| - PR #8 + PR #9 | - refactor: yarn update and variable name + Feat: Socket swaps using SDK | - 1) Upgraded packages -2) Refactored chainlink contracts to be compatible with refactor -3) Protocol Route, Quote, etc types start with ProtocolName as prefix ex: Quote is now COWQuote or LIFIQuote + 1. Refactored chain_id 1. +> Old name MAINNET new name ETHEREUM + +2. Added socket swaps using the SDK +3. Performs single and multi tx swaps |
| - PR #7 - | -- - feat: uniswap swap execution - - | -
| - - | -- 1) added uniswap swaps -2) increased test async wait to 100,000ms from 30,000ms (uniswap multihop sometimes takes a while) - | -
| - PR #15 + PR #16 | - Update to an action + Update project brand |
| - PR #14 - | -- - Move to correct location - - | -
| - - | -
- |
-
| - PR #13 - | -- - Move to correct location - - | -
| - - | -
- |
-
| - PR #12 - | -- - Update PULL_REQUEST_TEMPLATE.md - - | -
| - - | -- Updated the existing pull request template with some changes. - | -
| + PR #546 + | ++ + add buttons to delete all components or the wallet + + | +
| + + | ++ #### Type of change + + + +- New feature + +#### Description +Added a new delete-all-components button and a delete-wallet button to the settings page. they are hidden by default to prevent mishaps. they can be shown by adding `?debug=true` to the url when on the `/settings` page, like `/settings?debug=true`, +- the delete-all-components button only appears to users w/ a `manager` role +- the delete-wallet button only appears to users w/ a `writer` role + + + | +
| + PR #135 + | ++ + Fix release build + + | +
| + + | ++ https://github.com/hyperledger-labs/fabric-operator/issues/114 + | +
| - feat: add new auth params ATL-5771 + feat: add new auth params |
| - PR #452 + PR #453 | - Shell updates + A couple random fixes for installer and service startup scripts | - A few small updates to make the pdo-shell argument processing consistent with the other client applications (so they all use the same parameter processing function from pdo.client.builder.shell). This update required some changes to the tests that invoke the shell. - -There are a couple of other small bug fixes included as well. + A couple small fixes to the installer (to preserve mode bits) and the services (to enable configuration variable override). |
| - PR #222 - | -- - Fix callbacks of IBC Module - - | -
| - - | -
- |
-
| - PR #251 + PR #254 | - Build cleanups; verify auditwheel output + chore: update version to dev 2 |
| + PR #253 + | ++ + fix: do not free string + + | +
| + + | ++ Based on discussion in this PR" https://github.com/hyperledger/aries-framework-javascript/pull/1606 + | +
| - PR #171 + PR #173 | - Added requested proof models - - | -
| - - | -- These includes self-attested attributes, unrevealed attributes and predicates. - | -
| - PR #170 - | -- - Added aggregate proof generation and data models + Added non revocation presentation proof holder |
| - PR #169 + PR #172 | - Added `eq_proof` and `ge_proofs` for presentation + Create SECURITY.md |
- |
| - PR #68 + PR #71 | - Update main.html + 0.10.4 try 2 |
- |
| - PR #67 + PR #70 | - 0.10.3 + Fix mistake in merge |
- |
+
+
| + PR #69 + | ++ + 0.10.4 + + | +
| + + | +
+ Signed-off-by: Stephen Curran |
| - PR #3 + PR #10 | - Initial Commit. + fix: allow merge commits |
- Use Traction Basic Message Storage as an example.
+ |
+
+
| + PR #9 + | ++ + Add MAINTAINERS.md + + | +
| + + | ++ I basically just copied this from aca-py. I'm not sure if there is extra info that can be removed. I removed the `toc` and go-ext` scopes. The rest seemed like they could stay. + +I added Jason Sherman and Daniel Bluhm as Admin's and that is it. + +Maybe Stephan Curran and Ry Jones would like to be added? + | +
| + PR #8 + | ++ + Bump urllib3 from 2.0.6 to 2.0.7 in /basicmessage_storage + + | +
| + dependencies + | +
+ Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.6 to 2.0.7.
+
+
+Release notes+Sourced from urllib3's releases. +++
+
+Changelog+Sourced from urllib3's changelog. +++
+
+Commits+ ++ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #7 + | ++ + Bump urllib3 from 2.0.6 to 2.0.7 in /basicmessage_storage/integration + + | +
| + dependencies + | +
+ Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.6 to 2.0.7.
+
+
+Release notes+Sourced from urllib3's releases. +++
+
+Changelog+Sourced from urllib3's changelog. +++
+
+Commits+ ++ +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
| - PR #1 + PR #5 | - Add settings + Advance repo - Add plugin, testing, update script |
- |
| - PR #21 + PR #23 | - build(deps-dev): Bump aiohttp from 3.8.4 to 3.8.5 + build(deps-dev): Bump urllib3 from 1.26.17 to 1.26.18 |
- Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.4 to 3.8.5.
+ Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.17 to 1.26.18.
Release notes-Sourced from aiohttp's releases. +Sourced from urllib3's releases. - Changelog-Sourced from aiohttp's changelog. +Sourced from urllib3's changelog. - Commits
- - -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-
- Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
-
-
| - PR #20 - | -- - build(deps-dev): Bump certifi from 2022.12.7 to 2023.7.22 - - | -
| - dependencies - | -
- Bumps [certifi](https://github.com/certifi/python-certifi) from 2022.12.7 to 2023.7.22.
-
-
Commits-
-[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -222,7 +92,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler |
| - PR #731 + PR #732 | @@ -32,7 +32,7 @@ permalink: /pull-requests/hyperledger/aries-agent-test-harness |
| - PR #189 + PR #191 | - Adjust lower maximum number of connections for sqlite + build(deps): bump @babel/traverse from 7.22.17 to 7.23.2 in /wrappers/javascript |
| - + dependenciesjavascript |
- Based on testing against ACA-Py. I believe that the `available_parallelism` method comes up with a lower number than `num_cpus::count` did on Github CI, but in general a maximum of 2 connections does seem too low.
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.17 to 7.23.2.
+
+
+Release notes+Sourced from ++ ... (truncated) +
+
+Changelog+Sourced from ++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
| + PR #2559 + | ++ + refactor: replace multiformats library + + | +
| + + | ++ This replaces the multiformats library with a very basic implementation included directly within ACA-Py. Given that the multiformats library has gone stale and my PR has languished, I think this is a good alternative to using that library. The implementation is very simple and currently only supports the minimum currently required by ACA-Py. Expanding the implementation in the future should be trivial. + +Fixes #2501 + | +
| + PR #2558 + | ++ + Fix: RevRegEntry Transaction Endorsement + + | +
| + + | ++ - resolve #2441 + | +
| - PR #35 + PR #37 | - Update agent image. + Enhancement: Introduce Support for Uploading CSV-Based Configuration | - Switch to official askar only image, and update to `0.10.3`. + This pull request resolves #38 -The previous agent version, 1.0.0-rc-0 is incompatible with ACA-Py >=1.10.1. See https://github.com/hyperledger/aries-cloudagent-python/issues/2528 +This enhancement adds the capability to configure your application using CSV files. The configuration is structured around the following classes: + +- AllowedPublicDid: + - Used for managing the publish_did file. + - Defines the registered_did attribute, which is a required string and serves as the primary key. + +- AllowedSchema: + - Intended for handling schema files. + - Includes attributes like author_did, schema_name, and version, all of which are mandatory and cannot be null. + +- AllowedCredentialDefinition: + - Specifically designed for the credential_definition file. + - Contains attributes such as issuer_did, author_did, schema_name, version, tag, rev_reg_def, and rev_reg_entry. All of these attributes are required and must have non-null values. + +This enhancement enables you to upload CSV files associated with each +of these classes, using either the POST or PUT methods. The choice +between POST and PUT dictates how the uploaded data interacts with the +existing configuration: + +POST: This method will replace the current configuration with the data from the uploaded CSV file. + +PUT: In contrast, the PUT method appends the data from the CSV file to the existing configuration, preserving the current state. + +This feature enhances the flexibility and ease of configuring your application by allowing you to manage your configuration using CSV files effortlessly. + + + +These enhancements are designed to make your application's configuration management more user-friendly and efficient. + + +An example csv for the scheme file would be + +```csv +author_did,schema_name,version +"3fa85f64-5717-4562-b3fc-2c963f66afa6","myschema","1.0" +``` + | + +
| + PR #36 + | ++ + Update maintainers list + + | +
| + + | ++ Suggesting the following change (additions) to the maintainers list: + +- @esune (myself) as I have been designing the enhancements to the endorser service required to automate some/all of the endorsement operations with fine-grained control +- @Gavinok as he has been the hands-on implementer of the above changes (see #34) |
| - PR #227 + PR #228 | - chore: release @aries-framework/transport-ble 0.2.1 + build(deps): bump @babel/traverse from 7.21.3 to 7.23.2 |
| - autorelease: taggedci-test + dependencies |
- :robot: I have created a release \*beep\* \*boop\*
----
-### [0.2.1](https://www.github.com/hyperledger/aries-framework-javascript-ext/compare/transport-ble-v0.2.0...transport-ble-v0.2.1) (2023-09-18)
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.3 to 7.23.2.
+
+
+Release notes+Sourced from ++ ... (truncated) +
+
+Changelog+Sourced from ++ ... (truncated) +
+
+Commits+
-### Bug Fixes +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) -* loosen types on ble inbound and outbound transport and session ([#226](https://www.github.com/hyperledger/aries-framework-javascript-ext/issues/226)) ([17c6203](https://www.github.com/hyperledger/aries-framework-javascript-ext/commit/17c6203b398ad2fd613bc237e2c852a86f44c444)) ---- +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) -This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). - |
-
| - PR #226 - | -- - fix: loosen types on ble inbound and outbound transport and session - - | -
| - - | -
- - Types were unnecessarily strict and this loosens it a bit.
- - Now `Peripheral` and `Central` are both allowed for inbound and outbound as they both extend `Ble`
+
+
Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
| - PR #1603 + PR #1610 | - fix: save AnonCredsCredentialRecord createdAt + fix: abandon proof protocol if presentation fails | - For some unfortunate reason, we are not saving `createdAt` at AnonCredsCredentialRecord creation. This is useful to do things like sorting credentials by their issuance date (something available with W3C Credential Reacords) + Abandon the proof protocol if the presentation processing fails. It will send a problem report, and it will set the error message on the proof record. |
| - PR #1601 + PR #1608 | - build(deps): bump @mattrglobal/bbs-signatures from 1.1.0 to 1.3.1 + build(deps): bump @babel/traverse from 7.21.4 to 7.23.2 |
- Bumps [@mattrglobal/bbs-signatures](https://github.com/mattrglobal/bbs-signatures) from 1.1.0 to 1.3.1.
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.4 to 7.23.2.
+
+
Release notes+Sourced from ++ ... (truncated) +Changelog-Sourced from Sourced from -+ ... (truncated) Commits
-[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -130,14 +306,66 @@ You can trigger Dependabot actions by commenting on this PR: - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-framework-javascript/network/alerts). |
| + PR #1607 + | ++ + feat(sd-jwt): Module for Issuer, Holder and verifier + + | +
| + + | ++ Opening as draft for now for intermediary reviews. + | +
| + PR #1606 + | ++ + feat!: upgrade shared components + + | +
| + + | ++ Upgrade aries-askar, anoncreds-rs and indy-vdr to their latest versions. This implies that we are dropping node 16 support. + | +
| - PR #135 + PR #136 | - build(deps): Bump postcss from 8.4.21 to 8.4.31 + build(deps): Bump @babel/traverse from 7.21.4 to 7.23.2 |
- Bumps [postcss](https://github.com/postcss/postcss) from 8.4.21 to 8.4.31.
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.4 to 7.23.2.
Release notes-Sourced from postcss's releases. +Sourced from -+ ... (truncated) Changelog-Sourced from postcss's changelog. +Sourced from -+ ... (truncated) Commits
-[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -177,7 +287,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler |
| - PR #100 + PR #102 | - build(deps): bump urllib3 from 1.26.15 to 1.26.17 in /multi-agent-load-test + build(deps): bump urllib3 from 1.26.17 to 1.26.18 in /multi-agent-load-test |
- Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.15 to 1.26.17.
+ Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.17 to 1.26.18.
Release notesSourced from urllib3's releases. -+
+
+Changelog+Sourced from urllib3's changelog. +++
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
+
| + PR #101 + | ++ + build(deps-dev): bump @babel/traverse from 7.14.0 to 7.23.2 in /acapy/controller + + | +
| + dependenciesjavascript + | +
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.14.0 to 7.23.2.
+
+
Release notes+Sourced from ++ ... (truncated) Changelog-Sourced from urllib3's changelog. +Sourced from -+ ... (truncated) Commits
-[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -108,7 +373,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler |
| - PR #993 + PR #1000 | - fix: edit button spacing + feat: add supported languages to configuration context | # Summary of Changes -with large wallet names the edit button would get pushed off the screen, added padding to make text wrap before it pushes button +Currently, all wallets need to support the three languages configured in the bifold (English, French and Portuguese). The aim of this PR is to enable you to change the default languages, so that you can choose only those you want to support. # Related Issues @@ -39,108 +39,6 @@ N/A Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. -- [ ] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [ ] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [ ] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - - | - -
| - PR #992 - | -- - feat: create OpenID4VCI package - - | -
| - - | -- # Summary of Changes - -Work in progress - -# Related Issues - -Please reference here any issue #'s that are relevant to this PR, or simply enter "N/A" if this PR does not relate to any existing issues. - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - -- [ ] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [ ] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [ ] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - - | -
| - PR #991 - | -- - ci: lock ruby environment - - | -
| - - | -- # Summary of Changes - -Replace this text with a high-level summary of the changes included in this PR. - -# Related Issues - -Please reference here any issue #'s that are relevant to this PR, or simply enter "N/A" if this PR does not relate to any existing issues. - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - - [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); - [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; - [x] Updated documentation as needed for changed code and new or modified features; @@ -159,7 +57,7 @@ _PR template adapted from the Python attrs project._ |
| - PR #990 + PR #998 | - fix: deeplink issue where no params are set + fix: fixed labels in chat and pin screen | # Summary of Changes -This PR fixes the deeplink error issue sometimes caused by other apps linking into Bifold / BC Wallet without params. The RootStack component is quite difficult to set up for unit / integration testing and it's a small change so I'm hoping we can slide this one by without, given the urgency. +- Updated the accessibility label on the pin screen, previously it would read out the translation template rather than the resulting value +- Updated link accessibility in chat. Labelled link items with the link accessibility role # Related Issues @@ -195,7 +94,7 @@ Tick all boxes below to demonstrate that you have completed the respective task. - [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); - [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; - [x] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. +- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! @@ -210,7 +109,7 @@ _PR template adapted from the Python attrs project._ |
| - PR #989 + PR #997 | - fix: add testIDs to wallet edit touchable components - - | -
| - - | -- # Summary of Changes - -Add testIDs to wallet edit touchable components. - - -# Related Issues - -n/a - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - -- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [x] Updated documentation as needed for changed code and new or modified features; -- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - - | -
| - PR #988 - | -- - refactor: publish core package + feat: delete connection from rejected mobile verifier proof | # Summary of Changes -- remove `packages/core` in favour of `packages/legacy/core` -- publish `packages/legacy/core` as `@hyperledger/aries-bifold-core` -- move verifier code to its own package: `@hyperledger/aries-bifold-verifier` -- standardize building/compiling process around [react-native-builder-bob](https://github.com/callstack/react-native-builder-bob) -- standardize/align/share typescript configuration file +Previously if the holder rejected a proof request while the mobile verifier was not on the proof requesting screen or had the app closed, the verifier would not delete the contact information of the holder. This change ensures that the contact is deleted for data privacy. + # Related Issues @@ -299,10 +143,10 @@ Please reference here any issue #'s that are relevant to this PR, or simply ente Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. -- [ ] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [ ] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [ ] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. +- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); +- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; +- [x] Updated documentation as needed for changed code and new or modified features; +- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! @@ -317,7 +161,7 @@ _PR template adapted from the Python attrs project._ |
| - PR #987 + PR #996 | - feat: add namespace support - - | -
| - - | -- # Summary of Changes - -Update the script that can rebuild the ledger genesis transaciton. Support was added so in builds in the `indyNamespace` property. - -```json -[ - { - "id": "BCovrinTest", - "indyNamespace": "bcovrin:test", - "isProduction": false, - ... -``` - -# Related Issues - -hyperledger/indy-did-networks#3 - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - -- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [x] Updated documentation as needed for changed code and new or modified features; -- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - - | -
| - PR #985 - | -- - chore: align dependencies + fix: line break when it’s a long attribute | # Summary of Changes -Each workspace package have it own package.json file. To avoid dependency conflict and unnecessary nested dependencies, I've aligned the dependency across all packages. -[syncpack](https://www.npmjs.com/package/syncpack) is a nice utility that can be run on a regular basis to keep the dependency aligned. +Line break when it’s a long attribute. +The previous attempt didn't cover all scenarios. +`marginRight` set to `logoHeight * 2` to compensate the left distance of `logoHeight + (logoHeight - padding) + padding` # Related Issues -Please reference here any issue #'s that are relevant to this PR, or simply enter "N/A" if this PR does not relate to any existing issues. +N/A # Pull Request Checklist Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. -- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [x] Updated documentation as needed for changed code and new or modified features; -- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. +- [X] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); +- [X] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; +- [X] Updated documentation as needed for changed code and new or modified features; +- [X] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! @@ -429,7 +214,7 @@ _PR template adapted from the Python attrs project._ |
| - PR #201 + PR #203 | - Fix for scenario @T011.2-Proof "Holder of a dismissed revoked notification reviews … + BCW Special and Extended characters tests | - Scenario : Holder of a dismissed revoked notification reviews revocation status again -Tag: @T011.2-Proof + This PR includes the addition of BCW Tests that test extended and special characters. -Added specific locators for both android and iOS -Added scroll to bottom before checking Revoked Date +It also adjusts the regression runs to the latest minor version of the iOS major versions. This way we don't test iOS 13.6 when iOS 13.8 is the latest. |
| - PR #200 - | -- - BC Wallet Wallet naming tests - - | -
| - - | -
- |
-
| - PR #1013 + PR #1019 | - Purge vdrtools + Bump rustix from 0.37.24 to 0.37.25 |
| - + dependenciesrust |
- Attempts to remove all unnecessary code from `libvdrtools`, keeping only the wallet and the anoncreds data structures definitions (for the `wallet_migrator` crate to use).
-
-Additionally, removed lint exemption and fixed lints in the crate while also removing the `migration` and `vdrtools/vdrtools_anoncreds` feature flags from `aries_vcx` and `aries_vcx_core`.
-
-Lastly, dependencies have been updated and tweaked. Of particular notice are `sqlx` which was bumped to the latest version (`0.7.1`) and `zeroize` which was bumped to the latest version (`1.6.0`).
+ Bumps [rustix](https://github.com/bytecodealliance/rustix) from 0.37.24 to 0.37.25.
+
+
+Commits+
- |
-
| - PR #1011 - | -- - Replace trait objects in libvcx_core with generics/concrete types - - | -
| - - | -
- Replaces as much as possible the usage of `Arc` and trait objects to use generics/concrete types instead. This will further aid in the refactor of the primitives interface traits.
-This PR also removes the feature flags for conditional anoncreds implementations in `libvcx_core` and node JS wrapper, relying entirely on `credx`.
+[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
+
+Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
+
+[//]: # (dependabot-automerge-start)
+[//]: # (dependabot-automerge-end)
+
+---
+
+
+
Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
| - PR #1010 + PR #1018 | - Release 0.59.1 + Add support for pickup protocol messages | - This is a patch release to "seal" changes in vdrtools -> credx wallet migration - -Release `0.60.0` will have `vdrtools -> credx` migration removed, as well as entire anoncreds portion of `vdrtools` (leaving only vdrtools wallet) + Ref: https://github.com/hyperledger/aries-rfcs/blob/main/features/0685-pickup-v2/README.md |
| - PR #1007 + PR #1017 | - Use a sequence of bytes (representing AriesMessage) as input for EncryptionEnvelope::create + Present Proof V2.0 message structures | - -This makes it more general, allowing use of the utility methods without worrying about the exact structure of `AriesMessage` passed in. In doing so, allows for also wrapping message types not yet recognized in aries_vcx. + Related, almost identical to: https://github.com/hyperledger/aries-vcx/pull/990 + +NOTE: I've gone with v2.0 (as opposed to v2.1 & v2.2), this is primarily because it seems to be what others (aca-py & AFJ) are targeting and expect. similarly, V2.0 is what AIP2.0 lists as it's requirement: https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0302-aries-interop-profile/README.md#base-requirements + +The changes are virtually identical to #990 , other changes include: +* moved `AttachmentFormatSpecifier` to a common place |
| - PR #1006 + PR #1016 | - Do not delete target wallet, do not fail migration on item-error + Extract primitives and remove Profile | - This is set of changes to make the migration. -- More graceful, one migration error should not halt migration of the rest. It's up to migrating user to evaluate whether the migration result is satisfactory. -- Idempotent - if migration fails for example due an IO error midway, it should be possible to finish it on 2nd try. - -Changes: -- If migration fails, do not delete the target wallet. -- Disable adding records to vdrtool cache when running migration. -- Do not fail migration if the record has unexpected format. Just skip it and log the record. -- If migration of the record itself fail, skip it and log. -- If adding item to target wallet fails due duplication error, skip it. For idempotency it would be ideal to overwrite it, but that would need digging deeper. For now, skipping these records still gives us idempotency under assumption item migration process was not changed between 2 migrations attempts. -- If adding item fails for other reason, fail the migration (likely IO error). - + This PR removes the `Profile` trait in favor of using independent components instead. Additionally, it aims to remove the shared usage of primitive components (making them depend on each other) and instead rely on function signatures to specifically ask for the components needed (without hidden implications that passing `Anoncreds` will also pass a `Wallet` instance). |
| + PR #1423 + | ++ + Bump @babel/traverse from 7.20.12 to 7.23.2 + + | +
| + dependencies + | +
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.12 to 7.23.2.
+
+
+Release notes+Sourced from ++ ... (truncated) +
+
+Changelog+Sourced from ++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #1 + | ++ + Add settings.yml + + | +
| + + | +
+ |
+
| - PR #6027 - | -- - Mining options refactor - - | -
| - - | -- - - -## PR description - -Before adding new mining options for upcoming features, I took some time to review and refactor mining options. -Mining parameters are a bit odd when compared to other options, since they do not follow the same pattern of using immutables, as for txpool options, stable options are defined in `BesuCommand`, and since that file is already too big, adding more options there should be avoided. - -For the refactoring I have reapplied most of the solutions used for the refactoring of txpool options (see #5772 if interested), with some novelty, since for mining configuration a new feature is required, that is having the possibility to update the value of some options at runtime. -One notable difference with #5772, is that _stable_ and _unstable_ options are no more split on two classes, since it make more sense to keep all the related options in a single place, also because some validations could make use of a mix of stable and unstable options, and for that it is better to have all of them in a single place. - -To implement the _update at runtime_ feature, in a thread safe way, unfortunately it is not possible to use the immutables library directly, so instead of using annotations, some code has to be added to the `MiningParameters` class to manage the updatables options. If the proposed solution prove to be effective and looks good, after it stabilize, we can also think of extending the immutables library to support this, or introduce our own annotations, or find another library that is best suited for managing configuration. -The _updatable_ parameters work like that: -- on startup their initial value is set, as usual from config file or CLI, -- these parameters have also a _set_, along with the normal _get_ one, -- the values are kept in _volatile_ fields, to make it multi thread friendly -- Note that initial values are kept in case it is needed, even if the parameters then updated at runtime, - -The proposed implementation also has the goal to centralize all the parameters in the `MiningParameters` class, and only passing this class around instead of passing single parameters, like `coinbase`, `extraData`, etc... so it should help readability and make easier to manage these parameter. - -More refactoring may be proposed in following PRs, to avoid making this one too big, for example `MiningParameters` could be renamed to `MiningConfiguration` for consistency with the naming of similar classes, then could make sense to pass mining parameters directly to RPC methods that update things like `coinbase`, `targetGasLimit` etc... instead of passing through other objects. - -## Fixed Issue(s) - - - | -
| - PR #46 + PR #51 | - Bump postcss and react-scripts in /examples/supplychain-app/supplychain-frontend + Bump @babel/traverse from 7.20.12 to 7.23.2 in /images/networkmap/website |
- Bumps [postcss](https://github.com/postcss/postcss) to 8.4.31 and updates ancestor dependency [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts). These dependencies need to be updated together.
-
-Updates `postcss` from 6.0.23 to 8.4.31
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.12 to 7.23.2.
Release notes-Sourced from postcss's releases. +Sourced from ++ ... (truncated) +
+
+Changelog+Sourced from -+ ... (truncated) +
+
+Commits
8.4.27++ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
+
| + PR #50 + | ++ + Bump @babel/traverse from 7.20.12 to 7.23.2 in /images/doorman/website + + | +
| + dependenciesjavascript + | +
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.12 to 7.23.2.
+
+
Release notes+Sourced from + ... (truncated) Changelog-Sourced from postcss's changelog. +Sourced from - ... (truncated) @@ -179,49 +520,305 @@ Updates `postcss` from 6.0.23 to 8.4.31Commits
-Updates `react-scripts` from 2.1.8 to 5.0.1 + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #49 + | ++ + Bump @babel/traverse from 7.19.1 to 7.23.2 in /examples/supplychain-app/supplychain-frontend + + | +
| + dependenciesjavascript + | +
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.19.1 to 7.23.2.
+
+
Release notes+Sourced from ++ ... (truncated) +Changelog-Sourced from react-scripts's changelog. +Sourced from -+ ... (truncated) Commits
+[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) @@ -252,7 +849,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler |
| - PR #2389 + PR #2394 | - fix:(corda-ent, shared) chart liniting errors, aes host ns hardcoding + feat(shared): add missing files for OS-specific command handling |
- |
| - PR #2388 + PR #2393 | - [shared] enable OS-specific command handling in helm charts + bug(r3-corda-ent): delete HashiCorp vault access and policies on network reset | - ### **Commit to be reviewed** ---- -**feat(shared): enable OS-specific command handling in helm charts** + +This pull request addresses the need to delete HashiCorp Vault access and policies when performing a network reset. -``` -This PR improves the handling of OS-specific commands within Helm charts. +changes made in: +1. platforms/r3-corda-ent/configuration/cleanup.yaml +2. platforms/r3-corda-ent/configuration/roles/delete/vault_secrets/tasks/main.yaml -Changes: -- Introduced a script to check the Operating System and its supporting package manager for efficient package installation. -- Added a ConfigMap object to insert the same above-mentioned script into the container, improving flexibility and compatibility. +fixes:#2390 + | + +
| + PR #2392 + | ++ + [fabric] Update chaincode charts to be compatible with version 2.5.4 + + | +
| + + | ++ Primary Changes +-------------- + 1. Updated chaincode charts + 2. Fixed a bug that occurred when creating the genesis file with an incorrect channel name -Additional change: -- Updated the StorageClass Helm chart to resolve the node affinity issue. +Modifications in docs +----------------------- +docs/source/_static/TopLevelClass-Fabric.png +docs/source/operations/fabric_networkyaml.md -There are only 3 platforms that are currently using OS-Specific Command in Helm Charts directly, and this PR is also made for these 3 platforms only: -- Quorum -- Hyperledger-Fabric -- Substrate -``` +Modifications in charts +----------------------- +platforms/hyperledger-fabric/charts/commit_chaincode/templates/commit_chaincode.yaml platforms/hyperledger-fabric/charts/install_chaincode/templates/install_chaincode.yaml -fixes #2366 +Modifications in roles and tpl files +----------------------- +platforms/hyperledger-fabric/configuration/chaincode-ops.yaml platforms/hyperledger-fabric/configuration/deploy-network.yaml platforms/hyperledger-fabric/configuration/roles/helm_component/templates/commit_chaincode_job.tpl + +Others Modifications +---------------------------------------- +platforms/hyperledger-fabric/configuration/samples/network-fabricv2.yaml + +fixes #2385 |
| - PR #2387 + PR #2389 | - update(docs): add readthedocs config file + fix:(corda-ent, shared) chart liniting errors, aes host ns hardcoding |
| + PR #2388 + | ++ + [shared] enable OS-specific command handling in helm charts + + | +
| + + | ++ ### **Commit to be reviewed** +--- +**feat(shared): enable OS-specific command handling in helm charts** + +``` +This PR improves the handling of OS-specific commands within Helm charts. + +Changes: +- Introduced a script to check the Operating System and its supporting package manager for efficient package installation. +- Added a ConfigMap object to insert the same above-mentioned script into the container, improving flexibility and compatibility. + +Additional change: +- Updated the StorageClass Helm chart to resolve the node affinity issue. + +There are only 3 platforms that are currently using OS-Specific Command in Helm Charts directly, and this PR is also made for these 3 platforms only: +- Quorum +- Hyperledger-Fabric +- Substrate +``` + +fixes #2366 + | +
| - PR #2782 + PR #2815 | - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/sdks/fabric/go-sdk + docs(examples/cbdc): update README.md with new instructions to run |
| - dependenciesgo + |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0.
-
-
-Commits-
+ Update README.md with new instructions to run the frontend. Previously, the source code was not in the project and a default Docker image was being provided. Now, developers can start the frontend development server directly and run the code with live reload. + |
+
| + PR #2814 + | ++ + feat(connector-corda): support corda 5 RC via TS/HTTP (no JVM) + + | +
| + + | ++ **Pull Request Requirements** +- [ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. + | +
| + PR #2808 + | ++ + fix(weaver-packages): removing unnecessary package-lock.json file + + | +
| + + | ++ The presence of this file raises dependabot alerts and PRs. The module containing this file is not currently being used, and is just a sample. Just retaining the `package.json` is enough for future maintenance. + +Fulfills what https://github.com/hyperledger/cacti/pull/2798 was trying to do but in a different way. + +**Pull Request Requirements** +- [ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. + | +
| + PR #2805 + | ++ + chore(packages-python): remove obsolete cactus_validator_socketio_iroha + + | +
| + + | ++ - Remove python iroha connector since it was superseded by openapi connectors for both iroha V1 and V2. +- Remove iroha-testnet setup since it was superseded by all-in-one images. + +**Pull Request Requirements** +- [x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [x] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. + | +
| + PR #2804 + | ++ + docs(maintainers): add outSH as a maintainer to the project + + | +
| + + | +
+ Congratulations @outSH! You are now a maintainer of the project.
----
+[skip ci]
+
+Signed-off-by: Peter Somogyvari |
+
| + PR #2803 + | ++ + fix(weaver): improper exception handling + + | +
| + + | ++ ## Description: +This pull request addresses issue #2767 improper exception handling. We need to wrap the expected exceptions in a try-catch block and handle them explicitly. + +### Changes: +- Enclosed the existing code within a try-catch block to capture exceptions. +- Added contextual information in the logs, and the exception is re-thrown within the getConfig() function, as part of the exception propagation process. + | +
| + PR #2802 + | ++ + docs(examples/cbdc): fix mismatch of Fabric identities in GET and POST requests + + | +
| + + | +
+ docs(examples/cbdc): fix mismatch of Fabric identities in GET, POST requests
+
+The state keys were not being generated correctly for some reason
+It was working before without code changes so my best guess is that
+the Fabric ledger/SDK versions were changed and that's what tripped it
+up somehow.
+
+Fixes #2739
+
+[skip ci]
+
+Co-authored-by: Peter Somogyvari |
+
| + PR #2797 + | ++ + build(deps): bump undici from 5.19.1 to 5.26.2 in /packages/cactus-plugin-ledger-connector-iroha2 + + | +
| + dependenciesjavascript + | +
+ [skip ci]
+
+Bumps [undici](https://github.com/nodejs/undici) from 5.19.1 to 5.26.2.
+
+
+Release notes+Sourced from undici's releases. +++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
| - PR #2779 + PR #2796 | - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/core/network/fabric-interop-cc/libs/assetexchange + build(deps): bump undici from 5.19.1 to 5.26.2 |
| - dependenciesgo + dependenciesjavascript |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0.
-
- Commits-
+
+Release notes+Sourced from undici's releases. +++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
-Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show + |
+
| + PR #2795 + | ++ + docs(weaver, cactus): fix typos + + | +
| + + | +
+
+[skip ci]
+
+Co-authored-by: Peter Somogyvari |
+
| + PR #2794 + | ++ + feat(cactus-plugin-ledger-connector-cdl-socketio): separate endpoint for subscription key + + | +
| + + | ++ - Add separate configurations for endpoints supporting access token and subscription key separately. +- This is required by current public instance of CDL. + +**Pull Request Requirements** +- [x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [X] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [X] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. + | +
| + PR #2793 + | ++ + build(deps): explicit bump of http-cache-semantics to >=4.1.1 + + | +
| + + | +
+ 1. Updated the yarn.lock file via yarn up -R and
+2. Also added a forced resolution of the versions in the root
+package.json for good measure.
-Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
+[skip ci]
-[//]: # (dependabot-automerge-start)
-[//]: # (dependabot-automerge-end)
+Fixes #2335
----
+Signed-off-by: Peter Somogyvari
-
+**Character Limit**
+[x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters).
+[x] Commit Message per line must not exceed 80 characters (including spaces and special characters).
+
+**A Must Read for Beginners**
+For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
| - PR #2775 + PR #2792 | - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/core/network/fabric-interop-cc/libs/utils + fix(security): address CVE-2021-3749 - axios >=0.22.0 |
| - dependenciesgo + |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0.
-
-
-Commits-
+ Ensured that axios is updated to >=0.22.0 in all packages that use it. +The only place where it was not possible to upgrade it through upgrading +transitive dependencies was the ubiquity connector package so for that one +I forced the issue through the resolutions section of the root package.json. -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +----------------------------------------------- -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +The GitHub Cacti security advisory: https://github.com/hyperledger/cacti/security/dependabot/361 -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +The general GitHub security advisory: https://github.com/advisories/GHSA-cph5-m8f7-6c5x ---- +Weaknesses +- [WeaknessCWE-400](https://cwe.mitre.org/data/definitions/400.html) +- [WeaknessCWE-1333](https://cwe.mitre.org/data/definitions/1333.html) -
-
+Fixes #2790
+
+[skip ci]
+
+Signed-off-by: Peter Somogyvari Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
| - PR #2774 + PR #2789 | - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/common/protos-go + fix(cmd-api-server): fix CVE-2023-36665 protobufjs try 2 |
| - dependenciesgo + |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0.
-
-
-Commits-
+ 1. Upgraded fabric-network from 2.2.10 to 2.2.18 wherever it was still 2.2.10 +2. Upgraded ipfs-http-client project-wide from 51.0.1 to 60.0.1 +3. Upgraded @google-cloud/secret-manager from 3.9.0 to 5.0.1 +This is the second try at fixing this issue. For some reason the first +PR didn't get it done. The most likely reason is that other commits +in the meantime added back the vulnerable versions of the packages, but +I'm not a 100% sure. -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[skip ci] -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +Fixes #2682 -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +Signed-off-by: Peter Somogyvari
-
+**A Must Read for Beginners**
+For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
| - PR #2773 + PR #2788 | - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/samples/fabric/simplestatewithacl + fix(security): remediate qs vulnerability CVE-2022-24999 |
| - dependenciesgo + |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0.
-
-
-Commits-
+ Mass-upgraded the following dependencies throughout the project to get +rid of the vulnerability in qs' older versions: +1. `express` +2. `body-parser` +GitHub Cacti Security Advisories: +1. https://github.com/hyperledger/cacti/security/dependabot/279 +2. https://github.com/hyperledger/cacti/security/dependabot/278 +3. https://github.com/hyperledger/cacti/security/dependabot/274 -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +CVE ID: CVE-2022-24999 +GHSA ID: GHSA-hrpp-h998-j3pp -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +[skip ci] -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +Signed-off-by: Peter Somogyvari
-
+**A Must Read for Beginners**
+For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
| - PR #2772 + PR #2787 | - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/samples/fabric/go-cli + fix(ledger-browser): fix vulnerability CVE-2022-37601 |
| - dependenciesgo + |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0.
-
-
-Commits-
- + GitHub Security Advisory link to the vulnerability: +https://github.com/hyperledger/cacti/security/dependabot/260 -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[skip ci] -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +Signed-off-by: Peter Somogyvari
-
+**A Must Read for Beginners**
+For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
| - PR #2770 + PR #2786 | - build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/fixtures/go/asset-transfer-private-data/chaincode-go + docs(cactus-test-plugin-ledger-connector-besu): add README.md file |
| - dependenciesgo + |
- Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0.
-
-
-Commits-
+ Added missing readme file for the test package. It doesn't do much but +it does explain the core concept behind the package and that it is not +something that can/should be used for production deployments. +Fixes #834 -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +Signed-off-by: Peter Somogyvari
-
+**A Must Read for Beginners**
+For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
| - PR #144 + PR #154 | - try to enable bft support + Bump google.golang.org/grpc from 1.58.3 to 1.59.0 + + | +
| + dependenciesgo + | +
+ Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.59.0.
+
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #153 + | ++ + Bump google.golang.org/grpc from 1.57.0 to 1.58.3 + + | +
| + dependenciesgo + | +
+ Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.58.3.
+
+
+Release notes+Sourced from google.golang.org/grpc's releases. +++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #151 + | ++ + Bump github.com/onsi/gomega from 1.27.0 to 1.28.0 + + | +
| + dependenciesgo + | +
+ Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.0 to 1.28.0.
+
+
+Release notes+Sourced from github.com/onsi/gomega's releases. +++ ... (truncated) +
+
+Changelog+Sourced from github.com/onsi/gomega's changelog. +++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #150 + | ++ + Bump github.com/onsi/ginkgo/v2 from 2.8.2 to 2.13.0 + + | +
| + dependenciesgo + | +
+ Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.8.2 to 2.13.0.
+
+
+Release notes+Sourced from github.com/onsi/ginkgo/v2's releases. +++ ... (truncated) +
+
+Changelog+Sourced from github.com/onsi/ginkgo/v2's changelog. +++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #149 + | ++ + Bump github.com/hyperledger/fabric-gateway from 1.3.1 to 1.3.2 + + | +
| + dependenciesgo + | +
+ Bumps [github.com/hyperledger/fabric-gateway](https://github.com/hyperledger/fabric-gateway) from 1.3.1 to 1.3.2.
+
+
+Release notes+Sourced from github.com/hyperledger/fabric-gateway's releases. +++
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #148 + | ++ + Bump actions/checkout from 3 to 4 + + | +
| + dependenciesgithub_actions + | +
+ Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
+
+
+Release notes+Sourced from actions/checkout's releases. +++ ... (truncated) +
+
+Changelog+Sourced from actions/checkout's changelog. +++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #147 + | ++ + CI: add depend bot setting |
| + PR #146 + | ++ + [WIP] 1st attempt for build peer cli + + | +
| + + | ++ 1st attempt for build peer cli +- peer and osadmin cli folder structure. +- some internal package refine. + +todo: +if the folder structure looks good, then adding for all peer lifecycle command impl and end to end test case. + | +
| + PR #384 + | ++ + Log expiry overrides + + | +
| + + | ++ If cert expiry during enrollment gets overridden +due to the CA's own expiry, log a message about the override (rather than a debug message). + + | +
| - PR #644 + PR #646 | - Update documentation for v1.4 release + Address uncalled Go vulnerability CVE-2023-39325 |
- |
| - PR #643 - | -- - Support for Node 20 - - | -
| - - | -
- |
-
| - PR #642 - | -- - Remove support for Node 16 - - | -
| - - | -- Node 16 reached [end of life](https://github.com/nodejs/release#end-of-life-releases) on 2023-09-11, and is no longer a supported Node version. - -Closes #614 - | -
| - PR #641 - | -- - Remove support for Go 1.19 - - | -
| - - | -- Since the release of Go 1.21 in August 2023, Go 1.19 has not been a supported Go version. - -Closes #615 - | -
| + PR #4486 + | ++ + Verify hash chain in BFT + + | +
| + + | +
+ |
+
| - PR #70 + PR #71 | - Update MAINTAINERS.md and CODEOWNERS + Fix goreleaser job |
| - PR #69 - | -- - Provide a config field for namespace base path - - | -
| - - | -- Added a field `namespaceBasePath` to customize namespace base path when they are different from `api/v1/namespaces/NN` - | -
| - PR #79 + PR #83 | - Update MAINTAINERS.md and CODEOWNERS + Add manual workflow for updating "latest" on npm |
| + PR #82 + | ++ + Backport fixes from 1.2 to 1.0 + + | +
| + + | +
+ |
+
| - PR #1415 + PR #1418 | - feature: changes to support upgrade to Fabric v2.5 TLS in Firefly CLI + Enable contract listeners with multiple filters |
| - + migration_consideration | - Updated GO to version 1.20 (Fabric 2.5 compatibility) and Ubuntu as the base instead of Alpine. - - Fixes this Issue: #1414 - - Related to the Firefly CLI change here: #https://github.com/hyperledger/firefly-cli/issues/268 - - E2E test passed: - - --- PASS: TestFabricMultipartyE2ESuite (137.02s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EBroadcast (3.97s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EBroadcastBlob (34.51s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EPrivate (3.74s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EPrivateBlobDatatypeTagged (3.71s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EWebhookExchange (7.61s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EWebhookRequestReplyNoTx (4.78s) - --- PASS: TestFabricMultipartyE2ESuite/TestStrongDatatypesBroadcast (7.58s) - --- PASS: TestFabricMultipartyE2ESuite/TestStrongDatatypesPrivate (7.29s) - --- PASS: TestFabricMultipartyE2ESuite/TestCustomChildIdentityBroadcasts (7.88s) - --- PASS: TestFabricMultipartyE2ESuite/TestCustomChildIdentityPrivate (11.26s) - --- PASS: TestFabricMultipartyE2ESuite/TestInvalidIdentityAlreadyRegistered (9.39s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EContractEvents (2.69s) -PASS -ok github.com/hyperledger/firefly/test/e2e/runners 137.028s + This PR adds the ability to listen to multiple types of events on the same contract listener, by adding an array of listeners, rather than a single event signature/location per listener. The old way of creating a listener is still accepted by the API, but it will always be returned in the filters array now. **This is a migration concern that needs to be documented.** + +## Open questions +One thing I'm not sure about here, is that this PR as-is removes the uniqueness constraint on listeners by topic/location/signature. It now allows multiples. I'm not sure if this is a problem or not. I can add that constraint back, but it would likely require some more sophisticated DB changes. Which brings me to the next point... + +Right now all the filters for a contract listener get serialized to JSON and stored in a single column. I lated realized this means we lose the ability to query/filter (no pun intended) by signature, location, etc. which we used to do, in order to check for duplicates. I'm not sure if this is required or not, but wanted to call it out. + +## Example + +### Create contract listener request +```json +{ + "filters": [ + { + "interface": { + "id": "aaa0e410-2b5b-4815-a80a-a18f2ae59f7d" + }, + "eventPath": "BatchPin", + "location": { + "address": "0xb0cd60ade460e797e0c9d206290ac4ed45672c60" + } + } + ], + "name": "CustomBatchPin", + "options": { + "firstEvent": "oldest" + }, + "topic": "batch-pin" +} +``` + +### Create contract listener response +```json +{ + "id": "acc0d227-1da4-4d0d-bbe0-0c60f754158f", + "namespace": "default", + "name": "CustomBatchPin", + "backendId": "018b258a-0c2c-07c0-5d59-50583ae91f1e", + "created": "2023-10-12T20:18:06.012167Z", + "filters": [ + { + "event": { + "name": "BatchPin", + "description": "", + "params": [ + { + "name": "author", + "schema": { + "type": "string", + "details": { + "type": "address", + "internalType": "address" + }, + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + }, + { + "name": "timestamp", + "schema": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "details": { + "type": "uint256", + "internalType": "uint256" + }, + "description": "An integer. You are recommended to use a JSON string. A JSON number can be used for values up to the safe maximum." + } + }, + { + "name": "action", + "schema": { + "type": "string", + "details": { + "type": "string", + "internalType": "string" + } + } + }, + { + "name": "uuids", + "schema": { + "type": "string", + "details": { + "type": "bytes32", + "internalType": "bytes32" + }, + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + }, + { + "name": "batchHash", + "schema": { + "type": "string", + "details": { + "type": "bytes32", + "internalType": "bytes32" + }, + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + }, + { + "name": "payloadRef", + "schema": { + "type": "string", + "details": { + "type": "string", + "internalType": "string" + } + } + }, + { + "name": "contexts", + "schema": { + "type": "array", + "details": { + "type": "bytes32[]", + "internalType": "bytes32[]" + }, + "items": { + "type": "string", + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + } + } + ] + }, + "location": { + "address": "0xb0cd60ade460e797e0c9d206290ac4ed45672c60" + }, + "interface": { + "id": "aaa0e410-2b5b-4815-a80a-a18f2ae59f7d" + }, + "signature": "BatchPin(address,uint256,string,bytes32,bytes32,string,bytes32[])" + } + ], + "topic": "batch-pin", + "options": { + "firstEvent": "oldest" + } +} +``` |
| - PR #1413 - | -- - Add docs for AND/OR option - - | -
| - - | -- See detail in https://github.com/hyperledger/firefly-common/pull/71 - | -
| - PR #224 + PR #229 | - Update to indy-data-types 0.7; remove indy-utils + Bump @babel/traverse from 7.22.10 to 7.23.2 in /wrappers/javascript + + | +
| + dependenciesjavascript + | +
+ Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.10 to 7.23.2.
+
+
+Release notes+Sourced from ++ ... (truncated) +
+
+Changelog+Sourced from ++ ... (truncated) +
+
+Commits+
+ + +[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+
+ Dependabot commands and options++ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show |
+
| + PR #228 + | ++ + make lerna look for the correct packages |
- The functionality of indy-utils has been merged into indy-data-types in 0.7. This update includes the new versions of the ed25519/curve25519-dalek dependencies.
+ Signed-off-by: Berend Sliedrecht |
| - PR #381 - | -- - Bump org.yaml:snakeyaml from 2.0 to 2.2 - - | -
| - dependenciesjava - | -
- Bumps [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) from 2.0 to 2.2.
-
-
-Commits-
- - -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-
- Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
-
| - PR #380 - | -- - Bump com.github.docker-java:docker-java from 3.3.0 to 3.3.3 - - | -
| - dependenciesjava - | -
- Bumps [com.github.docker-java:docker-java](https://github.com/docker-java/docker-java) from 3.3.0 to 3.3.3.
-
-
-Release notes-Sourced from com.github.docker-java:docker-java's releases. ---
-
-Commits-
- - -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-
- Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
-
| - PR #379 - | -- - Bump org.gradle.toolchains.foojay-resolver-convention from 0.5.0 to 0.7.0 - - | -
| - dependenciesjava - | -
- Bumps org.gradle.toolchains.foojay-resolver-convention from 0.5.0 to 0.7.0.
-
-
-[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
-
-Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
-
-[//]: # (dependabot-automerge-start)
-[//]: # (dependabot-automerge-end)
-
----
-
-
-
- Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
-
| - PR #378 - | -- - Bump gradle/gradle-build-action from 2.3.3 to 2.9.0 - - | -
| - dependenciesgithub_actions - | -
- Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2.3.3 to 2.9.0.
-
-
-Release notes-Sourced from gradle/gradle-build-action's releases. --- ... (truncated) -
-
-Commits-
- - -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-
- Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
-
| - PR #377 - | -- - Bump actions/checkout from 3 to 4 - - | -
| - dependenciesgithub_actions - | -
- Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
-
-
-Release notes-Sourced from actions/checkout's releases. --- ... (truncated) -
-
-Changelog-Sourced from actions/checkout's changelog. --- ... (truncated) -
-
-Commits-
- - -[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-
- Dependabot commands and options-- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show |
-
| - PR #376 - | -- - [fix]: fix visit transfer asset definition - - | -
| - - | -- and update validator.wasm - | -
| - PR #170 + PR #174 | - October 5, 2023 Agenda + October 19 2023 Meeting |
| + PR #173 + | ++ + Add Caliper 2023 Q3 project status report + + | +
| + quarterly-report + | +
+ |
+
| + PR #172 + | ++ + 2023 Q4 Report Cacti + + | +
| + quarterly-report + | +
+ docs(project/reports/2023): add Cacti Q4 report
+
+Signed-off-by: Peter Somogyvari |
+
| + PR #171 + | ++ + Add Hyperledger Fabric 2023 Q4 report + + | +
| + quarterly-report + | ++ Add Hyperledger Fabric 2023 Q4 report. + | +