01 Sep 13:46

mojaloopci

0cdf026

v12.0.8 Release

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

12.0.8 (2021-09-01)

Bug Fixes

mojaloop/#2439: quoting-service-model.validatequoterequest-doesnt-perform-correct-validation (#280) (b0c2cdc), closes mojaloop/#2439 mojaloop/#2439
updated circleci config to use the SHA1 hash of the last commit of the current build (#281) (9ee10d7)

Assets 3

11 Aug 15:17

mdebarros

v12.0.7

65075f1

v12.0.7 Release

fix(#2358): firstname, middlename and lastname regex not supporting myanmar script unicode strings
- Updated regex to match \w (used by the Mojaloop Specification) based on mappings to the ECMAScript regex specification.
- Added unit test for post quotes endpoint with additional asian (Myanmar) unicode characters added to middleName
- Bump to patch version
- Updated dependencies to the latest version
- Fixed audit-resolve issues:

--------------------------------------------------
 tar needs your attention.

[ high ] Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
 vulnerable versions <3.2.2 || >=4.0.0 <4.4.14 || >=5.0.0 <5.0.6 || >=6.0.0 <6.1.1 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar
[ high ] Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
 vulnerable versions <3.2.3 || >=4.0.0 <4.4.15 || >=5.0.0 <5.0.7 || >=6.0.0 <6.1.2 found in:
 - dependencies: @mojaloop/event-sdk>grpc>@mapbox/node-pre-gyp>tar

Outcome: Fixed

--------------------------------------------------
 yargs-parser needs your attention.

[ low ] Prototype Pollution
 vulnerable versions <13.1.2 || >=14.0.0 <15.0.1 || >=16.0.0 <18.1.2 found in:
 - dependencies: @mojaloop/central-services-shared>widdershins>yargs>yargs-parser

Outcome: Ignored for a week

--------------------------------------------------
 sanitize-html needs your attention.

[ moderate ] Improper Input Validation
 vulnerable versions <2.3.1 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html
[ moderate ] Improper Input Validation
 vulnerable versions <2.3.2 found in:
 - dependencies: @mojaloop/central-services-shared>shins>sanitize-html

Outcome: Ignored for a week

Assets 2

11 Jun 08:55

mdebarros

v12.0.6

c96fb58

v12.0.6 Release

fix(mojaloop/project#2246): updated dependency version (#272)
-Bumped Version
-Fixed pre-commit task, misspelling

Thanks to @JohannWNel!

Assets 2

02 Jun 16:12

mdebarros

v12.0.5

b86b3ed

v12.0.5 Release

Change-log for this Release:

chore: helm release v12.1.0
- updated missing dependency updates due to ncurc
- 'allow.auto.create.topics=true' had been added to Kafka Consumer configs. This will enable Kafka Consumers to trigger auto creation of topics, ref: https://github.com/edenhill/librdkafka/releases/tag/v1.5.0.

Assets 2

01 Jun 16:38

mdebarros

v12.0.4

12ecdb6

v12.0.4 Release

Change-log for this Release:

fix: helm release v12.1.0 (#269)
- Updated dependencies
- Bump to patch level
- Standardised npm lint script
- Fixes for audit issues

Assets 2

12 May 11:11

mdebarros

v12.0.3

157493f

v12.0.3 Release

Change-log for this Release:

fix(#2182): regex validations against swagger interface spec no longer working

Assets 2

06 May 08:37

mdebarros

v12.0.2

b435764

v12.0.2 Release

Change-log for this Release:

feat(#2119): fixes for updated for AJV error objects change (#265)
- Includes new release of Central-services-shared: https://github.com/mojaloop/central-services-shared/releases/tag/v11.7.0
- Includes new release of Central-services-error-handling: https://github.com/mojaloop/central-services-error-handling/releases/tag/v11.2.0
- Upgraded dependencies
- Added AJV as it was a "peer dependency"
- Bump to version
- Updated audit-resolve for known security issue