Magento Commerce 2.1.10 Release Notes
- Security enhancements
- Fixed issues
- Community contributions
- System requirements
- Install the Magento software
- Upgrade from an earlier version
- Migration toolkits
Patch code and release notes were published on November 7, 2017.
We are pleased to present Magento Commerce 2.1.10. This release includes important enhancements to your Magento software.
Magento 2.1.10 contains over 50 security fixes and functional enhancements. Look for the following highlights in this release:
Improvements to how the PayPal Express Checkout payment method processes virtual products.
Multiple enhancements to product security. See Magento Security Center for more information.
Forty-four community-submitted bug fixes and multiple pull requests. These pull requests feature improvements in caching for configurable products (pull request 9809) and enhancements to the URL rewrite mechanism (pull request 10164).
Support for management of multiple instances in the same crontab. These two new CLI commands (
cron:remove) were submitted by community member adrian-martinez-interactiv4.
Magento 2.1.10 includes multiple security enhancements. Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.
See Magento Security Center for more information.
Installation, setup, and deployment
- Magento no longer creates an
i18ndirectory under the system root directory (
/) when you run the
php bin/magento i18n:packcommand to install a language pack. GitHub-6260
- Component Manager can now handle custom composer modules. Previously, when you opened System > Tools > Web Setup > Component Manager after using Composer to install a custom extension, a PHP error occurred, and Magento did not display the list of installed extensions. Fix submitted by JTimNolan in pull request 9692. GitHub-6718
- Custom theme static content now deploys without overriding static content files. Fix submitted by Pieter Hoste in pull request 10753. GitHub-7569, GitHub-3754, GitHub-4725
Cart and checkout
- You cannot check out as a guest customer until you delete any lingering long-term cookies by clicking Not me. Previously, in environments where Enable Persistence was set to Yes, you could log in as a guest and potentially complete an order that another customer had initiated.
- Magento now displays the checkout agreement validation for Terms and Condition acknowledgment after a customer has changed his or her payment method. GitHub-6224
- Magento now provides a Login button so that you can resume your checkout process if you return to the check out page after leaving it mid-order.
- Magento now displays the correct error message when a customer enters an invalid discount code during checkout. GitHub-7230
- Credit card information now persists as expected after a customer enters a promotion code during checkout. Previously, after a customer entered credit card information and a discount code, and then clicked Place Order, Magento emptied the credit card information fields.
collectRates()method now obtains full address details for registered customers when the customer opens the Checkout page with an existing shipping address.
- The quantity field for a product on the checkout page is now properly updated after you change the product quantity.
- Magento now includes disabled products when filtering product by price in the Admin. Previously, when you filtered products by price in the Admin, the total number of products was less than the unfiltered list of products.
- You can now sort the attribute table in the Add Attribute section of the Admin’s Product edit panel while you are adding an attribute to a product.
- Magento now correctly displays custom options at the store-view level. GitHub-2908, GitHub-5885, GitHub-5612
- Magento no longer displays a price for out-of-stock configurable products. Previously, Magento displayed a price of zero (0) when a configurable product was out-of-stock.
- Magento no longer pre-fills the Set Product as New from Date or Design Active Form dates when you assign a special price in Advanced Pricing. Previously, these fields were pre-filled with the creation date, and any product that was saved with a special price was also incorrectly set as new. Fix submitted by Pieter Hoste in pull request 10751. GitHub-4387, GitHub-7448
- Product page attribute labels are now translated as expected when languages other than English are used. Previously, these fields were empty. Fix submitted by Janusz Janczy in pull request 10932. GitHub-10738
- Magento now displays product alerts on the Product edit page of the Admin. Fix submitted by Raul Mateos in pull request 11448. GitHub-10007
- We’ve fixed an issue prices weren’t saved correctly when Catalog Price Scope was set to Website.
- Simple product videos now display the embedded video player instead of the thumbnail image. GitHub-6360, GitHub-8882
- You can now save a configurable product for which you’ve set the Weight value to this item has no weight. Previously, Magento displayed this error,
Notice: Undefined index: weight in \magento2ce\app\code\Magento\ConfigurableProduct\Model\Product\VariationHandler.php on line 154.
- Magento now displays tier prices of simple or virtual products on the configurable products page. GitHub-3759
- Fixed an issue with the PHP
getPrice()method that resulted in various frontend errors, including a fatal error when you try to view a shopping cart that contains an out-of-stock product. Fix submitted by Pieter Hoste in pull request 10750. GitHub-10206, GitHub-5519
- You can now save a value for an attribute that is shared between related, upsell, or cross-sell products that have different attribute sets. Previously, when a configurable product had another configurable product with a different attribute set as a related product, cross sell, or upsell, and both attribute sets share a multiselect attribute, the value for that multiselect attribute could not be updated for the product.
- We’ve fixed the behavior of the configurable attributes cache. Previously, when Magento loaded configurable attributes, it then stored results in the cache. If Magento subsequently tried to load results from the cache, the
hasCacheDatamethod always returned false. Fix submitted by Teun Lassche in pull request 9809. GitHub-6999
- Magento now displays the correct configurable product price based on the website to which it is assigned. Previously, Magento displayed the lowest price for the product, no matter which price was assigned to the product on a particular website.
- We’ve fixed an issue with session behavior that resulted in different customer sessions being shared between different customers on two websites.
- You can now successfully reset a customer password when the Website Restrictions setting is enabled. Previously, Magento redirected you to
customer/account/login/, from which you could not change a password.
- Additional Admin users with roles scoped to only one of multiple websites cannot edit CMS pages. Previously, under these circumstances, Magento directed the Admin to an error page.
- In environments running Varnish, the menu item of the active category page is now handled as the active class as expected. Previously, activating cache interfered with Magento setting the appropriate CSS class to active in environments where Varnish was enabled. GitHub-6609
- Magento no longer displays an empty minicart when you disable full page cache after login. Fix submitted by Ihor Sviziev in pull request 10050. GitHub-5377, GitHub-4170, GitHub-6882
- You can now create a product attribute text swatch with a value of “0” (zero). Previously, Magento displayed the error,
Admin is a required field in the each row. Fix submitted by Ihor Sviziev in pull request 10282. GitHub-9619, GitHub-10266
validate-emailerror string can now be translated. Fix submitted by Pieter Hoste in pull request 10745. GitHub-6622
- Vimeo videos in product gallery now work over HTTPS. Fix submitted by Pieter Hoste in pull request 10748. GitHub-7311, GitHub-8574
- We’ve fixed the problem with the missing HTML
spantag in the base template file (
app/code/Magento/Review/view/frontend/templates/form.phtml). Fix submitted by Bartek Igielski in pull request 10934. GitHub-6081
- We’ve improved the responsiveness of Magento 2.1.8 with Sample Data’s categories containing text containers. Fix submitted by Paweł Szafrański in pull request 10929. GitHub-10510
- The WYSIWYG editor no longer displays broken image icons. Previously, this issue occurred on CMS pages and blocks as well as products and categories. Fix submitted by Pieter Cappelle in pull request 11309. GitHub-10417
- You can now use the Admin to create a return after you’ve added a new return attribute. Previously, the new attribute was not visible, and the return could not be submitted. Magento also displayed this error:
Uncaught Error: cannot call methods on modal prior to initialization; attempted to call method openModal.
- You can now remove custom customer and customer address attributes from the Use in Forms list.
- Magento no longer produces a DOM schema validation error in developer mode. Fix submitted by Andre Flitsch in pull request 9718. GitHub-4731, GitHub-7827
- PageCache no longer produces an
Uncaught TypeError: element.prop is not a functionerror when the page contains an iframe. Fix submitted by @ajpevers in pull request 10218. GitHub-6818
- You can now generate unsecure URL if current URL is secure. Fix submitted by Arshad M in pull request 10188. GitHub-6175
- We’ve fixed an Ajax issue that prevented Add to Cart and Remove from Cart events from firing in Google Tag Manager as expected.
- Magento no longer fails if the CSV file being imported does not contain the
bundle_valuescolumn during an import process that includes bundle products.
- Magento now allows you to import multiple alternative images with multiple labels that include commas in the description.
- Customer imports can still complete when the error count is below the set value in Allowed Errors Count, and import behavior is set to Skip Error Entries.
- Magento now completes order processing if the customer needs to re-enter credit card information during the order process. Previously, Magento returned this error,
No such entity with customerId = 0, and the order did not complete.
- You can now receive shipping quotes from either the Admin panel or the storefront.
- In orders with separate billing and shipping addresses, when you change the billing address but neglect to click Update before clicking Place order, Magento will not place the order until you click Update. Previously, under these conditions, Magento replaced the edited billing address with the shipping address.
- We’ve fixed a
PayPal.jserror that occurred when you tried to check out an order that contained a downloadable product.
- PayPal Express checkout now handles virtual products as expected. Previously, the checkout page redirected you to the review order page, and Magento displayed the Can’t place order message. Note: This is not associated with PayPal’s strategic decision to stop supporting sales of digital goods through PayPal Express Checkout as of January 2017. GitHub-10615
- Payment methods now retrieve new order status from config as expected. GitHub-5860
- Magento now handles tracking for FedEx shipments with valid tracking numbers as expected. Previously, Magento displayed an error when you clicked Track this Shipment, even when the tracking number was valid.
- Shipping method radios have duplicate IDs on cart page. Fix submitted by @peterjaap in pull request 11456. GitHub-10795
- Shipment API won’t append comment to email. Fix submitted by @JeroenVanLeusden in pull request 11386. GitHub-11207
- Search synonyms in a group now can declare several words as synonyms. For example, “Elon Musk,tesla” is a valid synonym group, and a search on the phrase “Elon Musk” will also show results for the “tesla” keyword. Previously, you could declare synonyms for each word (for example, “Elon,Musk,Tesla”), but these words didn’t work as a phrase. Synonyms are also now case-insensitive.
- We’ve enhanced the performance of the Elasticsearch catalog searches.
- You can now use QuickSearch to search multiselect text values.
- Search by attribute now works as expected with Elasticsearch.
- The Set Product as New checkbox now works as expected.
- Magento now saves scheduled updates for products with custom options as expected.
- Scheduled updates now display the correct price for a product. Previously, Magento displayed the “as low as” price for a product in the scheduled update, but the preview option displayed the regular price.
- When you set up Scheduled Update to new for a configurable product, Magento removes all simple variations from the configurable product as expected once the update takes effect. Previously, scheduled updates removed all simple variations from a configurable product.
- The Set Product as New checkbox now works as expected. Previously, Magento did not display the product as new on the frontend, and the checked box reverted to unchecked when you saved your changes.
- You can now save scheduled changes when running a store with a Japanese locale. Previously, Magento displayed this error,
error: : Future Update Start Time cannot be earlier than current time.
- Product attributes’ labels are not translated on product edit page. Fix submitted by Fernando Fauth in pull request 10184. GitHub-1980
- Slash as category URL suffix gives 404 error on all category pages. Multiple URLs causes duplicated content. Product URL Suffix “/” results in 404 error . Custom URL Rewrite where the request path ends with a forward slash is not matched. Fix submitted by Ihor Sviziev in pull request 10164. GitHub-3872, GitHub-1980, GitHub-4660, GitHub-4876, GitHub-8264
- Visual Merchandiser now retains page view options and position after you remove a product. Previously, when you removed a product from a category, and you weren’t on the first page, Magento returned you to the first page.
- We’ve improved the performance of editing or saving products in large categories (more than 18,000 products per category).
- Unconfigured bundle products that are included on a wishlist can now be edited or added to a cart. Previously, Magento displayed a 503 error when you either tried to edit or add to the cart any bundle products that were on a wishlist.
- The wishlist now displays the correct price for bundle products.
We are grateful to the wider Magento community and would like to acknowledge their contributions to this release.
The following table identifies contributions from our community members. This table lists the external pull requests, the GitHub issue number associated with it (if available), and the community member who contributed the pull request.
Our technology stack is built on PHP and MySQL. For more information, see System Requirements.
Install the Magento software
See one of the following sections:
- Get Magento Commerce using Composer
- Get Magento Commerce using a compressed archive
- Complete the installation
Get Magento Commerce using Composer
Magento Commerce (formerly Enterprise Edition) is available from
repo.magento.com. Before installing the Magento Commerce software using Composer, familiarize yourself with these prerequisites, then run:
composer create-project --repository=https://repo.magento.com/ magento/project-enterprise-edition=<version> <installation directory name>
2.1.1, and so on
For example, to install 2.1.1 in the
composer create-project --repository=https://repo.magento.com/ magento/project-enterprise-edition=2.1.1 magento2
Get Magento Commerce using a compressed archive
The following table discusses where to get the Magento software. We provide the following downloads:
- Magento Commerce software only
- Magento Commerce software with sample data (designed to help you learn Magento faster)
These packages are easy to get and install. You don’t need to use Composer, all you need to do is to upload a package to your Magento server or hosted platform, unpack it, and run the web-based Setup Wizard.
Archives are available in the following formats:
To get the Magento Commerce archive:
- Go to your account on magento.com.
- Log in with your Magento username and password.
- In the left navigation bar, click Downloads.
- In the right pane, click Magento Commerce 2.X > Full Release or Magento Commerce 2.X > Full Release + Sample Data for the software.
Follow the instructions on your screen to complete the Magento Commerce download:
Magento-EE-<version>.*(without sample data)
Magento-EE-<version>+Samples.*(with sample data)
- Transfer the installation package to your development system.
Complete the installation
After you get the Commerce software:
Upgrade from an earlier version
To upgrade to Magento Commerce 2.1 from an earlier version, see Upgrade to Magento version 2.1 (June 22, 2016).
The Data Migration Tool helps transfer existing Magento 1.x store data to Magento 2.x. This command-line interface includes verification, progress tracking, logging, and testing functions. For installation instructions, see Install the Data Migration Tool. Consider exploring or contributing to the Magento Data Migration repository.
An updated version of this toolkit is typically available several days after the patch release.
The Code Migration Toolkit helps transfer existing Magento 1.x store extensions and customizations to Magento 2.0.x. The command-line interface includes scripts for converting Magento 1.x modules and layouts.
Dear community members, thank you for your suggestions and bug reports.