SafeERC20 vs. SafeERC20Upgradeable

Dear OZ team,

we have a series of smart contracts that are upgradeable. Within their code, they work with (external) IERC20 tokens, eg. to receive payments and transfer payouts.
We are using the IERC20 contract as variable type, not the IERC20Upgradeable, since we believe that this is sufficient as long as none of the contracts we will deploy is an ERC20 token that inherits from IERC20 (otherwise we would need to use IERC20Upgradeable).
Is that correct so far?

Assuming the above is correct, when we work with IERC20 tokens in the code of our upgradeable contract and we want to use SafeERC for token transfers, is it OK to just use the SafeERC20 contract or do we have to use the SafeERC20Upgradeable version?

My opinion is that because its within the code only, the normal version is fine. But another dev reviewed our code base and suggested this, so we are unsure.

Please could you comment?

This is an example contract to demonstrate what I mean:

// SPDX-License-Identifier: MIT
pragma solidity 0.8.4;

import '@openzeppelin/contracts/token/ERC20/IERC20.sol';
import '@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol';
import './Upgradeable.sol';

contract Example is Upgradeable {   // contract is being made upgradeable through inheritance
  using SafeERC20 for IERC20;   // do we need to use upgradeable versions here for both SafeERC20 and IERC20?

  function test(IERC20 token, uint256 amount) external {
    token.safeTransferFrom(_msgSender(), address(this), amount);



SafeERC20 and SafeERC20Upgradeable are the same. The reasons we rename it are 1) to make it clear that the code is safe for upgradeability, and 2) to avoid potential clashes with the original one.

You can use either. If you're using the Upgrades plugins to check safety (which you should), then this is ok. If you're not using them, I would recommend sticking to the Upgradeable variant because it gives you a better guarantee of safety.