This Will Probably Break
Purpose
When upgrading the
develbranch, these are the files most likely to cause merge conflicts across customization branches. Any change to these files must be tested against ALL active deployments.
The Danger Zone — vuer_oss Core Files
Tier 1: Modified by 10+ branches (EXTREME RISK)
Do NOT touch without coordinating with ALL clients
| File | Branches | What They Change |
|---|---|---|
client/ui/regions/sidebar/sidebar.twig | 14 | Every client adds sidebar menu items, reorders navigation, adds icons |
client/ui/regions/sidebar/sidebar.trans.js | 11 | Every client adds translation keys for their sidebar items |
Why it’s dangerous: The sidebar is the main navigation. Every client has a different menu structure. Changes to the base template will conflict with ALL 14 branches.
Mitigation strategy: Move sidebar items to customization/ui/sidebar/ hook-based injection. Never add items directly to the base template.
Tier 2: Modified by 4-6 branches (HIGH RISK)
Test against affected branches before merging
| File | Branches | Affected Clients |
|---|---|---|
server/e-mail/Letter.js | 6 | raiffeisen, bb, cofidis, polgaribank, fundamenta, mbh |
server/web/WebServerAuth.js | 5 | microsec, barion, mvm, instacash, mbh |
server/auditlog.js | 5 | bb, cofidis, microsec, mvm, mbh |
config.js | 5 | barion, cib, unicredit, instacash, demo |
client/features/videochat/common/VideoChat/VideoChat.twig | 5 | nusz, bb, barion, mvm, demo |
server/web/WebServer.js | 4 | cofidis, cib, magnet, unicredit |
server/service/CustomerService.js | 4 | raiffeisen, kh, nusz, fundamenta |
client/features/videochat/common/Flow/Flow.styl | 4 | nusz, barion, unicredit-srb, instacash |
background.js | 4 | raiffeisen, cofidis, dap, magnet |
Tier 3: Modified by 2-3 branches (MODERATE RISK)
| File | Branches | Notes |
|---|---|---|
server/service/SelfServiceV2Service.js | 3 | raiffeisen, dap, unicredit — core self-service logic |
server/service/ExportRoomPageService.js | 3 | cofidis, fundamenta, instacash — export formatting |
server/service/TrustedTimestampService.js | 3 | barion, bb, cib — timestamp provider config |
server/portal/PortalDataBase.js | 3 | cib, nusz, unicredit-srb — portal field definitions |
server.js | 3 | raiffeisen, nusz, dap — entry point modifications! |
server/db/model/integrationLog.js | 3 | cib, instacash, mbh — model field additions |
server/web/routes.js | 2 | bb, magnet — route additions to core router |
server/service/DeviceChangeService.js | 2 | raiffeisen, kh |
server/service/SelfServiceRoomService.js | 2 | raiffeisen, generali |
server/service/FlowLiveUpdateService.js | 2 | cofidis, demo |
server/queue/rpc_server/CreateCustomer.js | 2 | cib, demo — customer creation flow |
cron.js | 2 | cofidis, microsec — cron entry point |
server/flow/FlowService.js | 1 | unicredit — but it’s the FLOW ENGINE |
The Danger Zone — vuer_css Core Files
Tier 1: Modified by 13-16 branches (EXTREME RISK)
These files are modified by almost every single branch
| File | Branches | What They Change |
|---|---|---|
client/ui/layouts/highcontrast/highcontrast.layout.styl | 16 | Accessibility styling overrides |
client/ui/styles/imports/reset.styl | 14 | CSS reset customizations |
client/ui/regions/header/header.twig | 14 | Header logo, branding, navigation |
client/ui/pages/self-service/self-service.style.styl | 14 | Self-service page styling |
client/ui/pages/self-service-auth-2-factor/...trans.js | 14 | 2FA translations |
client/ui/pages/homepage/homepage.template.twig | 14 | Landing page template |
client/ui/pages/feedback/feedback.template.twig | 14 | Feedback form |
client/ui/layouts/kiosk/kiosk.layout.styl | 14 | Kiosk mode styling |
client/ui/layouts/default/default.layout.twig | 14 | Base layout template |
web/libs/jquery/jquery-3.7.1.min.js | 13 | jQuery version (vendored) |
web/libs/bootstrap/... | 13 | Bootstrap version (vendored) |
Why it’s dangerous: These are fundamental UI templates and styles. Every client overrides them for branding. The vendored libraries (jQuery, Bootstrap) suggest branches pin specific versions.
Mitigation: These should NEVER be modified in core — use the customization layer exclusively.
Tier 2: Modified by 13 branches
| File | Branches |
|---|---|
client/ui/pages/self-service/self-service.ui.js | 13 |
client/ui/pages/self-service/self-service.trans.js | 13 |
client/ui/pages/self-service/self-service.template.twig | 13 |
client/ui/pages/waiting-room/waiting-room.template.twig | 13 |
client/ui/pages/we-are-closed/we-are-closed.template.twig | 13 |
client/ui/pages/web-sdk/web-sdk.template.twig | 13 |
client/ui/pages/ui-kit/ui-kit.* | 13 |
client/ui/regions/header/header.styl | 13 |
client/ui/regions/snackbar-container/snackbar-container.twig | 13 |
Branch-Specific Danger: Core Server Modifications
These branches modify core server files that no customization should touch
nusz — MOST INVASIVE (74 core files)
The current development deployment modifies the most core files:
- Storage engine (
engines/storage/— 7 files) — S3 support added inline - CV API wrappers (
server/cv/— 10 files) — all vision APIs modified - Videochat UI (20+ files) — extensive UI overhaul outside customization/
- DB helpers, activity model, portal data, token service
- Socket server and transport session
NUSZ Risk
If NUSZ changes get merged to devel, they will conflict with almost every other branch. If devel changes need to go to NUSZ, 74 files need manual merge.
unicredit — CV API Overhaul (19 core server files)
- Modifies every CV vision API: blink, smile, liveness, hologram, face, barcode, MRZ, document, sharpness
- Adds
CVRecipe.js,CVConstants.jschanges - Custom SFTP service, flow service modifications
dap — New RPC Endpoints (16 core server files)
- Adds 6 new RPC clients/servers for Resource Manager queuing
- Modifies
server.jsentry point - Google Play Integrity verification
- Custom supervisor configs
bb — SOAP Server + Flow System (34 core files)
- Runs a SOAP server alongside the main app
- Custom flow editor, audit log templates
- Modifies core routes and socket events
kh — Oracle Migration + SOAP (22 core files)
- PostgreSQL-to-Oracle migrator
- SOAP server integration
- Custom Nginx and Supervisor configs
- K&H-specific DB migrations
Impact Matrix: If You Change X, These Branches Break
graph LR subgraph "EXTREME RISK" sidebar["sidebar.twig\n14 branches"] sidebarTrans["sidebar.trans.js\n11 branches"] end subgraph "HIGH RISK" letter["Letter.js\n6 branches"] webAuth["WebServerAuth.js\n5 branches"] auditlog["auditlog.js\n5 branches"] configJs["config.js\n5 branches"] vcTwig["VideoChat.twig\n5 branches"] end subgraph "MODERATE RISK" webServer["WebServer.js\n4 branches"] custService["CustomerService.js\n4 branches"] bgJs["background.js\n4 branches"] end sidebar --> raiff[raiffeisen] sidebar --> kh2[kh] sidebar --> cofidis2[cofidis] sidebar --> cib2[cib] sidebar --> nusz2[nusz] sidebar --> bb2[bb] sidebar --> barion2[barion] sidebar --> microsec2[microsec] sidebar --> mkb2[mkb-instant] sidebar --> unicredit2[unicredit] sidebar --> mvm2[mvm] sidebar --> generali2[generali] sidebar --> magnet2[magnet] sidebar --> instacash2[instacash]
Recommended Upgrade Strategy
Before Any Core Change
- Check this document — is the file in the danger zone?
- Count affected branches — how many will need rebasing?
- Test with nusz first — it’s the most invasive and your current dev environment
Priority Actions
Reduce Future Breakage
- Extract sidebar to hooks — the #1 conflict source. Each client should inject menu items via
customization/ui/sidebar-items.jsinstead of modifyingsidebar.twig - Extract Letter.js to customization — email templates should be fully in
customization/email/ - Extract WebServerAuth.js to hooks — auth customizations should use the hook system
- Vendor libraries in customization — each branch vendoring jQuery/Bootstrap separately is wasteful
- Move config.js overrides to config files — don’t modify the loader, use
config/docker.jsonoverrides
Branches That Are Relatively Safe
These branches have minimal core modifications and mostly use the customization system correctly:
| Branch | Core Mods | Risk Level |
|---|---|---|
| granit | 1 file (bin/granit.js) | LOW |
| demo | 6 files | LOW |
| generali | 5 files (mostly UI) | LOW |
| microsec | 9 files | LOW-MEDIUM |
| polgaribank | ~35 files (mostly bin/) | MEDIUM |
| mvm | 12 files | MEDIUM |
Branches That Will Be Painful to Upgrade
| Branch | Core Mods | Risk Level | Why |
|---|---|---|---|
| nusz | 74 files | EXTREME | Storage engine, all CV APIs, videochat UI, DB helpers |
| bb | 34+ files | HIGH | SOAP server, flow editor, routes, socket events |
| kh | 22 files | HIGH | Oracle migrator, SOAP, custom Nginx/Supervisor |
| cofidis | 37 files | HIGH | WebServer, DB model, flow scope, many UI files |
| unicredit | 37 files | HIGH | All CV APIs, SFTP, flow service, portal |
| dap | 25 files | HIGH | New RPC system, entry point mods, integrity check |
| cib | 18 files | MEDIUM-HIGH | Portal, WebServer, customer creation |
esign Customization Branches
The esign services have fewer but notable branches:
| Branch | Type | Service |
|---|---|---|
| cofidis | Consumer credit | esign_oss + esign_css |
| demo | Showcase | esign_oss + esign_css |
| bankmonitor | Financial comparison | esign_oss + esign_css |
| equilor | Brokerage | esign_oss + esign_css |
| instacash | Banking | esign_oss + esign_css |
| raiffeisen | Banking | esign_oss + esign_css |
| sberbank | Banking (legacy) | esign_oss + esign_css |
Related
- customization-branches — Full branch comparison table
- FaceKom — Platform overview
- vuer_oss — Backend architecture (customization hooks)
- vuer_css — Frontend architecture (customization system)
- tech-debt — Technical debt
- security-audit — Security findings