Qa-Test -> Stable-Test by Luisfc68 · Pull Request #758 · rsksmart/liquidity-provider-server

Luisfc68 · 2025-07-16T14:31:13Z

What

Version 2.2.0 changes

feat: generate and store quote creation data

test: add test for provider details endpoint

feat: add call fee calculation

Percentage-based fees | GBI-2527 | GBI-2531 | GBI-1838

fix: typo in creation data dto

Liquidity provider percentage fees feature

Flyover v2.1.2 release -> v2.2.0 branch

Percentage fees -> dev

fix: bson typo

* feat: devx automated documentation * fix: rename main -> master * fix: rename devportal workflow file * fix: remove score-cards * fix: feedback * fix: add badges

* fix: percentageFee error messages | GBI-2642&GBI-2643 * fix: golang-cli

* fix: improve error message format | GBI-2642 * fix: golang-cli * fix: add getCustomValidationMessage function * fix: move error handling to FE

Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.13.1 to 1.17.4. - [Release notes](https://github.com/mongodb/mongo-go-driver/releases) - [Commits](mongodb/mongo-go-driver@v1.13.1...v1.17.4) --- updated-dependencies: - dependency-name: go.mongodb.org/mongo-driver dependency-version: 1.17.4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

chore: update rsk version to 7.1.0

…org/mongo-driver-1.17.4

…o.mongodb.org/mongo-driver-1.17.4 chore(deps): bump go.mongodb.org/mongo-driver from 1.13.1 to 1.17.4

…btcsuite/btcd/btcec/v2-2.3.5

…ithub.com/btcsuite/btcd/btcec/v2-2.3.5 chore(deps): bump github.com/btcsuite/btcd/btcec/v2 from 2.3.2 to 2.3.5

Bumps [github.com/gorilla/sessions](https://github.com/gorilla/sessions) from 1.2.2 to 1.4.0. - [Release notes](https://github.com/gorilla/sessions/releases) - [Commits](gorilla/sessions@v1.2.2...v1.4.0) --- updated-dependencies: - dependency-name: github.com/gorilla/sessions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.17.0 to 10.26.0. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](go-playground/validator@v10.17.0...v10.26.0) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…ithub.com/go-playground/validator/v10-10.26.0 chore(deps): bump github.com/go-playground/validator/v10 from 10.17.0 to 10.26.0

…gorilla/sessions-1.4.0

…ithub.com/gorilla/sessions-1.4.0 chore(deps): bump github.com/gorilla/sessions from 1.2.2 to 1.4.0

Dependabot sync - Stable-Test -> QA-Test

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.37.0 to 0.40.0. - [Commits](golang/crypto@v0.37.0...v0.40.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…olang.org/x/crypto-0.40.0 chore(deps): bump golang.org/x/crypto from 0.37.0 to 0.40.0

Dependabot sync

github-actions · 2025-07-16T14:31:28Z

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
⚠️ 7 package(s) with unknown licenses.

See the Details below.

License Issues

go.mod

Package	Version	License	Issue Type
golang.org/x/crypto	0.40.0	Null	Unknown License
golang.org/x/net	0.41.0	Null	Unknown License
golang.org/x/sync	0.16.0	Null	Unknown License
golang.org/x/sys	0.34.0	Null	Unknown License
golang.org/x/term	0.33.0	Null	Unknown License
golang.org/x/text	0.27.0	Null	Unknown License
github.com/klauspost/compress	1.16.7	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

actions/actions/checkout

11bd71901bbe5b1630ceea73d27597364c9af683

🟢 5.2

Details

Check	Score	Reason
Maintained	⚠️ 0	1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	🟢 10	all changesets reviewed
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Packaging	⚠️ -1	packaging workflow not detected
Signed-Releases	⚠️ -1	no releases found
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
Branch-Protection	⚠️ -1	internal error: error during GetBranch(releases/v2): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy	🟢 9	security policy file detected
SAST	🟢 8	SAST tool detected but not run on all commits
Vulnerabilities	⚠️ 0	10 existing vulnerabilities detected

gomod/github.com/btcsuite/btcd/btcec/v2

2.3.5

🟢 6.3

Details

Check	Score	Reason
Maintained	🟢 10	30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Code-Review	🟢 8	Found 12/14 approved changesets -- score normalized to 8
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 4	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Packaging	🟢 10	packaging workflow detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	🟢 10	project is fuzzed
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	🟢 8	4 out of the last 4 releases have a total of 4 signed artifacts.
Pinned-Dependencies	🟢 4	dependency not pinned by hash detected -- score normalized to 4
Vulnerabilities	⚠️ 0	11 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

gomod/github.com/gabriel-vasile/mimetype

1.4.8

🟢 7.3

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	15 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts	🟢 10	no binaries found in the repo
Code-Review	⚠️ 0	Found 1/25 approved changesets -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
CII-Best-Practices	🟢 5	badge detected: Passing
Fuzzing	🟢 10	project is fuzzed
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	🟢 9	SAST tool detected but not run on all commits

gomod/github.com/go-playground/validator/v10

10.26.0

🟢 5.4

Details

Check	Score	Reason
Code-Review	🟢 9	Found 25/27 approved changesets -- score normalized to 9
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	18 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 7	3 existing vulnerabilities detected

gomod/github.com/gorilla/sessions

1.4.0

🟢 5.1

Details

Check	Score	Reason
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	🟢 6	Found 19/29 approved changesets -- score normalized to 6
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

gomod/github.com/klauspost/compress

1.16.7

🟢 6.6

Details

Check	Score	Reason
Security-Policy	🟢 10	security policy file detected
Code-Review	🟢 4	Found 10/22 approved changesets -- score normalized to 4
Maintained	🟢 7	6 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 7
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
Fuzzing	🟢 10	project is fuzzed
License	🟢 9	license file detected
Packaging	🟢 10	packaging workflow detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	🟢 9	SAST tool detected but not run on all commits

gomod/github.com/leodido/go-urn

1.4.0

🟢 4.8

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	⚠️ 0	Found 0/4 approved changesets -- score normalized to 0
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	⚠️ 0	0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Security-Policy	⚠️ 0	security policy file not detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

gomod/github.com/youmark/pkcs8

0.0.0-20240726163527-a2c0da244d78

🟢 4

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review	🟢 8	Found 12/15 approved changesets -- score normalized to 8
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 8	2 existing vulnerabilities detected

gomod/go.mongodb.org/mongo-driver

1.17.4

🟢 6.7

Details

Check	Score	Reason
Dependency-Update-Tool	🟢 10	update tool detected
Code-Review	🟢 10	all changesets reviewed
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 10	30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies	⚠️ 1	dependency not pinned by hash detected -- score normalized to 1
SAST	🟢 10	SAST tool is run on all commits
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Fuzzing	🟢 10	project is fuzzed
Vulnerabilities	🟢 8	2 existing vulnerabilities detected
Branch-Protection	🟢 4	branch protection is not maximal on development and all release branches
Security-Policy	⚠️ 0	security policy file not detected
License	🟢 10	license file detected
CI-Tests	🟢 10	18 out of 18 merged PRs checked by a CI test -- score normalized to 10
Contributors	🟢 10	project has 21 contributing companies or organizations

gomod/golang.org/x/crypto

0.40.0

Unknown

gomod/golang.org/x/net

0.41.0

Unknown

gomod/golang.org/x/sync

0.16.0

Unknown

gomod/golang.org/x/sys

0.34.0

Unknown

gomod/golang.org/x/term

0.33.0

Unknown

gomod/golang.org/x/text

0.27.0

Unknown

Scanned Files

.github/workflows/devPortal-update.yml
go.mod

Luisfc68 and others added 30 commits March 1, 2025 17:29

feat: generate and store quote creation data

cdeb62c

Merge pull request #649 from rsksmart/feature/GBI-2526

3306592

feat: generate and store quote creation data

Percentage-based fees | GBI-2527 | GBI-2531 | GBI-1838

0930eae

feat: add call fee calculation

ad0e0d6

test: add test for provider details endpoint

f2369cc

feedback improvements [1]

e9862c5

test: add nil cases

ce1cb80

Merge pull request #653 from rsksmart/feature/GBI-2529

b9665ca

test: add test for provider details endpoint

test coverage feedback [2]

a49a212

feedback improvements [3]

2222e24

fix linting [4]

aeeaf2c

shorten tests [5]

bd7f29a

further test shortening [6]

449678c

Merge pull request #654 from rsksmart/feature/GBI-2528

e65edfa

feat: add call fee calculation

fix: typo in creation data dto

5b1045e

Merge branch 'lp-percentage-fee' into feat-GBI-2527-2531-1838

8291d1f

feedback improvements [7]

82ffdf6

test.AssertNonZeroValues(t, dto) append

d90d1f6

fix test lint

749844a

Merge pull request #651 from rsksmart/feat-GBI-2527-2531-1838

e0ba214

Percentage-based fees | GBI-2527 | GBI-2531 | GBI-1838

Merge pull request #655 from rsksmart/creation-data-typo

d170358

fix: typo in creation data dto

Merge pull request #657 from rsksmart/lp-percentage-fee

c83750a

Liquidity provider percentage fees feature

Merge pull request #689 from rsksmart/master

ee324cb

Flyover v2.1.2 release -> v2.2.0 branch

Merge pull request #693 from rsksmart/flyover-2.2.0

68ea1aa

Percentage fees -> dev

fix: bson typo

4903ccd

Merge pull request #699 from rsksmart/fee_percentage_typo

fae467f

fix: bson typo

feat: DevX Automated Documentation | Flyover-2.2.0 (#700)

8401669

* feat: devx automated documentation * fix: rename main -> master * fix: rename devportal workflow file * fix: remove score-cards * fix: feedback * fix: add badges

hotfix: GBI-2647 and GBI-2648 (#706)

0591126

fix: GBI-2648 (#707)

45c6642

fix: percentageFee error messages | GBI-2642&GBI-2643 (#712)

f7ff155

* fix: percentageFee error messages | GBI-2642&GBI-2643 * fix: golang-cli

Dominikkq and others added 20 commits June 5, 2025 13:31

fix: further improve error message format/clarity | GBI-2642 (#716)

d96468d

* fix: improve error message format | GBI-2642 * fix: golang-cli * fix: add getCustomValidationMessage function * fix: move error handling to FE

Merge branch 'QA-Test' into feature/GBI-2701

1bd08cf

Merge pull request #715 from rsksmart/feature/GBI-2701

61b2b35

chore: update rsk version to 7.1.0

Merge branch 'QA-Test' into dependabot/go_modules/QA-Test/go.mongodb.…

0eccc7e

…org/mongo-driver-1.17.4

Merge pull request #718 from rsksmart/dependabot/go_modules/QA-Test/g…

3f90036

…o.mongodb.org/mongo-driver-1.17.4 chore(deps): bump go.mongodb.org/mongo-driver from 1.13.1 to 1.17.4

Merge branch 'QA-Test' into dependabot/go_modules/QA-Test/github.com/…

2c1d56b

…btcsuite/btcd/btcec/v2-2.3.5

Merge pull request #717 from rsksmart/dependabot/go_modules/QA-Test/g…

d69dc31

…ithub.com/btcsuite/btcd/btcec/v2-2.3.5 chore(deps): bump github.com/btcsuite/btcd/btcec/v2 from 2.3.2 to 2.3.5

Merge pull request #670 from rsksmart/dependabot/go_modules/QA-Test/g…

1e05eee

…ithub.com/go-playground/validator/v10-10.26.0 chore(deps): bump github.com/go-playground/validator/v10 from 10.17.0 to 10.26.0

Merge branch 'QA-Test' into dependabot/go_modules/QA-Test/github.com/…

7f1c935

…gorilla/sessions-1.4.0

Merge pull request #519 from rsksmart/dependabot/go_modules/QA-Test/g…

73c7a05

…ithub.com/gorilla/sessions-1.4.0 chore(deps): bump github.com/gorilla/sessions from 1.2.2 to 1.4.0

fix: char value error (#719)

d5527b2

Merge branch 'QA-Test' into stable-test-sync

d4eef1f

Merge pull request #728 from rsksmart/stable-test-sync

9924239

Dependabot sync - Stable-Test -> QA-Test

Merge pull request #752 from rsksmart/dependabot/go_modules/QA-Test/g…

474504a

…olang.org/x/crypto-0.40.0 chore(deps): bump golang.org/x/crypto from 0.37.0 to 0.40.0

Merge branch 'QA-Test' into Stable-Test

e8a443a

Merge pull request #757 from rsksmart/dependabot-sync

5facc38

Dependabot sync

Luisfc68 marked this pull request as ready for review July 16, 2025 14:31

Luisfc68 requested review from AndresQuijano, Dominikkq and MaximStanciu8 as code owners July 16, 2025 14:31

Luisfc68 closed this Jul 16, 2025

Luisfc68 reopened this Jul 16, 2025

Luisfc68 changed the base branch from master to Stable-Test July 16, 2025 14:32

MaximStanciu8 approved these changes Jul 16, 2025

View reviewed changes

Luisfc68 merged commit bedb47c into Stable-Test Jul 16, 2025
17 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Qa-Test -> Stable-Test#758

Qa-Test -> Stable-Test#758
Luisfc68 merged 52 commits intoStable-Testfrom
QA-Test

Luisfc68 commented Jul 16, 2025

Uh oh!

github-actions bot commented Jul 16, 2025 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

Luisfc68 commented Jul 16, 2025

What

Uh oh!

github-actions bot commented Jul 16, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

License Issues

go.mod

OpenSSF Scorecard

Scanned Files

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

github-actions bot commented Jul 16, 2025 •

edited

Loading