baloise / corellia Goto Github PK
View Code? Open in Web Editor NEWB2B-interface (Web-API) specification for (insurance) contract data
License: Apache License 2.0
B2B-interface (Web-API) specification for (insurance) contract data
License: Apache License 2.0
being able to construct an ErrorResponse from Java
Exception due to neither having No-ArgsConstructor nor a JSON creator annotated constructor
Vulnerabilities
DepShield reports that this application's usage of org.yaml:snakeyaml:1.24 results in the following vulnerability(s):
Occurrences
org.yaml:snakeyaml:1.24 is a transitive dependency introduced by the following direct dependency(s):
• io.swagger.core.v3:swagger-jaxrs2:2.1.0
└─ io.swagger.core.v3:swagger-integration:2.1.0
└─ io.swagger.core.v3:swagger-core:2.1.0
└─ com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.10.1
└─ org.yaml:snakeyaml:1.24
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of com.fasterxml.jackson.core:jackson-databind:2.9.9 results in the following vulnerability(s):
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Calling the Rest Endpoints leads to Resteasy Exceptions like this:
Caused by: org.jboss.resteasy.core.NoMessageBodyWriterFoundFailure: Could not find MessageBodyWriter for response object of type: ch.baloise.corellia.api.entities.ErrorResponse of media type: application/octet-stream at org.jboss.resteasy.core.ServerResponseWriter.writeNomapResponse(ServerResponseWriter.java:110) at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:187) ... 56 more
They are the same.
OpenAPI states 0.1.0 <--> artifact / release tags 1.0.1
Vulnerabilities
DepShield reports that this application's usage of yargs-parser:7.0.0 results in the following vulnerability(s):
Occurrences
yargs-parser:7.0.0 is a transitive dependency introduced by the following direct dependency(s):
• api-spec-converter:2.7.32
└─ swagger2openapi:2.9.4
└─ yargs:9.0.1
└─ yargs-parser:7.0.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Due to an evolvement in business requirements we would like to remove Person and Company from the Payment entity.
As by this change the Payment entity now only will consist of one field, we propose to remove the entire payment entity and to pull up the paymentCode to Contract level.
It'd be useful having permalinks in our OpenAPI specifcation files (v2 and v3)
https://stackoverflow.com/questions/52703804/how-to-link-to-another-endpoint-in-swagger
There are no such links.
This is supposed to be an optional field.
Currently it's mandatory.
Vulnerabilities
DepShield reports that this application's usage of lodash.get:4.4.2 results in the following vulnerability(s):
Occurrences
lodash.get:4.4.2 is a transitive dependency introduced by the following direct dependency(s):
• api-spec-converter:2.7.32
└─ sway:2.0.5
└─ z-schema:3.25.1
└─ lodash.get:4.4.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
The image format is properly described in our OpenAPI spec.
The current description is not necessarily easy to understand.
release plugin does not work as expected, we have to bypass mechanism by releasing manually
Vulnerabilities
DepShield reports that this application's usage of mem:1.1.0 results in the following vulnerability(s):
Occurrences
mem:1.1.0 is a transitive dependency introduced by the following direct dependency(s):
• api-spec-converter:2.7.32
└─ swagger2openapi:2.9.4
└─ yargs:9.0.1
└─ os-locale:2.1.0
└─ mem:1.1.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash:4.17.19 results in the following vulnerability(s):
Occurrences
lodash:4.17.19 is a transitive dependency introduced by the following direct dependency(s):
• api-spec-converter:2.7.32
└─ google-discovery-to-swagger:2.0.0
└─ lodash:4.17.19
└─ lodash:4.17.19
└─ raml-to-swagger:1.1.0
└─ lodash:4.17.19
└─ sway:2.0.5
└─ json-refs:3.0.12
└─ graphlib:2.1.7
└─ lodash:4.17.19
└─ lodash:4.17.19
└─ lodash:4.17.19
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
As a user / evaluator of this web API I'd like to have a couple of good samples requests / payload to easily see what to send / receive.
There are no such examples available.
Please install our new product, Sonatype Lift with advanced features
Vulnerabilities
DepShield reports that this application's usage of static-eval:0.2.3 results in the following vulnerability(s):
Occurrences
static-eval:0.2.3 is a transitive dependency introduced by the following direct dependency(s):
• api-spec-converter:2.7.32
└─ google-discovery-to-swagger:2.0.0
└─ jsonpath:0.2.12
└─ static-eval:0.2.3
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
API doc update required.
Currently, the Contract object has date properties, and API docs are missing time zone information in which date should be send.
I suggest:
creationDate
- the day the contract was issued. ISO 8601 UTC.startDate
- Start of contract which means start of insurance coverage. ISO 8601 UTC.endDate
- End of contract which means end of insurance coverage. ISO 8601 UTC.Btw, supporting hours and minutes - would make sense and make data more precise.
E.g. sending date as 2019-12-17T10:28:21Z
We want to be able to identify the caller clearly and simply.
Therefore we propose to add a unique caller id field on the request structure.
The unique caller id will be determined by the callee (in our case Basler).
Codacy and SonarQube lead to similar results.
They have contradictory results; hence I'd like to stay with the sonarqube findings / standards for now.
Currently language is an optional field - which is not true from a business perspective.
We will fix this in the next upcoming version by making a language mandatory.
Add a default constructor to ErrorResponse class to enable Java reflection, which is used in most REST clients.
E.g. by using jakartaee/rest#535
Change INTERNE_KORRESPONDENZ to a meaningfull expression.
We should think about using a unified naming scheme here.
The only information missing for a company to be processed automatically without providing a UID is the legal form information.
Currently a company has to provide a UID to be found and processed by our systems.
Add field legalForm to the company model.
The field should be validated. Either the UID or the other information incl. legalForm should be available.
The valid values for this field is the crediForm list:
Code | Description |
---|---|
01 | Privatperson |
10 | Einzelunternehmen |
15 | Gewerbebetrieb |
20 | Einfache Gesellschaft |
21 | Kollektivgesellschaft |
22 | Kommanditgesellschaft |
23 | Treuhänderschaft/Treuunternehmen |
25 | Erbengemeinschaft |
29 | Europäische Gesellschaft |
30 | Genossenschaft |
31 | Aktiengesellschaft |
32 | Kommandit Aktiengesellschaft |
33 | GmbH |
34 | Stiftung |
36 | Verein |
38 | Anstalt LI |
40 | Formloser Bericht |
41 | Zweigniederl. ausländ.Gesellsch. |
55 | Institut des öffentl. Rechts |
Vulnerabilities
DepShield reports that this application's usage of lodash.isequal:4.5.0 results in the following vulnerability(s):
Occurrences
lodash.isequal:4.5.0 is a transitive dependency introduced by the following direct dependency(s):
• api-spec-converter:2.7.32
└─ sway:2.0.5
└─ z-schema:3.25.1
└─ lodash.isequal:4.5.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
See #23
Hi @sauterl - can you tell whether this branch is still relevant? Please file a PR or delete if no longer required- thanks!
API should provide support for contract cancellations
no op available
We could think about making use of: https://github.com/zalando/jackson-datatype-money
There are duplicate chapters; broken layouts and redundant / outdated descriptions.
being able to provide lower or upper case String as enum values
Exception:
com.fasterxml.jackson.databind.exc.InvalidFormatException: Can not deserialize value of type ch.baloise.corellia.api.entities.Document$MediaType from String "application_pdf": value not one of declared Enum instance names: [IMAGE_GIF, IMAGE_BMP, APPLICATION_PDF, IMAGE_PNG, IMAGE_TIFF, IMAGE_JPEG]
at [Source: ch.basler.common.service.camel.helper.ServletByteArrayInputStream@64cbf1ac; line: 3, column: 15] (through reference chain: ch.baloise.corellia.api.entities.Document["mediaType"])
use lowercase MediaType string in JSON-Request
See #25
travis-ci.org will be closed down December 31st, 2020
Announcement: https://mailchi.mp/3d439eeb1098/travis-ciorg-is-moving-to-travis-cicom
Migration guide: https://docs.travis-ci.com/user/migrate/open-source-repository-migration
See PR #48
Add support for PNG, BMP and GIF when uploading documents.
The following field will be added to the uploadContract API endpoint:
product.coverables.riskLocationRef
This new field is an alternative to the already existing
product.coverables.riskLocation
Both fields will be optional and only one is used to attach a risk location to a contract.
The http status codes
https://www.restapitutorial.com/httpstatuscodes.html
are the main indicator for error analysis.
To make it easier to distinguish errors we want to change the ErrorCause in our ErrorResponse as follows:
So far we had 2 Causes:
We want to change that to
This means inputValidation will have httpClientErrorInputValidation as cause and badRequest will have httpClientError or httpServerError as cause.
This will reflect the http status codes 4xx to httpClientError and 5xx to httpServerError.
Before badRequest coud be 4xx or 5xxx.
A release should be publicly buildable and available for this repo.
One has to build an publish locally at the moment.
We propose to add an eventId which has to be unique per event.
According to the Zalando REST API Guidelines
https://opensource.zalando.com/restful-api-guidelines/#211
We would like to follow this recommendation for ease of communication and explicit idempotency reasons.
The project could not be analyzed because of maven build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
The following field have to be added to the create contract API endpoint.
Fields
Example JSON
{
...
"transaction": {
"type": 21,
"reason": 51,
"effective": "2019-11-07"
},
"contract": {
"id": "EXT-TEST-001",
"type": "EXT"
},
"termsOfService": {
"type": 1368,
"year": 2019
},
"payment": {
"code": 1234,
"recurringType": 211,
"dueDate": "2019-11-07"
},
"stampTaxCode": 1801,
"products": [
...
"coverables": [
{
...
"riskLocation": {
"street": "Gartenstrasse",
"houseNumber": "95",
"zipCode": "4052",
"city": "Basel"
}
}
]
...
],
"roles": [
{
"partnerNr": "any-partner-nr"
}
]
...
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.