Magento v2.4.3 is now available (10 August 2021) for both Commerce and Open Source! This version brings a number of new features that will provide a better on-site shopping experience for customers and improved performance. Let us have a look at the list of features from the official release that enhance the security, performance and provide overall platform improvements.
KEY HIGHLIGHTS: MAGENTO 2.4.3
- 33 Security issues resolved
- Expansion of reCAPTCHA
- Built-in rate limiting
- New composer plugin
- Infrastructure updates
- Support PayPal Pay Later
- Upgraded core composer dependencies
- Upgraded third-party libraries
- Live Search
- GraphQL API expansion
- Magento B2B version 1.3.2
SECURITY AND QUALITY FIXES
All the known issues found in Magento version 2.4.2 have been fixed in this release. Additionally, 33 security fixes or improvements have been made to close Remote Code Execution (RCE) and cross-site scripting (XSS) vulnerabilities.
In case you cannot upgrade to the latest version immediately, it is recommended to at least install one of the security patch versions:
- Adobe Commerce 2.4.2-p2
- Adobe Commerce 2.3.7-p1
The Adobe commerce 2.4.2-p2 release fixes all the vulnerabilities found in 2.4.2.
With the expansion of reCAPTCHA, your sites are much more secure from spam and bots. This protects stores from carding attacks through brute force mechanisms. reCAPTCHA will be disabled as default for the Place Order storefront page and payment-related web APIs. But, this can be enabled from the Admin panel.
BUILT-IN RATE LIMITING
Rate limiting is now inbuilt with Magento. Now you can limit network traffic by capping the repeat actions within a time frame. This reduces malicious bot activity and protects your site from DDoS attacks.
NEW COMPOSER PLUGIN
With the Magento 2.4.3 release, Adobe is including a new composer plugin that performs integrity checks during installation to reduce the vulnerability known as dependency confusion.
Adobe and extension developers use private and public composer package repositories to deliver code for updates or fixes to Adobe Commerce and Magento Open Source merchants.
The private composer package repository at repo.magento.com is audited by Adobe for malware and package upload validation. But an unused namespace at the public repository at packagist.org can be used to upload malicious packages, which in turn can be passed on to the merchant’s Commerce instances. To avoid dependency confusion it is best to
- Use the plugin while testing any extension’s installation flow
- Verify that the namespace on packagist.org is owned by you
The release enhances the following functional areas and the quality of the framework
- Customer Account
- Promotions and Targeting
- Cart and Checkout
- Staging and Preview
PAYPAL PAY LATER SUPPORT
The feature is now supported in deployments that include PayPal. It gives the shoppers the option of paying for items in a bi-weekly installment instead of paying the full value at the time of purchase.
Magento 2.4.3 is not compatible with PHP 8.x yet, but the platform updates will take it one step further to reaching that goal. With this in mind, the Core Composer dependencies and third-party libraries will be upgraded to make it compatible with PHP 8.x.
Powered by Adobe Sensei, Live Search provides an enhanced search experience by using Artificial Intelligence and Machine-learning algorithms. With Live Search you get:
- Rich search experience – Help shoppers find what they want with as little effort as possible.
- AI-powered tools – Increase conversion by leveraging Adobe Sensei and improve overtime with commerce data
- Lower TCO – Reduce the cost of ownership that drives cost for development of site search solutions
- Flexible framework – Full GraphQL coverage, API sandbox environments, Ultrafast SaaS
GRAPHQL API EXPANSION
GraphQL support has been added for the following features:
- Shared catalogs
- Wish lists – adds items from specified wishlist to cart
- Gift registries –
- Search by email, type, or ID
- Create, delete or update gift registries
- Update or remove items from a gift registry.
- Move all items from the cart to the gift registry.
- Add, update, or remove registrants from a gift registry.
- Share a gift registry with invitees.
- Negotiable quotes
- Shared routes
MAGENTO B2B VERSION 1.3.2
The latest version of Magento B2B is released along with Magento 2.4.3 with the following features added
- Successfully sends emails on soon-to-expire and expired negotiable quotes.
- Company users can now edit and update customer custom attribute values.
- Administrators with restricted accounts that include only website-level privileges can now create a company that uses a different currency than the website
PAGE BUILDER IS NOW AVAILABLE FOR OPEN SOURCE CONTRIBUTIONS
With version 2.4.3, PageBuilder is now available with the Open Source version. Some of the features; however, will require an Adobe Commerce license:
- Dynamic Blocks
- Staging and Preview
- Native integration with commerce exclusive features
UPGRADE TO THE LATEST VERSION OF MAGENTO NOW
Talk to us if you are looking for a certified Magento partner to upgrade your ecommerce store.