Technical review

During technical review, your code is examined to detect the presence of viruses, malware, and any indication of plagiarism. The process also ensures that the package meets Composer packaging and format requirements and Magento coding standards.


The technical review begins as soon as you upload an extension package at Developer Portal and consists of two mandatory steps to generate the submission id and trigger further extension testing:

  • Malware Scan — Ensures that uploaded packages do not contain viruses or malware software.
  • Extension Package Verification — Checks that the uploaded file is a zip archive which is a Composer package with extension.

See also:

Extension validation and QA

After accepting a package for Technical Review, a series of automated checks and manual checks are scheduled.

Code Sniffer: Check code quality/syntax

The Marketplace coding standard review uses a custom set of coding sniffs. If the submitted code fails the review, Magento generates a technical report that describes each issue found and its location in the codebase.

Copy Paste Detector: Check for plagiarism

All code and marketing content that is submitted to Commerce Marketplace is checked for plagiarism to ensure that it has not been copied from existing Marketplace extensions or from the Magento codebase.
If the extension contains source code from the Open Source Edition, the extension must be licensed under Open Source License v. 3.0 and properly credit Adobe, Inc.

Installation and Varnish tests: Verify that product installs and caching works correctly

Extensions for Magento are installed with Varnish Cache enabled for each supported version of PHP and switched from development to production mode. If you have shared packages and dependencies required for your extension, the Installation test also tests Magento installation and usage with those packages included.

In addition, cacheable pages are accessed to ensure that they are served directly from Varnish Cache. You will be notified if your extension fails the test.

Quality Assurance: Pass manual QA

This check verifies that the extension installs without error, is configurable (as applicable), and operates as expected. Manual QA can be skipped if the Semantic Version Check confirms that only patch-level changes were introduced in a new version of an already listed extension.

Manual QA checklist

To pass Manual QA, the extension must meet the following requirements:

  1. Installs with Composer.

  2. Compiles without errors using the following command: deploy:mode:set production

  3. Extension has all supporting documentation that complies with the documentation requirements

  4. Works with each version of Magento that the extension claims to support in the extension product profile.

    • Basic Magento functionality works as expected with the installed extension.

    • Basic test suite includes, but is not limited to the following scenarios:

      • Create order as guest user (Simple product, Configurable product)
      • Create a new customer
      • Create order as (Simple product, Configurable product)
      • Place an order via "Check Out with Multiple Addresses"
      • Create re-order from previously created order
      • Add product to Wishlist
      • Add product to Comparison list
      • As store admin: Create Invoice, Shipping, Credit Memo
      • As store admin: Create new order (re-order)
      • As store admin: Create new product with images (Simple product, Configurable product)
      • As store admin: Create new product category
  5. Works with each version of PHP that is supported by the Magento version that the extension claims to support in the extension product profile.

  6. Has all functionality that is described in the extension documentation and vice versa.

  7. Does not crash with unhandled errors.

  8. Does not hang when invalid data is submitted.

Exit criteria for testing

  1. At least one major issue found in Magento functionality which was affected by an installed extension.

  2. Blocking issue found that affects entire extension functionality.

  3. For big extensions, where functionality is not concentrated in one particular area we can switch to the unaffected area and continue to test it in order to provide more errors to the developer. At the same time, we can stop testing once we have found 2 blockers in separate areas of an extension.