If you're using a CDN to include the Algolia libraries in your application you can specify the versions you want to use.
This can help you keep up-to-date with new releases without breaking your application. This article will help you decide the best approach for your needs.
Algolia uses semantic versioning so your strategy should take this into account.
Don't pin the version - not recommended
The above example will always get the latest release of the library from the CDN. If Algolia releases a Major new version, your application will get this and there could be breaking changes. So we don't recommend this approach.
Pin to a Major version
The above example pins to the Major version so you'll always get the latest version 4 release of the library. As Major versions shouldn't include breaking changes, this should be safe most of the time. However due to interactions with your own code, this isn't guaranteed, so we recommend pinning to a Minor or Patch version and then testing new releases.
Pin to a Minor version
The above example pins to the Minor version so you'll always get the latest version of 4.17 including patches. This is unlikely to cause breaking changes, but pinning to a Patch version as shown below is safer.
Pin to a Patch version - recommended
<script src="https://email@example.com/dist/algoliasearch.umd.js" integrity="sha256-4VKW0mBKZ+L5cl5Ln97mb+7rHephtIsGu06NioLZ1JQ=" crossorigin="anonymous" ></script>
See our docs page here for how to securely include a library of a specific version from a CDN.
Using this method you can pin a specific version that you know works.
With this approach you can also improve security by validating the integrity of the file using Subresource Integrity as shown above. You'll need the exact link to the file as shown above. You can generate SRI hashes with a service like this: https://www.srihash.org/
How do I keep up-to-date with Algolia releases?
If you're pinning versions, you'll want to keep up with Algolia releases so you can test new versions and make sure your application stays secure and gets new features.
There are automated tools like Dependabot to do this if you're using libraries as dependencies in your code.
If you're using a CDN you might not be able to use automated tools so easily. Instead, you can get email notifications from GitHub when new versions are released. Find the library you're interested in and then Watch > Custom > Releases: