Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
digitalproperty-network
Advanced tools
Defines a business network where house sellers can list their properties for sale.
Note that this network references the digital property model, via an npm dependency declared in package.json:
"dependencies": {
"digitalproperty-model": "latest"
}
This allows the model to be shared across different types of business networks, and allows the model to have a lifecycle that is independent of the business network.
It is expected that this npm module would be associated with a CI pipeline and tracked as source code in something like GitHub Enterpise. The CI pipeline this would be able to run functional validation on the whole definition, and also be able to published the module to an NPM repository. This allows sharing of the module etc.
For a production or QA runtime there are administrative steps (deploy, update, remove etc.) that are performed using this Business Network Definition on a running Hyperledger Fabric. The lifecycle at it's simplest is deploy a network definition, update a network definition and (potentially) remove the network definition. These actions are performed using the Business Network Archive - which is a single file that encapsulates all aspects of the Business Network Definition. It is the 'deployable unit'.
Step1: Create a npm module
npm init
The important aspects of this are the name, version and description. The only dependancy that will be required is the NPM module that contains the model - see step 2.
Step2: Create the transaction functions
We need to create a standard JavaScript file to contain the transaction functions
\git\DigitialProperty-Model > touch lib/DigitalLandTitle.js
In this example the following is the implementation of the registeryPropertyForSale
transaction
'use strict';
/**
* Process a property that is held for sale
* @param {net.biz.digitalPropertyNetwork.RegisterPropertyForSale} propertyForSale the property to be sold
* @transaction
*/
function onRegisterPropertyForSale(propertyForSale) {
console.log('### onRegisterPropertyForSale ' + propertyForSale.toString());
propertyForSale.title.forSale = true;
return getAssetRegistry('net.biz.digitalPropertyNetwork.LandTitle').then(function(result) {
return result.update(propertyForSale.title);
}
);
}
FUTURE
Create a file to hold the permissions access control inforation - create a permissions.acl
file
Once we have the network complete we can create a business network definition arhive. This is the unit will actually be deloyable to the HyperLedger Fabric.
There is a composer archive
command that can be used to create and inspect these archives. The composer network
command is then used to administer the business network archive on the Hyperledger Fabric.
The composer archive create
command is used to create the archive. The --archiveFile
option is used to specify the name of the archive file to create. If this is not specified then a default name will be used that is based on the identifier of the business network (sanitized to be suitable as a filename). For example @ibm_digitalPropertyNetwork-0.1.2.bna
.
Please refer to the docs for composer archive create
for more options.
composer archive create --archiveFile digitialLandTitle.bna --inputDir . --sourceType dir --sourceName DigitalLandTitle
Once you have this archive it can then be deployed to the HLF (which will assuming is all running for the moment)
composer network deploy --archiveFile DigitalLandTitle.zip --enrollId WebAppAdmin --enrollSecret DJY27pEnl16d
FAQs
Digital Property Network
The npm package digitalproperty-network receives a total of 0 weekly downloads. As such, digitalproperty-network popularity was classified as not popular.
We found that digitalproperty-network demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.