If there's a security flaw in your code, it will still exist.

## Be Nice

First of all, be nice. 😊

You probably are super nice if you were added to the team, but it's worth mentioning it. 🤓

### When Things are Difficult

When things are great, everything is easier, so that doesn't need much instructions. But when things are difficult, here are some guidelines.

# Security { #security }

There are many ways to handle security, authentication and authorization.

And it normally is a complex and "difficult" topic.

In many frameworks and systems just handling security and authentication takes a big amount of effort and code (in many cases it can be 50% or more of all the code written).

            fail("Constructor with Context parameter should exist");
        }
    }

    // Note: This test is simplified because complex Tomcat Context mocking
    // is difficult to maintain due to frequent API changes.
    // The focus is on testing the class structure and basic functionality
    // that can be verified without full integration testing.

 *   <li>hasNext();
 *   <li>remove();
 *   <li>next();
 * </ol>
 *
 * <p>This particular order of operations may be unrealistic, and testing all 3^5 of them may be
 * thought of as overkill; however, it's difficult to determine which proper subset of this massive
 * set would be sufficient to expose any possible bug. Brute force is simpler.
 *
 * <p>To use this class the concrete subclass must implement the {@link

 *   <li>hasNext();
 *   <li>remove();
 *   <li>next();
 * </ol>
 *
 * <p>This particular order of operations may be unrealistic, and testing all 3^5 of them may be
 * thought of as overkill; however, it's difficult to determine which proper subset of this massive
 * set would be sufficient to expose any possible bug. Brute force is simpler.
 *
 * <p>To use this class the concrete subclass must implement the {@link

# `VERSION` parameter.
# Note: 'Templatizing' this and the other conditional branches would require
# defining several variables (version, os, path) making it difficult to maintain
# and extend for future modifications.
case "${VERSION}" in
devtoolset-7)
  # Download binary glibc 2.12 shared library release.

# `VERSION` parameter.
# Note: 'Templatizing' this and the other conditional branches would require
# defining several variables (version, os, path) making it difficult to maintain
# and extend for future modifications.
mkdir -p glibc-src
mkdir -p glibc-build
cd glibc-src

Doing that in separated functions that don't share logic or variables together is more difficult as you would need to store values in global variables or similar tricks.

Because of that, it's now recommended to instead use the `lifespan` as explained above.

## Technical Details { #technical-details }

### OpenAPI support { #openapi-support }

OpenAPI doesn't support a way to declare a *path parameter* to contain a *path* inside, as that could lead to scenarios that are difficult to test and define.

Nevertheless, you can still do it in **FastAPI**, using one of the internal tools from Starlette.