FullStackHero 10 .NET Starter Kit Release Merge#1152
Draft
iammukeshm wants to merge 272 commits intomainfrom
Draft
FullStackHero 10 .NET Starter Kit Release Merge#1152iammukeshm wants to merge 272 commits intomainfrom
iammukeshm wants to merge 272 commits intomainfrom
Conversation
Introduced a configuration-driven rate limiting feature to protect APIs from abuse, with tenant- and user-aware policies. Added `RateLimitingOptions` for global and auth-specific limits, exempting health endpoints. Updated the pipeline to include rate limiting middleware. Replaced `DatabaseOptionsLogger` with `DatabaseOptionsStartupLogger` as a hosted service for logging database provider details at startup. Removed OpenAPI annotations from health endpoints and ensured static files are unaffected by rate limiting. Added `Microsoft.AspNetCore.RateLimiting` dependency, `MailOptions` configuration, and placeholders for `AppHost` and `ServiceDefaults`. Performed code cleanup and updated documentation to reflect these changes.
Introduced a new HTTP Auditing module with request/response logging, W3C Trace Context correlation, body capture with masking, and default exclusions. Automatically integrates into the pipeline when referenced. Enhanced logging with structured Serilog configuration, correlation ID enrichment, and noise control for common frameworks. Added production best practices and example `appsettings` for JSON sinks. Improved middleware pipeline in `Extensions.cs`: - Added `ServeStaticFiles` option for early static file serving. - Adjusted CORS middleware placement. - Auto-wired Auditing middleware if referenced. Enhanced `AuditHttpMiddleware`: - Masked sensitive fields in request/response bodies. - Replaced route pattern logging with exact path logging. - Improved exception auditing and updated source identifier. Expanded sensitive field masking in `JsonMaskingService` to include `accessToken` and `refreshToken`. Introduced `AppHost + ServiceDefaults` in `Architecture.md` to outline plans for resource orchestration and deployment bridges.
Renamed and rebranded the FullStackHero (FSH) framework to Hero across the codebase. This includes updates to method names, class names, namespaces, and configuration references to ensure consistency with the new naming convention. Key changes: - Updated `AddFshPlatform` and `UseFshPlatform` to `AddHeroPlatform` and `UseHeroPlatform`. - Renamed `ConfigureDatabase` to `ConfigureHeroDatabase` in database-related classes. - Replaced `BindDbContext` with `AddHeroDbContext` in all modules. - Updated CORS, OpenAPI, and health check methods to use the `Hero` prefix. - Refactored multi-tenant database configuration to `UseHeroMultiTenantDatabases`. These changes ensure a consistent and unified naming convention for the Hero framework.
Introduced a new `Architecture.Tests` project to enforce solution-wide architectural rules, including modularity, namespace conventions, and decoupling between modules and host projects. - Added new package references in `Directory.Packages.props` for testing libraries (`xunit`, `Shouldly`, `AutoFixture`, etc.). - Updated `FSH.Framework.slnx` to include the `Architecture.Tests` project under `/Tests/`. - Created `Architecture.Tests.csproj` targeting `net10.0` with references to building blocks, modules, and the Playground API. - Added `ModuleArchitectureTests` to ensure module runtime projects do not reference other module runtime projects directly. - Added `NamespaceConventionsTests` to enforce namespace alignment with folder structure in `BuildingBlocks/Core/Domain`. - Added `PlaygroundArchitectureTests` to ensure modules do not depend on Playground host assemblies. - Introduced `ModuleArchitectureTestsFixture` for dynamic solution root discovery. - Updated `README.md` to document the purpose, structure, and usage of the `Architecture.Tests` project.
Introduced `UseHeroSecurityHeaders` middleware to enforce CSP, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy. Implemented `SecurityHeadersMiddleware` to apply these headers with exceptions for OpenAPI and Scalar UI paths. Updated JWT configurations to require HTTPS metadata, reduce token lifetimes, and validate signing key strength. Adjusted `ClockSkew` to allow minor time discrepancies. Revised the root endpoint to return a structured JSON response. Enhanced `README.md` with documentation on the new security baseline and best practices for secure deployments. Fixed formatting issues in `ConfigureJwtBearerOptions.cs` and `JwtOptions.cs`.
Introduced health checks for `AuditDbContext`, `IdentityDbContext`, and `TenantDbContext` using the `Microsoft.Extensions.Diagnostics.HealthChecks.EntityFrameworkCore` package. - Added the package reference to `Persistence.csproj` and updated its version in `Directory.Packages.props`. - Registered health checks in `AuditingModule`, `IdentityModule`, and `MultitenancyModule` with appropriate names and failure statuses. - Removed `.WithOpenApi()` from the Identity module's API endpoint configuration. These changes enhance the application's ability to monitor database health and improve resilience.
Refactored the `GetTenantByIdQuery` and related components, replacing them with the new `GetTenantStatusQuery` for detailed tenant status retrieval. - Added `TenantStatusDto` to encapsulate tenant status details. - Updated `ITenantService` and `TenantService` to support `GetStatusAsync`. - Introduced `GetTenantStatusEndpoint` and removed `GetTenantByIdEndpoint`. - Updated `MultitenancyModule` and `Program.cs` to reflect the new query. - Added `/health/live` and `/health/ready` endpoints for monitoring. - Enhanced API documentation and added HTTP request examples. - Cleaned up unused imports and improved code consistency.
Refactored `ProblemDetails` initialization using an object initializer for improved readability. Centralized HTTP status code assignment with a `statusCode` variable to reduce redundancy. Enhanced error handling for `FluentValidation.ValidationException` by grouping validation errors by property name and improving the structure of `ProblemDetails`. Improved `CustomException` handling with better property assignments and simplified error message checks. Standardized default error handling for unexpected exceptions with generic `ProblemDetails` properties. Updated logging to include exception stack traces and request paths for better debugging. Replaced direct logging of `problemDetails.Detail` with structured log messages. Ensured proper serialization and cancellation support in response writing with `WriteAsJsonAsync`.
Enhanced the `ITenantService` interface and its implementation to support paginated responses using the new `IPaginationParameters` interface and `PagedResponse<T>` class. Updated `GetTenantsQuery`, its handler, and the `GetTenantsEndpoint` to align with these changes, enabling pagination and sorting in the API. Introduced reusable pagination logic in `PaginationExtensions` and added the `PagedResponse<T>` class to standardize response shapes. Added the `IPaginationParameters` interface to define pagination and sorting parameters. Updated NuGet package versions, removed the `Mapster` dependency, and shifted to manual projection for mapping entities to DTOs. Updated the README to document the new pagination and sorting functionality. Performed minor code cleanup for improved maintainability.
Refactored `OptionsBuilderExtensions.cs` for improved readability and added MSSQL resilience with `EnableRetryOnFailure`. Updated `PaginationExtensions.cs` to decouple sorting logic and replaced `IPaginationParameters` with `IPagedQuery` for better abstraction. Enhanced `DatabaseOptions.cs` and `DbProviders.cs` with detailed documentation. Removed `IPaginationParameters.cs` in favor of `IPagedQuery`. Updated `ITenantService.cs` and `GetTenantsQuery.cs` to align with the new specification-based querying approach. Introduced specification-based querying abstractions, including `ISpecification<T>`, `Specification<T>`, `OrderExpression<T>`, and `SpecificationEvaluator`. Added `GetTenantsSpecification.cs` to encapsulate tenant-specific query logic. Improved `TenantService.cs` with cleaner, maintainable code using `ApplySpecification`. Updated `appsettings.json` for consistency and improved documentation in `README.md` to explain new abstractions and database provider configurations. General improvements to modularity, maintainability, and resilience.
Introduce `MultitenancyOptions` to control tenant migrations via `RunTenantMigrationsOnStartup`, configurable in `appsettings.json`. Update `Extensions.cs` to conditionally run tenant database setup based on this setting. Bind `MultitenancyOptions` in `MultitenancyModule.cs` for dependency injection. Add `/openapi` to the `ExcludePathStartsWith` property in `AuditHttpOptions` to exclude it from auditing. Update `README.md` to document the new multitenancy behavior and recommend settings for development and production.
Updated API routes for role, user, and tenant endpoints to follow a consistent structure. Added validation checks for route parameters, support for `CancellationToken`, and improved HTTP responses (e.g., `Results.NoContent()`). Changed `ToggleUserStatusEndpoint` to use `PATCH` and added permission requirements. Cleaned up unused imports.
Introduced new projects `FSH.Playground.ServiceDefaults` and `FSH.Playground.AppHost` to centralize and integrate resilience, service discovery, and observability features using OpenTelemetry. - Updated `Directory.Packages.props` to include new packages for Aspire services and reorganized existing package versions. - Added `builder.AddServiceDefaults()` to `Program.cs` to integrate service defaults into the application pipeline. - Created `Extensions.cs` to provide reusable methods for configuring OpenTelemetry, resilience, and service discovery. - Added `appsettings.json` and `appsettings.Development.json` for logging and Aspire-specific configurations. - Updated `FSH.Framework.slnx` to include new projects under the `/Playground/` folder. - Added `launchSettings.json` for local development profiles. - Updated `Playground.Api.csproj` to reference the new `FSH.Playground.ServiceDefaults` project.
Updated `AppHost.cs` to configure PostgreSQL and Redis containers, including database and caching setup. Modified `Directory.Packages.props` to add `Aspire.Hosting.PostgreSQL` and `Aspire.Hosting.Redis` dependencies, and updated `OpenTelemetry` package versions. Updated `FSH.Playground.AppHost.csproj` to include necessary package references. Renamed `CacheOptions` to `CachingOptions` in `appsettings.json` for consistency. These changes enhance the application's scalability and performance by integrating PostgreSQL as the database provider and Redis for caching.
Enhanced observability with OpenTelemetry for tracing, metrics, and logging, including support for OTLP exporters and resource tagging. Introduced `CachingOptions` for Redis configuration with a default key prefix and fallback to in-memory caching. Refactored database contexts to include `IHostEnvironment` for environment-specific configurations, enabling sensitive data logging and detailed errors in development. Improved multi-tenancy support by integrating tenant context in various services. Removed unused projects and files, simplifying the solution structure. Updated logging levels for better visibility in production and added caching for refresh tokens to improve token management.
Replaced OpenTelemetry-based logging with Serilog as the primary logging library, introducing `HttpRequestContextEnricher` to enrich log events with HTTP context and user metadata. Enabled conditional OpenTelemetry integration for metrics and tracing. Simplified the `OpenTelemetryOptions` class by removing `LoggingOptions`, `SamplerOptions`, and `JaegerExporterOptions`. Updated `appsettings.json` to configure Serilog with additional enrichers (`Environment`, `Process`, `Span`, `Thread`) and the `OpenTelemetry` sink for external logging. Removed unused code in `RoleService` and caching logic in `GenerateTokenCommandHandler` to streamline the codebase. Added new Serilog dependencies to the project for enhanced logging capabilities.
Removed `CreateSampler` method from `Extensions.cs` to shift sampling configuration elsewhere. Updated `ConfigureOtlpExporter` to simplify OTLP exporter setup. Added environment variables in `AppHost.cs` for OTLP exporter configuration, including endpoint, protocol, and enablement. Standardized OTLP endpoint to `http://localhost:4317` and protocol to `grpc` across `launchSettings.json` and `appsettings.json`. Updated `resourceAttributes` to use `service.name` instead of `app.name` for OpenTelemetry compliance.
Improved exception logging in `GlobalExceptionHandler` by adding detailed context properties and updating log messages. Integrated FluentValidation by registering validators dynamically in `ModuleLoader` and adding dependency injection support via `FluentValidation.DependencyInjectionExtensions`. Simplified `UserImageValidator` instantiation with a default constructor. Updated project files to include necessary FluentValidation dependencies.
Enhanced metrics collection by adding PostgreSQL instrumentation and dynamic meter configuration in `Extensions`. Introduced a `MeterNames` property in `MetricsOptions` for custom meter names. Added `IdentityMetrics` to track token generation metrics in the Identity module. Updated `TokenService` to log user emails and increment the `identity_tokens_generated` metric. Updated `appsettings.json` to include meter names for various modules. Introduced the `IdentityMetrics` class using the `System.Diagnostics.Metrics` API for managing Identity module metrics.
Refactored tenant lifecycle management by introducing a unified `ChangeTenantActivationCommand` and `ChangeTenantActivationEndpoint`, replacing legacy activation/deactivation commands and endpoints. Added `TenantLifecycleResultDto` and `TenantMigrationStatusDto` for better encapsulation of tenant lifecycle and migration data. Introduced `TenantMigrationsEndpoint` and `TenantMigrationsHealthCheck` to provide detailed migration diagnostics. Centralized permissions in `MultitenancyConstants` and updated endpoints to use these constants. Enhanced `TenantService` with validation to prevent deactivating the root tenant or leaving no active tenants. Updated documentation to reflect the new unified activation endpoint and added examples for migration diagnostics. Introduced a new test project (`Multitenancy.Tests.csproj`) and placeholder tests for tenant lifecycle operations.
Updated the solution file to include the new `Multitenacy.Tests` project. Replaced `Multitenancy.Tests.csproj` with a new version, updating the target framework to `net10.0`, adding the `<IsPublishable>` property, and revising dependencies and project references. Commented out the `TenantLifecycleTests` class, deferring its implementation due to missing configurations for authentication and test tenant environments. These changes restructure the project to improve maintainability and prepare for future enhancements.
Introduced `IdentityPermissionConstants` to centralize user and role permission constants (`View`, `Create`, `Update`, `Delete`). Added `DeleteRoleCommandHandler` to handle role deletion using `IRoleService`. Ensured null checks and asynchronous operation via `DeleteRoleAsync`. Included necessary `using` directives to support the new functionality. Refactor: Introduce Mediator and Centralize Permissions Refactored the application to use the Mediator pattern, replacing direct service calls with commands and queries. Centralized permission constants in `IdentityPermissionConstants` and updated endpoints to use these constants for consistency. Enhanced endpoint descriptions, modularity, and maintainability by introducing dedicated namespaces, DTOs, and handlers. Improved validation, error handling, and security. Simplified dependency injection by removing direct service dependencies. Streamlined role and user management with new commands, queries, and handlers. Added `IsBasic` flag to permissions for better differentiation. Standardized endpoint routing and improved user feedback for operations like password reset and email confirmation.
Upgraded the following NuGet packages: - `AutoFixture` from `4.18.1` to `5.0.0-preview0012`. - `Mediator.Abstractions` from `3.1.0-preview.5` to `3.1.0-preview.14`. - `Mediator.SourceGenerator` from `3.1.0-preview.5` to `3.1.0-preview.14`. These updates may include new features, bug fixes, or other improvements.
Removed legacy auditing classes, including `Audit`, `AuditBackgroundWorker`, and `AuditHttpMiddleware`, simplifying the architecture. Reintroduced and restructured key auditing components under the `FSH.Framework.Shared.Auditing` namespace, such as `AuditIgnoreAttribute` and `AuditSensitiveAttribute`. Added new DTOs (`AuditDetailDto`, `AuditSummaryDto`, `AuditSummaryAggregateDto`) and query classes for retrieving audit data (`GetAuditByIdQuery`, `GetAuditsQuery`, etc.). Introduced endpoints for audit retrieval, including by ID, correlation, trace, and summaries. Updated `AuditingModule` to support API versioning and new endpoints. Refactored `IdentityModule` to rename user and role endpoints for consistency. Enhanced `TenantMigrationsEndpoint` to use Mediator for tenant migration queries. Added architecture and developer guide documentation to clarify the modular design and development workflow.
Removed metadata, introductory sections, and detailed explanations from `architecture.md`, `developer-guide.md`, `Multitenancy.md`, and `README.md`. This includes architecture overviews, setup guides, module-specific details, and future plans. The changes streamline the documentation by eliminating in-depth technical details and focusing on simplicity.
…oyment guide Add Webhooks module to introduction, architecture, module-system, and project-structure docs (module count, tables, file trees, code samples). Rewrite aws-terraform-deployment from 163 to 933 lines covering all 9 reusable modules, 3-environment comparison, step-by-step deployment, security architecture, cost optimization, and troubleshooting. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…llation hero - Replace all em dashes with hyphens across 47 doc files - Add scroll-reveal animations with staggered card entrances (IntersectionObserver) - Add particle constellation background to hero section - Add hero entrance animation and terminal typing effect - Add smooth FAQ accordion using CSS grid-template-rows - Add card hover lift micro-interactions (GPU composited) - Add button hover polish and CTA glow pulse - Respect prefers-reduced-motion throughout Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Bump all mobile font sizes to readable range (0.88-1.05rem body text) - Fix author image to fill container edge-to-edge - Reduce hero bottom padding and stats section padding to close gap Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rounded pill with green version badge, hover glow, and arrow. Links to quick-start. Collapses to version-only on small screens. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Max-width 52rem, image column narrowed to 280px. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…e positioning Grid uses 340px fixed column instead of auto. Image uses position absolute with all properties !important to override Astro's generated inline styles. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Inline style on the <img> tag guarantees highest CSS specificity, overriding any Astro-generated or HTML attribute constraints. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Known Astro 6.x bug with aria-query roles destructuring in the dev toolbar audit. Does not affect production builds. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Playground.Api was renamed to FSH.Api but the solution file was not updated, causing CI build failures. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…rdening - Move terraform/ to deploy/terraform/ with docker/ and dokploy/ scaffolds - Fix: prod container_image_tag "latest" → pinned "v1.0.0" - Fix: ECS auto-scaling resource_label off-by-one - Fix: RestaurantPOS circular dependency (removed entirely) - Fix: RDS/Redis security groups restrict egress to VPC CIDR only - Fix: conflicting tfvars files (removed duplicate overrides) - Wire orphaned CloudWatch alarms module into app_stack - Add container_image_tag validation rejecting mutable tags - Add ECS propagate_tags + wait_for_steady_state - Add Redis log group KMS encryption - Remove unused random provider from rds_postgres - Remove Kubernetes.io subnet tags from network module - Remove sensitive=true from environment_variables (was masking plan output) - Add .terraform-version (1.14.0) and terraform .gitignore - Add Owner tag support to common_tags - Enable RDS parameter group with production-tuned PostgreSQL settings - Refactor env layer: shared/ root module + per-env tfvars only (zero DRY violation) - Update docs for new deploy/ paths and terraform workflow Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rename: - Folder: Playground.Api/ → FSH.Api/ - Namespace: FSH.Playground.Api → FSH.Api - Assembly: FSH.Playground.Api → FSH.Api - Container: fsh-playground-api → fsh-api - Migrations: FSH.Playground.Migrations.PostgreSQL → FSH.Migrations.PostgreSQL Aspire improvements: - Add WithLifetime(ContainerLifetime.Persistent) for dev containers - Remove hardcoded OTEL endpoint (Aspire auto-injects) - Wire Blazor to API via WithReference() + service discovery - Add WithExternalHttpEndpoints() for dashboard links - Fix CachingOptions__EnableSsl=false for local Redis - Add WaitFor(api) on Blazor project Updated across ~50 files: solution, csproj refs, AppHost, Dockerfile, CI workflow, docker-compose, VS Code configs, all migration files, test projects, module refs, Terraform, CLAUDE.md, README, docs, agents. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The project files aren't tracked yet, causing CI to fail. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add Integration.Tests project with 57 tests covering all modules: health checks, authentication, user management, roles, groups, multitenancy, auditing, webhooks, and authorization - WebApplicationFactory + Testcontainers PostgreSQL for real database testing - Manual tenant provisioning for deterministic test setup - DetailedTestExceptionHandler for better test diagnostics - Add webhook EF Core migrations (were missing) - Fix IDomainEvent to implement INotification for Mediator compatibility - Add integration test job to CI workflow - Gate publish jobs on integration test results
…1231) - Add proactive token refresh in AuthorizationHeaderHandler: check JWT expiry before sending requests and refresh 30s before it expires. This prevents the 401 → refresh → retry cycle that caused infinite loops. - Increase default AccessTokenMinutes from 2 to 15 — 2 minutes was too aggressive and guaranteed refresh storms during normal Blazor usage.
…rator The Mediator source generator (MSG0005) requires every INotification message to have at least one registered handler. Added INotificationHandler<T> implementations for all 6 Identity domain events. UserRegisteredHandler also bridges to the integration event pipeline. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Proactive refresh detection: verify near-expiry tokens trigger refresh - Refresh token rotation: verify old tokens rejected after rotation - Token expiry validation: verify correct expiry window in issued JWTs - Refreshed token expiry: verify fresh expiry after refresh
…t provisioning - Extract stale lock cleanup from Hangfire config delegate into HangfireStaleLockCleanupService (runs after app starts, not during DI) - Harden TenantStoreInitializerHostedService and TenantAutoProvisioningHostedService for reliability during startup - Add gitignore entries for Next.js client workspace
…upService The class is registered via AddHostedService but CA1812 doesn't recognize DI-based instantiation of internal classes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…rator - DomainEventsInterceptor now catches handler failures in SavedChangesAsync so side-effect errors (email, notifications) don't fail already-committed saves - UserRegisteredEmailHandler catches email failures gracefully — welcome email failures must not break user registration
The production Hangfire server uses a 30s SchedulePollingInterval, meaning enqueued tenant provisioning jobs could wait up to 30s before pickup — longer than the test's 30s polling timeout. Fix: - Override AddHangfireServer in test factory with 1s polling interval - Increase WaitForProvisioningAsync timeout from 30s to 60s - Fail fast on provisioning failure instead of silently continuing - Throw TimeoutException instead of silently returning on timeout Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ests Root cause: all 68 integration tests pass, but the process hangs during shutdown because: 1. EfCoreInboxStore.MarkProcessedAsync did a blind INSERT, causing PK_InboxMessages duplicate key violations when the same event was processed via both the direct publish and outbox retry paths concurrently. This caused outbox messages to never be marked as processed, leading to infinite retry loops. 2. UserRegisteredEmailHandler tried to send real emails in CI (no SMTP configured), failing with "Rate limited". Hangfire retried these jobs with exponential backoff (10 retries), keeping the process alive past the CI timeout. Fixes: - Make MarkProcessedAsync idempotent: check HasProcessedAsync before INSERT, and catch DbUpdateException for the concurrent race case - Register a NoOpMailService in the test factory to prevent real SMTP calls Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ntegration tests Three issues fixed: 1. OutboxDispatcherHostedService started before migrations, querying identity.OutboxMessages that didn't exist yet. Fix: disable via EventingOptions:UseHostedServiceDispatcher=false. 2. Production AddHeroJobs() registered a Hangfire server (30s polling) + HangfireStaleLockCleanupService. The test factory added a SECOND server (1s polling) without removing the first. Fix: remove all Hangfire hosted services before registering the test-only InMemory server. 3. HangfireStaleLockCleanupService tried to DELETE FROM hangfire.lock on the PostgreSQL Testcontainer which has no Hangfire schema. Fix: removed along with other Hangfire hosted services. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… and fix provisioning
- Add SyncModel migrations for IdentityDbContext (UserSessions index) and
AuditDbContext (TenantId column type) — EF Core 10 blocked MigrateAsync
with "pending model changes" warning, preventing tenant provisioning
- Remove OutboxDispatcherHostedService in test factory — it queries
OutboxMessages before migrations complete, causing startup errors
- Fix provisioning status endpoint path: /{tenantId}/provisioning (not /status)
- Add login retry for new tenant admin in isolation tests — provisioning
may still be finalizing when the login attempt fires
- AuditBackgroundWorker: catch OperationCanceledException during shutdown instead of logging it at ERROR level — cancellation during host teardown is expected - Test factory: suppress EF Core and Npgsql log noise during startup provisioning race (tenant.Tenants not yet migrated) via Serilog level overrides
…-based cache invalidation, per-version OpenAPI docs, and code quality improvements - Add Brotli + Gzip response compression middleware - Add Redis and Hangfire health checks on /health/ready - Surface traceId and correlationId in ProblemDetails error responses - Add tag-based cache invalidation (SetItemAsync with tags, RemoveByTagAsync) to ICacheService - Generate per-version OpenAPI documents (configurable via OpenApiOptions.Versions) - Add AsNoTracking to read-only EF queries in Group handlers and UpdateGroupCommandHandler - Replace read-then-delete with ExecuteDeleteAsync in session cleanup - Add explanatory comments to all intentional broad catch blocks across caching, eventing, jobs, auditing, identity, and multitenancy - Fix MultitenancyOptionsTests to match actual default values
- Fix string concatenation in structured log calls (IdentityService) - Add AsNoTracking to read-only queries (GetUserGroupsQueryHandler) - Add explanatory comments to catch blocks (WebhookDeliveryService, GetTenantMigrationsQueryHandler) - Add ConfigureAwait to middleware delegate calls (AuditHttpMiddleware)
…dd Quick Start to README - Add Webhooks.Contracts and Webhooks module to CI pack step (were missing) - Fix dotnet new template description from .NET 9 to .NET 10 - Add FSH CLI to local tool manifest (.config/dotnet-tools.json) - Add Quick Start section to README with dotnet new template and git clone paths - Add NuGet and license badges to README
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
#Architecture
scripts/openapi/generate-api-clients.ps1 -SpecUrl "<spec>"); Blazor consumes generated clients.