movesfinancial · Oct 3, 2023 · Oct 3, 2023 · Oct 3, 2023 · Oct 3, 2023 · Oct 18, 2023
diff --git a/.github/workflows/CI-appsec-blackduck-master.yml b/.github/workflows/CI-appsec-blackduck-master.yml
@@ -4,6 +4,12 @@ on:
     #At 13:00 on every day-of-week from Sunday through Thursday.
     - cron: '0 13 * * SUN-THU'
   workflow_dispatch:
+  #The workflow will only run when a push that includes a change to the package.json file is made in the main branch.
+  push:
+    branches:
+      - main
+    paths:
+      - 'package.json'
 
 jobs:
   blackduck-scan:
@@ -12,18 +18,31 @@ jobs:
       - name: Checkout Source
         uses: actions/checkout@v3
 
-      - name: Black Duck Intelligent Scan
-        uses: synopsys-sig/synopsys-action@v1.2.0
-        ### Use below configurations to set specific detect environment varibales
+
+      - name: Black Duck Full Scan
+        uses: synopsys-sig/synopsys-action@v1.6.0
+
+        ### Use below configuration to set specific detect environment variables
         env:
           DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+          DETECT_PROJECT_VERSION_NAME: main
         with:
           blackduck_url: ${{ secrets.BLACKDUCK_URL }}
-          blackduck_apiToken: ${{ secrets.BLACKDUCK_API_TOKEN }}
+          blackduck_token: ${{ secrets.BLACKDUCK_API_TOKEN }}
           blackduck_scan_full: true
+
           ### Accepts Multiple Values
+          blackduck_scan_failure_severities: 'BLOCKER,CRITICAL'
+
+          ### Uncomment below configuration to enable automatic fix pull request creation if vulnerabilities are reported
+          blackduck_fixpr_enabled: true
+          blackduck_fixpr_maxCount: 5
+          blackduck_fixpr_filter_severities: 'CRITICAL,HIGH'
+          blackduck_fixpr_useUpgradeGuidance: 'SHORT_TERM,LONG_TERM'
+          github_token: ${{ secrets.GITHUB_TOKEN }} # Mandatory when blackduck_fixpr_enabled is set to 'true'
+
           ### Uncomment below configuration if Synopsys Bridge diagnostic files needs to be uploaded
-          # include_diagnostics: true  
+          # include_diagnostics: true
 
       - name: If failed - Configure 1Password Service Account For Slack Webhook URL Secret
         uses: 1password/load-secrets-action/configure@v1
@@ -52,4 +71,5 @@ jobs:
            mention_users_when: "failure,warnings"
            mention_groups: "!channel"
         env:
-           SLACK_WEBHOOK_URL: ${{ env.SLACK_WEBHOOK_URL }}
+           SLACK_WEBHOOK_URL: ${{ env.SLACK_WEBHOOK_URL }}
+
diff --git a/.github/workflows/CI-appsec-blackduck-pr.yml b/.github/workflows/CI-appsec-blackduck-pr.yml
@@ -11,21 +11,23 @@ jobs:
       - name: Checkout Source
         uses: actions/checkout@v3
 
-      - name: On pull requests - Black Duck RAPID Scan
-        if: ${{ github.event_name == 'pull_request' }}
-        uses: synopsys-sig/synopsys-action@v1.2.0
-          ### Use below configurations to set specific detect environment varibales
+      - name: Black Duck PR Scan
+        uses: synopsys-sig/synopsys-action@v1.6.0
+
+        ### Use below configuration to set specific detect environment variables
         env:
           DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+          DETECT_PROJECT_VERSION_NAME: main
         with:
           blackduck_url: ${{ secrets.BLACKDUCK_URL }}
-          blackduck_apiToken: ${{ secrets.BLACKDUCK_API_TOKEN }}
+          blackduck_token: ${{ secrets.BLACKDUCK_API_TOKEN }}
           blackduck_scan_full: false
-          ### Accepts Multiple Values
-          #blackduck_scan_failure_severities: 'BLOCKER,CRITICAL'
+
           ### Below configuration is used to enable automatic pull request comment based on Black Duck scan result
-          blackduck_automation_prcomment: true
-          github_token: ${{ secrets.GITHUB_TOKEN }} # Mandatory when blackduck_automation_prcomment is set to 'true'
+          blackduck_prComment_enabled: true
+          github_token: ${{ secrets.GITHUB_TOKEN }} 
+          # Mandatory when blackduck_automation_prcomment is set to 'true'
+
           ### Uncomment below configuration if Synopsys Bridge diagnostic files needs to be uploaded
           # include_diagnostics: true
 
@@ -57,3 +59,4 @@ jobs:
            mention_groups: "!channel"
         env:
            SLACK_WEBHOOK_URL: ${{ env.SLACK_WEBHOOK_URL }}
+
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -17,4 +17,5 @@ jobs:
           touch .env
           echo UNIT_TOKEN=${{ secrets.UNIT_TOKEN }} >> .env
           echo UNIT_API_URL=${{ secrets.UNIT_API_URL }} >> .env
+          echo TEST_COUNTERPARTY_PLAID_TOKEN=${{ secrets.TEST_COUNTERPARTY_PLAID_TOKEN }} >> .env
       - run: npm run test
diff --git a/helpers.ts b/helpers.ts
@@ -1,11 +1,11 @@
 import { AddAuthorizedUsersRequest, BeneficialOwner, CloseAccountRequest, CloseAccountType, CloseReason, MobileWalletPayloadRequest, RemoveAuthorizedUsersRequest } from "./types"
 import { State, Address, FullName, Phone, Status, Title, Officer, BusinessContact, AuthorizedUser, Counterparty, Coordinates, UsAddress, InternationalAddress, Relationship, RelationshipsArrayData } from "./types/common"
-export function createUsAddress(street: string, street2: string | null, city: string, state: State | null, postalCode: string, country: "US"): UsAddress {
+export function createUsAddress(street: string, street2: string | null, city: string, state: State, postalCode: string, country: "US"): UsAddress {
     return {
         street,
         ...(street2 && { street2 }),
         city,
-        ...(state && { state }),
+        state,
         postalCode,
         country
     }

diff --git a/jest.setup.js b/jest.setup.js
@@ -1 +1 @@
-jest.setTimeout(30000);
+jest.setTimeout(45000);