NexoPOS 5.2.3
#1866
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
-
This update was mainly made to update NexoPOS libraries and to add new feature that is a must of the SaaS module we're building around NexoPOS.
Autoload Module
Now, you can set the module that will always been activated regardless of whether they have been activated or not from the dashboard. While we know this might have serious security consideration, we believe having such module can for example prevent unaware users to mistakenly disable, delete or download a system module that can be created by a developer.
For hacker, it might be an opportunity to install module that the end user cannot control from the dashboard. We however believe, anyone having access to the .env file to edit it for enabling a compromised module, can yet perform more worst operation. Therefore, the security should the be considered on the file access end first.
How It works
You just have to set on the .env file a variable "AUTOLOAD_MODULES" that access modules namespaces separated by a comma.
Not all module are likely to be autoloaded. For security, stability purpose, we only restricted this feature to module not having any dependency. This will prevent situation like an autoloaded module depends on a not autoloaded module. If that not autoloaded module is removed for some reason, the app will crash.
Changelog:
This discussion was created from the release NexoPOS 5.2.3.
Beta Was this translation helpful? Give feedback.
All reactions