@hyperledger/cactus-common - npm Package Versions

1.1.3 (2022-12-08)

Bug Fixes

• build: sync-ts-config script needs import assertion of type json (aa936ec), closes #2163
• connector-iroha: fix review comments and smaller issues (b2742e8), closes PR#2048
• odap-plugin: fixes #2198 - two gateways are using the same database (9da24a0)
• plugin-ledger-connector-iroha: running dockerfile locally (f5faaab), closes #1874
• security: vulnerabilities found in test-npm-registry (4bbe012), closes #2061
• test-tooling: substrate test ledger fails if WS_PORT not specified (c668c41), closes #2213

Features

• cmd-socketio-server: support multiple BLP in single server (0f67085), closes #2102 #2030
• connector-iroha: update-iroha-js (74929b1)
• fabric-socketio-connector: sending transactions signed on the client-side (0b34ca3)
• iroha2-ledger: add Iroha V2 test ledger image and setup class (6ff6aac), closes #2138
• monitoring, sync and async requests (47da608), closes #1941

1.1.0 (2022-10-17)

Bug Fixes

• api-server: allow no authorization on socketio endpoints (bf51960), closes #1925
• cactus-example-discounted-asset-trade: enable (12e972e), closes #2145
• cactus-example-electricity-trade: enable tsconfig strict flag an… (f7e726c), closes #2144
• cactus-verifier-client: update supported ledgers in readme (84f3bae)
• custom-checks script from package.json does not work #1809 (dba3331)
• deps: force minimist >=1.2.6 for CVE-2021-44906 (b96806a), closes #1943
• remove skip to pass test case (99cb9a7), closes #1957
• resolve some CodeQL warnings (824f5c8)
• security: address CVE-2017-16138 Fixes: #1776 (9f1d013)
• security: address CVE-2021-23337 (eccef40), closes #1778
• security: address CVE-2021-23358 (ed71f42), closes #1775
• security: address CVE-2022-29244, CVE-2021-39135 (7309f2a), closes #2136
• security: close DDoS vulnerability in eth tx consistenty strategy (64b61a7), closes #2001
• security: ensure node-forge > 1.3.0 for CVE-2022-24772 (38fe287), closes #1947
• security: mitigate Cross-Site Scripting attack (XSS) (2cb68c3)

Code Refactoring

• examples: include sample apps in monorepo build (51ac163)

Features

• add jwt authorization to supply chain example (a4f07f6), closes #1579
• connector-fabric: add GetBlock operation to fabric connectors (00572ed), closes #2124
• connector-iroha: sending transactions signed on the client-side (da94cd6)
• corda4: implement monitoring of state changes (865ec2f), closes #1610
• keychain-aws-sm: bootstrap readme.md (060f351), closes #968
• keychain-azure-kv: complete request handler and endpoints (932df10), closes #1010 #1349
• odap-plugin: addition of client endpoints (cfa8db6)
• odap-plugin: backup gateway implementation (61da528)
• odap-plugin: odap crash recovery first implementation (2e94ef8)
• quorum-connector: implement validator interface on go-quorum-connector (8d36bea), closes #1604
• sawtooth-ledger: add single sawtooth test ledger image (cd4c746), closes #2108 #2030
• secret: remove Validator/Verifier secret keys from repository (59b4af4)
• socketio-server: cross site scripting attack (a5303ed)
• substrate-aio: add ws-port argument (fbb9859)

BREAKING CHANGES

• examples: building discounted-asset-trade app (or any future app that use indy validator) requires Indy SDK to be installed on the build machine.

Closes: 2029

Signed-off-by: Michal Bajer michal.bajer@fujitsu.com

1.1.1 (2022-11-03)

Bug Fixes

• plugin-keychain-vault: hyper upgrade (3062343), closes #2120
• security: vulnerabilities found in besu-all-in-one #2055 (2ce098f)
• tools: ghcr-quorum-multi-party-all-in-one pip install (5809fd8), closes #2183

Features

• cbdc-bridging-app: refactor ODAP plugin implementation (6975fef)
• connector-iroha: add dynamic request params (a1f908f)

1.1.2 (2022-11-11)

Note: Version bump only for package @hyperledger/cactus

1.0.0 (2022-03-16)

Bug Fixes

• 1852: slow breakpoints (ff02ba1), closes #1852
• add optional auth token to api-client and consortium-manual (c2feebf), closes #1579
• cmd-api-server: add express static rate limiting (190cf12), closes #1840
• cmd-api-server: disable validateKeyPairMatch (7deaa22)
• cmd-api-server: upgrade socket.io - CVE-2022-21676 (8e1c69e), closes #1914
• config-service validator throws warnings (877dcab)
• connector-besu/quorum/xdai: unvalidated dynamic method call (bdc1aba), closes #1911
• connector-fabric: uncontrolled data used in path expression (ef0981d), closes #1909
• deps: ensure glob-parent is above 5.1.2 - CVE-2020-28469 (23ded0f), closes #1916
• fix faulty shutdownHook definition in the Config-Schema (fbae2da), closes #1648
• plugin-ledger-connector-fabric-socketio: upgrade Fabric due to jsrsasign (a9ecb19), closes #1754 #1799
• plugin-odap-hermes: remove extraneous dependencies (87af023), closes #1641
• remove jade dependencies (f4ce09e), closes #1662
• reset script from package.json does not work #1656 (c74e002)
• security: address CVE-2019-5413 (212b770), closes #1777
• security: address CVE-2021-23358 - TEMPORARY fix (2fdee4f), closes #1775
• security: ensure ansi-html > 0.0.8 - CVE-2021-23424 (e3e2d1c), closes #1920
• security: force lodash > 4.17.20 - CVE-2020-8203 (08ace66), closes #1918
• security: upgrade to yarn > 1.22.0 - CVE-2019-10773, CVE-2020-8131 (43d591d), closes #1922
• security: upgrade web3 to upgrade elliptic > 6.5.4 (5513848), closes #1639
• set apiServerOptions.configFile="" (5c5a1e1), closes #1619
• shutdown hook configuration is using wrong config key (e760e04), closes #1619

Features

• cactus-api-client: add support for plain socketio validators in api-server and api-client (634b10e), closes #1602 #1602
• cactus-api-client: common verifier-factory (2f70a64), closes #1878
• connector-corda: enable Flow Database Access CorDapp (60dfe1a), closes #1493
• connector-corda: read privateKey from filesystem (e7e39fd), closes #789
• connector-xdai: remove hard dependency on keychain (da793c5), closes #1162
• core-api: add weaver protobuf codegen #1556 (b5b68a7)

1.0.0-rc.3 (2021-12-07)

Bug Fixes

• added a dummy package (e1e8aee), closes #1210
• cmd-api-server: build occasionally broken - protoc-gen-ts #1563 (c2ecba5)
• cmd-api-server: cockpit off by default #1239 (10344b5)
• connector-corda: add script to remove files before generate them (58d1ce9), closes #1559
• connector-fabric: chain code deployment fails >1 scp concurrency (71c9063), closes #1570
• connector-quorum: transaction with different credentials #1098 (af6c240)
• deps: sibling package dependencies keychain-memory 0.6.0 #1532 (d01d72d)
• endpoints implementation in corda plugin (21a22b5), closes #1346
• fixes 1445 and implementing correct interface types (9022064), closes #1445
• openapi validation for corda server endpoints (21fc5ba)
• openapi validation for keychain-aws-sm plugin (b270d28), closes #847
• security: remedy CVE-2021-3749 (b33aa90), closes #1569
• security: upgrade fabric-common to 2.2.10 or later (45c4a69), closes #1600
• supply-chain-app: enable cockpit in supply-chain (4a65b96), closes #1622
• tools: fix the names of scripts on README (93360e1)

Features

• core-api: add weaver protocol buffer definitions #1523 (851c071)
• docs: upated maintainers list (b5c94dc)
• example: make cartrade support more environments (e7e0402)
• odap: first implemenation for odap plugin and endpoints (51bf753)
• test-tooling: embed couch-db image in the faio (95d956d)
• test-tooling: env injenction for Besu, Fabric, Quorum AIOs (bb0352d), closes #1580
• test-tooling: faio features and improvements (794e8b8)

1.0.0-rc.2 (2021-11-01)

Bug Fixes

• fixes issue 1444 invoking the onPluginInit (0b4dc2e), closes #1444
• lint: fix issue #1359 (f7eb39b)
• lint: fix issue #1359 (d067df2)
• openapi validation for keychain-google-sm plugin (45f8c7c), closes #847

Features

• allows for constructor args in quorum contract deploy (cb3c8d8), closes #962
• common: add Strings#isNonBlank() (8d7d247)
• connector-fabric: support for FabricSigningCredentialType.WsX509 (50e666f)
• htlc-coordinator: new htlc coordinator (28c97d3), closes #953
• option to enable a graceful shutdown via cli (c345cb0)
• plugin-keychain-memory-wasm: add WebAssmebly PoC (df94397), closes #1281