fix: fix prev PR and add location field to notification-template, not notification

[Danziger]

The previous PR incorrectly added the new field to notification, not to notification-template: #86

Also, running yarn build with Node.js 16 would result in:

yarn build
yarn run v1.22.19
$ npm run build:strapi && npm run build:lib

@cowprotocol/cms-parent@0.13.0 prebuild:strapi
cd src/plugins/import-notifications && yarn install && yarn run build && cd ../../..

[1/5] Validating package.json...
[2/5] Resolving packages...
[3/5] Fetching packages...
error @strapi/helper-plugin@4.21.0: The engine "node" is incompatible with this module. Expected version ">=18.0.0 <=20.x.x". Got "16.20.2"
error Found incompatible module.
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

README and engines have been bumped to Node.js 18 and the instructions to run the project locally have been updated.

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Critical CVE: CASL Ability is Vulnerable to Prototype Pollution in npm @casl/ability CVE: GHSA-x9vf-53q3-cvx6 CASL Ability is Vulnerable to Prototype Pollution (CRITICAL) Affected versions: >= 2.4.0 < 6.7.5 Patched version: 6.7.5 From: ? → npm/@strapi/strapi@4.13.3 → npm/@casl/ability@5.4.4 ℹ Read more on: This package | This alert | What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@casl/ability@5.4.4. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Critical CVE: Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) CVE: GHSA-vjh7-7g9h-fjfh Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) (CRITICAL) Affected versions: < 6.6.1 Patched version: 6.6.1 From: ? → npm/@strapi/plugin-users-permissions@4.13.3 → npm/elliptic@6.5.4 ℹ Read more on: This package | This alert | What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/elliptic@6.5.4. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report