Correct. And those have mitigations.

About (1) there are several tools to mitigate those risks. One, for example, is consumer driver contract testing (which I discussed in a previous article). But there are more. Often here all the literature about DDD and microservices helps a lot.

About (2), is there a way to make it more independent? I guess that you are talking about a SaaS, I'm right? In such cases, there are techniques like keeping endpoints to the old versions. For example, having /api/v1/... /api/v2/... and so on. It's hard, but it helps to do transitions easier. And in the long run, makes things easier.

In fact, one common practice in CD is doing transformations gradually, do not break things, but roll out new things like keeping the old ones still available to give time to adapt and progress. And I am thinking, maybe that is the common thing for both problems?