Upgrade path improvements

[DavidSint]

Is there an upgrade guide? Normally I'd expect to see an explanation about what's changed and how to make the necessary changes with examples.

[beetlerom]

@DavidSint What version are you using?

[Sohitri216]

Hi @beetlerom I have tried upgrading the bloomreach sdk version to 17.1.0. npm audit report shows a critical vulnerability related to @xmldom/xmldom

@xmldom/xmldom  <0.7.7
Severity: critical
xmldom allows multiple root nodes in a DOM - https://github.com/advisories/GHSA-crh6-fp67-6883

Can you please suggest a fix for this? Thanks.

[beetlerom]

@Sohitri216 Yes a new vulnerability was discovered right after our previous patch, we will be releasing 17.1.1 soon to address that as well as others.

[DavidSint]

@beetlerom we're using v15, but as it relates to this issue, I was just saying that having an upgrade guide for versions that break changes is a general best-practice, I'd have thought. This is regardless of the versions that are being upgraded.

[DavidSint]

Here is an example from Next.js: https://nextjs.org/docs/upgrading

[hachok]

Sounds good to me! We can create an upgrading guide. @beetlerom, should we discuss it in the next chapter meeting?

[beetlerom]

@DavidSint @hachok 💯 Very much in line here, we need such a guide.

@DavidSint I was just curious what version you are using to get an idea of how far back we want the migration guide to go. v15 was on my mind, but not sure about v14 yet. Thanks!

[joerideg]

Hi guys, We have released a new Documentation Portal, you can find it at https://bloomreach.github.io/spa-sdk/docs/getting-started/ , there is also a migration guide there. We hope to improve it to better suit your needs as a developer. Please open new issues with specific suggestions on those improvements and I'm happy to take the time to sort that out. Closing this issue for now.