epistemophiliac/fabric-samples
1
0
Fork 0
mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-17 07:25:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
fabric-samples/asset-transfer-basic
History
Arnaud J Le Hors 8403da7386 Fix vulnerabilities in typescript chaincode deps 
npm audit reveals several high and one critical vulnerabilities in the dependencies:

ansi-regex  4.0.0 - 4.1.0
Severity: high
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/nyc/node_modules/ansi-regex

minimist  <=1.2.5
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m
fix available via `npm audit fix --force`
Will install mocha@10.0.0, which is a breaking change
node_modules/minimist
node_modules/ts-node/node_modules/minimist
  mkdirp  0.4.1 - 0.5.1
  Depends on vulnerable versions of minimist
  node_modules/mkdirp
    mocha  1.21.5 - 6.2.2 || 7.0.0-esm1 - 7.1.0
    Depends on vulnerable versions of mkdirp
    node_modules/mocha

protobufjs  6.11.0 - 6.11.2
Severity: high
Prototype Pollution in protobufjs - https://github.com/advisories/GHSA-g954-5hwp-pp24
fix available via `npm audit fix`
node_modules/protobufjs

5 vulnerabilities (2 moderate, 2 high, 1 critical)

This change (from running npm audit fix --force) removes all of them:
npm audit
found 0 vulnerabilities

Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>
2022-08-03 12:00:58 -04:00
..
application-gateway-go Update Gateway samples for v1.1 release (#779) 2022-06-30 15:46:32 +01:00
application-gateway-java Update Gateway samples for v1.1 release (#779) 2022-06-30 15:46:32 +01:00
application-gateway-typescript Update Gateway samples for v1.1 release (#779) 2022-06-30 15:46:32 +01:00
application-go fix typo in asset-transfer-basic (#744) 2022-05-18 12:27:08 -04:00
application-java Remove JCenter as a Gradle package repository (#589) 2022-01-26 16:29:09 -05:00
application-javascript * Made consistent lint command (#495) 2021-10-06 13:33:29 +01:00
application-typescript Update Javascript and Typescript Deps (#403) 2021-01-13 12:19:31 -05:00
application-typescript-hsm New HSM Typescript Sample (#455) 2021-07-06 11:48:34 +01:00
chaincode-external More Gateway asset-transfer-basic tweaks to support docs (#556) 2021-12-10 08:51:21 +00:00
chaincode-go fix typo in asset-transfer-basic (#744) 2022-05-18 12:27:08 -04:00
chaincode-java Provide clear guidance for debugging Java chaincode as a service #684 (#724) 2022-04-26 15:33:14 +01:00
chaincode-javascript fix chaincode breakage in asset-transfer-basic (#694) 2022-03-31 08:38:05 +01:00
chaincode-typescript Fix vulnerabilities in typescript chaincode deps 2022-08-03 12:00:58 -04:00
rest-api-typescript Bump protobufjs in /asset-transfer-basic/rest-api-typescript (#755) 2022-06-21 18:13:38 -04:00
.gitignore Adding NodeJS app for asset-transfer-basic sample. (#206) 2020-06-30 15:36:47 -04:00
README.md Add README to asset-transfer-basic sample (#638) 2022-02-10 13:52:46 +00:00

README.md

Asset transfer basic sample

The asset transfer basic sample demonstrates:

  • Connecting a client application to a Fabric blockchain network.
  • Submitting smart contract transactions to update ledger state.
  • Evaluating smart contract transactions to query ledger state.
  • Handling errors in transaction invocation.

About the sample

This sample includes smart contract and application code in multiple languages. This sample shows create, read, update, transfer and delete of an asset.

For a more detailed walk-through of the application code and client API usage, refer to the Running a Fabric Application tutorial in the main Hyperledger Fabric documentation.

Application

Follow the execution flow in the client application code, and corresponding output on running the application. Pay attention to the sequence of:

  • Transaction invocations (console output like "--> Submit Transaction" and "--> Evaluate Transaction").
  • Results returned by transactions (console output like "*** Result").

Smart Contract

The smart contract (in folder chaincode-xyz) implements the following functions to support the application:

  • CreateAsset
  • ReadAsset
  • UpdateAsset
  • DeleteAsset
  • TransferAsset

Note that the asset transfer implemented by the smart contract is a simplified scenario, without ownership validation, meant only to demonstrate how to invoke transactions.

Running the sample

The Fabric test network is used to deploy and run this sample. Follow these steps in order:

  1. Create the test network and a channel (from the test-network folder).

    ./network.sh up createChannel -c mychannel -ca

  2. Deploy one of the smart contract implementations (from the test-network folder).

    # To deploy the TypeScript chaincode implementation
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-typescript/ -ccl typescript

# To deploy the Go chaincode implementation
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go/ -ccl go

# To deploy the Java chaincode implementation
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-java/ -ccl java

  3. Run the application (from the asset-transfer-basic folder).

    # To run the Typescript sample application
cd application-gateway-typescript
npm install
npm start

# To run the Go sample application
cd application-gateway-go
go run .

# To run the Java sample application
cd application-gateway-java
./gradlew run

Clean up

When you are finished, you can bring down the test network (from the test-network folder). The command will remove all the nodes of the test network, and delete any ledger data that you created.

./network.sh down