@mojaloop/ml-testing-toolkit-client-lib 0.0.6 → 1.0.0-snapshot.2

package/.circleci/config.yml

@@ -7,10 +7,10 @@ version: 2.1
 # Orbs used in this pipeline
 ##
 orbs:
+  anchore: anchore/anchore-engine@1.9.0
   slack: circleci/slack@4.9.3 # Ref: https://github.com/mojaloop/ci-config/tree/master/slack-templates
   pr-tools: mojaloop/pr-tools@0.1.10 # Ref: https://github.com/mojaloop/ci-config/
   gh: circleci/github-cli@2.1.0
-  anchore: anchore/anchore-engine@1.9.0
 
 ##
 # defaults
@@ -18,13 +18,15 @@ orbs:
 # YAML defaults templates, in alphabetical order
 ##
 defaults_Dependencies: &defaults_Dependencies |
-    apk --no-cache add git
-    apk --no-cache add ca-certificates
-    apk --no-cache add curl
-    apk --no-cache add openssh-client
-    apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake jq
-    npm config set unsafe-perm true
-    npm install -g node-gyp
+  apk --no-cache add bash
+  apk --no-cache add git
+  apk --no-cache add ca-certificates
+  apk --no-cache add curl
+  apk --no-cache add openssh-client
+  apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake jq
+  apk add --no-cache -t openssl ncurses coreutils libgcc linux-headers grep util-linux binutils findutils
+  npm config set unsafe-perm true
+  npm install -g node-gyp
 
 defaults_awsCliDependencies: &defaults_awsCliDependencies |
     apk --no-cache add aws-cli
@@ -39,7 +41,6 @@ defaults_npm_auth: &defaults_npm_auth
   name: Update NPM registry auth token
   command: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > .npmrc
 
-
 defaults_npm_publish_release: &defaults_npm_publish_release
   name: Publish NPM $RELEASE_TAG artifact
   command: |
@@ -60,6 +61,18 @@ defaults_configure_git: &defaults_configure_git
     git config user.email ${GIT_CI_EMAIL}
     git config user.name ${GIT_CI_USER}
 
+defaults_configure_nvm: &defaults_configure_nvm
+  name: Configure NVM
+  command: |
+    touch $HOME/.profile
+    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
+    export NVM_DIR="$HOME/.nvm"
+    [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+    echo "Installing Node version: $(cat .nvmrc)"
+    nvm install $(cat .nvmrc)
+    nvm alias default $(cat .nvmrc)
+    nvm use $(cat .nvmrc)
+
 ##
 # Executors
 #
@@ -69,13 +82,18 @@ executors:
   default-docker:
     working_directory: &WORKING_DIR /home/circleci/project
     docker:
-      - image: node:16.15.0-alpine
+      - image: node:16.15.0-alpine # Ref: https://hub.docker.com/_/node?tab=tags&page=1&name=alpine
 
   default-machine:
     working_directory: *WORKING_DIR
     machine:
-      image: ubuntu-2004:current
+      image: ubuntu-2004:current # Ref: https://circleci.com/developer/machine/image/ubuntu-2004
 
+##
+# Jobs
+#
+# A map of CircleCI jobs
+##
 jobs:
   setup:
     executor: default-docker
@@ -84,6 +102,8 @@ jobs:
           name: Install general dependencies
           command: *defaults_Dependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - run:
           name: Update NPM install
           command: npm ci
@@ -99,6 +119,8 @@ jobs:
           name: Install general dependencies
           command: *defaults_Dependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - restore_cache:
           key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
       - run:
@@ -122,6 +144,8 @@ jobs:
           name: Install general dependencies
           command: *defaults_Dependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - restore_cache:
           key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
       - run:
@@ -135,6 +159,8 @@ jobs:
           name: Install general dependencies
           command: *defaults_Dependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - restore_cache:
           key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
       - run:
@@ -151,6 +177,8 @@ jobs:
           name: Install AWS CLI dependencies
           command: *defaults_awsCliDependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - restore_cache:
           key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
       - run:
@@ -181,6 +209,8 @@ jobs:
           name: Install general dependencies
           command: *defaults_Dependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - restore_cache:
           key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
       - run:
@@ -204,9 +234,6 @@ jobs:
       - checkout
       - restore_cache:
           key: dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
-      - run:
-          name: Prune non-production packages before running license-scanner
-          command: npm prune --production
       - run:
           name: Run the license-scanner
           command: cd /tmp/license-scanner && pathToRepo=$CIRCLE_WORKING_DIRECTORY make run
@@ -214,23 +241,61 @@ jobs:
           path: /tmp/license-scanner/results
           prefix: licenses
 
-  build:
+  build-local:
     executor: default-machine
     steps:
       - checkout
       - run:
-          name: Build Docker $CIRCLE_TAG image
+          name: Build Docker local image
           command: |
-            echo "Building Docker image: $CIRCLE_TAG"
-            docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG .
+            echo "Building Docker image: local"
+            docker build -t $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:local .
       - run:
           name: Save docker image to workspace
+          command: docker save -o /tmp/docker-image-local.tar $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:local
+      - persist_to_workspace:
+          root: /tmp
+          paths:
+            - ./docker-image-local.tar
+
+  build:
+    executor: default-machine
+    steps:
+      - attach_workspace:
+          at: /tmp
+      - run:
+          name: Load the pre-built docker local image from workspace
+          command: docker load -i /tmp/docker-image-local.tar
+      - run:
+          name: Re-tag the image
+          command: |
+            echo "Re-tagging Docker image: $CIRCLE_TAG"
+            docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:local $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
+      - run:
+          name: Save the new docker image to workspace
           command: docker save -o /tmp/docker-image.tar $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
       - persist_to_workspace:
           root: /tmp
           paths:
             - ./docker-image.tar
 
+  license-scan:
+    executor: default-machine
+    steps:
+      - attach_workspace:
+          at: /tmp
+      - run:
+          name: Load the pre-built docker image from workspace
+          command: docker load -i /tmp/docker-image.tar
+      - run:
+          <<: *defaults_license_scanner
+      - run:
+          name: Run the license-scanner
+          command: cd /tmp/license-scanner && mode=docker dockerImages=$DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG make run
+      - store_artifacts:
+          path: /tmp/license-scanner/results
+          prefix: licenses
+
   image-scan:
     executor: anchore/anchore_engine
     steps:
@@ -309,6 +374,8 @@ jobs:
           name: Install general dependencies
           command: *defaults_Dependencies
       - checkout
+      - run:
+          <<: *defaults_configure_nvm
       - restore_cache:
           keys:
           - dependency-cache-{{ .Environment.CIRCLE_SHA1 }}
@@ -399,7 +466,65 @@ jobs:
           at: /tmp
       - run:
           name: Load the pre-built docker image from workspace
-          command: | 
+          command: |
+            docker load -i /tmp/docker-image.tar
+      - run:
+          name: Login to Docker Hub
+          command: docker login -u $DOCKER_USER -p $DOCKER_PASS
+      - run:
+          name: Re-tag pre built image
+          command: |
+            docker tag $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
+      - run:
+          name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
+          command: |
+            echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
+            docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
+            echo "Publishing $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
+            docker push $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
+      - run:
+          name: Set Image Digest
+          command: |
+            IMAGE_DIGEST=$(docker inspect $DOCKER_ORG/$CIRCLE_PROJECT_REPONAME:v${CIRCLE_TAG:1} | jq '.[0].RepoDigests | .[]')
+            echo "IMAGE_DIGEST=${IMAGE_DIGEST}"
+            echo "export IMAGE_DIGEST=${IMAGE_DIGEST}" >> $BASH_ENV
+      - run:
+          name: Update Slack config
+          command: |
+            echo "export SLACK_RELEASE_URL='https://hub.docker.com/layers/${CIRCLE_PROJECT_REPONAME}/${DOCKER_ORG}/${CIRCLE_PROJECT_REPONAME}/v${CIRCLE_TAG:1}/images/${IMAGE_DIGEST}?context=explore'" | sed -r "s/${DOCKER_ORG}\/${CIRCLE_PROJECT_REPONAME}@sha256:/sha256-/g" >> $BASH_ENV
+      - slack/notify:
+          event: pass
+          template: SLACK_TEMP_RELEASE_SUCCESS
+      - slack/notify:
+          event: fail
+          template: SLACK_TEMP_RELEASE_FAILURE
+
+  publish-docker-snapshot:
+    executor: default-machine
+    steps:
+      - checkout
+      - run:
+          name: Setup for SNAPSHOT release
+          command: |
+            echo "export RELEASE_TAG=$RELEASE_TAG_SNAPSHOT" >> $BASH_ENV
+            echo "RELEASE_TAG=$RELEASE_TAG_SNAPSHOT"
+
+            PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
+            echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
+            echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
+      - run:
+          name: Setup Slack config
+          command: |
+            echo "export SLACK_PROJECT_NAME=${CIRCLE_PROJECT_REPONAME}" >> $BASH_ENV
+            echo "export SLACK_RELEASE_TYPE='Docker Release'" >> $BASH_ENV
+            echo "export SLACK_RELEASE_TAG=v${CIRCLE_TAG:1}" >> $BASH_ENV
+            echo "export SLACK_BUILD_ID=${CIRCLE_BUILD_NUM}" >> $BASH_ENV
+            echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
+      - attach_workspace:
+          at: /tmp
+      - run:
+          name: Load the pre-built docker image from workspace
+          command: |
             docker load -i /tmp/docker-image.tar
       - run:
           name: Login to Docker Hub
@@ -432,7 +557,7 @@ jobs:
           event: fail
           template: SLACK_TEMP_RELEASE_FAILURE
 
-  publish:
+  publish-npm:
     executor: default-docker
     steps:
       - run:
@@ -446,7 +571,6 @@ jobs:
           command: |
             echo "export RELEASE_TAG=$RELEASE_TAG_PROD" >> $BASH_ENV
             echo "RELEASE_TAG=$RELEASE_TAG_PROD"
-
             PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
             echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
             echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
@@ -470,7 +594,7 @@ jobs:
           event: fail
           template: SLACK_TEMP_RELEASE_FAILURE
 
-  publish-snapshot:
+  publish-npm-snapshot:
     executor: default-docker
     steps:
       - run:
@@ -484,10 +608,8 @@ jobs:
           command: |
             echo "export RELEASE_TAG=${RELEASE_TAG_SNAPSHOT}" >> $BASH_ENV
             echo "RELEASE_TAG=${RELEASE_TAG_SNAPSHOT}"
-
             echo "Override package version: ${CIRCLE_TAG:1}"
             npx standard-version --skip.tag --skip.commit --skip.changelog --release-as ${CIRCLE_TAG:1}
-
             PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
             echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
             echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
@@ -511,6 +633,11 @@ jobs:
           event: fail
           template: SLACK_TEMP_RELEASE_FAILURE
 
+##
+# Workflows
+#
+# CircleCI Workflow config
+##
 workflows:
   version: 2
   build_and_test:
@@ -526,17 +653,17 @@ workflows:
               ignore:
                 - /feature*/
                 - /bugfix*/
-      # - test-dependencies:
-      #     context: org-global
-      #     requires:
-      #       - setup
-      #     filters:
-      #       tags:
-      #         only: /.*/
-      #       branches:
-      #         ignore:
-      #           - /feature*/
-      #           - /bugfix*/
+      - test-dependencies:
+          context: org-global
+          requires:
+            - setup
+          filters:
+            tags:
+              only: /.*/
+            branches:
+              ignore:
+                - /feature*/
+                - /bugfix*/
       - test-lint:
           context: org-global
           requires:
@@ -592,16 +719,38 @@ workflows:
               ignore:
                 - /feature*/
                 - /bugfix*/
+      - build-local:
+          context: org-global
+          requires:
+            - setup
+          filters:
+            tags:
+              only: /.*/
+            branches:
+              ignore:
+                - /feature*/
+                - /bugfix*/
       - build:
           context: org-global
           requires:
             - setup
-            # - test-dependencies
+            - test-dependencies
             - test-lint
             - test-unit
             - test-coverage
             - vulnerability-check
             - audit-licenses
+            - build-local
+          filters:
+            tags:
+              only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
+            branches:
+              ignore:
+                - /.*/
+      - license-scan:
+          context: org-global
+          requires:
+            - build
           filters:
             tags:
               only: /v[0-9]+(\.[0-9]+)*(\-snapshot(\.[0-9]+)?)?(\-hotfix(\.[0-9]+)?)?(\-perf(\.[0-9]+)?)?/
@@ -623,12 +772,14 @@ workflows:
           context: org-global
           requires:
             - pr-tools/pr-title-check
-            # - test-dependencies
+            - test-dependencies
             - test-lint
             - test-unit
             - test-coverage
             - vulnerability-check
             - audit-licenses
+            - license-scan
+            - image-scan
           filters:
             branches:
               only:
@@ -647,11 +798,14 @@ workflows:
           context: org-global
           requires:
             - pr-tools/pr-title-check
+            - test-dependencies
             - test-lint
             - test-unit
+            - build
             - test-coverage
             - vulnerability-check
             - audit-licenses
+            - license-scan
             - image-scan
           filters:
             tags:
@@ -659,30 +813,55 @@ workflows:
             branches:
               ignore:
                 - /.*/
-      - publish:
+      - publish-docker-snapshot:
           context: org-global
           requires:
             - pr-tools/pr-title-check
+            - test-dependencies
             - test-lint
             - test-unit
+            - build
             - test-coverage
             - vulnerability-check
             - audit-licenses
+            - license-scan
+            - image-scan
+          filters:
+            tags:
+              only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
+            branches:
+              ignore:
+                - /.*/
+      - publish-npm:
+          context: org-global
+          requires:
+            - pr-tools/pr-title-check
+            - test-dependencies
+            - test-lint
+            - test-unit
+            - test-coverage
+            - vulnerability-check
+            - audit-licenses
+            - license-scan
+            - image-scan
           filters:
             tags:
               only: /v[0-9]+(\.[0-9]+)*/
             branches:
               ignore:
                 - /.*/
-      - publish-snapshot:
+      - publish-npm-snapshot:
           context: org-global
           requires:
             - pr-tools/pr-title-check
+            - test-dependencies
             - test-lint
             - test-unit
             - test-coverage
             - vulnerability-check
             - audit-licenses
+            - license-scan
+            - image-scan
           filters:
             tags:
               only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/

package/CODEOWNERS

@@ -0,0 +1,30 @@
+# Each line is a file pattern followed by one or more owners.
+## These owners will be the default owners for everything in
+## the repo. Unless a later match takes precedence,
+## @global-owner1 and @global-owner2 will be requested for
+## review when someone opens a pull request.
+#*       @global-owner1 @global-owner2
+*   @vijayg10 @mdebarros @elnyry-sam-k
+## Order is important; the last matching pattern takes the most
+## precedence. When someone opens a pull request that only
+## modifies JS files, only @js-owner and not the global
+## owner(s) will be requested for a review.
+# *.js    @js-owner
+## You can also use email addresses if you prefer. They'll be
+## used to look up users just like we do for commit author
+## emails.
+#*.go docs@example.com
+# In this example, @doctocat owns any files in the build/logs
+# directory at the root of the repository and any of its
+# subdirectories.
+# /build/logs/ @doctocat
+## The `docs/*` pattern will match files like
+## `docs/getting-started.md` but not further nested files like
+## `docs/build-app/troubleshooting.md`.
+# docs/*  docs@example.com
+## In this example, @octocat owns any file in an apps directory
+## anywhere in your repository.
+#apps/ @octocat
+## In this example, @doctocat owns any file in the `/docs`
+## directory in the root of your repository.
+#/docs/ @doctocat

package/Dockerfile

@@ -16,10 +16,13 @@ FROM node:16.15.0-alpine
 WORKDIR /opt/app
 
 # Create a non-root user: ml-user
-RUN adduser -D ml-user 
-USER ml-user
+RUN adduser -D ml-user
 
 COPY --chown=ml-user --from=builder /opt/app .
+RUN chown ml-user:ml-user /opt/app
+
+USER ml-user
+
 RUN npm prune --production
 
 CMD ["npm", "run", "cli"]

package/README.md

@@ -242,3 +242,45 @@ Example Command:
 ```
 ml-ttk-cli -m outbound -i examples/collections/dfsp/p2p_happy_path.json -e examples/environments/dfsp_local_environment.json --slack-webhook-url=https://hooks.slack.com/services/blablabla...
 ```
+
+-------
+
+## Auditing Dependencies
+
+We use `npm-audit-resolver` along with `npm audit` to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an `audit-resolve.json` file.
+
+To start a new resolution process, run:
+
+```bash
+npm run audit:resolve
+```
+
+You can then check to see if the CI will pass based on the current dependencies with:
+
+```bash
+npm run audit:check
+```
+
+And commit the changed `audit-resolve.json` to ensure that CircleCI will build correctly.
+
+## Container Scans
+
+As part of our CI/CD process, we use anchore-cli to scan our built docker container for vulnerabilities upon release.
+
+If you find your release builds are failing, refer to the [container scanning](https://github.com/mojaloop/ci-config#container-scanning) in our shared Mojaloop CI config repo. There is a good chance you simply need to update the `mojaloop-policy-generator.js` file and re-run the circleci workflow.
+
+For more information on anchore and anchore-cli, refer to:
+- [Anchore CLI](https://github.com/anchore/anchore-cli)
+- [Circle Orb Registry](https://circleci.com/orbs/registry/orb/anchore/anchore-engine)
+
+## Automated Releases
+
+As part of our CI/CD process, we use a combination of CircleCI, standard-version
+npm package and github-release CircleCI orb to automatically trigger our releases
+and image builds. This process essentially mimics a manual tag and release.
+
+On a merge to master, CircleCI is configured to use the mojaloopci github account
+to push the latest generated CHANGELOG and package version number.
+
+Once those changes are pushed, CircleCI will pull the updated master, tag and
+push a release triggering another subsequent build that also publishes a docker image.

package/audit-ci.jsonc

@@ -0,0 +1,7 @@
+{
+  "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
+  // audit-ci supports reading JSON, JSONC, and JSON5 config files.
+  // Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
+  "moderate": true,
+  "allowlist": []
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mojaloop/ml-testing-toolkit-client-lib",
   "description": "Testing Toolkit Client Library",
-  "version": "0.0.6",
+  "version": "1.0.0-snapshot.2",
   "license": "Apache-2.0",
   "author": "Vijaya Kumar Guthi, ModusBox Inc. ",
   "contributors": [
@@ -15,6 +15,9 @@
     "url": "https://github.com/mojaloop/ml-testing-toolkit-client-lib.git"
   },
   "bugs": "https://github.com/mojaloop/ml-testing-toolkit-client-lib/issues",
+  "engines": {
+    "node": "=16.x"
+  },
   "config": {},
   "bin": {
     "ml-ttk-cli": "bin/cli.js"
@@ -46,13 +49,10 @@
     "test:junit": "jest --reporters=default --reporters=jest-junit --testMatch '**/test/unit/**/*.test.js'",
     "test:integration": "./test/integration-runner.sh ",
     "cover": "npx nyc --all report --reporter=lcov npm run test",
-    "lint": "npx standard",
-    "lint:fix": "npx standard --fix",
-    "build": "docker build -t mojaloop-testing-toolkit:local -f ./Dockerfile .",
-    "run": "docker run -p 5000:5000 --rm ",
+    "lint": "npm run standard",
+    "lint:fix": "npm run standard:fix",
     "generate-docs": "jsdoc -c jsdoc.json",
-    "audit:resolve": "SHELL=sh resolve-audit",
-    "audit:check": "SHELL=sh check-audit",
+    "audit:check": "npx audit-ci --config ./audit-ci.jsonc",
     "dep:check": "npx ncu -e 2",
     "dep:update": "npx ncu -u",
     "genexec": "pkg -t node8-win .",
@@ -62,21 +62,21 @@
   },
   "dependencies": {
     "@mojaloop/central-services-logger": "^11.0.1",
-    "@mojaloop/ml-testing-toolkit-shared-lib": "^12.2.0",
-    "@mojaloop/sdk-standard-components": "17.0.3",
+    "@mojaloop/ml-testing-toolkit-shared-lib": "^13.0.0",
+    "@mojaloop/sdk-standard-components": "17.1.1",
     "@slack/webhook": "^6.1.0",
     "atob": "2.1.2",
-    "aws-sdk": "^2.1148.0",
+    "aws-sdk": "^2.1181.0",
     "axios": "^0.27.2",
     "cli-table3": "0.6.2",
-    "commander": "9.3.0",
+    "commander": "9.4.0",
     "dotenv": "^16.0.1",
     "fs": "0.0.1-security",
     "lodash": "^4.17.21",
     "mv": "^2.1.1",
     "node-dir": "0.1.17",
     "node-strings": "^1.0.2",
-    "parse-strings-in-object": "1.4.0",
+    "parse-strings-in-object": "1.6.0",
     "path": "^0.12.7",
     "rc": "1.2.8",
     "request": "^2.88.2",
@@ -85,16 +85,14 @@
     "ws": "^7.5.5"
   },
   "devDependencies": {
-    "eslint": "^8.17.0",
-    "eslint-plugin-import": "^2.26.0",
-    "jest": "^28.1.0",
-    "jest-junit": "^13.2.0",
-    "jsdoc": "^3.6.10",
-    "npm-audit-resolver": "3.0.0-7",
-    "npm-check-updates": "13.1.1",
+    "audit-ci": "^6.3.0",
+    "jest": "^28.1.3",
+    "jest-junit": "^14.0.0",
+    "npm-check-updates": "16.0.0",
     "nyc": "^15.1.0",
-    "parse-strings-in-object": "1.4.0",
+    "parse-strings-in-object": "1.6.0",
     "pre-commit": "1.2.2",
+    "replace": "^1.2.1",
     "sinon": "14.0.0",
     "standard": "^17.0.0",
     "standard-version": "^9.5.0"
@@ -110,5 +108,10 @@
   },
   "publishConfig": {
     "registry": "https://registry.npmjs.org/"
+  },
+  "standard-version": {
+    "scripts": {
+      "postchangelog": "replace '\\[mojaloop/#(\\d+)\\]\\(https://github.com/mojaloop/(.*)/issues/(\\d+)\\)' '[mojaloop/#$1](https://github.com/mojaloop/project/issues/$1)' CHANGELOG.md"
+    }
   }
 }

package/audit-resolve.json

@@ -1,14 +0,0 @@
-{
-  "decisions": {
-    "1067560|swagmock>swagger-parser>z-schema>validator": {
-      "decision": "postpone",
-      "madeAt": 1653992416102
-    },
-    "1068118|socket.io>engine.io": {
-      "decision": "postpone",
-      "madeAt": 1653992430065
-    }
-  },
-  "rules": {},
-  "version": 1
-}