OpenCart VS Saleor

Compare OpenCart vs Saleor and see what are their differences.

OpenCart

A free shopping cart system. OpenCart is an open source PHP-based online e-commerce solution. (by opencart)
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
OpenCart Saleor
25 85
7,210 19,931
1.1% 1.3%
10.0 9.8
5 days ago about 19 hours ago
PHP Python
GNU General Public License v3.0 or later BSD 3-clause "New" or "Revised" License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

OpenCart

Posts with mentions or reviews of OpenCart. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-26.
  • Open Cart Vulnerability Discussion on GitHub
    6 projects | news.ycombinator.com | 26 Nov 2023
    Either way the PR (https://github.com/opencart/opencart/pull/12949/files) should have been accepte. Clearly the [^a-zA-z0-9_] regex will not do what it appears to be intended to do without the delimiters.
    6 projects | news.ycombinator.com | 26 Nov 2023
    Hah, in one of the replies someone mentions a session hijacking issue https://github.com/opencart/opencart/issues/12939 but the guy's response was:

    > what a great hacker! this man should be put on a pedestal for as the worlds greatest hacker for using inspect element and copy and pasting his user_token var from the browser. now if he can only get it to work on a 3rd party who's cookie and user_token he wont know! lets not forget SSL.

    6 projects | news.ycombinator.com | 26 Nov 2023
    It was eventually fixed in another PR, despite the maintainer's lengthy ranting.

    https://github.com/opencart/opencart/pull/12951#issuecomment...

    6 projects | news.ycombinator.com | 26 Nov 2023
    The maintainer is apparently infamous for lashing out against people trying to report potential vulnerabilities.

    He had a similar attitude all the way back in 2014:

    > i'm closing this as its a waste of time.

    https://github.com/opencart/opencart/issues/1269#issuecommen...

    6 projects | news.ycombinator.com | 26 Nov 2023
  • Trying out a medusa webshop
    3 projects | dev.to | 16 Sep 2022
    OpenCart
  • onlineshop for internal use.
    2 projects | /r/selfhosted | 19 Jul 2022
    I like - https://www.opencart.com. Requires bit of configuration initially but has good customisation. Wordpress plugin - https://woocommerce.com
  • Ask HN: Who wants to be hired? (July 2022)
    12 projects | news.ycombinator.com | 1 Jul 2022
    Change to just a summary bullet point like:

       * heavy contributed to upstream OpenCart (https://github.com/opencart/opencart) project
  • Asking for a friend: how to start an Instagram business and how much it costs?
    2 projects | /r/Kerala | 16 Mar 2022
    Some quick finds: https://github.com/mhmdomer/ecommerce-laravel https://github.com/opencart/opencart
  • Solving Open Source Supply Chain Security for the PHP Ecosystem
    3 projects | news.ycombinator.com | 24 Jan 2022
    > I don't get it, who is going to pay for the time and energy required to audit everything?

    Not everything has to be audited. That's why there's different levels of attestations.

    In terms of economic incentives: If you're a company bit by one of the recent supply chain issues (colors.js, etc.), you might be able to justify hiring a security vendor to audit the code that your company depends on. This would provide a net-positive benefit to the entire ecosystem, even if it's only a small set of audited code.

    Maybe one day, we can even make this an expectation of large players. But that's a discussion for down the road.

    On the opposite end of things, you have independent security consultants that want to establish their reputation so they can get paid engagements with software companies.

    One avenue available to everyone is review open source software, report vulnerabilities to their maintainers. This can be thankless or even traumatic; i.e. https://github.com/opencart/opencart/pull/1594

    Gossamer would open an alternative approach: Hang your shingle out by publishing negative (vote-against) attestations of vulnerable versions of open source software and positive attestations (e.g. code-review) of the versions that mitigated the issues they disclosed. Anti-malware vendors (e.g. WordFence) could even issue weaker positive assertions (spot-check) for WordPress plugin/theme updates after vetting the known-good releases. Security companies depend heavily on their ability to earn trust to thrive, and that's a hard market to break into; this offers another way in.

    In short, the economic challenges you're imagining aren't the ones that this project will face. (Although, there will assuredly be challenges.)

    Companies acting in their own self-interest can be leveraged to cover the hot paths of the universal dependency graph, and security up-starts can be leveraged to cover their blind spots. Given enough time, the ecosystem will eventually reach some sort of equilibrium, and many new opportunities will be made in the process.

    > I presume the big package maintainers already have eyes on their stuff - symfony etc.

    Read the discussion on the Symfony Encryption component: https://github.com/symfony/symfony/pull/39344

    Just because they have eyes on their stuff doesn't mean that those eyes have the necessary domain-specific expertise to identify problems. If it weren't for Paragon (paragonie-security on Github) and their associates in the security industry, the issues identified in the earlier versions of the module would likely have persisted and been shipped.

Saleor

Posts with mentions or reviews of Saleor. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-03-07.

What are some alternatives?

When comparing OpenCart and Saleor you can also consider the following projects:

django-oscar - Domain-driven e-commerce for Django

Medusa - Building blocks for digital commerce

Shuup - E-Commerce Platform

Sylius - Open Source eCommerce Framework on Symfony

vendure - A headless GraphQL commerce platform for the modern web

django-shop - A Django based shop system

Open Classifieds - Yclas Self Hosted is a powerful script that can transform any domain into a fully customizable classifieds site within a few seconds.

WooCommerce - A customizable, open-source ecommerce platform built on WordPress. Build any commerce solution you can imagine.

Magento - Prior to making any Submission(s), you must sign an Adobe Contributor License Agreement, available here at: https://opensource.adobe.com/cla.html. All Submissions you make to Adobe Inc. and its affiliates, assigns and subsidiaries (collectively “Adobe”) are subject to the terms of the Adobe Contributor License Agreement.

askbot-devel - Askbot is a Django/Python Q&A forum. **Contributors README**: https://github.com/ASKBOT/askbot-devel#how-to-contribute. Commercial hosting of Askbot and support are available at https://askbot.com

Spree Commerce - A headless open source e-commerce platform for global brands