Magento 2.4.7 Release Notes, Schedule and Download
Magento, the leading ecommerce platform, has recently released its latest version, Magento 2.4.7. Magento 2.4.7 Release brings some major improvements and updates for ecommerce merchants. This significant update aims to enhance security, optimize performance, and deliver a smoother user experience.
Let’s explore what’s new in this latest version of Magento to help merchants understand the updates.
- Security fixes and platform improvements
- Infrastructure and tooling upgrades
- Checkout and payment optimizations
- Performance boosts
- Progressive web app (PWA) advancements
- Admin UI changes
- GraphQL API expansions
- Quality and maintenance fixes
This update helps future-proof Magento stores by supporting the latest PHP, MySQL, and other platform versions. It tackles critical vulnerabilities while improving site speeds.
Magento 2.4.7 aims to deliver a more secure, faster, and streamlined ecommerce platform. Let’s look at some of the most significant updates.
Security Enhancements
Security remains a top priority in the Magento 2.4.7 release. To reinforce protection against threats, it includes fixes for over 10 vulnerabilities.
- Platform Security Improvements: Magento 2.4.7 contains all the security enhancements added in versions 2.4.4 through 2.4.6. This prevents known remote code execution, cross-site scripting, and other critical risks.
- Protection for Admin Access: Extra validation steps are required for admin users to help block automated attacks. The new layers improve security for admin login and account management.
- Updated Cache Key Prefixes: Non-generated cache keys now have prefixes and character limits added. This makes it harder to predict cache IDs and exploit vulnerabilities.
- Coupon Code Limits: The number of auto-generated coupon codes is restricted to prevent overloading the coupon system. This protects against potential denial-of-service situations.
- Default Admin URL Changes: The way default admin URLs are generated has been optimized to enhance security. This prevents easy detection of the admin login page.
- Full Page Cache Settings: New configuration settings allow merchants to customize full-page caching as desired. This helps balance performance and security based on business needs.
- Subresource Integrity Checks: Magento 2.4.7 supports Subresource Integrity (SRI) checks for JavaScript files. This validates that files come from trusted sources and weren’t tampered with.
- Content Security Policy Updates: The default content security policy (CSP) includes improvements to better handle JS resources. This offers reinforced protection against cross-site scripting attempts.
- Native Rate Limiting for Payments: Built-in controls now limit the rate for payment information sent through REST or GraphQL, mitigating potential threats when processing customer payment data.
Infrastructure Upgrades
Magento 2.4.7 Release contains significant upgrades to modernize the platform’s infrastructure and tooling.
- PHP 8.1+ Compatibility: The latest PHP 8.1 and 8.2 versions are now officially supported. This allows merchants to leverage the newest PHP 8 features and improvements.
- MySQL 8.0 Support: Full compatibility with MySQL 8.0 is introduced. Stores can now upgrade to MySQL’s latest major release for enhanced performance.
- Elasticsearch 7.17+ Compatibility: Elasticsearch received a major upgrade to ensure support for 7.17 and above. This enables access to the newest search engine capabilities.
- Varnish 7.0+ Support: Varnish 7.0 and newer versions are now supported. Merchants can upgrade their Varnish caching server without issues.
- Redis 6.2 Support: Magento 2.4.7 adds support for the latest Redis 6.2, which improves caching performance. Merchants can leverage Redis’ newest enhancements.
- jQuery 3.6 Support: The jQuery library upgraded to version 3.6. This modernizes jQuery usage for better security and compatibility.
- PHPUnit 9.5 Support: The PHPUnit testing framework has been updated to 9.5. This allows improved testing processes with PHPUnit’s latest features.
- Asynchronous Bulk APIs: New asynchronous/non-blocking Bulk APIs were introduced for imports, data handling, and exports. This prevents timeouts when managing large batches of data.
- Craft CLI Improvements: Craft CLI commands optimized for faster performance. This improves developer workflows for scaffolding projects.
- Composer 2 Compatibility: Full support has been added for Composer 2, the latest dependency manager version. This allows developers to leverage new Composer 2 capabilities.
Checkout & Payments Optimization
Magento 2.4.7 Release contains multiple checkout and payment enhancements to boost conversions.
- Braintree Enhancements: Several Braintree features were expanded, such as PayPal vaulting, Google/Apple Pay support, and GraphQL integration. This helps maximize payment options.
- Minicart Updates: The minicart updates properly when adding/deleting items. This fixes previous display issues that confused customers.
- Shipping Address Handling: Handling of customer shipping addresses improved in the checkout process. This results in a smoother and error-free workflow.
- Payment & Shipping Methods: Popular payment and shipping options like PayPal and UPS were optimized. This resolves integration issues reported by merchants.
- Asynchronous Order Processing: More asynchronous workflows were introduced for order management tasks. This prevents bottlenecks when managing large order volumes.
- Order Management Updates: Core order management logic optimized for faster, more reliable order processing. This boosts order throughput and reduces errors.
- GraphQL Order Mutations: GraphQL order mutations allow for the management of orders directly via the GraphQL API. This helps developers integrate custom order workflows.
Performance Enhancements in Magento 2.4.7
Significant performance optimizations aim to speed up site pages and processes.
- Indexing Improvements: Catalog and other indexes optimized to speed up reindexing. This provides faster product updates and promotions.
- GraphQL Caching: Response caching implemented for GraphQL queries. This accelerates sites that heavily utilize GraphQL services.
- Catalog Bundling: Related simple products now bundle automatically to reduce page size. This speeds up category and product pages.
- Async Bulk APIs: The new asynchronous bulk APIs prevent timeouts for large data imports or updates. This maintains site performance.
- Checkout Optimization: Multiple improvements target bottlenecks in checkout to reduce loading times. This improves conversion rates.
- Cache Invalidation: Product cache invalidation was optimized to keep the cache fresh with updated catalog data. This returns accurate results to customers.
- Database Query Optimization: Core database queries optimized to fetch data faster and reduce load. This improves response times across the admin and storefront.
📈 Optimize Your Magento Store with XtremeUX eCommerce SEO Services
Take your Magento e-commerce store to new heights with XtremeUX's specialized SEO services. Our team of experts will optimize your website's performance, improve its search engine rankings, and drive targeted traffic to increase your online visibility.
Magento 2.4.7: Progressive Web Apps (PWA)
Magento’s Progressive Web App (PWA) tools received the following notable upgrades:
- Studio Compatibility: PWA Studio has been updated to ensure compatibility with Magento 2.4.7 and the latest tooling. This allows for the easy building of progressive web apps.
- Accessibility Improvements: More rigorous accessibility testing and fixes are applied to improve compliance. This helps serve customers needing accessible sites.
- Service Worker Updates: Updates to service workers and Web Manifest allow leveraging new browser capabilities. This helps improve offline functionality.
- Build Performance: Faster build performance for the Venia reference PWA storefront. This makes PWA development quicker for merchants.
- Bug Fixes: Multiple PWA Studio bugs related to Redux, routing, plugins, and more were fixed. This improves stability.
Admin Experience Improvements on Magento 2.4.7
Several changes aim to streamline processes for administrators in the Magento admin.
- New Homepage: A refreshed Admin homepage provides quicker access to important tools and insights. This simplifies navigating the admin.
- Activity Log Enhancements: The Activity Log was expanded to track more system actions, like login attempts. This helps administrators identify issues.
- Workflow Optimizations: Key areas like order management improved to help admins work more efficiently. This saves time dealing with orders.
- Product Attribute Management: Managing product attributes and options enhanced for greater flexibility. This makes it easier to customize products.
- LESS Compilation: On-demand LESS compilation added for Admin themes. This speeds up theme development and customization.
- Asynchronous Data Processing: More asynchronous admin operations help process large data sets without timeouts. This prevents disruptions when managing heavy workloads.
- Admin Notifications: Notifications in the Admin panel highlight important activities requiring attention. This allows quicker responses to time-sensitive actions.
GraphQL API Expansion: Magento 2.4.7
Magento 2.4.7 Release continues expanding GraphQL coverage to help developers build innovative storefronts and headless solutions.
- Custom Attributes: GraphQL support has expanded to include custom customer and product attributes, allowing users to tailor GraphQL queries to their unique business needs.
- Cart Mutations: More cart mutations are available, such as adding/removing items and collecting totals.
- Improved Caching: Enhanced caching mechanisms, including caching responses, custom attributes, and more, were introduced to improve GraphQL query performance.
- Catalog Queries: Additional catalog queries, such as product pricing, inventory status, and option details, were implemented. This provides richer product information.
- Order Management: New GraphQL mutations allow for the management of orders like cancellations and holds. This supports custom order workflows.
- PWA Support: It improved GraphQL coverage for PWA capabilities like managing carts, wishlists, and accounts. This assists PWA development.
- Deprecations: They deprecated GraphQL queries and mutations identified for eventual removal. This helps developers upgrade their integrations.
- Documentation: Expanded reference documentation was provided to utilize new GraphQL APIs. This helps developers quickly leverage the latest capabilities.
Quality Fixes in Magento 2.4.7
Over 250 high-priority fixes aim to improve quality throughout the Magento platform.
- Installation & Upgrade Fixes: Multiple issues related to fresh installation, patching, and upgrades were resolved to improve reliability.
- Checkout & Cart Fixes: Dozens of checkout and cart issues, such as payment errors, address handling, and calculations, were fixed, smoothing checkout.
- Admin UI Fixes: Various Admin UI fixes are applied, especially when managing orders, customers, and products. This improves the admin experience.
- Catalog Fixes: Catalog issues resolved around pricing, sorting, promotions, and more to fix display and calculation errors.
- Framework & API Fixes: Core framework and API issues addressed to boost stability, performance, and integration capabilities.
- Payment & Shipping Fixes: Problems related to the integration and configuration of main payment methods and shipping carriers were fixed, resolving critical integration issues.
- Indexing & Cache Fixes: They optimized caches and indexes to eliminate occasional failures and slow performance. This provides consistently fast sites.
- Testing & Build Fixes: Improvements to testing infrastructure and build tools to enhance code quality and deployment reliability.
Security Fixes on Magento 2.4.7
Over 30 security fixes help protect sites against vulnerabilities, including:
- XXE & RCE Fixes: This release fixes remote code execution, XML external entity (XXE), and other critical issues, hardening sites against attacks.
- Session Fixes: It resolved vulnerabilities related to customer and admin sessions. This reinforces the protection of sensitive account access.
- API & GraphQL Fixes: Secured REST and GraphQL APIs to prevent unauthorized data exposure. This safeguards customer data privacy.
- Database Fixes: It eliminated database-related vulnerabilities, such as SQL injection risks. This keeps data secure.
- File System Fixes: It addressed file system risks like the ability to access unauthorized files. This prevents exploits.
- Third-Party Library Fixes: It updated vulnerable third-party libraries like lodash, log4j, and more. This maintains the security of dependencies.
Official Release Notes and System Requirements
For the complete release notes and system requirements, please refer to the official Magento Open Source 2.4.7 documentation.
Read Magento 2.4.7 Release notes on official website: https://experienceleague.adobe.com/en/docs/commerce-operations/release/notes/magento-open-source/2-4-7
Final Thoughts on Magento 2.4.7 Release
The newest Magento version, 2.4.7, equips ecommerce merchants with valuable improvements to enhance security, performance, and platform capabilities. This significant update modernizes Magento’s infrastructure while optimizing critical parts of the shopping experience. Merchants currently on Magento 2.4.x can benefit by upgrading to 2.4.7 to leverage the latest advancements.
For those on older Magento editions, now may be the ideal time to plan an upgrade and maintain access to the newest features and ongoing support. Overall, Magento 2.4.7 delivers compelling reasons to update for merchants seeking a faster, more robust, and future-proofed foundation for their ecommerce operations.
