Skip to content

Config/setting up persistance.xml #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
VonAdamo merged 2 commits into from
Dec 22, 2025
Merged

Config/setting up persistance.xml #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b1048f5
add deadline
github-classroom[bot] Dec 16, 2025
17572e7
Add persistence configuration for JPA with MySQL
VonAdamo Dec 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
[![Review Assignment Due Date](https://classroom.github.com/assets/deadline-readme-button-22041afd0340ce965d47ae6ef1cefeee28c7c493a6346c4f15d667ab976d596c.svg)](https://classroom.github.com/a/_uV8Mn8f)
# 📘 Projektarbete: JPA + Hibernate med GitHub-flöde

Projektet genomförs som antingen en Java CLI-applikation eller med hjälp av JavaFX om ni vill ha ett grafiskt gränssnitt.
Expand Down
20 changes: 20 additions & 0 deletions src/main/resources/META-INF/persistence.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<persistence version="3.2"
xmlns="https://jakarta.ee/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="https://jakarta.ee/xml/ns/persistence https://jakarta.ee/xml/ns/persistence/persistence_3_2.xsd">
<persistence-unit name="jpa-hibernate-mysql">
<properties>
<!-- Database connection settings -->
<property name="jakarta.persistence.jdbc.url" value="jdbc:mysql://localhost:3306/test"/>
<property name="jakarta.persistence.jdbc.user" value="root"/>
<property name="jakarta.persistence.jdbc.password" value="root"/>
Comment on lines +9 to +11
Copy link

@coderabbitai coderabbitai bot Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Remove hardcoded database credentials immediately.

Committing database credentials to version control is a critical security vulnerability. The credentials are exposed in the repository history and accessible to anyone with repository access.

🔎 Recommended approaches to secure credentials

Option 1: Environment variables (recommended for this project)

-            <property name="jakarta.persistence.jdbc.url" value="jdbc:mysql://localhost:3306/test"/>
-            <property name="jakarta.persistence.jdbc.user" value="root"/>
-            <property name="jakarta.persistence.jdbc.password" value="root"/>
+            <property name="jakarta.persistence.jdbc.url" value="${DB_URL:jdbc:mysql://localhost:3306/test}"/>
+            <property name="jakarta.persistence.jdbc.user" value="${DB_USER}"/>
+            <property name="jakarta.persistence.jdbc.password" value="${DB_PASSWORD}"/>

Option 2: Separate properties file (not committed to git)

Create src/main/resources/db.properties and add it to .gitignore:

db.url=jdbc:mysql://localhost:3306/test
db.user=root
db.password=root

Then load these properties programmatically when creating the EntityManagerFactory.

Option 3: Use a template file

Commit persistence.xml.template with placeholders and document in README how to create the actual persistence.xml locally.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
In src/main/resources/META-INF/persistence.xml around lines 9-11, remove the
hardcoded JDBC credentials and replace them with runtime-resolved values (e.g.,
${DB_URL}, ${DB_USER}, ${DB_PASSWORD}) or a lookup to a JNDI/data-source;
alternatively keep a persistence.xml.template with placeholders in repo and load
real values from environment variables or an external db.properties file (which
must be .gitignored) at runtime; update build/startup to inject those env vars
or properties and add instructions in README for local setup; ensure the
committed file no longer contains plaintext credentials and rotate any exposed
credentials immediately.

<!-- Automatically export the schema -->
<property name="jakarta.persistence.schema-generation.database.action" value="create"/>
Copy link

@coderabbitai coderabbitai bot Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Schema action "create" will drop all tables on every startup.

The create action drops and recreates the database schema on every application start, resulting in complete data loss. This is only appropriate for initial development or testing with disposable data.

Consider these alternatives:

  • update - updates the schema without dropping existing data (recommended for development)
  • validate - only validates the schema matches entities (recommended for production)
  • none or remove the property - no automatic schema management (production best practice)
🔎 Suggested fix for development workflow 
-            <property name="jakarta.persistence.schema-generation.database.action" value="create"/>
+            <property name="jakarta.persistence.schema-generation.database.action" value="update"/>

For production, use:

<property name="jakarta.persistence.schema-generation.database.action" value="validate"/>
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<property name="jakarta.persistence.schema-generation.database.action" value="create"/>
<property name="jakarta.persistence.schema-generation.database.action" value="update"/>
🤖 Prompt for AI Agents 
In src/main/resources/META-INF/persistence.xml around line 13 the property
jakarta.persistence.schema-generation.database.action is set to "create" which
drops and recreates the schema on every startup; change this to a safer value
depending on environment (for development set value="update", for production set
value="validate", or remove the property/use value="none"), and if you need
different behaviors across environments switch this property into
environment-specific configuration or use a profile/placeholder (e.g. replace
the literal with a variable that is injected at runtime) so production never
runs with "create".

<!-- Echo all executed SQL to console //TODO: Set to false in production -->
<property name="hibernate.show_sql" value="true"/>
<property name="hibernate.format_sql" value="true"/>
<property name="hibernate.highlight_sql" value="true"/>
</properties>
</persistence-unit>
</persistence>