Atwix MageNews – February 2019

Hello and welcome to Atwix MageNews!
This article reviews the most interesting and important topics that popped up in Magento Community last month in our humble opinion.
Without further ado, let’s start!

Good to Know

Magento Upgrades from 2.2 to 2.3

Magento 2.3 landed at the end of November last year. This is a major release with some incompatible changes compared to the previous version. This fact probably makes difference even on how Magento should be upgraded. So, upgrading process is not as simple as changing a version of Magento composer metapackege and it’s needed to run an additional helper script to make upgrading go smooth.

More Info:
[Firebear Studio] How to Upgrade to Magento 2.3: Update & Error Fixes

PHP 7.1 End of Life

According to PHP supported version policy, active support of PHP 7.1 is over a month ago and by the end of 2019 it has end of life and won’t be supported anymore. Currently, the latest version of PHP that Magento 2.2 supports is 7.1. This is a signal for merchants that probably it’s time to think about investments in upgrading Magento to version 2.3.

More Info:
[] PHP: Supported Versions
[DevDocs] Magento 2.2.x technology stack requirements

Does PageBuilder Magento 2.3 out-of-box feature?

PageBuilder is an awesome Magento Admin experience improvement that has been under development for more than 2 years. The reason for that is significant changes in Bluefoot CMS architecture that were supposed to be a base for PageBuilder module, but, it doesn’t meet Magento requirements and use cases. Now many of overviews of Magento 2.3 features say that PageBuilder is already Magento 2.3 feature. However, that’s not actually true yet, at least, for version 2.3.0. There are still some final touches left to do and hopefully, in the next release, we will be able to use this.

More Info:
– How did a story begin? [Magento] Magento Acquires Technology Behind Bluefoot CMS
– What’s done so far? [MM18UK] Technical Introduction To Magento Page Builder

Open Source

Atwix #1 Contributor in 2018

Atwix became #1 Contributor in 2018 after leading in partners top 10 months in a row. How was it going and what’s next? All answers are in the Atwix article below.

More Info:
[Atwix] Magento Contributions: 2018, 2019 and beyond


Last month Magento Community actively discussed following open source extensions/tools:

Helper script to aid upgrading Magento 2 websites
Magento 2 Ultimate Module Creator – a standalone application for creating Magento 2 CRUD
Yireo_ExtensionChecker – validates the code of other extensions via static code analysis tools
Magento DevDocs integration with VS Code

In addition, starting from version 2.7.3 popular Smile_ElasticSuite modules are going towards GraphQL compatibility.


Checkoutless commerce in UK

How many touches do you need to purchase something on mobile? Checkoutless is about reducing this number to a minimum with payment solutions like Paypal Express or Apple Pay. Magento published an article with reports of state checkoutless commerce in the UK across different sectors.

More Info:
[Magento] Switching Retailers Onto Checkoutless Commerce

Magento U

Experience Sharing

Passing Magento certifications are probably the best way to grow as professional and get a solid knowledge of Magento and E-commerce. However, not all of us want to pass them. Truth be told, a big part of us is just afraid of failing or simply don’t know how to start. This is awesome that Magento Community has people that are open to share their personal experience, both successes and failures. Fisheye and Integer_net wrote about their ways of passing Magento developer certifications.

More Info:
[integer_net] About the Magento 2 Certified Professional Developer PLUS exam
[John Hughes] How we trained 8 “Magento 2 Certified Professional Front End Developers” in 6 weeks…

New Magento Certifications

Last month Magento U announced that two more certifications are in progress and will be released soon. Now Magento Cloud masters and Magento Order Management specialists will be able to prove their skills and add one more badge to their profiles.


Enhanced Magento Bug Bounty Program

Magento changed a service for reporting security issues. Before Bugcrowd had been used for such things, but now Magento moved to HackerOne which Adobe is using for their products. Moreover, the bug bounty program was updated and contains several improvements like payments right after verifications, but not after releasing patches. This should make a positive effect on the motivation of the community to report.

More Info:
[Magento DevBlog] Enhanced Bug Bounty Program!

Authorize.Net said goodbye to MD5

Authorize.Net announced the end of life for their MD5 based hash for transaction responses in favor of SHA-512 based hash utilizing a Signature Key. The final transition to the new approach will be done in two phases to make it smooth for service consumers that are using legacy algorithm at this moment.

More Info:
[Authorize.Net] MD5 Hash End of Life & Signature Key Replacement

Don’t copy-paste @escapeNotVerified!

Be prepared to a new PCI Software Security Framework

PCI Software Security Framework will come to the payment industry to expand existing PCI DSS and address overall software security resiliency. Currently, PCI SSC published two parts of the new framework: PCI Secure Software Standard and the PCI Secure Software Lifecycle. Why new standards were introduced and how they affect stakeholders. If you’re looking for answers, check the following interview with PCI SSC CTO Troy Leach.

More Info:
[PCI SSC] New PCI Software Security Standards

Community Experience

Magento 2 PWA Dev Tools

Since 2015 when the world started talking about PWA, 4 big players showed up on Magento 2 PWA scene: Magento PWA Studio, DEITY Falcon, Front-Commerce and Vue Commerce. What’s the difference between them all and what’s a perfect choice for you or your project can be found in an article from Onilab.

More Info:
[Onilab]The Best PWA Dev Tool for Magento 2

Composer local override will rescue

Here is an interesting true story from Mark Shust life about overriding some module composer metapackage via Composer path repository to meet project needs.

More Info:
[Mark Shust] Locally overriding or extending third-party Composer modules

Run your MFTF tests

Practical overview from Amasty Team on what needs to be kept in mind to use MFTF and write acceptance tests for your projects.

More Info:
[Amasty] How to Make a Smooth and Quick Start with MFTF?

Best Practice for designing API

This article in Magento DevBlog helps to understand why Magento Multi-Source Inventory project was designed in a way it’s designed and not another way. Down below Igor Miniailo shares his experience from building such a huge system.

More Info:
[Magento Forums] Best Practices for API Design

What are microservices?

Magento platform is going toward a microservice approach. This is a hot top in IT world nowadays.
Basically, this is another way of splitting huge monolithic systems into much smaller ones that communicate via the platform and programming language agnostic API. However, what are benefits and drawbacks? How can microservices be implemented and applied to E-commerce? Firebear is answering these questions in an article with a high-level overview of the approach.

More Info:
[Firebear Studio] Microservices In eCommerce And Magento

Magento Architecture

Future of Magento front-end applications

Magento 2 frontend stack is being changed dramatically within the last couple of years. It started from prototype.js in Magento 1, moving to Knockout.js for first Magento 2 releases and now looking for React.js future. What’s next? This architectural proposal helps understand how modern Magento front-end technology stack will look like and what you need to know about it.

More Info:
[Magento Github] Front-End Technical Vision

Marketplace Technical Review can be changed

Some discussions are going on around an architectural proposal that reviewing ways of grouping CodeSniffer rule by severities. CodeSniffer rules are used to perform an automatic code review of submitted extensions. Now everyone can bring some brand new ideas or share thoughts on how it should be done.

More Info:
[Magento Github] Rules Severities for Marketplace Technical Review

Auto Config File Cache Invalidation

How many times have you forgotten to clean the cache after adjusting some XML config files? This is a common issue and there are already a couple of workarounds that help make it automatically. Now Magento Team brings up a new architectural proposal with a proof of concept how such automatic cache invalidation can be implemented out-of-box in Magento 2.

More Info:
[Magento Github] Automated configuration file cache invalidation

Make Magento 2 module declaration simpler

We may need to rewrite our Magento 2 hello world module articles soon as module declaration is going to be changed. Magento Team has an intention to eliminate Magento infrastructure that loads module classes and make them sorted in dependency sequence. Composer and some 3rd-party libraries may be used instead. So composer.json may be the only one file that will survive among the current three of them after the changes.

More Info:
[Magento Github] Simplified module declaration

Upcoming Events. Don’t Miss!

– February 12-13th – Magento Live AU, Sydney, Australia
– February 19-22th – eTail West, Palm Springs, CA
– February 21th – Power Retail All Star Bash, Melbourne, Australia
– February 27-28th – Magento 2 Developer Training by Max Pronko, London, UK
– March 5-8th – MageTestFest, Florence, Italy

Make sure to be the first for our March MageNews digest – subscribe to our blog (form in the right sidebar)!