Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@magento/venia-concept
Advanced tools
Documentation for Magento PWA Studio packages is located at https://developer.adobe.com/commerce/pwa-studio/.
14.3.1 Lighthouse scores
With each new release of PWA Studio, we perform Lighthouse audits of four Venia page types, each representing a different level of complexity. Shown below are the Lighthouse scores for the 14.3.1 release of these pages on desktop and mobile devices.
Desktop scores
| | Home Page | Product Category | Product Details | Search Results |
|---------------:|:-------------------------------:|:-----------------------------------:|:----------------------------------:|:---------------------------------:|
| Desktop | 
| 
| 
| 
|
| Performance | 
| | | |
| Accessibility | 
| | | |
| Best Practices | 
| | | |
| SEO | 
| | | |
| PWA | 
| | | |
Mobile scores
| | Home Page | Product Category | Product Details | Search Results |
|---------------:|:---------------------------------:|:-----------------------------------:|:----------------------------------:|:---------------------------------:|
| Mobile | | | | |
| Performance | 
| 
| | |
| Accessibility | | | | |
| Best Practices | | | | |
| SEO | | | | |
| PWA | | 
| | |
Known issue
When a user logs out, that user's local storage session persists. As a result, the cart ID from the logged out user is retrieved and given to the guest user on the computer. This causes the following error when the guest user tries to check out: An error has occurred. Please check the input and try again. To resolve this issue, try disabling graphql session sharing as described in the GraphQL documentation on session cookies here: https://devdocs.magento.com/guides/v2.4/graphql/authorization-tokens.html#session-cookies.
Upgrading from a previous version
Use the steps outlined in this section to update your [scaffolded project][] from 14.3.0 to 14.3.1 See [Upgrading versions][] for more information about upgrading between PWA Studio versions.
Updated package dependencies
Open your package.json file and update the PWA Studio package dependencies to the versions associated with this release.
The following table lists the latest versions of each package as of 14.3.1. The bolded versions with an asterisk (*) are the packages that were updated from PWA Studio 14.3.0.
NOTE: Your project may not depend on some packages listed in this table.
| Package | Latest version |
|----------------------------------------|----------------|
| babel-preset-peregrine | 1.3.3 |
| create-pwa | 2.5.7 |
| experience-platform-connector | 1.0.10 |
| upward-security-headers | 1.0.18 |
| venia-sample-backends | 0.0.12 |
| venia-sample-eventing | 0.0.11 |
| venia-sample-language-packs | 0.0.19 |
| venia-sample-payments-checkmo | 0.0.17 |
| venia-sample-payments-cashondelivery | 0.0.2 |
| venia-product-recommendations | 1.0.2 |
| plugin-braintree-three-d-secure | 1.0.0 |
| venia_pwa_live_search: | 1.0.0 |
| pagebuilder | 9.3.5* |
| peregrine | 15.5.2* |
| pwa-buildpack | 11.5.4 |
| pwa-theme-venia | 2.4.0 |
| upward-js | 5.4.2 |
| upward-spec | 5.3.1 |
| venia-concept | 14.3.1* |
| venia-ui | 11.7.0 |
| magento2-pwa | 0.10.2 |
| magento2-pwa-commerce | 0.1.5 |
| magento-venia-sample-data-modules | 0.0.6 |
| magento-venia-sample-data-modules-ee | 0.0.6 |
| magento2-upward-connector | 2.1.5 |
| upward-php | 2.1.4 |
| pwa-live-search | 1.0.0 |
FAQs
Venia PWA Concept Storefront for Magento 2
The npm package @magento/venia-concept receives a total of 258 weekly downloads. As such, @magento/venia-concept popularity was classified as not popular.
We found that @magento/venia-concept demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Package last updated on 08 Aug 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025