3](https://github.com/vtex/faststore/commit/1fbacc3b3e32b4f83a2f56c1f97eb0f8ff843f61))
+
 # 3.96.0-dev.18 (2025-12-24)
 
 **Note:** Version bump only for package @faststore/core

packages/core/cms/faststore/pages/cms_content_type__landingpage.jsonc

@@ -5,6 +5,12 @@
     "type": "object",
     "title": "Landing Page",
     "properties": {
+      "slug": {
+        "widget": {
+          "ui:widget": "slug"
+        },
+        "type": "string"
+      },
       "seo": {
         "title": "SEO",
         "description": "Search Engine Optimization options",

packages/core/src/components/ThirdPartyScripts/ThirdPartyScripts.tsx

@@ -37,7 +37,10 @@ function ThirdPartyScripts() {
       {includeGTM && <GoogleTagManager containerId={gtmContainerId} />}
       {includeVTEX && <VTEX />}
       <OverrideComponents.ThirdPartyScripts />
-      <Partytown key="partytown" />
+      {/* Only render Partytown when not in an iframe to prevent cross-origin errors. */}
+      {typeof window !== 'undefined' && window.self === window.top && (
+        <Partytown key="partytown" />
+      )}
     </>
   )
 }