seed
seed copied to clipboard
seedstack
The foundation of SeedStack, providing integration of carefully selected technologies to build applications or cloud services.
See: https://nvd.nist.gov/vuln/detail/CVE-2021-41303 It says that the vulnerability affect Spring Boot but it might be worth it to check if it doesn't affect Seedstack as well and to update to a...
A validation-only `ConfigurationValidationPlugin` implementing `ValidationProvider` could provide validation for general configuration anomalies: - Configuration keys that don't have a corresponding POJO field - Attempt to override `env`, `sys` and `runtime`...
Groups are not supported by the current implementation. source: http://beanvalidation.org/1.1/spec/#constraintsdefinitionimplementation-constraintdefinition-groups _It would also be a good point to re read the spec completely in order to see what is missing...
Static files can currently only be served from `META-INF/resource` directory. An improvement could be to also be able to serve files from an external directory (or a list of external...
It would be nice to have a security syntax on seedstack configuration properties, to avoid their appearence in the outputs (logs, diagnostics , ... ). By default, properties like "password"...
Right now, by default, shiro remembrs the credentials submited by the user, to prevent redundant lookups checking the realm / permission mappers and so on. That's done following the premise...
For each plugin belonging to a separate base package (ex: `org.seedstack.jpa`, `org.seedstack.seed`, `org.seedstack.business`, ...) check that all the plugins in the same base package have the same version. If not,...
A validation tool should be created. Validation would be based on a `ValidationProvider` interface like this: ``` @Facet public interface ValidationProvider { Set validate(); } ``` - This interface can...
The following specs should be tested: In core: - jta.version 1.2 (optional) - javax.annotation 1.2 - javax.validation 2.0.0 - javax.el 3.0.0 (optional) In web: - javax.servlet 3.0.0 - javax.websocket 1.0...
[Shiro.ini](https://shiro.apache.org/web.html#Web-Configuration) configuration is currently inaccessible within software configuration. Currently you have to create an AbstractModule Annotated with @Install annotation and bind the constants on the configure() method An example could...