ml-testing-toolkit 18.17.0 → 18.17.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.grype.yaml +31 -1
- package/CHANGELOG.md +16 -0
- package/audit-ci.jsonc +2 -1
- package/package.json +6 -6
- package/{sbom-v18.16.5.csv → sbom-v18.17.1.csv} +322 -334
package/.grype.yaml
CHANGED
|
@@ -15,7 +15,37 @@ ignore:
|
|
|
15
15
|
- vulnerability: CVE-2026-21637
|
|
16
16
|
- vulnerability: CVE-2025-59466
|
|
17
17
|
- vulnerability: GHSA-xxjr-mmjv-4gpg
|
|
18
|
-
|
|
18
|
+
# High severity vulnerabilities
|
|
19
|
+
- vulnerability: CVE-2025-69420
|
|
20
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
21
|
+
- vulnerability: GHSA-34x7-hfp2-rc4v
|
|
22
|
+
reason: "tar 6.2.1, 7.4.3"
|
|
23
|
+
# Medium severity vulnerabilities
|
|
24
|
+
- vulnerability: CVE-2026-22796
|
|
25
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
26
|
+
# libcrypto3 3.3.5-r0 / libssl3 3.3.5-r0: CVE-2025-15467
|
|
27
|
+
- vulnerability: CVE-2025-15467
|
|
28
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
29
|
+
# High severity vulnerabilities
|
|
30
|
+
- vulnerability: GHSA-37qj-frw5-hhjh
|
|
31
|
+
reason: "fast-xml-parser 4.5.3"
|
|
32
|
+
- vulnerability: CVE-2025-69419
|
|
33
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
34
|
+
- vulnerability: CVE-2025-69421
|
|
35
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
36
|
+
# Medium severity vulnerabilities
|
|
37
|
+
- vulnerability: CVE-2025-66199
|
|
38
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
39
|
+
- vulnerability: CVE-2025-15468
|
|
40
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
41
|
+
- vulnerability: CVE-2026-22795
|
|
42
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
43
|
+
- vulnerability: GHSA-p5wg-g6qr-c7cg
|
|
44
|
+
reason: "eslint 8.57.1"
|
|
45
|
+
- vulnerability: CVE-2025-68160
|
|
46
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
47
|
+
- vulnerability: CVE-2025-69418
|
|
48
|
+
reason: "libcrypto3 3.3.5-r0, libssl3 3.3.5-r0"
|
|
19
49
|
# Set output format defaults
|
|
20
50
|
output:
|
|
21
51
|
- "table"
|
package/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,20 @@
|
|
|
1
1
|
# Changelog: [mojaloop/thirdparty-api-svc](https://github.com/mojaloop/thirdparty-api-svc)
|
|
2
|
+
### [18.17.2](https://github.com/mojaloop/ml-testing-toolkit/compare/v18.17.1...v18.17.2) (2026-02-03)
|
|
3
|
+
|
|
4
|
+
|
|
5
|
+
### Chore
|
|
6
|
+
|
|
7
|
+
* bump dep ([#364](https://github.com/mojaloop/ml-testing-toolkit/issues/364)) ([2405c3b](https://github.com/mojaloop/ml-testing-toolkit/commit/2405c3b8e27b3a802dcf40929f464501258fb35b))
|
|
8
|
+
* **sbom:** update sbom [skip ci] ([f0f16ee](https://github.com/mojaloop/ml-testing-toolkit/commit/f0f16eeb1ec9542b64fef3297cf4fd82776b1f57))
|
|
9
|
+
|
|
10
|
+
### [18.17.1](https://github.com/mojaloop/ml-testing-toolkit/compare/v18.17.0...v18.17.1) (2026-01-29)
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
### Chore
|
|
14
|
+
|
|
15
|
+
* **sbom:** update sbom [skip ci] ([daf48a2](https://github.com/mojaloop/ml-testing-toolkit/commit/daf48a22b1d0110707d60c973d0efe4a49f86ebd))
|
|
16
|
+
* update dependencies and audit ([#363](https://github.com/mojaloop/ml-testing-toolkit/issues/363)) ([f0f9c44](https://github.com/mojaloop/ml-testing-toolkit/commit/f0f9c449ad90804d2439099242715711787b0f99))
|
|
17
|
+
|
|
2
18
|
## [18.17.0](https://github.com/mojaloop/ml-testing-toolkit/compare/v18.16.6...v18.17.0) (2026-01-26)
|
|
3
19
|
|
|
4
20
|
|
package/audit-ci.jsonc
CHANGED
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "ml-testing-toolkit",
|
|
3
3
|
"description": "Testing Toolkit for Mojaloop implementations",
|
|
4
|
-
"version": "18.17.
|
|
4
|
+
"version": "18.17.2",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"author": "Vijaya Kumar Guthi, ModusBox Inc. ",
|
|
7
7
|
"contributors": [
|
|
@@ -71,7 +71,7 @@
|
|
|
71
71
|
"genexec": "pkg -t node8-win ."
|
|
72
72
|
},
|
|
73
73
|
"dependencies": {
|
|
74
|
-
"@elastic/elasticsearch": "9.2.
|
|
74
|
+
"@elastic/elasticsearch": "9.2.1",
|
|
75
75
|
"@hapi/basic": "7.0.2",
|
|
76
76
|
"@hapi/boom": "10.0.1",
|
|
77
77
|
"@hapi/good": "9.0.1",
|
|
@@ -80,15 +80,15 @@
|
|
|
80
80
|
"@hapi/vision": "7.0.3",
|
|
81
81
|
"@mojaloop/central-services-logger": "11.10.3",
|
|
82
82
|
"@mojaloop/central-services-metrics": "12.8.3",
|
|
83
|
-
"@mojaloop/ml-schema-transformer-lib": "2.
|
|
83
|
+
"@mojaloop/ml-schema-transformer-lib": "2.8.1",
|
|
84
84
|
"@mojaloop/ml-testing-toolkit-shared-lib": "14.3.2",
|
|
85
|
-
"@mojaloop/sdk-standard-components": "19.18.
|
|
85
|
+
"@mojaloop/sdk-standard-components": "19.18.6",
|
|
86
86
|
"@now-ims/hapi-now-auth": "2.1.0",
|
|
87
87
|
"@types/socket.io": "3.0.2",
|
|
88
88
|
"adm-zip": "0.5.16",
|
|
89
89
|
"ajv-formats": "3.0.1",
|
|
90
90
|
"atob": "2.1.2",
|
|
91
|
-
"axios": "1.13.
|
|
91
|
+
"axios": "1.13.4",
|
|
92
92
|
"chai": "4.4.1",
|
|
93
93
|
"connection-string": "^5.0.0",
|
|
94
94
|
"cookie-parser": "1.4.7",
|
|
@@ -138,7 +138,7 @@
|
|
|
138
138
|
"jest": "29.7.0",
|
|
139
139
|
"jest-junit": "16.0.0",
|
|
140
140
|
"nodemon": "3.1.11",
|
|
141
|
-
"npm-check-updates": "19.3.
|
|
141
|
+
"npm-check-updates": "19.3.2",
|
|
142
142
|
"nyc": "17.1.0",
|
|
143
143
|
"parse-strings-in-object": "1.6.0",
|
|
144
144
|
"pre-commit": "1.2.2",
|