Magento 2.4.3 open source has been released recently with enhancements in performance, security, and many other platform improvements. There is built-in rate limiting and reCAPTCHA expansion among others in security enhancements. The core composer dependencies and 3rd party libraries have been also upgraded to the latest versions which are compatible with the latest PHP versions i.e. PHP 8.x. In Magento 2.4.3 open source, Page Builder is available as a bundled extension. It will be the default content editing tool in Magento 2.4.3 open source and Adobe Commerce.
There are 370+ fixes in the core code along with 33 security enhancements. It also got resolved 290 GitHub issues submitted by the Magento community members. All the known issues of Magento 2.4.2 issues have been fixed in this release.
Other release information:
The code for Magento features is bundled with quarterly releases of Magento core code, some projects (like Magento PWA Studio) are also released independently. Bug fixes for these are released in the separate release.
Let’s go through the major highlights of the Magento 2.4.3 release:
Substantial Security Enhancements:
In this release, there are 33 fixes in security and platform security improvements. Most of these fixes were of Magento 2.4.2-p2 and Magento 2.3.7-p1.
Thirty-three security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities.
Additional Security Improvements:
The other security improvements in this release improve compliance with the latest security patches such as:
- A new Composer plugin preventing dependency confusion and distinguish malicious packages within the public package repository.
- There is rate-limiting in Magento APIs for preventing denial-of-service (DoS) attacks.
- ReCAPTCHA is now being used in Web APIs that have corresponding HTML pages and also in Place Order storefront page and payment-related web APIs.
In Magento 2.4.3 the overall quality of the framework has been worked in the following functional areas:
- Customer Account
- Promotions and Targeting
- Cart and Checkout
- Staging and Preview
PayPal Pay Later is also being supported.
Magento 2.4.3 is not fully compatible with PHP 8 and above versions, but these upgrades will bridge the compatibility with PHP 8.x:
- Upgrade the Core Composer Dependencies and 3rd party libraries
- Upgrade the KnockoutJS library to the latest 3.51 version
- The deprecated TinyMCE3 v3 library has been removed. The Magento_Tinymce3Banner module and MFTF tests related to TinyMCE v3.x have been removed from Adobe Commerce.
- Magento 2.4.3 is compatible with Redis 6.0.12
- Laminas library dependencies have been upgraded to PHP 8.x-compatible versions.
In this release, there are enhancements that can reduce the indexation time for Product Price and Catalog Rule indexers. Merchants can even exclude a website from a customer group or shared catalog while reducing the number of records for indexing and improving indexing times.
Adobe Stock Integration:
There is Adobe Stock Integration v2.1.1 in this release.
For shared routes, there is GraphQL coverage in this release. The route query and RoutableInterface support routing requests on the product, category, and CMS pages. The urlResolver query has also been deprecated, and its functionality has been superseded by the route query.
You will get now the page builder as a bundled extension in the Magento Open Source. In Magneto 2.4.3, it has become the default content editing tool. It can replace the WYSIWG editor with any 3rd party module.
In the following admin areas, Page Builder replaces the TinyMCE:
- CMS Page
- CMS Block
- Category Description
- Product Description
All the content of TinyMCE will be migrated into Page Builder as HTML
Upgrade Compatibility Tool:
On the feedback of the Magento Community, the scope of the Upgrade Compatibility Tool has also been expanded.
The hundreds of issues have been fixed in this release:
Installation, upgrade, deployment:
Some issues fixed in this are:
- The bin/magento setup:db:status command will return a message showing everything is good after an upgrade. Earlier, Magento shows this error: Declarative Schema is not up to date
- Configuration value now preserves on form reload when the creation of a new configurable product fails. Earlier, the values got lost during reload.
- Magento no longer throws an exception when you run bin/magento setup: upgrade to upgrade from a Magento Open Source deployment with Redis to Adobe Commerce.
Adobe Stock Integration:
- Magento now displays an informative message with a link to the Admin > Stores > Configuration > Advanced > System page on the Search for Adobe Stock page when API Key (Client ID) and Client Secret are not set.
- Admins with restricted access can’t edit categories of Global scope
- System report generated is now rendered correctly
- Magento now turns off validation on the Price field as expected when the Dynamic price setting is enabled during bundle product creation.
- Infinite redirects no longer occur when the Admin URL differs from the default website URL
- “addProductsToCart” mutation allows adding a bundle product with more than one checkbox in the cart.
- The database tables don’t lock by price indexing of bundle products as it gets executed using temporary tables.
- You can set the bundled item price to 0.00. Previously, after returning to the edit page after setting the price, it will return to its default value.
- Order details for orders that contain bundle products now show the correct price for the bundle products if the price was changed before the order was placed.
The varnish6.vcl file has been updated to bypass caching of the customer page.
- CAPTCHA now correctly validates the data entered by a shopper, and CAPTCHA is displayed after the multiple unsuccessful attempts of customers to checkout.
- CAPTCHA validation no longer randomly fails on the payment page of the checkout workflow
- Magento now displays the CAPTCHA field expected after exceeding the number of failed completion attempts.
- CAPTCHA now works as expected on the checkout page
Cart and Checkout:
- Magento now considers locale-specific decimal locators while converting and updating product quantity into the cart
- When the customer clicks on the Place Order button, the Terms and Condition validation message appears.
- Customers are redirected to the shopping page instead of the product page when they try to update the mini cart for an order that contains deleted items.
- The shipping page of the checkout workflow now successfully loads when in-store delivery is enabled.
- Magento no longer throws a JS error after you enable recent product synchronization with the Admin.
- Custom theme layouts are now applied as expected
- The product category cache is now cleared as expected by cron during indexer_update_all_views execution.
- Magento now displays accurate stock status when a product is added to a CMS page when Category Permissions are enabled and prevents the display of price for the specified customer’s group.
- Magento successfully deletes a product media image after deleting a product.
- You a save a custom product attribute with a value of zero as blank
- Custom category layout update files now apply to products as expected
- The products query now returns the current values when a catalog price rule applies to an item.
- Temporary tables that begin with catalogrule_product__temp are now deleted as expected when re-indexing fails after a cart or catalog rule expires, is disabled, or becomes inactive.
The other categories in which the fixes have been done are:
- CMS content
- Configurable products
- Content Security Policy
- Custom customer attributes
- General fixes
- Gift Cards
- Gift message
- Google Tag Manager
- Media Gallery
- Payment methods
- Product video
- Sales Rule
- Translation and locales
- URL rewrites
- Web API framework
- Wish list
- and known issues
Hope everyone got basic information about the new or enhanced features of Magento in its latest version Magento 2.4.3. At Ceymox Technologies, the Top Magento Development Company in India provides you best and cost-effective services in the latest version of Magento 2. Let us know your requirements.