With Magento Community Engineering signed off and now pressing ahead with Magento 2.5, Adobe released Magento Commerce and Open Source 2.4.2. This latest release is powerful. It has numerous security fixes, performance improvements, and additional features. The Atwix team studied up on all the changes and has unpacked into small logical pieces for you. Grab a cup of coffee and enjoy!
Magento 2.4.2 has quickly proven itself to be stable, as evidence by more and more clients upgrading their websites to this latest version. However, some clients prefer to delay on upgrading. In this article, we will answer if you can stay with 2.3.6 and why upgrading to the latest version of the Magento platform matters.
Before we get there, you might want to check the official Magento article and Tweet:
- 280 new fixes
- 35 security enhancements
- support for Magento 2 Elasticsearch 7.9.x and Redis 6.x
- B2B improvements (Commerce only)
- security only patches for 2.4.1 and 2.3.6
- compatibility with Composer 2.x
- Adobe Stock Integration v2.1.1
- PWA and GraphQL new enhancements
- MFTF 3.2.1.
- Online payment methods can now be used for purchase orders.
- Existing payment method templates were overridden to support PCI compliance.
- Compatibility with third-party, custom, and community-developed payment methods were added.
- Email notifications about payment details were added for buyers.
- Emails can be customized from the admin.
- Approved – Pending Payment statuses added.
- An option to change the payment method during the final payment step was added.
Key changes in more details
Magento 2.4.2 release contains numerous security fixes and all of them were backported to Magento 2.4.1-p1 and Magento 2.3.6-p1. So, if you want to be 100% safe, but also want to save on the upgrade, it’s a smart option for you.
Other security enhancements announced:
- Core cookies support the
- Magento’s messages were improved to display malicious content user saves in product and category description fields.
- File systems’ operation was improved to prevent malicious uploads.
- Core Content Security Policy (CSP) violations have been fixed.
Most of the vulnerabilities require access to the admin panel of your store. So, make sure to protect it with the known solutions like 2FA, IP whitelisting, usage of unique admin URL and strong password.
Tools and integrations
- Additional features were covered with GraphQL. This includes support for multiple wish lists, RMA, comparison lists, and much more.
- Localization was improved for PWA studio. Now Venia theme supports multiple languages and currencies.
- Now it’s more comfortable to work with a Page Builder stage. It no longer requires all content types to be placed within a row, and there is no need to have predefined margins and paddings for content types.
- This release provides the ability to the merchants to limit access of admins to only the Media gallery, as well as to control who can perform actions like assets upload, editing, and deleting.
- Merchants can use optimized images from the Media gallery instead of high-resolution ones.
- Amazon Simple Storage Service (AWS S3) support has been enhanced to include support for object storage and future extensibility.
Extensions from Magento Partners
Here is a shortlist of the updates from partners ecosystem:
- Amazon Pay has been deprecated in this release and will be removed in Magento 2.5.0. Starting from 2.4.3, it will have only compatibility updates and fixes.
- Support for multi-address shipping was added for Braintree.
- dotdigital Engagement Cloud now supports Page Builder and diagnostic alerts.
- Klarna now has a GraphQL module that supports PWA integrations.
- Vertex has obtained a button to update and validate orders creating from the admin.
- Order synchronization mechanism in Yotpo was improved. Now it doesn’t get stuck when the order fails to sync and proceeds with the next order.
Eager to get more details on the vendors? Feel free to visit DevDocs.
To Upgrade or not to Upgrade?
Change can take time, cost money, and introduce risk. There are pros and cons with any upgrade — you must factor in your teams capacity to support an upgrade, your budget, your current Magento version, and of course the latest patches and what they offer you. However, always consider upgrading your website to the latest version as a leading practice. By staying up-to-date with Magento releases, you know with confidence that your website is secure and optimized.
Ask questions or share your thoughts about Magento 2.4.2 in the comments section below. Or, feel free to reach out to the Atwix team to learn more.