[ Avaa Bypassed ]




Upload:

Command:

hmhc3928@18.226.186.153: ~ $
Magento Open Source 2.4.1 Release Notes

Magento Open Source 2.4.1 introduces enhancements to performance and security. Security enhancements include support for the SameSite attribute for cookies and the addition of CAPTCHA protection for payment-related and order-related API endpoints and the Place Order storefront page.

This release includes all improvements to core quality that were included in Magento 2.4.0, over 150 new fixes to core code, and over 15 security enhancements. It includes the resolution of almost 300 GitHub issues by our community members. These community contributions range from minor clean-up of core code to significant enhancements in GraphQL.

All known issues identified in Magento 2.4.0 have been fixed in this release.

Quarterly releases may contain backward-incompatible changes (BIC). Magento 2.4.1 contains minor backward-incompatible changes. To review minor backward-incompatible changes, see BIC reference. (Major backward-incompatible issues are described in BIC highlights. Not all releases introduce major BICs.)
Security-only patch available

Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release (for example, Magento 2.4.0-p1) provides. Patch 2.4.0.1 (Composer package 2.4.0-p1) is a security-only patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, Magento 2.4.0. All hot fixes that were applied to the 2.4.0 release are included in this security-only patch. (A hot fix provides a fix to a released version of Magento that addresses a specific problem or bug.)

For general information about security-only patches, see the Magento DevBlog post Introducing the New Security-only Patch Release. For instructions on downloading and applying security-only patches (including patch 2.3.5-p2), see Install Magento using Composer. Security-only patches include security bug fixes only, not the additional security enhancements that are included in the full patch.
Other release information

Although code for these features is bundled with quarterly releases of the Magento core code, several of these projects (for example, Progressive Web Applications (PWA) Studio) are also released independently. Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project.
Highlights

Look for the following highlights in this release.
Substantial security enhancements

This release includes over 15 security fixes and platform security improvements. All security fixes have been backported to Magento 2.4.0-p1 and Magento 2.3.6.
Over 15 security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities

No confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. Most of these issues require that an attacker first obtains access to the Admin. As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts: IP allowlisting, two-factor authentication, use of a VPN, the use of a unique location rather than /admin, and good password hygiene. See Security Updates Available for Magento for a discussion of these fixed issues.
Additional security enhancements

Security improvements for this release include:

    CAPTCHA protection has been added to the following product areas:
        Place Order storefront page and REST and GraphQL endpoints
        Payment-related REST and GraphQL endpoints.

    CAPTCHA protection for these additional pages is disabled by default. It can be enabled on the Admin in the same way that other pages covered by CAPTCHA are. This protection has been added as an anti-brute force mechanism to protect stores against carding attacks. See CAPTCHA.

    Support for the SameSite attribute for cookies. To support the Google Chrome enforcement of the new cookie classification system, Magento classes that handle cookies have been updated to support the SameSite cookie attribute. This attribute is set to Lax by default but can be explicitly overridden.

    Enhanced Magento Scan Tool. Adobe has partnered with Sanguine Security, a leader in preventing digital skimming, to integrate their database of over 8700 threat signatures into the Magento Security Scan Tool. This partnership will enable merchants to get real-time insights into the security status of their site through proactive detection of malware and reduction of false positives. Merchants can register for the tool by visiting https://account.magento.com/scanner. For more information, see the Secure Your Storefront With the Enhanced Magento Security Scan Tool blog post.

Starting with the release of Magento Commerce 2.3.2, Magento will assign and publish indexed Common Vulnerabilities and Exposures (CVE) numbers with each security bug reported to us by external parties. This allows users of Magento Commerce to more easily identify unaddressed vulnerabilities in their deployment. You can learn more about CVE identifiers at CVE.
Infrastructure improvements

This release contains enhancements to core quality, which improve the quality of the Framework and these functional areas: Customer Account, Catalog, CMS, OMS, Import/Export, Promotions and Targeting, Cart and Checkout, and Staging and Preview.
Performance improvements

    Reduction in the size of network transfers between Redis and Magento. Plugin list configuration is now generated during the execution of the bin/magento di:compile command. This configuration information is written to generated metadata folders based on scope. Previously, this information was stored in cache. Resulting performance improvements include a decrease in network cache size and execution time for many scenarios.

    Enhanced message queue consumer performance. Three new configuration settings support a decrease in consumer queue CPU consumption. These optional parameters provide increased control over consumers and save server resources. See Configure message queues for a description of the maxIdleTime, sleep, and onlySpawnWhenMessageAvailable parameters.

    Improved execution time for bin/magento commands.

Adobe Stock Integration

This release includes Adobe Stock Integration v2.1.0.
New Media Gallery

The New Media Gallery is now enabled by default in the Admin. Merchants can now perform these actions on images in the Media Gallery:

    Delete images in bulk
    Optimize media storage by identifying duplicate images and images that are not used on the storefront
    Filter images by the storefront area they are used in, including product and category content and CMS blocks
    Work with image metadata
        View metadata from the images uploaded into Media Gallery
        Edit image metadata (title, description, and keywords)
        Search for images by their metadata

GraphQL

This release adds GraphQL coverage for the following features:

    Product reviews. Customers and guests can write product reviews. Customers can retrieve their product review histories. See Create a product review and productReviewRatingsMetadata query for information on retrieving information about the reviews infrastructure.

    Gift options. All customers and guests can add a gift message to their order. Customers can also add gift wrapping, gift receipts, and printed cards to the order. See setGiftOptionsOnCart mutation and updateCartItems mutation

    Order history. All customers can view details about their order histories, including invoices, shipping, and refunds.

    Add to cart. The addProductsToCart mutation allows you to add any type of product to the active cart. We recommend using this mutation instead of single-purpose mutations such as addSimpleProductsToCart. Fix submitted by Yaroslav Rogoza in pull request 27914. GitHub-28524

    Stored payment methods. Logged-in customers can now store payment details (including Braintree credit card and Braintree with PayPal) in My Account.

    Support for wish lists in Magento Open Source. Added support for Open Source wish lists. You can add items to, update items in, and remove items from a wish list.

    Improved management of customer accounts. We have added the createCustomerV2 and updateCustomerV2 mutations to manage customer accounts. These new mutations require different input objects than the createCustomer and updateCustomer mutations. To change a customer’s email address, use the new updateCustomerEmail mutation.

    Support for Payflow Pro Vault. Added GraphQL Vault support for the Payflow Pro Vault payment method. Fix submitted by Oleh Usik in pull request 28821. GitHub-28520

    Updated the GraphQL storeConfig query to include new customer configuration settings. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521

    Added the requestPasswordResetEmail mutation, which triggers the password reset email for the provided email address. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521

    Klarna GraphQL. Added or updated topics on Klarna GraphQL in Klarna’s payment method and createKlarnaPaymentsSession

See the GraphQL Developer Guide for details on these enhancements.
PWA Studio

PWA Studio v8.0.0 introduces new features and enhancements:

    Updates to the Venia style guide that apply to design tokens, typography, colors, core components, and page layouts.

    Improvements to the Venia mini-cart experience

    Initial support for multiple locales and localized content on the Venia storefront

    Numerous improvements to the My Account experience of the Venia storefront

See Magento compatibility for a list of PWA Studio versions and their compatible Magento core versions. For information about enhancements and bug fixes, see PWA Studio releases.
Magento Functional Testing Framework (MFTF)

MFTF 3.1.0 is now available. See Magento Functional Testing Framework Changelog.
Vendor Developed Extensions

See the following articles for updates on features and changes for this release:

    Amazon Pay

    Braintree

    dotdigital Engagement Cloud

    Klarna

    Vertex Cloud

    Yotpo Product Reviews

Fixed issues

We have fixed hundreds of issues in the Magento 2.4.1 core code.
Installation, upgrade, deployment

    Installation of Magento with third-party extensions that have dependencies on APIs for the Store module in CLI commands no longer fails. Previously, Magento displayed this error message: The default website isn't defined. Set the website and try again. This was a known issue in Magento 2.4.0.

    bin/magento setup:di:compile no longer throws a fatal error. Previously, Magento threw an error the first time you ran this command, but the second execution resulted in successful compilation.

    Upgrade no longer fails when a plugin is declared on Magento\Framework\Encryption\Encryptor.

    Magento now displays an informative error message when some themes are not deployed after running bin/magento setup:static-content:deploy. Previously, when deployment completed successfully but not all packages were deployed, Magento did not display an error. When the command is executed with enabled parallel processing and each theme requires more time to be deployed then the specified maximum execution time, this command can finish successfully, although themes are not deployed.

    The Use default checkbox for Klarna payments (Stores > Configuration > Sales > Payment methods > Klarna) now remain checked as expected when website scope changes.

    Upgrade no longer results in the sudden failure of the Galera cluster. Previously, the Galera cluster exited abruptly after re-indexing immediately after upgrade. During Magento upgrade, index tables are altered, and the engine is changed from MEMORY to InnoDB. At this point, the content of these tables became out-of-sync between the nodes of the Galera cluster. GitHub-25334

    Disabling the PageBuilder module no longer affects the rendering of the product page. Previously, custom layouts on the product page disappeared when the module was disabled, and Magento displayed a blank page.

    You can now use bin/magento sampledata:deploy to deploy sample data as expected after installing Magento using Composer. Previously, Magento threw this error: Git installations must deploy sample data from GitHub; see https://devdocs.magento.com/guides/v2.3/install-gde/install/sample-data-after-clone.html for more information. Fix submitted by Andrii Beziazychnyi in pull request 27481. GitHub-19481

    Storefront performance has improved by eliminating the unnecessary loading of the Datepicker component. Fix submitted by Mateusz Krzeszowiak in pull request 27860. GitHub-28823

    Executing bin/magento setup:upgrade no longer displays extraneous information about caches. Fix submitted by Sathish Subramanian in pull request 27567. GitHub-27091

    Running bin/magento config:show <vendor_module>/general/value now returns 0 or an empty string as expected. Previously, it returned Configuration for path: "vendor_module/general/value" doesn't exist. Fix submitted by Vadim Malesh in pull request 28549. GitHub-23290

    bin/magento setup:static-content:deploy --language=all now deploys all languages that are used on the storefront and all languages configured by Admin users when no language parameter is set. (en_US is always deployed by default.) Fix submitted by Anton Evers in pull request 28922. GitHub-29218

    Magento no longer displays the Backup menu when the Backup feature is disabled. Fix submitted by Eden Duong in pull request 29222. GitHub-29280

    Catalog image helper initialization now uses the product model instead of DataObject. Fix submitted by jmonteros422 in pull request 29435. GitHub-1711

    Admin users can now save an empty Customer Token Lifetime (hours) field (Admin Stores > Configurations > Services > OAuth > Access Token Expiration). GitHub-29502

    The Create Permanent Redirect for old URL setting is now disabled by default for categories. Fix submitted by Vadim Malesh in pull request 28752. GitHub-24922

Adobe Stock Integration

    Images in the Adobe Stock images grid are now properly aligned after filters have been cleared. Fix submitted by Nazar Klovanych in pull request 28366. GitHub-824, GitHub-972

    Added support for reading exif_image.png or exif-image.jpeg metadata. Fix submitted by Nazar Klovanych in pull request 29576. GitHub-1449

    The Used in field of the Adobe Stock gallery image details page now accurately identifies if the image is associated with a product. Fix submitted by Nazar Klovanych in pull request 28798. GitHub-1474

    \Magento\MediaGallery\Model\ResourceModel\Keyword\SaveAssetsKeywords::execute now deletes the links to the keywords that are not specified on the parameters and insert the new ones when deleting keyword tags while editing image details. Fix submitted by jmonteros422 in pull request 29207. GitHub-1391

    The Login failed message that Magento displays when a merchant clicks License for a previously saved, unlicensed Adobe Stock image no longer contains HTML tags. Fix submitted by yolouiese in pull request 29398. GitHub-1684

    Clicking on the links in the Used in section of the image Details page now displays a grid that displays all entities that are filtered by the image. The asset filter is also set and displayed correctly. Previously, Magento did not display the asset title in the Applied filters section. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1694

    Magento no longer displays the Used in section of the image Details page when the image is not in use. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1699

    Corrected display issues when adding a new image tag that exceeds the maximum number of characters. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1702

    Assets can now be checked as expected using the assets filter on the image Details Used in section. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1704

    Information about images that are used by different entities (for example, page and category) is now listed corrected in the image Details page. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1747

    Magento no longer throws an exception when a merchant tries to save a product with its associated image when the Media Gallery is disabled. Fix submitted by Nazar Klovanych in pull request 29492. GitHub-1750

    Clicking on links in the Used in section for an image in the Media Gallery now opens the grid of entities that are filtered by the image as expected. Previously, the image title was not displayed in the applied filters section of the grid. Fix submitted by Nazar Klovanych in pull request 29429. GitHub-1694

    Magento now adds tags correctly when you edit multiple images successively in the Media Gallery. Fix submitted by Nazar Klovanych in pull request 29429. [GitHub-1755](https://github.com/magento/adobe-stock-integration/issues/1755

    Magento now removes tags for Adobe Stock images after a merchant deletes the tags and saves the image details. Previously, tags were not deleted until the page was refreshed. Fix submitted by Honeymay Louiese Ignacio in pull request 29400. GitHub-1703

Amazon Pay

    Amazon Pay now checks whether a user is already logged in before rendering payment options.

    Issues with multi-factor authentication and abandoned carts have been resolved.

    Amazon Pay now correctly populates the store name in emails and other displayed locations.  If the Store Name field in Amazon Pay configuration is empty, the extension retrieves the store’s default name (that is, the name you give your store in Magento Admin).

    Localization/translation issues for Decline scenarios have been addressed. Displayed text is no longer always in English.

Bundle products

    Magento no longer throws an exception when you try to create a product in a deployment in which Inventory is installed but the Magento_InventoryBundleProduct module is disabled.

    Magento now correctly calculates offline refunds for orders that contain bundle products.

    The mini cart now displays the correct prices for bundle products when tier prices are also assigned for simple products. GitHub-22807

    Merchants can now create a credit memo for bundle products that provides a refund without requiring the return of the product. Previously, Magento threw an error. Fix submitted by Dzung Nguyen in pull request 27455. GitHub-23440

    Magento no longer displays redundant validation messages when a shopper adds a bundle product to their cart without selecting a required option. Fix submitted by Dzung Nguyen in pull request 27455. GitHub-23440

Fix submitted by Michał Derlatka in pull request 29256. GitHub-26110
Cache

    Local cache storage is now retained for the period of time set in Stores > Configuration > General > Web > Default Cookie Settings. Previously, the expiry date of cookies was hard-coded to one day, which put it out of sync with this setting. As a result, welcome messages did not retain returning customer information for the expected duration.

    The number of calls to page cache config has been reduced. Fix submitted by Lukasz Bajsarowicz in pull request 28992. GitHub-29159

    Varnish no longer throws a Connection reset by peer error when a large catalog is reindexed on schedule. Fix submitted by Matthew O’Loughlin in pull request 26256. GitHub-8815

    Full page cache is no longer cleared for unrelated products when a product has been edited in the Admin. GitHub-25670

Cart and checkout

    Direct SQL queries have been replaced by Data Provider, which has improved checkout performance. Fix submitted by Lukasz Bajsarowicz in pull request 29376. GitHub-29453

    The Products in the Comparison and the Recently Compared Products lists now work as expected. Previously, when the comparison list was expanded, Magento did not display products, even though the section indicated that the list contained products.

    The Delete button on the Add to Shopping Cart by SKU section of a customer’s Manage Shopping Cart page now works as expected when multiple rows are selected.

    Magento no longer throws an error when you try to order a product by SKU when the digits you enter match a valid SKU but the case of these digits differ. Previously, when you entered an SKU on My Account > Order by SKU that did not exactly match a valid SKU, Magento threw an error.

    A customer’s shipping address is now selected by default at checkout when the address is located in the country identified on the Allow Countries list and that list includes only that country. Previously, Magento did not select the address as default and displayed this error message: Please specify a regionId in shipping address.

    Merchants can now enable Apply to Shipping Amount in the Action tab of Marketing > Cart Price Rules > Add New Rule when Fixed amount discount for whole cart is applied. GitHub-24422

    Magento no longer throws an exception when a shopper tries to unset the persistence cookie after beginning checkout and then navigating to the storefront home page. Previously, when the shopper clicked the Not you? link on the home page, Magento threw this exception: The shipping address is missing. Set the address and try again. GitHub-24218

    Magento now displays an add-to-cart success message when a customer adds an out-of-stock product to their cart. Previously, the product was added, but Magento did not display a success message.

    Custom address attributes are now included as expected in the form that displays for the payment step in the checkout workflow.

    The State/Province/Region input box is now enabled as expected on My account > Address Book > Add new address.

    Discounts are now applied as expected to shipping charges when Apply to Shipping Amount is enabled. Fix submitted by Andrii Kalinich in pull request 28839. GitHub-26723

    The code that supports closing the mini cart has been refactored to remove the closeSidebar function. The appropriate click binding has been added to the [data-action="close"] element. Fix submitted by lumnn in pull request 28906. GitHub-29161

    The new Show “Clear Shopping Cart” button on the cart page configuration setting provides control over displaying a Clear Cart button on the shopping cart view page. By default, this setting is disabled. Fix submitted by Pavlo Sydorenko in pull request 27917. GitHub-28705

    Validation has been added to the phone field in the checkout workflow. Fix submitted by Oleh Usik in pull request 27537. GitHub-28800

    Guest checkout is now disabled as expected when a cart contains downloadable products when the Shareable and Disable Guest Checkout if Cart Contains Downloadable Items settings are disabled. Fix submitted by Rani Priya in pull request 23972. GitHub-23971

    The success message that Magento displays when a shopper adds a product to their cart from the customer account sidebar now contains a link to the shopper’s shopping cart. Fix submitted by Ajith in pull request 27977. GitHub-29097

    Magento now selects an empty value by default for the prefix dropdown options menu on the checkout workflow. Fix submitted by Vadim Malesh in pull request 28238. GitHub-18823

    The pop-up message that Magento displays when you delete multiple items from a shopping cart now accurately describes the number and type of entities you have selected for deletion. Fix submitted by Nazar Klovanych in pull request 29490. GitHub-1749

    Magento now displays a customer registration form when a guest user completes checkout.

    Custom customer address attributes fields are now displayed as expected in the storefront checkout workflow.

    Magento now retrieves the current customer group for an active quote during checkout. Previously, Magento used the customer group that was active when the product was first added to the cart, and if that customer group was deleted before checkout, Magento threw an error. Fix submitted by Konstantin in pull request 28902. GitHub-29327

Catalog

    Magento now removes disabled products from a shopper’s cart before checkout. Previously, when a shopper added a product to their cart that was disabled before checkout completed, Magento removed the disabled product from the cart, but the product remained in the quote, and the shopper could not check out. GitHub-26680

    Magento now sorts bestselling products as expected. Previously, both product count and the pagination of sort results were incorrect. GitHub-25955

    Shoppers can now open a product’s detail page by clicking on the product name in the compare products sidebar. Fix submitted by Eduard Chitoraga in pull request 27451. GitHub-21101

    children_count values now remain positive when an administrator deletes categories. Previously, when an administrator deleted categories, the children_count for remaining categories was negative. Fix submitted by Vitaliy Prokopov in pull request 28044. GitHub-27969

    Magento now uses the default option (Configuration > Web > Default Layouts > Default Product Layout) that you have selected for the page_layout attribute when creating a new product. Previously, your selected default value was not applied.

    You can now successfully perform mass actions on Inventory product stock. Previously, when you tried to perform a mass action on inventory product stock, Magento displayed a blank page. If you performed this action with Magento in developer mode, Magento threw this error: Notice: Undefined offset: 32000 in /Users/kodithuw/sites/m23inventory/inventory/InventoryCatalogAdminUi/view/adminhtml/templates/catalog/product/edit/action/inventory.phtml on line 24.

    The total record count displayed when you click Add Products on the Products tab when adding products to a catalog category no longer changes based on product sort order.

    The {products(filter: {sku: {eq: "some sku"}}) {…} query now returns values that have been converted into the expected currency. Previously, price_tiers.final_price.value displayed special prices in the base currency. Fix submitted by Petkovski Marjan in pull request 28890. GitHub-26121

Cleanup

    Corrected misalignment of the Admin Sales Order grid checkbox. Fix submitted by Tu Nguyen in pull request 27642. GitHub-27633

    Corrected a misspelling in the shipping address ID getter in the sales order address save handler. Fix submitted by Konstantin in pull request 28810. GitHub-28982

    Corrected the getRegionNameExpresion method name to getRegionNameExpression. Fix submitted by Pierre Grimaud in pull request 28832. GitHub-28829

    A redundant init method has been removed from app/code/Magento/AdvancedPricingImportExport/Model/Import/AdvancedPricing/Validator/Website.php and app/code/Magento/AdvancedPricingImportExport/Model/Import/AdvancedPricing/Validator/TierPriceType.php. Fix submitted by Oleh Usik in pull request 28650. GitHub-29009

    localStorage polyfill has been moved from from base to frontend. Fix submitted by Ihor Sviziev in pull request 28749. GitHub-28900

    Updated the Magento Commerce logo and removed extraneous spaces from the main README file of the magento/magento2 repository. Fix submitted by Rafael Corr̻a Gomes in pull request 28891. GitHub-29056

    The unnecessary overflowed class has been removed from the mini cart sidebar widget. Fix submitted by lumnn in pull request 28963. GitHub-29160

    An incorrect CSS selector in the Shipment page has been corrected. Fix submitted by Tu Nguyen in pull request 28639. GitHub-29261

    The lib/internal/Magento/Framework/App/Request/Http.php file has been simplified by optimizing logic and removing redundant variable assignments and over-usage of returns within a function. Fix submitted by Chris Snedaker in pull request 28608. GitHub-29381

    The bin/magento module:status command now accepts multiple module names as arguments. Fix submitted by Chandru Rajendran in pull request 28250. GitHub-29344

    Fixed a typo in the class description of \Magento\Downloadable\Block\Sales\Order\Email\Items\Downloadable. Fix submitted by Benjamin Rosenberger in pull request 29451. GitHub-29470

    The TierPriceManagement class has been refactored to remove redundant code. Fix submitted by Lukasz Bajsarowicz in pull request 29202. GitHub-29477

    autoload.php has been refactored to improve readability and return speed. Fix submitted by Vitaliy Ryaboy in pull request 28923. GitHub-29527

CMS content

    The Hierarchy tab for a selected default store view now displays the selected parent page as expected.

    Magento no longer throws an error during store view creation when the new store view contains a CMS page with the same URL key as a page in a different store view. Fix submitted by Vadim Malesh in pull request 28421. GitHub-28357

Configurable products

    Pagination problems with the Configurable Product Edit Current Variations list have been corrected.

    Magento no longer updates the Related Products price box whenever a shopper selects options for a configurable product. Previously, Magento updated the price box whenever a shopper selected an option for a configurable product.

    Magento now displays the correct price for configurable products with customizable options on the Admin Create Order page. As expected, the displayed price is a sum of the child product’s price and the custom option’s price. Previously, Magento displayed only the custom option price. GitHub-25766

    The order summary now displays the correct discount amount when a cart price rule has been applied. Previously, the rule did not correctly round amounts when calculating shipping discounts.

    Admin user accounts created from an admin account with a restricted scope can now create a configurable product with attributes as expected. Previously, Magento threw this error: Notice: Undefined index: value_index in 23develop/app/code/Magento/ConfigurableProduct/Helper/Product/Options/Factory.php on line 101.

    Magento no longer throws a validation error when you use POST /V1/products to a configurable product with an int value of 0. Previously, Magento threw this error: Product with id "%1" does not contain required attribute “%2”.” Fix submitted by Vadim Malesh in pull request 29001. GitHub-13210

    The configuration options attribute of a parent product are no longer assigned to a new configurable product’s size attribute. Fix submitted by Abel Truong in pull request 27339. GitHub-26449

Cookies

    Magento now creates a maximum of one mage-translation-file-version and mage-translation-storage cookie per session. Fix submitted by Ihor Sviziev in pull request 27364. GitHub-27355

cron

    Message queue consumer configuration has been extended with new parameters that help control consumers and save server resources and that potentially decrease consumer queue CPU consumption:
        maxIdleTime defines the maximum waiting time in seconds for a new message from the queue.
        sleep specifies time in seconds to sleep before checking if a new message is available in the queue.
        onlySpawnWhenMessageAvailable identifies whether a consumer should be spawned only when an available message exists in the related queue. This setting is enabled globally by default for all consumers but can be configured per consumer.

    cron expressions such as  3/10 * * * * are now scheduled as expected. Fix submitted by Anton Evers in pull request 28930. GitHub-29240

     sales_clean_quotes no longer loads all expired quotes at once. Previously, Magento failed with this fatal error because all expired quotes were loaded simultaneously: PHP Fatal error: Allowed memory size of 2147483648 bytes exhausted (tried to allocate 20480 bytes) in /path/to/magento2/vendor/magento/framework/Model/AbstractModel.php on line 359,

CSS

    Magento no longer duplicates CSS when Critical CSS is enabled. Fix submitted by Tu Nguyen in pull request 28480. GitHub-26498

    The server-side LESS compiler now imports all remote CSS files as expected when you run bin/magento setup:static-content:deploy -f. Previously, Magento did not import the remote files and threw an error. GitHub-25119

Customer

    The region names in Admin customer addresses are now translated as expected.

    The State/Province fields are now populated as expected on the Edit Address page (My Account > Address book).

    Magento no longer throws an error when a customer clicks the Submit button multiple times on forms throughout the storefront for which invisible reCAPTCHA has been enabled. Previously, clicking this button multiple times resulted in an internal error similar to this: Internal error: Make sure you are using reCaptcha V3 api keys.

    Saving a deleted customer from the Admin now generates an error message only. Previously, Magento displayed a blank page and generated a report that contains this string: "0":"No such entity with customerId = 3","1":"#1 Magento\\Customer\\Model CustomerRegistry->retrieve() called at [app\/code\/Magento\/Customer\/Model\/ResourceModel\/CustomerRepository.php:340".

    Magento now displays an error message as expected when an administrator tries to save an address for a customer whose account has just been deleted. Previously, Magento displayed a blank message box.

    The labels for address fields in the checkout workflow and the address book have been edited for consistency.

    Frontend labels now fall back to store labels if their values are not null. Previously, customer attributes used the default frontend labels. Fix submitted by Toan Nguyen in pull request 27064. GitHub-27063

    The sortOrdernumber of links in layout XML has been corrected. Previously, this order was reversed and used descending order. Fix submitted by Tu Nguyen in pull request 27340. GitHub-27162

Directory

    The format of the State/Province drop-down menu is now consistent across the Admin.

dotdigital

    Order sync no long fails when an order contains product SKUs that no longer exist in the catalog.

    Empty product categories are no longer included in web insight data.

    Web behavior tracking now works for merchants with certain theme configurations. A new fallback selector addresses this.

    The subscriber status data field no loner includes empty values when customer sync was run using cron. (App emulation addresses this issue.)

    Address book mapping now works as expected when a dotdigital account is enabled at the default level but disabled for the main website.

    Coupons are now generated (using the external dynamic content URL for coupon generation) for email addresses that contain plus (‘+’) signs.

    Contacts are no longer resubscribed when their last_subscribed_at value is null.

    Upgrade errors (dating from 4.5.2) that affected earlier Magento versions have been resolved.

    A regression issue that was introduced in 4.5.3 that affected using a method to obtain the subscriber status when preparing subscriber export has been fixed.

    The total figure for synced subscribers (presented in the logs and on screen) is now correctly calculated.

Downloadable

    The My Downloadable Products area now displays links to purchased downloadable products that are part of a grouped product as expected.

    Clicking on a downloadable product’s Sample button from the Admin product page now downloads a sample as expected. Previously, when you clicked Sample, Magento displayed this error: The product that was requested doesn't exist. Verify the product and try again.

    Shoppers can now download samples of downloadable products that are out-of-stock. Previously, when a shopper tried to download a sample, Magento opened a new tab, but did not display an informative message or begin the download process. Fix submitted by Vadim Malesh in pull request 28898. GitHub-23638

    The exception message that Magento displays when a shopper tries to set a shipping address for a downloadable product has been improved. Fix submitted by Michał Derlatka in pull request 28904. GitHub-26107

    A product’s stock_item data is updated and downloadable product links and samples are preserved as expected when you use a REST PUT call to update stock_item values. Previously, after the product update, the product no longer contained links to download content. Fix submitted by Vadim Malesh in pull request 28799. GitHub-21811

    Magento now displays a more informative message when a customer sets the shipping address for an order that contains only downloadable products.

Email

    Magento now sends email notifications about order changes to the correct customer email if the customer email was changed after the order was created.

    Order update emails that are sent to customers now include the correct order status. Previously, if an order status changed from processing to another state, the order email did not reflect the status change.

    Magento no longer displays misleading messages about existing accounts during guest checkout. Previously, when a guest navigated to the checkout page, then navigated back to the shipping page, Magento displayed this error: You already have an account with us. Sign in or continue as guest.

    Custom email templates now load the same elements as native default email templates. Previously, some elements were missing, including variable values.

    Unnecessary CSS has been removed from the email Preview template. Fix submitted by Tu Nguyen in pull request 27828. GitHub-27543

    Text in the email template that duplicates text already displayed by the footer has been removed. Fix submitted by Paweł Tylek in pull request 27356. GitHub-28433

    Product alert emails are now sent from the store from which the alert is subscribed. Previously, this email was always sent from the default store. Fix submitted by Maciej Pawłowski in pull request 26534. GitHub-28968

    A duplicate customer.name variable has been removed from the email template. Fix submitted by Paweł Tylek in pull request 29054. GitHub-29087

    You can now create an email template that sends email with  Content-Type: "text/plain”. Previously, Magento ignored the content type specified in the template. Fix submitted by twoonesixdigital in pull request 26474. GitHub-26471

Frameworks

    The Time of day to send data field of the Admin Stores > Configuration > GENERAL > Advanced Reporting page is now rendered correctly.

    Shoppers can now change the number of orders that are displayed per page when the Orders list spans multiple pages. Previously, Magento displayed the following message when the shopper navigated to the last page of orders and tried to change the number of orders displayed per page: You have placed no orders. This was a known issue for Magento 2.4.0.

    You can now add products to a category when implementing Level 2 cache.

    X-Magento-Tags headers no longer exceed the size permitted by the HTTP specification. Previously, category pages that contain many products returned an X-Magento-Tag header that resulted in a 503 error.

    sales_order_shipment_track_save_commit_after is now triggered as expected when you used the REST API to create a shipment.

    Magento now displays an informative error message when a di compile fails due to a nonexistent dependency. Previously, the message displayed did not identify the class in which the exception occurred.

    Magento no longer throws the following fatal error when Redis uses all allowed memory: report.CRITICAL: OOM command not allowed when used memory > 'maxmemory'.

    Shoppers can now add multiple products to their cart when the Persistent module is disabled. GitHub-14486

General fixes

    Sorting products on the Admin (Stores > Attributes > Products) now displays all products that meet your search criteria. Previously, Magento did not display records, and to sort the records, you had to navigate to the first page of search results.

    Unnecessary quotation marks and escaping around a URL in tracking.phtml have been removed.

    The var/log/system.log now displays a more accurate message when a user tries to access a non-existing resource file under the static directory and SCD OnDemand and production mode are enabled. Magento now logs a 404 error. Previously, Magento logged the same message that is logged when the error occurs in developer mode.

    JavaScript minification now works correctly. The minification file resolver no longer leaks variables to global scope. Previously, ctx, origNameToUrl, and baseUrl variables under window were leaked. Fix submitted by Mateusz Krzeszowiak in pull request 27622. GitHub-28110

    When you debug an error that prevents object creation, Magento now prints as well as logs the original exception message. Previously, the message was only logged. Fix submitted by Marvin Hinz in pull request 26572. GitHub-26550

    Callback execution after database changes are committed has been improved. Previously, if one callback failed with an exception, all callbacks failed. Fix submitted by Alok Patel in pull request 27134. GitHub-28167

    Mixins for modules with no dependencies defined no longer throw this error: TypeError: Cannot read property 'map' of null. Fix submitted by Mateusz Krzeszowiak in pull request 27690. GitHub-28340

    Storage polyfill is now loaded and applied only when localStorage or sessionStorage are not available. Fix submitted by Mateusz Krzeszowiak in pull request 27619. GitHub-28381

    Multi-page storefront orders lists now behave as expected when a shopper changes the number of results displayed per page from the second or subsequent results page. Previously, Magento displayed this error when a shopper changed the number of search results displayed in the My Account > My Orders list: You have placed no orders. Fix submitted by Vadim Malesh in pull request 28417. GitHub-28488

    The deprecated addWarning method has been replaced with the addWarningMessage method in the Magento core security module. Fix submitted by kishorekumarkesavan in pull request 28264. GitHub-28308

    Code generated using the Magento command-line commands is now consistent with Magento requirements and coding standards. Fix submitted by Lukasz Bajsarowicz in pull request 28351. GitHub-28376

    Saving an attribute with backend_type = static no longer removes the content of the frontend_class field. Fix submitted by jiten-patel in pull request 27369. GitHub-27051

    Unnecessary code and responsive.js have been removed from files that are loaded by themes. Fix submitted by Mateusz Krzeszowiak in pull request 27617. GitHub-28811

    Validation has been added to the Number of Symbols field on the Admin CAPTCHA configuration page. Fix submitted by Eden Duong in pull request 29199. GitHub-29198

    The RSS feed now loads correctly. Previously, the feed did not load the first time, although it loaded as expected when the page was refreshed. Fix submitted by Vadim Malesh in pull request 29455. GitHub-25211

    An expired persistent session is now renewed as expected when the shopper logs back in.

    Password lifetime as set in Stores > Configuration > Advanced > Admin is now honored. Previously, if you clicked Forgot password? when prompted to reset your password, you could bypass the password reset.

    Coupon codes are now applied only to the specified product. Previously, Magento applied the coupon code to all products in the cart. GitHub-28246

    Cart expiry settings are no longer re-set when an inventory or price update occurs. Previously, when a cart was set to expire in 24 hours, and an inventory update or price update occurred, the indexers populated the updated_at table, which re-set the expiry time.

    Magento no longer throws a fatal error when an administrator assigns a customer who has an active shopping cart to a customer group.

    Selecting a toolbar option from Developer tools > Network on a product page when running the Chrome browser no longer initializes toolbar.js twice. Fix submitted by Paweł Tylek in pull request 28838. GitHub-25934

    Magento now adds an admin user’s ACL role ID to the product category tree cache ID. This will limit the category trees that an admin with limited scope can see as expected. Fix submitted by quangdo-aligent in pull request 27429. GitHub-28306

GraphQL

    Shoppers can select gift message options during checkout. GraphQL now covers gift message options for different types of cart items. See setGiftOptionsOnCart mutation and updateCartItems mutation. _Fix submitted by Oleh Usik in pull requests 28519, 27956, 28072, 28072. GitHub-28519

    Customers and guests can write product reviews. Customers can also retrieve their product review histories. See Create a product review and productReviewRatingsMetadata query for information on retrieving information about the reviews infrastructure. Fix submitted by Eduard Chitoraga in pull request 27882. GitHub-28523

    The addProductsToCart mutation allows you to add any type of product to the active cart. We recommend using this mutation instead of single-purpose mutations such as addSimpleProductsToCart. Fix submitted by Yaroslav Rogoza in pull request 27914. GitHub-28524

    The new availableStores query returns a list of configuration attributes for multiple stores available under the same website (based on the current store). It does not expose the list of websites. See availableStores query. Fix submitted by Dmitriy Gallyamov in pull request 28794. GitHub-28569

    GraphQL now uses only an authorization token to retrieve a type of user and its ID. Previously, GraphQL used an active customer’s cookies to retrieve this information when the authorization token was empty. Fix submitted by Alexander Taranovsky in pull request 27373. GitHub-28040

    We have added the createCustomerV2 and updateCustomerV2 mutations to manage customer accounts. These new mutations require different input objects than the createCustomer and updateCustomer mutations. To change a customer’s email address, use the new updateCustomerEmail mutation. Fix submitted by Michał Derlatka in pull request 28888. GitHub-28570

    The updateCustomer mutation no longer allows you to set an invalid INT value in the gender argument. Fix submitted by Alexander Taranovsky in pull request 28487. GitHub-28481

    You can use the subscribeEmailToNewsletter mutation to subscribe customers to a newsletter. See subscribeEmailToNewsletter mutation. Fix submitted by Alexander Taranovsky in pull request 27586. GitHub-27337

    Removed redundant logic in the setShippingMethodsOnCart mutation resolver. Fix submitted by Alexander Taranovsky in pull request 27349. GitHub-28262

    Added test coverage for the Please provide Email of sender error associated with the sendEmailToFriend mutation. Fix submitted by Alexander Taranovsky in pull request 28034. GitHub-28138

    The products query now returns product attribute option labels for the default store view as expected. Previously, this query returned the product attribute option labels that were set for the Admin. Fix submitted by Dmitriy Gallyamov in pull request 28647. GitHub-28568

    Custom attribute aggregations now return store-specific option values. Fix submitted by Dmitriy Gallyamov in pull request 28647. GitHub-28572

    Price intervals that are returned in a product aggregation can now be numeric only (no wildcards permitted). Fix submitted by Dmitriy Gallyamov in pull request 28745. GitHub-28628

    The categoryList query now returns the correct response when using fragments. Fix submitted by Ulzii in pull request 28710. GitHub-28584

    GraphQL product search now considers configured category permissions. Previously, product search ignored the Enable setting (Stores > Configuration > Catalog > Catalog > Category Permissions). Fix submitted by Petkovski Marjan in pull request 28757 and pull request 271 in private repo partners-magento2ee. [GitHub-28563](https://github.com/magento/magento2/issues/28563

    You can now add a product to a cart using addSimpleProductToCart when other items in the cart are out-of-stock. Previously, Magento returned this error: Some of the products are out of stock. GitHub-26683

    The default GraphQL Category method now sorts by category position as expected. Fix submitted by Derrik Nyomo in pull request 29301. GitHub-104

    Added support for wish lists in Magento Open Source. You can add items to, update items in, and remove items from a wish list. Fix submitted by Eduard Chitoraga in pull request 28205. GitHub-28551

    We have added the createCustomerV2 and updateCustomerV2 mutations to manage customer accounts. These new mutations require different input objects than the createCustomer and updateCustomer mutations. To change a customer’s email address, use the new updateCustomerEmail mutation.

    Added GraphQL Vault support for the Payflow Pro Vault payment method. Fix submitted by Oleh Usik in pull request 28821. GitHub-28520

    Updated the GraphQL storeConfig query to include new customer configuration settings. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521

    Added the resetPassword mutation. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521

    Added the resetPassword mutation. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521

    Added the requestPasswordResetEmail mutation, which triggers the password reset email for the provided email address. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521

    Added or updated topics on Klarna GraphQL in Klarna’s payment method andcreateKlarnaPaymentsSession

Images

    HTML markup for thumbnail images has been improved. Fix submitted by Tu Nguyen in pull request 28642. GitHub-29468

Import/export

    The error_report.csv file now downloads with content and is available inside the var/import_history/ directory as expected. Previously, this file was not generated after import.

    Importing a product by using a CSV file now generates an error_report.csv file as expected. Previously, Magento generated the file but removed it after the import completed. Fix submitted by Vadim Malesh in pull request 28460. GitHub-28420

    Removed redundant class imports throughout the code base. Fix submitted by Oleh Usik in pull request 28696. GitHub-29012

    Magento now successfully imports customer addresses that contain a region for a country that does not have defined regions. Previously, Magento threw this error: Please enter a valid region.

    Magento now loads the correct entity attribute set when a merchant selects an entity type when scheduling a new export.

    The position of products in the catalog_category_product table now updates as expected when an administrator creates a product in the Admin and assigns it to a category. Previously, the position of new products was always assigned a 0 value.

    Customer data is now successfully exported from the Admin, and the export data grid displays customer data as expected. Previously, an error related to memory allocation occurred during export.

    Imported CSV files now capture related product information as expected. Previously, related product information was not consistently uploaded the first time the CSV file was imported.

    Removed unused construct parameters in AdvancedPricing.php. GitHub-29531

Index

    Magento_CacheInvalidate now handles large tag patterns correctly when doing a PURGE. sendPurgeRequest has been refactored to handle an array of tags instead of requiring the caller to use implode(). Fix submitted by Matthew O’Loughlin in pull request 26256. GitHub-26255

    Shared indexers now show a status of valid after you run bin/magento indexer:status after re-indexing. Previously, shared indexers had an invalid status after a full re-index.

Infrastructure

    Problems loading catalog and product pages on deployments running PHP 7.4.9 no longer occur. Previously, Magento threw this error when you tried to load the catalog and product pages: There has been an error processing your request. Exception printing is disabled by default for security reasons. GitHub-29502

    All exceptions that occur when layouts are rendered in production mode are now logged in the exception log file (var/report). Previously, Magento logged these messages in the system log as critical issues.

    Regular expressions now work properly for large pages as the result of an increase in ipcre.backtrack_limit and pcre.recursion_limit to approximately 1000000. Fix submitted by Mateusz Krzeszowiak in pull request 27270. GitHub-26026

    Interceptor generation has been improved. } else { statements have been removed from interceptors, and array_map has replaced foreach. Fix submitted by Lukasz Bajsarowicz in pull request 27902. GitHub-28383

    Array creation is now consistent throughout the class (app/code/Magento/Sales/Model/Order/Pdf/Items/Invoice/DefaultInvoice.php). Fix submitted by Nathan de Graaf in pull request 28515. GitHub-28795

    Plugins have been migrated out of the Magento Framework to follow the Magento best practice of prohibiting plugins in the Framework namespace. Fix submitted by Lukasz Bajsarowicz in pull request 27965. GitHub-27962

    You can now use the new UrlFilterApplier component to apply filters on product,cms_page, and cms_block grids using the GET URL parameter. Fix submitted by Gabriel da Gama in pull request 28932. GitHub-1501

    Magento no longer throws an Undefined class constant error when an interceptor is generated. Fix submitted by Vova Yatsyuk in pull request 28797. GitHub-28981

    Form data now persists when Magento throws an integration exception when you save a integration using a name that is already in use. Fix submitted by Aditya Yadav in pull request 26660. GitHub-28143

    Magento no longer truncates X-Forwarded-For headers to 32 characters. Fix submitted by Ihor Sviziev in pull request 27221. GitHub-28693

    The logic that checks if a redirect is internal now works correctly in the Admin when using a custom Admin domain. Previously, problems with this logic resulted in many Admin redirects to the homepage of the default store. Fix submitted by Vadim Malesh in pull request 29066. GitHub-28943

    Problems with the styles-old.less file have been eliminated, and linting no longer identifies errors. Fix submitted by Tu Nguyen in pull request 28895. GitHub-24004

    NonComposerComponentRegistration.php has been refactored. Fix submitted by Vitaliy Ryaboy in pull request 28975. GitHub-29308

    ResourceConnection.php has been refactored to improve class readability. Fix submitted by Lukasz Bajsarowicz in pull request 29341. GitHub-29389

    The README file for the build-in web server has been updated to include all Elasticsearch parameters. Fix submitted by Yevhenii Dumskyi in pull request 29300. GitHub-29299

    The Magento\CmsUrlRewrite\Plugin\Cms\Model\Store\View::aftersSave plugin now returns a value as expected. Previously, this plugin did not return a value, and as a result, saving a store view resulted in an error. Fix submitted by Pieter Hoste in pull request 29035. GitHub-29034

    Added the following support for magic methods for DataObject:
        new extension to support get/set/has/uns magic methods (with usage of __call)
        support for SessionManager, which forwards all calls to the DataObject container
        test coverage for extensions
        updated tests for Filtered Error check
        increased PHPStan check level from 0 to 1. Fix submitted by Oleksandr Kravchuk in pull request 27905. GitHub-28303

    ScopeConfigInterface can now be more than a string. The restriction of magentoConfigFixture to string only was the inadvertent result of a previous pull request and has been reverted. Fix submitted by Kristof, Fooman in pull request 29305. GitHub-29345

    The convertConfigTimeToUtc method no longer throws a fatal error due to sending incorrect parameters to the Phrase constructor. Fix submitted by Kos Rafał in pull request 29483. GitHub-29525

    Price filters now work as expected on grid data when Magento\Backend\Block\Widget\Grid\Column\Filter\Price::getCondition and Magento\Backend\Block\Widget\Grid\Column\Filter\Price::getValue() return an array with indexes that contain from or to string data. Previously, Magento threw this error: Notice: A non well formed numeric value encountered in vendor/magento/module-backend/Block/Widget/Grid/Column/Filter/Price.php on line 197. Fix submitted by Nikita Sarychev in pull request 29214. GitHub-29213

    Added an extension point to support adding HTML to the category page. This corrects a bug that was introduced by a previous pull request. Fix submitted by iGerchak in pull request 29291. GitHub-29286

Layered navigation

    The layered navigation sidebar now shows Boolean attributes with both options (yes/no) and matching product counts. Previously, layered navigation did not return a no option for Boolean attributes in deployments using Elasticsearch.

    The swatch layered navigation filter is now consistent with standard filters used throughout Magento. Fix submitted by Bartłomiej Szubert in pull request 28015. GitHub-28011

Logging

    All broken reference errors are now logged when deployments are in developer mode only. Previously, one error was logged for deployments in production mode, too, which bloated error logs. Fix submitted by Bartłomiej Szubert in pull request 28735. GitHub-26504

Media Gallery

    The Media Gallery configuration UI (Admin Stores > Configuration > Advanced > System ) has been reorganized. Fix submitted by Shankar Konar in pull request 29433. GitHub-28011

    Added tests to cover the Used In links for an image in the Media gallery. Fix submitted by Nazar Klovanych in pull request 29392. GitHub-1969

MFTF

    The AdminSubmitAdvancedInventoryFormActionGroup , AdminClickOnAdvancedInventoryLinkActionGroup, and  AdminSetStockStatusConfigActionGroup action groups are now used within tests according to best practice. Fix submitted by Oleh USIA in pull request 29386. GitHub-29420

    SearchProductGridByKeywordActionGroup is now used for search in the product grid. Fix submitted by Oleh Usik in pull request 29385. GitHub-29434

    AdminCategoriesClickDoneButtonOnPopupActionGroup is now used to click Done on the Search Categories popup. Fix submitted by Oleh Usik in pull request 28989. GitHub-29380

    LoginToStorefrontActionGroup is now used to replace a sequence of actions that is used for store front customer login. Fix submitted by Sathish Subramanian in pull request 28113. GitHub-28165

    AdminUpdateCustomURLRewritesPermanentTest has been refactored to meet MFTF best practices. Fix submitted by Kate Kyzyma in pull request 28361. GitHub-28393

    Test names have been changed to meet MFTF conventions. Fix submitted by Evgeny Levinsky in pull request 27839. GitHub-28305

New action groups

    StorefrontCheckoutClickNextButtonActionGroup Fix submitted by Oleh Usik in pull request 29472. GitHub-29539

    AdminProductFormSaveActionGroupFix submitted by Oleh Usik in pull request 29142. GitHub-29292

    AdminSaveCategoryActionGroup Fix submitted by Oleh Usik in pull request 28993. GitHub-29388

    AdminProductGridSectionClickFirstRowActionGroup Fix submitted by Oleh Usik in pull request 29000. GitHub-29295

    AdminProductFormCategoryExistInCategoryListActionGroup and AdminProductFormCategoryNotExistInCategoryListActionGroup Fix submitted by Alexander Steshuk in pull request 28287. GitHub-28392

    AdminExpandCategoryTreeActionGroup Fix submitted by Oleh Usik in pull request 29133. GitHub-29289

    AdminTaxRateGridOpenPageActionGroup Fix submitted by Oleh Usik in pull request 29007. GitHub-29281

    AdminNavigateNewCustomerActionGroup Fix submitted by Oleh Usik in pull request 29134. GitHub-29287

New tests

    Added test for deleting a CMS page as an Admin user. Fix submitted by Dmitry Tsymbal in pull request 28112. GitHub-28202

    Added the StorefrontShareCustomerWishlistActionGroup test for customer wish list sharing with invalid email addresses. The existing test for wish list sharing (StorefrontShareWishlistEntityTest) has been refactored. StorefrontCustomerShareWishlistActionGroup has been deprecated.

    Added a test to check for the implementation of the Only X left Threshold configuration setting. Fix submitted by Oleh Usik in pull request 27549. GitHub-28755

Newsletter

    Exporting the Newsletter Subscribers list using the EXCEL XML option now results in the export of all rows as expected. Previously, exported data included only the page pagination value, not all rows.

    Newsletter subscription emails now use the same HTML tags as other newsletter-related emails. Fix submitted by Paweł Tylek in pull request 27357. GitHub-28165

    Added a test for deleting a newsletter subscriber as an Admin user. Fix submitted by Dmitry Tsymbal in pull request 28972. GitHub-29032

    Added tests for newsletter subscription for guests with a disallowed option in config statements. This test replaces deprecated VerifyRegistredLinkDisplayedForGuestSubscriptionNoTest and StorefrontCreateNewSubscriberActionGroup. Fix submitted by Dmitry Tsymbal in pull request 28872. GitHub-29039

Orders

    The GetAssetIdByContentFieldInterface and its implementation on MediaContent modules now permits Adobe Stock Integration to extend MediaGallery filter functionality. Fix submitted by Gabriel da Gama in pull request 29058. GitHub-1464

    The CustomerAddressId values for a newly created customer are now validated in quotes. Fix submitted by Andrii Kalinich in pull request 29139. GitHub-28793

    The order status for a credit memo with zero total is now Closed. Previously, Magento reported its order status as Complete. Fix submitted by Andrii Kalinich in pull request 29023. GitHub-22762

Payment methods

    Magento now displays a message that prompts you to enter mandatory credit card data when you click Submit for an Admin order without entering valid payment information. Previously, the Braintree card validator did not throw an error when payment input fields were invalid and the page became inactive.

    You can now change the shipping method for an order you create from the Admin for a customer whose account has a stored credit card (Braintree). Previously, when you selected a different shipping method, the stored card was not selected, and Magento did not place the order.

PayPal

    The Order Review page of the checkout workflow now displays the correct shipping amount for PayPal through Braintree orders for which the shipping method has been changed during checkout. Previously, when a customer changed the shipping method on the PayPal Order Review page of the checkout workflow, Magento did not update the order total with the correct method.

    Merchants can now successfully cancel orders that were authorized using PayPal. Previously, Magento did not cancel the order and displayed this error: Declined: 10601-Authorization has expired.

    Magento no longer empties your cart when you cancel an order by closing the PayPal payment popup window after first completing another order.

Performance

    Three new configuration settings support a decrease in consumer queue CPU consumption. These optional parameters provide increased control over consumers and save server resources. See Configure message queues for a description of the maxIdleTime, sleep, and onlySpawnWhenMessageAvailable parameters.

    Plugin list configuration is now generated during the execution of the di:compile command. This configuration information is written to generated metadata folders based on scope. Previously, this information was stored in cache. Resulting performance improvements include:
        Network cache size has decreased
        Execution time for many scenarios has been improved.

    Magento now loads the appropriate slider widget on demand, which has improved page loading. The touch slider widget customization has been moved to a separate file so it can be loaded only on compatible devices. The appropriate slider widget type is now loaded only when range binding is actually used on the page. Fix submitted by Mateusz Krzeszowiak in pull request 27616. GitHub-28807

    The performance of checkout with multiple simultaneous orders has been improved.

    Deadlocks no longer occur when the import process executes a bulk insert and the re-index process simultaneously executes a large insert from select. Previously, Magento displayed this error: PDOException: SQLSTATE[40001]: Serialization failure: 1213 Deadlock found when trying to get lock. GitHub-8933

Reviews

    A unique key for entity_pk_value-entity_type-store_id has been added to the review_entity_summary table, which prevents the creation of duplicate rows for the same product ID (entity_pk_value). Previously, this lack of unique key resulted in duplicate rows for the same product ID and SQL errors.

Sales

    Magento no longer assigns a status of Complete after invoicing an order that requires zero payment.

    The New Shipment email generated by the REST API now contains the same shipping and customer information as shipments that are created manually from the Admin. Previously, this email did not contain the customer name, tracking information, products ordered, and other order information.

    Guest user names are now visible as expected in invoice- and shipment-related emails when the emails are loaded or customized from the Admin.

    The PDF invoice is now translated into the language of the store view where the order has been placed. Previously, the PDF invoice was translated in the language of the Admin.

    You can now issue a refund as expected from the credit memo page. GitHub-29014

    Localised region names that are displayed on the storefront Order page are now correctly translated. Previously, the region name was not based on the specified locale unless it was edited in the Admin.

    Shipments created through the POST /rest/V1/shipment endpoint now update orders properly. Previously, Magento created a shipment, but shipment status remained in the processing state.

    Credit memos now display the payment method that is derived from the scope of the store in which the order was made. Previously, credit memos displayed the name as defined the default store scope. Fix submitted by Ledian Hymetllari in pull request 27582. GitHub-27570

Search

    You can now search for products by attribute from the Admin Customer view using QuickSearch. Previously, an exception occurred on the catalog search result page.

    Magento now displays configurable products on the category page as expected after you add a product attribute.

    Elasticsearch results now include the correct values for each store view’s attribute options. If a Dropdown or Multiple Select attribute has a different option value in the non-default store view than in the default store view, Elasticsearch now indexes that value or returns the product with that value in the results. Previously, Elasticsearch did not index that value or return the product with that value in the results.

    Searching by SKU now works as expected in advanced search with Elasticsearch. Previously, when you tried to search by SKU, Magento displayed this error message: We can't find any items matching these search criteria. Modify your search.

    Advanced search no longer lets shoppers filter on negative prices. Fix submitted by Rohan Hapani in pull request 27359. GitHub-27358

    Scope values are now reset as expected on the New Synonym Group form. Fix submitted by Sathish Subramanian in pull request 29206. GitHub-28947

Shipping

    Magento now calculates shipping table rates correctly after upgrade. Previously, shipping table rates were calculated based on net price, which excluded VAT.

    Magento now displays shipping rates in the correct currency in the checkout workflow for orders specifying FedEx as the shipping method.

    Multi-page PDFs of shipping labels for orders shipped by UPS now display the correct count.

    Problems with the JavaScript components of the Create Packages page have been resolved. Previously, Magento did not display the Create Shipping Label checkbox on this page, and you could not create a shipping label for an existing order.

Sitemap

    The sitemap in robots.txt is now store-specific. Fix submitted by Vadim Malesh in pull request 29331. GitHub-28901

    Encoded values are now correctly escaped in the sitemap.xml file. Previously, when you included encoded characters in a product name or image title, the generated sitemap was invalid.

Store

    Deleting a previously created store view no longer results in an error in deployments with a split database configuration. Previously, Magento threw an exception.

    You can now export config.php and default website code from one website to install and configure Magento on a second website in a multi website deployment. Previously, the default store and view disappeared after the export, and errors occurred on the storefront.

Swagger

    You can now generate a customer token with Swagger. Previously, Swagger did not generate a response code when valid customer access information was entered, and Magento displayed this error: The account sign-in was incorrect or your account is disabled temporarily. Please wait and try again later. Fix submitted by Vadim Malesh in pull request 28822. GitHub-27098

Swatches

    Configurable products with swatches now show tier pricing when a shopper clicks Edit in the cart. Previously, Magento did not display tier prices in the cart before checkout. Fix submitted by Sathish Subramanian in pull request 29137. GitHub-28270

    Magento now displays tier prices as expected for configurable product variations.

Tax

    Magento no longer displays a fixed product tax attribute on the storefront for a product after a merchant has unassigned it from the product’s attribute set.

Test

    PHPUnit 9 errors have been fixed in unit tests. Fix submitted by Anton Evers in pull request 29244. GitHub-29329

    Added unit tests for approving a purchase order that was made with a discount that has since expired will place an order at full amount and not update the purchase order total. Fix submitted by Joan He in pull request 18. GitHub-204

    SynchronizeFilesInterface is now covered by integration tests. Fix submitted by jmonteros422 in pull request 29493. GitHub-1742

    A function has been added to \Magento\TestFramework\TestCase\WebapiAbstract that enables the comparison of large nested arrays of expected and actual outcomes in tests and permits testers to ignore irrelevant keys in the actual outcome. Fix submitted by Jekabs in pull request 29458. GitHub-29498

    Corrected the inversion of expected value with actual value in app/code/Magento/Newsletter/Test/Unit/Model/SubscriptionManagerTest.php. Fix submitted by Lukasz Bajsarowicz in pull request 29271. GitHub-29283

    Issues with the serialization and unserialization of static properties when running consecutive tests have been resolved. Fix submitted by Pavel Bystritsky in pull request 26175. GitHub-28319, GitHub-29313

    Using ObjectManager for instantiating classes during test has been replaced with the new keyword in unit tests. Fix submitted by Lukasz Bajsarowicz in pull request 29272. GitHub-29346

    Test coverage has been added for these cases of the updateCustomer mutation: invalid date of birth, invalid email address, and empty customer last name. Fix submitted by Alexander Taranovsky in pull request 28304. [GitHub-28394](https://github.com/magento/magento2/issues/28394

    The ApiFunctional TestFramework GraphQL client now parses headers correctly. GitHub-26425

Theme

    Themes that are added in User Agent Rules are now affected as expected when you run bin/magento catalog:images:resize. Previously, only themes that were assigned to stores were affected when bin/magento catalog:images:resize was run.

Translation and locales

    Magento no longer throws an error when an administrator changes the Date field during Admin product creation or save when the Admin locale is Chinese or Japanese. GitHub-24696

    Magento now checks area (frontend or adminhtml) before rendering inline translation markup. Previously, making an API call to POST /V1/integration/admin/token with bad credentials while inline translation was enabled results in the inclusion of inline translation markup around the error message in the API response. Fix submitted by Zach Nanninga in pull request 28856. GitHub-28656

    Bulgarian regions have been added to the directory_country_region table. Fix submitted by Nikola Lardev in pull request 27957. GitHub-28215

    The titles and buttons on the Admin Customers > Add New Address and Edit Product > Advanced Inventory modals can now be translated. Fix submitted by Sathish Subramanian in pull request 28174. GitHub-28201

    The term FPT can now be translated on Admin Stores > Configuration > Sales > Tax > Fixed Product Taxes. Fix submitted by Vadim Malesh in pull request 28108. GitHub-5477

    The Ship here button label on the checkout workflow shipping address modal has been changed to match the camel case used for other buttons. This case now matches the case that is used in the translation files. Previously, because of the mismatch in case, this label was not translated. Fix submitted by WK in pull request 28547. GitHub-28685

UI

    The privacy and cookie policy link in the page footer is now displayed as an active link when the Privacy and Cookie Policy page is displayed. Fix submitted by Sathish Subramanian in pull request 28004. GitHub-27985

    Fixed misalignment of the cursor in the Invoice Comments text area of the invoice associated with an order you have selected from Admin Sales > Orders.

    The Create New Order page now displays Add Products By SKU and Add Products buttons as expected.

    Magento now displays the Edit Review page properly when a product rating is available for the selected product.

    Magento now correctly displays the Admin customer edit page on an iPhone running Safari.

    Corrected unnecessary scrolling on the Create New Order page.

    Directly clicking on the Export Tax Rates button of the Add New Tax Rule page (Stores > Tax Rules) now downloads the tax_rates.csv file as expected. Previously, merchants had to click on the edge of the Export Tax Rates button. This was a known issue in Magento 2.4.0.

    The Add selections to my cart button on the bottom of the shopping cart now works as expected. This was a known issue in Magento 2.4.0.

    The Refresh button of the Recently Viewed Products section of the Customer’s Activities page now works as expected. Previously, when you clicked Refresh, the product list was not refreshed, and the page scrolled.

    Magento now correctly displays the calendar icon used for selecting a customer’s date of birth on the Conditions tab of Customers > Segments > Add Segment.

    The checkout summary section of the checkout workflow no longer flickers when a shopper scrolls through this page on Internet Explorer 11.x.

    Magento now correctly displays the Order by SKU widget on the storefront Category page. Previously, the HTML code for this widget was not rendered, and Magento did not display the Load a list of SKUs link.

    UI components that have been disabled using this.disabled(true) no longer appear on the storefront. GitHub-29098

    Magento now displays the recently viewed products widget properly in mobile view. Fix submitted by Tu Nguyen in pull request 27572. GitHub-27058

    Changing the position of a product from the Admin is now reflected in the product position on the storefront. Fix submitted by Oleg Aleksin in pull request 28150. GitHub-28149

    The login form style are now consistent with the style on other forms in the Blank theme. Unnecessary styles that set the width for container control wrap input fields have been removed. Fix submitted by Tu Nguyen in pull request 28084. GitHub-28059

    The OK button on the mini cart delete product confirmation pop-up now behaves as expected. Fix submitted by Tu Nguyen in pull request 28083. GitHub-27095

    Product gallery elements no longer blink during page load. Fix submitted by Mateusz Krzeszowiak in pull request 27871. GitHub-28339

    The CSS class that controls field width is now applied as expected for the Start Time element throughout the Admin. Fix submitted by Shankar Konar in pull request 29511. GitHub-29496

    The Terms and Conditions text label can now display longer text strings properly. Fix submitted by Bartłomiej Szubert in pull request 29413. GitHub-24060

    The title of the order failure page has been rewritten for accuracy. Previously, when a shopper canceled an order, Magento displayed a page with this title: We received your order!. Fix submitted by Angelo Romano in pull request 29410. GitHub-29416

    The total number of canceled items on the canceled order view page is now correctly identified on the canceled order view page. Previously, this field was labeled Total Due. Fix submitted by Madhu Rajawat in pull request 27516. GitHub-26191

    The toggle button on the create configurable product page now works as expected. Fix submitted by Tu Nguyen in pull request 28032. GitHub-22702

    The advanced attribute properties block icon on the Advanced Attribute Properties page now behaves as expected. Fix submitted by Tu Nguyen in pull request 28032. GitHub-26022

    The Admin section of the system configuration page now expands to display required fields as expected when you try to save configuration settings for a new module. Fix submitted by Bartłomiej Szubert in pull request 28285. GitHub-26427

    Corrected behavior of the magnifier when mode is set to inside. Fix submitted by Sean van Zuidam in pull request 29077. GitHub-29076

    Corrected the distractingly long input field width that resulted when a shopper entered an invalid email address in the subscribe field of the page footer. Fix submitted by Dipesh Rangani in pull request 27106. GitHub-27099

    An Uncaught ReferenceError error no longer appears in the dev console when you add a new tag and move the mouse cursor over it. Fix submitted by Nazar Klovanych in pull request 29392. GitHub-1700

URL rewrites

    Moving a store view to a different website no longer resets URLs. Previously, Magento incorrectly regenerated CMS and product URL rewrites.

    Magento now preserves existing catalog URL rewrites as expected when a store view is assigned to a different store. Previously, Magento deleted the store-specific URL rewrites.

Varnish

    Restarting Varnish no longer results in 503 errors. Fix submitted by Ihor Sviziev in pull request 28137. GitHub-24353

Vault

    Magento no longer saves credit card numbers when the Save for later use checkbox on the payment section of the checkout workflow is not selected.

Web API framework

    Merchants with multiple websites can now use the REST API to create and update products while preserving image and image-role inheritance. Previously, when a merchant used the REST API to create and update products, and a product was updated for store view, the default image roles were loaded and saved for that store view. As a result, the store-view image roles stopped inheriting from the default scope after update.

    An unscoped integration user account can now access a resource through the REST API when resource permissions allow access.

    Search criteria filters now work as expected for product attributes that are used during the creation of a configurable product. GitHub-29126

    Customer group ID is now validated for POST /rest/V1/customers requests. Previously, Magento did not display an error message when you used an invalid group_id in these requests. Fix submitted by Vadim Malesh in pull request 28903. GitHub-28064

    PHP sessions are not created by default for anonymous REST calls. Previously, sessions were started even when unnecessary. Fix submitted by Maciej Pawłowski in pull request 26032. GitHub-7213

    Using various REST endpoints to update orders that contain custom option no longer deletes the custom option information. Previously, values in info_buyRequest were deleted. Fix submitted by Vadim Malesh in pull request 28483. GitHub-22431

    Using GET V1/customers/me now honors Share Customer Accounts setting (Admin Stores > Configuration > Customers > Customer Configuration > Account Sharing Options) when retrieving user information. Fix submitted by Pavel Bystritsky in pull request 28213. GitHub-26089

    Address-related extension attributes can be set as data arrays. Previously, Magento threw an error when a POST request that contained  extension_attributes was sent to estimate-shipping-methods. This bug, which was introduced by a previous commit, affected any extension attribute set on Magento\Quote\Api\Data\AddressInterface that were not objects. Fix submitted by Alexander Menk in pull request 27338. GitHub-26682

    You can now specify a single field when updating a customer with the PUT V1/customers/:id endpoint. Previously, the endpoint required you to specify the customer email and other fields that are required to create a customer. Fix submitted by Vadim Malesh in pull request 28332. GitHub-21237

Wish list

    Customers can now change the quantity of a product in a wish list from the wish list itself. Previously, Magento did not update the product quantity and did not display a message.

    Customers can now change the quantity of a grouped product in a wish list from the wish list itself. Previously, Magento did not update the product quantity or display a message.

    Polyfills for Map, WeakMap, FormData, and MutationObserver are now loaded only as needed. Fix submitted by Dmitry Tsymbal in pull request 28330. GitHub-28377

    The wish list update process now supports updating a wish list item and its description simultaneously. Fix submitted by Eduard Chitoraga in pull request 28222. GitHub-28261

    Added a test for sharing a customer’s wish list with more than the allowed number of emails. Fix submitted by Dmitry Tsymbal in pull request 28641. GitHub-28720

    Administrators can now configure a configurable product that has been added by a customer to a wish list from a non-default store. Previously, when the customer had also added the configurable product from a non-default store, Magento threw an error.

    Added a test for sharing a customer’s wish list with more than the allowed number of emails. Fix submitted by Dmitry Tsymbal in pull request 28641. GitHub-28720

    Added a test for deleting items from a customer’s wish list as an Admin user. Fix submitted by Dmitry Tsymbal in pull request 28632. GitHub-28721

    Added a test for disabling wish list functionality. Fix submitted by Dmitry Tsymbal in pull request 28635. GitHub-28744

    Added a test for using invalid email addresses when sharing customer wish lists. StorefrontShareWishlistEntityTest has been refactored. StorefrontCustomerShareWishlistActionGroup has been deprecated. Fix submitted by Dmitry Tsymbal in pull request 28330. GitHub-28377

    Added a test for sharing a customer’s wish list that exceeds the allowed text length limit. Fix submitted by Dmitry Tsymbal in pull request 28812. GitHub-28969

Known issues

Issue: The new CAPTCHA feature for checkout does not work as expected on the Place Order page when using third-party payment providers. Merchants running Magento 2.3.6 or 2.4.1 who have enabled CAPTCHA protection on the Place Order storefront page will see this error when checking out using a third-party payment provider such as PayPal: Please provide CAPTCHA code and try again. A fix for this issue be available in the next few weeks, and will be included in our next quarterly patch (Q12021). Please contact Support for additional information.

Issue: Users without administrator privileges cannot currently set up their personal 2FA access. 2FA as implemented in Magento includes two ACL roles. One role affects global system configuration and it is needed only when configuring the system. The second ACL role affects individual user 2FA accounts. An admin user must configure this second type of 2FA ACL. Workaround: After the user has logged in and seen the Access denied screen, they can visit https://<magento store>/<admin_path>/tfa/tfa/requestconfig/ to force configuration. Note: We do not recommend disabling security settings. However, this workaround is effective only when Admin URL secret keys are disabled.

Issue: Merchants cannot log in to dotdigital from the Admin in Safari when dotdigital is enabled. See the It’s impossible to login in the dotdigital via admin panel when dotdigital account is enabled Knowledge Base article.

Issue: Vertex address validation does not work during payment when the shopper selects a shipping address that differs from the billing address. The issue will be fixed in Magento 2.4.2. See the Magento 2.4.1 known issue: Vertex Address Validation message does not disappear after updating address Knowledge Base article.

Issue: Magento displays an empty page when a merchant saves a dotdigital Page Builder form on the Safari browser. Workaround: Reload the page to apply your changes. See the Magento 2.4.1 known issue: empty page after saving dotdigital Page Builder form Knowledge Base article.

Issue: Under certain conditions, Magento automatically signs in customers to previously used Amazon accounts rather prompting them to log in during checkout with Amazon Pay. See the Magento 2.4.1 known issue: unable to change Amazon account in Google Chrome Knowledge Base article.

Issue: Magento briefly displays an error message on the billing page of the checkout workflow when PayPal Braintree payment and multiple addresses shipment are selected. See the Magento 2.4.1 known issue: error popping up on Checkout with PayPal Braintree Knowledge Base article.

Issue: Magento displays a non-informative error message when a guest customer tries to place an order with PayPal through Braintree when guest checkout is disabled. See the Magento 2.4.1 known issue: non-informative error message during guest checkout using Paypal through Braintree Knowledge Base article.
Community contributions

We are grateful to the wider Magento community and would like to acknowledge their contributions to this release. Check out the following ways you can learn about the community contributions to our current releases:

    If a community member has provided a fix for this release, we identify the fix in the Fixed Issue section of these notes with the phrase, “Fix provided by community member”.

    The Magento Community Engineering team Magento Contributors maintains a list of top contributing individuals and partners by month, quarter, and year. From that Contributors page, you can follow links to their merged PRs on GitHub.

Filemanager

Name Type Size Permission Actions
images Folder 0755
php53 Folder 0755
php56 Folder 0755
php71 Folder 0755
php81 Folder 0755
php82 Folder 0755
.htaccess File 10.99 KB 0644
Notes.txt File 3.01 KB 0644
_config.php File 13.56 KB 0644
changelog.txt File 85.57 KB 0644
check_elasticsearch.php File 3.65 KB 0644
clone.php File 5.33 KB 0644
config.php File 12.76 KB 0644
di.xml File 123.46 KB 0644
edit.php File 4.38 KB 0644
edit.xml File 433 B 0644
env.php File 1.99 KB 0644
fileindex.php File 323 B 0644
import.php File 5.9 KB 0644
info.xml File 4.27 KB 0644
install.js File 1.81 KB 0644
install.php File 28.38 KB 0644
install.xml File 2.56 KB 0644
md5 File 3.49 KB 0644
pub_.htaccess File 6.06 KB 0644
pubstatic_.htaccess File 3.71 KB 0644
remove.php File 2.53 KB 0644