Shuup

Fixed

- Front: SupplierProductListFilter to take all vendors from the category and all sub categories
- Front: Fix the alert class when it is an error
- Xtheme: only use the id attribute if the variable is a Product instance in Async Product Cross Sells plugin
- Reports: do not catch generic `Exception` to prevent hiding other issues

Changed

- Core: reuse existing `ProductVariationResult` when a combination hash matches

Added

- Front: add timezone view to save the user's current timezone

Added

- GDPR: create a snippet blocker to prevent injection when cookie is not consented
- Xtheme: create `xtheme_snippet_blocker` provides to allow blocking a global script injection
- Xtheme: add name a `Snippet` object
- Reports: add CSV report writer

Fixed

- Front: fix so orders that are canceled can't be payed for
- General: fix critical vulnerability on views that were returning not escaped content making it open to XSS attacks
- Admin: fix code mirror destruction by node id

Changed

- Reports: clean malicius content from the HTML and CSV exporters
- Reports: prevent formulas from being exported in excel writer
- Tests: log errors into a log file
- Admin: hide email template button based on permission
- Reports: improve log when an importer fails

Changed

- Pull translations from Transifex

Changed

- Core: only consider lines from the same supplier as the behavior component

Fixed

- Utils: fix MultiLanguageModelForm so language dependent filed will only be required if the language is required

Fixed

- Xtheme: removed orderable boolean from async highlights plugin from being rendered