Tell me this isn't a sign of what's to come!
I look for a lot of things in an ecomm suite. Among them is how manageable the platform is going to be on the day to day running of it. Order management being the biggest thing, but also maintenance of the software itself.
So I just installed what is supposed to be the very latest version. The first thing I see when I load up the back end is a warning that I have to install a patch that the download SPECIFICALLY mentioned as being included, plus a bunch of older patches as well.
What gives? Do I have to or don't I? Are they just old alerts that aren't smart enough to check if the system already has them? Or I really do have to install these?
So the VERY first impression I have of Magento... in a word... "tedious". More words would be "confusing" and "why couldn't it do this automatically?"
Solved! Go to Solution.
I just tried again, just in case I wasn't absolutely sure I downloaded the right file
Downloaded latest release from magento that clearly states:
- Includes patches: SUPEE-5344, SUPEE-5994, SUPEE-6285
yet, upon install, I am greeted with this message:
July 7, 2015: New Magento Security Patch (SUPEE-6285) – Install ImmediatelyWell? Which is it?
The messages bear no relation to what's installed, there is no mechanism to selectively send messages based on the version installed.
So basically, you read what's been patched in the version you've installed, patch it if needed, mark the message as read and move on.
Surely you can appreciate the confusion?
I did eventually figure that out as I saw the messages extended back a long time and included release announcements. When I realized that, it was a little more clear that these were just informative.
BUT... the messages are one thing. The alert box telling me point blank that I *MUST* install the patch NOW... really? That shouldn't be there.
You say no mechanism, then they should build a mechanism. The system should know when it has been installed and it shouldn't show messages that applied to the past. If they should be there for archival reasons, then they should be flagged "archives".
Either way, that pop up box absolutely should not be there on an install where the patch is pre-installed.
But thank you for your answer. Still, it doesn't bode well if I'm finding logical mistakes (and really, that's what it is) this early in the process. Still, can't be any worse than the POS platform I'm abandoning after 200 hours of work.
Oh, yeah, I understand the confusion. Magento's good at causing confusion.
And wholeheartedly agree on the mechanism being needed.
Be glad (I guess) they're sending confusing messages now, the horrible hole that was patched back in February didn't get any notices sent until the Magento crew were in a dead panic in April because the exploits were going to be published.
If they'd sent proper notification in February, just to patch because it's really necessary, it really would have been appreciated. We should not have to monitor the downloads page to find when security patches come out, and it would be nice if they'd also use their stupid message system in the Admin backend to notify about the minor patches as well so we can choose to ignore them if we so choose.
So, what you saw was a change from no sharing to over-sharing...