A few days ago, Adobe announced a new release for Adobe Commerce and Magento Open Source. As you probably know by now, Adobe announced a separation between the two products, but even if Magento Open Source will be managed by the Magento association going forward, the version upgrades and security patches will still be applied to both products’ core codebase.
This release includes over 250 quality fixes and enhancements that will repair all known issues identified in the previous version 2.4.3. They will bring many improvements in security, performance, and platform usability.
If you want to find out more about this release, we are here to help.
PHP 8.1 support
The biggest piece of news by far is that Magento Open Source and Adobe Commerce 2.4.4 now support PHP 8.1 and all project libraries and dependencies have been updated for compatibility with PHP 8.1. Considered a major update, PHP 8.1 brings a lot of new features like enums, readonly properties, explicit octal numeral notation, first-class callable syntax, pure intersection types, never return type, final class constants, and a consistent performance improvement, namely a 23% speedup in Symfony Demo.
The new version provides support for Elasticsearch 7.16 and OpenSearch 1.2. Merchants with on-prem hosted systems can use either solution.
However, OpenSearch is now the default search engine for Adobe Commerce and Magento Open Source 2.4.4 deployments hosted in the cloud.
TinyMCE4, the Magento embedded content editor, has been removed from the codebase and instead the new version 5.8.1 is now supported.
The release includes various GraphQL enhancements, like Complete GraphQL coverage for negotiable quotes for B2B company users.
Also, storefront performance has been improved by changes to how GraphQL requests are cached, and also the performance of GraphQL cart operations has improved.
Vendor Bundled Extensions (VBE) decoupled
As we all know, all previous versions came packaged with third-party extensions and modules. During the Developers live session a few weeks ago, Adobe announced that going forward, these will be removed from the code base. Therefore, with this version, all vendor-bundled extensions, except Braintree, have been removed and will be available only for optional download from the marketplace.
We always love to talk about eCommerce so if you need information about our products and services, we are here to help.
A better performing scalable eCommerce platform
To eliminate possible bottlenecks when dealing with flash sales during busy sales events, this release introduces the asynchronous orders feature, capable of supporting the creation of approximately 60,000 orders/hour. The feature supports faster order placement than its synchronous counterpart, allowing order placements to be carried out in the background while shoppers complete other tasks on the storefront.
In addition, various improvements have been brought to the validation process for orders affected by a cart price rule during the asynchronous order placement.
There is a new configuration option which allows users to enable or disable inventory check on cart load. The option is enabled by default, but if disabled, the system skips checking inventory, thus speeding up checkout. However, disabling this option may prevent customers from placing orders if there are no source items with the ‘in stock’ status, so it definitely needs to be tested further.
At the same time, the memory limit to support input variables volume has been increased. This way, carts containing over 750 configurable products will see improved functionality.
Users can also enable a configuration to allow running parallel consumers in multiple processes, this way improving task execution speed.
With previous versions, sales rules were processed every time a product was added to cart, or quantities were updated. In the new 2.4.4 version, sales rules processing has been optimised and users can now choose to defer total calculation during checkout.
Paypal has been updated with various enhancements. The Venmo payment option is now supported, Pay Later is now accessible to shoppers depending on their location rather than the merchants, and the messaging on the checkout page shows an accurate status on how much and in how many increments the shopper is expected to pay.
The new version is compatible with PWA Studio v12.3.0, it contains recaptcha support and content optimization in Page Builder.
Magento and Adobe Commerce 2.4.4 contains backward-incompatible changes, so users will need to carefully check them out before upgrading their platforms. They may have significant implications on the third-party modules since they should work in a new way.
Significant security enhancements
Because certain vulnerabilities were identified that can potentially be used to access customer information or take over administrator sessions, the new release brings many enhancements that help improve compliance with the latest security best practices.
In the previous version, email variable usage was deprecated in favour of a stricter variable syntax. In this release, this was fully removed. Users need to be careful as email or newsletter templates that worked in previous versions of Magento may not work correctly after upgrading to Adobe Commerce 2.4.4 or Magento Open Source 2.4.4. Affected templates include admin overrides, themes, child themes, and templates from custom modules or third-party extensions.
Another security change is that Integration tokens can no longer be used for API Bearer token authentication, due to the security implications of a never-expiring access token.
Session IDs are no longer stored in the database, and OAuth access tokens and password reset tokens are now encrypted when stored in the database.
Validation has been improved to prevent the upload of non alpha-numeric file extensions.
reCAPTCHA support has been added to coupon codes.
Swagger will now be disabled by default when Adobe Commerce and Magento open-source are in production mode.
HTTPS is now enabled by default. Also, The Use Secure URLs on Storefront and Use Secure URLs in Admin settings are enabled by default, and all built-in cookies are now set as secure.
All new installations require the dependency confusion plugin to permit trusted versions. However, the constraints can be bypassed for trusted versions, and the platform will display a warning before proceeding with installation.
A mechanism was added for limiting the size and number of resources that a user can request through a web API on a system-wide basis, and for overriding the defaults on individual modules.
Developers can now set the maximum size of arrays permitted by Adobe Commerce RESTful endpoints.
Apart from critical updates, the new version brings some changes to improve usability. Edit buttons now have unique text and Admin buttons now have unique, accessible, and descriptive purposes to conform to AA standards. Icon images that convey meaning now provide a textual alternative. In addition, Admin buttons and form fields can be set to a contrast ratio of at least 3:1 with adjacent colours.
If you want to know more about our list of services at Clever++, please visit our website.