Magento Rolls Out Second Update for 2020 (2.3.5)

Magento is starting 2020 with a bang with a January 28th release. A relatively small release compared to the ones we received in 2019, Magento 2.3.4 has some exciting updates.

With over 250 feature fixes, here is our assessment of the key ones:

• Page Builder templates
• Performance improvements
• 25 security enhancements
• Over 180 functionality fixes
• The deprecation of core payment methods, and more.

Making Page Builder Easier to Use

One of the biggest pain points with the Magento Page Builder feature was that you could not easily save and reuse layouts or compiled content pieces. That is solved with the introduction of templates.

Templates allow content authors to build out complex, full page layouts and even smaller sections of authored content and then save them as reusable templates. New pages, blocks, descriptions and more can then be created from these pre-built templates. This seemingly small feature makes the content creation workflow for marketers significantly more efficient and will reduce the time to publish those new pages and blocks.

Video backgrounds can be added to rows, banners and sliders to improve the experience for end users. Videos can be included from a CDN, YouTube or Vimeo and can be set to auto play if desired.

Performance and Site Improvements

Magento has tackled two key performance areas in this release: private content optimisation and Redis improvements.

In Magento 2, Private Content, like usernames, is handled via asynchronous calls made to the backend system and then cached in the users’ browser. This maintains privacy and improves website performance. Content management in the user browser has been optimised and improved to increase the performance and reliability of the displayed content.

The performance of the Redis cache has been greatly improved to reduce the size of data transferred between Redis and Magento and a reduction in the CPU cycles required by Redis. Redis is a key component of the cache for Magento so we should see some genuine site-wide improvements as a result of this update.

In addition to these performance updates, Magento 2.3.5 includes over 180 functionality fixes and improvements. These updates target a wide range of functionality across:

• Inventory Management
• GraphQL with Content Staging & Preview
• PWA Studio
• B2B bug fixes
• dotdigital for B2B merchants
• Analytics
• PHPStan code analysis
• ElasticSearch 7.5 support

25 Security Fixes

Magento is including 25 security fixes in this release, which is particularly important for clients needing to maintain PCI compliance. The window to maintain compliance starts from the General Availability of the 2.3.5 (or 2.3.4-p1 security only) release. Upgrade as soon as possible to maintain a secure platform.

In addition to these fixes, Magento is also adding the Content Security Policy (CSP) feature, which browsers such as Chrome, Firefox and Safari use to provide enhanced web site security. By default this is set to Report Only mode so developers can review the feature before enabling.

Session IDs are now being removed from all URLs to reduce the potential for session hijacking. While this won’t impact most clients, there may be some instances where developed features could break as a result of this change. This is a positive change to increase the overall security of the application.

Making Payment Method Deprecation

To add to the payment methods that have already been deprecated in previous releases (Authorize.net, CyberSource, eWay), Magento is deprecating the Worldpay core payment method.

The usage of core payment methods is no longer supported, with the exception of PayPal. All merchants are advised to switch to the extensions available on the Magento Marketplace for their payment provider.

More information on the deprecation of payment methods can be found here.