HCL Commerce Version

HCL Commerce

HCL Commerce was released on January 26, 2022.

Security updates

HCL Commerce contains the following security-related fixes.
Affected software CVE(s) Vulnerability
HCL Commerce CVE-2021-27751 HCL Commerce is affected by Insufficient Session Expiration vulnerability
WebSphere Application Server CVE-2021-23450, CVE-2022-23990, CVE-2022-23852, CVE-2022-22822, CVE-2022-22823, CVE-2022-22825, CVE-2021-46143, CVE-2022-22824, CVE-2022-22826, CVE-2022-22827, CVE-2021-45960, Multiple vulnerabilities in IBM HTTP Server and WebSphere Application Server affect HCL Commerce
WebSphere Application Server CVE-2021-40438, CVE-2021-45046, CVE-2021-4104, CVE-2021-36090, CVE-2021-38951, CVE-2021-34798, CVE-2021-35517, CVE-2021-35578, CVE-2021-35564, CVE-2021-2369, CVE-2021-39275, CVE-2021-29842 Multiple security vulnerabilities in WebSphere Application Server affect HCL Commerce
Netty All CVE-2021-37136, CVE-2021-37137 Multiple vulnerabilities in Netty All affect HCL Commerce
Multiple open source libraries CVE-2021-3878, CVE-2021-27568, CVE-2021-3869, CVE-2012-0881, CVE-2021-44832, CVE-2021-42550, CVE-2013-4002, CVE-2014-0107, CVE-2009-2625 Multiple vulnerabilities in open source libraries affect HCL Commerce with Elasticsearch

Important changes

HCL Commerce contains the following important changes to site features and functionality.

Important: Required changes
  • Upgrading to HCL Commerce with a social network OAuth 2.0 login integration that was configured prior to requires changes to be made for the integration to continue working. No action will result in the integration ceasing to function.

    Learn more...

Feature enhancements

The following features have been introduced in this release. Review the following list to ensure that your site is prepared once this update is applied.

Indicates enhancements inspired by or created by customers and partners, and submitted through the HCL Commerce | Product Portal. Sign up to vote and submit your own ideas!

Improvements to Transaction server start-up performance
Optimization of the add-generic-jvmarg, set-system-property, and set-jndi-entry run engine commands result in significant time savings when starting the Transaction server (ts-app). Use of these run engine commands beyond the default implementation can further improve start-up time up to 90% per individual command call over the same deployment on HCL Commerce
Azure Kubernetes Service (AKS) certification
HCL Commerce can be deployed to the Azure Kubernetes Service, including taking advantage of AKS-specific capabilities.
SSL/LDAP support
LDAP integration is now supported for Kubernetes and Docker-based deployments.
For more information, see the respective installation documentation.
Learn more (Docker)...
Learn more (Kubernetes)...
Multiple quick checkout profiles
Checkout profiles allow your registered shoppers to predefine separate billing and shipping addresses. The quick checkout feature auto-populates the billing and shipping addresses when they check out. Your shoppers can have more than one quick checkout profile.

Learn more...

Page Composer improvements for Emerald and Sapphire stores
A number of improvements have been made and new use cases added to the reference React-based stores. The user experience for mobile shoppers has been improved; Customer Service Representative (CSR) support is added for anonymous or guest shoppers; and search term suggestions are enhanced.

Learn more...

Page Composer widgets updated
A new set of Page Composer widgets rounds out the capabilities of this powerful page customization tool.

Learn more...

Shared orders in B2B stores
Multiple buyers can now work on the same order in business-to-business (Sapphire) stores. Shared orders are very much like a user's private order, except they allow other users from the order owner's organization to see the order. These contributors can add items to other users' shared orders and delete or update them.

Learn more...

Multiple payment options for any order
Your shoppers can now divide payment for their order among payment methods, such as cash on delivery or credit cards. This Multiple Payment option is available in all React stores.
Learn more...
Bundle details page

Customers can now shop with more ease with the introduction of the new Bundle page. It displays various combinations of items (bundles) in tabular form to allow the shoppers to select attributes for products and their variants. The bundle details page looks similar to the product-details page, but has provision for all of the stock keeping units (SKUs), products and variants on same page.

Learn more...
Workspace enhancements to Page Composer
Page Composer now allows you to work with workspaces. You can display pages in the context of a workspace, and create, edit, delete and preview pages and layouts.

Learn more...

Faster launch of Management Center
You no longer need to set your browser to allow pop-up windows when launching Management Center. The launch behavior has been changed so that the login prompt appears in the original Management Center window.

Learn more...

Custom caches tutorial
Custom caches improve performance of customizations by enabling the re-use of logic and data. Caches that you build to support your custom code can take full advantage of the HCL Cache framework for caching locally and remotely in Redis.
Learn more...
GraphQL for HCL Commerce
GraphQL is a markup language for any API, as well as a server-side interpreter for processing queries using a data type system you design. You can significantly improve the efficiency and speed of queries relative to the standard REST API by using GraphQL.

Learn more...

Defect fixes

See HCL Commerce in Fixes that are included in HCL Commerce releases for a detailed list of defects that were fixed in this release and its associated fix pack.

Supported companion software

HCL Commerce has been tested with the following companion software.
Commerce Companion software Database Browsers
HCL Commerce Version
  • WebSphere Application Server + PH41676 + PH42762
  • WebSphere Application Server Liberty
  • IBM SDK, Java Technology Edition, Version
  • IBM HTTP Server
  • Elasticsearch
    • x86-647.12.0
    • Power7.8.0
  • ZooKeeper
    • x86-643.7.0
    • Power3.6.2
  • Redis 6.2.6
  • NiFi 1.13.2
  • NiFi Registry 0.8.0
  • Solr-based search solution
    • IBM Db2 11.5
    • Oracle 18c
    • Oracle 19c
  • Elasticsearch-based search solution
    • IBM Db2 11.5
    • Oracle 19c
  • Management Center for HCL Commerce
    • Edge 20+
    • Internet Explorer 9+
    • Firefox 39+
    • Chrome 44+
    • Safari 10+
  • React-based storefronts
    • Edge 87+
    • Firefox 84+
    • Chrome 87+
    • Safari 14+
  • Aurora-based storefronts
    • Internet Explorer 20H2+
    • Edge 87+
    • Firefox 84+
    • Chrome 87+
    • Safari 14+