2.0.0-alpha.2 (2023-09-27)

Bug Fixes

• besu: testnet web3 version fixed to 1.10.0 (334612d)
• cactus-core-api: address CVE-2021-38192 - GHSA-x4qm-mcjq-v2gf (ff1afa5), closes #2612
• cactus-validator-socketio-indy: upgrade pyjwt to 2.4.0 (59f9f91), closes #2614
• cmd-api-server: fix CVE-2023-36665 protobufjs Prototype Pollution vuln (7bb3957), closes #2682
• connector-fabric: runTransactionV1 Open API validation crash (516dd49)
• ejs critical vulnerability CVE-2022-29078 (2813b75)
• indy-validator: fix package dependencies (a28641a), closes #2596
• plugin-odap-hermes: fix duplicate enum values of OdapMessageType (292d287), closes #2553
• security: crash in HeaderParser in dicer (77fb559)
• security: the CVE-2022-2421 - upgrade socket.io-parser to >=4.2.1 (9172172), closes #2229 #2228
• security: upgrade fabric 2.x deps to 2.2.18 (36988a5), closes #2610
• security: vulnerabilities found in cactus-whitepaper (c56334d), closes #2038
• tessera: updated tessera version error in quorum-all-in-one #2411 (759f305), closes #2240 #2274
• use common conventions: tsconfig.json, package.json (50f5c02), closes #2216
• vscode/devcontainer: unexpected exit stdout /etc/passwd (eb0134b), closes #2404
• weaver-corda: throw error correctly in responder flows (b888a5e)
• webpack: fix broken bundling - cannot find webpack.config.js (794f0b4)

Code Refactoring

• cmd-api-server: clean up configuration parameters #720 (b8e8388)

Features

• besu-test-ledger: send funds to already created address (3a58508), closes #2250
• cacti-cmd-gui-app: add GUI to visualize Fabric, Ethereum blocks (15d9e9d)
• cactus-common: add createRuntimeErrorWithCause() & newRex() (b3a508c), closes #1702
• cactus-core: add GetOpenApiSpecV1EndpointBase<S, P> class (6d68292)
• cactus-plugin-ledger-connector-cdl-socketio: add new connector plugin (aee28fe), closes #2455
• cactus-plugin-ledger-connector-ethereum: add new connector plugin (f8a2131), closes #2534
• cbdc-bridging-app: implementation of CBDC bridging example (ca1b3be), closes #2205
• cmd-api-server: add GetOpenApiSpecV1Endpoint (HTTP GET) (aeebbd4)
• connector-besu: add GetOpenApiSpecV1Endpoint (HTTP GET) (76744f0)
• connector-iroha2: update to the new LTS image as of 28.07.2023 (ccdaa12)
• connector-quorum: add WebsocketProvider options to quorum LP (b7ad571)
• connector-tcs-huawei: add initial version (d8d538d)
• corda asset transfer test workflow added and bug fixes (4b5ee09)
• fabric-test-ledger: add support to enrolling users in different Orgs (b910681), closes #2248
• geth-all-in-one: add ethereum test image and helper class (fb4231f), closes #2577
• openapi: upgrade to 6.3.0 phase1 (a094614), closes #2298
• plugin-htlc-eth-besu: add private HTLCs and forge build & test (aade510)
• plugin-persistence-fabric: add new fabric persistence plugin (47a64ee), closes #2259 #2265
• quorum-connector: add script for checking connection status (d306d21), closes #2309
• quorum: private transaction support (3c944d6)
• weaver-corda: support array of remote views, consequent user flow call (a8e5d54)
• weaver/common: add data view protocol buffer spec & RFCs for Besu (97f17e0)
• weaver: added multiple participants support for data sharing in corda (4e81b92)

BREAKING CHANGES

• cmd-api-server: Removed the keyPairPem parameter from the API server configuration.

2.0.0-alpha.1 (2023-05-19)

Bug Fixes

• ci: multiple bug fixes in weaver deployment workflows (3e6d908)

1.1.3 (2022-12-08)

Bug Fixes

• build: sync-ts-config script needs import assertion of type json (aa936ec), closes #2163
• connector-iroha: fix review comments and smaller issues (b2742e8), closes PR#2048
• odap-plugin: fixes #2198 - two gateways are using the same database (9da24a0)
• plugin-ledger-connector-iroha: running dockerfile locally (f5faaab), closes #1874
• security: vulnerabilities found in test-npm-registry (4bbe012), closes #2061
• test-tooling: substrate test ledger fails if WS_PORT not specified (c668c41), closes #2213

Features

• cmd-socketio-server: support multiple BLP in single server (0f67085), closes #2102 #2030
• connector-iroha: update-iroha-js (74929b1)
• fabric-socketio-connector: sending transactions signed on the client-side (0b34ca3)
• iroha2-ledger: add Iroha V2 test ledger image and setup class (6ff6aac), closes #2138
• monitoring, sync and async requests (47da608), closes #1941

1.1.0 (2022-10-17)

Bug Fixes

• api-server: allow no authorization on socketio endpoints (bf51960), closes #1925
• cactus-example-discounted-asset-trade: enable (12e972e), closes #2145
• cactus-example-electricity-trade: enable tsconfig strict flag an… (f7e726c), closes #2144
• cactus-verifier-client: update supported ledgers in readme (84f3bae)
• custom-checks script from package.json does not work #1809 (dba3331)
• deps: force minimist >=1.2.6 for CVE-2021-44906 (b96806a), closes #1943
• remove skip to pass test case (99cb9a7), closes #1957
• resolve some CodeQL warnings (824f5c8)
• security: address CVE-2017-16138 Fixes: #1776 (9f1d013)
• security: address CVE-2021-23337 (eccef40), closes #1778
• security: address CVE-2021-23358 (ed71f42), closes #1775
• security: address CVE-2022-29244, CVE-2021-39135 (7309f2a), closes #2136
• security: close DDoS vulnerability in eth tx consistenty strategy (64b61a7), closes #2001
• security: ensure node-forge > 1.3.0 for CVE-2022-24772 (38fe287), closes #1947
• security: mitigate Cross-Site Scripting attack (XSS) (2cb68c3)

Code Refactoring

• examples: include sample apps in monorepo build (51ac163)

Features

• add jwt authorization to supply chain example (a4f07f6), closes #1579
• connector-fabric: add GetBlock operation to fabric connectors (00572ed), closes #2124
• connector-iroha: sending transactions signed on the client-side (da94cd6)
• corda4: implement monitoring of state changes (865ec2f), closes #1610
• keychain-aws-sm: bootstrap readme.md (060f351), closes #968
• keychain-azure-kv: complete request handler and endpoints (932df10), closes #1010 #1349
• odap-plugin: addition of client endpoints (cfa8db6)
• odap-plugin: backup gateway implementation (61da528)
• odap-plugin: odap crash recovery first implementation (2e94ef8)
• quorum-connector: implement validator interface on go-quorum-connector (8d36bea), closes #1604
• sawtooth-ledger: add single sawtooth test ledger image (cd4c746), closes #2108 #2030
• secret: remove Validator/Verifier secret keys from repository (59b4af4)
• socketio-server: cross site scripting attack (a5303ed)
• substrate-aio: add ws-port argument (fbb9859)

BREAKING CHANGES

• examples: building discounted-asset-trade app (or any future app that use indy validator) requires Indy SDK to be installed on the build machine.

Closes: 2029

Signed-off-by: Michal Bajer michal.bajer@fujitsu.com

1.1.1 (2022-11-03)

Bug Fixes

• plugin-keychain-vault: hyper upgrade (3062343), closes #2120
• security: vulnerabilities found in besu-all-in-one #2055 (2ce098f)
• tools: ghcr-quorum-multi-party-all-in-one pip install (5809fd8), closes #2183

Features

• cbdc-bridging-app: refactor ODAP plugin implementation (6975fef)
• connector-iroha: add dynamic request params (a1f908f)

1.1.2 (2022-11-11)

Note: Version bump only for package @hyperledger/cactus