Magento 2.4.5, New Version is Released!
After the hit of Magento 2.4.4 in 2022, Magento has released the new version recently. This is the Adobe Commerce and Magento Open Source 2.4.5 release, bringing several 400 fixes and quality enhancements.
Adobe Commerce 2.4.5 may come with some backward-incompatible changes. It improves payment methods, platform quality, accessibility, and GraphQL caching performance. It also introduces Live Search B2B support, Upgrade Compatibility Tool, and integrated Google modules.
With this said, here are the significant upgrades to Magento 2.4.5 with security and robust features.
#1 Security Enhancements
The new upgrade comes with around 20 security improvements and fixes that are backported to Adobe Commerce 2.3.7-p4 and Adobe Commerce 2.4.3-p3.
The issues have not confirmed any attacks, but the upgrades will help overcome any vulnerabilities to avoid the threat. It aims to prevent any potential attack exploiting administration sessions or customer information. To protect any access to the Admin, as the issues showcase, one can include these or more options:
- VPN
- IP allows listing
- Good password hygiene
- Unique location
- Two-factor authentication
Apart from this, the major enhancements are:
- Inventory template security
- ACL resources
- reCAPTCHA support
- To use the HtmlPurifier library, MaliciousCode filter upgrade
Composer dependency updates:
- colinmollenhour/credis (1.13.0)?
- guzzlehttp/guzzle (^7.4.2)
- laminas/laminas-captcha (updated with a constraint ^2.12)
- laminas/laminas-db (^2.15.0)
- laminas/laminas-di (^3.7.0)
- laminas/laminas-escaper (~2.10.0)
- laminas/laminas-eventmanager (^3.5.0)
- laminas/laminas-feed (^2.17.0)
- laminas/laminas-mail (^2.16.0)
- laminas/laminas-mvc (^3.3.3)
- laminas/laminas-server (^2.11.1)
- laminas/laminas-servicemanager (^3.11.0)
- laminas/laminas-validator (^2.17.0)
- league/fly (2.4.3)
- monolog/monolog (^2.5)
- php-cs-fixer (^3.4.0)
- phpmd/phpmd (^2.12.0)
- phpstan/phpstan (^1.5.7)
- phpunit/phpunit (~9.5.20)
- webonyx/graphql-php (14.11.6)
#2 Payments
All merchants can use Apple Pay now with Payment Services enabled while deployments. It doesn’t require any debit or credit card details to make the payments. It is also available on the product details page, shopping cart, mini cart, and checkout workflow.
PayPal is available for merchants living in Italy and Spain. The Admin can preview the Pay Later, Credit, and PayPal buttons for mini cart, checkout, product page, etc.
The KOUNT fraud protection integration is discontinued on Braintree and is removed from the Magento Open-Source codebase. The Admin can check the option – Always request 3DS.
#3 GraphQL
Major enhancements in GraphQL are:
- Added capabilities to consume time and date expiration for the tokens.
- Administrators and developers can rebuild faster on deployment and production attributed.
- GraphQL operations can launch Session coolies using class proxies.
- Disable the session coolie creation using bin/Magento config:set graphql/session/disable 1 command.
- http header processors no longer have session usages such as currency, customer, and store.
#4 PWA Studio
Adobe Commerce 2.4.5 is compatible with PWA Studio v.12.5.x that is packed with new features such as:
- It is easy to select a service to deploy using Google Tab Manager.
- PWA Studio storefront can collect shopper behavior data for web analytics services.
#5 Live Search
New support to custom pricing and customer groups for B2B. It can help in product assignments for the pricing and customer groups for specific customer shared/group catalogs.
#6 Platform Enhancements
Adobe Commerce 2.4.5 cloud-hosted deployments don’t support ElasticSearch 7.11 or more. OpenSearch is used for the version. However, for ElasticSearch 7.17, they have tested and confirmed the compatibility of Adobe Commerce 2.4.5. It supports:
- jQueryUI
- Composer 2.2
- PHPStan
- TinyMCE version 5.9.2 or earlier or 5.10.2
Magento has also updated the DHL integration schema from v6.0, v6.1, and v6.2 with no change in the product behavior. The outdated dependencies have been removed with the update of Outdated JavaScript libraries
Other major replacements are
- the Default URL to use https for USPS shipping
- js-cookie/js-cookie instead of jquery/jquery-cookie
- glob.js dependency
- julien-maurel/js-storage instead of jQuery Strograe libraries
- Vimeo REST API uses jaralax-video.js and jarallax.js libraries,
and more.
#7 B2B
To implement the Shared Catalogs feature, it is easy to optimize the normalized database data. The aim is to boost the performance by reducing eSKU multiplication results for fewer database rows. Adobe Commerce’s new upgrade creates a unique eSKU instead of duplicated SKU for each shared catalog. One can improve the price indexer performance using the configuration – Enabled Shared Catalog direct product price assigning.
#8 Fixed Issues
- On trying to change Admin URL to Custom, one doesn’t need to throw an exception in Magento Open-Source.
- Minimum color contrast ratio required for the text elements or text image payment information credit card option.
- Sort and filter button text require minimum color contrast ratio
- Users can log into Adobe Stock.
- It doesn’t change the remaining items in the address dropdown values for the single quality address.
- When no options in the Allow Countries are shown, shoppers can add products to the carts.
For more information, you can check out the official release notes:
It’s time to upgrade to Magento 2 to get the best features and leverage the significant fixes. The upgrades aim to increase the user experience and strengthen security.