Magento Commerce (Cloud) 2.2.0 Release Notes

We are pleased to present Magento Commerce Cloud 2.2.0 General Availability. This release includes numerous functional fixes and enhancements.

To fully upgrade Magento Commerce Cloud, see Upgrade Magento Commerce (Cloud). Specific steps and vital information for upgrading from 2.0.X and 2.1.X are included. For specific changes for deployments, see Changes in Deployment.

For current Magento Commerce Cloud release information, see Release notes for ece-tools.


Magento Commerce Cloud 2.2.0 includes a wealth of new, exciting features, and hundreds of enhancements and fixes. For full Magento Commerce Cloud highlights and updates, see Magento Commerce 2.2.0 Release Notes.

Look for the following Magento Commerce Cloud highlights in this release:

  • B2B Commerce functionality is designed to meet the needs of merchants whose primary customers are companies, rather than consumers. Companies can create and maintain their own accounts, each with teams of buyers with various roles and levels of permission. B2B Commerce functionality also includes a flexible API that integrates with a variety of ERP solutions from Magento partners. B2B is supported for Magento Commerce Cloud Pro subscriptions. See B2B Quick Tour for an overview of the rich B2B feature set we’re introducing in this release, and Getting Started with Magento Commerce for B2B for a more complete exploration of these new features.

  • Magento Commerce Starter. In addition to our Pro plan, Magento Cloud (Commerce) now comes in a smaller, Platform-as-a-Service version — Magento Commerce Starter. For an overview of these plans, see Welcome to Magento Commerce Cloud. For specific information on Starter, see Starter architecture and develop and deploy workflow.

  • Staging and Production environments in the UI for Pro projects. Starting October 23, 2017, all projects created using the free 30-day trial or provisioned for new accounts includes Staging and Production environments in the Project Web Interface.

  • 30-day free trials available for Starter and Pro projects. Starting October 23, 2017, we provide trials for Start and Pro projects. We auto provision your project, configuring basic settings to get you started. You can access a new Onboarding Portal to get started with your project. For more information, see Subscriptions and plans.

  • Improvements to the Magento Commerce Cloud deployment process. This release includes new build and deployment variables. Users of earlier versions of Magento Commerce Cloud will note that MCC has been replaced by ece-tools and ece-patches, which allows for patching your Magento Commerce Cloud without requiring a full installation of base code and the patch. For more information, see Magento application environment variables, Composer, and Changes in Deployment.

  • Upgraded technology stack. Magento Commerce Cloud recommends Fastly 1.2.33 and dropped support for PHP 5.6 and Varnish 3. We now support PHP 7.1 and Varnish 5, along with Redis 3.2 and MySQL 5.7. All third-party libraries have been upgraded to the latest stable version.

  • Pipeline deployment, a new deployment process, enables build and deployment stages to minimize production system downtime for site updates. This deployment expands on the previous Configuration Management for Magento Commerce Cloud. To learn more, see Configuration Management and Pipeline Deployment.

  • Bundled extensions. This release of Magento includes the first third-party extension that we are bundling with Magento Commerce – Magento Social. This extension establishes a connection between your store and your corporate Facebook account, and creates a page with products from your catalog. When shoppers click a product, they are redirected to the corresponding product page in your Magento store.

  • Integrated Signifyd fraud protection. You can learn more about this fraud protection service, which can help merchants eliminate liability for any losses or fees from fraudulent orders, in Signifyd fraud protection.

  • Significant enhancements in platform security and developer experience. Security improvements include the removal of unserialize calls and protection of this functionality to increase resilience against dangerous code execution attacks. We have also continued to review and improve our protection against Cross-Site Scripting (XSS) attacks.

  • Performance gains from improvements in indexing, cart, and cache operations. Customers can browse and shop on a storefront while indexers are running with no visible impact to their experience. Additionally, long-running indexers operate in batches to better manage memory and run times. Cart improvements enable a buyer to create a cart with more than 300 line items, and merchants can process a cart with at least 300 line items. Varnish cache configuration now includes saint and grace mode to ensure Varnish is always presenting a cached page to a shop’s customers. Enhancements to cache invalidation logic and optimization of edge side include blocks for frequently changing data that significantly boost cache hit ratios.

  • Substantial contributions from our Community members. Our Community Engineering Team has been working with skilled and enthusiastic community members, and together they’ve added hundreds of pull requests to the Magento code base. For more information about our Community Engineering Team. see Magento Community Engineering.

Looking for more information on these new features as well as many others? Check out Magento Developer Documentation.

Security enhancements

Magento 2.2.0 includes multiple security enhancements. Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions, so we recommend that you upgrade your Magento software to the latest version as soon as possible.

In general, we’ve removed serialize/unserialize from most the code to improve protection against remote code execution attacks. We’ve enhanced protection of code where use of object serialization or unserialization was unavoidable. Additionally, we’ve increased our use of output escaping to protect against cross-site scripting (XSS) attacks.

Contact us for more information.

Known issues

For all known Magento Commerce 2.2.0 GA issues, see Magento Commerce 2.2.0 Release Notes.

Fixed issues

This release contains numerous fixes and enhancements. This section includes only fixes for Magento Commerce Cloud. For all known Magento Commerce 2.2.0 GA issues, see Magento Commerce 2.2.0 Release Notes.

  • We removed var/view_preprocessed symlinking to fix an issue that was causing JavaScript minification conflicts.
  • You can now generate sitemap.xml and robots.txt normally through the Magento Admin panel, without needing to move the file and have a redirect entered. If you are upgrading to 2.2, please enter a [Support ticket] to have any redirects removed for sitemap and robots.txt.
  • Newly provisioned Magento Commerce Cloud receive an email to change the Magento Admin password. For enhanced security, we generate a random password for the username “admin” and send an email to the Project Owner to properly set up Admin access for Starter master Production environment and the Pro Integration master environment.
  • We added additional environment variables and updated build and deploy hooks to

  • When upgrading to Magento Commerce Cloud 2.2.0, you will need to update your file and Configuration Management config.local.php file. See Upgrade Magento Commerce (Cloud).

  • We provide updated build and deploy variables. For details, see Magento application environment variables.

  • We’ve added support for the latest version of Redis and for PHP-Redis 3.1.3. For more information on this update, and for guidance on Redis troubleshooting on Magento Commerce Cloud, see Redis troubleshooting.

  • Magento now correctly displays customer address during account creation. Previously, when you selected a default billing address during creation of a new customer account, Magento would not display the address.
  • When you delete an image in Admin, Magento no longer deletes it on the server. Previously, Magento deleted it from the server as well, which caused errors for other products (example error message: Cannot gather stats! Warning!stat(): stat failed for).
  • We’ve fixed errors in processing valid orders using a PayPal account that had been previously used to pay for a valid order that had problems during checkout.

Changes in Deployment

When upgrading to Magento Commerce Cloud 2.2, consider the following changes in deployment:

  • ADMIN_EMAIL variable must be set. We require the ADMIN_EMAIL environment variable configured for deployments. You can set this variable through the Project Web Interface. This is required for new installations and upgrades. For instructions, see Add admin variables for Admin access.

  • Update and include config.php and add a list of all modules. If you use Configuration Management with a config.local.php file, you must create a config.php and add it to your code. For instructions, see Configuration Management and upgrading.

  • The command for generating config.php changed in 2.2 from php bin/magento magento-cloud:scd-dump to php vendor/bin/m2-ece-scd-dump.

  • has new build and deploy hooks. As part of your upgrade, you should update the file with new build and deploy hooks and a set of environment variables. All actions completed by build and deploy are completed by these hooks. For instructions, see Update For additional technical information, we have removed pre-deployment tasks, refined build and deploy tasks, and modified build and deploy variables.

  • The deploy variable GENERATED_CODE_SYMLINK has been removed. The generated folders var/generation and var/di have been moved to a generated/ read-only directory. The folder var/generation is now generated/code and var/di is now generated/metapackage.

  • With the removal of GENERATED_CODE_SYMLINK, you cannot execute setup:di:compile directly on a server.

  • Modified and updated available build and deploy variables. For a full list, see Magento application environment variables. For 2.2, we have removed skip_di_compilation and skip_di_clearing from build-options.ini. These cannot be run for 2.2 in the build phase.

  • For 2.2.X, we no longer enable all of your extensions are part of the build process. We will provide a new mechanism in a later release.

Community contributions

We are grateful to the wider Magento community and would like to acknowledge their contributions to this release. Check out the following ways you can learn about the community contributions to our current releases:

  • If a community member has provided a fix for this release, we identify the fix in the Fixed Issue section of these notes with the phrase, “Fix provided by community member @member_name”.

  • The Magento Community Engineering team Magento Contributors maintains a list of top contributing individuals and partners by month, quarter, and year. From that Contributors page, you can follow links to their merged PRs on GitHub.

System requirements

For Magento Commerce Cloud requirements, see Technologies and Requirements.

The Magento Commerce technology stack is built on PHP and MySQL. For details, see Technology stack requirements and System Requirements.

Installation and upgrade instructions

If installing and working with Magento Commerce Cloud for the first time, we recommend First-time local environment setup.

To test and implement your Magento Commerce Cloud upgrade, see Upgrade Magento Commerce (Cloud). We include upgrade paths and additional instructions for upgrading from 2.0.X and 2.1.X.

You can directly upgrade to Magento Commerce Cloud 2.2 from the following versions:

  • 2.0.X versions: 2.0.14, 2.0.15, 2.0.16
  • 2.1.X versions: 2.1.7, 2.1.8, 2.1.9

We have heavily tested and verified upgrades to 2.2 from the latest three versions of 2.0.X and 2.1.X.

You can attempt to upgrade from any version directly to Magento Commerce Cloud 2.2. We cannot guarantee the results. For example, you should be able to upgrade from 2.0.10 or 2.1.4 directly to 2.2.

If you prefer a secured and verified upgrade path, you can upgrade to one of the verified and tested versions, then directly upgrade to 2.2. For example, you could upgrade from 2.0.10 to 2.0.14, then upgrade to 2.2.