Adobe Commerce 2.4.4 Released: PHP 8.1 and Complete GraphQL for B2B

Released on 12 April 2022, Adobe Commerce 2.4.4 represents a landmark platform upgrade. This is not a minor version change — it's a strategic leap forward in modernisation, security and capability. Merchants upgrading to 2.4.4 are not just fixing bugs; they're positioning themselves on a platform that is faster, more secure and better equipped for the future of commerce.

PHP 8.1: The Foundation for Performance

2.4.4 mandates PHP 8.1, making it the minimum requirement. This is the headline change and the one with the most immediate operational impact. PHP 8.1 delivers measurable performance gains:

• JIT Compilation: Just-in-time compilation enables the PHP runtime to optimise hot code paths, delivering performance improvements of 20-40% for typical workloads.
• Reduced Memory Usage: PHP 8.1 uses less memory per request, allowing higher concurrency on the same hardware.
• Faster Execution: The cumulative effect of these improvements means faster page loads, faster admin operations and better responsiveness under load.

For high-traffic stores, PHP 8.1 can mean the difference between needing additional infrastructure and comfortably handling peak load on existing resources. For headless and API-driven implementations, the performance gains are even more pronounced.

Complete GraphQL Support for B2B

2.4.4 completes GraphQL coverage for B2B operations, including negotiable quotes. This is a major milestone:

• Negotiable Quotes via GraphQL: Previously only available via REST, B2B quote workflows can now run entirely through GraphQL APIs. This enables truly decoupled B2B frontends with modern frameworks.
• Unified API Surface: GraphQL now covers the full spectrum of Adobe Commerce functionality — shopping cart, checkout, customer accounts, B2B features and more — all through a consistent API.
• Improved Performance: GraphQL's query specification reduces over-fetching and under-fetching, meaning smaller payloads and faster transactions.
• Better DX for Frontend Teams: Modern frontend frameworks like React, Vue and Next.js integrate more naturally with GraphQL than REST, speeding up development cycles.

For agencies building headless commerce experiences, this is transformative. You can now build sophisticated B2B applications without falling back to REST or custom extensions.

Security Hardening

2.4.4 includes significant security improvements:

• Encrypted Database Tokens: OAuth tokens and password reset tokens are now encrypted in the database, reducing the blast radius of potential breaches.
• Session Security: Session IDs are no longer stored in the database by default, eliminating a common attack vector.
• Removal of Legacy Email Syntax: The deprecated email template syntax from earlier versions is no longer supported, preventing attacks that exploit template processing.
• Strengthened Bearer Authentication: Integration tokens can no longer be used for Bearer authentication by default, tightening API security.

These changes are not breaking in the sense of preventing upgrades, but they do require attention during migration. Custom extensions that rely on removed functionality will need to be refactored.

Performance Improvements

Beyond PHP 8.1, 2.4.4 introduces several architectural improvements:

• AsyncOrder: Order placement can now run asynchronously, improving perceived checkout responsiveness and reducing the impact of backend processing delays on customer experience.
• Optimised Queries: Database queries have been profiled and optimised, reducing load on the database tier.
• Improved Caching: Cache invalidation logic has been refined, reducing unnecessary cache misses and backend work.

High-traffic merchants often see a 15-25% reduction in server load with 2.4.4 compared to 2.4.3, depending on their specific workload.

What You Need to Do

Upgrading to 2.4.4 requires careful planning:

Extension Audit: Inventory all installed extensions. Many extensions bundled with previous versions have been removed (except Braintree). Verify compatibility with 2.4.4 and plan replacements if needed.

Custom Code Review: If your store uses custom code, audit it for compatibility with PHP 8.1 and the security changes in 2.4.4. String handling, type strictness and deprecated functions may need refactoring.

Environment Preparation: Ensure your hosting provider supports PHP 8.1. If you're on Adobe Cloud, this is handled automatically. If on-premise, plan infrastructure updates.

Comprehensive Testing: Run a complete regression test covering all critical workflows: checkout, payments, shipping, customer accounts, admin operations, and any custom integrations. Include performance testing under realistic load.

Staged Deployment: Development → Staging → Production, with clear success criteria at each stage. Have rollback procedures ready (though rolling forward is the only secure option for security-related changes).

The Strategic Value

2.4.4 is not optional. It's the platform baseline for modern commerce. It delivers measurable performance improvements, fills critical security gaps, and unlocks new architectural possibilities for agencies building next-generation commerce experiences.

Merchants staying on 2.4.3 are forgoing significant performance gains and accepting increased security risk. The cost of upgrading is justified by faster page loads, better search rankings, improved conversion rates and reduced operational overhead.

Looking Forward

2.4.4 is also the foundation for future Adobe Commerce roadmap items: Edge Delivery Services, deeper AI integration, and advanced composable commerce patterns all build on the infrastructure established in this release.

If you're running an older version of Adobe Commerce or Magento, now is the time to plan the upgrade to 2.4.4. The platform has never been more capable, and the sooner you migrate, the sooner you can realise the benefits.

Want expert guidance navigating the 2.4.4 upgrade? Our team at Tom&Co has guided dozens of partners through this migration. We can help you plan, test and deploy safely.