magento 248

As always, Magento 2.4.8 releases include a lot of fixes, features and improvements aimed at one thing — making Magento a better platform for your online business. And the are really worth your attention. 

Read about the latest changes before you download Magento and upgrade it to the latest version.

Magento 2.4.8 Release Notes

Let's skim through all the improvements and fixes in this release to find out how they could impact your store performance.

Security

There are two main security improvements in this release:

  • New CLI command for changing the encryption keys to improve usability and eliminate previous bugs.
  • Improve one-time password settings.
  • The Duo Security 2FA in Adobe Commerce now uses the latest SDK (Web SDK v4).

Platform

To ensure the platform meets the modern demand, it should be compatible with all modern technologies.

  • Added compatibility with the long-term support (LTS) versions of MariaDB 11.4 LTS and MySQL 8.4 LTS
  • Removed compatibility with PHP 8.1 for Adobe Commerce in this release. You must upgrade to PHP 8.3 or PHP 8.4 to use Magento 2.4.8, although the PHP 8.2 is still compatible.
  • The passing null to non-nullable internal function parameters in PHP 8.2 have been deprecated. Besides, they address all deprecated PHP 8.1 features to make ensure compatibility with PHP 8.2.
  • Magento 2.4.8 is no longer compatible with the ElasticSearch. Instead it's optimized for OpenSearch 2.x.

Performance

To improve performance and reduce potential issues Adobe changed the default indexer mode for all indexers. It's **Update by Schedule** now when you install a new Commerce version or upgrade from a previous version.

Besides, the system allows you to bulk update prices more efficiently through the /V1/products/tier-prices REST API endpoint now.

GraphQL

This Magento 2.4.8 release introduces a lot of GraphQL changes regarding general settings, customer and order management. So, let's focus on the main ones.

  • Resolved pagination issue so the cart items data is retrieved more accurately.
  • Implemented new cache invalidation mechanisms for data consistency across the platform.
  • Implemented a multi-field sorting for more flexible and precise product queries. 
  • Added support for the custom scalar types to make sure data is represented more accurately.
  • Improve GraphQL data fields so that the discounts and tax calculations are more accurate when querying a product.
  • Enhanced messaging for stock availability so the error responses are clearer.

Braintree

The Magento 2.4.8 release offers an express payment experience with the Braintree extension. Since shipping methods are available directly in the PayPal modal, customers can checkout in a few clicks.

This way shipping options are calculated based on the shipping address saved within the PayPal account. So there is no need for customers to choose the shipping method once they land on the review page.

Additionally, when an order made through PayPal is shipped, the Braintree now sends the tracking number and carrier to both the merchant's and the customer's PayPal account. 

Regarding Apple Pay and Google Pay, cart line items are now displayed directly within the Apple Pay and Google Pay modals.

Fixes

Besides multiple features, there are also a few key features that improve the usability and performance of the platform. The main ones are:

  • Resolved issue with the coupon code input field being disabled on checkout for downloadable and virtual products, preventing users from applying coupons.
  • Fixed the issue with the loader blocking shipping methods on checkout if the user changed the postcode in the shipping address (under the condition that the shipping methods were used without the shipping rate validation rules).
  • Resolved and 404 page issue of customer dashboard after login.
  • Fixed the issue with the rejected product photos if they contain capital letter file extensions.

Magento 2.4.8-p1 Release Notes

The 2.4.8-p1 release focuses on fixing security vulnerabilities and improving performance. It:

  • Restores access to CMS blocks for admin users who couldn't reach them in the previous version.
  • Prevents asynchronous processes from overwriting existing orders.
  • Fixes the vulnerabilities in the email templates.
  • Makes cookie limits follow the MAX_NUM_COOKIES constant correctly.
  • Addresses the category canonical security issue.
  • Optimises the performance of the bulk asynchronous API requests.

Magento 2.4.8-p2 Release Notes

This release focuses on the critical security issues, specifically:

  • Cross-site request forgery
  • Authorisation flaws that potentially allowed unauthorised file system access
  • Cross-site scripting in the admin sessions
  • Improper input validation

Update To The Latest Version

Every security patch contains vital fixes and improvements addressing Magento security vulnerabilities. So, it's recommended to update Magento to the latest version as soon as it's released. However, make sure you do the upgrade correctly, not to miss anything or alter the current store set-up and extensions.