Magento 2.4.4 version was released on April 12, 2022. Overall it contain 240+ quality fixes and improvements. Its most important change is PHP 8.1 support. It includes all project libraries and dependencies. Another important thing is that it contain backward-incompatible changes. Magento team added a lot of hotfixes to improve security and patch known vulnerabilites. All vendor-bundled extensions have been removed from the codebase. Now you should install them from Marketplace.
Backward Incompatible Changes
The most important changes are following:
Removal of deprecated email variable usage.
Email variables was deprecated in earlier release. Currently its support completely removed. If you are still using newsletter templates that depends on variables – it wont work correctly anymore. Check Migrating custom email templates docs for additional information and possible ways to resolve it.
Language package filenames
2.4.4 and its support for PHP 8.1 requires changes in how translation packages are named. Language package filenames must now follow the naming conventions enforced by PHP 8.1. Consequently, lowercase letters are no longer permitted in the second part of the locale name.
Inventory check on cart load
A new “Enable Inventory Check On Cart Load” system configuration option has been added to Admin > Stores > Configuration > General > Catalog > Inventory > Stock Options. The new option determines if an inventory check is performed when loading a product in the cart. It is enabled by default. Disabling the inventory check can improve performance for checkout steps, especially when there are many items in the cart. But if this inventory check is skipped, some out-of-stock scenarios could throw other types of errors.
Complete list can be found here – Magento 2.4 backward incompatible changes.
2.4.4 release include a number of security improvements, like deprecated email variable usage, no integration tokens usage for API Bearer token auth, session IDS not stored in DB anymore, oAuth tokens and password reset tokens stored encrypted, enabling HTTPS mode by default for storefront, adding reCAPTCHA support for coupon codes and more.
Remember, that you are also responsible for your admin protection. We strongly recommend you to whitelist IPs that has access to admin panel, enable two-factor auth, do not use standard /admin
path and use strong password.
Be sure to check our guide to keep your magento 2 store secured
2.4.4 Release contain hundreds of fixes. Most important are:
- Magento Open Source now logs static content deployment errors in build log files as expected.
- Data patches can no longer ignore a table’s unique constraints and insert duplicate values into a MySQL database table. Previously, patches could insert duplicate values, which corrupted the database.
- Administrators can now log in to the Admin in a deployment for which a custom Admin path is configured and secret key is enabled.
- Form validation in the form of the
minattributes has been added to the cart quantity field to prevent negative values for bundle products.
- Magento Open Source now updates the category product cache as expected when a bundle product reappears in stock.
- Page cache no longer grows rapidly under typical use.
- Full-site page cache is no longer wiped out when you update a product from top categories or run an index to update product attributes or stock status.
- Magento Open Source no longer throws this error when a shopper adds a billing address that is missing a street field.
- Daily updates of catalog rules no longer result in performance degradation.
- The helper
Magento\Payment\Helper\Datano longer creates new layouts in constructors.
symfony/consoleno longer causes a failure when running
- Administrators can now retry operations that have been running over the maximum processing time. The default maximum is 12 hours.
Shoppers cannot add a product to their cart when no options are selected in Admin Configuration: Store > Configuration > General > Country Options > Allow Countries.
Magento Open Source instead displays this following console error:
Failed to load resource: the server responded with a status of 400 (Bad Request)