We shouldn't make suggestive judgement calls, what should be in and what should not be in. The code is not supposed to become unsupported. What guarantees can we install that a library chooses a particular app ? Let's have a minimal core solution. Who are we to dictate what the libraries should get. We shouldn't. Dale: Make module inclusion totally optional ? Harry: It's not working today. We need more time to build the features than we need to release. Re-Share apps are actually FOLIO apps. But they are not included in the FOLIO apps. What's wrong with that ? Some libraries are running Re-Share but not an ILS based on FOLIO.
Jason: UI module disentangling is being done at TAMU. Won't need to build all Frontend modules at a time. Untwining the UI pieces. Need NPM node package manager to build a UI module. Another way to build your own backend modules: Amazon RDS mount , Amazon S3. Ingolf: To maintain your own backend modules, you need to maintain your own institutional Docker Repo. Jason: For frontend modules, you need your own NPM repo. E.g. SonaType Nexus. Jason: We built in-app workflows at TAMU. mod-oai-pmh is home brewed. There is still no documentation for the Okapi container!
"Grooming" of Technical need met when standing up FOLIO installs
Jason: There are Security issues in Edge modules. Authorization is being handled by API keys. Anyone could probably guess these keys. I could probably check out books from UChicago. It is not really secure. Dale: Mightn't is be easier to change user and password ? Jason: You don't need to know the password. It does not incorporate the password. It just adds a little SALT. Dale: It sounds like an easy fix. Generate API key by a combination of tenant id, user , other. It is even in the edge common documentation. Jason: Here’s what the edge module says: Security: "For now, some level of security is achieved via API Keys. Eventually we may want to implement a more sophisticated security model, e.g. based off of OAuth2, etc."