chore(mojaloop/#3440): nodejs upgrade (#133)

chore(mojaloop/#3440): NodeJS version upgrade - mojaloop/project#3440
- Upgraded nodejs from v16 to v18 LTS
- Applied CI changes as previously implemented in [sdk-scheme-adapter](mojaloop/sdk-scheme-adapter#453)
- Updated NPM dependencies
- Re-implement husky integration due to API changes in husky's latest version
- Resolved all audit issues
- Fixed docker-compose issues
- Migrated `master` branch to `main` branch

.husky/commit-msg

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx commitlint --edit $1

.husky/post-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+git update-index --again

.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx lint-staged; npm run test:unit

.ncurc.js

@@ -1,15 +1,10 @@
 module.exports = {
   reject: [
-    // Upgrading past husky@4 to involves a full config migration with no current and apparent benefit.
-    // So we are just sticking to husky@4.x.x for the time being.
-    'husky',
     // Caution advised in upgrading redis-mock past 0.52.0. Investigation needed.
     'redis-mock',
     // Upgrading past redis@3 to the next major version introduces a lot of breaking changes.
     'redis',
     '@types/redis',
-    // Upgrading past commander@7 introduces a lot of breaking changes.
-    'commander',
     // Upgrading sqlite past 5.0.2 seems to introduce sh: 1: node-pre-gyp: not found.
     // Investigation needed.
     'sqlite3',

.nvmrc

@@ -1 +1,2 @@
-16.15.0
+18.17.1
+

.versionrc.js

@@ -1,14 +1,16 @@
 module.exports = {
   header: '# Changelog: [mojaloop/auth-service](https://github.com/mojaloop/auth-service)',
   types: [
-    { type: 'feat', section: 'Features' },
-    { type: 'fix', section: 'Bug Fixes' },
-    { type: 'chore', section: 'Maintenance' },
-    { type: 'ci', section: 'CI/CD' },
-    { type: 'docs', section: 'Documentation' },
-    { type: 'style', section: 'Style Improvements' },
-    { type: 'refactor', section: 'Code Refactor' },
-    { type: 'perf', section: 'Performance' },
-    { type: 'test', section: 'Tests' }
+    {"type": "feat", "section": "Features"},
+    {"type": "fix", "section": "Bug Fixes"},
+    {"type": "docs", "section": "Documentation"},
+    {"type": "style", "section": "Styling"},
+    {"type": "refactor", "section": "Refactors"},
+    {"type": "perf", "section": "Performance"},
+    {"type": "test", "section": "Tests"},
+    {"type": "build", "section": "Build System"},
+    {"type": "ci", "section": "CI"},
+    {"type": "chore", "section": "Chore"},
+    {"type": "revert", "section": "Reverts"}
   ]
 }

Dockerfile

@@ -1,12 +1,23 @@
-FROM node:16.15.0-alpine as builder
+# Arguments
+ARG NODE_VERSION=lts-alpine
+
+# NOTE: Ensure you set NODE_VERSION Build Argument as follows...
+#
+#  export NODE_VERSION="$(cat .nvmrc)-alpine" \
+#  docker build \
+#    --build-arg NODE_VERSION=$NODE_VERSION \
+#    -t mojaloop/sdk-scheme-adapter:local \
+#    . \
+#
+
+# Build Image
+FROM node:${NODE_VERSION} as builder
 USER root
 
 WORKDIR /opt/app
 
-RUN apk add --no-cache -t build-dependencies make gcc g++ python3 libtool libressl-dev openssl-dev autoconf automake \
-    && cd $(npm root -g)/npm \
-    && npm config set unsafe-perm true \
-    && npm install -g node-gyp
+RUN apk add --no-cache -t build-dependencies make gcc g++ python3 libtool openssl-dev autoconf automake \
+    && cd $(npm root -g)/npm
 
 COPY package.json package-lock.json* /opt/app/
 
@@ -17,7 +28,7 @@ RUN npm run build
 RUN rm -rf src secrets test docs
 RUN npm prune --production
 
-FROM node:16.15.0-alpine
+FROM node:${NODE_VERSION}
 
 WORKDIR /opt/app
 

README.md

@@ -1,5 +1,5 @@
 # Auth Service (Work in Progress)
-[![Git Commit](https://img.shields.io/github/last-commit/mojaloop/auth-service.svg?style=flat)](https://github.com/mojaloop/auth-service/commits/master)
+[![Git Commit](https://img.shields.io/github/last-commit/mojaloop/auth-service.svg?style=flat)](https://github.com/mojaloop/auth-service/commits/main)
 [![Git Releases](https://img.shields.io/github/release/mojaloop/auth-service.svg?style=flat)](https://github.com/mojaloop/auth-service/releases)
 [![Npm Version](https://img.shields.io/npm/v/@mojaloop/auth-service.svg?style=flat)](https://www.npmjs.com/package/@mojaloop/auth-service)
 [![NPM Vulnerabilities](https://img.shields.io/snyk/vulnerabilities/npm/@mojaloop/auth-service.svg?style=flat)](https://www.npmjs.com/package/@mojaloop/auth-service)
@@ -57,4 +57,20 @@ After making changes to the `.yaml` files in `./src/interface/`, update the `swa
 > Note: We will likely want to move to swagger 3.0 at some point, and once we do, we will be able to use the [common api snippets](https://github.com/mojaloop/api-snippets) library to factor out common Mojaloop snippets.
 > Keep track of [#352 - Update to OpenAPI v3](https://app.zenhub.com/workspaces/pisp-5e8457b05580fb04a7fd4878/issues/mojaloop/mojaloop/352)
 
+## Auditing Dependencies
 
+We use `audit-ci` along with `npm audit` to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an `audit-ci.jsonc` file.
+
+To start a new resolution process, run:
+
+```bash
+npm run audit:fix
+```
+
+You can then check to see if the CI will pass based on the current dependencies with:
+
+```bash
+npm run audit:check
+```
+
+The [audit-ci.jsonc](./audit-ci.jsonc) contains any audit-exceptions that cannot be fixed to ensure that CircleCI will build correctly.

audit-ci.jsonc

@@ -6,23 +6,22 @@
   "allowlist": [
     // NOTE: Please add as much information as possible to any items added to the allowList
     // Currently no fixes available for the following
-    "GHSA-v88g-cgmw-v5xw", //widdershins>swagger2openapi>oas-validator>ajv
-    "GHSA-phwq-j96m-2c2q", //@mojaloop/central-services-shared>shins>ejs
-    "GHSA-282f-qqgm-c34q", //widdershins>swagger2openapi>better-ajv-errors>jsonpointer
-    "GHSA-qwph-4952-7xr6", //@mojaloop/central-services-health>@mojaloop/central-services-error-handling>@mojaloop/sdk-standard-components>jsonwebtoken
-    "GHSA-qwph-4952-7xr6", //@mojaloop/central-services-shared>@mojaloop/central-services-error-handling>@mojaloop/sdk-standard-components>jsonwebtoken
-    "GHSA-hjrf-2m68-5959", //@mojaloop/central-services-health>@mojaloop/central-services-error-handling>@mojaloop/sdk-standard-components>jsonwebtoken
-    "GHSA-hjrf-2m68-5959", //@mojaloop/central-services-shared>@mojaloop/central-services-error-handling>@mojaloop/sdk-standard-components>jsonwebtoken
-    "GHSA-6vfc-qv3f-vr6c", //widdershins>markdown-it
-    "GHSA-wc69-rhjr-hc9g", //@mojaloop/central-services-shared>@mojaloop/event-sdk>moment
-    "GHSA-g954-5hwp-pp24", //@mojaloop/central-services-shared>@mojaloop/event-sdk>protobufjs
-    "GHSA-rjqq-98f6-6j3r", //@mojaloop/central-services-shared>shins>sanitize-html
-    "GHSA-mjxr-4v3x-q3m4", //@mojaloop/central-services-shared>shins>sanitize-html
-    "GHSA-9qrh-qjmc-5w2p", //sqlite3
-    "GHSA-r628-mhmh-qjhw", //sqlite3>node-gyp>tar
-    "GHSA-9r2w-394v-53qc", //sqlite3>node-gyp>tar
-    "GHSA-5955-9wpr-37jh", //sqlite3>node-gyp>tar
-    "GHSA-3jfq-g458-7qm9", //sqlite3>node-gyp>tar
-    "GHSA-p9pc-299p-vxgp" //widdershins>yargs>yargs-parser
+    "GHSA-v88g-cgmw-v5xw", // https://github.com/advisories/GHSA-v88g-cgmw-v5xw
+    "GHSA-phwq-j96m-2c2q", // https://github.com/advisories/GHSA-phwq-j96m-2c2q
+    "GHSA-282f-qqgm-c34q", // https://github.com/advisories/GHSA-282f-qqgm-c34q
+    "GHSA-6vfc-qv3f-vr6c", // https://github.com/advisories/GHSA-6vfc-qv3f-vr6c
+    "GHSA-p8p7-x288-28g6", // https://github.com/advisories/GHSA-p8p7-x288-28g6
+    "GHSA-mjxr-4v3x-q3m4", // https://github.com/advisories/GHSA-mjxr-4v3x-q3m4
+    "GHSA-rjqq-98f6-6j3r", // https://github.com/advisories/GHSA-rjqq-98f6-6j3r
+    "GHSA-c2qf-rxjj-qqgw", // https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
+    "GHSA-9qrh-qjmc-5w2p", // https://github.com/advisories/GHSA-9qrh-qjmc-5w2p
+    "GHSA-jqv5-7xpx-qj74", // https://github.com/advisories/GHSA-jqv5-7xpx-qj74
+    "GHSA-3jfq-g458-7qm9", // https://github.com/advisories/GHSA-3jfq-g458-7qm9
+    "GHSA-r628-mhmh-qjhw", // https://github.com/advisories/GHSA-r628-mhmh-qjhw
+    "GHSA-9r2w-394v-53qc", // https://github.com/advisories/GHSA-9r2w-394v-53qc
+    "GHSA-5955-9wpr-37jh", // https://github.com/advisories/GHSA-5955-9wpr-37jh
+    "GHSA-qq89-hq3f-393p", // https://github.com/advisories/GHSA-qq89-hq3f-393p
+    "GHSA-72xf-g2v4-qvf3", // https://github.com/advisories/GHSA-72xf-g2v4-qvf3
+    "GHSA-p9pc-299p-vxgp"  // https://github.com/advisories/GHSA-p9pc-299p-vxgp
   ]
-}
+}

docker-compose.yml

@@ -20,18 +20,16 @@ services:
       - mysql
       - redis
     volumes:
-      - ./scripts/wait4.js:/opt/auth-service/scripts/wait4.js
-      - ./scripts/wait4.config.js:/opt/auth-service/scripts/wait4.config.js
       # Mount the config folder for easy config updates
       - ./config:/opt/auth-service/config
     environment:
       - NODE_ENV=integration
       - LOG_LEVEL=debug
     healthcheck:
-      test: wget -q http://localhost:4004/health -O /dev/null || exit 1
+      test: ["CMD", "sh", "-c" ,"apk --no-cache add curl", ";", "curl", "http://localhost:4004/health"]
       timeout: 20s
-      retries: 30
-      interval: 15s
+      retries: 10
+      interval: 30s
     user: root
 
   mysql:

docker/ml-testing-toolkit/spec_files/api_definitions/fspiop_1.1/api_spec.yaml

@@ -4,14 +4,14 @@ info:
   title: Open API for FSP Interoperability (FSPIOP)
   description: >-
     Based on [API Definition updated on 2020-05-19 Version
-    1.1](https://github.com/mojaloop/mojaloop-specification/blob/master/documents/v1.1-document-set/API%20Definition_v1.1.pdf).
+    1.1](https://github.com/mojaloop/mojaloop-specification/blob/main/documents/v1.1-document-set/API%20Definition_v1.1.pdf).
 
 
     **Note:** The API supports a maximum size of 65536 bytes (64 Kilobytes) in
     the HTTP header.
   license:
     name: CC BY-ND 4.0
-    url: 'https://github.com/mojaloop/mojaloop-specification/blob/master/LICENSE.md'
+    url: 'https://github.com/mojaloop/mojaloop-specification/blob/main/LICENSE.md'
   contact:
     name: Sam Kummary
     url: 'https://github.com/mojaloop/mojaloop-specification/issues'
@@ -3561,7 +3561,7 @@ components:
         API for signature verification, should contain the service URI. Required
         if signature verification is used, for more information, see [the API
         Signature
-        document](https://github.com/mojaloop/docs/tree/master/Specification%20Document%20Set).
+        document](https://github.com/mojaloop/docs/tree/main/Specification%20Document%20Set).
     FSPIOP-HTTP-Method:
       name: FSPIOP-HTTP-Method
       in: header
@@ -3573,7 +3573,7 @@ components:
         by the API for signature verification, should contain the service HTTP
         method. Required if signature verification is used, for more
         information, see [the API Signature
-        document](https://github.com/mojaloop/docs/tree/master/Specification%20Document%20Set).
+        document](https://github.com/mojaloop/docs/tree/main/Specification%20Document%20Set).
     Accept:
       name: Accept
       in: header

docker/ml-testing-toolkit/spec_files/api_definitions/thirdparty_pisp/api_spec.yaml

@@ -650,7 +650,7 @@ components:
         API for signature verification, should contain the service URI. Required
         if signature verification is used, for more information, see [the API
         Signature
-        document](https://github.com/mojaloop/docs/tree/master/Specification%20Document%20Set).
+        document](https://github.com/mojaloop/docs/tree/main/Specification%20Document%20Set).
     FSPIOP-HTTP-Method:
       name: FSPIOP-HTTP-Method
       in: header
@@ -662,7 +662,7 @@ components:
         by the API for signature verification, should contain the service HTTP
         method. Required if signature verification is used, for more
         information, see [the API Signature
-        document](https://github.com/mojaloop/docs/tree/master/Specification%20Document%20Set).
+        document](https://github.com/mojaloop/docs/tree/main/Specification%20Document%20Set).
     Accept:
       name: Accept
       in: header
@@ -918,7 +918,7 @@ components:
         is at the discretion of the address space owner (the payer DFSP in this
         case).
 
-        https://github.com/mojaloop/documentation/blob/master/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#3212-accountaddress
+        https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#3212-accountaddress
       pattern: ^([0-9A-Za-z_~\-\.]+[0-9A-Za-z_~\-])$
       minLength: 1
       maxLength: 1023
@@ -953,7 +953,7 @@ components:
         DFSP, an account on which access types can be requested or granted. It
         also defines the access types which are requested or granted.
 
-        https://github.com/mojaloop/documentation/blob/master/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#32121-scope
+        https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#32121-scope
       properties:
         address:
           $ref: '#/components/schemas/AccountAddress'
@@ -978,7 +978,7 @@ components:
         "GENERIC" - The credential is based on a simple public key validation.
         Its payload is a GenericCredential object.
 
-        https://github.com/mojaloop/documentation/blob/master/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#3226-credentialtype
+        https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#3226-credentialtype
     CredentialStatusPending:
       title: CredentialStatusPending
       type: string
@@ -1485,7 +1485,7 @@ components:
         request the check, or the {ID} that was used in the GET
         /thirdpartyRequests/verifications/{ID}.
 
-        https://github.com/mojaloop/documentation/blob/master/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#31821-put-thirdpartyrequestsverificationsid
+        https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#31821-put-thirdpartyrequestsverificationsid
       properties:
         authenticationResponse:
           $ref: '#/components/schemas/AuthenticationResponse'