From ac283441acab01ec8d0320d4a38916e92dece6fc Mon Sep 17 00:00:00 2001 From: Hyperledger Bot Date: Thu, 19 Oct 2023 11:20:14 -0700 Subject: [PATCH] Update PRs (#5311) --- .../benchmarking-cross-chain-bridges.md | 41 +- .../documentation-template.md | 84 +- .../fabric-operations-console.md | 37 + .../hyperledger-labs/fabric-operator.md | 26 + .../hyperledger-labs/open-enterprise-agent.md | 2 +- .../hyperledger-labs/private-data-objects.md | 10 +- .../hyperledger-labs/yui-ibc-solidity.md | 26 - pull-requests/hyperledger/anoncreds-rs.md | 32 +- pull-requests/hyperledger/anoncreds-spec.md | 48 +- pull-requests/hyperledger/aries-acapy-docs.md | 45 +- .../hyperledger/aries-acapy-plugins.md | 237 +++- .../hyperledger/aries-acapy-tools.md | 160 +-- .../hyperledger/aries-agent-test-harness.md | 4 +- pull-requests/hyperledger/aries-askar.md | 265 ++++- .../hyperledger/aries-cloudagent-python.md | 54 + .../hyperledger/aries-endorser-service.md | 74 +- .../aries-framework-javascript-ext.md | 290 ++++- .../hyperledger/aries-framework-javascript.md | 308 ++++- .../hyperledger/aries-javascript-docs.md | 238 ++-- .../hyperledger/aries-mediator-service.md | 317 +++++- .../aries-mobile-agent-react-native.md | 275 +---- .../hyperledger/aries-mobile-test-harness.md | 38 +- pull-requests/hyperledger/aries-vcx.md | 121 +- pull-requests/hyperledger/besu-docs.md | 281 +++++ pull-requests/hyperledger/besu-verkle-trie.md | 38 + pull-requests/hyperledger/besu.md | 50 - pull-requests/hyperledger/bevel-samples.md | 805 +++++++++++-- pull-requests/hyperledger/bevel.md | 145 ++- pull-requests/hyperledger/cacti.md | 1013 ++++++++++++----- pull-requests/hyperledger/fabric-admin-sdk.md | 922 ++++++++++++++- pull-requests/hyperledger/fabric-ca.md | 28 + pull-requests/hyperledger/fabric-gateway.md | 91 +- pull-requests/hyperledger/fabric.md | 26 + pull-requests/hyperledger/firefly-perf-cli.md | 32 +- .../hyperledger/firefly-sdk-nodejs.md | 32 +- pull-requests/hyperledger/firefly.md | 204 +++- pull-requests/hyperledger/indy-vdr.md | 290 ++++- pull-requests/hyperledger/iroha-java.md | 592 ---------- pull-requests/hyperledger/toc.md | 92 +- trending/recent-prs.md | 10 +- 40 files changed, 5247 insertions(+), 2136 deletions(-) create mode 100644 pull-requests/hyperledger/besu-verkle-trie.md diff --git a/pull-requests/hyperledger-labs/benchmarking-cross-chain-bridges.md b/pull-requests/hyperledger-labs/benchmarking-cross-chain-bridges.md index edf24bdd2..22727b0cd 100644 --- a/pull-requests/hyperledger-labs/benchmarking-cross-chain-bridges.md +++ b/pull-requests/hyperledger-labs/benchmarking-cross-chain-bridges.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger-labs/benchmarking-cross-chain-bridges @@ -27,41 +27,16 @@ permalink: /pull-requests/hyperledger-labs/benchmarking-cross-chain-bridges
- PR #8 + PR #9 - refactor: yarn update and variable name + Feat: Socket swaps using SDK
- 1) Upgraded packages -2) Refactored chainlink contracts to be compatible with refactor -3) Protocol Route, Quote, etc types start with ProtocolName as prefix ex: Quote is now COWQuote or LIFIQuote + 1. Refactored chain_id 1. +> Old name MAINNET new name ETHEREUM + +2. Added socket swaps using the SDK +3. Performs single and multi tx swaps
- Created At 2023-09-29 17:39:44 +0000 UTC -
- - -
- - - - - - - - - -
- PR #7 - - - feat: uniswap swap execution - -
- - - 1) added uniswap swaps -2) increased test async wait to 100,000ms from 30,000ms (uniswap multihop sometimes takes a while) -
-
- Created At 2023-09-29 17:04:31 +0000 UTC + Created At 2023-10-19 13:13:28 +0000 UTC
diff --git a/pull-requests/hyperledger-labs/documentation-template.md b/pull-requests/hyperledger-labs/documentation-template.md index cd7901788..a8db7f6a5 100644 --- a/pull-requests/hyperledger-labs/documentation-template.md +++ b/pull-requests/hyperledger-labs/documentation-template.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger-labs/documentation-template @@ -32,85 +32,7 @@ permalink: /pull-requests/hyperledger-labs/documentation-template
- PR #15 + PR #16 - Update to an action + Update project brand
- Created At 2023-06-05 17:36:56 +0000 UTC -
- - -
- - - - - - - - - -
- PR #14 - - - Move to correct location - -
- - - -
-
- Created At 2023-06-05 16:49:26 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #13 - - - Move to correct location - -
- - - -
-
- Created At 2023-06-05 16:38:39 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #12 - - - Update PULL_REQUEST_TEMPLATE.md - -
- - - Updated the existing pull request template with some changes. -
-
- Created At 2023-06-05 16:17:29 +0000 UTC + Created At 2023-10-19 14:43:16 +0000 UTC
diff --git a/pull-requests/hyperledger-labs/fabric-operations-console.md b/pull-requests/hyperledger-labs/fabric-operations-console.md index 1d168bc09..2770e134d 100644 --- a/pull-requests/hyperledger-labs/fabric-operations-console.md +++ b/pull-requests/hyperledger-labs/fabric-operations-console.md @@ -10,6 +10,43 @@ permalink: /pull-requests/hyperledger-labs/fabric-operations-console # fabric-operations-console [GitHub](https://github.com/hyperledger-labs/fabric-operations-console){: .btn .mr-4 } +
+ + + + + + + + + +
+ PR #546 + + + add buttons to delete all components or the wallet + +
+ + + #### Type of change + + + +- New feature + +#### Description +Added a new delete-all-components button and a delete-wallet button to the settings page. they are hidden by default to prevent mishaps. they can be shown by adding `?debug=true` to the url when on the `/settings` page, like `/settings?debug=true`, +- the delete-all-components button only appears to users w/ a `manager` role +- the delete-wallet button only appears to users w/ a `writer` role + + +
+
+ Created At 2023-10-19 17:31:29 +0000 UTC +
+
+
diff --git a/pull-requests/hyperledger-labs/fabric-operator.md b/pull-requests/hyperledger-labs/fabric-operator.md index f86dec424..893b1a1a8 100644 --- a/pull-requests/hyperledger-labs/fabric-operator.md +++ b/pull-requests/hyperledger-labs/fabric-operator.md @@ -10,6 +10,32 @@ permalink: /pull-requests/hyperledger-labs/fabric-operator # fabric-operator [GitHub](https://github.com/hyperledger-labs/fabric-operator){: .btn .mr-4 } +
+
+ + + + + + + + +
+ PR #135 + + + Fix release build + +
+ + + https://github.com/hyperledger-labs/fabric-operator/issues/114 +
+
+ Created At 2023-10-19 17:34:05 +0000 UTC +
+
+
diff --git a/pull-requests/hyperledger-labs/open-enterprise-agent.md b/pull-requests/hyperledger-labs/open-enterprise-agent.md index 1269b4fdb..0eac48928 100644 --- a/pull-requests/hyperledger-labs/open-enterprise-agent.md +++ b/pull-requests/hyperledger-labs/open-enterprise-agent.md @@ -18,7 +18,7 @@ permalink: /pull-requests/hyperledger-labs/open-enterprise-agent diff --git a/pull-requests/hyperledger-labs/private-data-objects.md b/pull-requests/hyperledger-labs/private-data-objects.md index 1450b0e98..eec9e304c 100644 --- a/pull-requests/hyperledger-labs/private-data-objects.md +++ b/pull-requests/hyperledger-labs/private-data-objects.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger-labs/private-data-objects
- feat: add new auth params ATL-5771 + feat: add new auth params
@@ -27,14 +27,12 @@ permalink: /pull-requests/hyperledger-labs/private-data-objects
- PR #452 + PR #453 - Shell updates + A couple random fixes for installer and service startup scripts
- A few small updates to make the pdo-shell argument processing consistent with the other client applications (so they all use the same parameter processing function from pdo.client.builder.shell). This update required some changes to the tests that invoke the shell. - -There are a couple of other small bug fixes included as well. + A couple small fixes to the installer (to preserve mode bits) and the services (to enable configuration variable override).
- Created At 2023-09-22 19:13:56 +0000 UTC + Created At 2023-10-19 17:28:24 +0000 UTC
diff --git a/pull-requests/hyperledger-labs/yui-ibc-solidity.md b/pull-requests/hyperledger-labs/yui-ibc-solidity.md index 431de2f00..d0cec87ce 100644 --- a/pull-requests/hyperledger-labs/yui-ibc-solidity.md +++ b/pull-requests/hyperledger-labs/yui-ibc-solidity.md @@ -88,29 +88,3 @@ permalink: /pull-requests/hyperledger-labs/yui-ibc-solidity -
- - - - - - - - - -
- PR #222 - - - Fix callbacks of IBC Module - -
- - - -
-
- Created At 2023-10-12 15:08:27 +0000 UTC -
-
- diff --git a/pull-requests/hyperledger/anoncreds-rs.md b/pull-requests/hyperledger/anoncreds-rs.md index 31c7b7ad8..fc80343fe 100644 --- a/pull-requests/hyperledger/anoncreds-rs.md +++ b/pull-requests/hyperledger/anoncreds-rs.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/anoncreds-rs @@ -32,7 +32,33 @@ permalink: /pull-requests/hyperledger/anoncreds-rs
- PR #251 + PR #254 - Build cleanups; verify auditwheel output + chore: update version to dev 2
- Created At 2023-10-05 17:16:31 +0000 UTC + Created At 2023-10-19 12:21:22 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #253 + + + fix: do not free string + +
+ + + Based on discussion in this PR" https://github.com/hyperledger/aries-framework-javascript/pull/1606 +
+
+ Created At 2023-10-19 10:00:09 +0000 UTC
diff --git a/pull-requests/hyperledger/anoncreds-spec.md b/pull-requests/hyperledger/anoncreds-spec.md index 3ad59455b..abbd2e52d 100644 --- a/pull-requests/hyperledger/anoncreds-spec.md +++ b/pull-requests/hyperledger/anoncreds-spec.md @@ -14,37 +14,11 @@ permalink: /pull-requests/hyperledger/anoncreds-spec - - - - - -
- PR #171 + PR #173 - Added requested proof models - -
- - - These includes self-attested attributes, unrevealed attributes and predicates. -
-
- Created At 2023-10-08 05:24:46 +0000 UTC -
- - -
- - - - @@ -58,7 +32,7 @@ permalink: /pull-requests/hyperledger/anoncreds-spec
- PR #170 - - - Added aggregate proof generation and data models + Added non revocation presentation proof holder
- Created At 2023-10-07 06:03:05 +0000 UTC + Created At 2023-10-19 16:35:06 +0000 UTC
@@ -66,11 +40,11 @@ permalink: /pull-requests/hyperledger/anoncreds-spec @@ -79,12 +53,20 @@ permalink: /pull-requests/hyperledger/anoncreds-spec
- PR #169 + PR #172 - Added `eq_proof` and `ge_proofs` for presentation + Create SECURITY.md
- + Security Policy for Hyperledger AnonCreds based on the "best practices" and template defined by the Hyperledger TOC -- see: https://toc.hyperledger.org/governing-documents/security.html + +@hartm -- notice that I included you. That is specifically because of your cryptology knowledge, it's importance in Hyperledger AnonCreds and your knowledge of the cryptology being used here. I would not suggest this for other projects. I will understand if you would prefer not to be included. + +@TelegramSam and @mikelodder7 -- I also included you in this file -- please take a look and explicitly agree to be included. + +The same PR will be added and merged into the other repos. + +Need to add updates to the Maintainer file as part of this effort.
- Created At 2023-10-05 17:40:15 +0000 UTC + Created At 2023-10-15 20:53:42 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-acapy-docs.md b/pull-requests/hyperledger/aries-acapy-docs.md index c99228d2b..2bd34c9fa 100644 --- a/pull-requests/hyperledger/aries-acapy-docs.md +++ b/pull-requests/hyperledger/aries-acapy-docs.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-acapy-docs @@ -27,12 +27,13 @@ permalink: /pull-requests/hyperledger/aries-acapy-docs
- PR #68 + PR #71 - Update main.html + 0.10.4 try 2
- + Signed-off-by: Stephen Curran +
- Created At 2023-09-29 17:22:09 +0000 UTC + Created At 2023-10-15 21:47:30 +0000 UTC
@@ -40,11 +41,11 @@ permalink: /pull-requests/hyperledger/aries-acapy-docs @@ -53,12 +54,40 @@ permalink: /pull-requests/hyperledger/aries-acapy-docs + +
- PR #67 + PR #70 - 0.10.3 + Fix mistake in merge
- + Signed-off-by: Stephen Curran + +
+
+ Created At 2023-10-15 21:35:14 +0000 UTC +
+ + +
+ + + + + + + +
+ PR #69 + + + 0.10.4 + +
+ + + Signed-off-by: Stephen Curran +
- Created At 2023-09-29 17:17:52 +0000 UTC + Created At 2023-10-15 21:23:09 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-acapy-plugins.md b/pull-requests/hyperledger/aries-acapy-plugins.md index eff741a39..cec4ab895 100644 --- a/pull-requests/hyperledger/aries-acapy-plugins.md +++ b/pull-requests/hyperledger/aries-acapy-plugins.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-acapy-plugins @@ -27,13 +27,216 @@ permalink: /pull-requests/hyperledger/aries-acapy-plugins + +
- PR #3 + PR #10 - Initial Commit. + fix: allow merge commits
- Use Traction Basic Message Storage as an example. + +
+
+ Created At 2023-10-19 13:48:22 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #9 + + + Add MAINTAINERS.md + +
+ + + I basically just copied this from aca-py. I'm not sure if there is extra info that can be removed. I removed the `toc` and go-ext` scopes. The rest seemed like they could stay. + +I added Jason Sherman and Daniel Bluhm as Admin's and that is it. + +Maybe Stephan Curran and Ry Jones would like to be added? +
+
+ Created At 2023-10-17 21:23:17 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #8 + + + Bump urllib3 from 2.0.6 to 2.0.7 in /basicmessage_storage + +
+ dependencies + + Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.6 to 2.0.7. +
+Release notes +

Sourced from urllib3's releases.

+
+

2.0.7

+
    +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
    • +
+
+
+
+Changelog +

Sourced from urllib3's changelog.

+
+

2.0.7 (2023-10-17)

+
    +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
    • +
+
+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.6&new-version=2.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-acapy-plugins/network/alerts). + +
+
+
+ Created At 2023-10-17 21:07:37 +0000 UTC +
+
+ +
+ + + + + + + +
+ PR #7 + + + Bump urllib3 from 2.0.6 to 2.0.7 in /basicmessage_storage/integration + +
+ dependencies + + Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.0.6 to 2.0.7. +
+Release notes +

Sourced from urllib3's releases.

+
+

2.0.7

+
    +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
    • +
+
+
+
+Changelog +

Sourced from urllib3's changelog.

+
+

2.0.7 (2023-10-17)

+
    +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
    • +
+
+
+
+Commits + +
+
+ +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.0.6&new-version=2.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-acapy-plugins/network/alerts). + +
- Created At 2023-10-03 23:25:14 +0000 UTC + Created At 2023-10-17 21:06:59 +0000 UTC
@@ -41,11 +244,11 @@ permalink: /pull-requests/hyperledger/aries-acapy-plugins @@ -54,12 +257,30 @@ permalink: /pull-requests/hyperledger/aries-acapy-plugins
- PR #1 + PR #5 - Add settings + Advance repo - Add plugin, testing, update script
- + This PR adds another plugin `connection_update`, testing for current plugins, documentation updates and a script for common dependency and file management. + +Only one additional plugin was added so far. Others are being worked on but the testing has been a bit of a learning process and I want plugins to be added that are adequately tested. Some of the plugins I want to add have a lot more logic that will be more difficult testing. + +Reading the root README might be a good way to understand the entire context. + +---- + +When I was adding my first plugin to the repo I realized that we want to have isolated environments for development and testing and that quickly things were going to be difficult to manage. + +To combat this I decided to create a base empty plugin `default-empty-plugin` and a script `updater.sh` which updates the existing plugins and populates common files from it. I'm only sure the script works on linux systems currently. Some of the text commands possibly won't work on mac OS. + +I tried to update the README as well as I could to make it clear how to add an existing plugin or create a new one from scratch. It is quite easy but instructions can be hard. + +I'm not super happy with the naming I chose. I might change it if I can think of something better. + +One of the next important steps might be getting all the tests for each plugin running in the CI/CD pipeline. + +
- Created At 2023-10-03 16:58:35 +0000 UTC + Created At 2023-10-17 16:40:16 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-acapy-tools.md b/pull-requests/hyperledger/aries-acapy-tools.md index b120e6833..e40ed66fd 100644 --- a/pull-requests/hyperledger/aries-acapy-tools.md +++ b/pull-requests/hyperledger/aries-acapy-tools.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-acapy-tools @@ -27,170 +27,40 @@ permalink: /pull-requests/hyperledger/aries-acapy-tools dependencies - -
- PR #21 + PR #23 - build(deps-dev): Bump aiohttp from 3.8.4 to 3.8.5 + build(deps-dev): Bump urllib3 from 1.26.17 to 1.26.18
- Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.8.4 to 3.8.5. + Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.17 to 1.26.18.
Release notes -

Sourced from aiohttp's releases.

+

Sourced from urllib3's releases.

-

3.8.5

-

Security bugfixes

+

1.26.18

    -
  • -

    Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz -and :user:Dreamsorcerer.

    -

    Thanks to :user:sethmlarson for reporting this and providing us with -comprehensive reproducer, workarounds and fixing details! For more -information, see -https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

    -

    .. _llhttp: https://llhttp.org

    -

    (#7346)

    -
    • +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
-

Features

-
    -
  • -

    Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

    -

    (#7366)

    -
    • -
-

Bugfixes

-
    -
  • -

    Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

    -

    (#3355)

    -
    • -
-
Changelog -

Sourced from aiohttp's changelog.

+

Sourced from urllib3's changelog.

-

3.8.5 (2023-07-19)

-

Security bugfixes

+

1.26.18 (2023-10-17)

    -
  • -

    Upgraded the vendored copy of llhttp_ to v8.1.1 -- by :user:webknjaz -and :user:Dreamsorcerer.

    -

    Thanks to :user:sethmlarson for reporting this and providing us with -comprehensive reproducer, workarounds and fixing details! For more -information, see -https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w.

    -

    .. _llhttp: https://llhttp.org

    -

    [#7346](https://github.com/aio-libs/aiohttp/issues/7346) <https://github.com/aio-libs/aiohttp/issues/7346>_

    -
    • +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
-

Features

-
    -
  • -

    Added information to C parser exceptions to show which character caused the error. -- by :user:Dreamsorcerer

    -

    [#7366](https://github.com/aio-libs/aiohttp/issues/7366) <https://github.com/aio-libs/aiohttp/issues/7366>_

    -
    • -
-

Bugfixes

-
    -
  • -

    Fixed a transport is :data:None error -- by :user:Dreamsorcerer.

    -

    [#3355](https://github.com/aio-libs/aiohttp/issues/3355) <https://github.com/aio-libs/aiohttp/issues/3355>_

    -
    • -
-
Commits -
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohttp&package-manager=pip&previous-version=3.8.4&new-version=3.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-acapy-tools/network/alerts). - -
-
-
- Created At 2023-10-03 13:04:43 +0000 UTC -
- - -
- - - - - - - -
- PR #20 - - - build(deps-dev): Bump certifi from 2022.12.7 to 2023.7.22 - -
- dependencies - - Bumps [certifi](https://github.com/certifi/python-certifi) from 2022.12.7 to 2023.7.22. -
-Commits -

-[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=certifi&package-manager=pip&previous-version=2022.12.7&new-version=2023.7.22)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.17&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -222,7 +92,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- Created At 2023-10-03 13:04:34 +0000 UTC + Created At 2023-10-18 01:19:09 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-agent-test-harness.md b/pull-requests/hyperledger/aries-agent-test-harness.md index 650bd4788..332148029 100644 --- a/pull-requests/hyperledger/aries-agent-test-harness.md +++ b/pull-requests/hyperledger/aries-agent-test-harness.md @@ -14,7 +14,7 @@ permalink: /pull-requests/hyperledger/aries-agent-test-harness
- PR #731 + PR #732 @@ -32,7 +32,7 @@ permalink: /pull-requests/hyperledger/aries-agent-test-harness
- Created At 2023-10-07 03:26:11 +0000 UTC + Created At 2023-10-16 03:14:43 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-askar.md b/pull-requests/hyperledger/aries-askar.md index e21817bbe..b1a43e2a5 100644 --- a/pull-requests/hyperledger/aries-askar.md +++ b/pull-requests/hyperledger/aries-askar.md @@ -14,25 +14,280 @@ permalink: /pull-requests/hyperledger/aries-askar
- PR #189 + PR #191 - Adjust lower maximum number of connections for sqlite + build(deps): bump @babel/traverse from 7.22.17 to 7.23.2 in /wrappers/javascript
- + dependenciesjavascript - Based on testing against ACA-Py. I believe that the `available_parallelism` method comes up with a lower number than `num_cpus::count` did on Github CI, but in general a maximum of 2 connections does seem too low. + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.17 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
+
+Changelog +

Sourced from @​babel/traverse's changelog.

+
+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.22.17&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-askar/network/alerts). + +
- Created At 2023-09-28 17:23:28 +0000 UTC + Created At 2023-10-19 06:27:55 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-cloudagent-python.md b/pull-requests/hyperledger/aries-cloudagent-python.md index 41bc06d36..30d1cdc75 100644 --- a/pull-requests/hyperledger/aries-cloudagent-python.md +++ b/pull-requests/hyperledger/aries-cloudagent-python.md @@ -10,6 +10,60 @@ permalink: /pull-requests/hyperledger/aries-cloudagent-python # aries-cloudagent-python [GitHub](https://github.com/hyperledger/aries-cloudagent-python){: .btn .mr-4 } +
+ + + + + + + + + +
+ PR #2559 + + + refactor: replace multiformats library + +
+ + + This replaces the multiformats library with a very basic implementation included directly within ACA-Py. Given that the multiformats library has gone stale and my PR has languished, I think this is a good alternative to using that library. The implementation is very simple and currently only supports the minimum currently required by ACA-Py. Expanding the implementation in the future should be trivial. + +Fixes #2501 +
+
+ Created At 2023-10-19 15:19:58 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #2558 + + + Fix: RevRegEntry Transaction Endorsement + +
+ + + - resolve #2441 +
+
+ Created At 2023-10-19 14:32:33 +0000 UTC +
+
+
diff --git a/pull-requests/hyperledger/aries-endorser-service.md b/pull-requests/hyperledger/aries-endorser-service.md index 9c570c9b0..35cf6fcb1 100644 --- a/pull-requests/hyperledger/aries-endorser-service.md +++ b/pull-requests/hyperledger/aries-endorser-service.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-endorser-service
@@ -27,14 +27,78 @@ permalink: /pull-requests/hyperledger/aries-endorser-service + +
- PR #35 + PR #37 - Update agent image. + Enhancement: Introduce Support for Uploading CSV-Based Configuration
- Switch to official askar only image, and update to `0.10.3`. + This pull request resolves #38 -The previous agent version, 1.0.0-rc-0 is incompatible with ACA-Py >=1.10.1. See https://github.com/hyperledger/aries-cloudagent-python/issues/2528 +This enhancement adds the capability to configure your application using CSV files. The configuration is structured around the following classes: + +- AllowedPublicDid: + - Used for managing the publish_did file. + - Defines the registered_did attribute, which is a required string and serves as the primary key. + +- AllowedSchema: + - Intended for handling schema files. + - Includes attributes like author_did, schema_name, and version, all of which are mandatory and cannot be null. + +- AllowedCredentialDefinition: + - Specifically designed for the credential_definition file. + - Contains attributes such as issuer_did, author_did, schema_name, version, tag, rev_reg_def, and rev_reg_entry. All of these attributes are required and must have non-null values. + +This enhancement enables you to upload CSV files associated with each +of these classes, using either the POST or PUT methods. The choice +between POST and PUT dictates how the uploaded data interacts with the +existing configuration: + +POST: This method will replace the current configuration with the data from the uploaded CSV file. + +PUT: In contrast, the PUT method appends the data from the CSV file to the existing configuration, preserving the current state. + +This feature enhances the flexibility and ease of configuring your application by allowing you to manage your configuration using CSV files effortlessly. + +![2023-10-16_15-22-15](https://github.com/hyperledger/aries-endorser-service/assets/34443260/bbc58cf1-6ebb-412d-812a-6d50f8cdc4ce) + +These enhancements are designed to make your application's configuration management more user-friendly and efficient. + + +An example csv for the scheme file would be + +```csv +author_did,schema_name,version +"3fa85f64-5717-4562-b3fc-2c963f66afa6","myschema","1.0" +``` +
+
+ Created At 2023-10-16 22:30:10 +0000 UTC +
+
+ +
+ + + + + + + +
+ PR #36 + + + Update maintainers list + +
+ + + Suggesting the following change (additions) to the maintainers list: + +- @esune (myself) as I have been designing the enhancements to the endorser service required to automate some/all of the endorsement operations with fine-grained control +- @Gavinok as he has been the hands-on implementer of the above changes (see #34)
- Created At 2023-10-04 21:14:13 +0000 UTC + Created At 2023-10-13 18:18:51 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-framework-javascript-ext.md b/pull-requests/hyperledger/aries-framework-javascript-ext.md index fcd99492e..187eebb4a 100644 --- a/pull-requests/hyperledger/aries-framework-javascript-ext.md +++ b/pull-requests/hyperledger/aries-framework-javascript-ext.md @@ -14,64 +14,280 @@ permalink: /pull-requests/hyperledger/aries-framework-javascript-ext - -
- PR #227 + PR #228 - chore: release @aries-framework/transport-ble 0.2.1 + build(deps): bump @babel/traverse from 7.21.3 to 7.23.2
- autorelease: taggedci-test + dependencies - :robot: I have created a release \*beep\* \*boop\* ---- -### [0.2.1](https://www.github.com/hyperledger/aries-framework-javascript-ext/compare/transport-ble-v0.2.0...transport-ble-v0.2.1) (2023-09-18) + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.3 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
+
+Changelog +

Sourced from @​babel/traverse's changelog.

+
+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

+ +
+

... (truncated)

+
+
+Commits + +
+
-### Bug Fixes +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.21.3&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) -* loosen types on ble inbound and outbound transport and session ([#226](https://www.github.com/hyperledger/aries-framework-javascript-ext/issues/226)) ([17c6203](https://www.github.com/hyperledger/aries-framework-javascript-ext/commit/17c6203b398ad2fd613bc237e2c852a86f44c444)) ---- +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) -This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). -
-
- Created At 2023-09-18 08:36:55 +0000 UTC -
- +--- -
- - - - - - - -
- PR #226 - - - fix: loosen types on ble inbound and outbound transport and session - -
- - - - Types were unnecessarily strict and this loosens it a bit. - - Now `Peripheral` and `Central` are both allowed for inbound and outbound as they both extend `Ble` +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-framework-javascript-ext/network/alerts). +
- Created At 2023-09-18 07:43:05 +0000 UTC + Created At 2023-10-18 23:41:09 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-framework-javascript.md b/pull-requests/hyperledger/aries-framework-javascript.md index bacf7deb5..547eae98e 100644 --- a/pull-requests/hyperledger/aries-framework-javascript.md +++ b/pull-requests/hyperledger/aries-framework-javascript.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-framework-javascript @@ -27,12 +27,12 @@ permalink: /pull-requests/hyperledger/aries-framework-javascript
- PR #1603 + PR #1610 - fix: save AnonCredsCredentialRecord createdAt + fix: abandon proof protocol if presentation fails
- For some unfortunate reason, we are not saving `createdAt` at AnonCredsCredentialRecord creation. This is useful to do things like sorting credentials by their issuance date (something available with W3C Credential Reacords) + Abandon the proof protocol if the presentation processing fails. It will send a problem report, and it will set the error message on the proof record.
- Created At 2023-10-09 02:02:31 +0000 UTC + Created At 2023-10-19 09:52:46 +0000 UTC
@@ -40,11 +40,11 @@ permalink: /pull-requests/hyperledger/aries-framework-javascript @@ -53,59 +53,235 @@ permalink: /pull-requests/hyperledger/aries-framework-javascript dependenciesjavascript
- PR #1601 + PR #1608 - build(deps): bump @mattrglobal/bbs-signatures from 1.1.0 to 1.3.1 + build(deps): bump @babel/traverse from 7.21.4 to 7.23.2
- Bumps [@mattrglobal/bbs-signatures](https://github.com/mattrglobal/bbs-signatures) from 1.1.0 to 1.3.1. + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.4 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
Changelog -

Sourced from @​mattrglobal/bbs-signatures's changelog.

+

Sourced from @​babel/traverse's changelog.

-

1.3.1 (2023-10-04)

-

Features

+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import -

    1.3.0 (2023-09-29)

    -

    Features

    +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone
      -
    • update @mattrglobal/node-bbs-signatures to 0.18.1 (b929d7d)
      • -
    • update @wasm-tool/wasm-pack-plugin to 1.7.0 (b929d7d)
      • -
    • update rust edition to 2021 (b929d7d)
      • -
    • update console_error_panic_hook to 0.1.7 (b929d7d)
      • -
    • update serde-wasm-bindgen to 0.6.0 (b929d7d)
      • -
    • update wasm-bindgen to 0.2.87 (b929d7d)
      • -
    • update wasm-bindgen-future to 0.4.37 (b929d7d)
      • -
    • update web-sys to 0.3.64 (b929d7d)
      • +
    • #15878 Implement import defer proposal transform support (@​nicolo-ribaudo)
    -

    Bug Fixes

    +
    • +
  • babel-generator, babel-parser, babel-types -

    1.2.0 (2023-09-18)

    -

    Features

    +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

+
+

... (truncated)

Commits
    -
  • 1df8e1e chore(release): publish
    • -
  • a7e7aad build(deps): bump debug from 4.1.1 to 4.3.4 (#162)
    • -
  • 531f4cd chore(release): publish (#159)
    • -
  • b929d7d build(deps): remove wee_alloc (#158)
    • -
  • a9e2e56 build(deps): bump bumpalo from 3.6.1 to 3.12.0 (#148)
    • -
  • 14ada23 build(deps): bump @​commitlint/cli and @​commitlint/config-conventional version...
    • -
  • 307153d build(deps): bump semver from 6.3.0 to 6.3.1 in /sample/browser (#151)
    • -
  • e99a9a4 build(deps): bump semver from 6.3.0 to 6.3.1 in /sample/ts-node (#152)
    • -
  • 69c9edc build(deps-dev): bump webpack from 5.73.0 to 5.76.0 in /sample/browser (#149)
    • -
  • b19d7f2 build(deps): bump json5 from 2.2.1 to 2.2.3 (#147)
    • -
  • Additional commits viewable in compare view
    • +
  • b4b9942 v7.23.2
    • +
  • b13376b Only evaluate own String/Number/Math methods (#16033)
    • +
  • ca58ec1 v7.23.0
    • +
  • 0f333da Add createImportExpressions parser option (#15682)
    • +
  • 3744545 Fix linting
    • +
  • c7e6806 Add t.buildUndefinedNode (#15893)
    • +
  • 38ee8b4 Expand evaluation of global built-ins in @babel/traverse (#15797)
    • +
  • 9f3dfd9 v7.22.20
    • +
  • 3ed28b2 Fully support || and && in pluginToggleBooleanFlag (#15961)
    • +
  • 77b0d73 v7.22.19
    • +
  • Additional commits viewable in compare view

-[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@mattrglobal/bbs-signatures&package-manager=npm_and_yarn&previous-version=1.1.0&new-version=1.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.21.4&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -130,14 +306,66 @@ You can trigger Dependabot actions by commenting on this PR: - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-framework-javascript/network/alerts).
- Created At 2023-10-05 13:40:15 +0000 UTC + Created At 2023-10-19 01:28:28 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #1607 + + + feat(sd-jwt): Module for Issuer, Holder and verifier + +
+ + + Opening as draft for now for intermediary reviews. +
+
+ Created At 2023-10-17 13:09:06 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #1606 + + + feat!: upgrade shared components + +
+ + + Upgrade aries-askar, anoncreds-rs and indy-vdr to their latest versions. This implies that we are dropping node 16 support. +
+
+ Created At 2023-10-14 00:56:19 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-javascript-docs.md b/pull-requests/hyperledger/aries-javascript-docs.md index f6d034b3b..d44316917 100644 --- a/pull-requests/hyperledger/aries-javascript-docs.md +++ b/pull-requests/hyperledger/aries-javascript-docs.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-javascript-docs @@ -27,125 +27,235 @@ permalink: /pull-requests/hyperledger/aries-javascript-docs dependencies
- PR #135 + PR #136 - build(deps): Bump postcss from 8.4.21 to 8.4.31 + build(deps): Bump @babel/traverse from 7.21.4 to 7.23.2
- Bumps [postcss](https://github.com/postcss/postcss) from 8.4.21 to 8.4.31. + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.4 to 7.23.2.
Release notes -

Sourced from postcss's releases.

+

Sourced from @​babel/traverse's releases.

-

8.4.31

+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

    -
  • Fixed \r parsing to fix CVE-2023-44270.
    • +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
    -

    8.4.30

    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime -

    8.4.29

    +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import -

    8.4.28

    +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone
      -
    • Fixed Root.source.end for better source map (by @​romainmenke).
      • -
    • Fixed Result.root types when process() has no parser.
      • +
    • #15878 Implement import defer proposal transform support (@​nicolo-ribaudo)
    -

    8.4.27

    +
    • +
  • babel-generator, babel-parser, babel-types -

    8.4.26

    +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types
      -
    • Fixed clone methods types.
      • +
    • #15682 Add createImportExpressions parser option (@​JLHwung)
    -

    8.4.25

    +
    • +
  • babel-standalone -

    8.4.24

    +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types -

    8.4.23

    +
    • +
  • babel-helpers, babel-plugin-proposal-decorators -

    8.4.22

    +
    • +
  • babel-traverse, babel-types +
    • +
  • babel-preset-typescript
    • +
+
+

... (truncated)

Changelog -

Sourced from postcss's changelog.

+

Sourced from @​babel/traverse's changelog.

-

8.4.31

+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types
      -
    • Fixed \r parsing to fix CVE-2023-44270.
      • +
    • #15682 Add createImportExpressions parser option (@​JLHwung)
    -

    8.4.30

    +
    • +
  • babel-standalone
      -
    • Improved source map performance (by Romain Menke).
      • +
    • #15671 Pass through nonce to the transformed script element (@​JLHwung)
    -

    8.4.29

    +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types
      -
    • Fixed Node#source.offset (by Ido Rosenthal).
      • -
    • Fixed docs (by Christian Oliff).
      • +
    • #15751 Add support for optional chain in assignments (@​nicolo-ribaudo)
    -

    8.4.28

    +
    • +
  • babel-helpers, babel-plugin-proposal-decorators
      -
    • Fixed Root.source.end for better source map (by Romain Menke).
      • -
    • Fixed Result.root types when process() has no parser.
      • +
    • #15895 Implement the "decorator metadata" proposal (@​nicolo-ribaudo)
    -

    8.4.27

    +
    • +
  • babel-traverse, babel-types -

    8.4.26

    +
    • +
  • babel-preset-typescript -

    8.4.25

    +
    • +
  • babel-parser -

    8.4.24

    +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping
      -
    • Fixed Plugin types.
      • +
    • #15962 fix: transform-block-scoping captures the variables of the method in the loop (@​liuxingbaoyu)
      • +
    +
-

8.4.23

+

:nail_care: Polish

    -
  • Fixed warnings in TypeDoc.
    • +
  • babel-traverse + -

    8.4.22

    +
    • +
  • babel-plugin-proposal-explicit-resource-management
      -
    • Fixed TypeScript support with node16 (by Remco Haszing).
      • +
    • #15985 Improve source maps for blocks with using declarations (@​nicolo-ribaudo)
      • +
    +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
+

v7.22.20 (2023-09-16)

+
+

... (truncated)

Commits

-[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.4.21&new-version=8.4.31)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.21.4&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -177,7 +287,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- Created At 2023-10-07 13:31:35 +0000 UTC + Created At 2023-10-19 00:54:41 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-mediator-service.md b/pull-requests/hyperledger/aries-mediator-service.md index b47899133..17e37cf5a 100644 --- a/pull-requests/hyperledger/aries-mediator-service.md +++ b/pull-requests/hyperledger/aries-mediator-service.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-mediator-service @@ -27,56 +27,321 @@ permalink: /pull-requests/hyperledger/aries-mediator-service dependenciespython + +
- PR #100 + PR #102 - build(deps): bump urllib3 from 1.26.15 to 1.26.17 in /multi-agent-load-test + build(deps): bump urllib3 from 1.26.17 to 1.26.18 in /multi-agent-load-test
- Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.15 to 1.26.17. + Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.17 to 1.26.18.
Release notes

Sourced from urllib3's releases.

-

1.26.17

+

1.26.18

    -
  • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)
    • +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)
-

1.26.16

+
+
+
+Changelog +

Sourced from urllib3's changelog.

+
+

1.26.18 (2023-10-17)

+
    +
  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.
    • +
+
+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.17&new-version=1.26.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-mediator-service/network/alerts). + +
+
+
+ Created At 2023-10-18 01:19:25 +0000 UTC +
+ + +
+ + + + + + + +
+ PR #101 + + + build(deps-dev): bump @babel/traverse from 7.14.0 to 7.23.2 in /acapy/controller + +
+ dependenciesjavascript + + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.14.0 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse
      -
    • Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954)
      • +
    • #16033 Only evaluate own String/Number/Math methods (@​nicolo-ribaudo)
    +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+
+

... (truncated)

Changelog -

Sourced from urllib3's changelog.

+

Sourced from @​babel/traverse's changelog.

-

1.26.17 (2023-10-02)

+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
      -
    • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. ([#3139](https://github.com/urllib3/urllib3/issues/3139) <https://github.com/urllib3/urllib3/pull/3139>_)
      • +
    • #16025 Avoid override mistake in namespace imports (@​nicolo-ribaudo)
    -

    1.26.16 (2023-05-23)

    +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
      -
    • Fixed thread-safety issue where accessing a PoolManager with many distinct origins -would cause connection pools to be closed while requests are in progress ([#2954](https://github.com/urllib3/urllib3/issues/2954) <https://github.com/urllib3/urllib3/pull/2954>_)
      • +
    • #15913 Add rewriteImportExtensions option to TS preset (@​nicolo-ribaudo)
      • +
    +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
+

v7.22.20 (2023-09-16)

+
+

... (truncated)

Commits

-[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.15&new-version=1.26.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.14.0&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. @@ -108,7 +373,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- Created At 2023-10-03 03:34:32 +0000 UTC + Created At 2023-10-17 03:58:07 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-mobile-agent-react-native.md b/pull-requests/hyperledger/aries-mobile-agent-react-native.md index e9b850a20..08726da02 100644 --- a/pull-requests/hyperledger/aries-mobile-agent-react-native.md +++ b/pull-requests/hyperledger/aries-mobile-agent-react-native.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-mobile-agent-react-native @@ -29,7 +29,7 @@ permalink: /pull-requests/hyperledger/aries-mobile-agent-react-native - -
- PR #993 + PR #1000 - fix: edit button spacing + feat: add supported languages to configuration context
# Summary of Changes -with large wallet names the edit button would get pushed off the screen, added padding to make text wrap before it pushes button +Currently, all wallets need to support the three languages configured in the bifold (English, French and Portuguese). The aim of this PR is to enable you to change the default languages, so that you can choose only those you want to support. # Related Issues @@ -39,108 +39,6 @@ N/A Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. -- [ ] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [ ] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [ ] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - -
-
- Created At 2023-10-06 23:57:01 +0000 UTC -
- - -
- - - - - - - - - -
- PR #992 - - - feat: create OpenID4VCI package - -
- - - # Summary of Changes - -Work in progress - -# Related Issues - -Please reference here any issue #'s that are relevant to this PR, or simply enter "N/A" if this PR does not relate to any existing issues. - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - -- [ ] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [ ] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [ ] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - -
-
- Created At 2023-10-06 18:00:40 +0000 UTC -
-
- -
- - - - - - - -
- PR #991 - - - ci: lock ruby environment - -
- - - # Summary of Changes - -Replace this text with a high-level summary of the changes included in this PR. - -# Related Issues - -Please reference here any issue #'s that are relevant to this PR, or simply enter "N/A" if this PR does not relate to any existing issues. - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - - [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); - [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; - [x] Updated documentation as needed for changed code and new or modified features; @@ -159,7 +57,7 @@ _PR template adapted from the Python attrs project._
- Created At 2023-10-06 15:38:07 +0000 UTC + Created At 2023-10-18 17:47:50 +0000 UTC
@@ -167,11 +65,11 @@ _PR template adapted from the Python attrs project._ @@ -182,7 +80,8 @@ _PR template adapted from the Python attrs project._
- PR #990 + PR #998 - fix: deeplink issue where no params are set + fix: fixed labels in chat and pin screen
# Summary of Changes -This PR fixes the deeplink error issue sometimes caused by other apps linking into Bifold / BC Wallet without params. The RootStack component is quite difficult to set up for unit / integration testing and it's a small change so I'm hoping we can slide this one by without, given the urgency. +- Updated the accessibility label on the pin screen, previously it would read out the translation template rather than the resulting value +- Updated link accessibility in chat. Labelled link items with the link accessibility role # Related Issues @@ -195,7 +94,7 @@ Tick all boxes below to demonstrate that you have completed the respective task. - [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); - [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; - [x] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. +- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! @@ -210,7 +109,7 @@ _PR template adapted from the Python attrs project._
- Created At 2023-10-06 00:31:16 +0000 UTC + Created At 2023-10-17 00:04:50 +0000 UTC
@@ -218,63 +117,11 @@ _PR template adapted from the Python attrs project._ - - - - - -
- PR #989 + PR #997 - fix: add testIDs to wallet edit touchable components - -
- - - # Summary of Changes - -Add testIDs to wallet edit touchable components. - - -# Related Issues - -n/a - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - -- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [x] Updated documentation as needed for changed code and new or modified features; -- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - -
-
- Created At 2023-10-05 17:37:52 +0000 UTC -
- - -
- - - - @@ -285,11 +132,8 @@ _PR template adapted from the Python attrs project._
- PR #988 - - - refactor: publish core package + feat: delete connection from rejected mobile verifier proof
# Summary of Changes -- remove `packages/core` in favour of `packages/legacy/core` -- publish `packages/legacy/core` as `@hyperledger/aries-bifold-core` -- move verifier code to its own package: `@hyperledger/aries-bifold-verifier` -- standardize building/compiling process around [react-native-builder-bob](https://github.com/callstack/react-native-builder-bob) -- standardize/align/share typescript configuration file +Previously if the holder rejected a proof request while the mobile verifier was not on the proof requesting screen or had the app closed, the verifier would not delete the contact information of the holder. This change ensures that the contact is deleted for data privacy. +![Peek 2023-10-16 12-58](https://github.com/hyperledger/aries-mobile-agent-react-native/assets/36937407/021c29fa-e3a2-4bfc-89e2-ba14c0188a2b) # Related Issues @@ -299,10 +143,10 @@ Please reference here any issue #'s that are relevant to this PR, or simply ente Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. -- [ ] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [ ] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [ ] Updated documentation as needed for changed code and new or modified features; -- [ ] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. +- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); +- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; +- [x] Updated documentation as needed for changed code and new or modified features; +- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! @@ -317,7 +161,7 @@ _PR template adapted from the Python attrs project._
- Created At 2023-10-04 21:19:11 +0000 UTC + Created At 2023-10-16 20:00:01 +0000 UTC
@@ -325,71 +169,11 @@ _PR template adapted from the Python attrs project._ - - - - - -
- PR #987 + PR #996 - feat: add namespace support - -
- - - # Summary of Changes - -Update the script that can rebuild the ledger genesis transaciton. Support was added so in builds in the `indyNamespace` property. - -```json -[ - { - "id": "BCovrinTest", - "indyNamespace": "bcovrin:test", - "isProduction": false, - ... -``` - -# Related Issues - -hyperledger/indy-did-networks#3 - -# Pull Request Checklist - -Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. - -- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [x] Updated documentation as needed for changed code and new or modified features; -- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. - -If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! - -Pro Tip 🤓 - -- Read our [contribution guide](../CONTRIBUTING.md) at least once; it will save you a few review cycles! -- Your PR will likely not be reviewed until all the above boxes are checked and all automated tests have passed. - -_PR template adapted from the Python attrs project._ - -
-
- Created At 2023-10-04 19:45:18 +0000 UTC -
- - -
- - - - @@ -399,22 +183,23 @@ _PR template adapted from the Python attrs project._
- PR #985 - - - chore: align dependencies + fix: line break when it’s a long attribute
# Summary of Changes -Each workspace package have it own package.json file. To avoid dependency conflict and unnecessary nested dependencies, I've aligned the dependency across all packages. -[syncpack](https://www.npmjs.com/package/syncpack) is a nice utility that can be run on a regular basis to keep the dependency aligned. +Line break when it’s a long attribute. +The previous attempt didn't cover all scenarios. +`marginRight` set to `logoHeight * 2` to compensate the left distance of `logoHeight + (logoHeight - padding) + padding` # Related Issues -Please reference here any issue #'s that are relevant to this PR, or simply enter "N/A" if this PR does not relate to any existing issues. +N/A # Pull Request Checklist Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR **check it anyway** to make it apparent that there's nothing to do. -- [x] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); -- [x] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; -- [x] Updated documentation as needed for changed code and new or modified features; -- [x] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. +- [X] All commits contain a DCO `Signed-off-by` line (we use the [DCO GitHub app](https://github.com/apps/dco) to enforce this); +- [X] Updated LICENSE-3RD-PARTY.md for any added dependencies or vendored components; +- [X] Updated documentation as needed for changed code and new or modified features; +- [X] Added sufficient [tests](../__tests__/) so that overall code coverage is not reduced. If you have _any_ questions to _any_ of the points above, just **submit and ask**! This checklist is here to _help_ you, not to deter you from contributing! @@ -429,7 +214,7 @@ _PR template adapted from the Python attrs project._
- Created At 2023-10-03 15:44:41 +0000 UTC + Created At 2023-10-16 10:56:19 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-mobile-test-harness.md b/pull-requests/hyperledger/aries-mobile-test-harness.md index 7cee3bcc3..003e4ba0b 100644 --- a/pull-requests/hyperledger/aries-mobile-test-harness.md +++ b/pull-requests/hyperledger/aries-mobile-test-harness.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/aries-mobile-test-harness @@ -27,42 +27,14 @@ permalink: /pull-requests/hyperledger/aries-mobile-test-harness
- PR #201 + PR #203 - Fix for scenario @T011.2-Proof "Holder of a dismissed revoked notification reviews … + BCW Special and Extended characters tests
- Scenario : Holder of a dismissed revoked notification reviews revocation status again -Tag: @T011.2-Proof + This PR includes the addition of BCW Tests that test extended and special characters. -Added specific locators for both android and iOS -Added scroll to bottom before checking Revoked Date +It also adjusts the regression runs to the latest minor version of the iOS major versions. This way we don't test iOS 13.6 when iOS 13.8 is the latest.
- Created At 2023-10-06 20:16:47 +0000 UTC -
- - -
- - - - - - - - - -
- PR #200 - - - BC Wallet Wallet naming tests - -
- - - -
-
- Created At 2023-10-05 20:20:03 +0000 UTC + Created At 2023-10-13 19:17:07 +0000 UTC
diff --git a/pull-requests/hyperledger/aries-vcx.md b/pull-requests/hyperledger/aries-vcx.md index 6d2028534..9cf9fabbc 100644 --- a/pull-requests/hyperledger/aries-vcx.md +++ b/pull-requests/hyperledger/aries-vcx.md @@ -14,57 +14,65 @@ permalink: /pull-requests/hyperledger/aries-vcx - -
- PR #1013 + PR #1019 - Purge vdrtools + Bump rustix from 0.37.24 to 0.37.25
- + dependenciesrust - Attempts to remove all unnecessary code from `libvdrtools`, keeping only the wallet and the anoncreds data structures definitions (for the `wallet_migrator` crate to use). - -Additionally, removed lint exemption and fixed lints in the crate while also removing the `migration` and `vdrtools/vdrtools_anoncreds` feature flags from `aries_vcx` and `aries_vcx_core`. - -Lastly, dependencies have been updated and tweaked. Of particular notice are `sqlx` which was bumped to the latest version (`0.7.1`) and `zeroize` which was bumped to the latest version (`1.6.0`). + Bumps [rustix](https://github.com/bytecodealliance/rustix) from 0.37.24 to 0.37.25. +
+Commits +
    +
  • 00b84d6 chore: Release rustix version 0.37.25
    • +
  • cad15a7 Fixes for Dir on macOS, FreeBSD, and WASI.
    • +
  • df3c3a1 Merge pull request from GHSA-c827-hfw6-qwvm
    • +
  • See full diff in compare view
    • +
+
+
-
-
- Created At 2023-10-06 09:06:04 +0000 UTC -
- -
- - - - - - - -
- PR #1011 - - - Replace trait objects in libvcx_core with generics/concrete types - -
- - - Replaces as much as possible the usage of `Arc` and trait objects to use generics/concrete types instead. This will further aid in the refactor of the primitives interface traits. -This PR also removes the feature flags for conditional anoncreds implementations in `libvcx_core` and node JS wrapper, relying entirely on `credx`. +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustix&package-manager=cargo&previous-version=0.37.24&new-version=0.37.25)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/aries-vcx/network/alerts). + +
- Created At 2023-10-05 07:55:50 +0000 UTC + Created At 2023-10-18 18:46:43 +0000 UTC
@@ -72,11 +80,11 @@ This PR also removes the feature flags for conditional anoncreds implementations @@ -85,14 +93,12 @@ This PR also removes the feature flags for conditional anoncreds implementations
- PR #1010 + PR #1018 - Release 0.59.1 + Add support for pickup protocol messages
- This is a patch release to "seal" changes in vdrtools -> credx wallet migration - -Release `0.60.0` will have `vdrtools -> credx` migration removed, as well as entire anoncreds portion of `vdrtools` (leaving only vdrtools wallet) + Ref: https://github.com/hyperledger/aries-rfcs/blob/main/features/0685-pickup-v2/README.md
- Created At 2023-10-04 10:20:59 +0000 UTC + Created At 2023-10-18 06:06:45 +0000 UTC
@@ -100,11 +106,11 @@ Release `0.60.0` will have `vdrtools -> credx` migration removed, as well as ent @@ -113,13 +119,17 @@ Release `0.60.0` will have `vdrtools -> credx` migration removed, as well as ent
- PR #1007 + PR #1017 - Use a sequence of bytes (representing AriesMessage) as input for EncryptionEnvelope::create + Present Proof V2.0 message structures
- -This makes it more general, allowing use of the utility methods without worrying about the exact structure of `AriesMessage` passed in. In doing so, allows for also wrapping message types not yet recognized in aries_vcx. + Related, almost identical to: https://github.com/hyperledger/aries-vcx/pull/990 + +NOTE: I've gone with v2.0 (as opposed to v2.1 & v2.2), this is primarily because it seems to be what others (aca-py & AFJ) are targeting and expect. similarly, V2.0 is what AIP2.0 lists as it's requirement: https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0302-aries-interop-profile/README.md#base-requirements + +The changes are virtually identical to #990 , other changes include: +* moved `AttachmentFormatSpecifier` to a common place
- Created At 2023-10-03 12:30:46 +0000 UTC + Created At 2023-10-18 03:06:54 +0000 UTC
@@ -127,11 +137,11 @@ This makes it more general, allowing use of the utility methods without worrying @@ -140,23 +150,12 @@ This makes it more general, allowing use of the utility methods without worrying
- PR #1006 + PR #1016 - Do not delete target wallet, do not fail migration on item-error + Extract primitives and remove Profile
- This is set of changes to make the migration. -- More graceful, one migration error should not halt migration of the rest. It's up to migrating user to evaluate whether the migration result is satisfactory. -- Idempotent - if migration fails for example due an IO error midway, it should be possible to finish it on 2nd try. - -Changes: -- If migration fails, do not delete the target wallet. -- Disable adding records to vdrtool cache when running migration. -- Do not fail migration if the record has unexpected format. Just skip it and log the record. -- If migration of the record itself fail, skip it and log. -- If adding item to target wallet fails due duplication error, skip it. For idempotency it would be ideal to overwrite it, but that would need digging deeper. For now, skipping these records still gives us idempotency under assumption item migration process was not changed between 2 migrations attempts. -- If adding item fails for other reason, fail the migration (likely IO error). - + This PR removes the `Profile` trait in favor of using independent components instead. Additionally, it aims to remove the shared usage of primitive components (making them depend on each other) and instead rely on function signatures to specifically ask for the components needed (without hidden implications that passing `Anoncreds` will also pass a `Wallet` instance).
- Created At 2023-10-03 06:45:06 +0000 UTC + Created At 2023-10-17 08:22:49 +0000 UTC
diff --git a/pull-requests/hyperledger/besu-docs.md b/pull-requests/hyperledger/besu-docs.md index c7e5eb36b..44535b48a 100644 --- a/pull-requests/hyperledger/besu-docs.md +++ b/pull-requests/hyperledger/besu-docs.md @@ -10,6 +10,287 @@ permalink: /pull-requests/hyperledger/besu-docs # besu-docs [GitHub](https://github.com/hyperledger/besu-docs){: .btn .mr-4 } +
+ + + + + + + + + +
+ PR #1423 + + + Bump @babel/traverse from 7.20.12 to 7.23.2 + +
+ dependencies + + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.12 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
+
+Changelog +

Sourced from @​babel/traverse's changelog.

+
+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.20.12&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/besu-docs/network/alerts). + +
+
+
+ Created At 2023-10-18 17:27:54 +0000 UTC +
+
+
diff --git a/pull-requests/hyperledger/besu-verkle-trie.md b/pull-requests/hyperledger/besu-verkle-trie.md new file mode 100644 index 000000000..2d8e8e3c6 --- /dev/null +++ b/pull-requests/hyperledger/besu-verkle-trie.md @@ -0,0 +1,38 @@ +--- +layout: default +title: besu-verkle-trie +parent: Hyperledger +grand_parent: Pull Requests +has_children: false +permalink: /pull-requests/hyperledger/besu-verkle-trie +--- + +# besu-verkle-trie [GitHub](https://github.com/hyperledger/besu-verkle-trie){: .btn .mr-4 } + + +
+
+ + + + + + + + +
+ PR #1 + + + Add settings.yml + +
+ + + +
+
+ Created At 2023-10-17 13:50:24 +0000 UTC +
+
+ diff --git a/pull-requests/hyperledger/besu.md b/pull-requests/hyperledger/besu.md index 9b8d7ecf4..9d763079b 100644 --- a/pull-requests/hyperledger/besu.md +++ b/pull-requests/hyperledger/besu.md @@ -567,53 +567,3 @@ Noticed that these lines of code were duplicated. -
- - - - - - - - - -
- PR #6027 - - - Mining options refactor - -
- - - - - -## PR description - -Before adding new mining options for upcoming features, I took some time to review and refactor mining options. -Mining parameters are a bit odd when compared to other options, since they do not follow the same pattern of using immutables, as for txpool options, stable options are defined in `BesuCommand`, and since that file is already too big, adding more options there should be avoided. - -For the refactoring I have reapplied most of the solutions used for the refactoring of txpool options (see #5772 if interested), with some novelty, since for mining configuration a new feature is required, that is having the possibility to update the value of some options at runtime. -One notable difference with #5772, is that _stable_ and _unstable_ options are no more split on two classes, since it make more sense to keep all the related options in a single place, also because some validations could make use of a mix of stable and unstable options, and for that it is better to have all of them in a single place. - -To implement the _update at runtime_ feature, in a thread safe way, unfortunately it is not possible to use the immutables library directly, so instead of using annotations, some code has to be added to the `MiningParameters` class to manage the updatables options. If the proposed solution prove to be effective and looks good, after it stabilize, we can also think of extending the immutables library to support this, or introduce our own annotations, or find another library that is best suited for managing configuration. -The _updatable_ parameters work like that: -- on startup their initial value is set, as usual from config file or CLI, -- these parameters have also a _set_, along with the normal _get_ one, -- the values are kept in _volatile_ fields, to make it multi thread friendly -- Note that initial values are kept in case it is needed, even if the parameters then updated at runtime, - -The proposed implementation also has the goal to centralize all the parameters in the `MiningParameters` class, and only passing this class around instead of passing single parameters, like `coinbase`, `extraData`, etc... so it should help readability and make easier to manage these parameter. - -More refactoring may be proposed in following PRs, to avoid making this one too big, for example `MiningParameters` could be renamed to `MiningConfiguration` for consistency with the naming of similar classes, then could make sense to pass mining parameters directly to RPC methods that update things like `coinbase`, `targetGasLimit` etc... instead of passing through other objects. - -## Fixed Issue(s) - - -
-
- Created At 2023-10-12 16:21:11 +0000 UTC -
-
- diff --git a/pull-requests/hyperledger/bevel-samples.md b/pull-requests/hyperledger/bevel-samples.md index f047088eb..a8082e320 100644 --- a/pull-requests/hyperledger/bevel-samples.md +++ b/pull-requests/hyperledger/bevel-samples.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/bevel-samples @@ -27,151 +27,492 @@ permalink: /pull-requests/hyperledger/bevel-samples dependenciesjavascript + +
- PR #46 + PR #51 - Bump postcss and react-scripts in /examples/supplychain-app/supplychain-frontend + Bump @babel/traverse from 7.20.12 to 7.23.2 in /images/networkmap/website
- Bumps [postcss](https://github.com/postcss/postcss) to 8.4.31 and updates ancestor dependency [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts). These dependencies need to be updated together. - -Updates `postcss` from 6.0.23 to 8.4.31 + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.12 to 7.23.2.
Release notes -

Sourced from postcss's releases.

+

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
+
+Changelog +

Sourced from @​babel/traverse's changelog.

-

8.4.31

+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse
      -
    • Fixed \r parsing to fix CVE-2023-44270.
      • +
    • #15797 Expand evaluation of global built-ins in @babel/traverse (@​lorenzoferre)
    -

    8.4.30

    +
    • +
  • babel-plugin-proposal-explicit-resource-management -

    8.4.29

    +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env +
-

8.4.28

+

v7.22.20 (2023-09-16)

+ +
+

... (truncated)

+
+
+Commits -

8.4.27

+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.20.12&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/bevel-samples/network/alerts). + +
+
+
+ Created At 2023-10-18 17:16:26 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #50 + + + Bump @babel/traverse from 7.20.12 to 7.23.2 in /images/doorman/website + +
+ dependenciesjavascript + + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.12 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse -

    8.4.26

    +
    • +
  • babel-preset-typescript
      -
    • Fixed clone methods types.
      • +
    • #16022 Rewrite .tsx extension when using rewriteImportExtensions (@​jimmydief)
    -

    8.4.25

    +
    • +
  • babel-helpers -

    8.4.24

    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime -

    8.4.23

    +
    • +
+

Committers: 5

-

8.4.22

+

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import -

    8.4.21

    +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone -

    8.4.20

    +
    • +
  • babel-generator, babel-parser, babel-types -

    8.4.19

    +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types -

    8.4.18

    +
    • +
  • babel-standalone
      -
    • Fixed an error on absolute: true with empty sourceContent (by @​KingSora).
      • +
    • #15671 Pass through nonce to the transformed script element (@​JLHwung)
    -

    8.4.17

    +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
-

8.4.16

... (truncated)

Changelog -

Sourced from postcss's changelog.

+

Sourced from @​babel/traverse's changelog.

-

8.4.31

+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers
      -
    • Fixed \r parsing to fix CVE-2023-44270.
      • +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
    -

    8.4.30

    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
      -
    • Improved source map performance (by Romain Menke).
      • +
    • #16025 Avoid override mistake in namespace imports (@​nicolo-ribaudo)
    -

    8.4.29

    +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import
      -
    • Fixed Node#source.offset (by Ido Rosenthal).
      • -
    • Fixed docs (by Christian Oliff).
      • +
    • #15870 Support transforming import source for wasm (@​nicolo-ribaudo)
    -

    8.4.28

    +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone
      -
    • Fixed Root.source.end for better source map (by Romain Menke).
      • -
    • Fixed Result.root types when process() has no parser.
      • +
    • #15878 Implement import defer proposal transform support (@​nicolo-ribaudo)
    -

    8.4.27

    +
    • +
  • babel-generator, babel-parser, babel-types -

    8.4.26

    +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types
      -
    • Fixed clone methods types.
      • +
    • #15682 Add createImportExpressions parser option (@​JLHwung)
    -

    8.4.25

    +
    • +
  • babel-standalone -

    8.4.24

    +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types -

    8.4.23

    +
    • +
  • babel-helpers, babel-plugin-proposal-decorators -

    8.4.22

    +
    • +
  • babel-traverse, babel-types
      -
    • Fixed TypeScript support with node16 (by Remco Haszing).
      • +
    • #15893 Add t.buildUndefinedNode (@​liuxingbaoyu)
    -

    8.4.21

    +
    • +
  • babel-preset-typescript
      -
    • Fixed Input#error types (by Aleks Hudochenkov).
      • +
    • #15913 Add rewriteImportExtensions option to TS preset (@​nicolo-ribaudo)
    -

    8.4.20

    +
    • +
  • babel-parser
      -
    • Fixed source map generation for childless at-rules like @layer.
      • +
    • #15896 Allow TS tuples to have both labeled and unlabeled elements (@​yukukotani)
    -

    8.4.19

    +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping
      -
    • Fixed whitespace preserving after AST transformations (by Romain Menke).
      • +
    • #15962 fix: transform-block-scoping captures the variables of the method in the loop (@​liuxingbaoyu)
      • +
    +
-

8.4.18

+

:nail_care: Polish

    -
  • Fixed an error on absolute: true with empty sourceContent (by Rene Haas).
    • +
  • babel-traverse + -

    8.4.17

    +
    • +
  • babel-plugin-proposal-explicit-resource-management
      -
    • Fixed Node.before() unexpected behavior (by Romain Menke).
      • -
    • Added TOC to docs (by Mikhail Dedov).
      • +
    • #15985 Improve source maps for blocks with using declarations (@​nicolo-ribaudo)
      • +
    +
-

8.4.16

+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

... (truncated)

@@ -179,49 +520,305 @@ Updates `postcss` from 6.0.23 to 8.4.31
Commits

-Updates `react-scripts` from 2.1.8 to 5.0.1 + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.20.12&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/bevel-samples/network/alerts). + +
+
+
+ Created At 2023-10-18 17:15:57 +0000 UTC +
+
+ +
+ + + + + + + +
+ PR #49 + + + Bump @babel/traverse from 7.19.1 to 7.23.2 in /examples/supplychain-app/supplychain-frontend + +
+ dependenciesjavascript + + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.19.1 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
Changelog -

Sourced from react-scripts's changelog.

+

Sourced from @​babel/traverse's changelog.

-

3.0.0 and Newer Versions

-

Please refer to CHANGELOG.md for the newer versions.

+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

+
+

... (truncated)

Commits

+[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.19.1&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) @@ -252,7 +849,7 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- Created At 2023-10-04 02:19:46 +0000 UTC + Created At 2023-10-18 09:03:51 +0000 UTC
diff --git a/pull-requests/hyperledger/bevel.md b/pull-requests/hyperledger/bevel.md index fcbd0b019..1d00ec12f 100644 --- a/pull-requests/hyperledger/bevel.md +++ b/pull-requests/hyperledger/bevel.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/bevel @@ -27,12 +27,24 @@ permalink: /pull-requests/hyperledger/bevel
- PR #2389 + PR #2394 - fix:(corda-ent, shared) chart liniting errors, aes host ns hardcoding + feat(shared): add missing files for OS-specific command handling
- + ### **Quick fix commit to be reviewed** +--- + +**feat(shared): add missing files for OS-specific command handling** + +``` +Description: +- In the PR titled "feat(shared): enable OS-specific command handling in Helm charts," I forgot to include certain files. +- I thought that changing the name of the Helm chart would override the updated file only, not the entire chart, but I was wrong. +- This PR will address the missing file and fulfill the purpose of the original PR. +``` + +fixes #quick-fix
- Created At 2023-10-17 06:42:45 +0000 UTC + Created At 2023-10-19 12:18:32 +0000 UTC
@@ -40,11 +52,11 @@ permalink: /pull-requests/hyperledger/bevel @@ -53,32 +65,67 @@ permalink: /pull-requests/hyperledger/bevel + +
- PR #2388 + PR #2393 - [shared] enable OS-specific command handling in helm charts + bug(r3-corda-ent): delete HashiCorp vault access and policies on network reset
- ### **Commit to be reviewed** ---- -**feat(shared): enable OS-specific command handling in helm charts** + +This pull request addresses the need to delete HashiCorp Vault access and policies when performing a network reset. -``` -This PR improves the handling of OS-specific commands within Helm charts. +changes made in: +1. platforms/r3-corda-ent/configuration/cleanup.yaml +2. platforms/r3-corda-ent/configuration/roles/delete/vault_secrets/tasks/main.yaml -Changes: -- Introduced a script to check the Operating System and its supporting package manager for efficient package installation. -- Added a ConfigMap object to insert the same above-mentioned script into the container, improving flexibility and compatibility. +fixes:#2390 +
+
+ Created At 2023-10-19 05:03:56 +0000 UTC +
+ + +
+ + + + + + + +
+ PR #2392 + + + [fabric] Update chaincode charts to be compatible with version 2.5.4 + +
+ + + Primary Changes +-------------- + 1. Updated chaincode charts + 2. Fixed a bug that occurred when creating the genesis file with an incorrect channel name -Additional change: -- Updated the StorageClass Helm chart to resolve the node affinity issue. +Modifications in docs +----------------------- +docs/source/_static/TopLevelClass-Fabric.png +docs/source/operations/fabric_networkyaml.md -There are only 3 platforms that are currently using OS-Specific Command in Helm Charts directly, and this PR is also made for these 3 platforms only: -- Quorum -- Hyperledger-Fabric -- Substrate -``` +Modifications in charts +----------------------- +platforms/hyperledger-fabric/charts/commit_chaincode/templates/commit_chaincode.yaml platforms/hyperledger-fabric/charts/install_chaincode/templates/install_chaincode.yaml -fixes #2366 +Modifications in roles and tpl files +----------------------- +platforms/hyperledger-fabric/configuration/chaincode-ops.yaml platforms/hyperledger-fabric/configuration/deploy-network.yaml platforms/hyperledger-fabric/configuration/roles/helm_component/templates/commit_chaincode_job.tpl + +Others Modifications +---------------------------------------- +platforms/hyperledger-fabric/configuration/samples/network-fabricv2.yaml + +fixes #2385
- Created At 2023-10-17 05:49:17 +0000 UTC + Created At 2023-10-18 10:41:59 +0000 UTC
@@ -86,11 +133,11 @@ fixes #2366 @@ -104,7 +151,53 @@ fixes #2366
- PR #2387 + PR #2389 - update(docs): add readthedocs config file + fix:(corda-ent, shared) chart liniting errors, aes host ns hardcoding
- Created At 2023-10-11 18:05:33 +0000 UTC + Created At 2023-10-17 06:42:45 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #2388 + + + [shared] enable OS-specific command handling in helm charts + +
+ + + ### **Commit to be reviewed** +--- +**feat(shared): enable OS-specific command handling in helm charts** + +``` +This PR improves the handling of OS-specific commands within Helm charts. + +Changes: +- Introduced a script to check the Operating System and its supporting package manager for efficient package installation. +- Added a ConfigMap object to insert the same above-mentioned script into the container, improving flexibility and compatibility. + +Additional change: +- Updated the StorageClass Helm chart to resolve the node affinity issue. + +There are only 3 platforms that are currently using OS-Specific Command in Helm Charts directly, and this PR is also made for these 3 platforms only: +- Quorum +- Hyperledger-Fabric +- Substrate +``` + +fixes #2366 +
+
+ Created At 2023-10-17 05:49:17 +0000 UTC
diff --git a/pull-requests/hyperledger/cacti.md b/pull-requests/hyperledger/cacti.md index cccab07ce..69b5dc0bf 100644 --- a/pull-requests/hyperledger/cacti.md +++ b/pull-requests/hyperledger/cacti.md @@ -14,72 +14,388 @@ permalink: /pull-requests/hyperledger/cacti + +
- PR #2782 + PR #2815 - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/sdks/fabric/go-sdk + docs(examples/cbdc): update README.md with new instructions to run
- dependenciesgo + - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
-
-
+ Update README.md with new instructions to run the frontend. Previously, the source code was not in the project and a default Docker image was being provided. Now, developers can start the frontend development server directly and run the code with live reload. +
+
+ Created At 2023-10-19 12:17:18 +0000 UTC +
+ +
+ + + + + + + + + +
+ PR #2814 + + + feat(connector-corda): support corda 5 RC via TS/HTTP (no JVM) + +
+ + + **Pull Request Requirements** +- [ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. +
+
+ Created At 2023-10-19 09:30:50 +0000 UTC +
+
-[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.8.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +
+ + + + + + + + + +
+ PR #2808 + + + fix(weaver-packages): removing unnecessary package-lock.json file + +
+ + + The presence of this file raises dependabot alerts and PRs. The module containing this file is not currently being used, and is just a sample. Just retaining the `package.json` is enough for future maintenance. + +Fulfills what https://github.com/hyperledger/cacti/pull/2798 was trying to do but in a different way. + +**Pull Request Requirements** +- [ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. +
+
+ Created At 2023-10-18 13:06:02 +0000 UTC +
+
-Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +
+ + + + + + + + + +
+ PR #2805 + + + chore(packages-python): remove obsolete cactus_validator_socketio_iroha + +
+ + + - Remove python iroha connector since it was superseded by openapi connectors for both iroha V1 and V2. +- Remove iroha-testnet setup since it was superseded by all-in-one images. + +**Pull Request Requirements** +- [x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [x] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. +
+
+ Created At 2023-10-18 09:14:04 +0000 UTC +
+
-[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +
+ + + + + + + + + +
+ PR #2804 + + + docs(maintainers): add outSH as a maintainer to the project + +
+ + + Congratulations @outSH! You are now a maintainer of the project. ---- +[skip ci] + +Signed-off-by: Peter Somogyvari + +**Pull Request Requirements** +[ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +[ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. +
+
+ Created At 2023-10-18 05:02:22 +0000 UTC +
+
-
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +
+ + + + + + + + + +
+ PR #2803 + + + fix(weaver): improper exception handling + +
+ + + ## Description: +This pull request addresses issue #2767 improper exception handling. We need to wrap the expected exceptions in a try-catch block and handle them explicitly. + +### Changes: +- Enclosed the existing code within a try-catch block to capture exceptions. +- Added contextual information in the logs, and the exception is re-thrown within the getConfig() function, as part of the exception propagation process. +
+
+ Created At 2023-10-17 20:36:23 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #2802 + + + docs(examples/cbdc): fix mismatch of Fabric identities in GET and POST requests + +
+ + + docs(examples/cbdc): fix mismatch of Fabric identities in GET, POST requests + +The state keys were not being generated correctly for some reason +It was working before without code changes so my best guess is that +the Fabric ledger/SDK versions were changed and that's what tripped it +up somehow. + +Fixes #2739 + +[skip ci] + +Co-authored-by: Peter Somogyvari + +Signed-off-by: André Augusto +Signed-off-by: Peter Somogyvari + +cc: @petermetz @Anusha-Padmanabhan +
+
+ Created At 2023-10-17 19:55:59 +0000 UTC +
+
+
+ + + + + + + +
+ PR #2797 + + + build(deps): bump undici from 5.19.1 to 5.26.2 in /packages/cactus-plugin-ledger-connector-iroha2 + +
+ dependenciesjavascript + + [skip ci] + +Bumps [undici](https://github.com/nodejs/undici) from 5.19.1 to 5.26.2. +
+Release notes +

Sourced from undici's releases.

+
+

v5.26.2

+

Security Release, CVE-2023-45143.

+

v5.26.1

+

What's Changed

+ +

Full Changelog: https://github.com/nodejs/undici/compare/v5.26.0...v5.26.1

+

v5.26.0

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/nodejs/undici/compare/v5.23.4...v5.26.0

+

v5.25.3

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/nodejs/undici/compare/v5.25.2...v5.25.3

+

v5.25.2

+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undici&package-manager=npm_and_yarn&previous-version=5.19.1&new-version=5.26.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +
- Created At 2023-10-11 23:36:26 +0000 UTC + Created At 2023-10-16 16:58:37 +0000 UTC
@@ -87,72 +403,249 @@ You can disable automated security fix PRs for this repo from the [Security Aler + +
- PR #2779 + PR #2796 - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/core/network/fabric-interop-cc/libs/assetexchange + build(deps): bump undici from 5.19.1 to 5.26.2
- dependenciesgo + dependenciesjavascript - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
+ [skip ci] + +Bumps [undici](https://github.com/nodejs/undici) from 5.19.1 to 5.26.2. +
+Release notes +

Sourced from undici's releases.

+
+

v5.26.2

+

Security Release, CVE-2023-45143.

+

v5.26.1

+

What's Changed

+ +

Full Changelog: https://github.com/nodejs/undici/compare/v5.26.0...v5.26.1

+

v5.26.0

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/nodejs/undici/compare/v5.23.4...v5.26.0

+

v5.25.3

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/nodejs/undici/compare/v5.25.2...v5.25.3

+

v5.25.2

+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undici&package-manager=npm_and_yarn&previous-version=5.19.1&new-version=5.26.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +
-
+
+
+ Created At 2023-10-16 16:15:36 +0000 UTC +
+ +
+ + + + + + + + + +
+ PR #2795 + + + docs(weaver, cactus): fix typos + +
+ + + +[skip ci] + +Co-authored-by: Peter Somogyvari + +Signed-off-by: GoodDaisy <90915921+GoodDaisy@users.noreply.github.com> +Signed-off-by: Peter Somogyvari +
+
+ Created At 2023-10-16 12:48:56 +0000 UTC +
+
-[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.8.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +
+ + + + + + + + + +
+ PR #2794 + + + feat(cactus-plugin-ledger-connector-cdl-socketio): separate endpoint for subscription key + +
+ + + - Add separate configurations for endpoints supporting access token and subscription key separately. +- This is required by current public instance of CDL. + +**Pull Request Requirements** +- [x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +- [x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +- [x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +- [X] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +- [X] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners. +
+
+ Created At 2023-10-16 11:50:22 +0000 UTC +
+
+ +
+ + + + + + + +
+ PR #2793 + + + build(deps): explicit bump of http-cache-semantics to >=4.1.1 + +
+ + + 1. Updated the yarn.lock file via yarn up -R and +2. Also added a forced resolution of the versions in the root +package.json for good measure. -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +[skip ci] -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +Fixes #2335 ---- +Signed-off-by: Peter Somogyvari -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +**Pull Request Requirements** +[ x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. -
+**Character Limit** +[x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[x] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
- Created At 2023-10-11 23:36:19 +0000 UTC + Created At 2023-10-13 19:41:45 +0000 UTC
@@ -160,72 +653,60 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- PR #2775 + PR #2792 - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/core/network/fabric-interop-cc/libs/utils + fix(security): address CVE-2021-3749 - axios >=0.22.0
- dependenciesgo + - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
-
-
+ Ensured that axios is updated to >=0.22.0 in all packages that use it. +The only place where it was not possible to upgrade it through upgrading +transitive dependencies was the ubiquity connector package so for that one +I forced the issue through the resolutions section of the root package.json. -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.8.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +----------------------------------------------- -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +The GitHub Cacti security advisory: https://github.com/hyperledger/cacti/security/dependabot/361 -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +The general GitHub security advisory: https://github.com/advisories/GHSA-cph5-m8f7-6c5x ---- +Weaknesses +- [WeaknessCWE-400](https://cwe.mitre.org/data/definitions/400.html) +- [WeaknessCWE-1333](https://cwe.mitre.org/data/definitions/1333.html) -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +CVE ID: `CVE-2021-3749` +GHSA ID: `GHSA-cph5-m8f7-6c5x` -
+Fixes #2790 + +[skip ci] + +Signed-off-by: Peter Somogyvari + +**Pull Request Requirements** +[ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. + +**Character Limit** +[ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). + +**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
- Created At 2023-10-11 23:35:17 +0000 UTC + Created At 2023-10-13 06:07:33 +0000 UTC
@@ -233,72 +714,50 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- PR #2774 + PR #2789 - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/common/protos-go + fix(cmd-api-server): fix CVE-2023-36665 protobufjs try 2
- dependenciesgo + - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
-
-
+ 1. Upgraded fabric-network from 2.2.10 to 2.2.18 wherever it was still 2.2.10 +2. Upgraded ipfs-http-client project-wide from 51.0.1 to 60.0.1 +3. Upgraded @google-cloud/secret-manager from 3.9.0 to 5.0.1 +This is the second try at fixing this issue. For some reason the first +PR didn't get it done. The most likely reason is that other commits +in the meantime added back the vulnerable versions of the packages, but +I'm not a 100% sure. -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.8.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[skip ci] -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +Fixes #2682 -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +Signed-off-by: Peter Somogyvari ---- +**Pull Request Requirements** +[x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +**Character Limit** +[x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[x] Commit Message per line must not exceed 80 characters (including spaces and special characters). -
+**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
- Created At 2023-10-11 23:35:16 +0000 UTC + Created At 2023-10-13 05:18:01 +0000 UTC
@@ -306,72 +765,52 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- PR #2773 + PR #2788 - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/samples/fabric/simplestatewithacl + fix(security): remediate qs vulnerability CVE-2022-24999
- dependenciesgo + - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
-
-
+ Mass-upgraded the following dependencies throughout the project to get +rid of the vulnerability in qs' older versions: +1. `express` +2. `body-parser` +GitHub Cacti Security Advisories: +1. https://github.com/hyperledger/cacti/security/dependabot/279 +2. https://github.com/hyperledger/cacti/security/dependabot/278 +3. https://github.com/hyperledger/cacti/security/dependabot/274 -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.8.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +CVE ID: CVE-2022-24999 +GHSA ID: GHSA-hrpp-h998-j3pp -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +[skip ci] -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +Signed-off-by: Peter Somogyvari ---- +**Pull Request Requirements** +[x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +**Character Limit** +[x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[x] Commit Message per line must not exceed 80 characters (including spaces and special characters). -
+**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
- Created At 2023-10-11 23:35:15 +0000 UTC + Created At 2023-10-13 02:51:09 +0000 UTC
@@ -379,72 +818,43 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- PR #2772 + PR #2787 - build(deps): bump golang.org/x/net from 0.8.0 to 0.17.0 in /weaver/samples/fabric/go-cli + fix(ledger-browser): fix vulnerability CVE-2022-37601
- dependenciesgo + - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
-
-
- + GitHub Security Advisory link to the vulnerability: +https://github.com/hyperledger/cacti/security/dependabot/260 -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.8.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +[skip ci] -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +Signed-off-by: Peter Somogyvari -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +**Pull Request Requirements** ---- +[x] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[x] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[x] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). +**Character Limit** +[x] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[x] Commit Message per line must not exceed 80 characters (including spaces and special characters). -
+**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
- Created At 2023-10-11 23:35:09 +0000 UTC + Created At 2023-10-13 02:09:57 +0000 UTC
@@ -452,72 +862,43 @@ You can disable automated security fix PRs for this repo from the [Security Aler
- PR #2770 + PR #2786 - build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 in /packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/fixtures/go/asset-transfer-private-data/chaincode-go + docs(cactus-test-plugin-ledger-connector-besu): add README.md file
- dependenciesgo + - Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0. -
-Commits -
    -
  • b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
    • -
  • 88194ad go.mod: update golang.org/x dependencies
    • -
  • 2b60a61 quic: fix several bugs in flow control accounting
    • -
  • 73d82ef quic: handle DATA_BLOCKED frames
    • -
  • 5d5a036 quic: handle streams moving from the data queue to the meta queue
    • -
  • 350aad2 quic: correctly extend peer's flow control window after MAX_DATA
    • -
  • 21814e7 quic: validate connection id transport parameters
    • -
  • a600b35 quic: avoid redundant MAX_DATA updates
    • -
  • ea63359 http2: check stream body is present on read timeout
    • -
  • ddd8598 quic: version negotiation
    • -
  • Additional commits viewable in compare view
    • -
-
-
+ Added missing readme file for the test package. It doesn't do much but +it does explain the core concept behind the package and that it is not +something that can/should be used for production deployments. +Fixes #834 -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.7.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) +Signed-off-by: Peter Somogyvari -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. +**Pull Request Requirements** +[ ] Rebased onto `upstream/main` branch and squashed into single commit to help maintainers review it more efficient and to avoid spaghetti git commit graphs that obfuscate which commit did exactly what change, when and, why. +[ ] Have git sign off at the end of commit message to avoid being marked red. You can add `-s` flag when using `git commit` command. You may refer to this [link](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits) for more information. +[ ] Follow the Commit Linting specification. You may refer to this [link](https://www.conventionalcommits.org/en/v1.0.0-beta.4/#specification) for more information. -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) +**Character Limit** +[ ] Pull Request Title and Commit Subject must not exceed 72 characters (including spaces and special characters). +[ ] Commit Message per line must not exceed 80 characters (including spaces and special characters). ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/cacti/network/alerts). - -
+**A Must Read for Beginners** +For rebasing and squashing, here's a [must read guide](https://github.com/servo/servo/wiki/Beginner's-guide-to-rebasing-and-squashing) for beginners.
- Created At 2023-10-11 21:06:33 +0000 UTC + Created At 2023-10-12 23:37:52 +0000 UTC
diff --git a/pull-requests/hyperledger/fabric-admin-sdk.md b/pull-requests/hyperledger/fabric-admin-sdk.md index 46a3d5e67..4e1574b08 100644 --- a/pull-requests/hyperledger/fabric-admin-sdk.md +++ b/pull-requests/hyperledger/fabric-admin-sdk.md @@ -14,11 +14,896 @@ permalink: /pull-requests/hyperledger/fabric-admin-sdk + + + + + +
- PR #144 + PR #154 - try to enable bft support + Bump google.golang.org/grpc from 1.58.3 to 1.59.0 + +
+ dependenciesgo + + Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.59.0. +
+Commits +
    +
  • 7765221 Change version to 1.59.0 (#6695)
    • +
  • e88f12e server: prohibit more than MaxConcurrentStreams handlers from running at once...
    • +
  • be7919c transport: Pass Header metadata to tap handle. (#6652)
    • +
  • e3f1514 Reapply "status: fix/improve status handling (#6662)" (#6673) (#6688)
    • +
  • 696faa9 client: add a test for NewSubConn / StateListener / cc.Close racing (#6678)
    • +
  • 318c717 readme: fix badges (#6687)
    • +
  • 39972fd github: add code coverage with codecov.io (#6676)
    • +
  • 93dbc05 xds: move virtual host matcher test to the xdsresource package (#6680)
    • +
  • 2c00469 github: update actions/setup-go and actions/checkout (#6675)
    • +
  • 1f73ed5 Replace the gRFC pull request with the permanent link. (#6674)
    • +
  • Additional commits viewable in compare view
    • +
+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.58.3&new-version=1.59.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) + + +
+
+
+ Created At 2023-10-18 14:21:59 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #153 + + + Bump google.golang.org/grpc from 1.57.0 to 1.58.3 + +
+ dependenciesgo + + Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.58.3. +
+Release notes +

Sourced from google.golang.org/grpc's releases.

+
+

Release v1.58.3

+

Security

+
    +
  • +

    server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    +

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

    +
    • +
+

Release 1.58.2

+

Bug Fixes

+
    +
  • +

    balancer/weighted_round_robin: fix ticker leak on update

    +

    A new ticker is created every time there is an update of addresses or configuration, but was not properly stopped. This change stops the ticker when it is no longer needed.

    +
    • +
+

Release 1.58.1

+

Bug Fixes

+
    +
  • grpc: fix a bug that was decrementing active RPC count too early for streaming RPCs; leading to channel moving to IDLE even though it had open streams
    • +
  • grpc: fix a bug where transports were not being closed upon channel entering IDLE
    • +
+

Release 1.58.0

+

API Changes

+

See #6472 for details about these changes.

+
    +
  • balancer: add StateListener to NewSubConnOptions for SubConn state updates and deprecate Balancer.UpdateSubConnState (#6481) +
      +
    • UpdateSubConnState will be deleted in the future.
      • +
    +
    • +
  • balancer: add SubConn.Shutdown and deprecate Balancer.RemoveSubConn (#6493) +
      +
    • RemoveSubConn will be deleted in the future.
      • +
    +
    • +
  • resolver: remove deprecated AddressType (#6451) +
      +
    • This was previously used as a signal to enable the "grpclb" load balancing policy, and to pass LB addresses to the policy. Instead, balancer/grpclb/state.Set() should be used to add these addresses to the name resolver's output. The built-in "dns" name resolver already does this.
      • +
    +
    • +
  • resolver: add new field Endpoints to State and deprecate Addresses (#6471) +
      +
    • Addresses will be deleted in the future.
      • +
    +
    • +
+

New Features

+
    +
  • balancer/leastrequest: Add experimental support for least request LB policy and least request configured as a custom xDS policy (#6510, #6517) +
      +
    • Set GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST=true to enable
      • +
    +
    • +
  • stats: Add an RPC event for blocking caused by the LB policy's picker (#6422)
    • +
+

Bug Fixes

+
    +
  • clusterresolver: fix deadlock when dns resolver responds inline with update or error at build time (#6563)
    • +
  • grpc: fix a bug where the channel could erroneously report TRANSIENT_FAILURE when actually moving to IDLE (#6497)
    • +
  • balancergroup: do not cache closed sub-balancers by default; affects rls, weightedtarget and clustermanager LB policies (#6523)
    • +
  • client: fix a bug that prevented detection of RPC status in trailers-only RPC responses when using ClientStream.Header(), and prevented retry of the RPC (#6557)
    • +
+

Performance Improvements

+
    +
  • client & server: Add experimental [With]SharedWriteBuffer to improve performance by reducing allocations when sending RPC messages. (Disabled by default.) (#6309) + +
    • +
+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.57.0&new-version=1.58.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) + + +
+
+
+ Created At 2023-10-16 10:36:24 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #151 + + + Bump github.com/onsi/gomega from 1.27.0 to 1.28.0 + +
+ dependenciesgo + + Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.0 to 1.28.0. +
+Release notes +

Sourced from github.com/onsi/gomega's releases.

+
+

v1.28.0

+

1.28.0

+

Features

+
    +
  • Add VerifyHost handler to ghttp (#698) [0b03b36]
    • +
+

Fixes

+
    +
  • Read Body for Newer Responses in HaveHTTPBodyMatcher (#686) [18d6673]
    • +
+

Maintenance

+
    +
  • Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 (#693) [55a33f3]
    • +
  • Typo in matchers.go (#691) [de68e8f]
    • +
  • Bump commonmarker from 0.23.9 to 0.23.10 in /docs (#690) [ab17f5e]
    • +
  • chore: update test matrix for Go 1.21 (#689) [5069017]
    • +
  • Bump golang.org/x/net from 0.12.0 to 0.14.0 (#688) [babe25f]
    • +
+

v1.27.10

+

1.27.10

+

Fixes

+
    +
  • fix: go 1.21 adding goroutine ID to creator+location (#685) [bdc7803]
    • +
+

v1.27.9

+

1.27.9

+

Fixes

+
    +
  • Prevent nil-dereference in format.Object for boxed nil error (#681) [3b31fc3]
    • +
+

Maintenance

+
    +
  • Bump golang.org/x/net from 0.11.0 to 0.12.0 (#679) [360849b]
    • +
  • chore: use String() instead of fmt.Sprintf (#678) [86f3659]
    • +
  • Bump golang.org/x/net from 0.10.0 to 0.11.0 (#674) [642ead0]
    • +
  • chore: unnecessary use of fmt.Sprintf (#677) [ceb9ca6]
    • +
  • Bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 (#675) [a2087d8]
    • +
  • docs: fix ContainSubstring references (#673) [fc9a89f]
    • +
  • Bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 (#671) [9076019]
    • +
+

v1.27.8

+

1.27.8

+

Fixes

+
    +
  • HaveExactElement should not call FailureMessage if a submatcher returned an error [096f392]
    • +
+

Maintenance

+
    +
  • Bump github.com/onsi/ginkgo/v2 from 2.9.5 to 2.9.7 (#669) [8884bee]
    • +
+

v1.27.7

+

1.27.7

+

Fixes

+ +
+

... (truncated)

+
+
+Changelog +

Sourced from github.com/onsi/gomega's changelog.

+
+

1.28.0

+

Features

+
    +
  • Add VerifyHost handler to ghttp (#698) [0b03b36]
    • +
+

Fixes

+
    +
  • Read Body for Newer Responses in HaveHTTPBodyMatcher (#686) [18d6673]
    • +
+

Maintenance

+
    +
  • Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 (#693) [55a33f3]
    • +
  • Typo in matchers.go (#691) [de68e8f]
    • +
  • Bump commonmarker from 0.23.9 to 0.23.10 in /docs (#690) [ab17f5e]
    • +
  • chore: update test matrix for Go 1.21 (#689) [5069017]
    • +
  • Bump golang.org/x/net from 0.12.0 to 0.14.0 (#688) [babe25f]
    • +
+

1.27.10

+

Fixes

+
    +
  • fix: go 1.21 adding goroutine ID to creator+location (#685) [bdc7803]
    • +
+

1.27.9

+

Fixes

+
    +
  • Prevent nil-dereference in format.Object for boxed nil error (#681) [3b31fc3]
    • +
+

Maintenance

+
    +
  • Bump golang.org/x/net from 0.11.0 to 0.12.0 (#679) [360849b]
    • +
  • chore: use String() instead of fmt.Sprintf (#678) [86f3659]
    • +
  • Bump golang.org/x/net from 0.10.0 to 0.11.0 (#674) [642ead0]
    • +
  • chore: unnecessary use of fmt.Sprintf (#677) [ceb9ca6]
    • +
  • Bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 (#675) [a2087d8]
    • +
  • docs: fix ContainSubstring references (#673) [fc9a89f]
    • +
  • Bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 (#671) [9076019]
    • +
+

1.27.8

+

Fixes

+
    +
  • HaveExactElement should not call FailureMessage if a submatcher returned an error [096f392]
    • +
+

Maintenance

+
    +
  • Bump github.com/onsi/ginkgo/v2 from 2.9.5 to 2.9.7 (#669) [8884bee]
    • +
+

1.27.7

+

Fixes

+
    +
  • fix: gcustom.MakeMatcher accepts nil as actual value (#666) [57054d5]
    • +
+

Maintenance

+
    +
  • update gitignore [05c1bc6]
    • +
  • Bump github.com/onsi/ginkgo/v2 from 2.9.4 to 2.9.5 (#663) [7cadcf6]
    • +
+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/onsi/gomega&package-manager=go_modules&previous-version=1.27.0&new-version=1.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) + + +
+
+
+ Created At 2023-10-16 10:35:50 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #150 + + + Bump github.com/onsi/ginkgo/v2 from 2.8.2 to 2.13.0 + +
+ dependenciesgo + + Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.8.2 to 2.13.0. +
+Release notes +

Sourced from github.com/onsi/ginkgo/v2's releases.

+
+

v2.13.0

+

2.13.0

+

Features

+

Add PreviewSpect() to enable programmatic preview access to the suite report (fixes #1225)

+

v2.12.1

+

2.12.1

+

Fixes

+
    +
  • Print logr prefix if it exists (#1275) [90d4846]
    • +
+

Maintenance

+
    +
  • Bump actions/checkout from 3 to 4 (#1271) [555f543]
    • +
  • Bump golang.org/x/sys from 0.11.0 to 0.12.0 (#1270) [d867b7d]
    • +
+

v2.12.0

+

2.12.0

+

Features

+
    +
  • feat: allow MustPassRepeatedly decorator to be set at suite level (#1266) [05de518]
    • +
+

Fixes

+
    +
  • fix-errors-in-readme (#1244) [27c2f5d]
    • +
+

Maintenance

+

Various chores/dependency bumps.

+

v2.11.0

+

2.11.0

+

In prior versions of Ginkgo specs the CLI filter flags (e.g. --focus, --label-filter) would override any programmatic focus. This behavior has proved surprising and confusing in at least the following ways:

+
    +
  • users cannot combine programmatic filters and CLI filters to more efficiently select subsets of tests
    • +
  • CLI filters can override programmatic focus on CI systems resulting in an exit code of 0 despite the presence of (incorrectly!) committed focused specs.
    • +
+

Going forward Ginkgo will AND all programmatic and CLI filters. Moreover, the presence of any programmatic focused tests will always result in a non-zero exit code.

+

This change is technically a change in Ginkgo's external contract and may require some users to make changes to successfully adopt. Specifically: it's possible some users were intentionally using CLI filters to override programmatic focus. If this is you please open an issue so we can explore solutions to the underlying problem you are trying to solve.

+

Fixes

+
    +
  • Programmatic focus is no longer overwrriten by CLI filters [d6bba86]
    • +
+

Maintenance

+
    +
  • Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#1218) [4a70a38]
    • +
  • Bump golang.org/x/sys from 0.8.0 to 0.9.0 (#1219) [97eda4d]
    • +
+ +
+

... (truncated)

+
+
+Changelog +

Sourced from github.com/onsi/ginkgo/v2's changelog.

+
+

2.13.0

+

Features

+

Add PreviewSpect() to enable programmatic preview access to the suite report (fixes #1225)

+

2.12.1

+

Fixes

+
    +
  • Print logr prefix if it exists (#1275) [90d4846]
    • +
+

Maintenance

+
    +
  • Bump actions/checkout from 3 to 4 (#1271) [555f543]
    • +
  • Bump golang.org/x/sys from 0.11.0 to 0.12.0 (#1270) [d867b7d]
    • +
+

2.12.0

+

Features

+
    +
  • feat: allow MustPassRepeatedly decorator to be set at suite level (#1266) [05de518]
    • +
+

Fixes

+
    +
  • fix-errors-in-readme (#1244) [27c2f5d]
    • +
+

Maintenance

+

Various chores/dependency bumps.

+

2.11.0

+

In prior versions of Ginkgo specs the CLI filter flags (e.g. --focus, --label-filter) would override any programmatic focus. This behavior has proved surprising and confusing in at least the following ways:

+
    +
  • users cannot combine programmatic filters and CLI filters to more efficiently select subsets of tests
    • +
  • CLI filters can override programmatic focus on CI systems resulting in an exit code of 0 despite the presence of (incorrectly!) committed focused specs.
    • +
+

Going forward Ginkgo will AND all programmatic and CLI filters. Moreover, the presence of any programmatic focused tests will always result in a non-zero exit code.

+

This change is technically a change in Ginkgo's external contract and may require some users to make changes to successfully adopt. Specifically: it's possible some users were intentionally using CLI filters to override programmatic focus. If this is you please open an issue so we can explore solutions to the underlying problem you are trying to solve.

+

Fixes

+
    +
  • Programmatic focus is no longer overwrriten by CLI filters [d6bba86]
    • +
+

Maintenance

+
    +
  • Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#1218) [4a70a38]
    • +
  • Bump golang.org/x/sys from 0.8.0 to 0.9.0 (#1219) [97eda4d]
    • +
+

2.10.0

+

Features

+ +
+

... (truncated)

+
+
+Commits +
    +
  • 52065f1 v2.13.0
    • +
  • 2c4ed32 remove errant fmt.Println from integration suite
    • +
  • 6c84b35 Preview now works alongside run and in parallel
    • +
  • e1d0b38 Add PreviewSpecs() to enable programmatic preview access to the suite report
    • +
  • 1d2fb67 v2.12.1
    • +
  • 90d4846 Print logr prefix if it exists (#1275)
    • +
  • 555f543 Bump actions/checkout from 3 to 4 (#1271)
    • +
  • d867b7d Bump golang.org/x/sys from 0.11.0 to 0.12.0 (#1270)
    • +
  • 2d6991a v2.12.0
    • +
  • 05de518 feat: allow MustPassRepeatedly decorator to be set at suite level (#1266)
    • +
  • Additional commits viewable in compare view
    • +
+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/onsi/ginkgo/v2&package-manager=go_modules&previous-version=2.8.2&new-version=2.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) + + +
+
+
+ Created At 2023-10-16 10:35:36 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #149 + + + Bump github.com/hyperledger/fabric-gateway from 1.3.1 to 1.3.2 + +
+ dependenciesgo + + Bumps [github.com/hyperledger/fabric-gateway](https://github.com/hyperledger/fabric-gateway) from 1.3.1 to 1.3.2. +
+Release notes +

Sourced from github.com/hyperledger/fabric-gateway's releases.

+
+

v1.3.2

+

What's Changed

+ +

Full Changelog: https://github.com/hyperledger/fabric-gateway/compare/v1.3.1...v1.3.2

+
+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hyperledger/fabric-gateway&package-manager=go_modules&previous-version=1.3.1&new-version=1.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) + + +
+
+
+ Created At 2023-10-16 10:35:11 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #148 + + + Bump actions/checkout from 3 to 4 + +
+ dependenciesgithub_actions + + Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. +
+Release notes +

Sourced from actions/checkout's releases.

+
+

v4.0.0

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

+

v3.6.0

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

+

v3.5.3

+

What's Changed

+ +

New Contributors

+ +

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

+

v3.5.2

+

What's Changed

+ +

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

+

v3.5.1

+

What's Changed

+ +

New Contributors

+ + +
+

... (truncated)

+
+
+Changelog +

Sourced from actions/checkout's changelog.

+
+

Changelog

+

v4.1.0

+ +

v4.0.0

+ +

v3.6.0

+ +

v3.5.3

+ +

v3.5.2

+ +

v3.5.1

+ +

v3.5.0

+ +

v3.4.0

+ +

v3.3.0

+ +

v3.2.0

+ +

v3.1.0

+ +

v3.0.2

+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) + + +
+
+
+ Created At 2023-10-16 10:33:57 +0000 UTC +
+
+ +
+ + + + @@ -32,7 +917,38 @@ permalink: /pull-requests/hyperledger/fabric-admin-sdk
+ PR #147 + + + CI: add depend bot setting
- Created At 2023-10-03 09:31:37 +0000 UTC + Created At 2023-10-14 13:25:59 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #146 + + + [WIP] 1st attempt for build peer cli + +
+ + + 1st attempt for build peer cli +- peer and osadmin cli folder structure. +- some internal package refine. + +todo: +if the folder structure looks good, then adding for all peer lifecycle command impl and end to end test case. +
+
+ Created At 2023-10-14 12:41:32 +0000 UTC
diff --git a/pull-requests/hyperledger/fabric-ca.md b/pull-requests/hyperledger/fabric-ca.md index df8f2e89d..036d887e1 100644 --- a/pull-requests/hyperledger/fabric-ca.md +++ b/pull-requests/hyperledger/fabric-ca.md @@ -10,6 +10,34 @@ permalink: /pull-requests/hyperledger/fabric-ca # fabric-ca [GitHub](https://github.com/hyperledger/fabric-ca){: .btn .mr-4 } +
+ + + + + + + + + +
+ PR #384 + + + Log expiry overrides + +
+ + + If cert expiry during enrollment gets overridden +due to the CA's own expiry, log a message about the override (rather than a debug message). + +
+
+ Created At 2023-10-19 17:38:57 +0000 UTC +
+
+
diff --git a/pull-requests/hyperledger/fabric-gateway.md b/pull-requests/hyperledger/fabric-gateway.md index 8ef1c14a3..2c39f9e57 100644 --- a/pull-requests/hyperledger/fabric-gateway.md +++ b/pull-requests/hyperledger/fabric-gateway.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/fabric-gateway
@@ -27,94 +27,13 @@ permalink: /pull-requests/hyperledger/fabric-gateway
- PR #644 + PR #646 - Update documentation for v1.4 release + Address uncalled Go vulnerability CVE-2023-39325
- + - Update Go dependencies to avoid detection of uncalled vulnerability. +- Use Go call stack analysis in OSV Scanner.
- Created At 2023-10-06 19:53:42 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #643 - - - Support for Node 20 - -
- - - -
-
- Created At 2023-10-06 19:48:56 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #642 - - - Remove support for Node 16 - -
- - - Node 16 reached [end of life](https://github.com/nodejs/release#end-of-life-releases) on 2023-09-11, and is no longer a supported Node version. - -Closes #614 -
-
- Created At 2023-10-06 19:18:38 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #641 - - - Remove support for Go 1.19 - -
- - - Since the release of Go 1.21 in August 2023, Go 1.19 has not been a supported Go version. - -Closes #615 -
-
- Created At 2023-10-05 23:03:01 +0000 UTC + Created At 2023-10-14 10:18:35 +0000 UTC
diff --git a/pull-requests/hyperledger/fabric.md b/pull-requests/hyperledger/fabric.md index eda585e64..55ff6b76f 100644 --- a/pull-requests/hyperledger/fabric.md +++ b/pull-requests/hyperledger/fabric.md @@ -10,6 +10,32 @@ permalink: /pull-requests/hyperledger/fabric # fabric [GitHub](https://github.com/hyperledger/fabric){: .btn .mr-4 } +
+ + + + + + + + + +
+ PR #4486 + + + Verify hash chain in BFT + +
+ + + +
+
+ Created At 2023-10-19 13:28:11 +0000 UTC +
+
+
diff --git a/pull-requests/hyperledger/firefly-perf-cli.md b/pull-requests/hyperledger/firefly-perf-cli.md index db69074cf..129d993fb 100644 --- a/pull-requests/hyperledger/firefly-perf-cli.md +++ b/pull-requests/hyperledger/firefly-perf-cli.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/firefly-perf-cli
@@ -32,33 +32,7 @@ permalink: /pull-requests/hyperledger/firefly-perf-cli
- PR #70 + PR #71 - Update MAINTAINERS.md and CODEOWNERS + Fix goreleaser job
- Created At 2023-09-13 18:14:09 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #69 - - - Provide a config field for namespace base path - -
- - - Added a field `namespaceBasePath` to customize namespace base path when they are different from `api/v1/namespaces/NN` -
-
- Created At 2023-09-13 14:39:11 +0000 UTC + Created At 2023-10-13 13:17:30 +0000 UTC
diff --git a/pull-requests/hyperledger/firefly-sdk-nodejs.md b/pull-requests/hyperledger/firefly-sdk-nodejs.md index 5afcf4a26..0591c4d82 100644 --- a/pull-requests/hyperledger/firefly-sdk-nodejs.md +++ b/pull-requests/hyperledger/firefly-sdk-nodejs.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/firefly-sdk-nodejs @@ -32,7 +32,33 @@ permalink: /pull-requests/hyperledger/firefly-sdk-nodejs
- PR #79 + PR #83 - Update MAINTAINERS.md and CODEOWNERS + Add manual workflow for updating "latest" on npm
- Created At 2023-09-13 19:18:45 +0000 UTC + Created At 2023-10-16 15:37:12 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #82 + + + Backport fixes from 1.2 to 1.0 + +
+ + + +
+
+ Created At 2023-10-12 20:10:09 +0000 UTC
diff --git a/pull-requests/hyperledger/firefly.md b/pull-requests/hyperledger/firefly.md index d0c000df1..9575ac9a5 100644 --- a/pull-requests/hyperledger/firefly.md +++ b/pull-requests/hyperledger/firefly.md @@ -14,73 +14,171 @@ permalink: /pull-requests/hyperledger/firefly
- PR #1415 + PR #1418 - feature: changes to support upgrade to Fabric v2.5 TLS in Firefly CLI + Enable contract listeners with multiple filters
- + migration_consideration - Updated GO to version 1.20 (Fabric 2.5 compatibility) and Ubuntu as the base instead of Alpine. - - Fixes this Issue: #1414 - - Related to the Firefly CLI change here: #https://github.com/hyperledger/firefly-cli/issues/268 - - E2E test passed: - - --- PASS: TestFabricMultipartyE2ESuite (137.02s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EBroadcast (3.97s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EBroadcastBlob (34.51s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EPrivate (3.74s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EPrivateBlobDatatypeTagged (3.71s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EWebhookExchange (7.61s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EWebhookRequestReplyNoTx (4.78s) - --- PASS: TestFabricMultipartyE2ESuite/TestStrongDatatypesBroadcast (7.58s) - --- PASS: TestFabricMultipartyE2ESuite/TestStrongDatatypesPrivate (7.29s) - --- PASS: TestFabricMultipartyE2ESuite/TestCustomChildIdentityBroadcasts (7.88s) - --- PASS: TestFabricMultipartyE2ESuite/TestCustomChildIdentityPrivate (11.26s) - --- PASS: TestFabricMultipartyE2ESuite/TestInvalidIdentityAlreadyRegistered (9.39s) - --- PASS: TestFabricMultipartyE2ESuite/TestE2EContractEvents (2.69s) -PASS -ok github.com/hyperledger/firefly/test/e2e/runners 137.028s + This PR adds the ability to listen to multiple types of events on the same contract listener, by adding an array of listeners, rather than a single event signature/location per listener. The old way of creating a listener is still accepted by the API, but it will always be returned in the filters array now. **This is a migration concern that needs to be documented.** + +## Open questions +One thing I'm not sure about here, is that this PR as-is removes the uniqueness constraint on listeners by topic/location/signature. It now allows multiples. I'm not sure if this is a problem or not. I can add that constraint back, but it would likely require some more sophisticated DB changes. Which brings me to the next point... + +Right now all the filters for a contract listener get serialized to JSON and stored in a single column. I lated realized this means we lose the ability to query/filter (no pun intended) by signature, location, etc. which we used to do, in order to check for duplicates. I'm not sure if this is required or not, but wanted to call it out. + +## Example + +### Create contract listener request +```json +{ + "filters": [ + { + "interface": { + "id": "aaa0e410-2b5b-4815-a80a-a18f2ae59f7d" + }, + "eventPath": "BatchPin", + "location": { + "address": "0xb0cd60ade460e797e0c9d206290ac4ed45672c60" + } + } + ], + "name": "CustomBatchPin", + "options": { + "firstEvent": "oldest" + }, + "topic": "batch-pin" +} +``` + +### Create contract listener response +```json +{ + "id": "acc0d227-1da4-4d0d-bbe0-0c60f754158f", + "namespace": "default", + "name": "CustomBatchPin", + "backendId": "018b258a-0c2c-07c0-5d59-50583ae91f1e", + "created": "2023-10-12T20:18:06.012167Z", + "filters": [ + { + "event": { + "name": "BatchPin", + "description": "", + "params": [ + { + "name": "author", + "schema": { + "type": "string", + "details": { + "type": "address", + "internalType": "address" + }, + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + }, + { + "name": "timestamp", + "schema": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ], + "details": { + "type": "uint256", + "internalType": "uint256" + }, + "description": "An integer. You are recommended to use a JSON string. A JSON number can be used for values up to the safe maximum." + } + }, + { + "name": "action", + "schema": { + "type": "string", + "details": { + "type": "string", + "internalType": "string" + } + } + }, + { + "name": "uuids", + "schema": { + "type": "string", + "details": { + "type": "bytes32", + "internalType": "bytes32" + }, + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + }, + { + "name": "batchHash", + "schema": { + "type": "string", + "details": { + "type": "bytes32", + "internalType": "bytes32" + }, + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + }, + { + "name": "payloadRef", + "schema": { + "type": "string", + "details": { + "type": "string", + "internalType": "string" + } + } + }, + { + "name": "contexts", + "schema": { + "type": "array", + "details": { + "type": "bytes32[]", + "internalType": "bytes32[]" + }, + "items": { + "type": "string", + "description": "A hex encoded set of bytes, with an optional '0x' prefix" + } + } + } + ] + }, + "location": { + "address": "0xb0cd60ade460e797e0c9d206290ac4ed45672c60" + }, + "interface": { + "id": "aaa0e410-2b5b-4815-a80a-a18f2ae59f7d" + }, + "signature": "BatchPin(address,uint256,string,bytes32,bytes32,string,bytes32[])" + } + ], + "topic": "batch-pin", + "options": { + "firstEvent": "oldest" + } +} +```
- Created At 2023-10-04 11:52:17 +0000 UTC -
- - -
- - - - - - - - - -
- PR #1413 - - - Add docs for AND/OR option - -
- - - See detail in https://github.com/hyperledger/firefly-common/pull/71 -
-
- Created At 2023-10-03 20:42:51 +0000 UTC + Created At 2023-10-12 20:56:15 +0000 UTC
diff --git a/pull-requests/hyperledger/indy-vdr.md b/pull-requests/hyperledger/indy-vdr.md index 651c20296..05660b010 100644 --- a/pull-requests/hyperledger/indy-vdr.md +++ b/pull-requests/hyperledger/indy-vdr.md @@ -14,11 +14,292 @@ permalink: /pull-requests/hyperledger/indy-vdr + + + + + +
- PR #224 + PR #229 - Update to indy-data-types 0.7; remove indy-utils + Bump @babel/traverse from 7.22.10 to 7.23.2 in /wrappers/javascript + +
+ dependenciesjavascript + + Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.10 to 7.23.2. +
+Release notes +

Sourced from @​babel/traverse's releases.

+
+

v7.23.2 (2023-10-11)

+

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

+

Thanks @​jimmydief for your first PR!

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

Committers: 5

+ +

v7.23.1 (2023-09-25)

+

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

+

v7.23.0 (2023-09-25)

+

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript
    • +
+ +
+

... (truncated)

+
+
+Changelog +

Sourced from @​babel/traverse's changelog.

+
+

v7.23.2 (2023-10-11)

+

:bug: Bug Fix

+
    +
  • babel-traverse + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-helpers +
      +
    • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
      • +
    +
    • +
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime + +
    • +
+

v7.23.0 (2023-09-25)

+

:rocket: New Feature

+
    +
  • babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import + +
    • +
  • babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone + +
    • +
  • babel-generator, babel-parser, babel-types + +
    • +
  • babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types + +
    • +
  • babel-standalone + +
    • +
  • babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types + +
    • +
  • babel-helpers, babel-plugin-proposal-decorators + +
    • +
  • babel-traverse, babel-types + +
    • +
  • babel-preset-typescript + +
    • +
  • babel-parser + +
    • +
+

:bug: Bug Fix

+
    +
  • babel-plugin-transform-block-scoping + +
    • +
+

:nail_care: Polish

+
    +
  • babel-traverse + +
    • +
  • babel-plugin-proposal-explicit-resource-management + +
    • +
+

:microscope: Output optimization

+
    +
  • babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env + +
    • +
+

v7.22.20 (2023-09-16)

+ +
+

... (truncated)

+
+
+Commits + +
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@babel/traverse&package-manager=npm_and_yarn&previous-version=7.22.10&new-version=7.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hyperledger/indy-vdr/network/alerts). + +
+
+
+ Created At 2023-10-19 04:34:42 +0000 UTC +
+ + +
+ + + + @@ -27,12 +308,13 @@ permalink: /pull-requests/hyperledger/indy-vdr
+ PR #228 + + + make lerna look for the correct packages
- The functionality of indy-utils has been merged into indy-data-types in 0.7. This update includes the new versions of the ed25519/curve25519-dalek dependencies. + Signed-off-by: Berend Sliedrecht +
- Created At 2023-10-04 19:01:49 +0000 UTC + Created At 2023-10-13 10:01:22 +0000 UTC
diff --git a/pull-requests/hyperledger/iroha-java.md b/pull-requests/hyperledger/iroha-java.md index 9f4ffde62..e3526e23e 100644 --- a/pull-requests/hyperledger/iroha-java.md +++ b/pull-requests/hyperledger/iroha-java.md @@ -36,595 +36,3 @@ permalink: /pull-requests/hyperledger/iroha-java -
- - - - - - - - - -
- PR #381 - - - Bump org.yaml:snakeyaml from 2.0 to 2.2 - -
- dependenciesjava - - Bumps [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) from 2.0 to 2.2. -
-Commits -
    -
  • 313f40a Add mote tests for issue 1065
    • -
  • d236260 Improve test
    • -
  • 9905de1 Issue 1064: use identity in toString() for sequences
    • -
  • e3b3d8f Issue 1064: improve test
    • -
  • 23a21dd Issue 1064: improve node representation
    • -
  • 453196e Merge branch 'master' into issue1065-doc-limit
    • -
  • d07cb52 Add CodeLimitTest
    • -
  • 2b8173a Improve comments
    • -
  • f75151d Merge remote-tracking branch 'origin/master'
    • -
  • 30620b2 Issue 1065: Respect document start token when limiting the document size
    • -
  • Additional commits viewable in compare view
    • -
-
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.yaml:snakeyaml&package-manager=gradle&previous-version=2.0&new-version=2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - - -
-
-
- Created At 2023-10-12 16:34:48 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #380 - - - Bump com.github.docker-java:docker-java from 3.3.0 to 3.3.3 - -
- dependenciesjava - - Bumps [com.github.docker-java:docker-java](https://github.com/docker-java/docker-java) from 3.3.0 to 3.3.3. -
-Release notes -

Sourced from com.github.docker-java:docker-java's releases.

-
-

3.3.3

-

Changes

-
    -
  • updated bouncy castle to bcpkix-jdk18on:1.75 and fix missing reflect config for graalvm @​cmdjulian (#2135)
    • -
-

🐛 Bug Fixes

- -

3.3.2

-

Changes

-

📈 Enhancements

- -

🐛 Bug Fixes

- -

🧰 Maintenance

- -

3.3.1

-

Changes

- -

🧰 Maintenance

- -
-
-
-Commits - -
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.docker-java:docker-java&package-manager=gradle&previous-version=3.3.0&new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - - -
-
-
- Created At 2023-10-12 16:34:43 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #379 - - - Bump org.gradle.toolchains.foojay-resolver-convention from 0.5.0 to 0.7.0 - -
- dependenciesjava - - Bumps org.gradle.toolchains.foojay-resolver-convention from 0.5.0 to 0.7.0. - - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.gradle.toolchains.foojay-resolver-convention&package-manager=gradle&previous-version=0.5.0&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - - -
-
-
- Created At 2023-10-12 16:34:34 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #378 - - - Bump gradle/gradle-build-action from 2.3.3 to 2.9.0 - -
- dependenciesgithub_actions - - Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2.3.3 to 2.9.0. -
-Release notes -

Sourced from gradle/gradle-build-action's releases.

-
-

v2.9.0

-

The GitHub dependency-review-action helps you understand dependency changes (and the security impact of these changes) for a pull request. This release updates the GItHub Dependency Graph support to be compatible with the dependency-review-action.

-

See the documentation for detailed examples.

-

Changelog

-
    -
  • [FIX] Use correct SHA for pull-request events #882
    • -
  • [FIX] Avoid generating dependency graph during cache cleanup #905
    • -
  • [NEW] Improve warning on failure to submit dependency graph
    • -
  • [NEW] Compatibility with GitHub dependency-review-action #879
    • -
-

Full-changelog: https://github.com/gradle/gradle-build-action/compare/v2.8.1...v2.9.0

-

v2.8.1

-

Fixes an issue that prevented Dependency Graph submission when running on GitHub Enterprise Server.

-

Fixes

-
    -
  • Incorrect endpoint used to submit Dependency Graph on GitHub Enterprise #885
    • -
-

Changelog

-

https://github.com/gradle/gradle-build-action/compare/v2.8.0...v2.8.1

-

v2.8.0

-

The v2.8.0 release of the gradle-build-action introduces an easy mechanism to connect to Gradle Enterprise, as well improved support for self-hosted GitHub Actions runners.

-

Automatic injection of Gradle Enterprise connectivity

-

It is now possible to connect a Gradle build to Gradle Enterprise without changing any of the Gradle project sources. This is achieved through Gradle Enterprise injection, where an init-script will apply the Gradle Enterprise plugin and associated configuration.

-

This feature can be useful to easily trial Gradle Enterprise on a project, or to centralize Gradle Enterprise configuration for all GitHub Actions workflows in an organization.

-

See Gradle Enterprise injection in the README for more info.

-

Restore Gradle User Home when directory already exists

-

Previously, the Gradle User Home would not be restored if the directory already exists. This wasn't normally an issue with GitHub-hosted runners, but limited the usefulness of the action for persistent, self-hosted runners.

-

This behaviour has been improved in this release:

- -

Changes

-

Issues fixed: https://github.com/gradle/gradle-build-action/issues?q=milestone%3A2.8.0+is%3Aclosed -Full changelog: https://github.com/gradle/gradle-build-action/compare/v2.7.1...v2.8.0

-

v2.7.1

-

This release contains no code changes, only dependency updates and documentation improvements.

-

Changelog

-

https://github.com/gradle/gradle-build-action/compare/v2.7.0...v2.7.1

- -
-

... (truncated)

-
-
-Commits -
    -
  • 842c587 Merge pull request #911 - Improve dependency review support
    • -
  • 4241e05 Document configuration for dependency-review-action
    • -
  • bfa3c05 Build outputs
    • -
  • c3bdce8 Warn on dependency-graph-submit failure
    • -
  • f92e7c3 Improve compat with dependency-review-action
    • -
  • d1b726d Do not generate dependency graph in cache-cleanup
    • -
  • 6fcc109 Dependency updates (#904)
    • -
  • fde5b4f fix README.md internal references
    • -
  • 324fbdc Update to dep-graph plugin 0.4.1
    • -
  • 5658338 Build outputs
    • -
  • Additional commits viewable in compare view
    • -
-
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/gradle-build-action&package-manager=github_actions&previous-version=2.3.3&new-version=2.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - - -
-
-
- Created At 2023-10-12 16:34:08 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #377 - - - Bump actions/checkout from 3 to 4 - -
- dependenciesgithub_actions - - Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. -
-Release notes -

Sourced from actions/checkout's releases.

-
-

v4.0.0

-

What's Changed

- -

New Contributors

- -

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

-

v3.6.0

-

What's Changed

- -

New Contributors

- -

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

-

v3.5.3

-

What's Changed

- -

New Contributors

- -

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

-

v3.5.2

-

What's Changed

- -

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

-

v3.5.1

-

What's Changed

- -

New Contributors

- - -
-

... (truncated)

-
-
-Changelog -

Sourced from actions/checkout's changelog.

-
-

Changelog

-

v4.1.0

- -

v4.0.0

- -

v3.6.0

- -

v3.5.3

- -

v3.5.2

- -

v3.5.1

- -

v3.5.0

- -

v3.4.0

- -

v3.3.0

- -

v3.2.0

- -

v3.1.0

- -

v3.0.2

- -
-

... (truncated)

-
-
-Commits - -
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - - -
-
-
- Created At 2023-10-12 16:34:03 +0000 UTC -
-
- -
- - - - - - - - - -
- PR #376 - - - [fix]: fix visit transfer asset definition - -
- - - and update validator.wasm -
-
- Created At 2023-10-12 13:24:55 +0000 UTC -
-
- diff --git a/pull-requests/hyperledger/toc.md b/pull-requests/hyperledger/toc.md index ef81d15f8..bec613d98 100644 --- a/pull-requests/hyperledger/toc.md +++ b/pull-requests/hyperledger/toc.md @@ -14,11 +14,11 @@ permalink: /pull-requests/hyperledger/toc @@ -32,7 +32,93 @@ permalink: /pull-requests/hyperledger/toc
- PR #170 + PR #174 - October 5, 2023 Agenda + October 19 2023 Meeting
- Created At 2023-10-03 17:11:09 +0000 UTC + Created At 2023-10-17 19:35:39 +0000 UTC +
+ + +
+ + + + + + + + + +
+ PR #173 + + + Add Caliper 2023 Q3 project status report + +
+ quarterly-report + + +
+
+ Created At 2023-10-16 18:44:37 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #172 + + + 2023 Q4 Report Cacti + +
+ quarterly-report + + docs(project/reports/2023): add Cacti Q4 report + +Signed-off-by: Peter Somogyvari + +--- + +Replaced epoch timestamps with readable dates in contributions' table. + +Signed-off-by: VRamakrishna +
+
+ Created At 2023-10-16 18:29:19 +0000 UTC +
+
+ +
+ + + + + + + + + +
+ PR #171 + + + Add Hyperledger Fabric 2023 Q4 report + +
+ quarterly-report + + Add Hyperledger Fabric 2023 Q4 report. +
+
+ Created At 2023-10-12 20:05:39 +0000 UTC
diff --git a/trending/recent-prs.md b/trending/recent-prs.md index 352403851..48b0376b0 100644 --- a/trending/recent-prs.md +++ b/trending/recent-prs.md @@ -1,13 +1,13 @@ -[762](https://github.com/hyperledger-labs/open-enterprise-agent/pull/762) feat: add new auth params ATL-5771 +[384](https://github.com/hyperledger/fabric-ca/pull/384) Log expiry overrides -[761](https://github.com/hyperledger-labs/open-enterprise-agent/pull/761) test: add tests on keycloak authenticator logic [do not merge] +[135](https://github.com/hyperledger-labs/fabric-operator/pull/135) Fix release build -[737](https://github.com/hyperledger/fabric-private-chaincode/pull/737) Fix fabric-ca upgrade +[546](https://github.com/hyperledger-labs/fabric-operations-console/pull/546) add buttons to delete all components or the wallet -[736](https://github.com/hyperledger/fabric-private-chaincode/pull/736) Update maintainers +[453](https://github.com/hyperledger-labs/private-data-objects/pull/453) A couple random fixes for installer and service startup scripts -[4007](https://github.com/hyperledger/iroha/pull/4007) [feature] #3237: Expose cargo's output in wasm_builder_cli to have build progress information +[173](https://github.com/hyperledger/anoncreds-spec/pull/173) Added non revocation presentation proof holder [See more >>>](https://start-here.hyperledger.org/pull-requests)