Node 20+ is now required. This is the oldest currently support LTS
version of Node.js.
Docker images are moved to Node 22, which is the current LTS release.
Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>
This demonstrates good practice in restricting the chaincode package
versions to those applicable for the specific Fabric (major/minor)
version targeted for deployment.
Also some corrections to the repository README. Particularly referring
to other branches for samples targeted at earlier Fabric versions, since
samples in the main branch may exploit features not available in older
Fabric releases, which can cause confusion for end users.
Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>
* Fix npm problems on asset-transfer-basic/chaincode-typescript
This patch fixes npm problems on
asset-transfer-basic/chaincode-typescript.
- Sync npm-shrinkwrap.json with package.json to fix the npm ci error
- Update the version of TypeScript to avoid the type error on logform
Signed-off-by: Tatsuya Sato <tatsuya.sato.so@hitachi.com>
* Update npm-shrinkwrap.json
Fix dependencies
Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>
---------
Signed-off-by: Tatsuya Sato <tatsuya.sato.so@hitachi.com>
Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>
Co-authored-by: Arnaud J Le Hors <lehors@us.ibm.com>
Rely on the dependencies of @hyperledger/fabric-gateway making these packages transitively available. Having explicit dependency versions in the application can cause type conflicts due to private member changes in the gRPC Client class across versions.
Also fix some missing or incorrect Node types and engines version contraints.
Signed-off-by: Mark S. Lewis <mark_lewis@uk.ibm.com>
npm audit reveals several high and one critical vulnerabilities in the dependencies:
ansi-regex 4.0.0 - 4.1.0
Severity: high
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/nyc/node_modules/ansi-regex
minimist <=1.2.5
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m
fix available via `npm audit fix --force`
Will install mocha@10.0.0, which is a breaking change
node_modules/minimist
node_modules/ts-node/node_modules/minimist
mkdirp 0.4.1 - 0.5.1
Depends on vulnerable versions of minimist
node_modules/mkdirp
mocha 1.21.5 - 6.2.2 || 7.0.0-esm1 - 7.1.0
Depends on vulnerable versions of mkdirp
node_modules/mocha
protobufjs 6.11.0 - 6.11.2
Severity: high
Prototype Pollution in protobufjs - https://github.com/advisories/GHSA-g954-5hwp-pp24
fix available via `npm audit fix`
node_modules/protobufjs
5 vulnerabilities (2 moderate, 2 high, 1 critical)
This change (from running npm audit fix --force) removes all of them:
npm audit
found 0 vulnerabilities
Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>
- Updated the test-network with examples of runnig CCAAS
- Updating the asset transfer basic with how to run chaincode as a service.
Signed-off-by: Matthew B White <whitemat@uk.ibm.com>
The latest version (2.1.2) of sort-keys-recursive adds TypeScript
typing, which includes export default function.
This change has caused the TS2349 type error.
This patch modifies the import form in assetTransfer.ts to fix the error.
Signed-off-by: Tatsuya Sato <tatsuya.sato.so@hitachi.com>
* updated chaincodes for asset-trnsfer-basic in order to show good example on how achieving determinism in json
Signed-off-by: fraVlaca <ocsenarf@outlook.com>
* final fixes for chaincode-java of asset-tranfer-basic
Signed-off-by: fraVlaca <ocsenarf@outlook.com>
* removed extra unused excheptions
Signed-off-by: fraVlaca <ocsenarf@outlook.com>
* corrected indentation of contract in the chancode-javasript of asset-trnsfer-basic
Signed-off-by: fraVlaca <ocsenarf@outlook.com>
* last fixes for chaincode-javascript of asset-transfer-basic
Signed-off-by: fraVlaca <ocsenarf@outlook.com>
* last last fixes for chaincode-javascript of asset-transfer-basic
Signed-off-by: fraVlaca <ocsenarf@outlook.com>
As the Typescript examples are essentially just reiterations
of the same Javascript code, there is no benefit to having
providing examples in both languages. The functional code
was exactly the same in both languages. On the contrary it
meant we widened the surface of maitainence and thus we are
removing due to the limited benefit provided by the example
chaincode and applications.
Signed-off-by: Brett Logan <brett.t.logan@ibm.com>
