A fork of Magento-1 that is accepting bug fixes (backward compatible, drop in replacement for official Magento)

Fund package maintenance!
Open Collective

Installs: 155 663

Dependents: 21

Suggesters: 0

Security: 15

Stars: 867

Watchers: 66

Forks: 439

Open Issues: 178


v21.0.0-beta2 2024-07-02 13:26 UTC


All Contributors Total Downloads License PHP Security workflow Badge CI workflow Badge

Magento - Long Term Support

This repository is the home of an unofficial community-driven project. It's goal is to be a dependable alternative to the Magento CE official releases which integrates improvements directly from the community while maintaining a high level of backwards compatibility to the official releases.

Pull requests with bug fixes and security patches from the community are encouraged and welcome!

Table of contents

Releases and Versioning

This project more strictly adheres to Semantic Versioning compared to the original Magento version numbering system where the "1" was essentially a fixed number. See the Terminology section of RFC 0002 - Release Schedule for more information on how the terms MAJOR, MINOR and PATCH are defined and applied.

The OpenMage team and community maintains OpenMage LTS versions as follows:

  • The latest MAJOR.MINOR version always receives PATCH updates.
  • The latest MAJOR version always receives MINOR updates.
  • The latest MAJOR.MINOR branch for each MAJOR version receives PATCH updates for at least 2 years from the time of inception of the initial MAJOR version release.

In a nutshell:

  • If you want to stay on the cutting edge with the latest improvements use the latest MAJOR version.
  • If you want maximum backwards compatibility and minimal upgrade hassle use the next-latest MAJOR version so that you can still receive important security/stability/regression fixes.

Currently Maintained Versions

  • 20.x is the latest MAJOR version and will receive PATCH updates until 2 years after the date that 21.x is released.
  • 19.4.x will receive PATCH updates until April 4, 2025.


  • PHP 7.4 to 8.3

  • MySQL 5.7+ (8.0+ recommended) or MariaDB

  • optional: Redis 5.x, 6.x and 7.0.x are supported

  • PHP extension intl since & 20.0.17

  • Command patch 2.7+ (or gpatch on MacOS/HomeBrew) since & 20.1.0


Manual Install

Download the latest release archive and extract it over your existing install. Important: you must download the ZIP file from a tagged version on the releases page, otherwise there will be missing dependencies.


Step 1: Create a new composer project:

composer init

Step 2: Configure composer. The below options are required. You can see all options here.

# Allow composer to apply patches to dependencies of magento-lts
composer config --json extra.enable-patching true

# Configure Magento core composer installer to use magento-lts as the Magento source package
composer config extra.magento-core-package-type magento-source

# Configure the root directory that magento-lts will be installed to, such as "pub", "htdocs", or "www"
composer config extra.magento-root-dir pub

Step 3: Require magento-core-composer-installer:

# PHP 7
composer require "aydin-hassan/magento-core-composer-installer":"~2.0.0"

# PHP 8
composer require "aydin-hassan/magento-core-composer-installer":"^2.1.0"

Note: be sure to select y if composer asks you to trust aydin-hassan/magento-core-composer-installer.

Step 4: Require the appropriate version of magento-lts:

# Latest tagged v20 series release
composer require "openmage/magento-lts":"^20.0.0"

# Legacy v19 tagged release (Magento 1.9.4.x drop-in replacement supported until April 4, 2025)
composer require "openmage/magento-lts":"^19.4.0"

# Latest on "main" development branch
composer require "openmage/magento-lts":"dev-main"

# Latest on "next" development branch
composer require "openmage/magento-lts":"dev-next"

Note: be sure to select y if composer asks you to trust magento-hackathon/magento-composer-installer or cweagans/composer-patches.

When deploying to a production environment, it's recommended to optimize Composer's autoloader to speed up classes lookup time:

composer dump-autoload --optimize


If you want to contribute to the project:

git init
git remote add origin<YOUR GIT USERNAME>/magento-lts
git pull origin main
git remote add upstream
git pull upstream main
git add -A && git commit

More Information

Secure your installation

Don't use common paths like /admin for OpenMage Backend URL. Don't use the path in robots.txt and keep it secret. You can change it from Backend (System / Configuration / Admin / Admin Base Url) or by editing app/etc/local.xml:


Don't use common file names like api.php for OpenMage API URLs to prevent attacks. Don't use the new file name in robots.txt and keep it secret with your partners. After renaming the file you must update the webserver configuration as follows:

Apache .htaccess

RewriteRule ^api/rest api.php?type=rest [QSA,L]


rewrite ^/api/(\w+).*$ /api.php?type=$1 last;`

Magento 1 Compatibility

OpenMage LTS 19.4.0 is the first tagged version using the OpenMage LTS version naming system and all 19.x versions are mostly backward-compatible with Magento 1.9.4.x.

OpenMage LTS 20.x and later have more changes that may not be 100% backward-compatible, but minimizing migration and upgrade hassle for users is always considered an important goal and factors heavily into the changes that are accepted even when accepting changes for "MAJOR" releases, described in Releases and Versioning above.


Most important changes will be listed here, all other changes since 19.4.0 can be found in release notes.

Between Magento and OpenMage 19.x

  • bug fixes and PHP 7.x, 8.0, 8.1 and 8.2 compatibility
  • added config cache for system.xml (#1916)
  • added frontend_type color (#2945)
  • search for "NULL" in backend grids (#1203)
  • removed lib/flex containing unused ActionScript "file uploader" files (#2271)
  • Mage_Catalog_Model_Resource_Abstract::getAttributeRawValue() now returns '0' instead of false if the value stored in the database is 0 (#572)
  • PHP extension intl is required
  • Deprecation errors are not suppressed anymore
  • removed modules:
    • Mage_Backup (#2811)
    • Mage_Compiler
    • Mage_GoogleBase
    • Mage_PageCache (#2258)
    • Mage_Poll (#3098)
    • Mage_Xmlconnect
    • Phoenix_Moneybookers

If you rely on those modules you can reinstall them with composer:

  • Mage_Backup: composer require openmage/module-mage-backup
  • Mage_PageCache: composer require openmage/module-mage-pagecache
  • Mage_Poll: composer require openmage/module-mage-poll
  • Legacy frontend themes: composer require openmage/legacy-frontend-themes

Between OpenMage 19.x and 20.x

Do not use 20.x.x if you need IE support.

  • removed IE conditional comments, IE styles, IE scripts and IE eot files (#1073)
  • removed frontend default themes (default, modern, iphone, german, french, blank, blue) (#1600)
  • fixed incorrect datetime in customer block ($useTimezone parameter) (#1525)
  • added redis as a valid option for global/session_save (#1513)
  • reduce needless saves by avoiding setting _hasDataChanges flag (#2066)
  • removed support for global/sales/old_fields_map defined in XML (#921)
  • enabled website level config cache (#2355)
  • made overrides of Mage_Core_Model_Resource_Db_Abstract::delete respect parent api (#1257)
  • rewrote Mage_Eav_Model_Config as cache for all eav entity and attribute reads (#2993)

For full list of changes, you can compare tags.

Since OpenMage 19.5.0 / 20.1.0

PHP 7.4 is now the minimum required version.

Most of the 3rd party libraries/modules that were bundled in our repository were removed and migrated to composer dependencies. This allows for better maintenance and upgradability.


  • phpseclib, mcrypt_compat, Cm_RedisSession, Cm_Cache_Backend_Redis, Pelago_Emogrifier (#2411)
  • Zend Framework 1 (#2827)

If your project uses OpenMage through composer then all dependencies will be managed automatically.
If you just extracted the release zip/tarball in your project's main folder then be sure to:

  • remove the old copy of aforementioned libraries from your project, you can do that with this command:

    rm -rf app/code/core/Zend lib/Cm lib/Credis lib/mcryptcompat lib/Pelago lib/phpseclib lib/Zend
  • download the new release zip file that is named, this one is built to contain the vendor folder generated by composer, with all the dependencies in it

  • extract the zip file in your project's repository as you always did

We also decided to remove our Zend_DB patches (that were stored in app/code/core/Zend) because they were very old and not compatible with the new implementations made by ZF1-Future, which is much more advanced and feature rich. This may generate a problem with `Zend_Db_Select' statements that do not use 'Zend_Db_Expr' to quote expressions. If you see SQL errors after upgrading please remember to check for this specific issue in your code.

UPS shut down their old CGI APIs so we removed the support for it from the Mage_Usa module.

Between OpenMage 20.x and 21.x (unreleased, available on branch next)

  • PHP 8.2 as minimum required version
  • Removed scriptaculous/dragdrop.js (#3215)
  • RWD theme: updated jQuery to 3.7.1 (#3922)
  • Unified CSRF configuration (#3147) and added form key validation to Contacts form (#3146)
  • Removed double span element from HTML buttons (#3123)
  • Removed all deprecated Mysql4_ classes (#2730). If there are any old modules/extensions in your installation that use such classes, you must run shell/rename-mysql4-class-to-resource.php in the command line in order to convert them. Backup all files before running the script
  • Removed "admin routing compatibility mode" (#1551)

New Config Options

  • admin/design/use_legacy_theme
  • admin/global_search/enable
  • admin/emails/admin_notification_email_template
  • catalog/product_image/progressive_threshold
  • catalog/search/search_separator
  • dev/log/max_level
  • newsletter/security/enable_form_key
  • sitemap/category/lastmod
  • sitemap/page/lastmod
  • sitemap/product/lastmod

New Events

  • adminhtml_block_widget_form_init_form_values_after
  • adminhtml_block_widget_tabs_html_before
  • adminhtml_sales_order_create_save_before
  • checkout_cart_product_add_before
  • core_app_run_after
  • mage_run_installed_exception
  • sitemap_cms_pages_generating_before
  • sitemap_urlset_generating_before

Full list of events

Changes to SOAP/WSDL

Since 19.4.17/20.0.15 we changed the targetNamespace of all the WSDL files (used in the API modules), from Magento to OpenMage. If your custom modules extends OpenMage's APIs with a custom WSDL file and there are some hardcoded targetNamespace="urn:Magento" strings, your APIs may stop working.

Please replace all occurrences of




or alternatively


to avoid any problem.

To find which files need the modification you can run this command from the root directory of your project.

grep -rn 'urn:Magento' --include \*.xml

Development Environment with DDEV

  • Install ddev
  • Clone the repository as described in installation (Git)
  • Create a ddev config, defaults should be good for you
    ddev config
  • Open .ddev/config.yaml and change the php version to your needs
  • Download and start the containers
    ddev start
  • Open your site in browser
    ddev launch

PhpStorm Factory Helper

This repo includes class maps for the core Magento files in .phpstorm.meta.php. To add class maps for installed extensions, you have to install N98-magerun and run command:

n98-magerun.phar dev:ide:phpstorm:meta

You can add additional meta files in this directory to cover your own project files. See PhpStorm advanced metadata for more information.

Public Communication

  • Discord (maintained by Flyingmana)



Contributors ✨

Thanks goes to these wonderful people (emoji key):

This project follows the all-contributors specification. Contributions of any kind welcome!