What is New in Magento 2.3.4: Open Source & Commerce?

Long-awaited Magento 2.3.4 has been released! Let’s look through the highlights, security and performance enhancements and uncover some insights about the platform upgrades.

The release came up with over 250 core improvements that empower Framework and several modules, including sales, catalog, import, CMS, PayPal and Elasticsearch. Among others, the new Abode Stock integration was introduced. It allows adding high quality media files to the website not leaving the admin. Using Magento media gallery, business owners can use the search interface working with stock images. What is more? Read the article and find out everything you need to know about Magento 2.3.4.

Magento 2.3.4 Security
Magento 2.3.4 Upgrades
Magento 2.3.4 Performance Enhancements
Magento 2.3.4 Inventory Management
Magento 2.3.4 GraphQL Improvements
What is Magento Open Source & Commerce Security Patch 2.3.3-p1?

Magento 2.3.4 Security

One of the reasons behind Magento’s rapidly growing popularity is its advanced security. The core team, as well as the huge community of ecommerce enthusiasts and experienced developers, invest in making the product better and eliminating any kind of weaknesses as fast as possible.

Security-first approach is what Adobe company adheres to. Every update brings major improvements and fixes and Magento 2.3.4 has not become an exception. The new release includes over 220 both minor and significant fixes as well as over 30 prominent security improvements.

• To protect the online stores running on Magento and privacy of the customers who shop there, potential vulnerabilities are removed in cross-site scripting (XSS) and remote code execution (RCE). Even though there have been no recorded cases of misusing these vulnerabilities to get access to customer data or take over the admin sessions, Magento cares to avoid all the potentially exploitable security issues in advance.
• Custom layout updates are removed to eliminate the possibility of Remote Code Execution (RCE). In Magento 2.3.4, Custom Layout Update field has been changed to a selector on the following pages: CMS Page Edit, Product Edit and Category Edit. Now, in order to manage a layout update, you must create a file with the update which is required to follow certain conventions and then select it.
• Content template features now can include only whitelisted variables. In the previous Magento versions, there were cases when templates defined by the admin had included variables that directly called PHP functions on objects causing issues.

Magento 2.3.4 Upgrades

The new release introduces several upgrades that improve overall Magento security and contribute to enhancing Payment Card Industry (PCI) compliance.

• Magento 2.3.4 supports the latest RabbitMQ v3.8 release.
• MariaDB 10.2 is improved. Now system integrators can operate declarative schema with both MariaDB and MySQL after the values have been normalized and the error with the command setup:upgrade was fixed.
• Page session storage and caching are enhanced and tested on Redis v5.0.6.

Magento 2.3.4 Performance Enhancements

The following Magento 2.3.4 improvements result in noticeable system’s performance boost:

• Banner cache logic has been improved and customer section mechanism refactoring no longer causes redundant requests to the server.
• Refactoring PHTML files has improved bundling mechanism’s support parsing. Enhanced bundling mechanism identifies all dependencies on JS.
• Disabling statistical data collecting for Reports module is now available by default. There is a new setting in System Configuration > General > Reports > General Options that gives users an opportunity to turn on and off Magento Reports.

Additionally, Magento Commerce 2.3.4 release improves Page Builder with the following features:

• Product carousel is upgraded. Page Builder now allows online store owners to select one of the predefined options in Products content type to decide how the product will be shown to a customer.
• Next-level product sorting is implemented. Sorting by product position is now available in product SKUs or category as well as by defined parameters.
• Page Builder content is optimized for rendering n the front of a store using the Venia Theme. The HTML content is converted into structured data working in PWA Studio and React.

Magento 2.3.4 Inventory Management

Magento inventory management has received special attention in this release. The following enhancements were made in Magento 2.3.4 release to improve the platform’s usability:

• In the previous Magento versions, there was an issue with the performance that caused higher loads on the database server when a shopping cart is used. In Magento 2.3.4 this issue was fixed.
• In order to decrease memory use when it comes to looking for missing reservations and compensating for them on large catalogs, the Inventory Reservations CLI command was updated.
• A group of different quality issues was resolved, including the ones connected to grouped products and credit memos.

Magento 2.3.4 GraphQL Improvements

Magento improved GraphQL coverage for cart functionality, searching and layered navigation. With this Magento release you get the following:

• Merged customer and guest carts by transferring guest cart’s content into a cart of a logged-in user, if needed.
• Opportunity to process one order on several devices. Using the customerCart, merchants can obtain the cart ID for a customer who is logged in.
• Layered navigation with a custom filter. Products query filter attribute requires the ProductAttributeFilterInput object – define whether a custom filter or pre-defined filter. Thus, using layered navigation you can filter the needed attributes.
• Search categories by URL key, name and ID. The deprecated category query is replaced by the categorylist.
• Fixed product taxes like WEEE is supported by the ProductInterface. To know whether the store supports such taxes – use the storeconfig query.
• The cart contains information about promotions and discounts at cart levels and the line.

New B2B Features

The following Magento 2.3.4 improvements influence the experience of B2B users:

• Requisition lists in CSV format. B2B customers can carry out a batch modification to import subsequently into and back into the cart.
• Granular ACLs for B2B modules. A business owner can restrict access to B2B functionality form the Admin panel as well as monitor who can work with B2B settings and items.

What is Magento Open Source & Commerce Security Patch 2.3.3-p1?

When you want to provide quality security services, it is not obligatory to update your Magento platform to 2.3.4 version. You can keep using your Magento 2.3.3 and update the Magento Security Patch to the 2.3.3-p1 version. The Patch 2.3.3-p1 is a security-only patch that fixes bugs identified in Magento 2.3.3. In this security patch, Magento changed the approach to security issues as well as invested more in security compared to the last update. Magento 2.3.3-p1 is fast to install and is a perfect solution for merchants who need a fast security upgrade.

Wrapping it up

Hopefully, the article provided you with all the needed information about the Magento update and proved that the Magento 2.3.4 version is a good choice for your online business. Running your online store, you need to keep it updated to ensure the constant development of your company. Let your website meet the high ecommerce standards to outperform your competitors and with the business race.