Hello and welcome to Atwix MageNews!
This article reviews the most interesting and important topics that popped up in Magento Community last month in our humble opinion.
Without further ado, let’s start!
Good to Know
Magento Upgrades from 2.2 to 2.3
Magento 2.3 landed at the end of November last year. This is a major release with some incompatible changes compared to the previous version. This fact probably makes difference even on how Magento should be upgraded. So, upgrading process is not as simple as changing a version of Magento composer metapackege and it’s needed to run an additional helper script to make upgrading go smooth.
PHP 7.1 End of Life
According to PHP supported version policy, active support of PHP 7.1 is over a month ago and by the end of 2019 it has end of life and won’t be supported anymore. Currently, the latest version of PHP that Magento 2.2 supports is 7.1. This is a signal for merchants that probably it’s time to think about investments in upgrading Magento to version 2.3.
Does PageBuilder Magento 2.3 out-of-box feature?
PageBuilder is an awesome Magento Admin experience improvement that has been under development for more than 2 years. The reason for that is significant changes in Bluefoot CMS architecture that were supposed to be a base for PageBuilder module, but, it doesn’t meet Magento requirements and use cases. Now many of overviews of Magento 2.3 features say that PageBuilder is already Magento 2.3 feature. However, that’s not actually true yet, at least, for version 2.3.0. There are still some final touches left to do and hopefully, in the next release, we will be able to use this.
2/2 what PageBuilder is today is miles ahead of BlueFoot in many areas. Looking back BlueFoot solved a problem but was not a polished product. With 2.3.1 you’ll get the problem solved and a beautiful product 🙌🏻
— Dave Macaulay (@HelloMacaulay) January 22, 2019
– How did a story begin? [Magento] Magento Acquires Technology Behind Bluefoot CMS
– What’s done so far? [MM18UK] Technical Introduction To Magento Page Builder
Atwix #1 Contributor in 2018
Atwix became #1 Contributor in 2018 after leading in partners top 10 months in a row. How was it going and what’s next? All answers are in the Atwix article below.
– [Atwix] Magento Contributions: 2018, 2019 and beyond
Last month Magento Community actively discussed following open source extensions/tools:
– Helper script to aid upgrading Magento 2 websites
– Magento 2 Ultimate Module Creator – a standalone application for creating Magento 2 CRUD
– Yireo_ExtensionChecker – validates the code of other extensions via static code analysis tools
– Magento DevDocs integration with VS Code
In addition, starting from version 2.7.3 popular
Smile_ElasticSuite modules are going towards GraphQL compatibility.
Checkoutless commerce in UK
How many touches do you need to purchase something on mobile? Checkoutless is about reducing this number to a minimum with payment solutions like Paypal Express or Apple Pay. Magento published an article with reports of state checkoutless commerce in the UK across different sectors.
Passing Magento certifications are probably the best way to grow as professional and get a solid knowledge of Magento and E-commerce. However, not all of us want to pass them. Truth be told, a big part of us is just afraid of failing or simply don’t know how to start. This is awesome that Magento Community has people that are open to share their personal experience, both successes and failures. Fisheye and Integer_net wrote about their ways of passing Magento developer certifications.
New Magento Certifications
Last month Magento U announced that two more certifications are in progress and will be released soon. Now Magento Cloud masters and Magento Order Management specialists will be able to prove their skills and add one more badge to their profiles.
Developing the Magento Order Management course – coming in March and April! pic.twitter.com/QsCAILIl86
— Magento U (@MagentoU) January 2, 2019
Magento Certified Cloud Developer certification exam workshop completed this week in London! Fantastic work everyone – Look for the Cloud Developer certification exam coming soon!! pic.twitter.com/dBbPjSCvlx
— Magento U (@MagentoU) January 25, 2019
Enhanced Magento Bug Bounty Program
Magento changed a service for reporting security issues. Before Bugcrowd had been used for such things, but now Magento moved to HackerOne which Adobe is using for their products. Moreover, the bug bounty program was updated and contains several improvements like payments right after verifications, but not after releasing patches. This should make a positive effect on the motivation of the community to report.
– [Magento DevBlog] Enhanced Bug Bounty Program!
Authorize.Net said goodbye to MD5
Authorize.Net announced the end of life for their MD5 based hash for transaction responses in favor of SHA-512 based hash utilizing a Signature Key. The final transition to the new approach will be done in two phases to make it smooth for service consumers that are using legacy algorithm at this moment.
Don’t copy-paste @escapeNotVerified!
Did you ever wonder, what "@escapeNotVerified" is doing all over the place in Magento templates? I've often seen it blindly copied from core code. Don't do this! Let me explain:
— Fabian Schmengler (@fschmengler) January 24, 2019
Be prepared to a new PCI Software Security Framework
PCI Software Security Framework will come to the payment industry to expand existing PCI DSS and address overall software security resiliency. Currently, PCI SSC published two parts of the new framework: PCI Secure Software Standard and the PCI Secure Software Lifecycle. Why new standards were introduced and how they affect stakeholders. If you’re looking for answers, check the following interview with PCI SSC CTO Troy Leach.
– [PCI SSC] New PCI Software Security Standards
Magento 2 PWA Dev Tools
Since 2015 when the world started talking about PWA, 4 big players showed up on Magento 2 PWA scene: Magento PWA Studio, DEITY Falcon, Front-Commerce and Vue Commerce. What’s the difference between them all and what’s a perfect choice for you or your project can be found in an article from Onilab.
– [Onilab]The Best PWA Dev Tool for Magento 2
Composer local override will rescue
Here is an interesting true story from Mark Shust life about overriding some module composer metapackage via Composer path repository to meet project needs.
Run your MFTF tests
Practical overview from Amasty Team on what needs to be kept in mind to use MFTF and write acceptance tests for your projects.
Best Practice for designing API
This article in Magento DevBlog helps to understand why Magento Multi-Source Inventory project was designed in a way it’s designed and not another way. Down below Igor Miniailo shares his experience from building such a huge system.
– [Magento Forums] Best Practices for API Design
What are microservices?
Magento platform is going toward a microservice approach. This is a hot top in IT world nowadays.
Basically, this is another way of splitting huge monolithic systems into much smaller ones that communicate via the platform and programming language agnostic API. However, what are benefits and drawbacks? How can microservices be implemented and applied to E-commerce? Firebear is answering these questions in an article with a high-level overview of the approach.
Future of Magento front-end applications
Magento 2 frontend stack is being changed dramatically within the last couple of years. It started from prototype.js in Magento 1, moving to Knockout.js for first Magento 2 releases and now looking for React.js future. What’s next? This architectural proposal helps understand how modern Magento front-end technology stack will look like and what you need to know about it.
– [Magento Github] Front-End Technical Vision
Marketplace Technical Review can be changed
Some discussions are going on around an architectural proposal that reviewing ways of grouping CodeSniffer rule by severities. CodeSniffer rules are used to perform an automatic code review of submitted extensions. Now everyone can bring some brand new ideas or share thoughts on how it should be done.
Auto Config File Cache Invalidation
How many times have you forgotten to clean the cache after adjusting some XML config files? This is a common issue and there are already a couple of workarounds that help make it automatically. Now Magento Team brings up a new architectural proposal with a proof of concept how such automatic cache invalidation can be implemented out-of-box in Magento 2.
Make Magento 2 module declaration simpler
We may need to rewrite our Magento 2 hello world module articles soon as module declaration is going to be changed. Magento Team has an intention to eliminate Magento infrastructure that loads module classes and make them sorted in dependency sequence. Composer and some 3rd-party libraries may be used instead. So composer.json may be the only one file that will survive among the current three of them after the changes.
– [Magento Github] Simplified module declaration
Upcoming Events. Don’t Miss!
– February 12-13th – Magento Live AU, Sydney, Australia
– February 19-22th – eTail West, Palm Springs, CA
– February 21th – Power Retail All Star Bash, Melbourne, Australia
– February 27-28th – Magento 2 Developer Training by Max Pronko, London, UK
– March 5-8th – MageTestFest, Florence, Italy
Make sure to be the first for our March MageNews digest – subscribe to our blog (form in the right sidebar)!