Magento 2 - Online Shop
Magento 2 is more than just a further development of the successful e-commerce system Magento 1. Rather, the Magento developer community has created a completely new platform for the sale of products of all kinds.
Magento is available both in the commercial Adobe Commerce version, distributed by Adobe, as well as in the free Magento Open Source version. There is also a new open source project, Mage-OS, which is driving the further development of Magento as its own distribution.
You can find out which e-commerce system is the right choice for your store in our article "Magento, Mage-OS or Adobe Commerce - What is the right e-commerce system for my online store?"
The current version of Magento 2 runs under the version number Magento 2.4 or Adobe Commerce 2.4 and offers numerous functions for store operators, retailers and end customers.
Magento 2 extensions, modules and add-ons
Magento 2 already comes with a solid basic set of functions for operating an online store in its basic installation.
If you also want to expand your online store, add functions or modules or even implement completely new applications, you can currently (as of 12/2023) access around 4,300 extensions via the Adobe Commerce Marketplace. Additional Magento extensions are also available in various extension stores, such as ExtendWare.
Almost 10,000 further extensions and developments are also available free of charge on the Github code hosting platform.
Magento Open Source 2.4.6 was released on 14.3.2023 and introduces support for PHP 8.2. PHP 8.1 is still fully supported, but support for PHP 7.4 has been removed, which has not received any security updates since 28.11.2022. Magento 2.4.6 contains significant performance and scalability improvements. The GraphQL operations for bulk cart operations and the rendering of the category tree have been optimized.
This version contains numerous quality improvements and corrections. The complete "Magento Open Source 2.4.6 release notes" can be downloaded here.
Magento 2.4.6 - Functions to improve accessibility
The main focus of Magento 2.4.6 was to further improve web accessibility for store frontends developed on the basis of Venia (PWA = Progressive Web App). These improvements include:
The visual text label for the "Login" button now matches the accessible name. (Best practice recommends that the accessible name of a UI element starts with the visible label text).
- Descriptive, accessible names have been added to buttons throughout the store frontend.
- Added verbal labels to the "Has Video" checkboxes in the search filters.
- Keyboard-only users can now access all page functions in the store frontend. Previously, customers could not access the links in the sub-navigation using keyboard input only.
PWA Studio v.13.0.x is now compatible with Magento Open Source 2.4.6 and includes several accessibility enhancements. Information about bug fixes can be found under PWA Studio Versions.
Magento 2.4.6 - Security improvements
Magento 2.4.6 includes the following fixes and improvements to optimize security.
- Gaps in admin action logs have been fixed with more specific validation of actions within grid views, bulk actions and exports.
- reCAPTCHA validation no longer fails at checkout if unexpected errors occur during payment processing.
- New system configuration for requesting an email confirmation when a Magento Admin user changes their email.
Magento 2.4.6 platform improvements
Magento Open Source 2.4.6 introduces support for PHP 8.2. PHP 8.1 is still fully supported. Support for PHP 7.4 has been removed in this version. You cannot run Magento Open Source 2.4.6 with PHP 7.4.
Magento Open Source now supports:
- Composer 2.2.x. Composer 1.x has been removed.
- Redis 7.0.x. Although compatibility with Redis 6.2 is maintained, we recommend using this version with Redis 7.0.x as Redis 6.2 is expected to reach end of life in 2024.
- OpenSearch is now supported as the default search engine for Magento Open Source. Magento version 2.4.6 supports OpenSearch v2.x and has been tested with OpenSearch 2.5. Although compatibility with OpenSearch 1.x is maintained, it is recommended to use Magento 2.4.6 with OpenSearch 2.x.
- Elasticsearch 8.x.
- MariaDB 10.6 (LTS version). Magento 2.4.6 is still compatible with MariaDB 10.4, but it is recommended to upgrade to MariaDB 10.6.
Magento Open-Source introduces improvements to platform quality, payment methods, GrafQL caching performance and accessibility in version 2.4.5. It also includes updates for integrated Google modules.
Magento 2.4.5 contains over 290 quality fixes and improvements. The complete "Magento Open Source 2.4.5 release notes" can be downloaded here.
Magento 2.4.5 - Functions to improve accessibility
The main focus of Magento 2.4.5 was on improving web accessibility for store front-ends developed on the basis of Venia (PWA). These improvements include:
- The summary of search results is now displayed for screen readers.
- Screen readers are now informed when a new page view is loaded.
- Contrast and keyboard accessibility have been improved
Further improvements for more accessibility:
- The shopping bag button now provides a programmatic or textual indication of its status. Screen reader users are informed that clicking on this button will expand other content or that the associated content will be expanded or collapsed.
- The text elements or images of the credit card option for payment information now meet the minimum color contrast ratio of 4.5:1 required by WCAG 2.0 for standard text of 18pt (24px) or 14pt (19px) when printed in bold.
- The text of filter and sort buttons now meets the WCAG 2.0 required minimum contrast ratio of 4.5:1 for standard text of 18pt (24px) or 14pt (19px) when printed in bold.
- Buttons that trigger dropdowns now provide screen readers with information about their expanded or collapsed state and accessible names.
- Screen reader users are informed when a new page view is rendered. If a page title changed, this was not previously announced.
Magento 2.4.5 - Security improvements
Magento 2.4.5 contains numerous fixes and new improvements to optimize security.
- reCAPTCHA support has been added to the"Share wishlist","Create new customer account" and"Gift card" forms.
- Access control lists have been added for the inventory functions of Magento 2.4.5.
- The security of inventory templates has been improved.
- The MaliciousCode filter, which can be used to identify malicious code, has been updated and now uses the HtmlPurifier library.
Magento 2.4.5 - Google Analytics
Google has updated the tracking and integration mechanisms of AdWords and Google Analytics in web applications by integrating them with Googel Tag (GTag). This integration of Google features into websites expands the ability to track and manage content through Google services. Magento has a number of integrated modules such as Google AdWords, Analytics, Optimizer and Tag Manager that use the previous API for integration with Google services. In Magento version 2.4.5, these integrations have been completely re-implemented using the GTag approach
Magento 2.4.5 - Payment methods
With Magento 2.4.5, Apple Pay is now available for all merchants who have activated payment services. When using Apple Pay, customers do not need to enter their credit or debit card details. Apple Pay is available on the product detail page, in the mini-shopping cart, in the shopping cart and in the checkout process.
Merchants in Spain and Italy can now offer PayPal Pay Later to shoppers in their Magento store. Previews of the "PayPal", "Credit" and "Pay Later" buttons are now available in the Magento admin interface for the "Checkout", "Minicart", "Cart" and "Products" pages. The previews show how these buttons will look when they are activated and displayed in the store frontend.
Magento 2.4.5 platform improvements
Magento Open Source 2.4.5 now supports:
- Composer 2.2
- TinyMCE (5.10.2). Previous versions of TinyMCE (v5.9.2 or earlier) allowed arbitrary execution of JavaScript when updating a specially crafted URL or an image with a specially crafted URL.
- jQueryUI (1.13.1)
- PHPStan (^1.5.7 with restriction) GitHub-35315
The DHL integration schema has been updated from v6.0 to v6.2. This update does not change the product behavior.
Deprecated JavaScript libraries have been updated to their latest versions and deprecated dependencies have been removed. These changes are backwards compatible.
Magento Open Source 2.4.4 introduces support for PHP 8.1. All project libraries and dependencies have been updated for compatibility with PHP 8.1. Core Composer dependencies and third-party libraries have also been updated to the latest versions compatible with PHP 8.1.
This version of Magento also includes support for OpenSearch 1.2, which is an open source alternative to Elasticsearch. In addition, a lot of work has been done on optimizing security measures for Magento.
Another focus in the 2.4.4 release of Magento this time was on improvements for web accessibility, i.e. accessibility for people with disabilities, which will have a legal basis in June 2025 as part of the Accessibility Reinforcement Act in Germany and the EU.
Magento 2.4.4 and Adobe Commerce 2.4.4 contain a total of almost 250 quality corrections and improvements, which you can find in the complete "Magento Open Source 2.4.4 release notes". Below we list the essential functions for Magento store operators that were released with Magento 2.4.4.
Magento 2.4.4 - Functions to improve accessibility
Magento 2.4.4 offers improved compliance with accessibility guidelines. This version includes improved tooltips, accessible naming and labeling of screen elements, and redesigned icons and buttons. Over 80% of these fixes help to improve the shopping experience for users with no or limited vision.
Furthermore, the following measures for more accessibility in the Magento admin area and store frontend have been introduced with Magento 2.4.4:
- Screen readers can now read all relevant form elements on product pages.
- The contrast for buttons to delete and move images throughout the store frontend has been improved to enhance readability for visually impaired users.
- The magnifying glass icon used throughout the product interface for searching has been given an accessible name and text alternative.
- The rich text editor toolbar can now be accessed using the tab key.
- The accessible name of the control now contains the text of its visible label for the Number of items per page drop-down menu.
- The table controls on the Catalog > Product Details page now have visible labels and an accessible name when the table is collapsed.
- Editing links in the Products table now have a clear, meaningful link text.
- The buttons that open tooltips now have text names.
- Buttons in the entire store frontend now have unique, descriptive, accessible names.
- The contrast of the buttons for deleting and moving images has been improved throughout the store frontend to improve readability for visually impaired users.
- Text alternatives have been added to the pencil icon that appears when a merchant edits an input for the search engine optimization accordion.
The text input field on the New View product page now has an accessible name.
Magento 2.4.4 - Security improvements
Magento 2.4.4 contains numerous corrections and new improvements to optimize security.
- The IP allow list enables the Magento administration interface to be enabled only for certain IP addresses
- Two-factor authentication enables login to the Magento administration interface only if authentication via an app, such as Google Authenticator or Authy, has taken place.
- Magento 2.4.4 now supports the use of a VPN
- The Magento administration interface can now be accessed via a randomly generated URL, which is automatically set during installation, instead of via the /admin path segment. The URL can be changed later at will.
- Magento checks the password security and thus supports secure passwords with certain minimum requirements.
Magento 2.4.4 - Platform improvements
Magento Open Source 2.4.4 now supports PHP 8.1 and all project libraries and dependencies have been updated for compatibility with PHP 8.1. Additional platform enhancements include:
- Magento Open Source 2.4.4 adds support for Elasticsearch 7.16 and OpenSearch 1.2.
- The jquery library has been updated to version 3.6. The jquery-ui library has been updated to version 1.13.0. Other JavaScript libraries have been updated to the latest versions.
- The rich text editor for Magento, if you don't want to use Page Builder, TinyMCE 5.8.1 is now supported. TinyMCE 4 has been removed from the codebase.
- The RequireJS library has been updated to the latest version (v2.3.6).
- PHPUnit has been updated to the latest version (9.5.x). The tests and test frameworks have been updated to be compatible with the new version.
- Most Laminas dependencies have been updated to the latest versions compatible with PHP 8.1. Three Laminas dependencies have been removed from the codebase to reduce the number of dependencies.
- The GraphQL interface, which is also used by the Hyvä theme, has numerous improvements, including a significant increase in performance.
Further technical security functions introduced with Magento 2.4.4:
- Secure email variables are now a prerequisite for use in emails.
- Improved security for API tokens.
- Session IDs are no longer stored in the database.
- OAuth access tokens and password reset tokens are now stored encrypted in the database.
- Validation has been improved to prevent non-alphanumeric file extensions from being uploaded.
- AddedreCAPTCHA support for coupon code capture.
- HTTPS is now enabled by default for the Magento Open Source Storefront.
- The Dependency Confusion plugin is now required for all Magento Open Source installations. Previously this was only the case for Composer installations.
- Developers can now configure the limit for the size of arrays accepted by Magento Open Source RESTful endpoints per endpoint.
- Mechanisms have been added to limit the size and number of resources a user can request via a web API on a system-wide basis and to override the default settings for individual modules.
Enhanced content management with the Page Builder
Until now, the Page Builder was reserved for Magento Enterprise and the commercial Adobe Commerce versions, but is also available free of charge in the Magento Open Source version.
Page Builder is available as an extension bundle for Magento Open Source and can be optionally integrated as required As soon as Page Builder has been integrated, it replaces Magento's rich text editor and is available as a new standard tool for editing content of any kind.
The Page Builder can replace the Content Editor in the following admin areas:
- CMS pages
- CMS blocks
- Category description
- Product description
All content created with the previous editor can be migrated to the Page Builder. In addition, a variety of sample content and modules can be downloaded for the page builder. Banners, forms, various buttons and call-to-actions, column layouts and even lazyloading or sliders are available here free of charge.
The Magento Page Builder is also directly compatible with the Hyvä theme.
Performance improvements
With Magento 2, control mechanisms were also established which make it possible to make customer-specific content cacheable via the browser control on the part of Magento. Private content is the concept for this. Magento 2.4.3 includes improvements that shorten the indexing time for product price and catalog rule indexers. Merchants can now exclude a website from a customer group or a shared catalog, which reduces the number of records to be indexed and shortens indexing times.
Shopping cart, checkout and catalog updates
- Magento now takes country-specific decimal locators into account when converting and updating the product quantity in the shopping cart.
- Shoppers are now redirected to the cart page instead of the product page when trying to update the mini cart for an order with deleted items. Previously, shoppers were redirected to the product page.
- Shoppers can now add a product to their cart whose minimum advertised price(MAP) exceeds the regular product price.
- Shoppers can now successfully change their billing address through the checkout workflow when checking out with multiple addresses.
- Custom design layout updates are now applied as expected. Previously, custom design layout updates were ignored.
- The Advanced Pricing Customer Group Price Block Price input field now has a minimum width of five characters. Previously, only two symbols were visible in this field on low resolution displays.
- Magento now successfully deletes a product media image after deleting a product. Previously, the product media image remained in the folder after successfully deleting the product.
Bug fixes
Magento 2.4.3 includes over 370 new fixes to the core code. It includes the resolution of nearly 290 GitHub issues by community members. These community contributions range from minor cleanups to the core code. Click here to see the bug fixes in the Magento 2.4 release notes.
Platform upgrades and customizations
Magento is known for integrating and supporting various third-party platforms, payment providers and other standard components out of the box. These modules are also updated as part of the regular system upgrades. In Magento 2.4.3, the following platforms have been updated as listed below:
- Core Composer dependencies and third-partylibraries have been updated to the latest versions compatible with PHP 8.x.
- The KnockoutJS library has been updated to v3.5.1 (the latest version).
- Magento Open Source 2.4.3 has been tested and confirmed to be compatible with Redis 6.0.12 . (Magento 2.4.x remains compatible with Redis 5.x.)
- The dependencies of the Laminas library have been updated to PHP 8.x compatible versions. Some redundant dependencies have been removed from the composer.json file. Magento Open Source 2 .4.3 uses Laminas 3.4.0. Magento 2.4.3 is not yet compatible with PHP 8.x, but the following platform upgrades will bring us closer to future compatibility with PHP 8.x.
Other adjustments
- This version includes the Adobe Stock integration v2.1.1.
- PayPal Pay Later is now supported in deployments that include PayPal. This feature allows shoppers to pay for an order in bi-weekly installments instead of paying in full at the time of purchase.
- Authorize.Net integration has been removed from core code - extension available in Commerce Marketplace
Magento 2.4.2 Performance improvements and bug fixes
Several scalability improvements allow Magento 2.4.2 to natively support complex catalogs that are up to 20 times larger than in previous versions.
This release includes over 280 new core code fixes and 35 security improvements. It includes the resolution of almost 290 GitHub issues by community members. Click here to see the bug fixes in the Magento 2.4.2 release notes.
Magento 2.4.1 Performance improvements and bug-fixes
Reduction in the size of network transfers between Redis and Magento. The resulting performance improvements include a reduction in network cache size and execution time for many scenarios.
Improved message queue performance. Three new configuration settings enable a reduction in the CPU consumption of consumer queues. These optional parameters provide better control over consumers and save server resources.
This release includes all the core quality improvements that were included in Magento 2.4.0, over 150 new fixes to the core code and over 15 security improvements. It includes the resolution of nearly 300 GitHub issues by community members. Click here to see the bug fixes in the Magento 2.4.1 release notes.
Bug fixes
This release includes all the core quality improvements that were included in Magento 2.4.0, over 150 new fixes to the core code and over 15 security improvements. It includes the resolution of nearly 300 GitHub issues by community members. Click here to see the bug fixes in the Magento 2.4.1 release notes.