Atwix MageNews – May 2020

May’s edition of Atwix MageNews is here!
MageNews is all about eCommerce community conversations, and there is much discussion taking place this month. As always we listen and collect the most significant news and updates that buzzed across the Magento landscape, and now bring them to you. This month we included Magento 2.3.5 release highlights, high impact technical updates, continuing COVID-19 related consumer trends, Mageno 2 SEO improvements, and much more.

There was a solid amount of peer-to-peer sharing taking place. Let’s pick up the steam 🚂


  1. [Not To Miss] Events Are Back
  2. [Not To Miss] The Last Mile – Contactless Delivery
  3. [Not To Miss] The First on SERPs
  4. [Not To Miss] Magento 2.3.5 Overview
  5. [Community Experience] Adobe Summit Trainings
  6. [Community Experience] Magento Packagist Update
  7. [Community Experience] Magento PHPStorm Plugin 1.0.0
  8. [Community Experience] PWA Studio on the Cloud
  9. [Open Source] Magento 2.3.5 Technical Highlights
  10. [Open Source] PWA Studio 6 Overview
  11. [Open Source] Intro to Magepack
  12. [Security] Magento 2.3.5 Security Highlights
  13. Want more?

Not to Miss

Events Are Back

During our COVID-19 lockdown, we experienced Magento events being canceled or postponed. We missed each. Now we are reorganizing, creating new conferences, and seeing our favorite conferences taking place –  virtually. This brings us feeling connected, to each other and across our community. In fact, last week we hosted Online Kiev Magento Meetup with 250+ attendees. This was only beginning with many more online events to come…we will make sure to monitor and share them:

– May 28th – Magento Association Virtual Conference, Online
– Jun 17th – MM20UK, Online

The Last Mile – Contactless Delivery

Contactless delivery is not only a new e-commerce trend but also a growing imperative shipping method. It helps to restart businesses (especially the food and beverage industry) during the corona outbreak when the social distance is an essential factor to stay safe and healthy. In fact, such industry giants like McDonald’s, Starbucks, Domino’s Pizza started implementing no-contact shipping strategies. Updating your last mile of delivery may help your business, too. Get more information on how to implement contactless delivery below.
More Info:
[] Contactless Food Delivery and Pickup Options
[Papa John’s Pizza] No Contact Delivery from Papa John’s
[] Coronavirus: McDonald’s, Domino’s Pizza introduce contactless delivery
[Medium] Introducing “Leave at My Door Delivery”: New Doorstep Delivery Service Now Available Across North Americas
[MageWorx] No-Contact Delivery / Curbside Pickup Extension for Magento 2

The First on Search Engine Results Pages (SERPs)

We found statistical research across 11M Google result pages. It shows the key factors that matter most when it comes to high search rankings. According to the research, a typical top-ranked website has:
– high domain authority
– numerous backlinks
– high-quality text content
– low bounce rate
More Info:
[Backlinko] Which factors correlate with first page search engine rankings?

Magento 2.3.5 Overview

Magento 2.3.5-p1 has been released. If you are on 2.3.4, it’s also possible to leverage the security-only version 2.3.4-p2. It helps to bring security improvements as soon as possible.

Functional improvements:
AI-based Product Recommendations became generally available as a separate module from Magento Marketplace
PageBuilder Content Templates help to store previously created content and layout to save content management time
– PageBuilder now supports video backgrounds for rows, banners, and sliders to make engagement content
Amazon Sales Channel v4.0.1 shipped with a new dashboard and improved onboarding process
– Google Shopping ads Channel extension reached EoL
– Worldpay has been deprecated as a part of Magento PSD2 Core Payment Deprecation Strategy
– Signifyd fraud protection integration has been deprecated in order to use the official extension
– Payment methods are now supported in cart rule conditions (see link to the GitHub ticket)

To get more on this, feel free to check out a fresh review of the Magento 2.3.5.

For technical and performance improvements check the following sections:
security fixes and improvements
performance and infrastructure improvements

More Info:
[Magento] Leveraging Magento Commerce New Features In Times Of Limited Resources And Social Distancing
[Magento Markteplace] Amazon Sales Channel Extension
[Magento DevDocs] PageBuilder – Templates
[Magento Markteplace] Product Recommendations Extension
[Magento DevDocs] Google Shopping ads Channel – End of Life
[Magento DevBlog] Deprecation of Magento core payment integrations
[Magento Marketplace] Signifyd Fraud & Chargeback Protection
[Magento DevDocs] Magento Open Source 2.3.5 Release Notes
[Magento DevDocs] Magento Open Commerce 2.3.5 Release Notes
[Magento DevDocs] Amazon Sales Channel Release Notes
[Atwix] Overview of Magento Commerce and Open Source 2.3.5 release

Community Experience

Adobe Summit Trainings

More Magento-related talks from Adobe Virtual Summit became available on the Magento U:
– Magento training: PWA Studio Overview For Developers by Chris Brabender and Vijay Golani
– Magento training: Planning For Security In Magento 2 by Talesh Seeparsan
– Magento training: Migrating From Magento 1 To Magento 2 For Developers by Brent Peterson
– Magento training: Migrating From Magento 1 To Magento 2 For Project Managers by Deryck Harlick
– Magento training: Getting Started With Magento Cloud Development by Joe Shelton
– Magento training: Page Builder Overview For Developers by Nathan Toombs

More Info:
[Magento U] Adobe Virtual Summit Magento Training Hot Topics

Magento Packagist Update

Magento plans to update the Composer packagist in order to optimize Composer package cache. Currently, every time Magento needs to release a new version of any dependency, it updates the package list and makes Composer reload the whole list of packages again – all this results in longer Magento deployment time. In addition, after the new Magento release, the dependency version list grows constantly. To address this issue, Magento is delivering a provider package for each product type (CE, EE, B2B, Marketplace). This approach will trigger a partial update for only changed providers.

More Info:
[Magento DevBlog] Magento Packages Repository Update
[Composer] Composer Providers

Magento PHPStorm Plugin 1.0.0

Magento PHPStorm Plugin 1.0.0 is now generally available on the Inteliji Plugin Marketplace. It’s full of code generation, inspection and code navigation improvements brought to improve developer work-life balance.

More Info:
[Github] Magento PHPStorm Plugin 1.0.0 – Full release notes
[Github] magento/magento2-phpstorm-plugin – PHPStorm Plugin for Magento 2 repo
[Magento DevBlog] What’s new in Magento PHPStorm Plugin 1.0.0
[Atwix] Enhancing development productivity with PhpStorm Magento plugin

PWA Studio on the Cloud

Don’t miss a workshop on how to deploy PWA Studio on the Magento Cloud.
More Info:
[Youtube] Magento Cloud Demo – PWA on Magento Cloud with Benjamin Batschelet

Open Source

Magento 2.3.5 Technical Highlights

Magento 2.3.5-p1 contains a few performance improvements:
– The number of queries and network payload Magento sends to Redis on each request was minimized, as well as the possibility to have write rate conditions and Redis CPU consumption (Commit1, Commit2)
– The customer data invalidation logic got refactored to properly support custom invalidation rules (Commit)
– DomReady plugin was refactored to prevent redundant delays in storefront page loads (Ticket)

Infrastructure Improvements:
– Support for ElasticSearch 7.x has been added. Magento 2 ElasticSearch 2.x and 5.x support is going to be eliminated in 2.4
– PHPStan has been integrated into Magento 2.3.5, so we can take advantage of advanced code quality checks it provides

Platform Improvements:
– ZendFramework has been replaced by Laminas Project as it became a part of it. Don’t forget to migrate your codebase
– Symfony components have been upgraded to the latest long-term supported version 4.4

Known Issues:
– Magento 2.3.4-p1 as well as 2.3.5 contains an issue during setup:upgrade process which comes from the wishlist module. Upgrading to 2.3.5-p1 or 2.3.4-p2 should help
– There’s a possibility to change the payment method on the review step for Amazon Pay module. Here’s a patch to fix it

Other Improvements:
– Products and categoryList GraphQL queries are now reflecting scheduled staging updates

More Info:
[Magento DevDocs] Invalidate private content
[Magento DevDocs] PHPStan – Magento Testing Guide
[Magento DevBlog] Migration of Zend Framework to the Laminas Project
[Magento DevDocs] How to upgrade content types – PageBuilder Docs

PWA Studio 6 Overview

PWA Studio 6 has been released and brings new cool improvements:
– Extensibility framework was initiated. It adds API for storefronts that allows writing plugins that modify storefront logic
– Cache improvements that prevent over-fetching and storing of personal information were added
– The first version of the standalone shopping cart experience component was implemented

Finally, there is a new section in DevDocs which guides through the process of the PWA Studio customization.

More Info:
[Github] PWA Studio 6.0.1 – Full release notes
[Github] PWA Studio 6.0.0 – Full release notes
[PWA Studio] Cart Component Demo
[PWA Docs] PWA Studio fundamentals

Intro to Magepack

Magepack is a brand new tool to address JS bundling issues for Magento Luma theme. Magepack shows better results than Magento baler tool and it’s relatively easy to install to get first noticeable improvements for the storefront performance.

More Info:
[Github] magesuite/magepack – Next generation Magento 2 advanced JavaScript bundler.
[Github] magesuite/magepack-magento – Magento2 extension to integrate with Magepack


Magento 2.3.5 Security Highlights

Magento 2.3.5-p1 and 2.3.4-p2 contains 25 security improvements. While there is no known attacks happen in the wild, it’s still recommended to install the update as soon as possible.

In addition, Magento 2.3.5-p1 includes a couple of major security changes like:
– MVP implementation of Content Security Policies whitelist (CSP). While in practice it’s a bit more complex to get SCP done right away, Magento is going to proceed working on improving this initial protection
– Removing session_id params from URLs

More Info:
[Adobe Security Bulletin] Security Updates Available for Magento | APSB20-22
[Max Chadwick] Magento 2.3.5 + Content Security Policy (CSP): A Fool’s Errand
[Magento DevDocs] Magento 2.3.5 Release Notes – Security Improvements
[Magento DevDocs] Content Security Policy Overview
[Magento DevDocs] Content Security Policies

Want more?

MageNews is all about community contribution. Please share. Please comment. Please contribute. And make sure to be the first for our June MageNews digest – subscribe to our blog.

See you in a month!

Other Digests:
Atwix MageNews – April 2020
Atwix MageNews – March 2020