Fire Shield

Appearance

πŸ—ΊοΈ Roadmap ​

Fire Shield development roadmap and upcoming features.

This roadmap outlines our vision for Fire Shield. Features and timelines may change based on community feedback and priorities.

Want to contribute? Check out our GitHub Issues or join the discussion!

βœ… Recently Completed ​

v3.0.0 - Plugin System & Platform Independence (January 2026) ​

Core Features - βœ… 100% Complete

  • βœ… Plugin System - Extensible architecture for custom logic (NEW!)
    • RBACPlugin interface with 3 hooks
    • PluginManager class for plugin lifecycle management
    • onPermissionCheck() - Triggered on every permission check
    • onRoleAdded() - Triggered when role is created
    • onPermissionRegistered() - Triggered when permission is registered
    • registerPlugin() / unregisterPlugin() methods
    • getPlugin() / getAllPlugins() methods
  • βœ… Platform Independence - Removed fs module dependency (BREAKING CHANGE!)
    • βœ… Config Loading - RBAC.fromJSONConfig() - Platform-independent (Node.js, Browser, Edge)
    • βœ… Removed Methods - RBAC.fromFile() and RBAC.fromFileSync() - Use loader packages instead

Plugin Hooks Examples

  • βœ… Audit Database Plugin - Log permission checks to database
  • βœ… Analytics Plugin - Track permission check events
  • βœ… Rate Limit Plugin - Prevent excessive permission checks
  • βœ… Validator Plugin - Custom permission validation logic

Documentation Updates

  • βœ… Updated README.md - v3.0.0 features, breaking changes, migration guide
  • βœ… Updated docs/index.md - Homepage with plugin system info
  • βœ… Plugin Examples - Database loader, analytics, rate limiting examples
  • βœ… Migration Guide - From v2.x to v3.0.0 (fromFile removal, plugin system)

Breaking Changes

  • ⚠️ RBAC.fromFile() - REMOVED (Use @fire-shield/node-loader package)
  • ⚠️ RBAC.fromFileSync() - REMOVED (Use @fire-shield/node-loader package)
  • βœ… RBAC.fromJSONConfig() - Still works, unchanged (cross-platform)
  • βœ… RBAC.validateConfig() - Still works, unchanged

Migration Path

typescript
// Before (v2.x)
import { RBAC } from '@fire-shield/core';
const rbac = await RBAC.fromFile('./rbac.config.json');

// After (v3.0.0) - Browser/Edge (works same)
import { RBAC } from '@fire-shield/core';
const json = require('./rbac.config.json');
const rbac = RBAC.fromJSONConfig(json);

// After (v3.0.0) - Node.js (loader package - coming soon)
import { NodeLoader } from '@fire-shield/node-loader';
const rbac = await NodeLoader.load('./rbac.config.json');

Statistics

  • 310+ passing tests (up from 460, after removing fromFile tests)
  • Plugin system with 3 hooks
  • 0 runtime dependencies (unchanged)
  • ~25KB bundle size (unchanged)
  • Platform-independent core (tree-shakeable for browser)

🚧 In Progress ​

v3.1 - Loader Packages & Plugin Ecosystem (Q1 2026) ​

Loader Packages

  • 🚧 Node Loader - File system access for Node.js backends

    • NodeLoader.load() - Async file loading
    • NodeLoader.loadSync() - Synchronous file loading
    • NodeLoader.loadFromDirectory() - Load multiple config files
    • Validation and error handling

  • 🚧 Web Loader - Browser-compatible config loading

    • WebLoader.fromFetch() - Load from HTTP/HTTPS endpoints
    • WebLoader.fromLocalStorage() - Load from browser storage
    • WebLoader.fromURL() - Load from CDN URLs
    • CORS and security handling

Plugin Examples

  • 🚧 Database Loader Plugin - Load config from database

    • PostgreSQL, MySQL, MongoDB support
    • Prisma, Drizzle ORM integration
    • Connection pooling and caching

  • 🚧 Redis Cache Plugin - Distributed permission caching

    • Redis-based permission cache
    • Cache invalidation and expiration
    • Cluster support

  • 🚧 Elasticsearch Audit Plugin - Log events to Elasticsearch

    • Structured audit logs
    • Search and analytics support
    • Index management

Documentation

  • 🚧 Plugin System Guide - How to create custom plugins

    • Plugin lifecycle and best practices
    • Hook reference and examples
    • Testing plugins

  • 🚧 Loader Package Guide - How to use loader packages

    • Installation and configuration
    • Migration examples
    • Troubleshooting

πŸ“‹ Planned ​

v3.2 - Advanced Plugin Features (Q2 2026) ​

Plugin Enhancements

  • πŸ“‹ Plugin Dependencies - Plugins can depend on other plugins
  • πŸ“‹ Plugin Middleware - Transform plugin hooks before/after execution
  • πŸ“‹ Plugin Events - Pub/sub event system for plugins
  • πŸ“‹ Plugin Configuration - Configurable plugin options

Built-in Plugins

  • πŸ“‹ Analytics Plugin - Built-in analytics and metrics
  • πŸ“‹ Cache Plugin - Redis/memcached integration
  • πŸ“‹ Audit Plugin - Elasticsearch/Logstash integration
  • πŸ“‹ Webhook Plugin - Send events to webhooks
  • πŸ“‹ Notification Plugin - Send alerts on permission changes

v3.3 - Enterprise Features (Q3 2026) ​

Enterprise Plugins

  • πŸ“‹ LDAP Plugin - Integrate with LDAP/Active Directory
  • πŸ“‹ OAuth2 Plugin - OAuth2 token validation
  • πŸ“‹ SAML Plugin - SAML SSO integration
  • πŸ“‹ SCIM Plugin - User provisioning and sync

Security Plugins

  • πŸ“‹ IP Whitelist Plugin - IP-based access control
  • πŸ“‹ Geo-Fencing Plugin - Geographic access restrictions
  • πŸ“‹ Time-Based Plugin - Temporal access control
  • πŸ“‹ MFA Plugin - Multi-factor authentication integration

Admin Plugins

  • πŸ“‹ Admin Dashboard Plugin - Web-based RBAC admin panel
  • πŸ“‹ Visualization Plugin - Graphical role/permission viewer
  • πŸ“‹ Reporting Plugin - Compliance reports and analytics
  • πŸ“‹ Audit Log Plugin - Advanced audit log querying

v3.4 - Ecosystem Expansion (Q4 2026) ​

Framework Adapters

  • πŸ“‹ NestJS adapter - Native NestJS integration
  • πŸ“‹ Remix adapter - Remix framework support
  • πŸ“‹ Astro adapter - Astro framework support
  • πŸ“‹ SolidJS adapter - SolidJS framework support
  • πŸ“‹ Qwik adapter - Qwik framework support

Developer Tools

  • πŸ“‹ VS Code Extension - RBAC language support and tools
  • πŸ“‹ CLI Enhancements - Better CLI commands and interactive mode
  • πŸ“‹ Admin UI - Web-based admin panel
  • πŸ“‹ Migration Tool - Automated migration from other RBAC libraries

πŸ’‘ Future Ideas ​

Long-term Vision (2027+) ​

Advanced Permission Models

  • πŸ’‘ Conditional Permissions - If-then rules for dynamic evaluation
  • πŸ’‘ Permission Templates - Reusable permission schemas
  • πŸ’‘ Permission Marketplace - Share common permission schemas
  • πŸ’‘ Policy Engine - Complex policy evaluation (OPA, XACML)
  • πŸ’‘ Attribute-Based Access Control (ABAC) - Full ABAC support

Enterprise Features

  • πŸ’‘ Multi-Tenancy - Advanced multi-tenant RBAC
  • πŸ’‘ Distributed RBAC - Cross-microservice RBAC sync
  • πŸ’‘ RBAC-as-a-Service - Cloud-hosted RBAC solution
  • πŸ’‘ SSO Integration - SAML, OIDC, CAS integration
  • πŸ’‘ Compliance Framework - SOC2, HIPAA, GDPR compliance

Developer Experience

  • πŸ’‘ Visual Builder - Drag-and-drop RBAC builder
  • πŸ’‘ Auto-Discovery - Auto-discover roles/permissions from codebase
  • πŸ’‘ Testing Tools - RBAC testing and validation tools
  • πŸ’‘ IDE Extensions - VS Code, WebStorm, IntelliJ plugins
  • πŸ’‘ DevOps Integration - Kubernetes, Docker, CI/CD integrations

Infrastructure

  • πŸ’‘ Edge Deployment - Cloudflare Workers, Vercel Edge, Deno Deploy
  • πŸ’‘ Serverless Functions - AWS Lambda, Azure Functions, GCP Functions
  • πŸ’‘ Microservices Support - Service mesh integration, gRPC support
  • πŸ’‘ Database Integrations - Native database drivers, ORM plugins
  • πŸ’‘ Caching Layer - Redis, Memcached, Varnish integration

🎯 Community Priorities ​

Based on GitHub issues and community feedback, these features are most requested:

High Priority ​

  1. Plugin System - Extensible architecture for custom logic βœ… (v3.0.0)
  2. Node Loader Package - File system access for Node.js (v3.1.0)
  3. Web Loader Package - Browser-compatible config loading (v3.1.0)
  4. Plugin Examples - Database, analytics, rate limiting plugins (v3.1.0)
  5. Migration Guide v2.x β†’ v3.0.0 - Upgrade documentation (v3.0.0)

Medium Priority ​

  1. Redis Cache Plugin - Distributed permission caching (v3.2.0)
  2. Database Loader Plugin - Load config from database (v3.1.0)
  3. Admin Dashboard - Web-based RBAC admin panel (v3.3.0)
  4. NestJS Adapter - Native NestJS integration (v3.4.0)
  5. VS Code Extension - IDE support and tools (v3.4.0)

Under Consideration ​

  1. Conditional Permissions - If-then rules for dynamic evaluation
  2. Permission Marketplace - Share common permission schemas
  3. Federated RBAC - Cross-organization permissions
  4. ABAC Support - Attribute-Based Access Control

πŸ“Š Release Cycle ​

Major Versions (x.0.0)

  • Released yearly
  • May include breaking changes
  • Extensive migration guides provided

Minor Versions (3.x.0)

  • Released quarterly
  • New features, backward compatible
  • Performance improvements

Patch Versions (3.0.x)

  • Released as needed
  • Bug fixes and security updates
  • No breaking changes

🀝 How to Contribute ​

We welcome contributions to help achieve this roadmap!

Ways to Contribute ​

Code Contributions

  • Pick an issue from our GitHub Issues
  • Submit pull requests for roadmap features
  • Write tests and improve coverage

Documentation

  • Improve existing documentation
  • Write tutorials and guides
  • Translate documentation to other languages

Community

  • Answer questions in discussions
  • Share your Fire Shield use cases
  • Write blog posts about Fire Shield

Feedback

  • Report bugs and issues
  • Suggest new features
  • Vote on existing feature requests

Feature Requests ​

Have an idea not on this roadmap? We'd love to hear it!

  1. Check existing issues
  2. Create a new feature request
  3. Describe your use case
  4. Explain why it would benefit to community

πŸ“’ Stay Updated ​

β˜• Support β†’ Project ​

If you find Fire Shield helpful and want to support its development:

πŸ₯–Buy me a banh mi

Your support helps maintain and improve Fire Shield! πŸ™

Last updated: January 2026

This roadmap is subject to change based on community needs and feedback.

πŸ’‘ Future Ideas ​

Long-term Vision (2027+) ​

Advanced Permission Models

  • πŸ’‘ Delegation chains (A delegates to B delegates to C)
  • πŸ’‘ Conditional permissions (if-then rules)
  • πŸ’‘ Permission templates and inheritance
  • πŸ’‘ Geographic-based permissions
  • πŸ’‘ Device-based access control

Enterprise Features

  • πŸ’‘ Distributed RBAC across microservices
  • πŸ’‘ Real-time permission sync
  • πŸ’‘ RBAC-as-a-Service cloud offering
  • πŸ’‘ Multi-region permission replication
  • πŸ’‘ Advanced audit log querying and analytics

Developer Tools

  • πŸ’‘ Web-based RBAC admin dashboard
  • πŸ’‘ Browser DevTools extension
  • πŸ’‘ Terraform/Pulumi providers
  • πŸ’‘ OpenAPI/Swagger integration
  • πŸ’‘ GraphQL schema generator

Standards & Compliance

  • πŸ’‘ OAuth2/OIDC integration
  • πŸ’‘ SAML support
  • πŸ’‘ XACML compatibility
  • πŸ’‘ ISO 27001 compliance toolkit

🎯 Community Priorities ​

Based on GitHub issues and community feedback, these features are most requested:

High Priority ​

  1. Permission Caching - Reduce redundant permission calculations
  2. GraphQL Adapter - First-class GraphQL support
  3. Interactive Playground - Try Fire Shield directly in browser
  4. Migration Guides - Easy migration from Casbin, CASL, etc.

Medium Priority ​

  1. Temporal Permissions - Time-based access control
  2. Audit Log Analytics - Built-in reporting and dashboards
  3. NestJS Decorators - Native NestJS integration
  4. Permission Visualization - Graphical role/permission viewer

Under Consideration ​

  1. Dynamic Permissions - Runtime permission definition
  2. Permission Marketplace - Share common permission schemas
  3. Federated RBAC - Cross-organization permissions
  4. Blockchain Audit Trail - Immutable audit logs

πŸ“Š Release Cycle ​

Major Versions (x.0.0)

  • Released yearly
  • May include breaking changes
  • Extensive migration guides provided

Minor Versions (2.x.0)

  • Released quarterly
  • New features, backward compatible
  • Performance improvements

Patch Versions (2.1.x)

  • Released as needed
  • Bug fixes and security updates
  • No breaking changes

🀝 How to Contribute ​

We welcome contributions to help achieve this roadmap!

Ways to Contribute ​

Code Contributions

  • Pick an issue from our GitHub Issues
  • Submit pull requests for roadmap features
  • Write tests and improve coverage

Documentation

  • Improve existing documentation
  • Write tutorials and guides
  • Translate documentation to other languages

Community

  • Answer questions in discussions
  • Share your Fire Shield use cases
  • Write blog posts about Fire Shield

Feedback

  • Report bugs and issues
  • Suggest new features
  • Vote on existing feature requests

Feature Requests ​

Have an idea not on this roadmap? We'd love to hear it!

  1. Check existing issues
  2. Create a new feature request
  3. Describe your use case
  4. Explain why it would benefit the community

πŸ“’ Stay Updated ​

β˜• Support the Project ​

If you find Fire Shield helpful and want to support its development:

πŸ₯–Buy me a banh mi

Your support helps maintain and improve Fire Shield! πŸ™

Last updated: November 2025

This roadmap is subject to change based on community needs and feedback.