v2.0.0-rc.5 - GO Weaver Protos - Sep 30, 2024

• Go Module: github.com/hyperledger/cacti/weaver/common/protos-go
• Release: v2.0.0-rc.5
• Readme: Here.
• Source: Here

v2.0.0-rc.4

2.0.0-rc.4 (2024-09-08)

Bug Fixes

• ci: updated permissioning and versioning in GitHub Actions (cd71082)
• relay: curl openssl added -L; upgrade openssl from 1.1.1 to 3.0.14 (935e4b8)
• security: address CVE-2022-3517 - minimatch < 3.0.5 ReDoS vuln (e97e27b)
• security: address CVE-2024-39338 SSRF in axios >= 1.3.2, <= 1.7.3 (7e7bb44)

Features

• connector-daml: aio image (141ee24)
• consortium-static: new consortium plugin (db3475f)
• corda: support 5.1 via TS/HTTP (no JVM) (ec9683d), closes #2978 #3293
• core-api: add createIsJwsGeneralTypeGuard, createAjvTypeGuard (957da7c), closes /github.com/hyperledger/cacti/pull/3471#discussion_r1731894747
• go-ethereum-socketio: remove deprecated connector (56dd9f8), closes #3155
• ledger-browser: implement dynamic app setup (0e368de), closes #3347
• ledger-browser: refactor home page (500ac9b), closes #3320
• ledger-browser: rewrite fabric application (ecf074c), closes #3308 #3279
• persistence-ethereum: add sample setup scripts, improve documentation (ed915cf)
• persistence-ethereum: migrate to separate db schema (b160c52), closes #3340
• persistence-fabric: add sample setup scripts, improve documentation (9fef336)
• tcs-huawei-socketio: remove deprecated connector (053224f), closes #3155 #3155
• weaver: upgrade to corda 4.12 and jvm 17 (edde6c6)

v2.0.0-rc.4 - GO Fabric Weaver SDK - Sep 09, 2024

• Go Module: github.com/hyperledger/cacti/weaver/sdks/fabric/go-sdk
• Release: v2.0.0-rc.4
• Readme: Here.
• Source: Here

v2.0.0-rc.4 - GO Fabric Utils Library for Interoperation - Sep 09, 2024

• Go Module: github.com/hyperledger/cacti/weaver/core/network/fabric-interop-cc/libs/utils
• Release: v2.0.0-rc.4
• Readme: Here.
• Source: Here

v2.0.0-rc.4 - GO Fabric Library for Asset Exchange - Sep 09, 2024

• Go Module: github.com/hyperledger/cacti/weaver/core/network/fabric-interop-cc/libs/assetexchange
• Release: v2.0.0-rc.4
• Readme: Here.
• Source: Here

v2.0.0-rc.4 - GO Fabric Asset Management Interface - Sep 09, 2024

• Go Module: github.com/hyperledger/cacti/weaver/core/network/fabric-interop-cc/interfaces/asset-mgmt
• Release: v2.0.0-rc.4
• Readme: Here.
• Source: Here

v2.0.0-rc.4 - GO Fabric Interop Chaincode - Sep 09, 2024

• Go Module: github.com/hyperledger/cacti/weaver/core/network/fabric-interop-cc/contracts/interop
• Release: v2.0.0-rc.4
• Readme: Here.
• Source: Here

v2.0.0-rc.4 - GO Weaver Protos - Sep 09, 2024

• Go Module: github.com/hyperledger/cacti/weaver/common/protos-go
• Release: v2.0.0-rc.4
• Readme: Here.
• Source: Here

v2.0.0-rc.3

2.0.0-rc.3 (2024-07-21)

Bug Fixes

• address CVE-2022-24434, GHSA-wm7h-9275-46v2 caused by dicer (6ff8111)
• ci: deprecationWarning in yarn_custom_checks (96a3865)
• cmd-api-server: use ncc bundle in container image - CVE-2024-29415 (9eefa66)
• connector-fabric: decode blocks in getTransactionReceiptByTxID() (1bdc35d)
• connector-polkadot: use dynamic import calls for ESM dependencies (76adf12), closes #3077
• the CVEs of braces nth-check vite webpack-dev-middleware - 2024-07 (4253d3f)

Build System

• bump [email protected] [email protected] @bufbuild/[email protected] (9970352)

Code Refactoring

• retire connector plugin specific container images, fix docs (24b5888)

Features

• besu: remove hard dependency on keychain (f5b60b4), closes #963
• bungee-hermes: ability to use connectors without instanciating APIs (6a71ddf)
• connector-corda: add vaultQueryV1 REST API operation + endpoint (d2bf145)
• connector-corda: support JVM 17 Cordapps (1994128)
• fabric-connector: add getChainInfo, improve getBlock output (8c030ae)
• persistence-fabric: rewrite the plugin (c867a9f), closes #3298

Performance Improvements

• ci: only publish artifacts on git version tags of main (66e3139)

BREAKING CHANGES

• Container images are being deleted here and will also
  get deleted from GHCR. Though the public APIs of the Typescript code
  do not change, still, some parts of the documentation will become invalid
  until we update it to match the changes here.
  I invested a large amount of effort into doing this documentation update
  as part of this change but it is very likely that I've missed a few spots
  and therefore it is best to mark this as a breaking change in my opinion
  to call attention to the fact that we still have ways to go with updating
  the documentation around these container images.

1. Deleted all the container images that were just wrappers around the
   cmd-api-server container image installing their own npm package from
   the registry.
   The reason for this is that they ended up just being maintenance burden
   since we can achieve the exact same things just by re-using the API server's
   container image directly.
2. This way we don't have to deal with CVEs in 10x container images when
   it's really just the one container image that we use as the base that needs
   to deal with them anyway.
3. I also spent quite a bit of effort in this change to update the README.md
   files of the packages where previously we had plugin specific container images
   defined so that the README.md files have the tutorials that are more up to
   date compared to how they were (most of them had the tutorials completely
   broken for a long while which was causing a lot of difficulties to the
   newcomers who were trying to work with the packages).
4. The reason why they got so out of date traces back to the undue maintenance
   burden of keeping separate images for each connector plugin. We hope that
   with this simplification we can keep the documentation continuously up to
   date since it will require less time do so.
5. Also deleted the ci.yaml container building jobs which were relevant to
   the scope of this change so that we also save on CI resources, another
   long-running project that's been in need of some attention from the maintainers.

Signed-off-by: Peter Somogyvari [email protected]

• Renamed classes to fix typos in their name: PluginFactoryPersistanceFabric
  This is being done in this pull request because for some reason (that I still don't understand)
  the spell checker started failing on these only in the context of this pull request.
  The typos were present on the main branch already somehow having passed spellchecking earlier
  and every other time since then.

And also

• [email protected]
• [email protected]
• [email protected]
• [email protected]

Quality of life improvements and also hoping to get rid of a few of the
vulnerable dependency versions we have in the codebase according to
dependabot.

More similar changes are coming in with further upgrades but I want to
avoid making bigger changes in one go so that it's easier to hunt down
bugs later if something only gets discovered after we've merged a bunch
of these.

Signed-off-by: Peter Somogyvari [email protected]

• fabric-connector: It accepts type instead of skipDecode flag.

• Move common block formatting logic to cacti-block-formatters.ts.
• Add tests for new features. Move test common to quering qscc to single file
  to increase CI speed.

Signed-off-by: Michal Bajer [email protected]

v2.0.0-rc.3 - GO Fabric Weaver SDK - Jul 24, 2024

• Go Module: github.com/hyperledger/cacti/weaver/sdks/fabric/go-sdk
• Release: v2.0.0-rc.3
• Readme: Here.
• Source: Here