spryker · andriitserkovnyi · Oct 20, 2023 · Oct 5, 2023 · Oct 9, 2023 · Oct 9, 2023
diff --git a/docs/scu/dev/features/integrating-code-releases.md b/docs/scu/dev/features/integrating-code-releases.md
@@ -0,0 +1,43 @@
+---
+title: Integrating code releases
+description: Spryker Code Upgrader automatically integrates code releases
+template: concept-topic-template
+---
+
+Spryker architecture provides extensibility of different modules by using extension points in the project code. With Spryker Code Upgrader, the process of integrating plugins, configuration updates, adding new translations, and other code changes is automated. As a result, to add new features, developers don't need to manually apply code changes.
+
+The upgrader supports the following extension points:
+- Configuration:
+  - Module
+  - Environment
+- Copying module files
+- Adding and removing the following:
+  - Plugin
+  - Navigation element
+  - Widget
+  - Glue relationship
+- Adding the following:
+  - Transfer definition
+  - DB schema definition
+
+## Release rating
+
+The release rating is a measure of the integrability coverage of a code release. It  represents the percentage of automatically integratable plugins, configurations, schemas, and other components.
+
+This rating is determined during internal testing, where the generated integration code is compared with the manually released code to assess the level of integration achieved. If both are equal, then the release is fully integratable.
+
+There are type of releases that provide only dependency updates without any code integrations, so-called module-only releases. Such releases have 100% coverage.
+
+The Upgrader's PRs contain the rating for the suggested releases.
+
+# Enable and configure
+
+The Integrator is enabled by default. It integrates the releases with rating 70% or more. You can adjust this treshold to your requirements in Spryker CI.
+
+After a release is integrated, a style fixer is applied to the changed files. We recommend implementing your own style fixer to expose project-specific code style conventions.
+
+# What to do if you see a generated code, that is not valid
+
+1. Make sure that your project code follows the Upgradability Guidelines and passes the [Evaluator check](/docs/scos/dev/guidelines/keeping-a-project-upgradable/run-the-evaluator-tool.html).
+2. You can try manually correcting the generated code as a quick fix.
+3. If none of the above solutions work, please contact us for further assistance.
diff --git a/docs/scu/dev/features/integrating-security-releases.md b/docs/scu/dev/features/integrating-security-releases.md
@@ -0,0 +1,32 @@
+---
+title: Integrating security releases
+description: How Spryker Code Upgrader works with releases related to known security vulnerabilities
+template: concept-topic-template
+---
+
+Being on top of security releases of your vendor or third parties is very crucial:
+* *Vulnerability mitigation*: Security updates often address known vulnerabilities or weaknesses in software. Installing these updates helps to mitigate these vulnerabilities, reducing the risk of unauthorized access, data breaches, or malicious activities.
+* *Enhanced protection and risk mitigation*: Security updates typically include patches and improvements that enhance the overall security of the system.
+* *Regulatory compliance*: Many regulatory bodies require organizations to maintain up-to-date security measures, which often includes installing security updates promptly. Compliance with these regulations reduces legal and financial risks and helps to maintain a positive reputation and trust with stakeholders and customers.
+
+## Coverage of security releases
+
+The static code analysis tools provide the capability to detect various known vulnerabilities. These tools assist in identifying and preventing potential security risks from the following sources:
+* Spryker security releases
+* PHP ecosystem
+* NPM ecosystem
+
+## Spryker Security releases
+
+A security release is a type of release that aims to deliver vulnerability fixes rather than introducing new features or functionalities.
+Here's an example of a security release: [4753](https://api.release.spryker.com/release-group/4753).
+
+Even though security releases are applied alongside other releases, they are prioritized to ensure a quick delivery of critical security updates.
+
+## Installing security releases
+
+Automatic installation of security releases is only available for minor releases. The major releases require a manual installation.
+
+## Checking for available security fixes
+
+To check for available security fixes for your project, [run the evaluator tool](/docs/scos/dev/guidelines/keeping-a-project-upgradable/run-the-evaluator-tool.html).
diff --git a/docs/scu/dev/features/upgrade-verification.md b/docs/scu/dev/features/upgrade-verification.md
@@ -0,0 +1,30 @@
+---
+title: Active detection of incompatibilies
+description: How Spryker Code Upgrader actively detects and warns you when your code becomes incompatible with the code in upgraded modules
+template: concept-topic-template
+---
+
+It is very important for Spryker Code Upgrader to ensure stability of the upgrades. On the one hand you have your automated tests that you rely on, those tests are run in your CI system and you use them before you merge the pull request created by Spryker Code Upgrader. On the other hand and in addition we run a number of code checks to offer an early warning system even without having a full context or knowledge of your project.
+
+# Validations and warnings
+
+The upgrader offers validations ensure the accuracy and safety of the upgrade process.
+The warnings provide guidance on potential risks or necessary actions for a successful upgrade.
+
+Warning types:
+- Major code releases warning.
+  All the major releases should be installed manually to integrate the BC breaks.
+- PHP Broken Files.
+  Phpstan checks project code after each release application and provides corresponding warnings.
+- Conflict between project class, which extends a private class in a Spryker module, and a changes made by Spryker in their latest release.
+  To resolve this conflict you need to re-write the custom class with the necessary changes.
+- Module name conflict warnings.
+  Custom project module has the same name with spryker released module and should be renamed.
+- Release integration warnings (warnings related to the integration process)
+- Upgrader warnings (warnings related to the upgrader process)
+
+# What to do when you see these warnings in the PR?
+
+In most cases, warnings come with specific information that helps you identify the class or file needed to fix the issue.
+Most of these issues are easily fixable in your IDE.
+