chore(mojaloop/#3521): nodejs upgrade (#91)

chore(mojaloop/#3521): NodeJS version upgrade - mojaloop/project#3521
- Upgraded nodejs from v16 to v18 LTS
- Applied CI changes as previously implemented in [sdk-scheme-adapter](mojaloop/sdk-scheme-adapter#453)
- Updated NPM dependencies
- Re-implement husky integration due to API changes in husky's latest version
- Resolved all audit issues
- Fixed docker-compose issues
- Migrated `master` branch to `main` branch

.husky/commit-msg

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx commitlint --edit $1

.husky/post-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+git update-index --again

.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx lint-staged; npm run test:unit

.ncurc.js

@@ -1,14 +1,5 @@
 
 module.exports = {
   reject: [
-    // Upgrading to husky@8 to involves a full config migration with no current and apparent benefit.
-    // So we are just sticking to husky@6.x.x for the time being.
-    'husky',
-    // Upgrading past jest|ts-jest|@types/jest@26 introduces a lot of breaking changes to current tests.
-    'jest',
-    'ts-jest',
-    '@types/jest',
-    // Upgrading past commander@7 introduces a lot of breaking changes.
-    'commander'
   ]
 }

.nvmrc

@@ -1 +1 @@
-16.15.0
+18.17.1

.versionrc.js

@@ -1,14 +1,16 @@
 module.exports = {
   header: '# Changelog: [mojaloop/thirdparty-api-svc](https://github.com/mojaloop/thirdparty-api-svc)',
   types: [
-    { type: 'feat', section: 'Features' },
-    { type: 'fix', section: 'Bug Fixes' },
-    { type: 'chore', section: 'Maintenance' },
-    { type: 'ci', section: 'CI/CD' },
-    { type: 'docs', section: 'Documentation' },
-    { type: 'style', section: 'Style Improvements' },
-    { type: 'refactor', section: 'Code Refactor' },
-    { type: 'perf', section: 'Performance' },
-    { type: 'test', section: 'Tests' }
+    {"type": "feat", "section": "Features"},
+    {"type": "fix", "section": "Bug Fixes"},
+    {"type": "docs", "section": "Documentation"},
+    {"type": "style", "section": "Styling"},
+    {"type": "refactor", "section": "Refactors"},
+    {"type": "perf", "section": "Performance"},
+    {"type": "test", "section": "Tests"},
+    {"type": "build", "section": "Build System"},
+    {"type": "ci", "section": "CI"},
+    {"type": "chore", "section": "Chore"},
+    {"type": "revert", "section": "Reverts"}
   ]
 }

Dockerfile

@@ -1,12 +1,23 @@
-FROM node:16.15.0-alpine as builder
+# Arguments
+ARG NODE_VERSION=lts-alpine
+
+# NOTE: Ensure you set NODE_VERSION Build Argument as follows...
+#
+#  export NODE_VERSION="$(cat .nvmrc)-alpine" \
+#  docker build \
+#    --build-arg NODE_VERSION=$NODE_VERSION \
+#    -t mojaloop/sdk-scheme-adapter:local \
+#    . \
+#
+
+# Build Image
+FROM node:${NODE_VERSION} as builder
 USER root
 
 WORKDIR /opt/app/
 
-RUN apk add --no-cache -t build-dependencies git make gcc g++ python3 libtool autoconf automake \
-    && cd $(npm root -g)/npm \
-    && npm config set unsafe-perm true \
-    && npm install -g node-gyp
+RUN apk add --no-cache -t build-dependencies git make gcc g++ python3 libtool autoconf automake bash \
+    && cd $(npm root -g)/npm
 
 COPY package.json package-lock.json* /opt/app/
 RUN npm ci
@@ -20,7 +31,7 @@ RUN rm -rf src
 # cleanup
 RUN apk del build-dependencies
 
-FROM node:16.15.0-alpine
+FROM node:${NODE_VERSION}
 WORKDIR /opt/app/
 
 # Create empty log file & link stdout to the application log file

README.md

@@ -1,5 +1,5 @@
 # thirdparty-api-svc
-[![Git Commit](https://img.shields.io/github/last-commit/mojaloop/thirdparty-api-svc.svg?style=flat)](https://github.com/mojaloop/thirdparty-api-svc/commits/master)
+[![Git Commit](https://img.shields.io/github/last-commit/mojaloop/thirdparty-api-svc.svg?style=flat)](https://github.com/mojaloop/thirdparty-api-svc/commits/main)
 [![Git Releases](https://img.shields.io/github/release/mojaloop/thirdparty-api-svc.svg?style=flat)](https://github.com/mojaloop/thirdparty-api-svc/releases)
 [![CircleCI](https://circleci.com/gh/mojaloop/thirdparty-api-svc.svg?style=svg)](https://circleci.com/gh/mojaloop/thirdparty-api-svc)
 
@@ -52,3 +52,21 @@ npm run docker:run
 
 To check the thirdparty-api-svc health visit [http://thirdparty-api-svc.local:3008/health](http://thirdparty-api-svc.local:3008/health)
 
+## Auditing Dependencies
+
+We use `audit-ci` along with `npm audit` to check dependencies for node vulnerabilities, and keep track of resolved dependencies with an `audit-ci.jsonc` file.
+
+To start a new resolution process, run:
+
+```bash
+npm run audit:fix
+```
+
+You can then check to see if the CI will pass based on the current dependencies with:
+
+```bash
+npm run audit:check
+```
+
+The [audit-ci.jsonc](./audit-ci.jsonc) contains any audit-exceptions that cannot be fixed to ensure that CircleCI will build correctly.
+

audit-ci.jsonc

@@ -0,0 +1,17 @@
+{
+  "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
+  // audit-ci supports reading JSON, JSONC, and JSON5 config files.
+  // Only use one of ["low": true, "moderate": true, "high": true, "critical": true]
+  "moderate": true,
+  "allowlist": [
+    // NOTE: Please add as much information as possible to any items added to the allowList
+    // Currently no fixes available for the following
+   "GHSA-v88g-cgmw-v5xw", // https://github.com/advisories/GHSA-v88g-cgmw-v5xw 
+   "GHSA-phwq-j96m-2c2q", // https://github.com/advisories/GHSA-phwq-j96m-2c2q
+   "GHSA-282f-qqgm-c34q", // https://github.com/advisories/GHSA-282f-qqgm-c34q
+   "GHSA-6vfc-qv3f-vr6c", // https://github.com/advisories/GHSA-6vfc-qv3f-vr6c
+   "GHSA-mjxr-4v3x-q3m4", // https://github.com/advisories/GHSA-mjxr-4v3x-q3m4
+   "GHSA-rjqq-98f6-6j3r", // https://github.com/advisories/GHSA-rjqq-98f6-6j3r
+   "GHSA-p9pc-299p-vxgp"  // https://github.com/advisories/GHSA-p9pc-299p-vxgp
+  ]
+}