Releases: hyperledger-cacti/cacti
Releases · hyperledger-cacti/cacti
v1.1.2
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.1.2 (2022-11-11)
Note: Version bump only for package @hyperledger/cactus
v1.1.1
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.1.1 (2022-11-03)
Bug Fixes
- plugin-keychain-vault: hyper upgrade (3062343), closes #2120
- security: vulnerabilities found in besu-all-in-one #2055 (2ce098f)
- tools: ghcr-quorum-multi-party-all-in-one pip install (5809fd8), closes #2183
Features
v1.1.0
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.1.0 (2022-10-17)
Bug Fixes
- api-server: allow no authorization on socketio endpoints (bf51960), closes #1925
- cactus-example-discounted-asset-trade: enable (12e972e), closes #2145
- cactus-example-electricity-trade: enable tsconfig strict flag an… (f7e726c), closes #2144
- cactus-verifier-client: update supported ledgers in readme (84f3bae)
- custom-checks script from package.json does not work #1809 (dba3331)
- deps: force minimist >=1.2.6 for CVE-2021-44906 (b96806a), closes #1943
- remove skip to pass test case (99cb9a7), closes #1957
- resolve some CodeQL warnings (824f5c8)
- security: address CVE-2017-16138 Fixes: #1776 (9f1d013)
- security: address CVE-2021-23337 (eccef40), closes #1778
- security: address CVE-2021-23358 (ed71f42), closes #1775
- security: address CVE-2022-29244, CVE-2021-39135 (7309f2a), closes #2136
- security: close DDoS vulnerability in eth tx consistenty strategy (64b61a7), closes #2001
- security: ensure node-forge > 1.3.0 for CVE-2022-24772 (38fe287), closes #1947
- security: mitigate Cross-Site Scripting attack (XSS) (2cb68c3)
Code Refactoring
- examples: include sample apps in monorepo build (51ac163)
Features
- add jwt authorization to supply chain example (a4f07f6), closes #1579
- connector-fabric: add GetBlock operation to fabric connectors (00572ed), closes #2124
- connector-iroha: sending transactions signed on the client-side (da94cd6)
- corda4: implement monitoring of state changes (865ec2f), closes #1610
- keychain-aws-sm: bootstrap readme.md (060f351), closes #968
- keychain-azure-kv: complete request handler and endpoints (932df10), closes #1010 #1349
- odap-plugin: addition of client endpoints (cfa8db6)
- odap-plugin: backup gateway implementation (61da528)
- odap-plugin: odap crash recovery first implementation (2e94ef8)
- quorum-connector: implement validator interface on go-quorum-connector (8d36bea), closes #1604
- sawtooth-ledger: add single sawtooth test ledger image (cd4c746), closes #2108 #2030
- secret: remove Validator/Verifier secret keys from repository (59b4af4)
- socketio-server: cross site scripting attack (a5303ed)
- substrate-aio: add ws-port argument (fbb9859)
BREAKING CHANGES
- examples: building discounted-asset-trade app (or any future app that use indy validator)
requires Indy SDK to be installed on the build machine.
Closes: 2029
Signed-off-by: Michal Bajer michal.bajer@fujitsu.com
v1.0.0
As part of the continual effort to mitigate risks, the current 1.0.0 release is undergoing a a third-party security audit at the time of this writing. The process will take about 6 to 8 weeks to complete, but we are planning to keep the 1.0.0 API stability in place as dictated by the semantic versioning rules.
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.0.0 (2022-03-16)
Bug Fixes
- 1852: slow breakpoints (ff02ba1), closes #1852
- add optional auth token to api-client and consortium-manual (c2feebf), closes #1579
- cmd-api-server: add express static rate limiting (190cf12), closes #1840
- cmd-api-server: disable validateKeyPairMatch (7deaa22)
- cmd-api-server: upgrade socket.io - CVE-2022-21676 (8e1c69e), closes #1914
- config-service validator throws warnings (877dcab)
- connector-besu/quorum/xdai: unvalidated dynamic method call (bdc1aba), closes #1911
- connector-fabric: uncontrolled data used in path expression (ef0981d), closes #1909
- deps: ensure glob-parent is above 5.1.2 - CVE-2020-28469 (23ded0f), closes #1916
- fix faulty shutdownHook definition in the Config-Schema (fbae2da), closes #1648
- plugin-ledger-connector-fabric-socketio: upgrade Fabric due to jsrsasign (a9ecb19), closes #1754 #1799
- plugin-odap-hermes: remove extraneous dependencies (87af023), closes #1641
- remove jade dependencies (f4ce09e), closes #1662
- reset script from package.json does not work #1656 (c74e002)
- security: address CVE-2019-5413 (212b770), closes #1777
- security: address CVE-2021-23358 - TEMPORARY fix (2fdee4f), closes #1775
- security: ensure ansi-html > 0.0.8 - CVE-2021-23424 (e3e2d1c), closes #1920
- security: force lodash > 4.17.20 - CVE-2020-8203 (08ace66), closes #1918
- security: upgrade to yarn > 1.22.0 - CVE-2019-10773, CVE-2020-8131 (43d591d), closes #1922
- security: upgrade web3 to upgrade elliptic > 6.5.4 (5513848), closes #1639
- set apiServerOptions.configFile="" (5c5a1e1), closes #1619
- shutdown hook configuration is using wrong config key (e760e04), closes #1619
Features
- cactus-api-client: add support for plain socketio validators in api-server and api-client (634b10e), closes #1602 #1602
- cactus-api-client: common verifier-factory (2f70a64), closes #1878
- connector-corda: enable Flow Database Access CorDapp (60dfe1a), closes #1493
- connector-corda: read privateKey from filesystem (e7e39fd), closes #789
- connector-xdai: remove hard dependency on keychain (da793c5), closes #1162
- core-api: add weaver protobuf codegen #1556 (b5b68a7)
v1.0.0-rc.3
v1.0.0-rc.3
This tag was signed with the committer’s verified signature.
petermetz
Peter Somogyvari
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.0.0-rc.3 (2021-12-07)
Bug Fixes
- added a dummy package (e1e8aee), closes #1210
- cmd-api-server: build occasionally broken - protoc-gen-ts #1563 (c2ecba5)
- cmd-api-server: cockpit off by default #1239 (10344b5)
- connector-corda: add script to remove files before generate them (58d1ce9), closes #1559
- connector-fabric: chain code deployment fails >1 scp concurrency (71c9063), closes #1570
- connector-quorum: transaction with different credentials #1098 (af6c240)
- deps: sibling package dependencies keychain-memory 0.6.0 #1532 (d01d72d)
- endpoints implementation in corda plugin (21a22b5), closes #1346
- fixes 1445 and implementing correct interface types (9022064), closes #1445
- openapi validation for corda server endpoints (21fc5ba)
- openapi validation for keychain-aws-sm plugin (b270d28), closes #847
- security: remedy CVE-2021-3749 (b33aa90), closes #1569
- security: upgrade fabric-common to 2.2.10 or later (45c4a69), closes #1600
- supply-chain-app: enable cockpit in supply-chain (4a65b96), closes #1622
- tools: fix the names of scripts on README (93360e1)
Features
- core-api: add weaver protocol buffer definitions #1523 (851c071)
- docs: upated maintainers list (b5c94dc)
- example: make cartrade support more environments (e7e0402)
- odap: first implemenation for odap plugin and endpoints (51bf753)
- test-tooling: embed couch-db image in the faio (95d956d)
- test-tooling: env injenction for Besu, Fabric, Quorum AIOs (bb0352d), closes #1580
- test-tooling: faio features and improvements (794e8b8)
v1.0.0-rc.2
v1.0.0-rc.2
This tag was signed with the committer’s verified signature.
petermetz
Peter Somogyvari
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.0.0-rc.2 (2021-11-01)
Bug Fixes
- fixes issue 1444 invoking the onPluginInit (0b4dc2e), closes #1444
- lint: fix issue #1359 (f7eb39b)
- lint: fix issue #1359 (d067df2)
- openapi validation for keychain-google-sm plugin (45f8c7c), closes #847
Features
- allows for constructor args in quorum contract deploy (cb3c8d8), closes #962
- common: add Strings#isNonBlank() (8d7d247)
- connector-fabric: support for FabricSigningCredentialType.WsX509 (50e666f)
- htlc-coordinator: new htlc coordinator (28c97d3), closes #953
- option to enable a graceful shutdown via cli (c345cb0)
- plugin-keychain-memory-wasm: add WebAssmebly PoC (df94397), closes #1281
v1.0.0-rc1
v1.0.0-rc.1
This tag was signed with the committer’s verified signature.
petermetz
Peter Somogyvari
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
1.0.0-rc.1 (2021-10-11)
Bug Fixes
- cmd-api-server: enable version selection in plugins (b982777), closes #839 #840
- cmd-socker-server: delete unnecessary files on cmd-socker-server (20e15cd)
- core-api: modifications in openapi specs (96c8b82)
- openapi tests for besu, htlc-eth-besu and htlc-eth-besu-erc20 (b9170e9), closes #1291 #847
- openapi validation test for fabric plugin (01a5eb4), closes #1295 #847
- openapi validation test for iroha plugin (6deed6d), closes #1331 #847
- plugin-ledger-connector-quorum: no keychain endpoints (15cf65c)
- tools: add docker network on tools/docker/sawtooth ledger (8a0d182)
- tools: fix the wallet config of fabcar chaincode on tools/docker/fabric ledger (7ab0c44)
- webpack: prod build chokes on upgraded ssh2 binaries #1405 (18979fb)
Features
- besu-test-ledger: added omitPull parameter to besu test ledger (336a024)
- cmd-server-socket: add a communication test to open-api validators (c1fe6a0)
- cmd-server-socket: add validator-registry setting (1d1ce21)
- connector-go-ethereum: add the docker environment (2583cc7)
- connector-iroha-socket: add sendAsyncRequest feature on connector (6bad29b)
- connector-quorum: containerize plugin (d016678)
- connector-sawtooth: add the docker environment of Validator on connector-sawtooth-socketio (7a57ea4)
- fabric-connector: add transact receipt (c6d1b7a)
- keychain-aws-sm: complete request handler and endpoint (e6099b8), closes #967 #1349
- keychain-google-sm: complete request handler and endpoints (9c7bab5), closes #1097 #1349
- tools: substrate test ledger (1a5edea)
v0.10.0
Change Log
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
0.10.0 (2021-09-28)
Bug Fixes
- discounted-cartrade: modify README.md (9a3d89a)
- openapi validation test for consortium-manual plugin (c568ad3), closes #1297 #847
- openapi validation test for keychain-vault plugin (6630ebe), closes #1329 #847
- openapi validation test for quorum plugin (8a4222a), closes #1286 #847
- openapi validation test for xdai plugin (ba8a784), closes #1288 #847
- test: flaky fabric AIO container boot #876 (beefcef), closes #718 #320 #319
- validators: add some missing parts (9a8f7db)
Features
- besu: support besu v21.1.6 #982 (d715c67)
- ci: skip check when only documentation files #1014 (8937576)
- corda: support corda v4.8 #889 (5f45813)
- core-api: discontinue dedicated HTTP listeners for web service plugins (3fbd2fc), closes #358
- core: add installOpenapiValidationMiddleware (1f6ea5f), closes #847
- improve-indy-testnet-docker: auto-start server on container startup #1308 (35b20ac)
- quorum-connector: remove hard dependency on keychain (5bf13e9)
- validator: add a draft of Iroha Validator (466db28)
v0.9.0
All notable changes to this project will be documented in this file.
See Conventional Commits for commit guidelines.
0.9.0 (2021-08-31)
Bug Fixes
- check for req function onPluginInit in isCactusPlugin (f5ffb92), closes #1277
- cmd-api-server: add missing deps remove unused ones #1226 (b348e42)
- examples: front-end packages missing browserify polyfills #1224 (4cc6f2c)
- indy-validator: fixing indy validator initialization (d9f6d5d)
- remove no longer working scripts from package.json (fcf26ed), closes #1271
Features
- besu private transaction support (53b4980)
- cmd-api-server: support grpc web services #1189 (4cace1d)
- connector-fabric: add support for vault transit secret engine (2161e0d)
- connector-iroha: adds connector plugin (4745df0)
- corda: resolves #888 (d4af647)
- iroha: add iroha AIO image and iroha test ledger (1eb811a)