Vulnerability in EPiServer.Forms
Somewhere between v126.96.36.199 and v188.8.131.52 a lot of things have been made internal in EPiServer.ContentApi.Commerce, e.g. the ProductContentApiModel. This means you cannot extend it in a model mapper. You could use the ContentApiModel, but then you lose the assets, so that's not really an option.
Same here. We want to extend Content Delivery API for Commerce by using CommerceContentModelMapper or implementing a ICatalogContentModelBuilder.Since everything is internal, this is not possible.
Any plans on making this public, just like the content/CMS part of the API?
I will file a bug for the CD team to look into this (I'm not saying it's a bug, just something for them to look into). Will get back to you once I hear from them
Any news on this? Really feels like EPiServer.ContentDeliveryApi.Commerce is an unfinished product without it.
Unfortunately no, and I will try to ping the CD team but it is still up to them to decide and priotize
You definitely seem to be correct. This happened a long time ago and I have not been able to figure out why exactly this happened. The story that introduced these changes explicitly in its description says that we should review and update the protection levels of our API before it's publicly released. But, at the time it were already at the 2.something version. As I said, I can't figure out what went wrong but there already seems to have been a misunderstanding at the time.
I have created a story to investigate and revert the changes to make the API usable in the intended way. I can't give you an ETA, but I will promote the story inside the engineering team.
The response from the Addons team which I somehow missed
In the development of CD.Commerce, we just released 2.6 and 2.7 internally (for the purpose of making release as much small as possible for QAs, and we separated milestones) and only gave EMVP the package 2.6 and 2.7 to test our solution on Yammer. And 2.9 is the first official release package of CD.Commerce and within the first release, everything is internal.