Feat/merge mowali branch (#1)

[shashi165]

• Issue934-FixSetEnvVarRCAsBooleanInsteadOfString (Issue934-FixSetEnvVarRCAsBooleanInsteadOfString #81)

• Issue934-FixSetEnvVarRCAsBooleanInsteadOfString

• Issue934-JestUnitTestChangeUpdate

• WIP

• mockConfig done

• Issue934-AddParseStringInObjectDependencyAndUpdateDeps

• Issue934-UpdatePackageVersionTo8dot4dot1-snapshotAndUpdateDependencies

• bugfix/1066 Remove Put Accept Header (bugfix/1066 Remove Put Accept Header #86)

• Added noAccept parameter
• Upgraded dependencies

• More unit tests and some code cleanup (More unit tests and some code cleanup #87)

• Tests converted to Jest

• Added rules engine jsonpath dynamic fact

• Updated rules engine API. Added jsonpath package to dependencies. Added rules engine tests. Added Jest config. Added example rules.json.

• Updated hapi/subtext to patch vulnerability

• Updated example rules and corresponding tests to reflect real form of payer and payee

• Added switch endpoint to config to obtain payer and payee information for rules engine. Stubbed validateQuoteRequest method in relevant tests. Running rules engine in validateQuoteRequest (but not doing anything with the results yet).

• Tests converted to Jest

• Replaced coverage-check script. Added coverage threshold to jest config. Removed Istanbul config.

• Uninstalled and reinstalled jest to fix vulnerability

• Added junit + config. Added test:junit npm script. Modified circle config to call junit script. Added test results directory to gitignore.

• Modified example rules and corresponding tests to better reflect actual payer and payee facts

• Updated redirect address to redirect fsp. Made the linter happy. Added rule execution and event handling. Removed empty quote validation, replaced with rules engine execution. Removed redundant setImmediate. New test for INVALID_QUOTE_REQUEST event. Expanded INVALID_QUOTE_REQUEST unit tests.

• Manual merge from upstream

• Integrated properly the new model/rules.js into model/quotes.js and updated the quotes.tests.js accordingly.

• Simplified block of code that was unnecessarily using map.

• Forwarding event-handler-modified quote request and headers instead of originals

• Fixed tests by poorly mocking handleRuleEvents on the quotes model

• Cleaned a little bit the result of handleRuleEvents;
  Updated unit tests in order to pass according to latest code changes.

• Deduplicated the functionality of request sending

• Removed setImmediate from all places that it was used.

• Use CreateInternalServerFSPIOPError instead of CreateFSPIOPError

• fixed the name of rules.json

• rename file rules.example.json

• Refactored existing unit tests in order to make them cleaner and avoid duplication;
  Added more unit tests for handleQuoteRequest to cover all possible paths.

• Refactored handleQuoteRequest to make it more readable and avoid duplication;
  Cleaned some minor parts of the whole quotes.js file.

• Resolved issue with merge

• Added unit tests for quotesModel.handleRuleEvents

• Minor update to behaviour and corresponding test update. Minor test change.

• Lint fix

• Added unit tests for quotesModel.executeRules

• Added more unit tests to quotesModel.executeRules to cover rejected promises of axios.request

• Minor refactoring on the unit tests of RulesEngine to use describe blocks and it() instead of test() for consistency.

• Added missing dependency that got removed after merging.

• Updated quotes model unit tests to match the new implementation of config.js

• Updated comments in codebase.

• Removed ``^` sign from dependency in package.json

• Bump npm-check-updates from 3.2.1 to 3.2.2 (Bump npm-check-updates from 3.2.1 to 3.2.2 #88)

Bumps npm-check-updates from 3.2.1 to 3.2.2.

• Release notes
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

• Bump eslint from 6.6.0 to 6.7.1 (Bump eslint from 6.6.0 to 6.7.1 #89)

Bumps eslint from 6.6.0 to 6.7.1.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

• bugfix/1079 Extensions Longer Than 128 Chars (bugfix/1079 Extensions Longer Than 128 Chars #90)

• truncateExtension config
• fix issues with standardJS

• Dissasociated unit tests from the actual contents of file config/rules.json; (Dissociated unit tests from the actual contents of rules.json #92)

Added a rules.example.json file.

• bugfix/1085 Quote to Inactive Fsp (bugfix/1085 Quote to Inactive Fsp #91)

• Proper generate request headers when from switch

• mowdev-3411

• added more rules

• Feature/846 async logging (Feature/846 async logging #100)

• Add file logging support in docker, update dependencies

• Add back missing package after merge conflicts

• Feature/update json rules engine (Feature/update json rules engine #101)

• Simplified rules unit tests

• Updated json-rules-engine

• Updated code to use native json-rules-engine jsonpath syntax

• Made linter happy. Removed jsonpath dependency.

• Feature/test fx rules (Feature/test fx rules #102)

• Added skeleton for fx rules unit tests

• Removed commented tests from original file

• Update fx.test.js

• Feature/846 async logging (Feature/846 async logging #100)

• Add file logging support in docker, update dependencies

• Add back missing package after merge conflicts

• Feature/update json rules engine (Feature/update json rules engine #101)

• Simplified rules unit tests

• Updated json-rules-engine

• Updated code to use native json-rules-engine jsonpath syntax

• Made linter happy. Removed jsonpath dependency.

• Feature/test fx rules (Feature/test fx rules #102)

• Added skeleton for fx rules unit tests

• Removed commented tests from original file

• Update fx.test.js

• added more rules and tests

• test discard

• test discard

• test discard

• updated dependencies (updated dependencies #105)

• stripe off accept header for PUT requests

• added package-lock.json

• Feature/1003 add container scans (Feature/1003 add container scans #103)

• Add anchore image scanning, update circleci config

• Fix config.yml validity issues

• Bump package version, ensure latest deps are installed

• Feature/1047 improve test coverage (Feature/1047 improve test coverage #108)

• Add unit tests to bring coverage up to 90%+

remove redundant nyc config

Set up dir structure for tests

Set up dir structure for tests

Add inspect util for ease of testing

working on quotes error test

Add istanbul ignore comments for mockgen only files

working on health check mocks

Working on config mocks

Add bulk quotes not implemented tests

Working on health check tests

Working on health check tests

remove unused comments

working on quotes test

working on config default tests

working on utils tests

working on utils tests

find and replace all stack inspection

find and replace all stack inspection

Working on quote tests

Move http into its own library for ease of mocking

Move http into its own library for ease of mocking

fix existing tests once mocking out http

add tests for handleException

add tests for handleException

add tests for handleException

finish getting model testing up to scratch

fix missing conditions on rule engine tests

Add tests for http

refactor start script to improve tests

work on server testing

working on database mocking

working on knex mocks

working on knex mocks

working on knex mocks

working on knex mocks

working on knex mocks

replace err.stack || util.inspect(err) with getStackOrInspect

work on quite tests

work on quite tests

finish work on cachedDatabase

update dependencies, bump package version to 8.7.0

• remove unneeded test files

• run standard --fix

• bump package version to 8.7.1-snapshot

• bump package version to 8.7.2-snapshot

• added more rules

• fixed the package.json version

• fixed version number

• fixed the Object.assign

• removed rules.json

• update package-lock.json

• Attempt cache refresh

• Replace audit:check with audit

• Debug with verbose audit

• Skip vulnerability check because of network errors

• Skip vuln check step

• downgrade helm version

• #1147 - Update dependencies (#1147 - Update dependencies #118)

• Update sinon

• Bump version to 8.8.0

• temp logging

• renamed switchEndpoint to a better name

• removed config from dockerfile

• Fix for #1169 - GET /quotes for malformed ID error response is 1001 instead of 3xxx (Fix for #1169 - GET /quotes for malformed ID error response is 1001 instead of 3xxx #125)

• Add quote ID validation in swagger.json

• Update dependencies and fix unit test

• Fix version

• Added synchronous responses for rules engine invalid quote errors (Added synchronous responses for rules engine invalid quote errors #127)

• Added synchronous responses for rules engine invalid quote errors

• Corrected import

• Corrected error variable name

• Moved response handling out of model, into handlers

• Fixed tests

• added error code

• added swagger changes

• Bugfix/1172empty quote values (Bugfix/1172empty quote values #128)

• Added minLength of 1 for quoteId and transactionId for post quotes

• Added a comment to remove the minLength property from quoteId and transactionId once the enjoi library has been fixed.

• Upgrading version to v8.8.0-snapshot (Upgrading version to v8.8.0-snapshot #129)

• Upgrading version to v8.8.0-snapshot and now we have test coverage >90%

• Feature/1157 anchore report summary (Feature/1157 anchore report summary #132)

• Add anchore summary report upload

• fix missing aws credentials

• Update dependencies (Version update for release #133)

• added error handling when there are no active accounts

• added error handling when there are no active accounts

• added error handling when there are no active accounts

• 893-UpdateRegexToValidateIncomingErrorCodeAtEndpointCallbackAndUpdateDependencies (893-UpdateRegexToValidateIncomingErrorCodeAtEndpointCallbackAndUpdateDependencies #113)

• Issue934-FixSetEnvVarRCAsBooleanInsteadOfString

• WIP

• mockConfig done

• 893-AddSwaggerValidationForIncomingErrorCodePlusUnitTestChangeAndUpdateDependencies

• Fix unit test, update dependencies plus Merge remote-tracking branch 'origin/893-ValidateIncomingErrorCodeAtErroCallbackEndpoint' into 893-ValidateIncomingErrorCodeAtErroCallbackEndpoint

Co-authored-by: Georgi Georgiev [email protected]
Co-authored-by: Sam [email protected]

• fixed error responses sync and async

• fixed the rounting problem with forex quotes

• fixed the rounting problem with forex quotes

• fixed the rounting problem with forex quotes

• removed fspiop-uri header

• removed fspiop-signature header

• added one more error code to sync errors

• added more error handling

• Fix for #1173 - GET /quotes for unknown quote ID error response is 1001 instead of 3205 (Fix for #1173 - GET /quotes for unknown quote ID error response is 1001 instead of 3205 #139)

• Bump version to 9.0.0-snapshot

• Fix response codes for PUT /quotes/{id} and PUT /quotes/{id}/error from 202 to 200

• Update dependencies. Freeze json-rules-engine due to breaking changes

• Bump version to 9.1.0

• Remove hard-coded response codes in test

• Return error 3000 - Generic client error and not 1001 on 404 errors

• Update dependencies

• Fix span bug

• Update cs-shared

• Upgrade to Node 12.16.0 LTS version (#1175 Upgrade to Node 12.16.0 LTS #150)

• Updated CircleCI and Docker scripts to use Node 12.16.0 LTS version.
• Updated dependencies

• Added updated Mojaloop license ([moja-tools-bot] Update LICENSE.md #151)

• Added updated Mojaloop license ([moja-tools-bot] Update LICENSE.md #152)

• Hotfix: Fix startup failure error (Hotfix: Fix startup failure error #153)

• Lock hapi version

• Resolve audit issue, temporarily

• Fix/1107 circleci deploy (Fix/1107 circleci deploy #154)

• remove sensitive notes

• resolve npm audit issues

• temp disable some cicd steps for speed up tests

• fix missing aws config

• Add parameters into orb config

• Updating deploy config

• helm deploy fixes

• temporarily disable the coverage checks

• replace inline deployment orb with orb reference

• update deploy orb to v0.1.1

• removing duplicate configs

• working on helm config

• bump orb version to 0.1.4

• Working on executor config

• Working on executor config

• fix helm set values

• more work on helm set values

• more work on helm set values

• Reenable skipped ci steps

• bump package version to 9.2.2-snapshot, add hapi to the audit fix

• Fixed /quote/{id}/error destination (Fixed /quote/\{id\}/error destination #156)

• Updated package version (Updated package version #157)

• Updated package version

• Updated dependencies (Updated dependencies #158)

• updated to newly released version of event-sdk

• updated dependencies and version

• Feature/updating dependencies (Feature/updating dependencies #159)

• updated to newly released version of event-sdk

• updated dependencies and version

• updated dependencies

• #1178: Bug fixes for POST /quotes with unknown destination FSP (#1178: Bug fixes for POST /quotes with unknown destination FSP #160)

• Validate that FSP Ids in headers and payload match for both payerfsp and payeefsp

• Hotfix: Revert #1178 changes (Hotfix: Revert #1178 changes #161)

• Revert #1178 changes. Update depenedencies. Bump version

• Undo version bump

• Bugfix/restore handle quote error headers (Bugfix/restore handle quote error headers #168)

• Modified forwardQuoteUpdate so it handles special cases where it doesn't need to modify/set the headers.

• Bumped to 9.3.4-snapshot;
  Added myself to the hall of fame.

• Updated unit tests.

• Changed bumped version to 9.4.0 to cope with the current versioning status.

• Changed the places where the sendErrorCallback is called with true flag.

• run npm run audit:resolve and skipped for a week.

• Do not modify headers in case they are only being relayed to another DFSP.

• Do not delete FSPIOP-Signature header unless if modifyHeaders is true.

• Store extensionLists for quote requests and responses. (Store extensionLists for quote requests and responses. #184)

• store extension list items for quote requests and responses

• Adding unit test coverage for quote request and response extensionList saving to database

• postpone audit failures

• attempt to resolve further audit issues

• Delete package-lock.json

• another attempt to resolve audit issues

• Bump package version

• Proposed code changes for extensionLists PR (Proposed code changes for extensionLists PR #185)

• Proposed code changes for extensionLists PR

• Lint

Co-authored-by: Matt Kingston [email protected]

• Feature/otc 218 enhance post quote partyIdInfo with extension list (Feature/otc 218 enhance post quote partyIdInfo with extension list #190)

• Added the extension list under the partyidinfo obj

• OTC-218 Changes:

Enhanced Post Quotes on quoting service to handle extension lists under partyId info
Updated dependencies
Postponed audit issue

• OTC-218 Changes:

Enhanced Post Quotes on quoting service to handle extension lists under partyId info

• Add custom mojaloop policy for evaluating anchore-cli scans (Feature/1223 Add custom mojaloop policy for evaluating anchore-cli scans #192)

• Update dependencies (Update dependencies #200)

• Update dependencies

• Temporarily resolve audit issues

• Hotfix for docker image to support async logging (Hotfix for docker image to support async logging #202)

• Added async logging support to DockerFile
• Updated dependencies for Jest
• Fixed vulnerability issues
• Bumped version to v10.1.1

• Merged master into this branch.

• added JWS support for switch generated msg (added JWS support for switch generated msg #203)

• added JWS support for switch generated msg

• added unit tests

• added coverage tests

• fix audit issues

• removed un-necessary header fix

• added a valid default private key

• added a default private key

• not modify request in jwsSigner

• fixed the version issue

• bumped up the version

• bumped up the version

Co-authored-by: Shashi [email protected]

• fixed the bug with createQuoteExtensions

• Fixed the arguments passed to createQuoteExtensions. (Fixed the arguments passed to createQuoteExtensions. #213)

• Fixed the arguments passed to createQuoteExtensions.

• Updated expected error message in unit test.

• fixed issue with createQuoteExtension

• Fixed issue with createQuoteExtension (Fixed issue with createQuoteExtension #214)

• Revert change of the error message as it breaks tests.

• Updated versions for error-handler, etc... (Updated versions for error-handler, etc... #218)

• Change CI/CD notifications to their own slack channel, bump package to 10.3.1 (fix/slack-notifications #219)

• Fix DB transaction leaks. Update unit tests (Bugfix/#1168: Quoting Service timeout error #220)

• Fixed DB transaction/connection leaks
• Updated unit tests
• Bumped version

• Feature/validation for name place accents (Feature/validation for name place accents  #221)

• updated to newly released version of event-sdk

• updated dependencies and version

• updates to migrate quoting api to use openapi-backend
  create openapi >= 3.0 swagger
  updated dependencies
  added new routes
  converted server to use new libraries
  golden path tests pass
  coverage may need some attention

• added production to quotes audit checks

• fixed incorrect case for file path

• Updated code coverage

• update of dependencies

• error handling dependency update

• updated dependency

• Updated python in Circle CI (Updated python in Circle CI #222)

• updated to newly released version of event-sdk

• updated dependencies and version

• updates to migrate quoting api to use openapi-backend
  create openapi >= 3.0 swagger
  updated dependencies
  added new routes
  converted server to use new libraries
  golden path tests pass
  coverage may need some attention

• added production to quotes audit checks

• fixed incorrect case for file path

• Updated code coverage

• update of dependencies

• error handling dependency update

• updated dependency

• Changes:
  Updated python in circle CI

• Updated dependencies and version for issue: ExtensionList missing when unsupported version requested for services project#1378 (Updated dependencies and version for issue: https://github.com/mojaloop/project/issues/1378 #223)

• Aligned an error message with the master branch to match Postman test's assertions.

• Fixed some npm vulnerabilities and skipped the rest.

• Updated circle CI config according to master branch.

• Removed quoteId from error log message as it causes error due its exceeding length.

• Removed quoteId from error log message as it causes error due its exceeding length. (Removed quoteId from error log message as it causes error due its exceeding length. #224)

• fixed error message

• Bugfix/1385 fix post quotes header (Bugfix/1385 fix post quotes header #225)

• updated to newly released version of event-sdk

• updated dependencies and version

• updated to remove accept header from PUT quotes callback

• fix error message (fix error message #226)

• fix error message

• fix error message

Co-authored-by: Shashi [email protected]

• Bugfix/fix participant lookup to use currency (Bugfix/fix participant lookup to use currency #227)

• updated to newly released version of event-sdk

• updated dependencies and version

• fix for accept header and content-type header versions being hardcoded

• Bugfix/fix participant lookup to use currency (Bugfix/fix participant lookup to use currency #228)

• updated to newly released version of event-sdk

• updated dependencies and version

• fix for accept header and content-type header versions being hardcoded

• updated participant lookup to validate against the participant and participant currency table to validate that the participant is active as well as their currency account

• Bugfix/fix participant lookup to use currency (Bugfix/fix participant lookup to use currency #230)

• updated to newly released version of event-sdk

• updated dependencies and version

• fix for accept header and content-type header versions being hardcoded

• updated participant lookup to validate against the participant and participant currency table to validate that the participant is active as well as their currency account

• updated the order the sql is run in, seems to give and issue during testing

• Bugfix/fix participant lookup to use currency (Bugfix/fix participant lookup to use currency #231)

Fix for createPartyQuote not passing all values to getParticipant

• Feature/1468 support for bulk quotes post passthrough (Feature/1468 support for bulk quotes post passthrough #233)

• updated to newly released version of event-sdk

• updated dependencies and version

• added support for bulk quotes post functionality
  updated dependencies to fix audit issues

• added put, and get functionality for bulk quotes

• Fix log text

• added the put bulkQuotes error endpoint

• updated according to stevens comments

• removed unnecessary await

• removed the await

• awaits need to be there for audits

• fixes for error handling according to @oderayi to handle exceptions in model instead of throwing it up to handler

• #1484: Update FSPIOP API version (#1484: Update FSPIOP API version #235)

• Update FSPIOP API version

• Update src/interface/swagger.json

Co-authored-by: Sam [email protected]

• Update API description

• Attempt to fix 'jest not found' error in circleci

• Attempt to fix 'jest not found' error in circleci

• Lock version update for jest and jest-unit, restore npm scripts

• Update jest and jest-junit

• Update src/interface/swagger.json

Co-authored-by: Sam [email protected]

• Bump version in attempt to bypass ci bug with caches

Co-authored-by: Sam [email protected]

• Add ISO test currencies (XTS, XXX) (Add ISO test currencies (XTS, XXX) #238)

• Add ISO test currencies

• Bump package version

• added test currencies

• resolve audit issues

• fix audit issues

• fix audit issues

• Convert handlers to async, update deps, and bump version (#1603: Convert handlers to async #239)

• Feature/#1615 content headers (Feature/#1615 content headers #240)

• added support for resource versions

• updated dependencies

Co-authored-by: Valentin [email protected]

• fixed resource api version to be changed only if message originates from the switch (fixed resource api version to be changed only if message originates f… #241)

Co-authored-by: Valentin [email protected]

• updated dependencies and removed old audit records (updated dependencies and removed old audit records #243)

• Updated to cater for spans finishing early (Updated to cater for spans finishing early #244)

• updated dependencies and removed old audit records

• updated to cater for parent spans finishing before the span can be closed and fixed tests

• fixing tests and some code found during testing

• fixes (fixes  #245)

• updated dependencies and removed old audit records

• updated to cater for parent spans finishing before the span can be closed and fixed tests

• fixing tests and some code found during testing

• needed to handle error in the model as the handler has already processed

• #1456: Feature/docker config fixes (#1456: Feature/docker config fixes #247)

• Update docker configs with master, bump patch version, update dependencies, and fix linting errors with Standard

• Update tests

• Clean up

• Clean up

• validate dfsps in payload for simple routing mode ([1385] validate dfsps in payload for simple routing mode #248)

• #1875: Replace wildcard routes with explicit routes. (#1875: Replace wildcard routes with explicit routes. #249)

• Replace wildcard routes with explicit routes. Add hapi-swagger for API documentation (swagger). Update dependencies. Bump patch version

• Fix dependencies

• chore: update license file (chore: update license file #251)

• #1885: Add API documentation library (#1885: Add API documentation library #250)

• Add API documentation endpoints

• Update dependencies

• Resolve audit

• Force update event-stream (Widdershins dep) due to license audit issues

• [Security] Bump node-notifier from 8.0.0 to 8.0.1 ([Security] Bump node-notifier from 8.0.0 to 8.0.1 #252)

Bumps node-notifier from 8.0.0 to 8.0.1. This update includes a security fix.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

• [Security] Bump axios from 0.21.0 to 0.21.1 ([Security] Bump axios from 0.21.0 to 0.21.1 #255)

Bumps axios from 0.21.0 to 0.21.1. This update includes a security fix.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

• [Security] Bump urijs from 1.19.2 to 1.19.5 ([Security] Bump urijs from 1.19.2 to 1.19.5 #254)

Bumps urijs from 1.19.2 to 1.19.5. This update includes a security fix.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Sam [email protected]

• feat(ci/cd): add pr title check (feat(ci/cd): add pr title check #256)

• chore: adding codeowners file (chore: adding codeowners file #257)

• chore: maintenance upgrades, audit check resolve update (chore: maintenance upgrades, audit check resolve update #258)

• chore: adding codeowners file

• chore: maintenance upgrades, audit check resolve update

• fix(headers)!: made fspiop-destination header mandatory (fix(headers)!: made fspiop-destination header mandatory #259)

• fix(headers) ! :made fspiop-destination header mandatory

• added unit test

• added unit test

• [Security] Bump urijs from 1.19.5 to 1.19.6 (chore[security]: bump urijs from 1.19.5 to 1.19.6 #260)

Bumps urijs from 1.19.5 to 1.19.6. This update includes a security fix.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

• fix(security): Bump y18n from 3.2.1 to 3.2.2 (chore[security]: bump y18n from 3.2.1 to 3.2.2 #261)

Bumps y18n from 3.2.1 to 3.2.2. This update includes a security fix.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Sam [email protected]

• fix(security): Bump djv from 2.1.2 to 2.1.4 (Bump djv from 2.1.2 to 2.1.4 #263)

Bumps djv from 2.1.2 to 2.1.4.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot[bot] [email protected]

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

• fix: #2103 fix subid functionality in POST quotes request (fix: #2103 fix subid functionality in POST quotes request #264)

• Fixed issue with subId

• Bumped up the version and postponed the audits

• Fixed unit test

• Update src/data/database.js

Co-authored-by: Lewis Daly [email protected]

Co-authored-by: Lewis Daly [email protected]

• feat(#2119): fixes for updated for AJV error objects change (feat(#2119): fixes for updated for AJV error objects change #265)

• Including new release of Central-services-error-handling: https://github.com/mojaloop/central-services-error-handling/releases/tag/v11.2.0
• Upgraded dependencies
• Added AJV as it was a "peer dependency"
• Bump to version
• Updated audit-resolve for known security issue

• fix(#2182): regex validations against swagger interface spec no longer working (fix(#2182): regex validations against swagger interface spec no longer working #267)

• Updated central-services-shared dependency
• Bump to version
• Audit-resolve issues

• fix: helm release v12.1.0 (fix: helm release v12.1.0 #269)

• Updated dependencies
• Bump to patch level
• Standardised npm lint script
• Fixes for audit issues

• [Security] Bump hosted-git-info from 2.8.8 to 2.8.9 ([Security] Bump hosted-git-info from 2.8.8 to 2.8.9 #266)

Bumps hosted-git-info from 2.8.8 to 2.8.9. This update includes a security fix.

• Release notes
• Changelog
• Commits

Signed-off-by: dependabot-preview[bot] [email protected]

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

• chore: helm release v12.1.0 (chore: helm release v12.1.0  #270)

• updated missing dependency updates due to ncurc
• 'allow.auto.create.topics=true' had been added to Kafka Consumer configs. This will enable Kafka Consumers to trigger auto creation of topics, ref: https://github.com/edenhill/librdkafka/releases/tag/v1.5.0.

• fix(Central Shared Services - Header validation does not take into account valid structure project#2246): updated dependency version (fix(mojaloop/project#2246): updated dependency version #272)

-Bumped Version
-Fixed pre-commit task, misspelling

Co-authored-by: JoNel [email protected]

• fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings (fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings #278)

• fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings #2358

• Updated regex to match \w (used by the Mojaloop Specification) based on mappings to the ECMAScript regex specification.
• Added unit test for post quotes endpoint with additional asian (Myanmar) unicode characters added to middleName
• Bump to patch version
• Updated dependencies to the latest version
• Fixed audit-resolve issues:

--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
 vulnerable versions <3.2.2 || >=4.0.0 <4.4.14 || >=5.0.0 <5.0.6 || >=6.0.0 <6.1.1 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
 vulnerable versions <3.2.3 || >=4.0.0 <4.4.15 || >=5.0.0 <5.0.7 || >=6.0.0 <6.1.2 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar

Outcome: Fixed

--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser

Outcome: Ignored for a week

--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html

Outcome: Ignored for a week

• chore(#864): change instanbul to nyc for coverage on all projects (chore(#864): change instanbul to nyc for coverage on all projects #279)

chore(#864): change instanbul to nyc for coverage on all projects

• removed .ncurc.yml as code-coverage is configured in the jest.config.js
• fixes for audit resolve

--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser

Outcome: Ignored for a week
Impact: Minimal as this is used to render documentation end-point

--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html

Outcome: Ignored for a week
Impact: Minimal as this is used to render documentation end-point

• fix(mojaloop/#2439): quoting-service-model.validatequoterequest-doesnt-perform-correct-validation (fix(mojaloop/#2439): quoting-service-model.validatequoterequest-doesnt-perform-correct-validation #280)

fix(mojaloop/#2439): quoting-service model.validateQuoteRequest doesn't perform correct validation when simpleRoutingMode is TRUE

• added typesafe checks for validate quote request logic
• added devspace patterns to gitignore
• minor formatting of the serverStart unit tests for clarity
• updated dependencies to latest version
• added circleci config for automated releases
• added standard-version dependency for automated releases
• fixed audit resolve issues:

--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
 vulnerable versions <4.4.18 || >=5.0.0 <5.0.10 || >=6.0.0 <6.1.9 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
 vulnerable versions <4.4.18 || >=5.0.0 <5.0.10 || >=6.0.0 <6.1.9 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar

Outcome: Fixed

--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser

Outcome: Ignored for a week
Impact: Minimal as the dependencies are used for the Developer Documentation end-point

--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html

Outcome: Ignored for a week
Impact: Minimal as the dependencies are used for the Developer Documentation end-point

• fix: updated circleci config to use the SHA1 hash of the last commit of the current build (fix(mojaloop/#2439): quoting service model.validate quote request doesnt perform correct validation #281)

• chore(release): 12.0.8 [skip ci]

• fix: circleci slack webhook typo fix (fix: circleci slack webhook typo fix #282)

• fixes for CI-CD typo image-scan failure on slack webhook

• chore(release): 12.0.9 [skip ci]

• chore: updated readme with automated-releases, potential-problems and additional-notes placeholder (chore: updated readme with automated-releases, potential-problems and additional-notes placeholder #283)

• updated readme with Automated Releases, Potential Problems and Additional Notes placeholder

• fixed markdown lint issues for readme

• chore(release): 12.0.10 [skip ci]

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• WIP

• Fixed the tests

• changed the way we add headers

• refactoring

• refactoring

• removed the hardcoded headers

• removed the hardcoded headers

• updated README

• fixed swagger

• revert sync changes

• revert sync changes

• revert sync changes

• revert sync changes

• revert sync changes

• revert sync changes

• revert sync changes

Co-authored-by: Juan Correa [email protected]
Co-authored-by: Georgi Georgiev [email protected]
Co-authored-by: Vassilis Barzokas [email protected]
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: shashi165 [email protected]
Co-authored-by: Lewis Daly [email protected]
Co-authored-by: Matt Kingston [email protected]
Co-authored-by: Valentin Genev [email protected]
Co-authored-by: Kamuela Franco [email protected]
Co-authored-by: Steven Oderayi [email protected]
Co-authored-by: ndonnan [email protected]
Co-authored-by: Sam [email protected]
Co-authored-by: Rajiv Mothilal [email protected]
Co-authored-by: James Bush [email protected]
Co-authored-by: lazolalucas [email protected]
Co-authored-by: Miguel de Barros [email protected]
Co-authored-by: Adrian Enns [email protected]
Co-authored-by: Sam [email protected]
Co-authored-by: Valentin [email protected]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: vijayg10 [email protected]
Co-authored-by: Johann Nel [email protected]
Co-authored-by: JoNel [email protected]
Co-authored-by: mojaloopci [email protected]