Release policy

Magento Commerce uses semantic versioning on the individual module level (for example magento/framework 101.1.1) but not for the Magento marketing version number. For example:

  • MAJOR—2
  • MINOR—2.3
  • PATCH—2.3.1
  • SECURITY—2.3.2-p1

MINOR release

Magento releases a large, minor version of Magento Commerce about once a year.

The following guidelines apply to minor releases:

  • Breaking changes are possible; code written for 2.2.x may no longer work with 2.3.x. For example, minor releases can introduce support for major system requirements and dependencies, such as PHP.
  • Module versions can vary. For example, some module changes are introduced in a new patch whereas others are introduced in a major release.
  • Minor releases can include new features that may require additional work from partners during upgrade to ensure compatibility.
  • Minor releases can include fixes for security and compliance issues.

PATCH release

Patch releases are primarily focused on delivering security and quality enhancements on a regular basis to help you keep your sites performing at their peak. Magento releases security and functional patches for each supported release line of Magento Commerce every quarter.

The following guidelines apply to patch releases:

  • All supported versions receive security fixes.
  • Newer versions receive full functional fixes and enhancements.
  • Changes that could break extensions or code compatibility are avoided. For example, code written for 2.2.0 should still work on 2.2.7.
  • On an exceptional basis, breaking changes or additional patches or hotfixes may be released to address security or compliance issues. On the module level, these are mostly PATCH-level changes; sometimes MINOR-level changes.
  • Patches may include new features as long as they are not expected to break other code. The new feature can be included in the core code or as an extension, such as Page Builder.

SECURITY release

Security releases provide fixes for vulnerabilities that have been identified in previous quarterly patch releases. You can install time-sensitive security fixes without applying the hundreds of functional fixes and enhancements that a full quarterly patch release contains.

For general information about security releases, see Introducing the New Security-only Patch Release. For instructions on downloading and applying security patches, see Install Magento using Composer.