SuiteCommerce 2024.1.x Minor Releases: CMS Lazy Load Changes, third_parties Folder Move, and CLI Update

Oracle shipped three minor releases under the 2024.1 SuiteCommerce branch. This page covers 2024.1.1, 2024.1.2, and 2024.1.30. The most impactful changes are the forced lazy-loading of all CMS Page Type scripts and the relocation of the third_parties folder in SuiteCommerce / SCA source.

Versioning change (2024.1.30)

Minor releases now use a tens-based numbering scheme. What would have been 2024.1.3 is instead 2024.1.30, leaving room for hotfix point releases (e.g., 2024.1.31) between minor releases. No code impact, but update any automation that parses version strings.

What changed

2024.1.30

• third_parties folder relocated — The third_parties directory in SuiteCommerce and SCA source has been moved to avoid maintaining two separate Git repositories for the same application. If your gulp tasks, CI pipelines, or custom build scripts reference the old path (e.g., third_parties/require.js/2.3.6), they will break.
• SuiteCloud CLI updated to 1.9.0 — If you pin CLI versions in package.json or CI images, update to @oracle/suitecloud-cli@1.9.0.
• PayPal redirect fix — Customers paying an invoice via PayPal are now correctly sent to the Payment and Review page instead of the My Account page.
• Negative deposit display fix — Deposit subtotals now render as -$1.00 instead of $-1.00.

2024.1.2 — CMS Lazy Load overhaul

• All CMS Page Type custom record scripts are now lazy loaded unconditionally. The CMS Pages Lazy Load toggle on the SuiteCommerce configuration record (Integrations > Site Management Tools) has been removed. You can no longer opt out of lazy loading.
• Store Manager role elevated permissions — CMS Page Type custom records now run with the Store Manager role's elevated permissions without requiring login. Custom records need Create or higher permission for the Store Manager role to render on Commerce sites.
• If pages still do not display after the update, you must manually add the Store Manager role to any custom records you created: Customization > Lists, Records, & Fields > Record Types, select the record, go to the Permissions tab, add Store Manager at Create level or higher.

2024.1.1

• POST instead of GET for purchase cancellations — Cancellation requests are now sent via POST. If you have middleware, proxy rules, or SuiteScript user-event scripts that inspect cancellation traffic by HTTP method, update them.
• 3D Secure fixes — Required GET parameters are now correctly forwarded in the redirect URL sent to payment gateway partners after a 3D Secure challenge. Quote payments with 3D Secure now redirect to the confirmation page as expected.
• Gulp build fixes — Resolved gulp release sdf_release errors (file referenced by attribute file is missing and async completion failures) and a jQuery-bxslider compilation error.
• Theme Customizer fix — The Theme Customizer now renders correctly when using Site Management Tools.
• Icons/fonts fix — Some SCA deployments were missing icons and fonts; this has been corrected.

What to do

1. Update build paths. Search your gulp tasks, CI configs, and any custom scripts for references to the old third_parties folder path. Update them to the new location after pulling the 2024.1.30 source.
2. Upgrade SuiteCloud CLI. Run npm install @oracle/suitecloud-cli@1.9.0 (or the equivalent global install) in your development and CI environments.
3. Audit custom record permissions. If you created custom records linked to CMS Page Types and pages are not rendering, add the Store Manager role at Create level or higher on each custom record's Permissions tab. This does not apply to NetSuite-native or third-party extension custom records.
4. Remove references to the CMS Pages Lazy Load setting. Any SuiteScript or integration code that reads or writes the lazy-load configuration flag on the SuiteCommerce configuration record should be removed — the setting no longer exists.
5. Review cancellation handling. If you have user-event scripts, RESTlets, or reverse proxies that distinguish cancellation requests by HTTP method, update them to expect POST instead of GET.
6. Test 3D Secure payment flows. If you use 3D Secure with quotes or invoices, run end-to-end tests to confirm the redirect and parameter forwarding fixes apply correctly in your environment.