smile-identity-core 2.3.0 → 2.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: abb8ad5e4e436c109342eab8da6d4d24f497f5b3f7dca2ab368683b31a628624
-  data.tar.gz: 0d2c119d4d28d2ea8ef1b8e7ad96cf4293b64ae8fc6bb0399b0a7f198926a577
+  metadata.gz: 39966ea73f1a7ad317cf4bb110622c9b5c67efcf5246487b2a7a4124d418a8f6
+  data.tar.gz: cc969bff36cdb9a725e4776d0879b8159cb88b22f2e7d316a9b43848c7ddc388
 SHA512:
-  metadata.gz: d6356d1c4f5b32060274bb87ab75959cc34b7bddb4446143ccecee1c62ef364c9825413ad8afb5725b23ade388b7861d0b0bdfc4c4499ca193bec2148d4ed846
-  data.tar.gz: 83be55109d9f4aa6bfb74278fd2c50dc4efe687aae53ef52fe85579dbde2d750ffd1765f6b73049f28b87e407b700a524129c671f771311f6f9a05278dfbd482
+  metadata.gz: db43ee16f48ec3f8c87069f21aac2b5ba1cc509abfa54531efd4695a9d56c98beeb3d78b45ec1841e386d48c4847d116d6464545fca5bf4fbd33fafc5e508242
+  data.tar.gz: 8827bbbf277fbb9687aae8cdbf567de94e1f3deeeea9d9913a8088c4a0d47a0399d5c02a80d2acc9a218f0a577122a22e397457dbebb9075f55ebc593d07b8cc

data/.github/workflows/release.yml

@@ -10,7 +10,7 @@ jobs:
     needs: test
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
       with:
         set-safe-directory: false
     - name: Release Gem

data/.github/workflows/semgrep.yml

@@ -0,0 +1,119 @@
+name: Semgrep SAST
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+permissions:
+  contents: read
+  actions: read
+  security-events: write
+  pull-requests: write
+
+jobs:
+  semgrep:
+    name: Semgrep Security Scan
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    container:
+      image: semgrep/semgrep:1.157.0
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
+
+      - name: Run Semgrep
+        continue-on-error: true
+        run: semgrep scan --config p/security-audit --sarif -o semgrep.sarif
+
+      - name: Upload SARIF to GitHub Security
+        if: always()
+        continue-on-error: true
+        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4
+        with:
+          sarif_file: semgrep.sarif
+
+      - name: Comment findings on PR
+        if: github.event_name == 'pull_request' && always()
+        env:
+          GH_TOKEN: ${{ github.token }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          python3 << 'PYEOF'
+          import json, os, urllib.request
+
+          marker = "<!-- semgrep-results -->"
+          repo = os.environ.get("GITHUB_REPOSITORY", "")
+          pr = os.environ.get("PR_NUMBER", "")
+          token = os.environ.get("GH_TOKEN", "")
+          api = f"https://api.github.com/repos/{repo}/issues/{pr}/comments"
+          headers = {
+              "Authorization": f"Bearer {token}",
+              "Accept": "application/vnd.github+json",
+              "X-GitHub-Api-Version": "2022-11-28",
+          }
+
+          findings = []
+          try:
+              with open("semgrep.sarif") as f:
+                  sarif = json.load(f)
+              for run in sarif.get("runs", []):
+                  for result in run.get("results", []):
+                      rule_id = result.get("ruleId", "unknown")
+                      message = result.get("message", {}).get("text", "")
+                      level = result.get("level", "warning")
+                      for loc in result.get("locations", []):
+                          phys = loc.get("physicalLocation", {})
+                          path = phys.get("artifactLocation", {}).get("uri", "?")
+                          line = phys.get("region", {}).get("startLine", "?")
+                          findings.append({"rule": rule_id, "message": message,
+                                           "level": level, "file": path, "line": line})
+          except (FileNotFoundError, json.JSONDecodeError):
+              pass
+
+          if findings:
+              body = f"{marker}\n## 🔍 Semgrep Security Scan Results\n\n"
+              body += f"**{len(findings)} finding(s)** detected by "
+              body += "[`p/security-audit`](https://semgrep.dev/p/security-audit) ruleset.\n\n"
+              body += "| # | Severity | Rule | File | Line | Message |\n"
+              body += "|---|----------|------|------|------|---------|\n"
+              for i, f in enumerate(findings[:25], 1):
+                  rule = f["rule"].split(".")[-1] if "." in f["rule"] else f["rule"]
+                  msg = f["message"].replace("|", "\\|").replace("\n", " ")
+                  msg = (msg[:80] + "...") if len(msg) > 80 else msg
+                  body += f'| {i} | {f["level"].upper()} | `{rule}` '
+                  body += f'| `{f["file"]}` | {f["line"]} | {msg} |\n'
+              if len(findings) > 25:
+                  body += f"\n*... and {len(findings) - 25} more. "
+                  body += "See full results in workflow logs.*\n"
+              body += "\n> ⚠️ These findings are **non-blocking**. "
+              body += "Please review and address as appropriate.\n"
+          else:
+              body = f"{marker}\n## 🔍 Semgrep Security Scan Results\n\n"
+              body += "✅ No security findings detected by "
+              body += "[`p/security-audit`](https://semgrep.dev/p/security-audit) ruleset.\n"
+
+          existing_id = None
+          try:
+              req = urllib.request.Request(api, headers=headers)
+              resp = urllib.request.urlopen(req)
+              for c in json.loads(resp.read()):
+                  if marker in c.get("body", ""):
+                      existing_id = c["id"]
+                      break
+          except Exception:
+              pass
+
+          data = json.dumps({"body": body}).encode()
+          if existing_id:
+              url = f"https://api.github.com/repos/{repo}/issues/comments/{existing_id}"
+              req = urllib.request.Request(url, data=data, headers=headers, method="PATCH")
+          else:
+              req = urllib.request.Request(api, data=data, headers=headers, method="POST")
+
+          try:
+              urllib.request.urlopen(req)
+              action = "Updated" if existing_id else "Posted"
+              print(f"{action} comment with {len(findings)} finding(s)")
+          except Exception as e:
+              print(f"Warning: Could not comment on PR: {e}")
+          PYEOF

data/.github/workflows/test.yml

@@ -16,7 +16,7 @@ jobs:
         # See https://www.ruby-lang.org/en/downloads/ for latest stable releases.
         ruby: ['2.6', '2.7', '3.0', '3.1', '3.2']
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: ruby/setup-ruby@v1
       with:
         ruby-version: ${{ matrix.ruby }}
@@ -25,7 +25,7 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: ruby/setup-ruby@v1
       with:
         ruby-version: 3.2

data/CHANGELOG.md

@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+## [2.3.1] - 2026-04-24
+### Added
+- Support for optional `aliases` parameter in AML Check (`AmlCheck#submit_job`) to allow secondary names in screening requests
+
 ## [2.3.0] - 2024-12-10
 ### Added
 - Support for Address verification 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    smile-identity-core (2.3.0)
+    smile-identity-core (2.3.1)
       rubyzip (~> 1.2, >= 1.2.3)
       typhoeus (~> 1.0, >= 1.0.1)
 
@@ -21,7 +21,7 @@ GEM
     rainbow (3.1.1)
     rake (12.3.3)
     regexp_parser (2.6.0)
-    rexml (3.3.9)
+    rexml (3.4.2)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
       rspec-expectations (~> 3.8.0)

data/examples/aml_check.rb

@@ -20,6 +20,7 @@ request_params = {
   birth_year: '1984', # yyyy
   search_existing_user: false,
   strict_match: true, # optional - default is true
+  # aliases: ['Johnny Doe', 'J. Doe'],  # optional - secondary names to broaden screening
 }
 
 # Submit the job

data/lib/smile-identity-core/aml_check.rb

@@ -35,6 +35,8 @@ module SmileIdentityCore
     # @option opts [boolean] :search_existing_user If you intend to re-use the name and year of birth
     # @option opts [boolean] :strict_match If you want to perform a strict match on the serach criteria.
     # of a user’s previous KYC job
+    # @option opts [Array<String>] :aliases An optional list of secondary or alternative names
+    #   (e.g. maiden names, transliterations, nicknames) to include in the screening search.
     # @option opts [Hash] :optional_info Any optional data, this will be returned
     # in partner_params.
     def submit_job(params)

data/lib/smile-identity-core/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
 module SmileIdentityCore
-  VERSION = '2.3.0'
+  VERSION = '2.3.1'
   SOURCE_SDK = 'Ruby'
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: smile-identity-core
 version: !ruby/object:Gem::Version
-  version: 2.3.0
+  version: 2.3.1
 platform: ruby
 authors:
 - Smile Identity
 bindir: exe
 cert_chain: []
-date: 2025-01-09 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -156,6 +156,7 @@ extra_rdoc_files: []
 files:
 - ".github/dependabot.yml"
 - ".github/workflows/release.yml"
+- ".github/workflows/semgrep.yml"
 - ".github/workflows/test.yml"
 - ".gitignore"
 - ".rspec"
@@ -219,7 +220,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.2
+rubygems_version: 3.6.9
 specification_version: 4
 summary: The Smile Identity Web API allows the user to access\ most of the features
   of the Smile Identity system through direct server to server queries.