DW 9.18 Release Notes
Release date: August 2024
We are pleased to announce the release of Dynamicweb 9.18 with a focus on security.
Here's what's new:
- SNYK
As part of our efforts of keeping Dynamicweb secure, we are now using security tools from Snyk for analyzing our entire code base. Snyk provides us with powerful tools to automatically detect and remediate vulnerabilities in our code, dependencies, and open-source libraries. By integrating Snyk into our development process, we can proactively address potential security issues before they impact operations, ensuring that Dynamicweb remains secure and reliable. - Updated 3rd party dependencies
The updated version of Dynamicweb 9 includes updates to all 3rd party dependencies (NuGet packages) used by Dynamicweb, bringing them to versions that have no known security vulnerabilities. You should encounter no significant functional changes stemming from this. - NIS2
The EU NIS2 Directive that will soon take effect requires organizations to keep their software up to date as part of their cybersecurity obligations. If your company is a critical or important entity under NIS2 directive, this update to Dynamicweb is important to be compliant with the rules.
Login security
In alignment with the NIS2 Directive's emphasis on enhancing cybersecurity across affected sectors, we encourage our customers to reinforce the login security of Dynamicweb to ensure robust protection of user accounts and sensitive data.
NIS2 underscores the importance of implementing strong authentication mechanisms to safeguard access to network and information systems.
Dynamicweb supports multi-factor authentication (MFA) through external login, secure password policies, and the encryption of login credentials.
These measures significantly reduce the risk of unauthorized access, ensuring that your organization's operations are secure and compliant with the stringent requirements set forth by NIS2.
We encourage you to adopt these security enhancements to fortify your defense against potential cyber threats.
Find information in our documentation on how to implement these measures:
Login security in upcoming Dynamicweb 9.18.1
We are currently working on implementing native MFA in Dynamicweb 9 so logins can be secured using additional security measures without using external authentication.
MFA for Dynamicweb 9 will be released with 9.18.1 during the fall. With this release it will be possible to enable MFA for all backend access. With MFA enabled users will be send a one-time code they need to enter to login to Dynamicweb. This will greatly reduce the risk of being compromised and is a needed step to be NIS2 compliant.
Work items and features
Here is a list of all work items included in this release:
ID |
Work Item Type |
Title |
---|---|---|
20556 |
Feature |
DAP - Move generated exports into separate folder |
20555 |
Feature |
DAP - Support 'text/csv' content type |
20621 |
Feature |
Scheduled task logs gets to big |
19821 |
Feature |
Stop job if no records are written - DW9 |
19489 |
Feature |
Update Stripe in DW9 |
19438 |
Feature |
Duplicate live requests for multiple countries |
19288 |
Feature |
DAP - Export using Feeds |
19427 |
Feature |
Reference ogone 2.0.3 |
19366 |
Feature |
Imp. User provider - performance optimisation |
18736 |
Feature |
Clear FieldOptionService in KillProductCategories |
17180 |
Feature |
Implementation UPS 2 with on new RestAPI and OAuth |
18142 |
Feature |
Integration - Columnmapping - New Scripttype DateTime.Now |
18064 |
Feature |
Add index to EmailRecipient |
17840 |
Feature |
Better logging Adyen payment provider |
17834 |
Feature |
Add expiration year and month as 2 separate fields on PaymentCardToken and database |
17821 |
Feature |
Add systemname to add reference field selector |
17890 |
Feature |
Lazy load properties to improve live integration performance |
17832 |
Feature |
Rename labels of orders to what they contain. Name is name, Company is company |
17607 |
Feature |
Live Integration - New cart communication "Cart only" |
15606 |
Feature |
Optimize cart |