A new security patch SUPEE-10570 for Magento 1 was released on Feb 27th 2018. It is affecting ~60 files of Magento Open Source (Community Edition) and ~90 of Magento Commerce (Enterprise edition). Let’s review what actual changes and improvements are behind those files.
2017 has truly been the year of Community Engineering for Magento. For many years we’ve been hearing voices from the Magento community on how great would it be if we were allowed to work on fixing bugs and improving Magento core code… And now we’re living this dream. Moreover, this dream already delivers: 24% of the code shipped by Magento in 2017 came from the community. And all this came from 511 unique contributors. Impressive, isn’t it? And what’s helped the success?
Usually you don’t jump on a plane with your friends and go to Asia to have some great weeks of living, working and traveling in the region. It was my first time of working from this far: a 6-hour time difference with our Ukrainian office, tropical climate and a whole bunch of other differences like food, traffic, religion etc.
In the past, there was a big challenge to keep a package-based PHP project up to date. We had sort of package managers like PEAR and PECL, but frequently they caused more challenges rather than provided a handy possibility to install and manage packages quickly. Fortunately, the dark age of the mentioned managers is history now, as the Composer comes to fix difficulties. Composer has been improved with every new version, and many modern platforms/frameworks like Symfony, Laravel and Magento use Composer as a part of their systems.
It’s well known that Magento team announces new platform upgrades quite often. There is a minor upgrade every second month and a more critical upgrade with new features and more changes to the core almost every quarter on average. If we look back, since the release of Magento 2.0 in November 2015 there were around 30 releases for Magento Open Source and Magento Commerce. Looks like a lot, doesn’t it? So the question arises: do these changes actually bring any value to the website?
What does 2018 have in store when it comes to security? Nothing very promising. The year has just begun and we already have some major security issues affecting Intel and AMD processors. The trend begins with WannaCry in 2017, latest issues with macOS and a whole bunch of different security breaches. And it will continue to persist as our society evolves and becomes more and more digital.
When you are developing an application that includes webhooks (Slack, OKTA, etc) you need a publicly accessible URL to connect the webhook service with. Usually you develop on localhost and there is no access for someone else to it. So, how can you test your webhooks in such situation?
After the latest Database data format changes in Magento 2.2.x version, there is a need to convert existing PHP serialized data to JSON format. The new release provides upgrade scripts that convert Magento serialized data. But how to deal with custom extensions, which also use automatic serialization mechanism provided by Magento framework? Thankfully, Magento took care of that too.
20th of November, 2017, has marked an important date in Atwix history – we turned seven. It has always been a dilemma of what to do for the birthday celebration and we often followed a default and obvious way – making a party. This time though, we thought – what if?