fabric-samples

epistemophiliac/fabric-samples

Fork 0

mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-17 15:35:09 +00:00

Commit graph

Author	SHA1	Message	Date
Arnaud J Le Hors	8403da7386	Fix vulnerabilities in typescript chaincode deps npm audit reveals several high and one critical vulnerabilities in the dependencies: ansi-regex 4.0.0 - 4.1.0 Severity: high Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw fix available via `npm audit fix` node_modules/nyc/node_modules/ansi-regex minimist <=1.2.5 Severity: critical Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via `npm audit fix --force` Will install mocha@10.0.0, which is a breaking change node_modules/minimist node_modules/ts-node/node_modules/minimist mkdirp 0.4.1 - 0.5.1 Depends on vulnerable versions of minimist node_modules/mkdirp mocha 1.21.5 - 6.2.2 \|\| 7.0.0-esm1 - 7.1.0 Depends on vulnerable versions of mkdirp node_modules/mocha protobufjs 6.11.0 - 6.11.2 Severity: high Prototype Pollution in protobufjs - https://github.com/advisories/GHSA-g954-5hwp-pp24 fix available via `npm audit fix` node_modules/protobufjs 5 vulnerabilities (2 moderate, 2 high, 1 critical) This change (from running npm audit fix --force) removes all of them: npm audit found 0 vulnerabilities Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>	2022-08-03 12:00:58 -04:00
Matthew B White	96623f1bd5	Adding examples of CCAAS and support into the test-network (#560 ) - Updated the test-network with examples of runnig CCAAS - Updating the asset transfer basic with how to run chaincode as a service. Signed-off-by: Matthew B White <whitemat@uk.ibm.com>	2021-12-17 13:18:22 +00:00

Author

SHA1

Message

Date

Arnaud J Le Hors

8403da7386

Fix vulnerabilities in typescript chaincode deps

npm audit reveals several high and one critical vulnerabilities in the dependencies:

ansi-regex  4.0.0 - 4.1.0
Severity: high
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/nyc/node_modules/ansi-regex

minimist  <=1.2.5
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m
fix available via `npm audit fix --force`
Will install mocha@10.0.0, which is a breaking change
node_modules/minimist
node_modules/ts-node/node_modules/minimist
  mkdirp  0.4.1 - 0.5.1
  Depends on vulnerable versions of minimist
  node_modules/mkdirp
    mocha  1.21.5 - 6.2.2 || 7.0.0-esm1 - 7.1.0
    Depends on vulnerable versions of mkdirp
    node_modules/mocha

protobufjs  6.11.0 - 6.11.2
Severity: high
Prototype Pollution in protobufjs - https://github.com/advisories/GHSA-g954-5hwp-pp24
fix available via `npm audit fix`
node_modules/protobufjs

5 vulnerabilities (2 moderate, 2 high, 1 critical)

This change (from running npm audit fix --force) removes all of them:
npm audit
found 0 vulnerabilities

Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>

2022-08-03 12:00:58 -04:00

Matthew B White

96623f1bd5

Adding examples of CCAAS and support into the test-network (#560 )

- Updated the test-network with examples of runnig CCAAS
- Updating the asset transfer basic with how to run chaincode as a service.

Signed-off-by: Matthew B White <whitemat@uk.ibm.com>

2021-12-17 13:18:22 +00:00

2 commits