Skip to content

Releases: hyperledger-labs/blockchain-explorer

Release 2.0

05 Sep 14:40
Compare
Choose a tag to compare

New Features

  • Health status of peers
    • BE-340 Display health status of peers and orderers - FrontEnd (#342)
    • BE-331 Display health status of peers and orderers- Backend (#337)
  • Search by block number, txn id, blockrange
    • Add Frontend blocks view pagination and block range search (#371)
    • Added search functonality to dashboard so user can search with Txn hash/Block no from there itself (#357)
    • BE 334 fetch data by block number, block range and transaction id - Backend (#338)
  • Display chaincode metadata
    • chaincode metadata changes added (#383)
    • Frontend- Display chaincode metadata in chaincodes tab (#368)
  • Move container images from dockerhub to ghcr
    • move to ghcr registry (#382)
  • Migrate CI to github actions
    • added github ci (#339)

Bug Fixes and Updates

  • updated docker-compose files with ghcr images (#438)
  • updated node version in ci files (#437)
  • BE-433 | Fix package related breaking issues (#434)
  • BE431 | Fix-Test-case Failing (#432)
  • Release v2.0.0 (#430)
  • BE-422 | UI Responsiveness and Misc (#427)
  • update swagger.json (#424)
  • BE-420 | Ledger Height and Peers Status is not updating w.r.t multiple channels (#421)
  • Integrate SonarCloud (#419)
  • BE-417 | resolve sigint bad trap and unexpected error (#418)
  • BE-415 | remove duplicate peerStatus api call (#416)
  • BE-406 | send channelhash to metadata api (#412)
  • Backend- Improper updation of Txn Count and Chaincodes list (#411)
  • Display correct chaincode metadata fix in the backend (#410)
  • Blocks pagination query fix in the backend (#407)
  • BE-399 | Show transaction details for the first Config type transaction (#403)
  • fix incorrect default password on README.md (#402)
  • bugFixes for the release (#398)
  • updates for dashboard UI responsiveness for cards and pie chart (#391)
  • Updated run_e2e_test.sh (#380)
  • Backend - Pagination implementation for Blocks Tab (#378)
  • Chaincode count on Dashboard is incorrect (#377)
  • Add validations to search functionality blockId and blockRange (#376)
  • Empty org is being displayed while fetching the list of orgs (#374)
  • Update Dockerfile (#370)
  • Update MAINTAINERS.md (#366)
  • maintainers contact (#363)
  • BE-346-Added Pagination for Transaction view - Backend (#351)
  • added pagination for transactions view frontend (#350)
  • fix failing unit test cases (#349)
  • BE-340 Display health status of peers and orderers - FrontEnd (#342)
  • update CODEOWNERS (#330)
  • added github issue form (#325)
  • Disable Sonar cloud on PRs

Known Vulnerabilities

package-lock.json


ejs  <3.1.7
Severity: critical
ejs template injection vulnerability - https://github.com/advisories/GHSA-phwq-j96m-2c2q
fix available via `npm audit fix --force`

client/package-lock.json


ejs  <3.1.7
Severity: critical
ejs template injection vulnerability - https://github.com/advisories/GHSA-phwq-j96m-2c2q
fix available via `npm audit fix --force`

flat  <5.0.1
Severity: critical
flat vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-2j2x-2gpw-g8fm
fix available via `npm audit fix --force`

immer  <=9.0.5
Severity: critical
Prototype Pollution in immer - https://github.com/advisories/GHSA-c36v-fmgq-m8hx
Prototype Pollution in immer - https://github.com/advisories/GHSA-33f9-j839-rf8h
fix available via `npm audit fix`

loader-utils  2.0.0 - 2.0.3
Severity: critical
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable - https://github.com/advisories/GHSA-3rfm-jhwj-7488
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) - https://github.com/advisories/GHSA-hhq3-ff78-jv3g
Prototype pollution in webpack loader-utils - https://github.com/advisories/GHSA-76p3-8jx3-jpfq
fix available via `npm audit fix`

shell-quote  <=1.7.2
Severity: critical
Improper Neutralization of Special Elements used in a Command in Shell-quote - https://github.com/advisories/GHSA-g4rg-993r-mgx7
fix available via `npm audit fix`

Bug fixes

16 Aug 14:15
fedbe43
Compare
Choose a tag to compare

New Features

  • None

Bug Fixes and Updates

  • BE-880 Fix incorrect multi-process logging (#260)
  • docs: add code snippet for admin cert modification (#257) (#258)

Known Vulnerabilities

package-lock.json


jsrsasign  <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
  fabric-ca-client  *
  Depends on vulnerable versions of fabric-common
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-ca-client
  fabric-common  >=2.1.1-snapshot.390
  Depends on vulnerable versions of jsrsasign

client/package-lock.json


Bug fixes

05 Jul 13:01
6b50b8f
Compare
Choose a tag to compare

New Features

  • None

Bug Fixes and Updates

  • BE-876 Stop unnecessary discovery request (#255)
  • Bugfix: tailing ampersand sign prevents container from restarting (#254)
  • BE-857 Change invoking function of lifecycle scc to allow non-admin client access (#252)
  • Bugfix: timeout error crashing explorer (#253)
  • Bugfix: disable enableAuthentication auth auto login using wrong network key issue (#250)

Known Vulnerabilities

jsrsasign  <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
  fabric-ca-client  *
  Depends on vulnerable versions of fabric-common
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-ca-client
  fabric-common  >=2.1.1-snapshot.390
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-common
    fabric-network  >=1.4.19-snapshot.1
    Depends on vulnerable versions of fabric-common
    node_modules/fabric-network

4 critical severity vulnerabilities

Bug fixes and some improvements for internal processes and UI

07 Jun 00:29
00ed99b
Compare
Choose a tag to compare

New Features

  • BE-871 Introduce dropdown to put together icons (#247)
  • BE-870 display direct trans link (#237)
  • Add typescript compilation on main.sh install (#234)
  • BE-865 repolinter codeofconduct (#231)

Bug Fixes and Updates

  • BE-855 Stop unnecessary sync process triggered by FabricEvent (#240)
  • BE-855 Add try catch block to handle block in-process exception (#239)

Known Vulnerabilities

jsrsasign  <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
  fabric-ca-client  *
  Depends on vulnerable versions of fabric-common
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-ca-client
  fabric-common  >=2.1.1-snapshot.390
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-common
    fabric-network  >=1.4.19-snapshot.1
    Depends on vulnerable versions of fabric-common
    node_modules/fabric-network

4 critical severity vulnerabilities

Bug fixes and some improvements for code quality

21 Apr 14:28
bc5f3f5
Compare
Choose a tag to compare

New Features

  • BE-694 Add UI link to trans (#227)
  • BE-858 Upgrade base image of Explorer container image (#220)
  • BE-801 Add the steps to configure a subdomain (#219)
  • Upgrade fabric version supported by Explorer (#227)

Bug Fixes and Updates

  • BE-862 Fix sync error (#228)
  • Fix layout of icons on navigation bar (#218)

Known Vulnerabilities

None

Bug fixes and some improvements for code quality

28 Jan 23:31
0eb3340
Compare
Choose a tag to compare

New Features

  • Upgrade fabric version supported by Explorer (#208)
  • Admin User Panel lists all users, allows admin to delete users (#188)

Bug Fixes and Updates

  • Resolve race condition of discovery request (#212)
  • Fix to get RWset for config TX synced correctly (#211)
  • Add examples for fabric CA enabled network (#210)
  • Migrate gui e2e-test framework to PlayWright (#207)
  • Fix memory leak issue of sync process (#206)
  • Distinguish each node with both IP and Port (#203)
  • walletstore location docker-compose (#202)
  • Single Line TLSCA Cert PEM in CA (#200)
  • Fix url of the fabric official tuto (#199)
  • Fix discovery error on mutual TLS (#197)
  • Change to useful log in initialize (#198)
  • Fix transaction creator certificate sync (#196)
  • Configure eslint for typescript (#195)
  • Transform SQL queries to parameterized queries (prepared statements) (#192)

Bug fixes and some improvements for code quality

30 Sep 09:29
c7258ac
Compare
Choose a tag to compare

Bug Fixes and Updates

  • Fixed issue that network name including spaces cause error (#172)
  • Fix transaction timestamps (#177)

Known issues

  • when multiple nodes share same IP address, explorer will show all nodes as one (BE-829)

Add multiple user authentication and bugfixs

13 Aug 08:08
4bc2a9e
Compare
Choose a tag to compare

New Features

  • Add user management feature/API
  • Reduce container image size (#148)
  • Add fabric 1.4.8 / 2.2.0 support (#150)
  • Change default encode of value in TX details (#157)
  • Update example of connection profile for docker setup (#165)

Bug Fixes and Updates

  • Fixed typos in "SyncService" (#149)
  • Fix typo in "Transaction Details" view (#147)
  • Correct index to get validation code from metadata (#164)

Add some features and fix bugs

17 Jul 13:13
f516d90
Compare
Choose a tag to compare

New Features

  • Publish new simple landing page on Github (#134)
    • Add another README for detail of each configuration (#139)
  • Add configuration for mutual TLS support (#138)
  • Add PEM string format support for connection profile (#137)
  • Add Fabric CA support to retrieve credential for admin access to fabric network (#135)

Bug Fixes and Updates

  • Fix an issue of authentication (#140)
  • Fix an issue the targets of discovery service are always mapped to localhost (#142)
  • Fix calculation of block hash (#141)

Known Vulnerabilities

client/package.json

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ react-scripts                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ react-scripts > webpack-dev-server > yargs > yargs-parser    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1500                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 2141 scanned packages
  1 vulnerability requires manual review. See the full report for details.

Support for Hyperledger Fabric 2.1.1

01 Jul 15:15
9361c65
Compare
Choose a tag to compare

New Features

  • Support for Hyperledger Fabric v2.1.1
    • Support for Hyperledger Fabric v1.4.6 as well in same codebase

Bug Fixes and Updates

  • Fix segfault in Explorer container
  • Making Hyperledger Explorer compatible to Amazon Managed Blockchain Network

Instruction of migration from Explorer v1.0 to v1.1