changes for 2.0 #4
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This all makes good sense! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a major.backwards-incompatible set of changes to this module Because there are opportunities to break things, I want to put here the reasons for the changes and an assessment of the possible problems.
Prior to these changes ordering of checks was assumed to be the responsibility of this module. However the ordering itself is business-specific (different businesses may weigh different criteria differently) and proved to be brittle. Since this is a public module, it is a bad idea to have business-specific logic in it.
So what this does is returns the full set of concerns from the report back to the calling application. This means that instead of an ordered series of checks with one key set, you now get a hashref woth all applicable keys set. If Experian thinks the individual is on a PEP and a terrorism list, and the age verification has failed, the application has to decide what to do about these three.
This also means that it is possible to get a full verification result along with a deny so code needs to be audited before upgrade regarding the handling of the order (not that the order didn't pose risks in the current version, but the problems are different here).