Magento 2.3.5 released- A quick overview of the new features!
Soon after the introduction of Magento in 2008, this platform became the most widely used web technology across the globe. Magento is an open-source platform that offers thousands of extensions and plug-ins to the owners, meeting the expectation of every online eCommerce owner. A few years ago, Magento 2.0 became the new normal after its release with some advanced features for custom Magento development.
But now, Magento is back with a 2.3.5 version with new and beneficial updates for the eCommerce owners to stay one step ahead of the competitors. Majorly, this release introduces about 180 functional fixes to the core product and 25 security enhancements. So if you’re planning to have your own eCommerce online store or already have it, then be aware of all updates as it helps in the future. Magento upgrades not only offer advanced features but also boost the security levels eventually.
In this article, we’ll be covering the major updates that will give you an idea about the version and benefits one can reap:
1. Significant security enhancements
As mentioned above, about 25 security enhancements are being introduced to improve close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities
No authentication interventions associated with these problems have occurred to date. However, certain vulnerabilities can probably be misused to access customer information or administrator sessions. Most of these concerns require that an antagonist initially obtains access to the Admin. As a result, we evoke you to take all essential steps to protect your Admin, including but not confined to these efforts:
- IP whitelisting
- Use of a VPN
- Two-factor authentication
- Use of an exclusive location
- Good password regimen
With the Magento 2.3.4 release, the platform has changed the way they define these security issues. Individual concerns are no longer described in the Magento Security Center. Preferably, these problems are documented in an Adobe Security bulletin.
- Implementation of Content Security Policies (CSP)-This release comprises a set of sturdy new security tools for Magento installations. Content Security Policies (CSP) provides extra layers of security by serving to detect and alleviate Cross-Site Scripting (XSS) and relevant data injection interventions.
- Removal of session_id from URLs– Disclosure of session-id values in URLs builds inherent security vulnerability in the form of session fixation. Now, code from the classes and techniques that add or read session_id from URLs are being removed.
2. Platform upgrades Magento Development Company
The following platforms upgrades assist improve website security and performance:
- Support for Elasticsearch 7.x– Elasticsearch 7.x is now the advanced catalog search engine for both Magento Open Source and Magento Commerce. With this release, Magento 2.3.x supports only Elasticsearch 6.x and 7.x., whereas, Elasticsearch 2.x and 5.x are now belittled for Magento 2.3.x and will be eliminated in Magento 2.4.0.
- Deprecation of core integration of third-party payment methods– With this update, the integrations of the eWay, CyberSource, Authorize.Net, and Worldpay payment methods are deprecated. These core features are no longer carried and will be excluded in the subsequent minor release (2.4.0). Merchants should transfer to the standard extensions that are accessible on the Magento Marketplace.
- Depreciation of the core integration of the Signifyd fraud protection code– This core feature is no longer sustained. Merchants should move to the Signifyd Fraud & Chargeback Protection extension that is accessible on Magento Marketplace.
- The migration of dependencies on the Zend Framework-Zend Framework has been depreciated. Magento 2.3.5 includes the minimum number of changes to code and configuration that are obligated to promote the use of the Laminas libraries. These changes are backward-compatible, and you can proceed to use your current code. While this voyage isn’t required for compatibility with this patch release, long-term solutions will expect it.
3. Performance boosts
The below-mentioned updates will help you boost the overall performance of your eCommerce website efficiently.
- Alterations to customer data section invalidation thesis. This release injects a different way of refuting all customer sections data that evades an acknowledged problem with local storage when custom sections.xml invalidations are running.
- Multiple optimizations to Redis performance. The improvements minimize the number of doubts to Redis that are offered on each Magento request. These optimizations include:
- A reduction in the volume of network data transfers between Redis and Magento
- Decline in Redis’ consumption of CPU cycles by enhancing the adapter’s capability to automatically discover what needs to be packed
- A decrease in race situations on Redis write operations
4. Infrastructure Improvements
This release comprises intensifications to core quality, which enhance the quality of the Framework and these modules: Sales, PayPal, Catalog, Elasticsearch, Import, and CMS.
- The PayPal Pro payment method now runs as foreseen in the Chrome 80 browser. This payment method earlier requested a Magento callback endpoint that required access to the customer’s session — access that the current default Chrome Same site cookie functionality does not authorize.
- A PHPStan code analysis check has been blended into Magento static builds. This tool performs advanced static code analysis and distinguishes additional problems that are currently not disclosed by PHP Mess Detector and PHP CodeSniffer.
5. Fixed issues
Magento 2.3.5 has strived hard to fix hundreds of issues, some which are mentioned below:
- Quick installation, upgrade and deployment
- Adobe Stock integration
- Bundle products
- Cart and checkout
And the list goes on…
In a nutshell, Magento 2.3.5 can be revolutionary as Magento 2.0 because the features seem promising and can add value to any eCommerce store developed on this framework. However, if you’re looking for a Magento Development Company that can help you with online store development to set up maintenance, then Pixlogix is at your disposal!