[pi-24 pqs] quoting-service pqs readiness for Mojaloop v16.1.0 RC #3978

[elnyry-sam-k]

Goal:

As an adopter of Mojaloop

I want to ensure that latest Mojaloop release of quoting-service has known security & quality issues addressed

so that Mojaloop platform can be deployed securely with known vulnerabilities addressed.

Acceptance Criteria:

• Snyk alerts for quoting-service repository are addressed
• Dependabot alerts for quoting-service repository are addressed (moderate, high and critical)
• Ensure main branch is protected and collaborator list is up-to-date
• Ensure open PRs are addressed, closing stale PRs
• Update audit exceptions json file to remove exceptions added that are not necessary anymore
• Close issues on the repository that are fixed / out-of-date
• Ensure codeowners file is current

Complexity: Medium

Uncertainty: Medium

---

Tasks:

• Address dependabot alerts and fix issues
• Address Snyk alerts and fix
• Review open PRs and close ones that are out-of-date or not applicable and remind owners to update
• Review open issues and close ones that are out-of-date or not applicable and remind owners to update
• Review branch protection rules
• Review collaborators and access to the repository
• Update codeowners file to be up-to-date

Done

• Acceptance Criteria pass
• Unit Tests pass
• Integration Tests pass
• Code Style & Coverage meets standards
• Changes made to config (default.json) are broadcast to team and follow-up tasks added to update helm charts and other deployment config

Pull Requests:

• [x]

Follow-up:

• N/A

Dependencies:

• N/A

Accountability:

• Owner: @elnyry-sam-k
• QA/Review: Codeowners on repos

[elnyry-sam-k]

Follow-up in epic #4020