Broadleaf Microservices
  • v1.0.0-latest-prod

Upgrade to 1.8.8

May 6, 2024

Security

To review the security related content, see 1.8.8 notes.

Tip

You will need your login credentials originally provided for accessing the Broadleaf nexus. Security fixes often involve dependency updates to remediate issues being tracked in external OSS components. It is worth considering adopting releases with security fixes (even Broadleaf Severity LOW) to avoid any possibility of transitive exposure in your codebase.

Frontend Compatibility and Release Notes

Microservices release 1.8.8 is congruent with:

  • AdminWeb 1.10.8

    • Recommended.

  • Auth JS SDK 1.5.7

    • Recommended.

  • Auth JS SDK 1.6.1

    • Recommended.

    • Same as 1.5.8 but includes upgrade of third-party dependency Axios, which may require updating tests.

  • Commerce SDK 1.5.10

    • Required for updated externally-executed 3DS/HPP checkout pattern

  • Commerce JS SDK 1.6.2

    • Required for updated externally-executed 3DS/HPP checkout pattern

    • Same as 1.5.10 but includes upgrade of third-party dependency Axios, which may require updating tests.

  • Payment JS SDK 1.2.4 (unchanged)

  • Payment JS SDK 1.3.0 (unchanged)

  • NextJS Starter 1.5.8

    • Recommended.

  • NextJS Starter 1.6.2

    • Recommended.

    • Same as 1.5.8 but includes upgrade of third-party dependency Axios, which may require updating tests.

  • Open Api 1.8.7 (unchanged)