Magento Commerce 2.3.4 Release Note Highlights

From Steve Brockie, VP, Magento Practice

Release 2.3.4 includes over 220 functional fixes to the core product, over 30 security enhancements and resolution of over 275 contributions by Magento community members. We’ve called out some highlights, but I highly recommend visiting Magento DevDocs to read the full update notes.

Security Improvements

What has changed and what does it mean?
  • Improvement to help close off ‘Cross Site Scripting (XSS)’ which enable attackers to inject client-side scripts into web pages viewed by other users
  • Improvement to help close off ‘Remote code execution’ where an attacker has the ability to take control of another users device
  • Core code security fixes
  • Redesigned content templates to allow whitelisted variables that could otherwise be added in the template
How changes affect the current operation / action
  • Makes the application more secure
How users can leverage this to their advantage
  • Users will have a safer more secure application
  • Users are advised to Implement the following:
    • IP Whitelisting
    • Two-Factor Authentication
    • Strong Passwords

 

Platform Upgrades

What has changed and what does it mean?
  • RabbitMQ updated to the latest version. A message broker that allows messages to flow between a producer and a consumer via a queue
  • Tried and tested on the latest version of Redis, a caching software that allows the software to run more efficiently
  • Implementation of Declarative schema to more efficiently run database upgrade commands
How changes affect the current operation / action
  • RabbitMQ is simply updated to take into account the latest changes / embellishments to the software
  • Redis is central to Magento caching and when implemented allows the site to run more quickly by placing the full page and default cache in redis
  • Declarative schema basically make it easier for the user to implement database changes
How users can leverage this to their advantage
  • RabbitMQ makes use of upgraded version
  • Redis improves site performance
  • Declarative schema makes it easier to implement database changes

B2B

  • Ability to export requisition lists into CSV format. B2B buyers can then perform batch modification for subsequent import into the shopping cart or import back into the requisition list
  • Granular ACLs for B2B modules. Merchants can now restrict access to B2B features from the Admin, controlling which employees can work with B2B items and settings

Performance Boosts

Magento have turned off statistics collection for reports by default, in order to reduce load on the database. This will allow the users to push more out to the site, without creating stress.

 

Infrastructure

Main focus is on fixes to the core in order to make the platform more efficient.  Catalog, sales, PayPal, Elasticsearch, import, CMS, and B2B are among the areas affected. This Makes for a better user experience by removing bugs and improving users interaction.  The advantage of this will be more optimised code that has fewer bugs and more optimised features. 

 

Merchant Tools

Integration of a new bundled Adobe stock integration extension.  This adds high quality images along with videos to the merchants website.  In addition merchants can use the searchable interface in the Magento Media Gallery to explore, preview, license, and deploy stock images in website content. 

 

Inventory Management Enhancements

  • Performance Improvements
  • General bug fixes

 

GraphQL

Improvements here relate to improved functionality to API calls, this is particularly relevant for PWA, some of these include:

  • Guest carts and customer carts can now be merged
  • Customer can start an order on one device and complete it on another
  • Categories can now be searched by ID, name and /or URL

 

Live Chat Powered by dotdigital

Improvements here relate to improved functionality to API calls, and allows users to leverage this technology without the need for a full dotdigital engagement license.

 

Want to Learn More?