Atwix MageNews – October 2019

It’s October edition of Atwix #MageNews!
Read us and be updated about the most important news from Magento community.
Let’s get it started!


  1. [Not To Miss] Security-Only Patches
  2. [Not To Miss] Update From the Magento Association
  3. [eCommerce] The State of CBD & eCommerce Platforms
  4. [Security] PHP Core Vulnerabilities Detected
  5. [Community Experience] State of Magento PWA Studio
  6. [Community Experience] Conference Month
  7. [Community Experience] MM19UK Videos
  8. [Community Experience] MageCONF 2019
  9. [Open Source] Smart JS Bundler
  10. [Open Source] Contribute to MerchDocs
  11. [Magento U] Magento OMS Certification
  12. Upcoming Events
  13. Want More?

Not to Miss

Security-Only Patches

Magento continues to focus on security improvements. Starting from 2.3.3 Magento will be providing security-only patches that should make it possible to apply security improvements with minimal impact on the custom codebase and reduce release time. According to ZDNet statistic, about 83% of all hacked Magento instances were outdated. So it’s super important to make the process of patching as quick and less resource-consuming as possible.

More Info:
[DevBlog] Introducing the New Security-only Patch Release

Update from the Magento Association

We also got some news from the Magento Association. During the summer period, Magento Association mostly focused on acquiring Title Partners and funds to support its activity, which turned out to be a difficult task. The key goal now is to have each partner provide not more than 30% of the overall budget to keep the association independent. Another goal is to relaunch to be based on an association management system that will bring all needed features to the members (like content, member management, event support, etc.). It’s great to mention that more than 600 people registered as volunteers. Magento Association will proceed to engage with them utilizing SmithBucklin’s expertise. Another crucial thing is to support and establish best practices for Magento events organization, which formerly existing Meet Magento Association used to handle. Taking that, we will hear more about the Magento Association in the near future. Join the Magento Association and stay tuned!

More Info:
[Magento Association] State of the Magento Association – September 2019
Atwix MageNews June 2019 – Magento Association Membership [Previous Update]
[Magento Association] Join the Magento Association


The State of CBD & eCommerce Platforms

Recently the topic of cannabis-based products and their selling on different eCommerce platforms got viral. CBD seems to be still a pretty risky niche and not everyone wants to be a part of it yet. Magento Cloud is one example of a platform with zero-tolerant policies regarding CBD. However, merchants can use Magento Open Source and Magento Commerce in on-premise installation way to power CBD business.

More Info:
[Netalico] The State of CBD in eCommerce


PHP Core Vulnerabilities Detected

A couple vulnerabilities in PHP core were reported. Potentially, they could help hackers to execute an arbitrary code in applications that use affected PHP versions which are: <7.1.32, <7.2.22, <7.3.9 and possibly all older versions. Magento is also based on PHP, so make sure you have your PHP patched.
More Info:
[Magento Support] Magento Recommendations for PHP Vulnerabilities
[CIS] Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
[HackerNews] Multiple Code Execution Flaws Found In PHP Programming Language

Community Experience

State of Magento PWA Studio

A writeup from Kristof Ringleff about the current state of Magento PWA studio, their plans and roadmap.
More Info:
[Fooman] PWA Studio – Where are we at September 2019?

Conference Month

September was really rich for conferences. We have collected all published presentations in case you missed them:
– [MM19NYC] John HughesThe Ultimate Guide to Caching in Magento 2
– [MM19NYC] Ivan ChepurnyiHow to import 1 million SKUs under 10 minutes
– [MM19NYC] Tom RobertshawMageCart Defence Strategies
– [MageX] Paul ByrneUsing Elm to write flawless javascript on Magento
– [MM19PL] Piotr SiejczukGlobal Reference Architecture: Infrastructure & Application
– [MM19PL] Riccardo TempestaAwesome Architectures in Magento 2.3

MM19UK Videos

Meet Magento UK published recordings from this year event. Go and check them out! There are plenty of talks from technical and business tracks.

More Info:
[Youtube] MM19UK – Talk Playlist
[Meet Magento UK] Talks

MageCONF 2019

MageCONF conference took place in Kyiv gathering over 650 participants. This makes MageCONF the largest technical Magento event worldwide. Contribution Day predating the MageCONF also set a record with over 100 participants. Pictures are available on event’s Facebook Albums.

More info:
MageCONF 2019 Pictures
Magento Contribution Day at MageCONF 2019 Pictures

Open Source

Smart JS Bundler

Baler is a new project aimed to handle the issue of lacking smart and optimal JS bundling in Magento 2 storefront themes. It’s not production-ready yet, but it’s definitely worth checking out.
More Info:
[Github] magento/baler – AMD module bundler and preloader for Magento 2 stores.
Atwix MageNews August 2019 – Magento 2 JS Bundling

Contribute to MerchDocs

Magento finally opened MerchantDocs for contributions!
Now this project is available on the Github and powered by Jekyll. Feel free to jump in and contribute!

More Info:
[GitHub] Magento MerchDocs
[Magento Slack] #merchdocs channel

Magento U

Magento OMS Certification

Magento U released a new certification that covers the developer’s knowledge, experience, best practices and integration flow of Magento Order Management System. The new exam has the same conditions as the rest of Magento professional exams.
More Info:
[Magento U] Magento 2 Certified Order Management Developer
[Magento DevDocs] Order Management System (OMS)

Upcoming Events. Don’t Miss!

– October 4th – Meet Magento Baltics, Riga, Latvia
– October 15th – Meet Magento Sweden, Stockholm, SE
– October 22-23rd – Magento Live, Amsterdam, NL
– October 28rd – Meet Magento Spain, Madrid, ES

Want more?

Make sure to be the first for our November MageNews digest – subscribe to our blog.

See you in a month!

Other Digests:
Atwix MageNews – September 2019
Atwix MageNews – August 2019