I’m building a project that uses OZ’s ERC721 contracts. My contract is a fork of another, which was built a year ago, and used the most up to date version of the contracts at that time (which is version 2.2) but are now a year old.
There are newer versions out since then, but I do not want to risk breaking something or introducing some attack vector in the process of upgrading, unless it is strictly necessary. Do you think this approach makes sense? Is it ok to use an older version of the ERC721 contracts in my project?
I have scanned through the patch notes since version 2.2 and I don’t think there is anything that would necessitate an update?