As many of you know, Adobe has released Magento 2.4.3 version on the 10th of August 2021 along with security-only patches 2.4.2-p2 and 2.3.7-p1, which help to increase product security, performance, and functionality.
Here in this article, you can briefly check what adobe has to offer you in terms of Magento 2.4.3 release.
Let’s talk about figures first!
This release gives you 33 security fixes, 370 fixes to core code and almost 290 GitHub issues fixes by community members.
All known issues in Magento 2.4.2 open source have been fixed in this release.
Now let’s dive into key highlights of this release on a high level.
Fixes to close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities
Adobe has added 33 security fixes which help to close RCE and XSS vulnerabilities.
New Composer Plugin Added
It will help to prevent dependency confusion and identifies malicious packages with the same names as internal packages on the public package repository,
Rate limiting Magento APIs
This has been added to prevent denial-of-service (DoS) attacks. It imposes restrictions on the size or number of resources. However, the default maximum is set to 20.
ReCAPTCHA coverage extended
Now it covers Web APIs that have corresponding HTML pages, Place Order storefront page, and payment-related web APIs.
From the infrastructure aspect, this release provides enhancements that improve the quality of the framework and the following functional areas:
- Customer Account
- Promotions and Targeting
- Cart and Checkout
- Staging and Preview
Paypal Pay later support added
It will allow shoppers to pay in bi-weekly installments instead of full payment in one go.
use_application_lock indexing mode added
In case of failure, you don’t need to enable indexer again if this mode is enabled. You can configure it in environment variables or in app/etc/env.php file.
- PHP 8.x support added for core composer dependencies and third party libraries.
- The Knockout JS library upgraded to latest version ( v3.5.1)
- After that, the deprecated TinyMCE v3 library and Magento_Tinymce3Banner has been removed.
- Tested with Redis 6.0.12
- Product Price and Catalog Rule indexers execution time decreased.
- Merchants can now exclude a website from a customer group or shared catalog.
- Added GraphQL coverage for shared routes.
- In addition, the
urlResolverfunctionalities suspened from route query
- Page builder added as a bundled extension and set as a default editing tool in this release.
- Therefore, you can use page builder to edit CMS Page, CMS Block, Category Description and Product Description.
Above all, there are a lot of fixed issues that help this release to become more stable and performance efficient.
You can install this version by following Magento 2.4.3 installation doc.
Complete release notes with details of each change made and issue fixed are available here.
In conclusion, this release contains many good features and awaited bug fixes.