v1.19: customer account pages now themeable in all 7 marketplace themes, team invitations, multi-currency store credit, and customer-facing return requests.
Cartly v1.19 ships four merchant-facing features and one significant architectural shift. The headline: customer account pages are now fully themeable — every marketplace theme renders your customers' dashboard, orders, and settings in its own design language.
Read the Clarity theme announcement for a detailed look at the new default theme. This post covers everything else in v1.19.
Until v1.19, the Cartly customer portal (/account, /account/orders, /account/addresses, and the login and register screens) was rendered by the React SSR layer regardless of which Liquid theme the merchant had installed. The result: a customer shopping in the Clarity editorial aesthetic would click "My Account" and land in a visually disconnected interface.
That is now fixed. All /account/* routes are served by the Go Liquid renderer. Every marketplace theme ships its own customer templates — 28 files per theme, covering everything from the dashboard to individual order detail pages and the return request flow.
Seven themes are fully ported as of today: Clarity, Mono, TechPro, Minimal, Crafter, Vogue, and Linen. Each renders the customer portal in its own typographic and colour system, with the same fork-on-write customisation capability merchants already use for sections and layouts.
For merchants: nothing changes in how you manage customer accounts. The admin panel, the customer API, and the account data model are unchanged. The visual difference is immediate and automatic after the next theme reload.
For theme developers: see the updated Customer Portal guide for the full template list (28 files) and POST-Redirect-Get form conventions.
Inviting a teammate to your Cartly admin now takes three clicks. Go to Settings → Team, enter an email address, and click Invite. The teammate receives an email with an accept link. After clicking it, they are prompted to log in or create a new account — and are automatically added to your store.
Pending invitations appear in the Team settings page with per-invite Revoke and Resend actions. A revoked invitation token is immediately invalidated — the accept page returns a clear "this invitation has expired" message.
Roles follow the existing ShopMember permission model. Invited members join as staff by default; you can adjust their role from the Team members list after they accept.
Store credit refunds across currency boundaries used to silently convert the refund amount to the shop's base currency before crediting — a problem for merchants who sell internationally and refund in the customer's original payment currency.
The store_credit_transaction entity now records the original_amount_cents and original_currency alongside the shop-currency equivalent. The Admin customer detail page shows both figures, and the order detail refund preview surfaces the original amount so merchants know exactly what the customer paid before selecting a refund method.
A hybrid currency validator issues a warning when credits are applied in a mismatched currency, without blocking checkout — a deliberate architectural decision that prioritises customer experience while the Strict mode is completed under a separate track.
Customers can now submit return requests from their account at /account/returns. Previously, the Cartly self-serve RMA flow let customers view their return status, but the initial request had to come through the merchant admin or via a custom integration. That gap is closed in v1.19.
The flow: customer selects an order, picks the item(s) and reason, adds optional notes, and submits. The Temporal RMAWorkflow takes it from there — waiting for a merchant approve or reject signal before processing the refund. The customer sees real-time status updates in /account/returns.
Audit waves 5 and 6 resolved 66 security and reliability issues across cart, checkout, payment webhooks, admin handlers, B2B, and inventory. Changes include JWT revocation, same-host fallback for custom domain OriginCheck, webhook v2 signatures with timestamp replay protection, and WASM memory caps. No merchant action is required.