[ECP-9690] Dropping Support for PCI Non-Compliant Magento versions by khushboo-singhvi · Pull Request #2957 · Adyen/adyen-magento2

khushboo-singhvi · 2025-05-08T12:43:39Z

Description

Our plugin has introduced a dependency on NonceProviderClass to solve CSP issues on the storefront

In order solve this issue, Magento platform needs to calculate a nonce value and later verify it in the storefront frontend to ensure the ownership of the executed string

However, this nonce generated has been implemented as a part of CSP related security patch by Adobe. The versions prior to the following versions do not have this required class.

Magento 2.4.4-p9
Magento 2.4.5-p8
Magento 2.4.6-p6

With this PR, we are following best practices and all CSP updates, therefore platform Versions below the CSP supported version will be blocked and the plugin will not be compatible.

Tested scenarios

Fixes

sonarqubecloud · 2025-05-13T13:29:37Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

khushboo-singhvi added 2 commits May 8, 2025 13:50

[ECP-9690]CSP related patches blocking using conflict.

abe50f6

[ECP-9690]CSP related patches blocking using conflict.

192f119

khushboo-singhvi requested a review from a team as a code owner May 8, 2025 12:43

khushboo-singhvi temporarily deployed to internal May 8, 2025 12:43 — with GitHub Actions Inactive

[ECP-9690]Updating composer action version to V6

ffdba40

khushboo-singhvi temporarily deployed to internal May 12, 2025 13:42 — with GitHub Actions Inactive

khushboo-singhvi added 2 commits May 12, 2025 15:43

[ECP-9690]Testing

8422b78

[ECP-9690]Testing

36cef3c

khushboo-singhvi temporarily deployed to internal May 12, 2025 13:55 — with GitHub Actions Inactive

[ECP-9690]Testing

aa43680

khushboo-singhvi temporarily deployed to internal May 12, 2025 13:57 — with GitHub Actions Inactive

khushboo-singhvi temporarily deployed to internal May 13, 2025 09:57 — with GitHub Actions Inactive

[ECP-9690]Testing

25aef55

khushboo-singhvi temporarily deployed to internal May 13, 2025 11:28 — with GitHub Actions Inactive

[ECP-9690]Testing main workflow

3cbfefb

khushboo-singhvi temporarily deployed to internal May 13, 2025 11:47 — with GitHub Actions Inactive

[ECP-9690]Testing main workflow

39de7ea

khushboo-singhvi temporarily deployed to internal May 13, 2025 13:26 — with GitHub Actions Inactive

amihajlovski approved these changes May 13, 2025

View reviewed changes

khushboo-singhvi added the Fix Indicates a bug fix label May 13, 2025

candemiralp approved these changes May 13, 2025

View reviewed changes

khushboo-singhvi merged commit a21e62a into main May 13, 2025
14 of 15 checks passed

khushboo-singhvi deleted the ECP-9690 branch May 13, 2025 13:40

AdyenAutomationBot mentioned this pull request May 13, 2025

Release v9.18.0 #2944

Merged

khushboo-singhvi changed the title ~~[ECP-9690] Broken compatibility with the Magento versions not having CSP related patches~~ [ECP-9690] Dropping Support for PCI Non-Compliant Magento versions May 13, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[ECP-9690] Dropping Support for PCI Non-Compliant Magento versions#2957

[ECP-9690] Dropping Support for PCI Non-Compliant Magento versions#2957
khushboo-singhvi merged 38 commits intomainfrom
ECP-9690

khushboo-singhvi commented May 8, 2025

Uh oh!

sonarqubecloud bot commented May 13, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

khushboo-singhvi commented May 8, 2025

Uh oh!

sonarqubecloud bot commented May 13, 2025

Quality Gate passed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants