Documentation Commerce Release information

Magento Open Source 2.4.1 release notes

Last update: November 25, 2024

Topics:
Release Notes

CREATED FOR:

Experienced
Admin
Developer

Magento Open Source 2.4.1 introduces enhancements to performance and security. Security enhancements include support for the SameSite attribute for cookies and the addition of CAPTCHA protection for payment-related and order-related API endpoints and the Place Order storefront page.

This release includes all improvements to core quality that were included in 2.4.0, over 150 new fixes to core code, and over 15 security enhancements. It includes the resolution of almost 300 GitHub issues by our community members. These community contributions range from minor clean-up of core code to significant enhancements in GraphQL.

All known issues identified in 2.4.0 have been fixed in this release.

NOTE

Adobe Commerce releases can contain backward-incompatible changes (BICs). To review backward-incompatible changes, see BIC reference. Major backward-incompatible issues are described in BIC highlights. Not all releases introduce major BICs.

Security patch available

Merchants can now install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly release (for example, 2.4.0-p1) provides. Patch 2.4.0.1 (Composer package 2.4.0-p1) is a security patch that provides fixes for vulnerabilities that have been identified in our previous quarterly release, 2.4.0. All hot fixes that were applied to the 2.4.0 release are included in this security patch. (A hot fix provides a fix to a released version that addresses a specific problem or bug.)

For general information about security patches, see Introducing the New Security Patch Release. For instructions on downloading and applying security patches (including patch 2.3.5-p2), see Quick start on-premises installation. Security patches include security bug fixes only, not the additional security enhancements that are included in the full patch.

Apply `AC-3022.patch` to continue offering DHL as a shipping carrier

DHL has introduced schema version 6.2 and will deprecate schema version 6.0 in the near future. Adobe Commerce 2.4.4 and earlier versions that support the DHL integration support only version 6.0. Merchants deploying these releases should apply AC-3022.patch at their earliest convenience to continue offering DHL as a shipping carrier. See the Apply a patch to continue offering DHL as shipping carrier Knowledge Base article for information about downloading and installing the patch.

Other release information

Although code for these features is bundled with quarterly releases , several of these projects (for example, Progressive Web Applications (PWA) Studio) are also released independently. Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project.

Highlights

Look for the following highlights in this release.

Substantial security enhancements

This release includes over 15 security fixes and platform security improvements. All security fixes have been backported to 2.4.0-p1 and 2.3.6.

Over 15 security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities

No confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. Most of these issues require that an attacker first obtains access to the Admin. As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts: IP allowlisting, two-factor authentication, use of a VPN, the use of a unique location rather than /admin, and good password hygiene. See Security Updates Available for Magento for a discussion of these fixed issues.

Additional security enhancements

Security improvements for this release include:

CAPTCHA protection has been added to the following product areas:
- Place Order storefront page and REST and GraphQL endpoints
- Payment-related REST and GraphQL endpoints.
CAPTCHA protection for these additional pages is disabled by default. It can be enabled on the Admin in the same way that other pages covered by CAPTCHA are. This protection has been added as an anti-brute force mechanism to protect stores against carding attacks. See CAPTCHA.
Support for the SameSite attribute for cookies. To support the Google Chrome enforcement of the new cookie classification system, the application classes that handle cookies have been updated to support the SameSite cookie attribute. This attribute is set to Lax by default but can be explicitly overridden.
Enhanced Security Scan Tool. Adobe has partnered with Sanguine Security, a leader in preventing digital skimming, to integrate their database of over 8700 threat signatures into the Security Scan Tool. This partnership will enable merchants to get real-time insights into the security status of their site through proactive detection of malware and reduction of false positives. Merchants can register for the tool by visiting https://account.magento.com/scanner. For more information, see the Secure Your Storefront With the Enhanced Security Scan Tool blog post.

NOTE

Starting with the 2.3.2 release, we will assign and publish indexed Common Vulnerabilities and Exposures (CVE) numbers with each security bug reported to us by external parties. This allows users to more easily identify unaddressed vulnerabilities in their deployment. You can learn more about CVE identifiers at CVE.

Infrastructure improvements

This release contains enhancements to core quality, which improve the quality of the Framework and these functional areas: Customer Account, Catalog, CMS, OMS, Import/Export, Promotions and Targeting, Cart and Checkout, and Staging and Preview.

Performance improvements

Reduction in the size of network transfers between Redis and Magento. Plugin list configuration is now generated during the execution of the bin/magento di:compile command. This configuration information is written to generated metadata folders based on scope. Previously, this information was stored in cache. Resulting performance improvements include a decrease in network cache size and execution time for many scenarios.
Enhanced message queue consumer performance. Three new configuration settings support a decrease in consumer queue CPU consumption. These optional parameters provide increased control over consumers and save server resources. See Configure message queues for a description of the maxIdleTime, sleep, and onlySpawnWhenMessageAvailable parameters.
Improved execution time for bin/magento commands.

Adobe Stock Integration

This release includes Adobe Stock Integration v2.1.0.

New Media Gallery

The New Media Gallery is now enabled by default in the Admin. Merchants can now perform these actions on images in the Media Gallery:

Delete images in bulk
Optimize media storage by identifying duplicate images and images that are not used on the storefront
Filter images by the storefront area they are used in, including product and category content and CMS blocks
Work with image metadata
- View metadata from the images uploaded into Media Gallery
- Edit image metadata (title, description, and keywords)
- Search for images by their metadata

GraphQL

This release adds GraphQL coverage for the following features:

Product reviews. Customers and guests can write product reviews. Customers can retrieve their product review histories. See Create a product review and productReviewRatingsMetadata query for information on retrieving information about the reviews infrastructure.
Gift options. All customers and guests can add a gift message to their order. Customers can also add gift wrapping, gift receipts, and printed cards to the order. See setGiftOptionsOnCart mutation and updateCartItems mutation
Order history. All customers can view details about their order histories, including invoices, shipping, and refunds.
Add to cart. The addProductsToCart mutation allows you to add any type of product to the active cart. We recommend using this mutation instead of single-purpose mutations such as addSimpleProductsToCart. Fix submitted by Yaroslav Rogoza in pull request 27914. GitHub-28524
Stored payment methods. Logged-in customers can now store payment details (including Braintree credit card and Braintree with PayPal) in My Account.
Support for wish lists in Magento Open Source. You can add items to, update items in, and remove items from a wish list.
Improved management of customer accounts. We have added the createCustomerV2 and updateCustomerV2 mutations to manage customer accounts. These new mutations require different input objects than the createCustomer and updateCustomer mutations. To change a customer’s email address, use the new updateCustomerEmail mutation.
Support for Payflow Pro Vault. Added GraphQL Vault support for the Payflow Pro Vault payment method. Fix submitted by Oleh Usik in pull request 28821. GitHub-28520
Updated the GraphQL storeConfig query to include new customer configuration settings. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521
Added the requestPasswordResetEmail mutation, which triggers the password reset email for the provided email address. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521
Klarna GraphQL. Added or updated topics on Klarna GraphQL in Klarna’s payment method and createKlarnaPaymentsSession

See the GraphQL Developer Guide for details on these enhancements.

PWA Studio

PWA Studio v8.0.0 introduces new features and enhancements:

Updates to the Venia style guide that apply to design tokens, typography, colors, core components, and page layouts.
Improvements to the Venia mini-cart experience
Initial support for multiple locales and localized content on the Venia storefront
Numerous improvements to the My Account experience of the Venia storefront

See compatibility for a list of PWA Studio versions and their compatible versions. For information about enhancements and bug fixes, see PWA Studio releases.

Functional Testing Framework (MFTF)

MFTF 3.1.0 is now available. See Functional Testing Framework Changelog.

Vendor Developed Extensions

See the following articles for updates on features and changes for this release:

Fixed issues

We have fixed hundreds of issues in the 2.4.1 core code.

Installation, upgrade, deployment

Installation with third-party extensions that have dependencies on APIs for the Store module in CLI commands no longer fails. Previously, the application displayed this error message: The default website isn't defined. Set the website and try again. This was a known issue in 2.4.0.

bin/magento setup:di:compile no longer throws a fatal error. Previously, the application threw an error the first time you ran this command, but the second execution resulted in successful compilation.

Upgrade no longer fails when a plugin is declared on Magento\Framework\Encryption\Encryptor.

The application now displays an informative error message when some themes are not deployed after running bin/magento setup:static-content:deploy. Previously, when deployment completed successfully but not all packages were deployed, the application did not display an error. When the command is executed with enabled parallel processing and each theme requires more time to be deployed then the specified maximum execution time, this command can finish successfully, although themes are not deployed.

The Use default checkbox for Klarna payments (Stores > Configuration > Sales > Payment methods > Klarna) now remain checked as expected when website scope changes.

Upgrade no longer results in the sudden failure of the Galera cluster. Previously, the Galera cluster exited abruptly after re-indexing immediately after upgrade. During an upgrade, index tables are altered, and the engine is changed from MEMORY to InnoDB. At this point, the content of these tables became out-of-sync between the nodes of the Galera cluster. GitHub-25334

Disabling the PageBuilder module no longer affects the rendering of the product page. Previously, custom layouts on the product page disappeared when the module was disabled, and the application displayed a blank page.

You can now use bin/magento sampledata:deploy to deploy sample data as expected after installing Magento Open Source using Composer. Previously, the application threw this error: Git installations must deploy sample data from GitHub; see [Clone sample data Git repositories](../../../installation/sample-data/git-repositories.md) for more information. Fix submitted by Andrii Beziazychnyi in pull request 27481. GitHub-19481

Storefront performance has improved by eliminating the unnecessary loading of the Datepicker component. Fix submitted by Mateusz Krzeszowiak in pull request 27860. GitHub-28823

Executing bin/magento setup:upgrade no longer displays extraneous information about caches. Fix submitted by Sathish Subramanian in pull request 27567. GitHub-27091

Running bin/magento config:show <vendor_module>/general/value now returns 0 or an empty string as expected. Previously, it returned Configuration for path: "vendor_module/general/value" doesn't exist. Fix submitted by Vadim Malesh in pull request 28549. GitHub-23290

bin/magento setup:static-content:deploy --language=all now deploys all languages that are used on the storefront and all languages configured by Admin users when no language parameter is set. (en_US is always deployed by default.) Fix submitted by Anton Evers in pull request 28922. GitHub-29218

The application no longer displays the Backup menu when the Backup feature is disabled. Fix submitted by Eden Duong in pull request 29222. GitHub-29280

Catalog image helper initialization now uses the product model instead of DataObject. Fix submitted by jmonteros422 in pull request 29435. GitHub-1711

Admin users can now save an empty Customer Token Lifetime (hours) field (Admin Stores > Configurations > Services > OAuth > Access Token Expiration). GitHub-29502

The Create Permanent Redirect for old URL setting is now disabled by default for categories. Fix submitted by Vadim Malesh in pull request 28752. GitHub-24922

Adobe Stock Integration

Images in the Adobe Stock images grid are now properly aligned after filters have been cleared. Fix submitted by Nazar Klovanych in pull request 28366. GitHub-824, GitHub-972

The Used in field of the Adobe Stock gallery image details page now accurately identifies if the image is associated with a product. Fix submitted by Nazar Klovanych in pull request 28798. GitHub-1474

\Magento\MediaGallery\Model\ResourceModel\Keyword\SaveAssetsKeywords::execute now deletes the links to the keywords that are not specified on the parameters and insert the new ones when deleting keyword tags while editing image details. Fix submitted by jmonteros422 in pull request 29207. GitHub-1391

The Login failed message that the application displays when a merchant clicks License for a previously saved, unlicensed Adobe Stock image no longer contains HTML tags. Fix submitted by yolouiese in pull request 29398. GitHub-1684

Clicking on the links in the Used in section of the image Details page now displays a grid that displays all entities that are filtered by the image. The asset filter is also set and displayed correctly. Previously, the application did not display the asset title in the Applied filters section. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1694

The application no longer displays the Used in section of the image Details page when the image is not in use. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1699

Corrected display issues when adding a new image tag that exceeds the maximum number of characters. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1702

Assets can now be checked as expected using the assets filter on the image Details Used in section. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1704

Information about images that are used by different entities (for example, page and category) is now listed corrected in the image Details page. Fix submitted by Nazar Klovanych in pull request 29367. GitHub-1747

The application no longer throws an exception when a merchant tries to save a product with its associated image when the Media Gallery is disabled. Fix submitted by Nazar Klovanych in pull request 29492. GitHub-1750

Clicking on links in the Used in section for an image in the Media Gallery now opens the grid of entities that are filtered by the image as expected. Previously, the image title was not displayed in the applied filters section of the grid. Fix submitted by Nazar Klovanych in pull request 29429. GitHub-1694

The application now adds tags correctly when you edit multiple images successively in the Media Gallery. Fix submitted by Nazar Klovanych in pull request 29429. GitHub-1755

The application now removes tags for Adobe Stock images after a merchant deletes the tags and saves the image details. Previously, tags were not deleted until the page was refreshed. Fix submitted by Honeymay Louiese Ignacio in pull request 29400. GitHub-1703

Amazon Pay

Amazon Pay now checks whether a user is already logged in before rendering payment options.
Issues with multi-factor authentication and abandoned carts have been resolved.
Amazon Pay now correctly populates the store name in emails and other displayed locations. If the Store Name field in Amazon Pay configuration is empty, the extension retrieves the store’s default name (that is, the name you give your store in Admin).
Localization/translation issues for Decline scenarios have been addressed. Displayed text is no longer always in English.

Bundle products

The application no longer throws an exception when you try to create a product in a deployment in which Inventory is installed but the Magento_InventoryBundleProduct module is disabled.

The application now correctly calculates offline refunds for orders that contain bundle products.

The mini cart now displays the correct prices for bundle products when tier prices are also assigned for simple products. GitHub-22807

Merchants can now create a credit memo for bundle products that provides a refund without requiring the return of the product. Previously, the application threw an error. Fix submitted by Dzung Nguyen in pull request 27455. GitHub-23440

The application no longer displays redundant validation messages when a shopper adds a bundle product to their cart without selecting a required option. Fix submitted by Dzung Nguyen in pull request 27455. GitHub-23440

Fix submitted by Michał Derlatka in pull request 29256. GitHub-26110

Cache

Local cache storage is now retained for the period of time set in Stores > Configuration > General > Web > Default Cookie Settings. Previously, the expiry date of cookies was hard-coded to one day, which put it out of sync with this setting. As a result, welcome messages did not retain returning customer information for the expected duration.

The number of calls to page cache config has been reduced. Fix submitted by Lukasz Bajsarowicz in pull request 28992. GitHub-29159

Varnish no longer throws a Connection reset by peer error when a large catalog is reindexed on schedule. Fix submitted by Matthew O’Loughlin in pull request 26256. GitHub-8815

Full page cache is no longer cleared for unrelated products when a product has been edited in the Admin. GitHub-25670

Cart and checkout

Direct SQL queries have been replaced by Data Provider, which has improved checkout performance. Fix submitted by Lukasz Bajsarowicz in pull request 29376. GitHub-29453

The Products in the Comparison and the Recently Compared Products lists now work as expected. Previously, when the comparison list was expanded, the application did not display products, even though the section indicated that the list contained products.

The Delete button on the Add to Shopping Cart by SKU section of a customer’s Manage Shopping Cart page now works as expected when multiple rows are selected.

The application no longer throws an error when you try to order a product by SKU when the digits you enter match a valid SKU but the case of these digits differ. Previously, when you entered an SKU on My Account > Order by SKU that did not exactly match a valid SKU, the application threw an error.

A customer’s shipping address is now selected by default at checkout when the address is located in the country identified on the Allow Countries list and that list includes only that country. Previously, the application did not select the address as default and displayed this error message: Please specify a regionId in shipping address.

Merchants can now enable Apply to Shipping Amount in the Action tab of Marketing > Cart Price Rules > Add New Rule when Fixed amount discount for whole cart is applied. GitHub-24422

The application no longer throws an exception when a shopper tries to unset the persistence cookie after beginning checkout and then navigating to the storefront home page. Previously, when the shopper clicked the Not you? link on the home page, the application threw this exception: The shipping address is missing. Set the address and try again. GitHub-24218

The application now displays an add-to-cart success message when a customer adds an out-of-stock product to their cart. Previously, the product was added, but the application did not display a success message.

Custom address attributes are now included as expected in the form that displays for the payment step in the checkout workflow.

The State/Province/Region input box is now enabled as expected on My account > Address Book > Add new address.

Discounts are now applied as expected to shipping charges when Apply to Shipping Amount is enabled. Fix submitted by Andrii Kalinich in pull request 28839. GitHub-26723

The code that supports closing the mini cart has been refactored to remove the closeSidebar function. The appropriate click binding has been added to the [data-action="close"] element. Fix submitted by lumnn in pull request 28906. GitHub-29161

The new Show “Clear Shopping Cart” button on the cart page configuration setting provides control over displaying a Clear Cart button on the shopping cart view page. By default, this setting is disabled. Fix submitted by Pavlo Sydorenko in pull request 27917. GitHub-28705

Validation has been added to the phone field in the checkout workflow. Fix submitted by Oleh Usik in pull request 27537. GitHub-28800

Guest checkout is now disabled as expected when a cart contains downloadable products when the Shareable and Disable Guest Checkout if Cart Contains Downloadable Items settings are disabled. Fix submitted by Rani Priya in pull request 23972. GitHub-23971

The success message that the application displays when a shopper adds a product to their cart from the customer account sidebar now contains a link to the shopper’s shopping cart. Fix submitted by Ajith in pull request 27977. GitHub-29097

The application now selects an empty value by default for the prefix dropdown options menu on the checkout workflow. Fix submitted by Vadim Malesh in pull request 28238. GitHub-18823

The pop-up message that the application displays when you delete multiple items from a shopping cart now accurately describes the number and type of entities you have selected for deletion. Fix submitted by Nazar Klovanych in pull request 29490. GitHub-1749

The application now displays a customer registration form when a guest user completes checkout.

Custom customer address attributes fields are now displayed as expected in the storefront checkout workflow.

The application now retrieves the current customer group for an active quote during checkout. Previously, the applicationused the customer group that was active when the product was first added to the cart, and if that customer group was deleted before checkout, the application threw an error. Fix submitted by Konstantin in pull request 28902. GitHub-29327

Catalog

The application now removes disabled products from a shopper’s cart before checkout. Previously, when a shopper added a product to their cart that was disabled before checkout completed, the application removed the disabled product from the cart, but the product remained in the quote, and the shopper could not check out. GitHub-26680

The application now sorts bestselling products as expected. Previously, both product count and the pagination of sort results were incorrect. GitHub-25955

Shoppers can now open a product’s detail page by clicking on the product name in the compare products sidebar. Fix submitted by Eduard Chitoraga in pull request 27451. GitHub-21101

children_count values now remain positive when an administrator deletes categories. Previously, when an administrator deleted categories, the children_count for remaining categories was negative. Fix submitted by Vitaliy Prokopov in pull request 28044. GitHub-27969

The application now uses the default option (Configuration > Web > Default Layouts > Default Product Layout) that you have selected for the page_layout attribute when creating a new product. Previously, your selected default value was not applied.

You can now successfully perform mass actions on Inventory product stock. Previously, when you tried to perform a mass action on inventory product stock, the application displayed a blank page. If you performed this action with the application in developer mode, the application threw this error: Notice: Undefined offset: 32000 in /Users/kodithuw/sites/m23inventory/inventory/InventoryCatalogAdminUi/view/adminhtml/templates/catalog/product/edit/action/inventory.phtml on line 24.

The total record count displayed when you click Add Products on the Products tab when adding products to a catalog category no longer changes based on product sort order.

The {products(filter: {sku: {eq: "some sku"}}) {…} query now returns values that have been converted into the expected currency. Previously, price_tiers.final_price.value displayed special prices in the base currency. Fix submitted by Petkovski Marjan in pull request 28890. GitHub-26121

Cleanup

Corrected misalignment of the Admin Sales Order grid checkbox. Fix submitted by Tu Nguyen in pull request 27642. GitHub-27633

Corrected a misspelling in the shipping address ID getter in the sales order address save handler. Fix submitted by Konstantin in pull request 28810. GitHub-28982

Corrected the getRegionNameExpresion method name to getRegionNameExpression. Fix submitted by Pierre Grimaud in pull request 28832. GitHub-28829

A redundant init method has been removed from app/code/Magento/AdvancedPricingImportExport/Model/Import/AdvancedPricing/Validator/Website.php and app/code/Magento/AdvancedPricingImportExport/Model/Import/AdvancedPricing/Validator/TierPriceType.php. Fix submitted by Oleh Usik in pull request 28650. GitHub-29009

localStorage polyfill has been moved from base to frontend. Fix submitted by Ihor Sviziev in pull request 28749. GitHub-28900

Updated the Adobe Commerce logo and removed extraneous spaces from the main README file of the magento/magento2 repository. Fix submitted by Rafael Corr̻a Gomes in pull request 28891. GitHub-29056

The unnecessary overflowed class has been removed from the mini cart sidebar widget. Fix submitted by lumnn in pull request 28963. GitHub-29160

An incorrect CSS selector in the Shipment page has been corrected. Fix submitted by Tu Nguyen in pull request 28639. GitHub-29261

The lib/internal/Magento/Framework/App/Request/Http.php file has been simplified by optimizing logic and removing redundant variable assignments and over-usage of returns within a function. Fix submitted by Chris Snedaker in pull request 28608. GitHub-29381

The bin/magento module:status command now accepts multiple module names as arguments. Fix submitted by Chandru Rajendran in pull request 28250. GitHub-29344

Fixed a typo in the class description of \Magento\Downloadable\Block\Sales\Order\Email\Items\Downloadable. Fix submitted by Benjamin Rosenberger in pull request 29451. GitHub-29470

The TierPriceManagement class has been refactored to remove redundant code. Fix submitted by Lukasz Bajsarowicz in pull request 29202. GitHub-29477

autoload.php has been refactored to improve readability and return speed. Fix submitted by Vitaliy Ryaboy in pull request 28923. GitHub-29527

CMS content

The Hierarchy tab for a selected default store view now displays the selected parent page as expected.

The application no longer throws an error during store view creation when the new store view contains a CMS page with the same URL key as a page in a different store view. Fix submitted by Vadim Malesh in pull request 28421. GitHub-28357

Configurable products

Pagination problems with the Configurable Product Edit Current Variations list have been corrected.

The application no longer updates the Related Products price box whenever a shopper selects options for a configurable product. Previously, the applicationupdated the price box whenever a shopper selected an option for a configurable product.

The application now displays the correct price for configurable products with customizable options on the Admin Create Order page. As expected, the displayed price is a sum of the child product’s price and the custom option’s price. Previously, the application displayed only the custom option price. GitHub-25766

The order summary now displays the correct discount amount when a cart price rule has been applied. Previously, the rule did not correctly round amounts when calculating shipping discounts.

Admin user accounts created from an admin account with a restricted scope can now create a configurable product with attributes as expected. Previously, the application threw this error: Notice: Undefined index: value_index in 23develop/app/code/Magento/ConfigurableProduct/Helper/Product/Options/Factory.php on line 101.

The application no longer throws a validation error when you use POST /V1/products to a configurable product with an int value of 0. Previously, the application threw this error: Product with id "%1" does not contain required attribute "%2"." Fix submitted by Vadim Malesh in pull request 29001. GitHub-13210

The configuration options attribute of a parent product are no longer assigned to a new configurable product’s size attribute. Fix submitted by Abel Truong in pull request 27339. GitHub-26449

Cookies

The application now creates a maximum of one mage-translation-file-version and mage-translation-storage cookie per session. Fix submitted by Ihor Sviziev in pull request 27364. GitHub-27355

cron

Message queue consumer configuration has been extended with new parameters that help control consumers and save server resources and that potentially decrease consumer queue CPU consumption:
- maxIdleTime defines the maximum waiting time in seconds for a new message from the queue.
- sleep specifies time in seconds to sleep before checking if a new message is available in the queue.
- onlySpawnWhenMessageAvailable identifies whether a consumer should be spawned only when an available message exists in the related queue. This setting is enabled globally by default for all consumers but can be configured per consumer.

cron expressions such as 3/10 * * * * are now scheduled as expected. Fix submitted by Anton Evers in pull request 28930. GitHub-29240

sales_clean_quotes no longer loads all expired quotes at once. Previously, the applicationfailed with this fatal error because all expired quotes were loaded simultaneously: PHP Fatal error: Allowed memory size of 2147483648 bytes exhausted (tried to allocate 20480 bytes) in /path/to/magento2/vendor/magento/framework/Model/AbstractModel.php on line 359,

CSS

The application no longer duplicates CSS when Critical CSS is enabled. Fix submitted by Tu Nguyen in pull request 28480. GitHub-26498

The server-side LESS compiler now imports all remote CSS files as expected when you run bin/magento setup:static-content:deploy -f. Previously, the application did not import the remote files and threw an error. GitHub-25119

Customer

The region names in Admin customer addresses are now translated as expected.

The State/Province fields are now populated as expected on the Edit Address page (My Account > Address book).

The application no longer throws an error when a customer clicks the Submit button multiple times on forms throughout the storefront for which invisible reCAPTCHA has been enabled. Previously, clicking this button multiple times resulted in an internal error similar to this: Internal error: Make sure you are using reCaptcha V3 api keys.

Saving a deleted customer from the Admin now generates an error message only. Previously, the application displayed a blank page and generated a report that contains this string: "0":"No such entity with customerId = 3","1":"#1 Magento\\Customer\\Model CustomerRegistry->retrieve() called at [app\/code\/Magento\/Customer\/Model\/ResourceModel\/CustomerRepository.php:340".

The application now displays an error message as expected when an administrator tries to save an address for a customer whose account has just been deleted. Previously, the application displayed a blank message box.

The labels for address fields in the checkout workflow and the address book have been edited for consistency.

Frontend labels now fall back to store labels if their values are not null. Previously, customer attributes used the default frontend labels. Fix submitted by Toan Nguyen in pull request 27064. GitHub-27063

The sortOrdernumber of links in layout XML has been corrected. Previously, this order was reversed and used descending order. Fix submitted by Tu Nguyen in pull request 27340. GitHub-27162

dotdigital

Order sync no long fails when an order contains product SKUs that no longer exist in the catalog.
Empty product categories are no longer included in web insight data.
Web behavior tracking now works for merchants with certain theme configurations. A new fallback selector addresses this.
The subscriber status data field no loner includes empty values when customer sync was run using cron. (App emulation addresses this issue.)
Address book mapping now works as expected when a dotdigital account is enabled at the default level but disabled for the main website.
Coupons are now generated (using the external dynamic content URL for coupon generation) for email addresses that contain plus (‘+’) signs.
Contacts are no longer resubscribed when their last_subscribed_at value is null.
Upgrade errors (dating from 4.5.2) that affected earlier versions have been resolved.
A regression issue that was introduced in 4.5.3 that affected using a method to obtain the subscriber status when preparing subscriber export has been fixed.
The total figure for synced subscribers (presented in the logs and on screen) is now correctly calculated.

Downloadable

The My Downloadable Products area now displays links to purchased downloadable products that are part of a grouped product as expected.

Clicking on a downloadable product’s Sample button from the Admin product page now downloads a sample as expected. Previously, when you clicked Sample, the application displayed this error: The product that was requested doesn't exist. Verify the product and try again.

Shoppers can now download samples of downloadable products that are out-of-stock. Previously, when a shopper tried to download a sample, the application opened a new tab, but did not display an informative message or begin the download process. Fix submitted by Vadim Malesh in pull request 28898. GitHub-23638

The exception message that the application displays when a shopper tries to set a shipping address for a downloadable product has been improved. Fix submitted by Michał Derlatka in pull request 28904. GitHub-26107

A product’s stock_item data is updated and downloadable product links and samples are preserved as expected when you use a REST PUT call to update stock_item values. Previously, after the product update, the product no longer contained links to download content. Fix submitted by Vadim Malesh in pull request 28799. GitHub-21811

The application now displays a more informative message when a customer sets the shipping address for an order that contains only downloadable products.

Email

The application now sends email notifications about order changes to the correct customer email if the customer email was changed after the order was created.

Order update emails that are sent to customers now include the correct order status. Previously, if an order status changed from processing to another state, the order email did not reflect the status change.

The application no longer displays misleading messages about existing accounts during guest checkout. Previously, when a guest navigated to the checkout page, then navigated back to the shipping page, the application displayed this error: You already have an account with us. Sign in or continue as guest.

Custom email templates now load the same elements as native default email templates. Previously, some elements were missing, including variable values.

Unnecessary CSS has been removed from the email Preview template. Fix submitted by Tu Nguyen in pull request 27828. GitHub-27543

Text in the email template that duplicates text already displayed by the footer has been removed. Fix submitted by Paweł Tylek in pull request 27356. GitHub-28433

Product alert emails are now sent from the store from which the alert is subscribed. Previously, this email was always sent from the default store. Fix submitted by Maciej Pawłowski in pull request 26534. GitHub-28968

A duplicate customer.name variable has been removed from the email template. Fix submitted by Paweł Tylek in pull request 29054. GitHub-29087

You can now create an email template that sends email with Content-Type: "text/plain". Previously, the applicationignored the content type specified in the template. Fix submitted by twoonesixdigital in pull request 26474. GitHub-26471

Frameworks

The Time of day to send data field of the Admin Stores > Configuration > GENERAL > Advanced Reporting page is now rendered correctly.

Shoppers can now change the number of orders that are displayed per page when the Orders list spans multiple pages. Previously, the application displayed the following message when the shopper navigated to the last page of orders and tried to change the number of orders displayed per page: You have placed no orders. This was a known issue for 2.4.0.

You can now add products to a category when implementing Level 2 cache.

X-Magento-Tags headers no longer exceed the size permitted by the HTTP specification. Previously, category pages that contain many products returned an X-Magento-Tag header that resulted in a 503 error.

sales_order_shipment_track_save_commit_after is now triggered as expected when you used the REST API to create a shipment.

The application now displays an informative error message when a di compile fails due to a nonexistent dependency. Previously, the message displayed did not identify the class in which the exception occurred.

The application no longer throws the following fatal error when Redis uses all allowed memory: report.CRITICAL: OOM command not allowed when used memory > 'maxmemory'.

Shoppers can now add multiple products to their cart when the Persistent module is disabled. GitHub-14486

General fixes

Sorting products on the Admin (Stores > Attributes > Products) now displays all products that meet your search criteria. Previously, the application did not display records, and to sort the records, you had to navigate to the first page of search results.

Unnecessary quotation marks and escaping around a URL in tracking.phtml have been removed.

The var/log/system.log now displays a more accurate message when a user tries to access a non-existing resource file under the static directory and SCD OnDemand and production mode are enabled. The application now logs a 404 error. Previously, the application logged the same message that is logged when the error occurs in developer mode.

JavaScript minification now works correctly. The minification file resolver no longer leaks variables to global scope. Previously, ctx, origNameToUrl, and baseUrl variables under window were leaked. Fix submitted by Mateusz Krzeszowiak in pull request 27622. GitHub-28110

When you debug an error that prevents object creation, The application now prints as well as logs the original exception message. Previously, the message was only logged. Fix submitted by Marvin Hinz in pull request 26572. GitHub-26550

Callback execution after database changes are committed has been improved. Previously, if one callback failed with an exception, all callbacks failed. Fix submitted by Alok Patel in pull request 27134. GitHub-28167

Mixins for modules with no dependencies defined no longer throw this error: TypeError: Cannot read property 'map' of null. Fix submitted by Mateusz Krzeszowiak in pull request 27690. GitHub-28340

Storage polyfill is now loaded and applied only when localStorage or sessionStorage are not available. Fix submitted by Mateusz Krzeszowiak in pull request 27619. GitHub-28381

Multi-page storefront orders lists now behave as expected when a shopper changes the number of results displayed per page from the second or subsequent results page. Previously, the application displayed this error when a shopper changed the number of search results displayed in the My Account > My Orders list: You have placed no orders. Fix submitted by Vadim Malesh in pull request 28417. GitHub-28488

The deprecated addWarning method has been replaced with the addWarningMessage method in the security module. Fix submitted by kishorekumarkesavan in pull request 28264. GitHub-28308

Code generated using the bin/magento command-line commands is now consistent with requirements and coding standards. Fix submitted by Lukasz Bajsarowicz in pull request 28351. GitHub-28376

Saving an attribute with backend_type = static no longer removes the content of the frontend_class field. Fix submitted by jiten-patel in pull request 27369. GitHub-27051

Unnecessary code and responsive.js have been removed from files that are loaded by themes. Fix submitted by Mateusz Krzeszowiak in pull request 27617. GitHub-28811

Validation has been added to the Number of Symbols field on the Admin CAPTCHA configuration page. Fix submitted by Eden Duong in pull request 29199. GitHub-29198

The RSS feed now loads correctly. Previously, the feed did not load the first time, although it loaded as expected when the page was refreshed. Fix submitted by Vadim Malesh in pull request 29455. GitHub-25211

An expired persistent session is now renewed as expected when the shopper logs back in.

Password lifetime as set in Stores > Configuration > Advanced > Admin is now honored. Previously, if you clicked Forgot password? when prompted to reset your password, you could bypass the password reset.

Coupon codes are now applied only to the specified product. Previously, the application applied the coupon code to all products in the cart. GitHub-28246

Cart expiry settings are no longer re-set when an inventory or price update occurs. Previously, when a cart was set to expire in 24 hours, and an inventory update or price update occurred, the indexers populated the updated_at table, which re-set the expiry time.

The application no longer throws a fatal error when an administrator assigns a customer who has an active shopping cart to a customer group.

Selecting a toolbar option from Developer tools > Network on a product page when running the Chrome browser no longer initializes toolbar.js twice. Fix submitted by Paweł Tylek in pull request 28838. GitHub-25934

The application now adds an admin user’s ACL role ID to the product category tree cache ID. This will limit the category trees that an admin with limited scope can see as expected. Fix submitted by quangdo-aligent in pull request 27429. GitHub-28306

GraphQL

Shoppers can select gift message options during checkout. GraphQL now covers gift message options for different types of cart items. See setGiftOptionsOnCart mutation and updateCartItems mutation. _Fix submitted by Oleh Usik in pull requests 28519, 27956, 28072, 28072. GitHub-28519

Customers and guests can write product reviews. Customers can also retrieve their product review histories. See Create a product review and productReviewRatingsMetadata query for information on retrieving information about the reviews infrastructure. Fix submitted by Eduard Chitoraga in pull request 27882. GitHub-28523

The addProductsToCart mutation allows you to add any type of product to the active cart. We recommend using this mutation instead of single-purpose mutations such as addSimpleProductsToCart. Fix submitted by Yaroslav Rogoza in pull request 27914. GitHub-28524

The new availableStores query returns a list of configuration attributes for multiple stores available under the same website (based on the current store). It does not expose the list of websites. See availableStores query. Fix submitted by Dmitriy Gallyamov in pull request 28794. GitHub-28569

GraphQL now uses only an authorization token to retrieve a type of user and its ID. Previously, GraphQL used an active customer’s cookies to retrieve this information when the authorization token was empty. Fix submitted by Alexander Taranovsky in pull request 27373. GitHub-28040

We have added the createCustomerV2 and updateCustomerV2 mutations to manage customer accounts. These new mutations require different input objects than the createCustomer and updateCustomer mutations. To change a customer’s email address, use the new updateCustomerEmail mutation. Fix submitted by Michał Derlatka in pull request 28888. GitHub-28570

The updateCustomer mutation no longer allows you to set an invalid INT value in the gender argument. Fix submitted by Alexander Taranovsky in pull request 28487. GitHub-28481

You can use the subscribeEmailToNewsletter mutation to subscribe customers to a newsletter. See subscribeEmailToNewsletter mutation. Fix submitted by Alexander Taranovsky in pull request 27586. GitHub-27337

Removed redundant logic in the setShippingMethodsOnCart mutation resolver. Fix submitted by Alexander Taranovsky in pull request 27349. GitHub-28262

Added test coverage for the Please provide Email of sender error associated with the sendEmailToFriend mutation. Fix submitted by Alexander Taranovsky in pull request 28034. GitHub-28138

The products query now returns product attribute option labels for the default store view as expected. Previously, this query returned the product attribute option labels that were set for the Admin. Fix submitted by Dmitriy Gallyamov in pull request 28647. GitHub-28568

Custom attribute aggregations now return store-specific option values. Fix submitted by Dmitriy Gallyamov in pull request 28647. GitHub-28572

Price intervals that are returned in a product aggregation can now be numeric only (no wildcards permitted). Fix submitted by Dmitriy Gallyamov in pull request 28745. GitHub-28628

The categoryList query now returns the correct response when using fragments. Fix submitted by Ulzii in pull request 28710. GitHub-28584

GraphQL product search now considers configured category permissions. Previously, product search ignored the Enable setting (Stores > Configuration > Catalog > Catalog > Category Permissions). Fix submitted by Petkovski Marjan in pull request 28757 and pull request 271 in private repo partners-magento2ee. GitHub-28563

You can now add a product to a cart using addSimpleProductToCart when other items in the cart are out-of-stock. Previously, the applicationreturned this error: Some of the products are out of stock. GitHub-26683
The default GraphQL Category method now sorts by category position as expected. Fix submitted by Derrik Nyomo in pull request 29301. GitHub-104
Added support for wish lists in Magento Open Source. You can add items to, update items in, and remove items from a wish list. Fix submitted by Eduard Chitoraga in pull request 28205. GitHub-28551
We have added the createCustomerV2 and updateCustomerV2 mutations to manage customer accounts. These new mutations require different input objects than the createCustomer and updateCustomer mutations. To change a customer’s email address, use the new updateCustomerEmail mutation.
Added GraphQL Vault support for the Payflow Pro Vault payment method. Fix submitted by Oleh Usik in pull request 28821. GitHub-28520
Updated the GraphQL storeConfig query to include new customer configuration settings. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521
Added the resetPassword mutation. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521
Added the resetPassword mutation. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521
Added the requestPasswordResetEmail mutation, which triggers the password reset email for the provided email address. Fix submitted by Oleh Usik in pull request 27876. GitHub-28521
Added or updated topics on Klarna GraphQL in Klarna’s payment method andcreateKlarnaPaymentsSession

Images

HTML markup for thumbnail images has been improved. Fix submitted by Tu Nguyen in pull request 28642. GitHub-29468

Import/export

The error_report.csv file now downloads with content and is available inside the var/import_history/ directory as expected. Previously, this file was not generated after import.

Importing a product by using a CSV file now generates an error_report.csv file as expected. Previously, the applicationgenerated the file but removed it after the import completed. Fix submitted by Vadim Malesh in pull request 28460. GitHub-28420

Removed redundant class imports throughout the code base. Fix submitted by Oleh Usik in pull request 28696. GitHub-29012

The application now successfully imports customer addresses that contain a region for a country that does not have defined regions. Previously, the application threw this error: Please enter a valid region.

The application now loads the correct entity attribute set when a merchant selects an entity type when scheduling a new export.

The position of products in the catalog_category_product table now updates as expected when an administrator creates a product in the Admin and assigns it to a category. Previously, the position of new products was always assigned a 0 value.

Customer data is now successfully exported from the Admin, and the export data grid displays customer data as expected. Previously, an error related to memory allocation occurred during export.

Imported CSV files now capture related product information as expected. Previously, related product information was not consistently uploaded the first time the CSV file was imported.

Removed unused construct parameters in AdvancedPricing.php. GitHub-29531

Index

Magento_CacheInvalidate now handles large tag patterns correctly when doing a PURGE. sendPurgeRequest has been refactored to handle an array of tags instead of requiring the caller to use implode(). Fix submitted by Matthew O’Loughlin in pull request 26256. GitHub-26255

Shared indexers now show a status of valid after you run bin/magento indexer:status after re-indexing. Previously, shared indexers had an invalid status after a full re-index.

Infrastructure

Problems loading catalog and product pages on deployments running PHP 7.4.9 no longer occur. Previously, the application threw this error when you tried to load the catalog and product pages: There has been an error processing your request. Exception printing is disabled by default for security reasons. GitHub-29502

All exceptions that occur when layouts are rendered in production mode are now logged in the exception log file (var/report). Previously, the application logged these messages in the system log as critical issues.

Regular expressions now work properly for large pages as the result of an increase in ipcre.backtrack_limit and pcre.recursion_limit to approximately 1000000. Fix submitted by Mateusz Krzeszowiak in pull request 27270. GitHub-26026

Interceptor generation has been improved. } else { statements have been removed from interceptors, and array_map has replaced foreach. Fix submitted by Lukasz Bajsarowicz in pull request 27902. GitHub-28383

Array creation is now consistent throughout the class (app/code/Magento/Sales/Model/Order/Pdf/Items/Invoice/DefaultInvoice.php). Fix submitted by Nathan de Graaf in pull request 28515. GitHub-28795

Plugins have been migrated out of the framework to follow the best practice of prohibiting plugins in the Framework namespace. Fix submitted by Lukasz Bajsarowicz in pull request 27965. GitHub-27962

You can now use the new UrlFilterApplier component to apply filters on product,cms_page, and cms_block grids using the GET URL parameter. Fix submitted by Gabriel da Gama in pull request 28932. GitHub-1501

The application no longer throws an Undefined class constant error when an interceptor is generated. Fix submitted by Vova Yatsyuk in pull request 28797. GitHub-28981

Form data now persists when the application throws an integration exception when you save a integration using a name that is already in use. Fix submitted by Aditya Yadav in pull request 26660. GitHub-28143

The application no longer truncates X-Forwarded-For headers to 32 characters. Fix submitted by Ihor Sviziev in pull request 27221. GitHub-28693

The logic that checks if a redirect is internal now works correctly in the Admin when using a custom Admin domain. Previously, problems with this logic resulted in many Admin redirects to the homepage of the default store. Fix submitted by Vadim Malesh in pull request 29066. GitHub-28943

Problems with the styles-old.less file have been eliminated, and linting no longer identifies errors. Fix submitted by Tu Nguyen in pull request 28895. GitHub-24004

NonComposerComponentRegistration.php has been refactored. Fix submitted by Vitaliy Ryaboy in pull request 28975. GitHub-29308

ResourceConnection.php has been refactored to improve class readability. Fix submitted by Lukasz Bajsarowicz in pull request 29341. GitHub-29389

The README file for the build-in web server has been updated to include all Elasticsearch parameters. Fix submitted by Yevhenii Dumskyi in pull request 29300. GitHub-29299

The Magento\CmsUrlRewrite\Plugin\Cms\Model\Store\View::aftersSave plugin now returns a value as expected. Previously, this plugin did not return a value, and as a result, saving a store view resulted in an error. Fix submitted by Pieter Hoste in pull request 29035. GitHub-29034

Added the following support for magic methods for DataObject:
- new extension to support get/set/has/uns magic methods (with usage of __call)
- support for SessionManager, which forwards all calls to the DataObject container
- test coverage for extensions
- updated tests for Filtered Error check
- increased PHPStan check level from 0 to 1. Fix submitted by Oleksandr Kravchuk in pull request 27905. GitHub-28303

ScopeConfigInterface can now be more than a string. The restriction of magentoConfigFixture to string only was the inadvertent result of a previous pull request and has been reverted. Fix submitted by Kristof, Fooman in pull request 29305. GitHub-29345

The convertConfigTimeToUtc method no longer throws a fatal error due to sending incorrect parameters to the Phrase constructor. Fix submitted by Kos Rafał in pull request 29483. GitHub-29525

Price filters now work as expected on grid data when Magento\Backend\Block\Widget\Grid\Column\Filter\Price::getCondition and Magento\Backend\Block\Widget\Grid\Column\Filter\Price::getValue() return an array with indexes that contain from or to string data. Previously, the application threw this error: Notice: A non well formed numeric value encountered in vendor/magento/module-backend/Block/Widget/Grid/Column/Filter/Price.php on line 197. Fix submitted by Nikita Sarychev in pull request 29214. GitHub-29213

Added an extension point to support adding HTML to the category page. This corrects a bug that was introduced by a previous pull request. Fix submitted by iGerchak in pull request 29291. GitHub-29286

The layered navigation sidebar now shows Boolean attributes with both options (yes/no) and matching product counts. Previously, layered navigation did not return a no option for Boolean attributes in deployments using Elasticsearch.

The swatch layered navigation filter is now consistent with standard filters used throughout Magento Open Source. Fix submitted by Bartłomiej Szubert in pull request 28015. GitHub-28011

Logging

All broken reference errors are now logged when deployments are in developer mode only. Previously, one error was logged for deployments in production mode, too, which bloated error logs. Fix submitted by Bartłomiej Szubert in pull request 28735. GitHub-26504

Media Gallery

The Media Gallery configuration UI (Admin Stores > Configuration > Advanced > System ) has been reorganized. Fix submitted by Shankar Konar in pull request 29433. GitHub-28011

Added tests to cover the Used In links for an image in the Media gallery. Fix submitted by Nazar Klovanych in pull request 29392. GitHub-1969

MFTF

The AdminSubmitAdvancedInventoryFormActionGroup , AdminClickOnAdvancedInventoryLinkActionGroup, and AdminSetStockStatusConfigActionGroup action groups are now used within tests according to best practice. Fix submitted by Oleh USIA in pull request 29386. GitHub-29420

SearchProductGridByKeywordActionGroup is now used for search in the product grid. Fix submitted by Oleh Usik in pull request 29385. GitHub-29434

AdminCategoriesClickDoneButtonOnPopupActionGroup is now used to click Done on the Search Categories popup. Fix submitted by Oleh Usik in pull request 28989. GitHub-29380

LoginToStorefrontActionGroup is now used to replace a sequence of actions that is used for store front customer login. Fix submitted by Sathish Subramanian in pull request 28113. GitHub-28165

AdminUpdateCustomURLRewritesPermanentTest has been refactored to meet MFTF best practices. Fix submitted by Kate Kyzyma in pull request 28361. GitHub-28393

Test names have been changed to meet MFTF conventions. Fix submitted by Evgeny Levinsky in pull request 27839. GitHub-28305

New action groups

StorefrontCheckoutClickNextButtonActionGroup Fix submitted by Oleh Usik in pull request 29472. GitHub-29539

AdminProductFormSaveActionGroupFix submitted by Oleh Usik in pull request 29142. GitHub-29292

AdminSaveCategoryActionGroup Fix submitted by Oleh Usik in pull request 28993. GitHub-29388

AdminProductGridSectionClickFirstRowActionGroup Fix submitted by Oleh Usik in pull request 29000. GitHub-29295

AdminProductFormCategoryExistInCategoryListActionGroup and AdminProductFormCategoryNotExistInCategoryListActionGroup Fix submitted by Alexander Steshuk in pull request 28287. GitHub-28392

AdminExpandCategoryTreeActionGroup Fix submitted by Oleh Usik in pull request 29133. GitHub-29289

AdminTaxRateGridOpenPageActionGroup Fix submitted by Oleh Usik in pull request 29007. GitHub-29281

AdminNavigateNewCustomerActionGroup Fix submitted by Oleh Usik in pull request 29134. GitHub-29287

New tests

Added test for deleting a CMS page as an Admin user. Fix submitted by Dmitry Tsymbal in pull request 28112. GitHub-28202
Added the StorefrontShareCustomerWishlistActionGroup test for customer wish list sharing with invalid email addresses. The existing test for wish list sharing (StorefrontShareWishlistEntityTest) has been refactored. StorefrontCustomerShareWishlistActionGroup has been deprecated.

Added a test to check for the implementation of the Only X left Threshold configuration setting. Fix submitted by Oleh Usik in pull request 27549. GitHub-28755

Exporting the Newsletter Subscribers list using the EXCEL XML option now results in the export of all rows as expected. Previously, exported data included only the page pagination value, not all rows.

Newsletter subscription emails now use the same HTML tags as other newsletter-related emails. Fix submitted by Paweł Tylek in pull request 27357. GitHub-28165

Added a test for deleting a newsletter subscriber as an Admin user. Fix submitted by Dmitry Tsymbal in pull request 28972. GitHub-29032

Added tests for newsletter subscription for guests with a disallowed option in config statements. This test replaces deprecated VerifyRegistredLinkDisplayedForGuestSubscriptionNoTest and StorefrontCreateNewSubscriberActionGroup. Fix submitted by Dmitry Tsymbal in pull request 28872. GitHub-29039

Orders

The GetAssetIdByContentFieldInterface and its implementation on MediaContent modules now permits Adobe Stock Integration to extend MediaGallery filter functionality. Fix submitted by Gabriel da Gama in pull request 29058. GitHub-1464

The CustomerAddressId values for a newly created customer are now validated in quotes. Fix submitted by Andrii Kalinich in pull request 29139. GitHub-28793

The order status for a credit memo with zero total is now Closed. Previously, the applicationreported its order status as Complete. Fix submitted by Andrii Kalinich in pull request 29023. GitHub-22762

Payment methods

The application now displays a message that prompts you to enter mandatory credit card data when you click Submit for an Admin order without entering valid payment information. Previously, the Braintree card validator did not throw an error when payment input fields were invalid and the page became inactive.

You can now change the shipping method for an order you create from the Admin for a customer whose account has a stored credit card (Braintree). Previously, when you selected a different shipping method, the stored card was not selected, and the application did not place the order.

PayPal

The Order Review page of the checkout workflow now displays the correct shipping amount for PayPal through Braintree orders for which the shipping method has been changed during checkout. Previously, when a customer changed the shipping method on the PayPal Order Review page of the checkout workflow, the application did not update the order total with the correct method.

Merchants can now successfully cancel orders that were authorized using PayPal. Previously, the application did not cancel the order and displayed this error: Declined: 10601-Authorization has expired.

The application no longer empties your cart when you cancel an order by closing the PayPal payment popup window after first completing another order.

Performance

Three new configuration settings support a decrease in consumer queue CPU consumption. These optional parameters provide increased control over consumers and save server resources. See Configure message queues for a description of the maxIdleTime, sleep, and onlySpawnWhenMessageAvailable parameters.

Plugin list configuration is now generated during the execution of the di:compile command. This configuration information is written to generated metadata folders based on scope. Previously, this information was stored in cache. Resulting performance improvements include:
- Network cache size has decreased
- Execution time for many scenarios has been improved.

The application now loads the appropriate slider widget on demand, which has improved page loading. The touch slider widget customization has been moved to a separate file so it can be loaded only on compatible devices. The appropriate slider widget type is now loaded only when range binding is actually used on the page. Fix submitted by Mateusz Krzeszowiak in pull request 27616. GitHub-28807

The performance of checkout with multiple simultaneous orders has been improved.

Deadlocks no longer occur when the import process executes a bulk insert and the re-index process simultaneously executes a large insert from select. Previously, the application displayed this error: PDOException: SQLSTATE[40001]: Serialization failure: 1213 Deadlock found when trying to get lock. GitHub-8933

Reviews

A unique key for entity_pk_value-entity_type-store_id has been added to the review_entity_summary table, which prevents the creation of duplicate rows for the same product ID (entity_pk_value). Previously, this lack of unique key resulted in duplicate rows for the same product ID and SQL errors.

Sales

The application no longer assigns a status of Complete after invoicing an order that requires zero payment.

The New Shipment email generated by the REST API now contains the same shipping and customer information as shipments that are created manually from the Admin. Previously, this email did not contain the customer name, tracking information, products ordered, and other order information.

Guest user names are now visible as expected in invoice- and shipment-related emails when the emails are loaded or customized from the Admin.

The PDF invoice is now translated into the language of the store view where the order has been placed. Previously, the PDF invoice was translated in the language of the Admin.

You can now issue a refund as expected from the credit memo page. GitHub-29014

Localised region names that are displayed on the storefront Order page are now correctly translated. Previously, the region name was not based on the specified locale unless it was edited in the Admin.

Shipments created through the POST /rest/V1/shipment endpoint now update orders properly. Previously, the application created a shipment, but shipment status remained in the processing state.

Credit memos now display the payment method that is derived from the scope of the store in which the order was made. Previously, credit memos displayed the name as defined the default store scope. Fix submitted by Ledian Hymetllari in pull request 27582. GitHub-27570

Search

You can now search for products by attribute from the Admin Customer view using QuickSearch. Previously, an exception occurred on the catalog search result page.

The application now displays configurable products on the category page as expected after you add a product attribute.

Elasticsearch results now include the correct values for each store view’s attribute options. If a Dropdown or Multiple Select attribute has a different option value in the non-default store view than in the default store view, Elasticsearch now indexes that value or returns the product with that value in the results. Previously, Elasticsearch did not index that value or return the product with that value in the results.

Searching by SKU now works as expected in advanced search with Elasticsearch. Previously, when you tried to search by SKU, the application displayed this error message: We can't find any items matching these search criteria. Modify your search.

Advanced search no longer lets shoppers filter on negative prices. Fix submitted by Rohan Hapani in pull request 27359. GitHub-27358

Scope values are now reset as expected on the New Synonym Group form. Fix submitted by Sathish Subramanian in pull request 29206. GitHub-28947

Shipping

The application now calculates shipping table rates correctly after upgrade. Previously, shipping table rates were calculated based on net price, which excluded VAT.

The application now displays shipping rates in the correct currency in the checkout workflow for orders specifying FedEx as the shipping method.

Multi-page PDFs of shipping labels for orders shipped by UPS now display the correct count.

Problems with the JavaScript components of the Create Packages page have been resolved. Previously, the application did not display the Create Shipping Label checkbox on this page, and you could not create a shipping label for an existing order.

Sitemap

The sitemap in robots.txt is now store-specific. Fix submitted by Vadim Malesh in pull request 29331. GitHub-28901

Encoded values are now correctly escaped in the sitemap.xml file. Previously, when you included encoded characters in a product name or image title, the generated sitemap was invalid.

Store

Deleting a previously created store view no longer results in an error in deployments with a split database configuration. Previously, the application threw an exception.

You can now export config.php and default website code from one website to install and configure the application on a second website in a multi website deployment. Previously, the default store and view disappeared after the export, and errors occurred on the storefront.

Swagger

You can now generate a customer token with Swagger. Previously, Swagger did not generate a response code when valid customer access information was entered, and the application displayed this error: The account sign-in was incorrect or your account is disabled temporarily. Please wait and try again later. Fix submitted by Vadim Malesh in pull request 28822. GitHub-27098

Swatches

Configurable products with swatches now show tier pricing when a shopper clicks Edit in the cart. Previously, the application did not display tier prices in the cart before checkout. Fix submitted by Sathish Subramanian in pull request 29137. GitHub-28270

The application now displays tier prices as expected for configurable product variations.

Tax

The application no longer displays a fixed product tax attribute on the storefront for a product after a merchant has unassigned it from the product’s attribute set.

Test

PHPUnit 9 errors have been fixed in unit tests. Fix submitted by Anton Evers in pull request 29244. GitHub-29329

Added unit tests for approving a purchase order that was made with a discount that has since expired will place an order at full amount and not update the purchase order total. Fix submitted by Joan He in pull request 18. GitHub-204

SynchronizeFilesInterface is now covered by integration tests. Fix submitted by jmonteros422 in pull request 29493. GitHub-1742

A function has been added to \Magento\TestFramework\TestCase\WebapiAbstract that enables the comparison of large nested arrays of expected and actual outcomes in tests and permits testers to ignore irrelevant keys in the actual outcome. Fix submitted by Jekabs in pull request 29458. GitHub-29498

Corrected the inversion of expected value with actual value in app/code/Magento/Newsletter/Test/Unit/Model/SubscriptionManagerTest.php. Fix submitted by Lukasz Bajsarowicz in pull request 29271. GitHub-29283

Issues with the serialization and unserialization of static properties when running consecutive tests have been resolved. Fix submitted by Pavel Bystritsky in pull request 26175. GitHub-28319, GitHub-29313

Using ObjectManager for instantiating classes during test has been replaced with the new keyword in unit tests. Fix submitted by Lukasz Bajsarowicz in pull request 29272. GitHub-29346

Test coverage has been added for these cases of the updateCustomer mutation: invalid date of birth, invalid email address, and empty customer last name. Fix submitted by Alexander Taranovsky in pull request 28304. GitHub-28394

The ApiFunctional TestFramework GraphQL client now parses headers correctly. GitHub-26425

Theme

Themes that are added in User Agent Rules are now affected as expected when you run bin/magento catalog:images:resize. Previously, only themes that were assigned to stores were affected when bin/magento catalog:images:resize was run.

Translation and locales

The application no longer throws an error when an administrator changes the Date field during Admin product creation or save when the Admin locale is Chinese or Japanese. GitHub-24696

The application now checks area (frontend or adminhtml) before rendering inline translation markup. Previously, making an API call to POST /V1/integration/admin/token with bad credentials while inline translation was enabled results in the inclusion of inline translation markup around the error message in the API response. Fix submitted by Zach Nanninga in pull request 28856. GitHub-28656

Bulgarian regions have been added to the directory_country_region table. Fix submitted by Nikola Lardev in pull request 27957. GitHub-28215

The titles and buttons on the Admin Customers > Add New Address and Edit Product > Advanced Inventory modals can now be translated. Fix submitted by Sathish Subramanian in pull request 28174. GitHub-28201

The term FPT can now be translated on Admin Stores > Configuration > Sales > Tax > Fixed Product Taxes. Fix submitted by Vadim Malesh in pull request 28108. GitHub-5477

The Ship here button label on the checkout workflow shipping address modal has been changed to match the camel case used for other buttons. This case now matches the case that is used in the translation files. Previously, because of the mismatch in case, this label was not translated. Fix submitted by WK in pull request 28547. GitHub-28685

UI

The privacy and cookie policy link in the page footer is now displayed as an active link when the Privacy and Cookie Policy page is displayed. Fix submitted by Sathish Subramanian in pull request 28004. GitHub-27985

Fixed misalignment of the cursor in the Invoice Comments text area of the invoice associated with an order you have selected from Admin Sales > Orders.

The Create New Order page now displays Add Products By SKU and Add Products buttons as expected.

The application now displays the Edit Review page properly when a product rating is available for the selected product.

The application now correctly displays the Admin customer edit page on an iPhone running Safari.

Corrected unnecessary scrolling on the Create New Order page.

Directly clicking on the Export Tax Rates button of the Add New Tax Rule page (Stores > Tax Rules) now downloads the tax_rates.csv file as expected. Previously, merchants had to click on the edge of the Export Tax Rates button. This was a known issue in 2.4.0.

The Add selections to my cart button on the bottom of the shopping cart now works as expected. This was a known issue in 2.4.0.

The Refresh button of the Recently Viewed Products section of the Customer’s Activities page now works as expected. Previously, when you clicked Refresh, the product list was not refreshed, and the page scrolled.

The application now correctly displays the calendar icon used for selecting a customer’s date of birth on the Conditions tab of Customers > Segments > Add Segment.

The checkout summary section of the checkout workflow no longer flickers when a shopper scrolls through this page on Internet Explorer 11.x.

The application now correctly displays the Order by SKU widget on the storefront Category page. Previously, the HTML code for this widget was not rendered, and the application did not display the Load a list of SKUs link.

UI components that have been disabled using this.disabled(true) no longer appear on the storefront. GitHub-29098

The application now displays the recently viewed products widget properly in mobile view. Fix submitted by Tu Nguyen in pull request 27572. GitHub-27058

Changing the position of a product from the Admin is now reflected in the product position on the storefront. Fix submitted by Oleg Aleksin in pull request 28150. GitHub-28149

The login form style are now consistent with the style on other forms in the Blank theme. Unnecessary styles that set the width for container control wrap input fields have been removed. Fix submitted by Tu Nguyen in pull request 28084. GitHub-28059

The OK button on the mini cart delete product confirmation pop-up now behaves as expected. Fix submitted by Tu Nguyen in pull request 28083. GitHub-27095

Product gallery elements no longer blink during page load. Fix submitted by Mateusz Krzeszowiak in pull request 27871. GitHub-28339

The CSS class that controls field width is now applied as expected for the Start Time element throughout the Admin. Fix submitted by Shankar Konar in pull request 29511. GitHub-29496

The Terms and Conditions text label can now display longer text strings properly. Fix submitted by Bartłomiej Szubert in pull request 29413. GitHub-24060

The title of the order failure page has been rewritten for accuracy. Previously, when a shopper canceled an order, the application displayed a page with this title: We received your order!. Fix submitted by Angelo Romano in pull request 29410. GitHub-29416

The total number of canceled items on the canceled order view page is now correctly identified on the canceled order view page. Previously, this field was labeled Total Due. Fix submitted by Madhu Rajawat in pull request 27516. GitHub-26191

The toggle button on the create configurable product page now works as expected. Fix submitted by Tu Nguyen in pull request 28032. GitHub-22702

The advanced attribute properties block icon on the Advanced Attribute Properties page now behaves as expected. Fix submitted by Tu Nguyen in pull request 28032. GitHub-26022

The Admin section of the system configuration page now expands to display required fields as expected when you try to save configuration settings for a new module. Fix submitted by Bartłomiej Szubert in pull request 28285. GitHub-26427

Corrected behavior of the magnifier when mode is set to inside. Fix submitted by Sean van Zuidam in pull request 29077. GitHub-29076

Corrected the distractingly long input field width that resulted when a shopper entered an invalid email address in the subscribe field of the page footer. Fix submitted by Dipesh Rangani in pull request 27106. GitHub-27099

An Uncaught ReferenceError error no longer appears in the dev console when you add a new tag and move the mouse cursor over it. Fix submitted by Nazar Klovanych in pull request 29392. GitHub-1700

URL rewrites

Moving a store view to a different website no longer resets URLs. Previously, the applicationincorrectly regenerated CMS and product URL rewrites.

The application now preserves existing catalog URL rewrites as expected when a store view is assigned to a different store. Previously, the applicationdeleted the store-specific URL rewrites.

Varnish

Restarting Varnish no longer results in 503 errors. Fix submitted by Ihor Sviziev in pull request 28137. GitHub-24353

Vault

The application no longer saves credit card numbers when the Save for later use checkbox on the payment section of the checkout workflow is not selected.

Web API framework

Merchants with multiple websites can now use the REST API to create and update products while preserving image and image-role inheritance. Previously, when a merchant used the REST API to create and update products, and a product was updated for store view, the default image roles were loaded and saved for that store view. As a result, the store-view image roles stopped inheriting from the default scope after update.

An unscoped integration user account can now access a resource through the REST API when resource permissions allow access.

Search criteria filters now work as expected for product attributes that are used during the creation of a configurable product. GitHub-29126

Customer group ID is now validated for POST /rest/V1/customers requests. Previously, the application did not display an error message when you used an invalid group_id in these requests. Fix submitted by Vadim Malesh in pull request 28903. GitHub-28064

PHP sessions are not created by default for anonymous REST calls. Previously, sessions were started even when unnecessary. Fix submitted by Maciej Pawłowski in pull request 26032. GitHub-7213

Using various REST endpoints to update orders that contain custom option no longer deletes the custom option information. Previously, values in info_buyRequest were deleted. Fix submitted by Vadim Malesh in pull request 28483. GitHub-22431

Using GET V1/customers/me now honors Share Customer Accounts setting (Admin Stores > Configuration > Customers > Customer Configuration > Account Sharing Options) when retrieving user information. Fix submitted by Pavel Bystritsky in pull request 28213. GitHub-26089

Address-related extension attributes can be set as data arrays. Previously, the application threw an error when a POST request that contained extension_attributes was sent to estimate-shipping-methods. This bug, which was introduced by a previous commit, affected any extension attribute set on Magento\Quote\Api\Data\AddressInterface that were not objects. Fix submitted by Alexander Menk in pull request 27338. GitHub-26682

You can now specify a single field when updating a customer with the PUT V1/customers/:id endpoint. Previously, the endpoint required you to specify the customer email and other fields that are required to create a customer. Fix submitted by Vadim Malesh in pull request 28332. GitHub-21237

Wish list

Customers can now change the quantity of a product in a wish list from the wish list itself. Previously, the application did not update the product quantity and did not display a message.

Customers can now change the quantity of a grouped product in a wish list from the wish list itself. Previously, the application did not update the product quantity or display a message.

Polyfills for Map, WeakMap, FormData, and MutationObserver are now loaded only as needed. Fix submitted by Dmitry Tsymbal in pull request 28330. GitHub-28377

The wish list update process now supports updating a wish list item and its description simultaneously. Fix submitted by Eduard Chitoraga in pull request 28222. GitHub-28261

Added a test for sharing a customer’s wish list with more than the allowed number of emails. Fix submitted by Dmitry Tsymbal in pull request 28641. GitHub-28720

Administrators can now configure a configurable product that has been added by a customer to a wish list from a non-default store. Previously, when the customer had also added the configurable product from a non-default store, the application threw an error.

Added a test for sharing a customer’s wish list with more than the allowed number of emails. Fix submitted by Dmitry Tsymbal in pull request 28641. GitHub-28720

Added a test for deleting items from a customer’s wish list as an Admin user. Fix submitted by Dmitry Tsymbal in pull request 28632. GitHub-28721

Added a test for disabling wish list functionality. Fix submitted by Dmitry Tsymbal in pull request 28635. GitHub-28744

Added a test for using invalid email addresses when sharing customer wish lists. StorefrontShareWishlistEntityTest has been refactored. StorefrontCustomerShareWishlistActionGroup has been deprecated. Fix submitted by Dmitry Tsymbal in pull request 28330. GitHub-28377

Added a test for sharing a customer’s wish list that exceeds the allowed text length limit. Fix submitted by Dmitry Tsymbal in pull request 28812. GitHub-28969

Known issues

Issue: The new CAPTCHA feature for checkout does not work as expected on the Place Order page when using third-party payment providers. Merchants running 2.3.6 or 2.4.1 who have enabled CAPTCHA protection on the Place Order storefront page will see this error when checking out using a third-party payment provider such as PayPal: Please provide CAPTCHA code and try again. Workaround: A fix for this issue is now available. See the Magento Open Source v2.3.6/2.4.1 CAPTCHA in checkout not working Knowledge Base article. A fix will also be included in our next quarterly patch (Q12021).

Issue: Users without administrator privileges cannot currently set up their personal 2FA access. 2FA includes two ACL roles. One role affects global system configuration and it is needed only when configuring the system. The second ACL role affects individual user 2FA accounts. An admin user must configure this second type of 2FA ACL. Workaround: After the user has logged in and seen the Access denied screen, they can visit https://<magento store>/<admin_path>/tfa/tfa/requestconfig/ to force configuration. Note: We do not recommend disabling security settings. However, this workaround is effective only when Admin URL secret keys are disabled.

Issue: The Create an Account button on the Create New Account page remains disabled if a shopper has entered invalid data. This prevents shoppers from re-attempting to create an account after making an error. Workaround: Apply patch MC-38509. A fix will also be included in our next quarterly releases (2.4.2, 2.4.1-p1 and 2.3.6-p1), which are scheduled for release in Q1 2021. See the 2.4.1 and 2.3.6 create an account button disabled hotfix Knowledge Base article. GitHub-30513

Issue: Merchants cannot log in to dotdigital from the Admin in Safari when dotdigital is enabled. See the It’s impossible to login in the dotdigital via admin panel when dotdigital account is enabled Knowledge Base article.

Issue: Vertex address validation does not work during payment when the shopper selects a shipping address that differs from the billing address. The issue will be fixed in 2.4.2. See the 2.4.1 known issue: Vertex Address Validation message does not disappear after updating address Knowledge Base article.

Issue: The application displays an empty page when a merchant saves a dotdigital Page Builder form on the Safari browser. Workaround: Reload the page to apply your changes. See the 2.4.1 known issue: empty page after saving dotdigital Page Builder form Knowledge Base article.

Issue: Under certain conditions, the application automatically signs in customers to previously used Amazon accounts rather prompting them to log in during checkout with Amazon Pay. See the 2.4.1 known issue: unable to change Amazon account in Google Chrome Knowledge Base article.

Issue: The application briefly displays an error message on the billing page of the checkout workflow when PayPal Braintree payment and multiple addresses shipment are selected. See the 2.4.1 known issue: error popping up on Checkout with PayPal Braintree Knowledge Base article.

Issue: The application displays a non-informative error message when a guest customer tries to place an order with PayPal through Braintree when guest checkout is disabled. See the 2.4.1 known issue: non-informative error message during guest checkout using Paypal through Braintree Knowledge Base article.

Community contributions

We are grateful to the wider Magento Open Source community and would like to acknowledge their contributions to this release. Check out the following ways you can learn about the community contributions to our current releases:

If a community member has provided a fix for this release, we identify the fix in the Fixed Issue section of these notes with the phrase, “Fix provided by community member”.
The Community Engineering team Magento Contributors maintains a list of top contributing individuals and partners by month, quarter, and year. From that Contributors page, you can follow links to their merged PRs on GitHub.

Partner contributions

The following table highlights contributions made by Partners. This table lists the Partner who contributed the pull request, the external pull request, and the GitHub issue number associated with it (if available).

Partner

Pull Requests

Related GitHub Issues

magento/magento2#27903, magento/magento2#27902, magento/magento2#28606, magento/magento2#28601, magento/magento2#28605, magento/magento2#28351, magento/magento2#27965, magento/magento2#28856, magento/magento2#29271, magento/magento2#28992, magento/magento2#29341, magento/magento2#29272, magento/magento2#28599, magento/magento2#29376, magento/magento2#29202

magento/magento2#28383, magento/magento2#28850, magento/magento2#28376, magento/magento2#27962, magento/magento2#28656, magento/magento2#29283, magento/magento2#29159, magento/magento2#29389, magento/magento2#29346, magento/magento2#29453, magento/magento2#29477

magento/magento2#27622, magento/magento2#27270, magento/magento2#27871, magento/magento2#27690, magento/magento2#27619, magento/magento2#27618, magento/magento2#27357, magento/magento2#27356, magento/magento2#27616, magento/magento2#27860, magento/magento2#27617, magento/magento2#29054, magento/magento2#28838

magento/magento2#28110, magento/magento2#26026, magento/magento2#28339, magento/magento2#28340, magento/magento2#28381, magento/magento2#28382, magento/magento2#28166, magento/magento2#28433, magento/magento2#28807, magento/magento2#28823, magento/magento2#28811, magento/magento2#29087, magento/magento2#25934

magento/magento2#28714, magento/magento2#28743, magento/magento2#28710, magento/magento2#28757, magento/partners-magento2ee#288, magento/partners-magento2ee#271, magento/partners-magento2ee#277, magento/magento2#28890, magento/partners-magento2ee#285, magento/magento2#27850, magento/magento2#27917

magento/magento2#28584, magento/partners-magento2ee#28563, magento/partners-magento2ee#28566, magento/partners-magento2ee#28769, magento/magento2#26121, magento/partners-magento2ee#28834, magento/magento2#28705

magento/magento2#26704, magento/magento2#28113, magento/magento2#28174, magento/magento2#28039, magento/magento2#28004, magento/magento2#27567, magento/magento2#28264, magento/magento2#29137, magento/magento2#29206, magento/magento2#28250, magento/magento2#27977

magento/magento2#28165, magento/magento2#28201, magento/magento2#27985, magento/magento2#27091, magento/magento2#28308, magento/magento2#28270, magento/magento2#28947, magento/magento2#29344, magento/magento2#29097

magento/magento2#27429, magento/magento2#26256

magento/magento2#28306, magento/magento2#8815, magento/magento2#26255

magento/magento2#28015, magento/magento2#28735, magento/magento2#28285

magento/magento2#28011, magento/magento2#26504, magento/magento2#26427

magento/magento2#29300, magento/magento2#27905, magento/magento2#27582

magento/magento2#29299, magento/magento2#28303, magento/magento2#27570

magento/magento2#28810, magento/magento2#28902

magento/magento2#28982, magento/magento2#29327

magento/magento2#27990, magento/magento2#26660

magento/magento2#26118, magento/magento2#28143

magento/magento2#27064

magento/magento2#27063

magento/magento2#27359, magento/magento2#27106

magento/magento2#27358, magento/magento2#27099

magento/magento2#27516

magento/magento2#26191

magento/magento2#29301

magento/magento2#104

magento/magento2#28891

magento/magento2#29056

magento/magento2#28547

magento/magento2#28685

Individual contributor contributions

The following table identifies contributions from our community members. This table lists the external pull requests, the GitHub issue number associated with it (if available), and the community member who contributed the pull request.

Contributing community member

Pull Requests

Related GitHub Issues

Nazar Klovanych

Volodymyr Zaets

Volodymyr Zaets

Ajith

Tu Nguyen

Dzung Nguyen

Rohan Hapani

Mateusz Krzeszowiak

Mateusz Krzeszowiak

Serhii Dzhepa

Oleg Aleksin

Sathish Subramanian

Nikola Lardev

Marvin Hinz

Sathish Subramanian

Vadim Malesh

Dmitry Tsymbal

Tu Nguyen

Tu Nguyen

Alok Patel

Tu Nguyen

Tu Nguyen

Ajith

Tu Nguyen

Oleh Usik

Ivan Chepurnyi

Oleh Usik

Oleh Usik

Oleh Usik

Kate Kyzyma

Kate Kyzyma

Kate Kyzyma

Kate Kyzyma

Dmitry Tsymbal

Alexander Taranovsky

Nikolaj Malevanec

Oleh Usik

Alexander Taranovsky

Oleh Usik

Lukasz Bajsarowicz

Lukasz Bajsarowicz

Mateusz Krzeszowiak

Evgeny Levinsky

Mateusz Krzeszowiak

Mateusz Krzeszowiak

Mateusz Krzeszowiak

Alexander Taranovsky

Andrii Beziazychnyi

Alexander Taranovsky

Paweł Tylek

Paweł Tylek

Ihor Sviziev

Oleh Usik

Kate Kyzyma

WK

Eduard Chitoraga

Bartłomiej Szubert

Kate Kyzyma

Kate Kyzyma

Oleh Usik

Oleh Usik

Kate Kyzyma

Vadim Malesh

Lukasz Bajsarowicz

Lukasz Bajsarowicz

kishorekumarkesavan

Vitaliy Prokopov

Eduard Chitoraga

Abel Truong

Alexander Menk

Dipesh Rangani

Bartłomiej Szubert

Kate Kyzyma

Vadim Malesh

Oleh Usik

Oleksandr Melnyk

Petkovski Marjan

Dmitriy Gallyamov

Dmitry Tsymbal

Dmitry Tsymbal

Dmitry Tsymbal

Kate Kyzyma

Eduard Chitoraga

Oleh Usik

253, 246, 28519

Vitaliy Prokopov

Mateusz Krzeszowiak

Toan Nguyen

Nazar Klovanych

Lukasz Bajsarowicz

Pavel Bystritsky

Sathish Subramanian

Mateusz Krzeszowiak

Nazar Klovanych

Nathan de Graaf

Vadim Malesh

Vadim Malesh

Lukasz Bajsarowicz

Lukasz Bajsarowicz

Sathish Subramanian

quangdo-aligent

Kate Kyzyma

Kate Kyzyma

Kate Kyzyma

Kate Kyzyma

jiten-patel

Vadim Malesh

Mateusz Krzeszowiak

Vadim Malesh

Oleksandr Melnyk

Dmitriy Gallyamov

Petkovski Marjan

Michał Derlatka

Ulzii

Alexander Taranovsky

Alexander Taranovsky

Alexander Taranovsky

Alexander Taranovsky

Oleh Usik

Dmitry Tsymbal

Kate Kyzyma

Konstantin

Oleh Usik

Oleh Usik

Oleh Usik

Oleh Usik

Dmitry Tsymbal

Oleh Usik

Pierre Grimaud

Kate Kyzyma

Maciej Pawłowski

Vadim Malesh

Oleh Usik

Dmitry Tsymbal

Oleh Usik

Michał Derlatka

Dmitriy Gallyamov

Petkovski Marjan

Oleksandr Melnyk

Eduard Chitoraga

Paweł Tylek

Oleh Usik

Oleh Usik

Oleh Usik

Gabriel da Gama

Oleh Usik

Vadim Malesh

Andrii Kalinich

Vadim Malesh

Vova Yatsyuk

Vadim Malesh

Ihor Sviziev

Vadim Malesh

Nazar Klovanych

824, 972

Madhu Rajawat

Aditya Yadav

Nazar Klovanych

Nazar Klovanych

Oleh Usik

Michał Derlatka

Slava Mankivski

Max Mezhensky

Pavlo Sydorenko

Nazar Klovanych

Oleh Usik

Vadim Malesh

Paweł Tylek

Petkovski Marjan

Oleh Usik

Gabriel da Gama

Oleh Usik

Rafael Corrêa Gomes

Bartłomiej Szubert

Oleh Usik

Sean van Zuidam

Oleh Usik

Anton Evers

Zach Nanninga

Tu Nguyen

Ihor Sviziev

Andrii Kasian

jmonteros422

Sathish Subramanian

Oleh Usik

Oleh Usik

Vadim Malesh

Oleh Usik

Oleh Usik

lumnn

lumnn

Tu Nguyen

Tu Nguyen

RowenaS

John Carlo Octabio

Pavlo Sydorenko

Hazel Joie Caquicla

Lukasz Bajsarowicz

Anton Evers

Andrii Kalinich

Oleh Usik

Lukasz Bajsarowicz

Vitaliy Ryaboy

Anton Evers

Tu Nguyen

Oleh Usik

Maciej Pawłowski

Rani Priya

Sathish Subramanian

Oleh Usik

Nazar Klovanych

Matt Walters

Nazar Klovanych

Hazel Joie Caquicla

Nazar Klovanych

Hazel Joie Caquicla

Hazel Joie Caquicla

jmonteros422

Sergii Ivashchenko

jmonteros422

Nazar Klovanych

Oleh Usik

Oleh Usik

Lukasz Bajsarowicz

Vadim Malesh

Yevhenii Dumskyi

Nazar Klovanych

Eden Duong

Eden Duong

Pieter Hoste

Andrii Kalinich

Oleh Usik

Oleh Usik

Konstantin

Chris Snedaker

Chandru Rajendran

Ihor Sviziev

Ajith

Oleksandr Kravchuk

Ledian Hymetllari

Ihor Sviziev

Michał Derlatka

Yaroslav Rogoza

Hazel Joie Caquicla

Nazar Klovanych

jmonteros422

Nazar Klovanych

1747, 1704, 1702, 1699, 1694

Benjamin Rosenberger

Kristof, Fooman

Lukasz Bajsarowicz

Tu Nguyen

Vadim Malesh

Matthew O’Loughlin

jmonteros422

Sergii Ivashchenko

Oleh Usik

Tu Nguyen

Lukasz Bajsarowicz

Vitaliy Prokopov

Pavel Bystritsky

Nazar Klovanych

Nazar Klovanych

Oleh Usik

Sergii Ivashchenko

Nazar Klovanych

Oleh Usik

Vadim Malesh

yolouiese

Lukasz Bajsarowicz

iGerchak

Nikita Sarychev

Lukasz Bajsarowicz

Vitaliy Ryaboy

System requirements

Our technology stack is built on PHP and MySQL. For more information, see System Requirements.

Installation and upgrade instructions

You can install Magento Open Source 2.4.1 using Composer.

Migration toolkits

The Data Migration Tool helps transfer existing Magento 1.x store data to Magento 2.x. This command-line interface includes verification, progress tracking, logging, and testing functions. For installation instructions, see Install the Data Migration Tool. Consider exploring or contributing to the Data Migration repository.

The Code Migration Toolkit helps transfer existing Magento 1.x store extensions and customizations to Magento 2.x. The command-line interface includes scripts for converting Magento 1.x modules and layouts.

recommendation-more-help

Magento Open Source 2.4.1 release notes

Security patch available

Apply AC-3022.patch to continue offering DHL as a shipping carrier

Other release information

Highlights

Substantial security enhancements

Over 15 security enhancements that help close remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities

Additional security enhancements

Infrastructure improvements

Performance improvements

Adobe Stock Integration

New Media Gallery

GraphQL

PWA Studio

Functional Testing Framework (MFTF)

Vendor Developed Extensions

Fixed issues

Installation, upgrade, deployment

Adobe Stock Integration

Amazon Pay

Bundle products

Cache

Cart and checkout

Catalog

Cleanup

CMS content

Configurable products

Cookies

cron

CSS

Customer

Directory

dotdigital

Downloadable

Email

Frameworks

General fixes

GraphQL

Images

Import/export

Index

Infrastructure

Layered navigation

Logging

Media Gallery

MFTF

New action groups

New tests

Newsletter

Orders

Payment methods

PayPal

Performance

Reviews

Sales

Search

Shipping

Sitemap

Store

Swagger

Swatches

Tax

Test

Theme

Translation and locales

UI

URL rewrites

Varnish

Vault

Web API framework

Wish list

Known issues

Community contributions

Partner contributions

Individual contributor contributions

System requirements

Installation and upgrade instructions

Migration toolkits

Apply `AC-3022.patch` to continue offering DHL as a shipping carrier