Technical Review Guidelines
During technical review, your code is examined to detect the presence of viruses, malware, and any indication of plagiarism. The process also ensures that the package meets Composer packaging and format requirements and Magento coding standards.
Validate: Verify package for required files
The submitted package must be a Magento module, theme, language pack, or metapackage, that meets Composer packaging and format requirements. All Magento modules, themes, and language packs must contain a composer.json
and registration.php
file.
Required Files
All | composer.json registration.php |
Module | etc/module.xml |
Theme | theme.xml |
Language Pack | language.xml |
Metapackage | composer.json |
Developers of Magento 2.x extensions can use the validation tool to test the package before it is submitted to Magento Marketplace. To download the tool, see the Marketplace Tools GitHub repository.
See also:
Coding Standards: Check code quality/syntax
The Marketplace coding standard review uses a custom set of coding sniffs. If the submitted code fails to pass the review, a technical report is generated that describes each issue found, and its location in the codebase.
See also: Coding Standards
Package Validation: verify that submitted code is a valid Magento extension
This check verifies that submitted code:
- Is packaged as a valid Magento module, theme, language package, or meta-package
- Enforces best practices for Magento code distribution
- Helps to avoid common pitfalls
Any code submitted for technical review at Magento Developers Portal is examined to ensure that:
- Code submitted as a zip archive.
- Submitted package does not exceed 30 MB.
- Submitted package contains a
composer.json
file. - The
composer.json
file specifies:name
type
version
- The
composer.json
does not declare:extra.map
extra.magento-root-dir
- The package has valid Composer package type:
- for extensions, valid types are:
magento2-module
,magento2-language
,metapackage
- for themes, valid types is only
magento2-theme
- for shared libraries, valid types are:
magento2-module
,magento2-theme
,magento2-language
- for extensions, valid types are:
- The package does not restict a set of compatible PHP versions declared by supported Magento versions.
- The package does not declare any of the following packages as a dependency:
magento/magento-composer-installer
magento/magento2-base
magento/product-community-edition
magento/magento2-ee-base
magento/product-enterprise-edition
- The package does not use
*
as a version restriction for Magento packages (packages withmagento
vendor). Version restriction should be specified according to recommendations. - Require inline aliases are not used in the
composer.json
file.
Additional requirements for package declarations are applied depending on the package type.
Magento modules (packages with type magento2-module
) must have a valid registrar.php
file. Configured autoloading in compopser.json
: autoload.files
must include at least a registrar.php
file and autoload.psr-4
is expected to declare at least one namespace.
Magento themes (package type magento2-theme
) and language packages (type magento2-language
) must have a valid registrar.php
file, which must be included in the autoload.files
section of composer.json
. autoload.psr-4
must not be used for these types of packages.
Packages of type metapackage
must declare at least one dependency in the require
section.
Intellectual Property: Check for plagiarism
All code and marketing content that is submitted to Magento Marketplace is checked for plagiarism to ensure that it has not been copied from existing Marketplace extensions or from the Magento codebase.
If the extension contains source code from the Community Edition of Magento 1.x or 2.x, the extension must be licensed under Open Source License v. 3.0 and properly credit Adobe, Inc.
See also: OSL 3.0: A Better License for Open Source Software
Installation (M2 only): Verify that product installs correctly
Extensions for Magento 2.x are installed with Varnish Cache enabled for each supported version of PHP, and switched from development to production mode. If you have shared packages and dependencies required for your extension, also test installs and usage with those packages.
See also: Magento System Requirements
Page Caching (M2 only): Verify that Varnish works correctly
In addition to the Production Mode test, cacheable pages are accessed to ensure that they are served directory from Varnish Cache. You will be notified if your extension fails the test.
See also: Configure and Use Varnish
Quality Assurance (M2 only): Pass manual QA
This check verifies that the extension installs without error, is configurable (as applicable), and operates as expected. To pass Manual QA, the extension must meet the following requirements:
- Installs with Composer
- Compiles without errors using the following command:
deploy:mode:set production
- Works with each version of Magento that is shown as supported in the extension product profile
- Works with each version of PHP that is supported by the Magento version that is shown as supported in the extension product profile
- Has all functionality that is described in the extension documentation
- Does not crash with unhandled errors
- Does not hang when invalid data is submitted
For Page Builder extensions
- New and extended content types can be dragged to the stage, edited, duplicated, moved, hidden, saved, and deleted from the stage without errors.
- New and extended content types are rendered on the storefront without errors.
- Extensions that use Page Builder should also ensure that all Page Builder content creation functions work correctly. This includes, but is not limited to, all the functions previously described for new and extended content types rendered in the Admin stage and the storefront.