@mojaloop/central-services-shared 17.0.2 → 17.2.1

package/.circleci/config.yml

@@ -187,7 +187,7 @@ jobs:
           command: mkdir -p ./audit/results
       - run:
           name: Check for new npm vulnerabilities
-          command: npm run audit:check --silent -- --json > ./audit/results/auditResults.json
+          command: npm run audit:check -- -o json > ./audit/results/auditResults.json
       - store_artifacts:
           path: ./audit/results
           prefix: audit

package/.ncurc.yaml

@@ -0,0 +1,6 @@
+# Add a TODO comment indicating the reason for each rejected dependency upgrade added to this list, and what should be done to resolve it (i.e. handle it through a story, etc).
+reject: [
+  # TODO: Added "@hapi/catbox", "@hapi/catbox-memory" to ncurc for dep:check to ignore updates due to breaking changes which should be handled by another story
+  "@hapi/catbox",
+  "@hapi/catbox-memory"
+]

package/CHANGELOG.md

@@ -2,6 +2,27 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [17.2.1](https://github.com/mojaloop/central-services-shared/compare/v17.2.0...v17.2.1) (2022-08-15)
+
+
+### Bug Fixes
+
+* **mojaloop/#2814:** added bulk quotes to header validation ([#334](https://github.com/mojaloop/central-services-shared/issues/334)) ([ab6c3f6](https://github.com/mojaloop/central-services-shared/commit/ab6c3f6f9ed5968c1f154f3c78fab080e03a1534)), closes [mojaloop/#2814](https://github.com/mojaloop/project/issues/2814)
+
+## [17.2.0](https://github.com/mojaloop/central-services-shared/compare/v17.1.0...v17.2.0) (2022-08-11)
+
+
+### Features
+
+* **mojaloop/#2796:** duplicate transaction not getting callback for post /bulkTransfers ([#332](https://github.com/mojaloop/central-services-shared/issues/332)) ([5427a53](https://github.com/mojaloop/central-services-shared/commit/5427a5307fe8f3be319888ec83ecf3eab1d85cdd)), closes [mojaloop/#2796](https://github.com/mojaloop/project/issues/2796)
+
+## [17.1.0](https://github.com/mojaloop/central-services-shared/compare/v17.0.2...v17.1.0) (2022-08-05)
+
+
+### Features
+
+* **mojaloop/#2796:** duplicate transaction not getting callback for post /bulkTransfers ([#331](https://github.com/mojaloop/central-services-shared/issues/331)) ([b7f6ba6](https://github.com/mojaloop/central-services-shared/commit/b7f6ba6cb90565b1f50a6574408f33f41388be68)), closes [mojaloop/#2796](https://github.com/mojaloop/project/issues/2796)
+
 ### [17.0.2](https://github.com/mojaloop/central-services-shared/compare/v17.0.1...v17.0.2) (2022-05-19)
 
 

package/CODEOWNERS

@@ -0,0 +1,38 @@
+# This is a comment.
+# Each line is a file pattern followed by one or more owners.
+
+## These owners will be the default owners for everything in
+## the repo. Unless a later match takes precedence,
+## @global-owner1 and @global-owner2 will be requested for
+## review when someone opens a pull request.
+#*       @global-owner1 @global-owner2
+* @mdebarros @elnyry-sam-k @vijayg10 @kleyow
+
+## Order is important; the last matching pattern takes the most
+## precedence. When someone opens a pull request that only
+## modifies JS files, only @js-owner and not the global
+## owner(s) will be requested for a review.
+# *.js    @js-owner
+
+## You can also use email addresses if you prefer. They'll be
+## used to look up users just like we do for commit author
+## emails.
+#*.go docs@example.com
+
+# In this example, @doctocat owns any files in the build/logs
+# directory at the root of the repository and any of its
+# subdirectories.
+# /build/logs/ @doctocat
+
+## The `docs/*` pattern will match files like
+## `docs/getting-started.md` but not further nested files like
+## `docs/build-app/troubleshooting.md`.
+# docs/*  docs@example.com
+
+## In this example, @octocat owns any file in an apps directory
+## anywhere in your repository.
+#apps/ @octocat
+
+## In this example, @doctocat owns any file in the `/docs`
+## directory in the root of your repository.
+#/docs/ @doctocat

package/audit-ci.jsonc

@@ -0,0 +1,21 @@
+{
+  "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
+  // audit-ci supports reading JSON, JSONC, and JSON5 config files.
+  // Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
+  "moderate": true,
+  "allowlist": [ // NOTE: Please add as much information as possible to any items added to the allowList
+    // Currently no fixes available for the following
+    "GHSA-v88g-cgmw-v5xw",
+    "GHSA-phwq-j96m-2c2q",
+    "GHSA-282f-qqgm-c34q",
+    "GHSA-6vfc-qv3f-vr6c",
+    "GHSA-6vfc-qv3f-vr6c",
+    "GHSA-wc69-rhjr-hc9g",
+    "GHSA-g954-5hwp-pp24",
+    "GHSA-g954-5hwp-pp24",
+    "GHSA-mjxr-4v3x-q3m4",
+    "GHSA-rjqq-98f6-6j3r",
+    "GHSA-w5p7-h5w8-2hfq",
+    "GHSA-p9pc-299p-vxgp"
+  ]
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mojaloop/central-services-shared",
-  "version": "17.0.2",
+  "version": "17.2.1",
   "description": "Shared code for mojaloop central services",
   "license": "Apache-2.0",
   "author": "ModusBox",
@@ -27,6 +27,10 @@
   "engines": {
     "node": "=16.x"
   },
+  "imports": {
+    "#src/*": "./src/*.js",
+    "#test/*": "./test/*.js"
+  },
   "pre-commit": [
     "lint",
     "dep:check",
@@ -43,8 +47,8 @@
     "test:xunit": "npx tape 'test/unit/**/**.test.js' | tap-xunit > ./test/results/xunit.xml",
     "test:coverage": "npx nyc --reporter=lcov --reporter=text-summary tapes -- 'test/unit/**/**.test.js'",
     "test:coverage-check": "npm run test:coverage && nyc check-coverage",
-    "audit:resolve": "npx resolve-audit --production",
-    "audit:check": "npx check-audit --production",
+    "audit:fix": "npm audit fix",
+    "audit:check": "npx audit-ci --config ./audit-ci.jsonc",
     "dep:check": "npx ncu -e 2",
     "dep:update": "npx ncu -u",
     "release": "npx standard-version --no-verify --releaseCommitMessageFormat 'chore(release): {{currentTag}} [skip ci]'",
@@ -58,24 +62,24 @@
     "dotenv": "16.0.1",
     "env-var": "7.1.1",
     "event-stream": "4.0.1",
-    "immutable": "4.0.0",
+    "immutable": "4.1.0",
     "lodash": "4.17.21",
     "mustache": "4.2.0",
     "openapi-backend": "5.3.0",
     "raw-body": "2.5.1",
     "rc": "1.2.8",
     "shins": "2.6.0",
-    "uuid4": "2.0.2",
+    "uuid4": "2.0.3",
     "widdershins": "^4.0.1",
-    "yaml": "2.1.0"
+    "yaml": "2.1.1"
   },
   "devDependencies": {
     "@hapi/hapi": "20.2.2",
     "@hapi/joi": "17.1.1",
+    "audit-ci": "^6.3.0",
     "base64url": "3.0.1",
     "chance": "1.1.8",
-    "npm-audit-resolver": "3.0.0-7",
-    "npm-check-updates": "13.0.1",
+    "npm-check-updates": "16.0.5",
     "nyc": "15.1.0",
     "pre-commit": "1.2.2",
     "proxyquire": "2.1.3",

package/src/enums/events.js

@@ -65,6 +65,7 @@ const Event = {
     BULK_ABORT: 'bulk-abort',
     BULK_COMMIT: 'bulk-commit',
     BULK_PREPARE: 'bulk-prepare',
+    BULK_PREPARE_DUPLICATE: 'bulk-prepare-duplicate',
     BULK_PROCESSING: 'bulk-processing',
     BULK_TIMEOUT_RECEIVED: 'bulk-timeout-received',
     BULK_TIMEOUT_RESERVED: 'bulk-timeout-reserved',

package/src/enums/kafka.js

@@ -106,6 +106,10 @@ const TopicMap = {
       functionality: transferEventType.NOTIFICATION,
       action: transferEventAction.EVENT
     },
+    'bulk-prepare-duplicate': {
+      functionality: transferEventType.NOTIFICATION,
+      action: transferEventAction.EVENT
+    },
     'bulk-processing': {
       functionality: transferEventType.NOTIFICATION,
       action: transferEventAction.EVENT

package/src/index.d.ts

@@ -268,6 +268,7 @@ declare namespace CentralServicesShared {
     BULK_PROCESSING = 'bulk-processing',
     BULK_TIMEOUT_RECEIVED = 'bulk-timeout-received',
     BULK_TIMEOUT_RESERVED = 'bulk-timeout-reserved',
+    BULK_PREPARE_DUPLICATE = 'bulk-prepare-duplicate',
     BULK_GET = 'bulk-get',
     CLOSE = 'close',
     COMMIT = 'commit',
@@ -324,6 +325,7 @@ declare namespace CentralServicesShared {
           BULK_ABORT: EventActionEnum.BULK_ABORT;
           BULK_COMMIT: EventActionEnum.BULK_COMMIT;
           BULK_PREPARE: EventActionEnum.BULK_PREPARE;
+          BULK_PREPARE_DUPLICATE: EventActionEnum.BULK_PREPARE_DUPLICATE;
           BULK_PROCESSING: EventActionEnum.BULK_PROCESSING;
           BULK_TIMEOUT_RECEIVED: EventActionEnum.BULK_TIMEOUT_RECEIVED;
           BULK_TIMEOUT_RESERVED: EventActionEnum.BULK_TIMEOUT_RESERVED;

package/src/util/comparators/duplicateCheckComparator.js

@@ -30,32 +30,41 @@
 
 const Hash = require('../hash')
 
-const duplicateCheckComparator = async (id, object, getDuplicateDataFuncOverride, saveHashFuncOverride) => {
+const duplicateCheckComparator = async (id, objectOrHashOverride, getDuplicateDataFuncOverride, saveHashFuncOverride, options = {
+  hashOverride: false
+}) => {
+  // lets check if we can actually do the comparison
+  if (objectOrHashOverride == null) throw Error('objectOrHashOverride arg is null')
+
   let hasDuplicateId = false
   let hasDuplicateHash = false
-  const generatedHash = Hash.generateSha256(object)
-  let duplicateHashRecord
+  let duplicateHashRecordResult = null
+  let saveHashFuncOverrideResult = false
+
+  const generatedHash = options?.hashOverride ? objectOrHashOverride : Hash.generateSha256(objectOrHashOverride) // options.hashOverride is useful for cases where the hash is already provided, such as Bulk Transfers Prepare/Fulfil Use-Case - the hash is calculated in the Bulk-API-Adapter.
 
   const compareById = async () => {
-    duplicateHashRecord = await getDuplicateDataFuncOverride(id)
-    hasDuplicateId = duplicateHashRecord !== null
+    duplicateHashRecordResult = await getDuplicateDataFuncOverride(id)
+    hasDuplicateId = duplicateHashRecordResult !== null
     return hasDuplicateId
   }
 
   const compareByHash = () => {
-    hasDuplicateHash = duplicateHashRecord.hash === generatedHash
+    hasDuplicateHash = duplicateHashRecordResult.hash === generatedHash
     return hasDuplicateHash
   }
 
   if (await compareById()) {
     compareByHash()
   } else {
-    await saveHashFuncOverride(id, generatedHash)
+    saveHashFuncOverrideResult = await saveHashFuncOverride(id, generatedHash)
   }
 
   return {
     hasDuplicateId,
-    hasDuplicateHash
+    hasDuplicateHash,
+    duplicateHashRecordResult,
+    saveHashFuncOverrideResult
   }
 }
 

package/src/util/hapi/plugins/headerValidation.js

@@ -16,6 +16,7 @@ const defaultProtocolResources = [
   'quotes',
   'transfers',
   'bulkTransfers',
+  'bulkQuotes',
   'transactionRequests',
   'authorizations'
 ]

package/test/unit/util/comparators/duplicateCheckComparator.test.js

@@ -45,58 +45,230 @@ Test('Duplicate check comparator', dccTest => {
   dccTest.test('duplicateCheckComparator should', duplicateCheckComparatorTest => {
     duplicateCheckComparatorTest.test('compare hashes when id exists', async test => {
       try {
+        // Arrange
         const hash = 'helper.hash'
-        const duplicateCheckComparator = Proxyquire('../../../../src/util/comparators/duplicateCheckComparator', {
+        const duplicateCheckComparator = Proxyquire('#src/util/comparators/duplicateCheckComparator', {
           '../hash': {
             generateSha256: sandbox.stub().returns(hash)
           }
         })
         const id = 1
         const object = { key: 'value' }
-        const getDuplicateDataFuncOverride = async (id) => { return Promise.resolve({ id, hash }) }
-        const saveHashFuncOverride = async () => { return true }
+        const getDuplicateDataFuncOverrideResult = { id, hash }
+        const getDuplicateDataFuncOverride = sandbox.stub().resolves(getDuplicateDataFuncOverrideResult)
+        const saveHashFuncOverride = sandbox.stub().resolves(true)
 
         const expected = {
           hasDuplicateId: true,
-          hasDuplicateHash: true
+          hasDuplicateHash: true,
+          saveHashFuncOverrideResult: false,
+          duplicateHashRecordResult: getDuplicateDataFuncOverrideResult
         }
+
+        // Act
         const result = await duplicateCheckComparator(id, object, getDuplicateDataFuncOverride, saveHashFuncOverride)
+
+        // Assert
         test.deepEqual(result, expected, 'hash matched')
+        test.ok(saveHashFuncOverride.called === false)
         test.end()
       } catch (err) {
+        // Assert
         Logger.error(`duplicateCheckComparator failed with error - ${err}`)
         test.fail()
         test.end()
       }
     })
 
-    duplicateCheckComparatorTest.test('save hashe when id not found', async test => {
+    duplicateCheckComparatorTest.test('save hash when id not found', async test => {
       try {
+        // Arrange
         const hash = 'helper.hash'
-        const duplicateCheckComparator = Proxyquire('../../../../src/util/comparators/duplicateCheckComparator', {
+        const duplicateCheckComparator = Proxyquire('#src/util/comparators/duplicateCheckComparator', {
           '../hash': {
             generateSha256: sandbox.stub().returns(hash)
           }
         })
         const id = 1
         const object = { key: 'value' }
-        const getDuplicateDataFuncOverride = async () => { return Promise.resolve(null) }
-        const saveHashFuncOverride = async () => { return true }
+        const getDuplicateDataFuncOverride = sandbox.stub().resolves(null)
+        const saveHashFuncOverride = sandbox.stub().resolves(true)
 
         const expected = {
           hasDuplicateId: false,
-          hasDuplicateHash: false
+          hasDuplicateHash: false,
+          saveHashFuncOverrideResult: true,
+          duplicateHashRecordResult: null
         }
+
+        // Act
         const result = await duplicateCheckComparator(id, object, getDuplicateDataFuncOverride, saveHashFuncOverride)
+
+        // Assert
         test.deepEqual(result, expected, 'hash saved')
+        test.ok(saveHashFuncOverride.calledOnceWith(id, hash))
+        test.end()
+      } catch (err) {
+        // Assert
+        Logger.error(`duplicateCheckComparator failed with error - ${err}`)
+        test.fail()
+        test.end()
+      }
+    })
+
+    duplicateCheckComparatorTest.test('compare hashes when id exists and generatedHashOverride is injected', async test => {
+      try {
+        // Arrange
+        const hash = 'helper.hash'
+        const generatedHashOverride = 'helper.hash.override'
+        const duplicateCheckComparator = Proxyquire('#src/util/comparators/duplicateCheckComparator', {
+          '../hash': {
+            generateSha256: sandbox.stub().returns(hash)
+          }
+        })
+        const id = 1
+        const getDuplicateDataFuncOverrideResult = { id, hash: generatedHashOverride }
+        const getDuplicateDataFuncOverride = sandbox.stub().resolves(getDuplicateDataFuncOverrideResult)
+        const saveHashFuncOverride = sandbox.stub().resolves(true)
+
+        const expected = {
+          hasDuplicateId: true,
+          hasDuplicateHash: true,
+          duplicateHashRecordResult: getDuplicateDataFuncOverrideResult,
+          saveHashFuncOverrideResult: false
+        }
+
+        // Act
+        const result = await duplicateCheckComparator(id, generatedHashOverride, getDuplicateDataFuncOverride, saveHashFuncOverride, {
+          hashOverride: true
+        })
+
+        // Assert
+        test.deepEqual(result, expected, 'hash matched')
+        test.ok(saveHashFuncOverride.called === false)
         test.end()
       } catch (err) {
+        // Assert
         Logger.error(`duplicateCheckComparator failed with error - ${err}`)
         test.fail()
         test.end()
       }
     })
 
+    duplicateCheckComparatorTest.test('save hash when id not found and generatedHashOverride is injected', async test => {
+      try {
+        // Arrange
+        const hash = 'helper.hash'
+        const generatedHashOverride = 'helper.hash.override'
+        const duplicateCheckComparator = Proxyquire('#src/util/comparators/duplicateCheckComparator', {
+          '../hash': {
+            generateSha256: sandbox.stub().returns(hash)
+          }
+        })
+        const id = 1
+        const getDuplicateDataFuncOverride = sandbox.stub().resolves(null)
+        const saveHashFuncOverride = sandbox.stub().resolves(true)
+
+        const expected = {
+          hasDuplicateId: false,
+          hasDuplicateHash: false,
+          saveHashFuncOverrideResult: true,
+          duplicateHashRecordResult: null
+        }
+
+        // Act
+        const result = await duplicateCheckComparator(id, generatedHashOverride, getDuplicateDataFuncOverride, saveHashFuncOverride, {
+          hashOverride: true
+        })
+
+        // Assert
+        test.deepEqual(result, expected, 'hash saved')
+        test.ok(saveHashFuncOverride.calledOnceWith(id, generatedHashOverride))
+        test.end()
+      } catch (err) {
+        // Assert
+        Logger.error(`duplicateCheckComparator failed with error - ${err}`)
+        test.fail()
+        test.end()
+      }
+    })
+
+    duplicateCheckComparatorTest.test('save hash when id not found with empty object and generatedHashOverride is injected', async test => {
+      try {
+        // Arrange
+        const hash = 'helper.hash'
+        const generatedHashOverride = 'helper.hash.override'
+        const duplicateCheckComparator = Proxyquire('#src/util/comparators/duplicateCheckComparator', {
+          '../hash': {
+            generateSha256: sandbox.stub().returns(hash)
+          }
+        })
+        const id = 1
+        const object = null // We don't actually care about the object when we override the hash by setting the generatedHashOverride
+        const getDuplicateDataFuncOverride = sandbox.stub().resolves(null)
+        const saveHashFuncOverride = sandbox.stub().resolves(true)
+
+        const expected = {
+          hasDuplicateId: false,
+          hasDuplicateHash: false
+        }
+
+        // Act
+        const result = await duplicateCheckComparator(id, object, getDuplicateDataFuncOverride, saveHashFuncOverride, {
+          hashOverride: false
+        })
+
+        // Assert
+        test.deepEqual(result, expected, 'hash saved')
+        test.ok(saveHashFuncOverride.calledOnceWith(id, generatedHashOverride))
+        test.fail()
+        test.end()
+      } catch (err) {
+        // Assert
+        Logger.error(`duplicateCheckComparator failed with error - ${err}`)
+        test.ok(err)
+        test.end()
+      }
+    })
+
+    duplicateCheckComparatorTest.test('save hash when id not found with empty object and generatedHashOverride is injected', async test => {
+      try {
+        // Arrange
+        const hash = 'helper.hash'
+        const generatedHashOverride = 'helper.hash.override'
+        const duplicateCheckComparator = Proxyquire('#src/util/comparators/duplicateCheckComparator', {
+          '../hash': {
+            generateSha256: sandbox.stub().returns(hash)
+          }
+        })
+        const id = 1
+        const object = null // We don't actually care about the object when we override the hash by setting the generatedHashOverride
+        const getDuplicateDataFuncOverride = sandbox.stub().resolves(null)
+        const saveHashFuncOverride = sandbox.stub().resolves(true)
+
+        const expected = {
+          hasDuplicateId: false,
+          hasDuplicateHash: false
+        }
+
+        // Act
+        const result = await duplicateCheckComparator(id, object, getDuplicateDataFuncOverride, saveHashFuncOverride, {
+          hashOverride: true
+        })
+
+        // Assert
+        test.deepEqual(result, expected, 'hash saved')
+        test.ok(saveHashFuncOverride.calledOnceWith(id, generatedHashOverride))
+        test.fail()
+        test.end()
+      } catch (err) {
+        // Assert
+        Logger.error(`duplicateCheckComparator failed with error - ${err}`)
+        test.ok(err)
+        test.end()
+      }
+    })
+
     duplicateCheckComparatorTest.end()
   })
 

package/.ncurc.js

@@ -1,7 +0,0 @@
-module.exports = {
-  reject: [
-    // TODO: Added "@hapi/catbox", "@hapi/catbox-memory" to ncurc for dep:check to ignore updates due to breaking changes which should be handled by another story
-    "@hapi/catbox",
-    "@hapi/catbox-memory"
-  ]
-}

package/audit-resolve.json

@@ -1,61 +0,0 @@
-{
-  "decisions": {
-    "1067553|better-ajv-errors>jsonpointer": {
-      "decision": "ignore",
-      "madeAt": 1652887989276,
-      "expiresAt": 1655479973082
-    },
-    "1070256|ejs": {
-      "decision": "ignore",
-      "madeAt": 1652887990649,
-      "expiresAt": 1655479973082
-    },
-    "1070030|shins>markdown-it": {
-      "decision": "ignore",
-      "madeAt": 1652951732905,
-      "expiresAt": 1655543725868
-    },
-    "1068155|shins>markdown-it>sanitize-html": {
-      "decision": "ignore",
-      "madeAt": 1652887992740,
-      "expiresAt": 1655479973082
-    },
-    "1070260|shins>markdown-it>sanitize-html": {
-      "decision": "ignore",
-      "madeAt": 1652887993909,
-      "expiresAt": 1655479973082
-    },
-    "1068310|widdershins>oas-resolver>yargs>yargs-parser": {
-      "decision": "ignore",
-      "madeAt": 1652887994946,
-      "expiresAt": 1655479973082
-    },
-    "1067946|widdershins>oas-resolver>yargs>yargs-parser>swagger2openapi>oas-validator>ajv": {
-      "decision": "ignore",
-      "madeAt": 1652887996204,
-      "expiresAt": 1655479973082
-    },
-    "1070030|widdershins>markdown-it": {
-      "decision": "ignore",
-      "madeAt": 1652951732905,
-      "expiresAt": 1655543725868
-    },
-    "1067553|swagger2openapi>better-ajv-errors>jsonpointer": {
-      "decision": "ignore",
-      "madeAt": 1652951735762,
-      "expiresAt": 1655543725868
-    },
-    "1067946|swagger2openapi>better-ajv-errors>jsonpointer>oas-validator>ajv": {
-      "decision": "ignore",
-      "madeAt": 1652951738877,
-      "expiresAt": 1655543725868
-    },
-    "1068310|widdershins>markdown-it>yargs>yargs-parser": {
-      "decision": "ignore",
-      "madeAt": 1652951741588,
-      "expiresAt": 1655543725868
-    }
-  },
-  "rules": {},
-  "version": 1
-}