HCL Commerce Version 9.1.10.0

HCL Commerce 9.1.10.0

HCL Commerce 9.1.10.0 was released on March 31, 2022.

Security updates

HCL Commerce 9.1.10.0 contains the following security-related fixes.
Affected software CVE(s) Vulnerability
jackson-databind, Spring Framework WS-2021-0616, CVE-2021-22096 Multiple vulnerabilities in open source components affect HCL Commerce
Apache Chainsaw, Apache XercesJ, Spring Framework CVE-2022-23307, CVE-2022-23437, CVE-2021-22060 Multiple vulnerabilities in open source components affect HCL Commerce
corenlp, Netty, node-fetch CVE-2022-0198, CVE-2021-43797, CVE-2022-0235 Multiple vulnerabilities in open source components affect HCL Commerce
WebSphere Application Server and IBM HTTP Server CVE-2021-23450, CVE-2022-23990, CVE-2022-23852, CVE-2022-22822, CVE-2022-22823, CVE-2022-22825, CVE-2021-46143, CVE-2022-22824, CVE-2022-22826, CVE-2022-22827, CVE-2021-45960 Multiple vulnerabilities in IBM HTTP Server and WebSphere Application Server affect HCL Commerce
Apache Log4j CVE-2022-23307, CVE-2022-23302, CVE-2022-23305 Vulnerability in Apache Log4j 1.2 affects HCL Commerce
IBM HTTP Server, IBM Java SDK CVE-2022-25315, CVE-2021-35550, CVE-2022-25313, CVE-2022-21340, CVE-2022-25236, CVE-2021-35603, CVE-2022-25235 Multiple vulnerabilities in IBM Java SDK and IBM HTTP Server included with WebSphere Application Server affect HCL Commerce
WebSphere Application Server CVE-2021-39038 A vulnerability in WebSphere Application Server affects HCL Commerce

Important changes

HCL Commerce 9.1.10.0 contains the following important changes to site features and functionality.

Important: Required changes
  • Upgrading to HCL Commerce 9.1.10.0 with a social network OAuth 2.0 login integration that was configured prior to 9.1.7.0 requires changes to be made for the integration to continue working. No action will result in the integration ceasing to function.

    Learn more...

Feature enhancements

The following features have been introduced in this release. Review the following list to ensure that your site is prepared once this update is applied.

Indicates enhancements inspired by or created by customers and partners, and submitted through the HCL Commerce | Product Portal. Sign up to vote and submit your own ideas!

Deployment
Search
Ingest profiles
This powerful new feature enables you to fine-tune the behavior of NiFi connectors. You can issue SQL commands and execute custom Java code during the flow of a specific connector, to pre- and post-process data before it is indexed.

Learn more...

Configure Ingest at a single REST endpoint
All NiFi connectors inherit a set of configurations such as global attributes and make them available as NiFi flowfile attributes inside NiFi. Using one REST endpoint, you can add or remove these NiFi capabilities from outside the main NiFi process flow.

Learn more...

Migrate Elasticsearch customizations
You can migrate custom connectors and NiFi flows to the latest version of HCL Commerce Search. You have more options and guidance to make the process easier and faster.

Learn more...

Support the Authoring and Production environments in separate clusters
In the default Elasticsearch cluster implementation, all nodes have all the node roles. If one node is busy on data operations and under resource constraints while it also has the master role, it can affect the cluster health, which in turn impacts data availability. To avoid this situation, you can separate your Elasticsearch Auth and Production clusters.

Learn more...

Remote debugging of Query service
A new remote facility enables your developers to see the current state of variables, and leverage code hot swapping to see your changes reflected in the Query server as they develop code.

Learn more...

Data integrity check
You can improve the reliability of the Ingest service by checking the health of the Index. The integrity check pipeline counts and compares Elasticsearch documents against the database.

Learn more...

Store
Feature previewMarketplace hosts products from other vendors
The Marketplace feature allows designated Owners to post products from other vendors. Buyers can filter products by a single or multiple seller names. This feature is available for registered and guest users.
For additional information, see Marketplace Tool.
Learn more...
Product Compare
Your shoppers can now compare products on a dedicated screen. They can use this feature to compare features such as price, description, or even customer ratings of your products.

Learn more...

Ribbon Ads now available for React Store
A ribbon ad is an image overlay that is displayed over the thumbnail image of catalog entries. The image overlay contains text that describes a shared characteristic of the catalog entries, such as Exclusive, Clearance, New, or On Sale to draw the attention of shoppers. You can easily add ribbon ads to your React storefront.

Learn more...

My Account/Dashboard PI Updates
Your customers have an improved My Account page that enables them to edit personal information such as name and address, and change the login password for their accounts.

Learn more...

Kit Details Page
Kits are collections of products that your customers can purchase in a single transaction. They differ from bundles in that the products and quantities are fixed. The Business-to-Business Sapphire React-based store now has a kits page that complements the existing bundles feature.
Learn more...
Remember-me/persistent session
Emerald (B2C) React Store customers can leave a shopping session and on returning find their current cart and other details preserved. You can define which behaviors can be persisted, and even extend some persistence to guest shoppers (shoppers without an account).
Learn more...
Product Listing Page Price Ranges
The Product Listing Page (PLP) has been improved. The price-range for SKUs of a product or a variant are now visible when these items are displayed in the PLP.
Learn more...
Requisition Lists for B2B React stores
Requisition lists are lists of items that will be used to create orders at a later date. Your customers can create requisition lists of items that they order frequently and use them to periodically re-order the items. You can now use requisition lists in B2B Sapphire React-based stores.
Learn more...
Tools
Feature previewMarketplace Tool
Marketplaces are new to HCL Commerce for version 9.1.10.0. A variety of new options are available in the Management Center under the Marketplace menu item. For example, Marketplace owners can manage multiple marketplaces as well as sellers, and sellers have options for controlling their own market.
For more information about how the Marketplace affects the storefront, see Marketplace hosts products from other vendors.

Learn more...

Page Composer enhancements
Page Composer has been improved. You can now create default layouts and kits for catalog entry and category pages.

Learn more...

Defect fixes

See HCL Commerce 9.1.10.0 in Fixes that are included in HCL Commerce releases for a detailed list of defects that were fixed in this release and its associated fix pack.

Supported companion software

HCL Commerce 9.1.10.0 has been tested with the following companion software.
Commerce Companion software Database Browsers
HCL Commerce Version 9.1.10.0
  • WebSphere Application Server 9.0.5.10 + PH41676 + PH42762 + PH43148 + PH43760
  • WebSphere Application Server Liberty 21.0.0.12 PH43817 + PH43223 + PH42074
  • IBM SDK, Java Technology Edition, Version 8.0.7.5
  • IBM HTTP Server 9.0.5.10 + PH44271
  • Elasticsearch
    • x86-647.17.1
    • Power7.8.0
  • ZooKeeper
    • x86-643.7.0
    • Power3.6.2
  • Redis
    • x86-646.2.6
    • Power6.2.6
  • NiFi 1.13.2
  • NiFi Registry 0.8.0
  • Solr-based search solution
    • IBM Db2 11.5
    • Oracle 18c
    • Oracle 19c
  • Elasticsearch-based search solution
    • IBM Db2 11.5
    • Oracle 19c
  • Management Center for HCL Commerce
    • Edge 20+
    • Internet Explorer 9+
    • Firefox 39+
    • Chrome 44+
    • Safari 10+
  • React-based storefronts
    • Edge 87+
    • Firefox 84+
    • Chrome 87+
    • Safari 14+
  • Aurora-based storefronts
    • Internet Explorer 20H2+
    • Edge 87+
    • Firefox 84+
    • Chrome 87+
    • Safari 14+