# sequra/magento2-core

> Core module for SeQura Payment Methods

`composer require sequra/magento2-core`

Canonical URL: https://packagento.com/sequra/magento2-core

## At a glance

- **Vendor**: sequra (https://packagento.com/sequra.md)
- **Latest version**: 3.2.2 — released 2026-06-11
- **Pricing**: Free
- **Package type**: Magento 2 module
- **Status**: active, accepting new buyers

## Installation

Packagento is licence-gated, so even free packages need a licence on a project before Composer can resolve them.

1. **Sign in or create an account** at https://packagento.com/customer/account/.

2. **Add the package to your account.** Open https://packagento.com/sequra/magento2-core and complete the free checkout. A licence is minted automatically.

3. **Create or pick a project, then activate the licence on it.**
   - Projects represent the Magento installs you deploy to. Manage them at https://packagento.com/projects/.
   - Activate the new licence on the project you'll deploy this package to. Activation is what generates the Composer credentials scoped to that project.

4. **Add the project credentials to your Magento codebase.**

   Grab the project's public + private key from https://packagento.com/projects/ (open the project, then its Credentials tab), and add them to `auth.json`:

   ```json
   {
     "http-basic": {
       "packagento.com": {
         "username": "ppk_live_...",
         "password": "psk_live_..."
       }
     }
   }
   ```

   Add the Packagento Composer repository to `composer.json`:

   ```json
   {
     "repositories": [
       { "type": "composer", "url": "https://packagento.com" }
     ]
   }
   ```

5. **Install and apply.**

   ```bash
   composer require sequra/magento2-core:*
   bin/magento setup:upgrade
   bin/magento setup:di:compile
   bin/magento cache:flush
   ```

## What it does

Core module for SeQura Payment Methods

## README

1. [About seQura](#about-sequra)
2. [Installation guide](https://sequra.atlassian.net/wiki/spaces/DOC/pages/1377304583/MAGENTO+2)
3. [Sign-up](#sign-up)
4. [For developers](#for-developers)
   - [Importing CORE UI resources](#importing-core-ui-resources)
   - [Starting the environment](#starting-the-environment)

### About seQura
#### Description

seQura is the flexible payment platform that will help your business improve conversion and recurrence. 
The easiest, safest, and quickest way for your customers to pay on installments.

+6.000 e-commerce and +1.5 million delight shoppers already use seQura. Are you still thinking about it?

This Magento 2 plugin allows you to make payments with [seQura](https://sequra.es).

#### Benefits for merchants

> Flexible payment solutions adapted to your business.

Widest flexible payment solutions in the market:

* Buy now pay later 
* Pay in 3, no interest
* Installments, up to 24 months
* Flexi, combines interest-free BNPL with long-term financing in a single purchase experience

Your customers in good hands:

* Cost transparency and clarity
* Local support teams to deliver the best shopper experience
* Secure data, we don’t share your data with anyone or use your information to sell our own or third-party products 


Obsessed with conversion and recurrence

* We adapt to your business, solutions for every sector, and buyer profile
* The highest acceptance rate in Southern Europe thanks to our own risk algorithm, created and optimized for the local market
* Instant approval. A frictionless credit-purchase experience, buy-in seconds without document uploads
* seQura marketing collateral to support your campaigns

#### Benefits for customers

* Widest range of flexible payment solutions available on the market, up to 4 different solutions to pay as you want.
* Access to credit with no paperwork, just complete 5 fields to be instantly approved
* Security and privacy, we do not sell your personal data to third parties nor share with other companies

### Installation guide

Check the [installation guide](https://sequra.atlassian.net/wiki/spaces/DOC/pages/1377304583/MAGENTO+2)

### Sign-up

Si tu comercio no está dado de alta en seQura, puedes hacerlo [aquí](https://sqra.es/signupmes) para recibir credenciales de sandbox y empezar.

If you are not a seQura merchant yet, you can sign up [here](https://sqra.es/signupmen) to get sandbox credentials and get started.

### For developers

#### Importing CORE UI resources

The seQura Magento 2 module uses the CORE UI resources from the `sequra-core-admin-fe` package. To update the resources, you need can use the provided utility script `bin/update-integration-core-ui`.

When the setup script runs, it will automatically call this utility to ensure that the latest CORE UI resources are copied into the project if the `--install` argument is provided. However, you can also run this utility manually to update the resources at any time.

#### Starting the environment

The repository includes a docker-compose file to easily test the module. You can start the environment with the following command:

```bash
./setup.sh --install
```
This will start a Magento 2 instance with the seQura module installed. You can access the admin panel at `http://localhost.sequrapi.com:8018/admin` with the credentials `admin`/`Admin123`.

> [!IMPORTANT]  
> Make sure you have the line `127.0.0.1	localhost.sequrapi.com` added in your hosts file.

> [!NOTE]  
> Once the setup is complete, the Magento root URL, back-office URL, and user credentials (including the password) will be displayed in your terminal.

Additionally, the setup script supports the following arguments:

| Argument | Description |
| -------- | ------------------------------------------------------------------ |
| `--install` | Install and copy the required assets to the module before starting the containers |
| `--ngrok` | Starts an ngrok container to expose the site to internet using HTTPS. An ngrok Auth Token must be provided either as an argument or as a variable `NGROK_AUTHTOKEN` in the `.env` file for it to work |
| `--ngrok-token=YOUR_NGROK_TOKEN` | Define the ngrok Auth Token |
| `--cloudflared` | Starts a Cloudflared container to expose the site to internet using HTTPS. A Cloudflared Tunnel Token must be provided either as an argument or as a variable `CLOUDFLARED_TUNNEL_TOKEN` in the `.env` file, and the public hostname must be set in `CLOUDFLARED_TUNNEL_URL` |
| `--cloudflared-token=YOUR_CLOUDFLARED_TUNNEL_TOKEN` | Define the Cloudflared Tunnel Token. Get yours at https://dash.cloudflare.com/ |
| `--open-browser` | Open the browser and navigate to the Magento root URL once the installation is complete |

#### Customization

When the setup script runs, it takes the configuration from the `.env` file in the root of the repository. If the file doesn't exists, it will create a new one, copying the `.env.sample` template. In order to customize your environment before the setup occurs, you might create your `.env` file. To avoid errors, is important that you make a duplicate of `.env.sample` and then rename it to `.env`

You can read the `.env.sample` file to know what are the available configuration variables and understand the purpose of each one.

#### Stopping the environment

To stop the containers and perform the cleanup operations run:

```bash
./teardown.sh
```

### Utilities

This repo contains a group of utility scripts under `bin/` directory. The goal is to ease the execution of common tasks without installing additional software.

_(README truncated for .md surface. Full README on https://packagento.com/sequra/magento2-core.)_

## Recent Versions

| Version | Released |
|---|---|
| 3.2.2 | 2026-06-11 |
| 3.2.1 | 2026-04-23 |
| 3.2.0 | 2026-03-24 |
| 3.1.2 | 2026-01-28 |
| 3.1.1 | 2025-12-16 |
| 3.1.0 | 2025-11-04 |
| 3.0.2 | 2025-11-04 |
| 3.0.1 | 2025-11-03 |
| 3.0.0 | 2025-09-09 |
| 2.7.1 | 2025-08-22 |

Showing 10 of 83 versions. Full release history on https://packagento.com/sequra/magento2-core.

## Dependencies

### Require

| Package | Constraint |
|---|---|
| ext-json | * |
| php | >=7.4 <8.6 |
| sequra/integration-core | ~5.1.1 |

### Require (dev)

| Package | Constraint |
|---|---|
| magento/magento-coding-standard | ^38.0 |

## Quality

Latest release (3.2.2) fails the Packagento QA pipeline. Verdicts below are per-cell (Magento line × PHP version) for the matrixed tools, and run-once for the static / security tiers.


### Compatibility

Each Magento line is installed on its supported PHP versions, then the module is built (DI compile + static-content deploy). Cells show passed / failed / untested; staircase gaps render as `–`.

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | Pass | Pass | – | – |
| 2.4.8 | – | Pass | Pass | – |
| 2.4.9 | – | – | Pass | Pass |


### Code Quality

Advisory checks against the module's source. Never affect the Compatibility verdict — a phpcs finding can't make a module incompatible.

#### Static Analysis

Coding standards (phpcs), mess detection (phpmd), copy-pasted code (cpd), PHP cross-version compatibility, composer.json validity. Each runs once for the whole module.

| Tool | Status | Findings | Summary |
|---|---|---|---|
| PHPCS | Fail | 59 | 4 errors, 55 warnings (ruleset: Magento2) — 4 auto-fixable with phpcbf |
| PHPMD | Warning | 41 | 41 rule violations (UnusedFormalParameter:11, UndefinedVariable:6, ExcessiveMethodLength:4, MissingImport:4, NPathComplexity:4) |
| Cpd | Pass | 0 |  |
| Composer validate | Info | 1 | valid; 1 advisory note (composer validate --strict) |

#### PHPStan

Type-checks the module against a real Magento install. Re-runs per Magento + PHP version because resolvable symbols differ between releases.

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | 92 | 92 | – | – |
| 2.4.8 | – | 92 | 92 | – |
| 2.4.9 | – | – | 92 | 92 |


### Tests

Unit and integration suites run per Magento + PHP cell. Test failures speak to the module's behaviour, not its compatibility with a line, so they're reported here separately.

#### Unit Tests

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | not tested | not tested | – | – |
| 2.4.8 | – | not tested | not tested | – |
| 2.4.9 | – | – | Error | Error |

#### Integration Tests

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | Error | Error | – | – |
| 2.4.8 | – | Error | Error | – |
| 2.4.9 | – | – | Error | Error |


### Security

Dependency-advisory audit (composer audit) plus a source malware scan. A malware detection fails the version outright.

| Tool | Status | Findings | Summary |
|---|---|---|---|
| Composer audit | Pass | 0 |  |
| Malware scan | Pass | 0 |  |

## Licence and pricing

Free. A licence is still minted on checkout and bound to your project for Composer access — no payment step.

Refundable within 14 days of first purchase via https://packagento.com/account/refunds/.

## Install via Claude Code or any MCP client

The Packagento MCP server can run the licence + project + Composer steps above in one tool call:

```
purchase_and_install_packages(
  composer_names=["sequra/magento2-core"],
  project_id="proj_xxx"
)
```

This handles cart, checkout, licence minting, project activation, and writes auth.json credentials. Connect a client with `claude mcp add packagento https://mcp.packagento.com`. Full setup at https://packagento.com/docs/mcp-setup.

## Vendor

sequra is a Magento 2 vendor on Packagento. See https://packagento.com/sequra.md for their full catalogue.

