It’s October edition of Atwix #MageNews!
Read us and be updated about the most important news from Magento community.
Let’s get it started!
Content
- [Not To Miss] Security-Only Patches
- [Not To Miss] Update From the Magento Association
- [eCommerce] The State of CBD & eCommerce Platforms
- [Security] PHP Core Vulnerabilities Detected
- [Community Experience] State of Magento PWA Studio
- [Community Experience] Conference Month
- [Community Experience] MM19UK Videos
- [Community Experience] MageCONF 2019
- [Open Source] Smart JS Bundler
- [Open Source] Contribute to MerchDocs
- [Magento U] Magento OMS Certification
- Upcoming Events
- Want More?
Not to Miss
Security-Only Patches
Magento continues to focus on security improvements. Starting from 2.3.3 Magento will be providing security-only patches that should make it possible to apply security improvements with minimal impact on the custom codebase and reduce release time. According to ZDNet statistic, about 83% of all hacked Magento instances were outdated. So it’s super important to make the process of patching as quick and less resource-consuming as possible.
Based on merchant and partner feedback, we'll be offering a "security only" option for quarterly patches for Magento 2.3.3 and beyond: https://t.co/oFuX8ksf8f
— Chris Hedge (@ChrisHedge4) September 6, 2019
More Info:
– [DevBlog] Introducing the New Security-only Patch Release
Update from the Magento Association
We also got some news from the Magento Association. During the summer period, Magento Association mostly focused on acquiring Title Partners and funds to support its activity, which turned out to be a difficult task. The key goal now is to have each partner provide not more than 30% of the overall budget to keep the association independent. Another goal is to relaunch MagentoAssociation.org to be based on an association management system that will bring all needed features to the members (like content, member management, event support, etc.). It’s great to mention that more than 600 people registered as volunteers. Magento Association will proceed to engage with them utilizing SmithBucklin’s expertise. Another crucial thing is to support and establish best practices for Magento events organization, which formerly existing Meet Magento Association used to handle. Taking that, we will hear more about the Magento Association in the near future. Join the Magento Association and stay tuned!
More Info:
– [Magento Association] State of the Magento Association – September 2019
– Atwix MageNews June 2019 – Magento Association Membership [Previous Update]
– [Magento Association] Join the Magento Association
eCommerce
The State of CBD & eCommerce Platforms
Recently the topic of cannabis-based products and their selling on different eCommerce platforms got viral. CBD seems to be still a pretty risky niche and not everyone wants to be a part of it yet. Magento Cloud is one example of a platform with zero-tolerant policies regarding CBD. However, merchants can use Magento Open Source and Magento Commerce in on-premise installation way to power CBD business.
More Info:
– [Netalico] The State of CBD in eCommerce
Security
PHP Core Vulnerabilities Detected
A couple vulnerabilities in PHP core were reported. Potentially, they could help hackers to execute an arbitrary code in applications that use affected PHP versions which are: <7.1.32, <7.2.22, <7.3.9 and possibly all older versions. Magento is also based on PHP, so make sure you have your PHP patched.
More Info:
– [Magento Support] Magento Recommendations for PHP Vulnerabilities
– [CIS] Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
– [HackerNews] Multiple Code Execution Flaws Found In PHP Programming Language
Community Experience
State of Magento PWA Studio
A writeup from Kristof Ringleff about the current state of Magento PWA studio, their plans and roadmap.
More Info:
– [Fooman] PWA Studio – Where are we at September 2019?
Conference Month
September was really rich for conferences. We have collected all published presentations in case you missed them:
– [MM19NYC] John Hughes – The Ultimate Guide to Caching in Magento 2
– [MM19NYC] Ivan Chepurnyi – How to import 1 million SKUs under 10 minutes
– [MM19NYC] Tom Robertshaw – MageCart Defence Strategies
– [MageX] Paul Byrne – Using Elm to write flawless javascript on Magento
– [MM19PL] Piotr Siejczuk – Global Reference Architecture: Infrastructure & Application
– [MM19PL] Riccardo Tempesta – Awesome Architectures in Magento 2.3
MM19UK Videos
Meet Magento UK published recordings from this year event. Go and check them out! There are plenty of talks from technical and business tracks.
Fancy learning something new this lunchtime? đź’ˇ
Head to the #MM19UK Online Hub to watch talks on a variety of #Magento development topics – from indexing with @JohnHughes1984, to automated testing with @TomMagento and GraphQL with @sergeivaschenko: https://t.co/Fa4etP6Raa pic.twitter.com/qq1Bx7CR63
— Meet Magento UK (@MeetMagentoUK) September 11, 2019
More Info:
– [Youtube] MM19UK – Talk Playlist
– [Meet Magento UK] Talks
MageCONF 2019
MageCONF conference took place in Kyiv gathering over 650 participants. This makes MageCONF the largest technical Magento event worldwide. Contribution Day predating the MageCONF also set a record with over 100 participants. Pictures are available on event’s Facebook Albums.
Amazing #Magento 2.3 architectures by @RicTempesta… over 400 people in the room of this #MageCONF breakout section! pic.twitter.com/1FPkYCxuIU
— Slava Kravchuk (@slkra) September 28, 2019
More info:
– MageCONF 2019 Pictures
– Magento Contribution Day at MageCONF 2019 Pictures
Open Source
Smart JS Bundler
Baler is a new project aimed to handle the issue of lacking smart and optimal JS bundling in Magento 2 storefront themes. It’s not production-ready yet, but it’s definitely worth checking out.
More Info:
– [Github] magento/baler – AMD module bundler and preloader for Magento 2 stores.
– Atwix MageNews August 2019 – Magento 2 JS Bundling
Contribute to MerchDocs
Magento finally opened MerchantDocs for contributions!
Now this project is available on the Github and powered by Jekyll. Feel free to jump in and contribute!
You know our #Merchant #Docs are open source now… go contribute!
1. Go to repo https://t.co/nI55aBHhbt.
2. Find your file in /src.
3. Click pencil icon.
4. Edit + commit.
5. Add PR info + labels.
6. YAY! Wait for our review.(Or click Edit this page in GH at top of any page.)
— Magento DevDocs (@MagentoDevDocs) September 23, 2019
More Info:
– [GitHub] Magento MerchDocs
– [Magento Slack] #merchdocs channel
Magento U
Magento OMS Certification
Magento U released a new certification that covers the developer’s knowledge, experience, best practices and integration flow of Magento Order Management System. The new exam has the same conditions as the rest of Magento professional exams.
More Info:
– [Magento U] Magento 2 Certified Order Management Developer
– [Magento DevDocs] Order Management System (OMS)
Upcoming Events. Don’t Miss!
– October 4th – Meet Magento Baltics, Riga, Latvia
– October 15th – Meet Magento Sweden, Stockholm, SE
– October 22-23rd – Magento Live, Amsterdam, NL
– October 28rd – Meet Magento Spain, Madrid, ES
Want more?
Make sure to be the first for our November MageNews digest – subscribe to our blog.
See you in a month!
Other Digests:
– Atwix MageNews – September 2019
– Atwix MageNews – August 2019