Magento 2.4.8: What’s New and Why It Matters for Your Store

Every great franchise knows the power of a well-timed sequel. Think The Dark Knight after Batman Begins, or The Empire Strikes Back following A New Hope. These weren’t just follow-ups; they elevated the story, deepened the characters, and set new standards.

Magento is writing its own saga in the eCommerce space with Adobe Commerce 2.4.8. 

This latest release isn’t just about ticking off patch notes or closing security loopholes. It’s a strategic move, a high-performance upgrade, that sets the stage for a more secure, scalable, and future-ready digital storefront.

Compared to its predecessors, Magento 2.4.8 strengthens core security, improves GraphQL & storefront performance, and ensures compatibility with PHP 8.4, making it more resilient, responsive, and robust than ever.

Whether you’re a developer behind the scenes or an eCommerce leader steering growth, staying aligned with Magento’s evolution will help enhance your store’s functionality, improve user experience, and stay competitive. 

Let’s explore how. 

The Building Blocks of Better eCommerce: Magento 2.4.8’s Enhancements, Updates, and Fixes

1. Strengthen Storefront with Security Updates

• Duo Security 2FA Update: The Duo Security two-factor authentication implementation has been updated in Adobe Commerce (Magento) 2.4.8 to utilize the latest SDK (Web SDK v4). This upgrade facilitates a seamless transition to Duo Universal Prompt. ​
• Encryption Key Management: The process for managing encryption keys has been redesigned for improved usability, addressing previous limitations and bugs. New CLI commands are now available for changing keys and re-encrypting certain system configurations, payment, and custom field data. However, changing keys via the Admin UI is no longer supported in this release, instead, the CLI commands should be used. ​
• One-Time Password (OTP) Settings: This update addresses an error introduced by a backward-incompatible change in version 2.4.7. The description of the OTP Window field now accurately explains the setting, and the default value has been changed from 1 to 29. ​

2. Boost Responsiveness with Performance Updates

• Default Indexer Mode: The default indexer mode for all indexers is now set to Update by Schedule during new installations or upgrades. This recommended configuration helps optimize performance and minimizes index-related issues.
  
• Bulk Tier Price Updates: The /V1/products/tier-prices REST API endpoint has been improved to handle bulk tier price updates more efficiently. Previously, large updates could lead to system slowdowns or unresponsiveness. This update resolves that bottleneck.
• Framework Upgrade: The league/flysystem Composer dependency has been updated from version 2.x to 3.x. This upgrade enhances system performance and ensures compatibility with the latest features and security standards. ​
• Require.js Update: Require.js has been updated to version 2.3.7, addressing security vulnerabilities and improving the efficiency of JavaScript module loading. ​
• TinyMCE Migration: The system’s WYSIWYG editor, TinyMCE, has been migrated from version 5 to 7.3.0. This update resolves previous security vulnerabilities and provides a more stable and feature-rich editing experience. ​

3. Improve Functionality and User Experience with GraphQL Enhancements

• Cart and pricing operations have seen significant refinements. New fields such as original_item_price, row_total_including_catalog_discounts_only, and grand_total_excluding_tax have been added to the CartItemPrices and CartPrices types, ensuring accurate pricing breakdowns. This is especially beneficial in scenarios involving catalog discounts. The pricing display for bundle products has also been corrected, enabling more consistent and reliable product pricing across customer touchpoints.
• Storefront configuration and product information have become more versatile. The StoreConfig type now includes the grouped_product_image and configurable_product_image fields, providing better control over how product visuals are rendered on the frontend. Additionally, the ProductInterface now exposes a quantity field, facilitating stock level visibility directly via API. This improvement helps store owners display real-time inventory availability based on their admin settings.
• Error handling and system feedback have been made more robust. The updateCartItems mutation now returns success responses with detailed error messages, helping users understand what went wrong without disrupting their entire cart interaction. Furthermore, stock-level errors are now clearly communicated through a new InsufficientStockError type, with messaging that includes the available inventory, reducing guesswork during purchase attempts.
• Customer and order management capabilities have expanded significantly. The CustomerOrder type now includes date_of_first_order, is_virtual, available_actions, and a customer_info field to provide better context around customer orders, including the ability to identify virtual products. Additionally, a new OrderItemPrices type has been introduced, mirroring cart-level pricing structures for order details. In the 2.4.8 version, Magento now supports merging guest orders with customer accounts based on email, streamlining repeat purchases and improving continuity for returning users.
• Address management is more flexible with support for custom address attributes added to the OrderAddress, guestOrder, and guestOrderByToken queries. This ensures more comprehensive address data is available, improving the order confirmation experience and backend processes.
• User account and security interactions are more intuitive. The generateCustomerToken mutation now delivers more specific feedback, especially when email addresses haven’t been confirmed. To support account creation and login workflows, a new resendConfirmationEmail mutation has been introduced. Moreover, the recaptchaV3Config query now includes a theme field, equipping better customization of the reCaptcha UI.
• Lastly, guest users now benefit from enhanced return and cancellation capabilities. The requestReturn mutation supports returns for guest orders, and a new confirmCancelOrder mutation enables guests to cancel their orders directly, streamlining post-purchase flexibility for non-logged-in users.

4. PHP Compatibility and Testing Enhancements 

• PHP 8.4 Compatibility Introduced: Magento 2.4.8 now supports PHP 8.4 across its core platform, bundled extensions, and Adobe-owned services & tools. This upgrade brings breaking changes to ensure future readiness.
• Continued Support for PHP 8.3: PHP 8.3 remains fully supported, providing a stable and recommended environment for running Adobe Commerce 2.4.8.
• PHP 8.2 Still Compatible (for Upgrades Only): While PHP 8.2 is still technically compatible, Adobe advises using it only during the upgrade process and not for ongoing operations.
• PHP 8.1 Support Removed: All Adobe Commerce libraries, dependencies, and extensions have dropped support for PHP 8.1. Therefore, users must migrate to a supported PHP version before upgrading to 2.4.8.
• Aligned with PHPUnit 10: This release enhances compatibility with PHPUnit 10. All Commerce Marketplace vendors and users with custom code are encouraged to ensure their unit and integration tests are updated accordingly.

5. Enhance System Reliability with Core Quality Improvements 

• Inventory Management: InventoryIndexer’s hidden reliance on Catalog has been eliminated, enabling the system to function without it. This change ensures that product creation, display mode switching, stock status updates, and related functionalities work as expected, eliminating inconsistencies caused by asynchronous entity synchronization.
• Order Management: To minimize confusion, the Submit Comment button label has been changed to Update on the order detail page, providing clearer communication for users. 

Additionally, this release includes over 500 quality fixes and enhancements, addressing various aspects of the platform to elevate existing functionality.

6. Removal of Deprecated and Outdated Libraries 

Magento 2.4.8 brings notable improvements by removing deprecated libraries and modernizing outdated components. 

• The legacy jQuery/fileUploader and extJs libraries have been replaced with modern solutions like Uppy and jsTree, providing better usability and functionality.
• The deprecated Elasticsearch 8 module has been phased out, encouraging merchants to adopt more robust and supported search solutions.
• Key frontend security updates include the upgrade of Prototype.js to mitigate ReDOS vulnerabilities and an update to Require.js (version 2.3.7) to address risks related to arbitrary code execution and denial-of-service attacks. 

These changes reduce technical debt, optimize loading performance, and create a more secure and developer-friendly environment.

7. Payment Gateway Updates

• Accurate package tracking is now sent for PayPal orders, enabling merchants and customers to view shipment updates directly in PayPal, improving transparency and trust.
• Local Payment Methods (LPM) now render correctly even when shipping and billing addresses differ, ensuring smoother checkouts for international buyers.
• Express payment methods like PayPal Express now work seamlessly with configurable products with virtual child items, expanding compatibility and streamlining checkout.
• The CVV verification issue that caused failed credit card payments has been resolved, leading to more successful transactions and a better customer experience.
• Vaulted cards and PayPal accounts now work across multiple websites without authorization errors, providing a consistent payment experience for multi-store setups.
• Transactions involving cross-border shipping now process without console errors, enhancing reliability for international checkouts.
• PayPal components now teardown properly when users move back from the payment step, preventing reload issues and maintaining a stable checkout flow.
• All shipping options are now visible directly within the PayPal Express modal, authorizing customers to complete checkout faster.

8. B2B Updates 

• Shared Catalog Enhancements: Restricted admin users can now consistently view & manage customers and all shared catalogs, as long as they have access to the relevant store, resolving earlier inconsistencies. Products assigned to a shared catalog via REST API are now visible on the storefront immediately after partial indexing, eliminating the previous need for full re-indexation.Additionally, the issue that triggered a “no such entity with id = 0” error when adding products to the cart with shared catalogs enabled has been fixed. Sitemaps have also been improved to include only those products and categories assigned to a public shared catalog or defined through catalog category permissions.
• Cart, Checkout & Purchase Orders: Approved purchase orders now reliably show the Place Order button, even when product variations have minimum quantity settings, solving a common order-blocking issue. Customers can now consistently view items in their cart when all B2B features are enabled. Also, the sales_clean_quotes cron job no longer deletes quotes that are part of purchase orders that haven’t been approved yet, preventing unintended data loss.
• Quotes & Pricing Display: The display of quotes has been refined to ensure consistency between mobile and desktop views, specifically by removing the unnecessary “Include Tax” line from the Negotiable Quote section. In the “My Orders” section, layout improvements have been made to eliminate extra borders caused by redundant container classes.
• GraphQL Support for B2B: You can now set custom_attributes while creating a company admin via a GraphQL request, making the B2B onboarding process more flexible. Additionally, GraphQL queries for categories now correctly return results with “allow” permission, even if the root category itself doesn’t have explicit allow access.
• Category & Product Permissions: Restricted categories and their contents are no longer shown on the storefront during catalog permission reindexation when using NoDDL, ensuring that unauthorized data isn’t temporarily exposed.
• Admin Panel & Reporting Fixes: The admin Company Grid now supports exporting filtered results to CSV without throwing errors. Furthermore, filter combinations like “Outstanding Balance” and “Company Type” can be used without breaking the export process. These improvements help backend teams manage and analyze company-related data more efficiently.

9. Fixed Issues 

• API Enhancements: The release resolved several REST and GraphQL API issues, including infinite loops in /V1/transactions when parent_txn_id equaled txn_id, incorrect handling of integer values in GraphQL, and SKU encoding issues in REST requests. It also fixed problems with order status updates and ensured proper handling of custom scalar types in GraphQL.
• Customer Account & Address Fixes: Magento 2.4.8 improved form validation by preventing code injection in name fields and fixed issues with saving customer addresses when the region field was hidden. It also resolved display and form-related bugs on the customer dashboard after login.
• Admin UI & Workflow Enhancements: The update fixed misalignment of action buttons in the admin UI, corrected product import behavior when using “Replace,” and enabled product image uploads with capital letter extensions. Indexer handling and display of constructor parameters using the devinfo command are also refined.
• Cart & Checkout Improvements: Several fixes were applied to the cart and checkout processes, including better error handling for product comparisons, corrected tracking for Google Tag transaction data, and proper rendering of email fields. Issues with coupon validation, shipping method loaders, and Instant Purchase logic for configurable products were also resolved.
• Catalog & Product Enhancements: Magento improved numeric field comparison logic, fixed GraphQL category filters to only fetch direct children, and ensured proper product sorting via GraphQL. The special price bulk update API is optimized for better handling of concurrent requests, and product category trees now reflect accurate display order.
• Payment & PayPal Fixes: Multiple PayPal-related fixes have been introduced, such as stable session IDs with L2 Redis caching, proper display of PayLater messages for Canadian users, and prevention of duplicate transactions when using Payflow. COD availability has also been refined to respect configuration settings by country.
• Promotions & Coupon Fixes: The platform now correctly displays customer attributes from invitations during account creation and reuses coupon codes immediately after failed payments. SQL errors in catalog rule indexing for large catalogs have also been resolved.
• SEO Enhancements: Magento 2.4.8 addressed URL rewrite bugs, especially for accented characters and third-level categories in multi-store setups. Thanks to a new setting for URL transliteration, product names with special characters no longer cause creation errors.
• Cloud & Performance Fixes: Server-side fixes include stable session handling, elimination of 500 errors during order creation with HTML minification, and improved sitemap generation that excludes unassigned products & categories.
• Test Framework Updates: Previously skipped integration tests have been re-enabled to increase test coverage. Additionally, in the 2.4.8 version, Magento has resolved JSON column type misidentification issues that led to integration test failures with MariaDB.

Related Read: Power Up Your Adobe Commerce Store to Boost Online Visibility

Everything to Tick Off Before Upgrading to Magento 2.4.8

Before upgrading to Magento 2.4.8, ensure the following system-level and application prerequisites are fulfilled for a smooth and error-free transition.

1. Update All Software Dependencies: Ensure PHP, Elasticsearch, Redis, MySQL, and other supported software meet the Magento 2.4.8 system requirements.
2. Search Engine Compatibility: Confirm that a supported search engine (like OpenSearch or Elasticsearch) is installed and configured.
3. Convert Database Table Format: Convert all database tables to InnoDB to avoid data corruption or upgrade failures.
4. Set Open Files Limit: Adjust OS-level settings to meet the minimum open file limits required for Magento.
5. Cron Jobs Configuration: Verify that Magento cron jobs are configured and running as expected for indexing, email, and other scheduled tasks.
6. Set DATA_CONVERTER_BATCH_SIZE: Define the appropriate batch size to avoid memory issues during data conversion.
7. File System Permissions: Ensure correct ownership and permissions are set for all Magento directories and files.
8. Set pub/ Directory as Web Root: Move your web server root to the pub/ directory for enhanced security.
9. Install the Composer Update Plugin: Use the official Composer plugin to streamline and validate the upgrade process.

Related Read: Magento 2.4.7 as an Upgrade Option for Your eCommerce Store

The Value of an Adobe Commerce (Magento) Partner in Your Upgrade Journey

While the Magento 2.4.8 release brings critical fixes and improvements, the upgrade process can be tricky and time-consuming. From aligning with updated system requirements to ensuring compatibility with third-party extensions, even small oversights can lead to major disruptions. Additionally, complexities like database conversions, server-level configurations, and file permission settings require a careful and methodical approach.

That’s where an experienced Adobe Commerce development partner, like Grazitti Interactive, steps in. Our experts can handle the technical nuances, minimize downtime, and ensure that your store transitions smoothly to the latest version without compromising performance or security.

Frequently Asked Questions (FAQs) 

Ques 1. Why should I upgrade to Magento 2.4.8?
Ans: Magento 2.4.8 provides enhanced security patches, performance improvements, bug fixes, and compatibility with the latest PHP and third-party extensions, ensuring a faster, safer, and more scalable eCommerce experience

Ques 2. What should I consider before upgrading to Magento 2.4.8?
Ans: Before upgrading, thoroughly review the official documentation. Read the Magento 2.4.8 Release Notes and the Upgrade Guide provided by Adobe. Check your system’s requirements and ensure that it supports PHP 8.3. Confirm that all third-party extensions and custom themes are compatible with Magento 2.4.8 and PHP 8.3. Perform a full backup of your Magento data. Schedule the upgrade during a low-traffic period, anticipating potential downtime. And if you lack the technical expertise in-house, consider engaging with an experienced Magento development agency to handle the upgrade.

Ques 3. What are the key steps to upgrade to Magento 2.4.8?
Ans: To upgrade to Magento 2.4.8, you need to review system requirements, update all software, configure the supported search engine, and convert database tables to InnoDB format. Next, set appropriate file limits, check cron jobs, configure DATA_CONVERTER_BATCH_SIZE, verify file permissions, and install the Composer update plugin.

Ques 4. Will my extensions be compatible after upgrading to Magento 2.4.8?
Ans: Not all extensions may function correctly right after the upgrade. Compatibility issues can arise due to changes in core code and dependencies. An experienced Adobe Commerce development partner can audit your existing extensions, update them as needed, or suggest alternatives to ensure your store continues to run smoothly without losing key functionality. 

Ques 5. Is it risky to upgrade Magento without expert help?
Ans: Yes, upgrading without proper experience can lead to downtime, broken custom features, or data loss. That’s why it’s recommended to work with a certified Adobe Commerce partner for a smooth and safe upgrade.

Ques 6. How can an Adobe Commerce development partner help with Magento upgrades?
Ans: A development partner brings deep platform expertise, handles pre-upgrade audits, ensures extension compatibility, creates backups, and manages post-upgrade testing, making the process seamless and risk-free.