Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix/1107 circleci deploy #154

Merged
merged 21 commits into from
Feb 25, 2020
Merged

Fix/1107 circleci deploy #154

merged 21 commits into from
Feb 25, 2020

Conversation

lewisdaly
Copy link
Contributor

@lewisdaly lewisdaly commented Feb 25, 2020

  • Update CircleCI deploy config to deploy the quoting-service after a release
  • uses new circleci orb to accomplish this
  • remove redundant duplicated CircleCI config
  • currently deploys to testci namespace on dev1 cluster, but this can be modified from CircleCI params
  • part of #1107

Copy link
Contributor

@rmothilal rmothilal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Happy

@lewisdaly lewisdaly merged commit e8b6d7c into master Feb 25, 2020
@lewisdaly lewisdaly deleted the fix/1107-circleci-deploy branch February 25, 2020 14:01
shashi165 added a commit to shashi165/quoting-service that referenced this pull request Oct 13, 2021
* Issue934-FixSetEnvVarRCAsBooleanInsteadOfString (mojaloop#81)

* Issue934-FixSetEnvVarRCAsBooleanInsteadOfString

* Issue934-JestUnitTestChangeUpdate

* WIP

* mockConfig done

* Issue934-AddParseStringInObjectDependencyAndUpdateDeps

* Issue934-UpdatePackageVersionTo8dot4dot1-snapshotAndUpdateDependencies

* bugfix/1066 Remove Put Accept Header (mojaloop#86)

- Added noAccept parameter
- Upgraded dependencies

* More unit tests and some code cleanup (mojaloop#87)

* Tests converted to Jest

* Added rules engine jsonpath dynamic fact

* Updated rules engine API. Added jsonpath package to dependencies. Added rules engine tests. Added Jest config. Added example rules.json.

* Updated hapi/subtext to patch vulnerability

* Updated example rules and corresponding tests to reflect real form of payer and payee

* Added switch endpoint to config to obtain payer and payee information for rules engine. Stubbed validateQuoteRequest method in relevant tests. Running rules engine in validateQuoteRequest (but not doing anything with the results yet).

* Tests converted to Jest

* Replaced coverage-check script. Added coverage threshold to jest config. Removed Istanbul config.

* Uninstalled and reinstalled jest to fix vulnerability

* Added junit + config. Added test:junit npm script. Modified circle config to call junit script. Added test results directory to gitignore.

* Modified example rules and corresponding tests to better reflect actual payer and payee facts

* Updated redirect address to redirect fsp. Made the linter happy. Added rule execution and event handling. Removed empty quote validation, replaced with rules engine execution. Removed redundant setImmediate. New test for INVALID_QUOTE_REQUEST event. Expanded INVALID_QUOTE_REQUEST unit tests.

* Manual merge from upstream

* Integrated properly the new `model/rules.js` into `model/quotes.js` and updated the `quotes.tests.js` accordingly.

* Simplified block of code that was unnecessarily using `map`.

* Forwarding event-handler-modified quote request and headers instead of originals

* Fixed tests by poorly mocking handleRuleEvents on the quotes model

* Cleaned a little bit the result of `handleRuleEvents`;
Updated unit tests in order to pass according to latest code changes.

* Deduplicated the functionality of request sending

* Removed `setImmediate` from all places that it was used.

* Use `CreateInternalServerFSPIOPError` instead of `CreateFSPIOPError`

* fixed the name of rules.json

* rename file rules.example.json

* Refactored existing unit tests in order to make them cleaner and avoid duplication;
Added more unit tests for `handleQuoteRequest` to cover all possible paths.

* Refactored `handleQuoteRequest` to make it more readable and avoid duplication;
Cleaned some minor parts of the whole `quotes.js` file.

* Resolved issue with merge

* Added unit tests for `quotesModel.handleRuleEvents`

* Minor update to behaviour and corresponding test update. Minor test change.

* Lint fix

* Added unit tests for `quotesModel.executeRules`

* Added more unit tests to `quotesModel.executeRules` to cover rejected promises of `axios.request`

* Minor refactoring on the unit tests of `RulesEngine` to use `describe` blocks and `it()` instead of `test()` for consistency.

* Added missing dependency that got removed after merging.

* Updated quotes model unit tests to match the new implementation of config.js

* Updated comments in codebase.

* Removed ``^` sign from dependency in package.json

* Bump npm-check-updates from 3.2.1 to 3.2.2 (mojaloop#88)

Bumps [npm-check-updates](https://github.com/tjunnone/npm-check-updates) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/tjunnone/npm-check-updates/releases)
- [Commits](raineorshine/npm-check-updates@v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Bump eslint from 6.6.0 to 6.7.1 (mojaloop#89)

Bumps [eslint](https://github.com/eslint/eslint) from 6.6.0 to 6.7.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](eslint/eslint@v6.6.0...v6.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* bugfix/1079 Extensions Longer Than 128 Chars (mojaloop#90)

- truncateExtension config
- fix issues with standardJS

* Dissasociated unit tests from the actual contents of file `config/rules.json`; (mojaloop#92)

Added a `rules.example.json` file.

* bugfix/1085 Quote to Inactive Fsp (mojaloop#91)

- Proper generate request headers when from switch

* mowdev-3411

* added more rules

* Feature/846 async logging (mojaloop#100)

* Add file logging support in docker, update dependencies

* Add back missing package after merge conflicts

* Feature/update json rules engine (mojaloop#101)

* Simplified rules unit tests

* Updated json-rules-engine

* Updated code to use native json-rules-engine jsonpath syntax

* Made linter happy. Removed jsonpath dependency.

* Feature/test fx rules (mojaloop#102)

* Added skeleton for fx rules unit tests

* Removed commented tests from original file

* Update fx.test.js

* Feature/846 async logging (mojaloop#100)

* Add file logging support in docker, update dependencies

* Add back missing package after merge conflicts

* Feature/update json rules engine (mojaloop#101)

* Simplified rules unit tests

* Updated json-rules-engine

* Updated code to use native json-rules-engine jsonpath syntax

* Made linter happy. Removed jsonpath dependency.

* Feature/test fx rules (mojaloop#102)

* Added skeleton for fx rules unit tests

* Removed commented tests from original file

* Update fx.test.js

* added more rules and tests

* test discard

* test discard

* test discard

* updated dependencies (mojaloop#105)

* stripe off accept header for PUT requests

* added package-lock.json

* Feature/1003 add container scans (mojaloop#103)

* Add anchore image scanning, update circleci config

* Fix config.yml validity issues

* Bump package version, ensure latest deps are installed

* Feature/1047 improve test coverage (mojaloop#108)

* Add unit tests to bring coverage up to 90%+

remove redundant nyc config

Set up dir structure for tests

Set up dir structure for tests

Add inspect util for ease of testing

working on quotes error test

Add istanbul ignore comments for mockgen only files

working on health check mocks

Working on config mocks

Add bulk quotes not implemented tests

Working on health check tests

Working on health check tests

remove unused comments

working on quotes test

working on config default tests

working on utils tests

working on utils tests

find and replace all stack inspection

find and replace all stack inspection

Working on quote tests

Move http into its own library for ease of mocking

Move http into its own library for ease of mocking

fix existing tests once mocking out http

add tests for handleException

add tests for handleException

add tests for handleException

finish getting model testing up to scratch

fix missing conditions on rule engine tests

Add tests for http

refactor start script to improve tests

work on server testing

working on database mocking

working on knex mocks

working on knex mocks

working on knex mocks

working on knex mocks

working on knex mocks

replace err.stack || util.inspect(err) with getStackOrInspect

work on quite tests

work on quite tests

finish work on cachedDatabase

update dependencies, bump package version to 8.7.0

* remove unneeded test files

* run standard --fix

* bump package version to 8.7.1-snapshot

* bump package version to 8.7.2-snapshot

* added more rules

* fixed the package.json version

* fixed version number

* fixed the Object.assign

* removed rules.json

* update package-lock.json

* Attempt cache refresh

* Replace audit:check with audit

* Debug with verbose audit

* Skip vulnerability check because of network errors

* Skip vuln check step

* downgrade helm version

* #1147 - Update dependencies (mojaloop#118)

* Update sinon

* Bump version to 8.8.0

* temp logging

* renamed switchEndpoint to a better name

* removed config from dockerfile

* Fix for #1169 - GET /quotes for malformed ID error response is 1001 instead of 3xxx (mojaloop#125)

* Add quote ID validation in swagger.json
* Update dependencies and fix unit test
* Fix version

* Added synchronous responses for rules engine invalid quote errors (mojaloop#127)

* Added synchronous responses for rules engine invalid quote errors

* Corrected import

* Corrected error variable name

* Moved response handling out of model, into handlers

* Fixed tests

* added error code

* added swagger changes

* Bugfix/1172empty quote values (mojaloop#128)

* Added minLength of 1 for quoteId and transactionId for post quotes

* Added a comment to remove the minLength property from quoteId and transactionId once the enjoi library has been fixed.

* Upgrading version to v8.8.0-snapshot (mojaloop#129)

* Upgrading version to v8.8.0-snapshot and now we have test coverage >90%

* Feature/1157 anchore report summary (mojaloop#132)

* Add anchore summary report upload

* fix missing aws credentials

* Update dependencies (mojaloop#133)

* added error handling when there are no active accounts

* added error handling when there are no active accounts

* added error handling when there are no active accounts

* 893-UpdateRegexToValidateIncomingErrorCodeAtEndpointCallbackAndUpdateDependencies (mojaloop#113)

* Issue934-FixSetEnvVarRCAsBooleanInsteadOfString

* WIP

* mockConfig done

* 893-AddSwaggerValidationForIncomingErrorCodePlusUnitTestChangeAndUpdateDependencies

* Fix unit test, update dependencies plus Merge remote-tracking branch 'origin/893-ValidateIncomingErrorCodeAtErroCallbackEndpoint' into 893-ValidateIncomingErrorCodeAtErroCallbackEndpoint

Co-authored-by: Georgi Georgiev <georgi.georgiev@modusbox.com>
Co-authored-by: Sam <elnyry@users.noreply.github.com>

* fixed error responses sync and async

* fixed the rounting problem with forex quotes

* fixed the rounting problem with forex quotes

* fixed the rounting problem with forex quotes

* removed fspiop-uri header

* removed fspiop-signature header

* added one more error code to sync errors

* added more error handling

* Fix for #1173 - GET /quotes for unknown quote ID error response is 1001 instead of 3205 (mojaloop#139)

* Bump version to 9.0.0-snapshot

* Fix response codes for PUT /quotes/{id} and PUT /quotes/{id}/error from 202 to 200

* Update dependencies. Freeze json-rules-engine due to breaking changes

* Bump version to 9.1.0

* Remove hard-coded response codes in test

* Return error 3000 - Generic client error  and not 1001 on 404 errors

* Update dependencies

* Fix span bug

* Update cs-shared

* Upgrade to Node 12.16.0 LTS version (mojaloop#150)

- Updated CircleCI and Docker scripts to use Node 12.16.0 LTS version.
- Updated dependencies

* Added updated Mojaloop license (mojaloop#151)

* Added updated Mojaloop license (mojaloop#152)

* Hotfix: Fix startup failure error (mojaloop#153)

* Lock hapi version

* Resolve audit issue, temporarily

* Fix/1107 circleci deploy (mojaloop#154)

* remove sensitive notes

* resolve npm audit issues

* temp disable some cicd steps for speed up tests

* fix missing aws config

* Add parameters into orb config

* Updating deploy config

* helm deploy fixes

* temporarily disable the coverage checks

* replace inline deployment orb with orb reference

* update deploy orb to v0.1.1

* removing duplicate configs

* working on helm config

* bump orb version to 0.1.4

* Working on executor config

* Working on executor config

* fix helm set values

* more work on helm set values

* more work on helm set values

* Reenable skipped ci steps

* bump package version to 9.2.2-snapshot, add hapi to the audit fix

* Fixed /quote/\{id\}/error destination (mojaloop#156)

* Updated package version (mojaloop#157)

* Updated package version

* Updated dependencies (mojaloop#158)

* updated to newly released version of event-sdk

* updated dependencies and version

* Feature/updating dependencies (mojaloop#159)

* updated to newly released version of event-sdk

* updated dependencies and version

* updated dependencies

* #1178: Bug fixes for POST /quotes with unknown destination FSP (mojaloop#160)

* Validate that FSP Ids in headers and payload match for both payerfsp and payeefsp

* Hotfix: Revert #1178 changes (mojaloop#161)

* Revert #1178 changes. Update depenedencies. Bump version

* Undo version bump

* Bugfix/restore handle quote error headers (mojaloop#168)

* Modified `forwardQuoteUpdate` so it handles special cases where it doesn't need to modify/set the headers.

* Bumped to 9.3.4-snapshot;
Added myself to the hall of fame.

* Updated unit tests.

* Changed bumped version to 9.4.0 to cope with the current versioning status.

* Changed the places where the sendErrorCallback is called with `true` flag.

* run `npm run audit:resolve` and skipped for a week.

* Do not modify headers in case they are only being relayed to another DFSP.

* Do not delete `FSPIOP-Signature` header unless if `modifyHeaders` is `true`.

* Store extensionLists for quote requests and responses. (mojaloop#184)

* store extension list items for quote requests and responses

* Adding unit test coverage for quote request and response extensionList saving to database

* postpone audit failures

* attempt to resolve further audit issues

* Delete package-lock.json

* another attempt to resolve audit issues

* Bump package version

* Proposed code changes for extensionLists PR (mojaloop#185)

* Proposed code changes for extensionLists PR

* Lint

Co-authored-by: Matt Kingston <mattkingston@gmail.com>

* Feature/otc 218 enhance post quote partyIdInfo with extension list (mojaloop#190)

* Added the extension list under the partyidinfo obj

* OTC-218 Changes:

Enhanced Post Quotes on quoting service to handle extension lists under partyId info
Updated dependencies
Postponed audit issue

* OTC-218 Changes:

Enhanced Post Quotes on quoting service to handle extension lists under partyId info

* Add custom mojaloop policy for evaluating anchore-cli scans (mojaloop#192)

* Update dependencies (mojaloop#200)

* Update dependencies

* Temporarily resolve audit issues

* Hotfix for docker image to support async logging (mojaloop#202)

- Added async logging support to DockerFile
- Updated dependencies for Jest
- Fixed vulnerability issues
- Bumped version to v10.1.1

* Merged `master` into this branch.

* added JWS support for switch generated msg (mojaloop#203)

* added JWS support for switch generated msg

* added unit tests

* added coverage tests

* fix audit issues

* removed un-necessary header fix

* added a valid default private key

* added a default private key

* not modify request in jwsSigner

* fixed the version issue

* bumped up the version

* bumped up the version

Co-authored-by: Shashi <shashikant.hirugade@modusbox.com>

* fixed the bug with createQuoteExtensions

* Fixed the arguments passed to `createQuoteExtensions`. (mojaloop#213)

* Fixed the arguments passed to `createQuoteExtensions`.

* Updated expected error message in unit test.

* fixed issue with createQuoteExtension

* Fixed issue with `createQuoteExtension` (mojaloop#214)

* Revert change of the error message as it breaks tests.

* Updated versions for error-handler, etc... (mojaloop#218)

* Change CI/CD notifications to their own slack channel, bump package to 10.3.1 (mojaloop#219)

* Fix DB transaction leaks. Update unit tests (mojaloop#220)

- Fixed DB transaction/connection leaks
- Updated unit tests
- Bumped version

* Feature/validation for name place accents  (mojaloop#221)

* updated to newly released version of event-sdk

* updated dependencies and version

* updates to migrate quoting api to use openapi-backend
create openapi >= 3.0 swagger
updated dependencies
added new routes
converted server to use new libraries
golden path tests pass
coverage may need some attention

* added production to quotes audit checks

* fixed incorrect case for file path

* Updated code coverage

* update of dependencies

* error handling dependency update

* updated dependency

* Updated python in Circle CI (mojaloop#222)

* updated to newly released version of event-sdk

* updated dependencies and version

* updates to migrate quoting api to use openapi-backend
create openapi >= 3.0 swagger
updated dependencies
added new routes
converted server to use new libraries
golden path tests pass
coverage may need some attention

* added production to quotes audit checks

* fixed incorrect case for file path

* Updated code coverage

* update of dependencies

* error handling dependency update

* updated dependency

* Changes:
	Updated python in circle CI

* Updated dependencies and version for issue: mojaloop/project#1378 (mojaloop#223)

* Aligned an error message with the master branch to match Postman test's assertions.

* Fixed some npm vulnerabilities and skipped the rest.

* Updated circle CI config according to master branch.

* Removed `quoteId` from error log message as it causes error due its exceeding length.

* Removed `quoteId` from error log message as it causes error due its exceeding length. (mojaloop#224)

* fixed error message

* Bugfix/1385 fix post quotes header (mojaloop#225)

* updated to newly released version of event-sdk

* updated dependencies and version

* updated to remove accept header from PUT quotes callback

* fix error message (mojaloop#226)

* fix error message

* fix error message

Co-authored-by: Shashi <shashikant.hirugade@modusbox.com>

* Bugfix/fix participant lookup to use currency (mojaloop#227)

* updated to newly released version of event-sdk

* updated dependencies and version

* fix for accept header and content-type header versions being hardcoded

* Bugfix/fix participant lookup to use currency (mojaloop#228)

* updated to newly released version of event-sdk

* updated dependencies and version

* fix for accept header and content-type header versions being hardcoded

* updated participant lookup to validate against the participant and participant currency table to validate that the participant is active as well as their currency account

* Bugfix/fix participant lookup to use currency (mojaloop#230)

* updated to newly released version of event-sdk

* updated dependencies and version

* fix for accept header and content-type header versions being hardcoded

* updated participant lookup to validate against the participant and participant currency table to validate that the participant is active as well as their currency account

* updated the order the sql is run in, seems to give and issue during testing

* Bugfix/fix participant lookup to use currency (mojaloop#231)

Fix for createPartyQuote not passing all values to getParticipant

* Feature/1468 support for bulk quotes post passthrough (mojaloop#233)

* updated to newly released version of event-sdk

* updated dependencies and version

* added support for bulk quotes post functionality
updated dependencies to fix audit issues

* added put, and get functionality for bulk quotes

* Fix log text

* added the put bulkQuotes error endpoint

* updated according to stevens comments

* removed unnecessary await

* removed the await

* awaits need to be there for audits

* fixes for error handling according to @oderayi to handle exceptions in model instead of throwing it up to handler

* #1484: Update FSPIOP API version (mojaloop#235)

* Update FSPIOP API version

* Update src/interface/swagger.json

Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* Update API description

* Attempt to fix 'jest not found' error in circleci

* Attempt to fix 'jest not found' error in circleci

* Lock version update for jest and jest-unit, restore npm scripts

* Update jest and jest-junit

* Update src/interface/swagger.json

Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* Bump version in attempt to bypass ci bug with caches

Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* Add ISO test currencies (XTS, XXX) (mojaloop#238)

* Add ISO test currencies

* Bump package version

* added test currencies

* resolve audit issues

* fix audit issues

* fix audit issues

* Convert handlers to async, update deps, and bump version (mojaloop#239)

* Feature/#1615 content headers (mojaloop#240)

* added support for resource versions

* updated dependencies

Co-authored-by: Valentin <valentin.genev@modusbox.com>

* fixed resource api version to be changed only if message originates from the switch (mojaloop#241)

Co-authored-by: Valentin <valentin.genev@modusbox.com>

* updated dependencies and removed old audit records (mojaloop#243)

* Updated to cater for spans finishing early (mojaloop#244)

* updated dependencies and removed old audit records

* updated to cater for parent spans finishing before the span can be closed and fixed tests

* fixing tests and some code found during testing

* fixes  (mojaloop#245)

* updated dependencies and removed old audit records

* updated to cater for parent spans finishing before the span can be closed and fixed tests

* fixing tests and some code found during testing

* needed to handle error in the model as the handler has already processed

* #1456: Feature/docker config fixes (mojaloop#247)

* Update docker configs with master, bump patch version, update dependencies, and fix linting errors with Standard

* Update tests

* Clean up

* Clean up

* validate dfsps in payload for simple routing mode (mojaloop#248)

* #1875: Replace wildcard routes with explicit routes. (mojaloop#249)

* Replace wildcard routes with explicit routes. Add hapi-swagger for API documentation (swagger). Update dependencies. Bump patch version

* Fix dependencies

* chore: update license file (mojaloop#251)

* #1885: Add API documentation library (mojaloop#250)

* Add API documentation endpoints

* Update dependencies

* Resolve audit

* Force update event-stream (Widdershins dep) due to license audit issues

* [Security] Bump node-notifier from 8.0.0 to 8.0.1 (mojaloop#252)

Bumps [node-notifier](https://github.com/mikaelbr/node-notifier) from 8.0.0 to 8.0.1. **This update includes a security fix.**
- [Release notes](https://github.com/mikaelbr/node-notifier/releases)
- [Changelog](https://github.com/mikaelbr/node-notifier/blob/v8.0.1/CHANGELOG.md)
- [Commits](mikaelbr/node-notifier@v8.0.0...v8.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* [Security] Bump axios from 0.21.0 to 0.21.1 (mojaloop#255)

Bumps [axios](https://github.com/axios/axios) from 0.21.0 to 0.21.1. **This update includes a security fix.**
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v0.21.1/CHANGELOG.md)
- [Commits](axios/axios@v0.21.0...v0.21.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* [Security] Bump urijs from 1.19.2 to 1.19.5 (mojaloop#254)

Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.2 to 1.19.5. **This update includes a security fix.**
- [Release notes](https://github.com/medialize/URI.js/releases)
- [Changelog](https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md)
- [Commits](medialize/URI.js@v1.19.2...v1.19.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* feat(ci/cd): add pr title check (mojaloop#256)

* chore: adding codeowners file (mojaloop#257)

* chore: maintenance upgrades, audit check resolve update (mojaloop#258)

* chore: adding codeowners file

* chore: maintenance upgrades, audit check resolve update

* fix(headers)!: made fspiop-destination header mandatory (mojaloop#259)

* fix(headers) ! :made fspiop-destination header mandatory

* added unit test

* added unit test

* [Security] Bump urijs from 1.19.5 to 1.19.6 (mojaloop#260)

Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.5 to 1.19.6. **This update includes a security fix.**
- [Release notes](https://github.com/medialize/URI.js/releases)
- [Changelog](https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md)
- [Commits](medialize/URI.js@v1.19.5...v1.19.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* fix(security): Bump y18n from 3.2.1 to 3.2.2 (mojaloop#261)

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. **This update includes a security fix.**
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* fix(security): Bump djv from 2.1.2 to 2.1.4 (mojaloop#263)

Bumps [djv](https://github.com/korzio/djv) from 2.1.2 to 2.1.4.
- [Release notes](https://github.com/korzio/djv/releases)
- [Changelog](https://github.com/korzio/djv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korzio/djv/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: #2103 fix subid functionality in POST quotes request (mojaloop#264)

* Fixed issue with subId

* Bumped up the version and postponed the audits

* Fixed unit test

* Update src/data/database.js

Co-authored-by: Lewis Daly <lewis@vesselstech.com>

Co-authored-by: Lewis Daly <lewis@vesselstech.com>

* feat(#2119): fixes for updated for AJV error objects change (mojaloop#265)

- Including new release of Central-services-error-handling: https://github.com/mojaloop/central-services-error-handling/releases/tag/v11.2.0
- Upgraded dependencies
- Added AJV as it was a "peer dependency"
- Bump to version
- Updated audit-resolve for known security issue

* fix(#2182): regex validations against swagger interface spec no longer working (mojaloop#267)

- Updated central-services-shared dependency
- Bump to version
- Audit-resolve issues

* fix: helm release v12.1.0 (mojaloop#269)

- Updated dependencies
- Bump to patch level
- Standardised npm lint script
- Fixes for audit issues

* [Security] Bump hosted-git-info from 2.8.8 to 2.8.9 (mojaloop#266)

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. **This update includes a security fix.**
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.8.8...v2.8.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* chore: helm release v12.1.0  (mojaloop#270)

- updated missing dependency updates due to ncurc
- 'allow.auto.create.topics=true' had been added to Kafka Consumer configs. This will enable Kafka Consumers to trigger auto creation of topics, ref: https://github.com/edenhill/librdkafka/releases/tag/v1.5.0.

* fix(mojaloop/project#2246): updated dependency version (mojaloop#272)

-Bumped Version
-Fixed pre-commit task, misspelling

Co-authored-by: JoNel <Johann.nel@sybrin.co.za>

* fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings (mojaloop#278)

* fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings [#2358](mojaloop/project#2358)
- Updated regex to match [\w](https://unicode.org/reports/tr18/#word) (used by the [Mojaloop Specification](https://github.com/mojaloop/mojaloop-specification/blob/master/fspiop-api/documents/v1.1-document-set/fspiop-v1.1-openapi3.yaml#L2347)) based on mappings to the [ECMAScript](https://262.ecma-international.org/9.0/#sec-runtime-semantics-unicodematchproperty-p) regex specification.
- Added unit test for post quotes endpoint with additional asian (Myanmar) unicode characters added to middleName
- Bump to patch version
- Updated dependencies to the latest version
- Fixed audit-resolve issues:

```text
--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
 vulnerable versions <3.2.2 || >=4.0.0 <4.4.14 || >=5.0.0 <5.0.6 || >=6.0.0 <6.1.1 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
 vulnerable versions <3.2.3 || >=4.0.0 <4.4.15 || >=5.0.0 <5.0.7 || >=6.0.0 <6.1.2 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
```

> Outcome: Fixed

```text
--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser
```

> Outcome: Ignored for a week

```text
--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
```

> Outcome: Ignored for a week

* chore(#864): change instanbul to nyc for coverage on all projects (mojaloop#279)

chore(#864): change instanbul to nyc for coverage on all projects
- removed .ncurc.yml as code-coverage is configured in the jest.config.js
- fixes for audit resolve

```text
--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser
```

> Outcome: Ignored for a week
> Impact: Minimal as this is used to render documentation end-point

```text
--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
```

> Outcome: Ignored for a week
> Impact: Minimal as this is used to render documentation end-point

* fix(mojaloop/#2439): quoting-service-model.validatequoterequest-doesnt-perform-correct-validation (mojaloop#280)

fix([mojaloop/#2439](mojaloop/project#2439)): quoting-service model.validateQuoteRequest doesn't perform correct validation when simpleRoutingMode is TRUE
- added typesafe checks for validate quote request logic
- added devspace patterns to gitignore
- minor formatting of the serverStart unit tests for clarity
- updated dependencies to latest version
- added circleci config for automated releases
- added standard-version dependency for automated releases
- fixed audit resolve issues:
```text
--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
 vulnerable versions <4.4.18 || >=5.0.0 <5.0.10 || >=6.0.0 <6.1.9 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
 vulnerable versions <4.4.18 || >=5.0.0 <5.0.10 || >=6.0.0 <6.1.9 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
```
> Outcome: Fixed

```text
--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser
```
> Outcome: Ignored for a week
> Impact: Minimal as the dependencies are used for the Developer Documentation end-point

```text
--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
```
> Outcome: Ignored for a week
> Impact: Minimal as the dependencies are used for the Developer Documentation end-point

* fix: updated circleci config to use the SHA1 hash of the last commit of the current build (mojaloop#281)

* chore(release): 12.0.8 [skip ci]

* fix: circleci slack webhook typo fix (mojaloop#282)

* fixes for CI-CD typo image-scan failure on slack webhook

* chore(release): 12.0.9 [skip ci]

* chore: updated readme with automated-releases, potential-problems and additional-notes placeholder (mojaloop#283)

* updated readme with Automated Releases, Potential Problems and Additional Notes placeholder
* fixed markdown lint issues for readme

* chore(release): 12.0.10 [skip ci]

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* Fixed the tests

* changed the way we add headers

* refactoring

* refactoring

* removed the hardcoded headers

* removed the hardcoded headers

* updated README

* fixed swagger

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

Co-authored-by: Juan Correa <gibaros@users.noreply.github.com>
Co-authored-by: Georgi Georgiev <georgi.georgiev@modusbox.com>
Co-authored-by: Vassilis Barzokas <vassilis.barzokas@modusbox.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: shashi165 <shashikant.hirugade@softwaregroup.com>
Co-authored-by: Lewis Daly <lewis@vesselstech.com>
Co-authored-by: Matt Kingston <mattkingston@gmail.com>
Co-authored-by: Valentin Genev <vgenev@gmail.com>
Co-authored-by: Kamuela Franco <kamuela.franco@gmail.com>
Co-authored-by: Steven Oderayi <oderayi@gmail.com>
Co-authored-by: ndonnan <neal.donnan@gmail.com>
Co-authored-by: Sam <elnyry@users.noreply.github.com>
Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com>
Co-authored-by: James Bush <37296643+bushjames@users.noreply.github.com>
Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com>
Co-authored-by: Miguel de Barros <miguel@debarros.me>
Co-authored-by: Adrian Enns <ennsak@gmail.com>
Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>
Co-authored-by: Valentin <valentin.genev@modusbox.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com>
Co-authored-by: Johann Nel <29751181+JohannWNel@users.noreply.github.com>
Co-authored-by: JoNel <Johann.nel@sybrin.co.za>
Co-authored-by: mojaloopci <info@mojaloop.io>
shashi165 added a commit to shashi165/quoting-service that referenced this pull request Oct 13, 2021
* Issue934-FixSetEnvVarRCAsBooleanInsteadOfString (mojaloop#81)

* Issue934-FixSetEnvVarRCAsBooleanInsteadOfString

* Issue934-JestUnitTestChangeUpdate

* WIP

* mockConfig done

* Issue934-AddParseStringInObjectDependencyAndUpdateDeps

* Issue934-UpdatePackageVersionTo8dot4dot1-snapshotAndUpdateDependencies

* bugfix/1066 Remove Put Accept Header (mojaloop#86)

- Added noAccept parameter
- Upgraded dependencies

* More unit tests and some code cleanup (mojaloop#87)

* Tests converted to Jest

* Added rules engine jsonpath dynamic fact

* Updated rules engine API. Added jsonpath package to dependencies. Added rules engine tests. Added Jest config. Added example rules.json.

* Updated hapi/subtext to patch vulnerability

* Updated example rules and corresponding tests to reflect real form of payer and payee

* Added switch endpoint to config to obtain payer and payee information for rules engine. Stubbed validateQuoteRequest method in relevant tests. Running rules engine in validateQuoteRequest (but not doing anything with the results yet).

* Tests converted to Jest

* Replaced coverage-check script. Added coverage threshold to jest config. Removed Istanbul config.

* Uninstalled and reinstalled jest to fix vulnerability

* Added junit + config. Added test:junit npm script. Modified circle config to call junit script. Added test results directory to gitignore.

* Modified example rules and corresponding tests to better reflect actual payer and payee facts

* Updated redirect address to redirect fsp. Made the linter happy. Added rule execution and event handling. Removed empty quote validation, replaced with rules engine execution. Removed redundant setImmediate. New test for INVALID_QUOTE_REQUEST event. Expanded INVALID_QUOTE_REQUEST unit tests.

* Manual merge from upstream

* Integrated properly the new `model/rules.js` into `model/quotes.js` and updated the `quotes.tests.js` accordingly.

* Simplified block of code that was unnecessarily using `map`.

* Forwarding event-handler-modified quote request and headers instead of originals

* Fixed tests by poorly mocking handleRuleEvents on the quotes model

* Cleaned a little bit the result of `handleRuleEvents`;
Updated unit tests in order to pass according to latest code changes.

* Deduplicated the functionality of request sending

* Removed `setImmediate` from all places that it was used.

* Use `CreateInternalServerFSPIOPError` instead of `CreateFSPIOPError`

* fixed the name of rules.json

* rename file rules.example.json

* Refactored existing unit tests in order to make them cleaner and avoid duplication;
Added more unit tests for `handleQuoteRequest` to cover all possible paths.

* Refactored `handleQuoteRequest` to make it more readable and avoid duplication;
Cleaned some minor parts of the whole `quotes.js` file.

* Resolved issue with merge

* Added unit tests for `quotesModel.handleRuleEvents`

* Minor update to behaviour and corresponding test update. Minor test change.

* Lint fix

* Added unit tests for `quotesModel.executeRules`

* Added more unit tests to `quotesModel.executeRules` to cover rejected promises of `axios.request`

* Minor refactoring on the unit tests of `RulesEngine` to use `describe` blocks and `it()` instead of `test()` for consistency.

* Added missing dependency that got removed after merging.

* Updated quotes model unit tests to match the new implementation of config.js

* Updated comments in codebase.

* Removed ``^` sign from dependency in package.json

* Bump npm-check-updates from 3.2.1 to 3.2.2 (mojaloop#88)

Bumps [npm-check-updates](https://github.com/tjunnone/npm-check-updates) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/tjunnone/npm-check-updates/releases)
- [Commits](raineorshine/npm-check-updates@v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Bump eslint from 6.6.0 to 6.7.1 (mojaloop#89)

Bumps [eslint](https://github.com/eslint/eslint) from 6.6.0 to 6.7.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](eslint/eslint@v6.6.0...v6.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* bugfix/1079 Extensions Longer Than 128 Chars (mojaloop#90)

- truncateExtension config
- fix issues with standardJS

* Dissasociated unit tests from the actual contents of file `config/rules.json`; (mojaloop#92)

Added a `rules.example.json` file.

* bugfix/1085 Quote to Inactive Fsp (mojaloop#91)

- Proper generate request headers when from switch

* mowdev-3411

* added more rules

* Feature/846 async logging (mojaloop#100)

* Add file logging support in docker, update dependencies

* Add back missing package after merge conflicts

* Feature/update json rules engine (mojaloop#101)

* Simplified rules unit tests

* Updated json-rules-engine

* Updated code to use native json-rules-engine jsonpath syntax

* Made linter happy. Removed jsonpath dependency.

* Feature/test fx rules (mojaloop#102)

* Added skeleton for fx rules unit tests

* Removed commented tests from original file

* Update fx.test.js

* Feature/846 async logging (mojaloop#100)

* Add file logging support in docker, update dependencies

* Add back missing package after merge conflicts

* Feature/update json rules engine (mojaloop#101)

* Simplified rules unit tests

* Updated json-rules-engine

* Updated code to use native json-rules-engine jsonpath syntax

* Made linter happy. Removed jsonpath dependency.

* Feature/test fx rules (mojaloop#102)

* Added skeleton for fx rules unit tests

* Removed commented tests from original file

* Update fx.test.js

* added more rules and tests

* test discard

* test discard

* test discard

* updated dependencies (mojaloop#105)

* stripe off accept header for PUT requests

* added package-lock.json

* Feature/1003 add container scans (mojaloop#103)

* Add anchore image scanning, update circleci config

* Fix config.yml validity issues

* Bump package version, ensure latest deps are installed

* Feature/1047 improve test coverage (mojaloop#108)

* Add unit tests to bring coverage up to 90%+

remove redundant nyc config

Set up dir structure for tests

Set up dir structure for tests

Add inspect util for ease of testing

working on quotes error test

Add istanbul ignore comments for mockgen only files

working on health check mocks

Working on config mocks

Add bulk quotes not implemented tests

Working on health check tests

Working on health check tests

remove unused comments

working on quotes test

working on config default tests

working on utils tests

working on utils tests

find and replace all stack inspection

find and replace all stack inspection

Working on quote tests

Move http into its own library for ease of mocking

Move http into its own library for ease of mocking

fix existing tests once mocking out http

add tests for handleException

add tests for handleException

add tests for handleException

finish getting model testing up to scratch

fix missing conditions on rule engine tests

Add tests for http

refactor start script to improve tests

work on server testing

working on database mocking

working on knex mocks

working on knex mocks

working on knex mocks

working on knex mocks

working on knex mocks

replace err.stack || util.inspect(err) with getStackOrInspect

work on quite tests

work on quite tests

finish work on cachedDatabase

update dependencies, bump package version to 8.7.0

* remove unneeded test files

* run standard --fix

* bump package version to 8.7.1-snapshot

* bump package version to 8.7.2-snapshot

* added more rules

* fixed the package.json version

* fixed version number

* fixed the Object.assign

* removed rules.json

* update package-lock.json

* Attempt cache refresh

* Replace audit:check with audit

* Debug with verbose audit

* Skip vulnerability check because of network errors

* Skip vuln check step

* downgrade helm version

* #1147 - Update dependencies (mojaloop#118)

* Update sinon

* Bump version to 8.8.0

* temp logging

* renamed switchEndpoint to a better name

* removed config from dockerfile

* Fix for #1169 - GET /quotes for malformed ID error response is 1001 instead of 3xxx (mojaloop#125)

* Add quote ID validation in swagger.json
* Update dependencies and fix unit test
* Fix version

* Added synchronous responses for rules engine invalid quote errors (mojaloop#127)

* Added synchronous responses for rules engine invalid quote errors

* Corrected import

* Corrected error variable name

* Moved response handling out of model, into handlers

* Fixed tests

* added error code

* added swagger changes

* Bugfix/1172empty quote values (mojaloop#128)

* Added minLength of 1 for quoteId and transactionId for post quotes

* Added a comment to remove the minLength property from quoteId and transactionId once the enjoi library has been fixed.

* Upgrading version to v8.8.0-snapshot (mojaloop#129)

* Upgrading version to v8.8.0-snapshot and now we have test coverage >90%

* Feature/1157 anchore report summary (mojaloop#132)

* Add anchore summary report upload

* fix missing aws credentials

* Update dependencies (mojaloop#133)

* added error handling when there are no active accounts

* added error handling when there are no active accounts

* added error handling when there are no active accounts

* 893-UpdateRegexToValidateIncomingErrorCodeAtEndpointCallbackAndUpdateDependencies (mojaloop#113)

* Issue934-FixSetEnvVarRCAsBooleanInsteadOfString

* WIP

* mockConfig done

* 893-AddSwaggerValidationForIncomingErrorCodePlusUnitTestChangeAndUpdateDependencies

* Fix unit test, update dependencies plus Merge remote-tracking branch 'origin/893-ValidateIncomingErrorCodeAtErroCallbackEndpoint' into 893-ValidateIncomingErrorCodeAtErroCallbackEndpoint

Co-authored-by: Georgi Georgiev <georgi.georgiev@modusbox.com>
Co-authored-by: Sam <elnyry@users.noreply.github.com>

* fixed error responses sync and async

* fixed the rounting problem with forex quotes

* fixed the rounting problem with forex quotes

* fixed the rounting problem with forex quotes

* removed fspiop-uri header

* removed fspiop-signature header

* added one more error code to sync errors

* added more error handling

* Fix for #1173 - GET /quotes for unknown quote ID error response is 1001 instead of 3205 (mojaloop#139)

* Bump version to 9.0.0-snapshot

* Fix response codes for PUT /quotes/{id} and PUT /quotes/{id}/error from 202 to 200

* Update dependencies. Freeze json-rules-engine due to breaking changes

* Bump version to 9.1.0

* Remove hard-coded response codes in test

* Return error 3000 - Generic client error  and not 1001 on 404 errors

* Update dependencies

* Fix span bug

* Update cs-shared

* Upgrade to Node 12.16.0 LTS version (mojaloop#150)

- Updated CircleCI and Docker scripts to use Node 12.16.0 LTS version.
- Updated dependencies

* Added updated Mojaloop license (mojaloop#151)

* Added updated Mojaloop license (mojaloop#152)

* Hotfix: Fix startup failure error (mojaloop#153)

* Lock hapi version

* Resolve audit issue, temporarily

* Fix/1107 circleci deploy (mojaloop#154)

* remove sensitive notes

* resolve npm audit issues

* temp disable some cicd steps for speed up tests

* fix missing aws config

* Add parameters into orb config

* Updating deploy config

* helm deploy fixes

* temporarily disable the coverage checks

* replace inline deployment orb with orb reference

* update deploy orb to v0.1.1

* removing duplicate configs

* working on helm config

* bump orb version to 0.1.4

* Working on executor config

* Working on executor config

* fix helm set values

* more work on helm set values

* more work on helm set values

* Reenable skipped ci steps

* bump package version to 9.2.2-snapshot, add hapi to the audit fix

* Fixed /quote/\{id\}/error destination (mojaloop#156)

* Updated package version (mojaloop#157)

* Updated package version

* Updated dependencies (mojaloop#158)

* updated to newly released version of event-sdk

* updated dependencies and version

* Feature/updating dependencies (mojaloop#159)

* updated to newly released version of event-sdk

* updated dependencies and version

* updated dependencies

* #1178: Bug fixes for POST /quotes with unknown destination FSP (mojaloop#160)

* Validate that FSP Ids in headers and payload match for both payerfsp and payeefsp

* Hotfix: Revert #1178 changes (mojaloop#161)

* Revert #1178 changes. Update depenedencies. Bump version

* Undo version bump

* Bugfix/restore handle quote error headers (mojaloop#168)

* Modified `forwardQuoteUpdate` so it handles special cases where it doesn't need to modify/set the headers.

* Bumped to 9.3.4-snapshot;
Added myself to the hall of fame.

* Updated unit tests.

* Changed bumped version to 9.4.0 to cope with the current versioning status.

* Changed the places where the sendErrorCallback is called with `true` flag.

* run `npm run audit:resolve` and skipped for a week.

* Do not modify headers in case they are only being relayed to another DFSP.

* Do not delete `FSPIOP-Signature` header unless if `modifyHeaders` is `true`.

* Store extensionLists for quote requests and responses. (mojaloop#184)

* store extension list items for quote requests and responses

* Adding unit test coverage for quote request and response extensionList saving to database

* postpone audit failures

* attempt to resolve further audit issues

* Delete package-lock.json

* another attempt to resolve audit issues

* Bump package version

* Proposed code changes for extensionLists PR (mojaloop#185)

* Proposed code changes for extensionLists PR

* Lint

Co-authored-by: Matt Kingston <mattkingston@gmail.com>

* Feature/otc 218 enhance post quote partyIdInfo with extension list (mojaloop#190)

* Added the extension list under the partyidinfo obj

* OTC-218 Changes:

Enhanced Post Quotes on quoting service to handle extension lists under partyId info
Updated dependencies
Postponed audit issue

* OTC-218 Changes:

Enhanced Post Quotes on quoting service to handle extension lists under partyId info

* Add custom mojaloop policy for evaluating anchore-cli scans (mojaloop#192)

* Update dependencies (mojaloop#200)

* Update dependencies

* Temporarily resolve audit issues

* Hotfix for docker image to support async logging (mojaloop#202)

- Added async logging support to DockerFile
- Updated dependencies for Jest
- Fixed vulnerability issues
- Bumped version to v10.1.1

* Merged `master` into this branch.

* added JWS support for switch generated msg (mojaloop#203)

* added JWS support for switch generated msg

* added unit tests

* added coverage tests

* fix audit issues

* removed un-necessary header fix

* added a valid default private key

* added a default private key

* not modify request in jwsSigner

* fixed the version issue

* bumped up the version

* bumped up the version

Co-authored-by: Shashi <shashikant.hirugade@modusbox.com>

* fixed the bug with createQuoteExtensions

* Fixed the arguments passed to `createQuoteExtensions`. (mojaloop#213)

* Fixed the arguments passed to `createQuoteExtensions`.

* Updated expected error message in unit test.

* fixed issue with createQuoteExtension

* Fixed issue with `createQuoteExtension` (mojaloop#214)

* Revert change of the error message as it breaks tests.

* Updated versions for error-handler, etc... (mojaloop#218)

* Change CI/CD notifications to their own slack channel, bump package to 10.3.1 (mojaloop#219)

* Fix DB transaction leaks. Update unit tests (mojaloop#220)

- Fixed DB transaction/connection leaks
- Updated unit tests
- Bumped version

* Feature/validation for name place accents  (mojaloop#221)

* updated to newly released version of event-sdk

* updated dependencies and version

* updates to migrate quoting api to use openapi-backend
create openapi >= 3.0 swagger
updated dependencies
added new routes
converted server to use new libraries
golden path tests pass
coverage may need some attention

* added production to quotes audit checks

* fixed incorrect case for file path

* Updated code coverage

* update of dependencies

* error handling dependency update

* updated dependency

* Updated python in Circle CI (mojaloop#222)

* updated to newly released version of event-sdk

* updated dependencies and version

* updates to migrate quoting api to use openapi-backend
create openapi >= 3.0 swagger
updated dependencies
added new routes
converted server to use new libraries
golden path tests pass
coverage may need some attention

* added production to quotes audit checks

* fixed incorrect case for file path

* Updated code coverage

* update of dependencies

* error handling dependency update

* updated dependency

* Changes:
	Updated python in circle CI

* Updated dependencies and version for issue: mojaloop/project#1378 (mojaloop#223)

* Aligned an error message with the master branch to match Postman test's assertions.

* Fixed some npm vulnerabilities and skipped the rest.

* Updated circle CI config according to master branch.

* Removed `quoteId` from error log message as it causes error due its exceeding length.

* Removed `quoteId` from error log message as it causes error due its exceeding length. (mojaloop#224)

* fixed error message

* Bugfix/1385 fix post quotes header (mojaloop#225)

* updated to newly released version of event-sdk

* updated dependencies and version

* updated to remove accept header from PUT quotes callback

* fix error message (mojaloop#226)

* fix error message

* fix error message

Co-authored-by: Shashi <shashikant.hirugade@modusbox.com>

* Bugfix/fix participant lookup to use currency (mojaloop#227)

* updated to newly released version of event-sdk

* updated dependencies and version

* fix for accept header and content-type header versions being hardcoded

* Bugfix/fix participant lookup to use currency (mojaloop#228)

* updated to newly released version of event-sdk

* updated dependencies and version

* fix for accept header and content-type header versions being hardcoded

* updated participant lookup to validate against the participant and participant currency table to validate that the participant is active as well as their currency account

* Bugfix/fix participant lookup to use currency (mojaloop#230)

* updated to newly released version of event-sdk

* updated dependencies and version

* fix for accept header and content-type header versions being hardcoded

* updated participant lookup to validate against the participant and participant currency table to validate that the participant is active as well as their currency account

* updated the order the sql is run in, seems to give and issue during testing

* Bugfix/fix participant lookup to use currency (mojaloop#231)

Fix for createPartyQuote not passing all values to getParticipant

* Feature/1468 support for bulk quotes post passthrough (mojaloop#233)

* updated to newly released version of event-sdk

* updated dependencies and version

* added support for bulk quotes post functionality
updated dependencies to fix audit issues

* added put, and get functionality for bulk quotes

* Fix log text

* added the put bulkQuotes error endpoint

* updated according to stevens comments

* removed unnecessary await

* removed the await

* awaits need to be there for audits

* fixes for error handling according to @oderayi to handle exceptions in model instead of throwing it up to handler

* #1484: Update FSPIOP API version (mojaloop#235)

* Update FSPIOP API version

* Update src/interface/swagger.json

Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* Update API description

* Attempt to fix 'jest not found' error in circleci

* Attempt to fix 'jest not found' error in circleci

* Lock version update for jest and jest-unit, restore npm scripts

* Update jest and jest-junit

* Update src/interface/swagger.json

Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* Bump version in attempt to bypass ci bug with caches

Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* Add ISO test currencies (XTS, XXX) (mojaloop#238)

* Add ISO test currencies

* Bump package version

* added test currencies

* resolve audit issues

* fix audit issues

* fix audit issues

* Convert handlers to async, update deps, and bump version (mojaloop#239)

* Feature/#1615 content headers (mojaloop#240)

* added support for resource versions

* updated dependencies

Co-authored-by: Valentin <valentin.genev@modusbox.com>

* fixed resource api version to be changed only if message originates from the switch (mojaloop#241)

Co-authored-by: Valentin <valentin.genev@modusbox.com>

* updated dependencies and removed old audit records (mojaloop#243)

* Updated to cater for spans finishing early (mojaloop#244)

* updated dependencies and removed old audit records

* updated to cater for parent spans finishing before the span can be closed and fixed tests

* fixing tests and some code found during testing

* fixes  (mojaloop#245)

* updated dependencies and removed old audit records

* updated to cater for parent spans finishing before the span can be closed and fixed tests

* fixing tests and some code found during testing

* needed to handle error in the model as the handler has already processed

* #1456: Feature/docker config fixes (mojaloop#247)

* Update docker configs with master, bump patch version, update dependencies, and fix linting errors with Standard

* Update tests

* Clean up

* Clean up

* validate dfsps in payload for simple routing mode (mojaloop#248)

* #1875: Replace wildcard routes with explicit routes. (mojaloop#249)

* Replace wildcard routes with explicit routes. Add hapi-swagger for API documentation (swagger). Update dependencies. Bump patch version

* Fix dependencies

* chore: update license file (mojaloop#251)

* #1885: Add API documentation library (mojaloop#250)

* Add API documentation endpoints

* Update dependencies

* Resolve audit

* Force update event-stream (Widdershins dep) due to license audit issues

* [Security] Bump node-notifier from 8.0.0 to 8.0.1 (mojaloop#252)

Bumps [node-notifier](https://github.com/mikaelbr/node-notifier) from 8.0.0 to 8.0.1. **This update includes a security fix.**
- [Release notes](https://github.com/mikaelbr/node-notifier/releases)
- [Changelog](https://github.com/mikaelbr/node-notifier/blob/v8.0.1/CHANGELOG.md)
- [Commits](mikaelbr/node-notifier@v8.0.0...v8.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* [Security] Bump axios from 0.21.0 to 0.21.1 (mojaloop#255)

Bumps [axios](https://github.com/axios/axios) from 0.21.0 to 0.21.1. **This update includes a security fix.**
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v0.21.1/CHANGELOG.md)
- [Commits](axios/axios@v0.21.0...v0.21.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* [Security] Bump urijs from 1.19.2 to 1.19.5 (mojaloop#254)

Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.2 to 1.19.5. **This update includes a security fix.**
- [Release notes](https://github.com/medialize/URI.js/releases)
- [Changelog](https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md)
- [Commits](medialize/URI.js@v1.19.2...v1.19.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* feat(ci/cd): add pr title check (mojaloop#256)

* chore: adding codeowners file (mojaloop#257)

* chore: maintenance upgrades, audit check resolve update (mojaloop#258)

* chore: adding codeowners file

* chore: maintenance upgrades, audit check resolve update

* fix(headers)!: made fspiop-destination header mandatory (mojaloop#259)

* fix(headers) ! :made fspiop-destination header mandatory

* added unit test

* added unit test

* [Security] Bump urijs from 1.19.5 to 1.19.6 (mojaloop#260)

Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.5 to 1.19.6. **This update includes a security fix.**
- [Release notes](https://github.com/medialize/URI.js/releases)
- [Changelog](https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md)
- [Commits](medialize/URI.js@v1.19.5...v1.19.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* fix(security): Bump y18n from 3.2.1 to 3.2.2 (mojaloop#261)

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. **This update includes a security fix.**
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>

* fix(security): Bump djv from 2.1.2 to 2.1.4 (mojaloop#263)

Bumps [djv](https://github.com/korzio/djv) from 2.1.2 to 2.1.4.
- [Release notes](https://github.com/korzio/djv/releases)
- [Changelog](https://github.com/korzio/djv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korzio/djv/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: #2103 fix subid functionality in POST quotes request (mojaloop#264)

* Fixed issue with subId

* Bumped up the version and postponed the audits

* Fixed unit test

* Update src/data/database.js

Co-authored-by: Lewis Daly <lewis@vesselstech.com>

Co-authored-by: Lewis Daly <lewis@vesselstech.com>

* feat(#2119): fixes for updated for AJV error objects change (mojaloop#265)

- Including new release of Central-services-error-handling: https://github.com/mojaloop/central-services-error-handling/releases/tag/v11.2.0
- Upgraded dependencies
- Added AJV as it was a "peer dependency"
- Bump to version
- Updated audit-resolve for known security issue

* fix(#2182): regex validations against swagger interface spec no longer working (mojaloop#267)

- Updated central-services-shared dependency
- Bump to version
- Audit-resolve issues

* fix: helm release v12.1.0 (mojaloop#269)

- Updated dependencies
- Bump to patch level
- Standardised npm lint script
- Fixes for audit issues

* [Security] Bump hosted-git-info from 2.8.8 to 2.8.9 (mojaloop#266)

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. **This update includes a security fix.**
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.8.8...v2.8.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

* chore: helm release v12.1.0  (mojaloop#270)

- updated missing dependency updates due to ncurc
- 'allow.auto.create.topics=true' had been added to Kafka Consumer configs. This will enable Kafka Consumers to trigger auto creation of topics, ref: https://github.com/edenhill/librdkafka/releases/tag/v1.5.0.

* fix(mojaloop/project#2246): updated dependency version (mojaloop#272)

-Bumped Version
-Fixed pre-commit task, misspelling

Co-authored-by: JoNel <Johann.nel@sybrin.co.za>

* fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings (mojaloop#278)

* fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings [#2358](mojaloop/project#2358)
- Updated regex to match [\w](https://unicode.org/reports/tr18/#word) (used by the [Mojaloop Specification](https://github.com/mojaloop/mojaloop-specification/blob/master/fspiop-api/documents/v1.1-document-set/fspiop-v1.1-openapi3.yaml#L2347)) based on mappings to the [ECMAScript](https://262.ecma-international.org/9.0/#sec-runtime-semantics-unicodematchproperty-p) regex specification.
- Added unit test for post quotes endpoint with additional asian (Myanmar) unicode characters added to middleName
- Bump to patch version
- Updated dependencies to the latest version
- Fixed audit-resolve issues:

```text
--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
 vulnerable versions <3.2.2 || >=4.0.0 <4.4.14 || >=5.0.0 <5.0.6 || >=6.0.0 <6.1.1 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
 vulnerable versions <3.2.3 || >=4.0.0 <4.4.15 || >=5.0.0 <5.0.7 || >=6.0.0 <6.1.2 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
```

> Outcome: Fixed

```text
--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser
```

> Outcome: Ignored for a week

```text
--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
```

> Outcome: Ignored for a week

* chore(#864): change instanbul to nyc for coverage on all projects (mojaloop#279)

chore(#864): change instanbul to nyc for coverage on all projects
- removed .ncurc.yml as code-coverage is configured in the jest.config.js
- fixes for audit resolve

```text
--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser
```

> Outcome: Ignored for a week
> Impact: Minimal as this is used to render documentation end-point

```text
--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
```

> Outcome: Ignored for a week
> Impact: Minimal as this is used to render documentation end-point

* fix(mojaloop/#2439): quoting-service-model.validatequoterequest-doesnt-perform-correct-validation (mojaloop#280)

fix([mojaloop/#2439](mojaloop/project#2439)): quoting-service model.validateQuoteRequest doesn't perform correct validation when simpleRoutingMode is TRUE
- added typesafe checks for validate quote request logic
- added devspace patterns to gitignore
- minor formatting of the serverStart unit tests for clarity
- updated dependencies to latest version
- added circleci config for automated releases
- added standard-version dependency for automated releases
- fixed audit resolve issues:
```text
--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
 vulnerable versions <4.4.18 || >=5.0.0 <5.0.10 || >=6.0.0 <6.1.9 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
 vulnerable versions <4.4.18 || >=5.0.0 <5.0.10 || >=6.0.0 <6.1.9 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
```
> Outcome: Fixed

```text
--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser
```
> Outcome: Ignored for a week
> Impact: Minimal as the dependencies are used for the Developer Documentation end-point

```text
--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
```
> Outcome: Ignored for a week
> Impact: Minimal as the dependencies are used for the Developer Documentation end-point

* fix: updated circleci config to use the SHA1 hash of the last commit of the current build (mojaloop#281)

* chore(release): 12.0.8 [skip ci]

* fix: circleci slack webhook typo fix (mojaloop#282)

* fixes for CI-CD typo image-scan failure on slack webhook

* chore(release): 12.0.9 [skip ci]

* chore: updated readme with automated-releases, potential-problems and additional-notes placeholder (mojaloop#283)

* updated readme with Automated Releases, Potential Problems and Additional Notes placeholder
* fixed markdown lint issues for readme

* chore(release): 12.0.10 [skip ci]

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* WIP

* Fixed the tests

* changed the way we add headers

* refactoring

* refactoring

* removed the hardcoded headers

* removed the hardcoded headers

* updated README

* fixed swagger

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

* revert sync changes

Co-authored-by: Juan Correa <gibaros@users.noreply.github.com>
Co-authored-by: Georgi Georgiev <georgi.georgiev@modusbox.com>
Co-authored-by: Vassilis Barzokas <vassilis.barzokas@modusbox.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: shashi165 <shashikant.hirugade@softwaregroup.com>
Co-authored-by: Lewis Daly <lewis@vesselstech.com>
Co-authored-by: Matt Kingston <mattkingston@gmail.com>
Co-authored-by: Valentin Genev <vgenev@gmail.com>
Co-authored-by: Kamuela Franco <kamuela.franco@gmail.com>
Co-authored-by: Steven Oderayi <oderayi@gmail.com>
Co-authored-by: ndonnan <neal.donnan@gmail.com>
Co-authored-by: Sam <elnyry@users.noreply.github.com>
Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com>
Co-authored-by: James Bush <37296643+bushjames@users.noreply.github.com>
Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com>
Co-authored-by: Miguel de Barros <miguel@debarros.me>
Co-authored-by: Adrian Enns <ennsak@gmail.com>
Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com>
Co-authored-by: Valentin <valentin.genev@modusbox.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com>
Co-authored-by: Johann Nel <29751181+JohannWNel@users.noreply.github.com>
Co-authored-by: JoNel <Johann.nel@sybrin.co.za>
Co-authored-by: mojaloopci <info@mojaloop.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants