Ensure software and components we depend on are maintained

What is the need / problem

Not having updated step by step the dependencies we have built on (Spree, Rails, etc.) have driven us to a point where we start to have security issues and the cost to upgrade is higher as we develop more and more things to adjust later on.

Who does it impact

Everyone, devs, users, etc.

What is the current impact of this problem

Security issues, and time (thus money) consuming to keep on development. Not resilient at all on a long term.

What is the benefit in focusing on this

Ensure the future health and performance of the OFN platform

Links to more details

• Start of discussion on GH on Rails upgrade: https://github.com/openfoodfoundation/openfoodnetwork/issues/1943
• project page for Spree upgrade: [FEAT] Spree Upgrade

Potential solutions that will solve this problem

First feature candidate = Spree upgrade till 2.0
Then will be some Rails upgrade potentially.

This is more like a meta objective, it’s not something that can be prioritized, I’m just closing it for now. Also tech debt is handled separately, so doesn’t have to be in here.

This is more like a meta objective, it’s not something that can be prioritized, I’m just closing it for now. Also tech debt is handled separately, so doesn’t have to be in here.