(Putting this here in an external-memory/thinking-out-loud sort of way)
Prior to Magento 2’s release, Magento executives circulated the idea that Magento 1 would reach its “end-of-life” three years after the release of Magento 2. Magento 2 was released November 17, 2015, which means Magento 1 reaches its end-of-life November 18, 2018.
However – it’s not entirely clear what end-of-life means for Magento 1.
If Magento 1 was a web application, end-of-life would mean the servers would be shut off.
If Magento 1 was a software application that was regularly updated, end-of-life would mean no more updates.
Magento 1 is neither of these.
Making things extra challenging is Magento Inc. itself, as a whole, has been pretty cagey about being pinned down on what end-of-life really means.
End-Of-Life for Community Edition
First, despite the three years from Magento 2 messaging circulated at conferences, there’s no official public road map for the end-of-life date. The best we have is this screenshot from a Meet Magento presentation, and this twitter exchange from two Magento employees.
Second – there’s no plan for what end-of-life means. For Community Edition (CE) users it’s reasonable to assume that end-of-life will mean and end to the (already irregular) security patches for Magento 1 versions. This would be a bad thing for organizations that need to submit to PCI, and other security related, audits.
It’s also reasonable to assume that Magento Connect will be shut down, which means the Connect Downloader and
./mage commands will stop working. Outside of that, there’s an enormous ecosystem of third party service providers with services (enabled by extensions) for Magento 1 systems. While Magento Connect will dramatically reduce the number of folks who find these services, there’s nothing magic about Connect. i.e. These services will still be able to distribute their extensions themselves to Magento 1 users. Whether they continue to do so will depend on their revenues from Magento 1 users, and their relationships with Magento Inc.
End-Of-Life for Enterprise Edition
Magento Enterprise Edition (EE) users face the same situation as CE users, with a few additional wrinkles.
First, there’s always been vague, nebulous business and legal reasons for organizations of a certain size or character to pick EE over CE. It seems reasonable to assume that, whether you think these are real benefits or just a sales hook, they’ll be gone come end-of-life.
Also, at various points of EE’s lifecycle a license included vendor support from Magento. If this support is still a thing, and organizations are still using it, that support will be gone come end-of-life.
Finally – there’s one gigantic scary thing that has to be back-of-mind for every EE license holder. Enterprise Edition is, technically speaking, commercially licensed (not open source) software. From a legal perspective, (depending on your license contract), you use it at the pleasure of Magento Inc.
In a nightmare scenario, driven by an aggressive sales team, it’s possible that Magento could threaten legal action for continued use of EE past the end-of-life date. Under this sort of threat, an EE merchant would be forced into either a Magento 2 upgrade, taking on a costly downgrade project to Magento 1, or continuing to run their EE system under the radar hoping to avoid legal sanction.
This would be a ludicrous posture to take from a PR/marketing perspective, but we live in the age of accelerated capitalism, and weirder things have happened in private equity driven enterprise sales pipelines.
Picking up the CE Torch
One idea that’s floating around is a community driven effort around maintaining Magento 1 as a separate project. While anything is possible with open source, it’s hard to see this as an attractive option.
Technically speaking, Magento 1 is a system loaded with technical debt. The debt of its own making, the debt of reliance on Zend Framework 1.x components, and the debt of being a pre-composer project.
Beyond the technical challenges involved, there’s also legal/liability concerns. One unavoidable fact of ecommerce systems is they all involve the transfer of money via credit cards and other authorization/authentication systems. This, plus the rugged untamed world of PHP hosting, makes Magento 1 a popular target for skimmer hacks.
Also, in another sales driven nightmare scenario, there’s the question of what Magento Inc.’s posture towards this sort of project would be. It’s not hard to imagine some hard-charging/ambitious sales team seeing the continued existence of Magento 1 as a threat to their pipeline.
Maintenance of Magento 1 as a separate project would be a full-time job. Anyone with the skills, ambition, and passion to do so probably has other, more interesting opportunities on their plate.
The only glimmer of hope Magento 1 community edition has is its sheer number of users. Magento 1 was the last great PHP CMS that competed for consumer attention. It’s not hard to imagine over 100,000 systems staying on Magento 1 CE past end-of-life, which puts Magento Inc. in an odd place. As these users start to weather the storm of using an unsupported platform, more and more bad trade press about Magento 1 systems will be generated.
It’s hard to imagine Magento Inc. standing for this sort of bad press. However, unlike the 2014 shutdown of Magento Go, both the sheer number of these users and their relatively complex (not Saas) but low annual revenue (not Magento 2) needs means there’s no clear migration path away from Magento for them.