DW 9.18 Release Notes

Release date: August 2024

We are pleased to announce the release of Dynamicweb 9.18 with a focus on security.

Here's what's new:

SNYK
As part of our efforts of keeping Dynamicweb secure, we are now using security tools from Snyk for analyzing our entire code base. Snyk provides us with powerful tools to automatically detect and remediate vulnerabilities in our code, dependencies, and open-source libraries. By integrating Snyk into our development process, we can proactively address potential security issues before they impact operations, ensuring that Dynamicweb remains secure and reliable.
Updated 3rd party dependencies
The updated version of Dynamicweb 9 includes updates to all 3rd party dependencies (NuGet packages) used by Dynamicweb, bringing them to versions that have no known security vulnerabilities. You should encounter no significant functional changes stemming from this.
NIS2
The EU NIS2 Directive that will soon take effect requires organizations to keep their software up to date as part of their cybersecurity obligations. If your company is a critical or important entity under NIS2 directive, this update to Dynamicweb is important to be compliant with the rules.

Login security

In alignment with the NIS2 Directive's emphasis on enhancing cybersecurity across affected sectors, we encourage our customers to reinforce the login security of Dynamicweb to ensure robust protection of user accounts and sensitive data.

NIS2 underscores the importance of implementing strong authentication mechanisms to safeguard access to network and information systems.

Dynamicweb supports multi-factor authentication (MFA) through external login, secure password policies, and the encryption of login credentials.

These measures significantly reduce the risk of unauthorized access, ensuring that your organization's operations are secure and compliant with the stringent requirements set forth by NIS2.

We encourage you to adopt these security enhancements to fortify your defense against potential cyber threats.

Find information in our documentation on how to implement these measures:

Login security in upcoming Dynamicweb 9.18.1

We are currently working on implementing native MFA in Dynamicweb 9 so logins can be secured using additional security measures without using external authentication.

MFA for Dynamicweb 9 will be released with 9.18.1 during the fall. With this release it will be possible to enable MFA for all backend access. With MFA enabled users will be send a one-time code they need to enter to login to Dynamicweb. This will greatly reduce the risk of being compromised and is a needed step to be NIS2 compliant.

Work items and features

Here is a list of all work items included in this release:

ID	Work Item Type	Title
20556	Feature	DAP - Move generated exports into separate folder
20555	Feature	DAP - Support 'text/csv' content type
20621	Feature	Scheduled task logs gets to big
19821	Feature	Stop job if no records are written - DW9
19489	Feature	Update Stripe in DW9
19438	Feature	Duplicate live requests for multiple countries
19288	Feature	DAP - Export using Feeds
19427	Feature	Reference ogone 2.0.3
19366	Feature	Imp. User provider - performance optimisation
18736	Feature	Clear FieldOptionService in KillProductCategories
17180	Feature	Implementation UPS 2 with on new RestAPI and OAuth
18142	Feature	Integration - Columnmapping - New Scripttype DateTime.Now
18064	Feature	Add index to EmailRecipient
17840	Feature	Better logging Adyen payment provider
17834	Feature	Add expiration year and month as 2 separate fields on PaymentCardToken and database
17821	Feature	Add systemname to add reference field selector
17890	Feature	Lazy load properties to improve live integration performance
17832	Feature	Rename labels of orders to what they contain. Name is name, Company is company
17607	Feature	Live Integration - New cart communication "Cart only"
15606	Feature	Optimize cart