PA-DSS and Upcoming New Releases

There has been a lot of buzz and speculation lately about what’s happening with Zen Cart development activities. Here’s an update:

If you’ve been around the Zen Cart community anytime in the last year, you would have seen the fact that we released a new version, v1.3.9, and over the ensuing months we published several minor-step updates to address known/discovered bugs.
We’ve also been working on PA-DSS certification, preparing a v1.5.0 beta, and of course continuing work on the development of the much-anticipated v2.0 product.

Before addressing these items in more detail, we’d like to take a moment and thank everyone who has been a participant in the Zen Cart community, whether by merely using our software to run your website, or participating in our forums and posting and answering questions, or writing free addons for the community-at-large to use for enhancing the functionality of their own sites, or privately reporting security matters to the development team, or using services provided by our recommended partners, or donating to the Zen Cart project. All of you collectively are what makes the Zen Cart community the great place that it is. We appreciate all of you and are grateful that you have generously given of your time and intellectual property to help everyone else grow and succeed alongside you.

As mentioned, in 2010 we released v1.3.9, along with a number of small updates throughout the year to address bugs reported by our users via the forum. We continue to actively support our software, not only in terms of bug analysis and fixing, but also with daily assistance to those of you using our software to run your websites.

As if that didn’t have us busy enough, we’ve also been undergoing a number of internal changes in keeping with the requirements for attaining PA-DSS certification. This isn’t just a rubber-stamp. It’s a significant undertaking which requires ensuring that code development procedures and standards are well defined, security is understood and best practices observed, certain internal documentation is prepared and maintained, as well as certain user-documentation is prepared and maintained. So, there’s been a lot of work going on behind-the-scenes.

Further to that, for PA-DSS certification there are a number of application coding changes required to satisfy PCI demands, including password changes for administrators, access controls for each admin user (akin to the popular “admin profiles” addon), as well as a number of internal coding improvements. And all that is followed by an intense security audit of the code and penetration testing to ensure there are no holes for hackers to exploit. As you can imagine, all of this takes considerable time and resources.

We will be sharing a beta release for v1.5.0 to help iron out any bugs before final code certification is done for PA-DSS, with the goal of releasing v1.5.0 as fully PA-DSS certified. This will make Zen Cart the first free Open Source Ecommerce Solution that is fully PA-DSS certified. You can imagine we’re pretty excited about this, especially after the many long months of work that has gone into getting to this point.

And, of course, while all this has been going on we’ve also been continually working on coding for v2.0, including things like rewriting the admin for easier usability, improved plugin architecture, and much much much much much more.

So, in the coming months you can expect:

a) Continued support of v1.3.9 as necessary. No updates are expected unless a very serious bug warrants it.
b) a v1.5.0 BETA release
c) The Final v1.5.0 Officially PA-DSS Certified release
d) And we will continue working on v2.0, which will be released when it’s ready.

Thanks for reading. We’re excited about the days ahead, and look forward to continuing to prepare great software to run your great websites. Thanks for your continued support and participation in the Zen Cart community.

The Zen Cart Team

Comments are closed.