BE-710 Security vulnerability #57
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* updated links Signed-off-by: nfrunza <nfrunza@gmail.com>
* updated README.md, invalid readthe docs link Signed-off-by: nfrunza <nfrunza@gmail.com>
Signed-off-by: nfrunza <nfrunza@gmail.com>
nfrunza
requested review from
JeevaSang,
nekia and
xspeedcruiser
as code owners
adamk1230
approved these changes
Nov 22, 2019
|
@nfrunza |
Salmandabbakuti
added a commit
to BCDevs/blockchain-explorer
that referenced
this pull request
Dec 27, 2019
* [BE-699] Update packages Signed-off-by: Ry Jones <ry@linux.com> Change-Id: I48820854cef6969a0aeb259145496ed385dc04a5 (cherry picked from commit 0da6b21) * BE-695 Add orderer to node list and network view Change-Id: Ie2bfc923efd3385e014d3b0994c8955115c0cf35 Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * [IN-68] Add default GitHub SECURITY policy Signed-off-by: Ry Jones <ry@linux.com> Change-Id: Ia56af9cd4d09436ab7a5686c6140bacda0dc790e (cherry picked from commit 7f57041) * BE-701 Fix severe vulnerabilities of node package Change-Id: Idb4e5331beeb21027f272457064887efa4d612e0 Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-703 Links broken in README.md BE-679 Create online documentation phase -2 * removed whitespaces Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: Iaf9511db34410744c87fc9a6ca3b673a81f75a3d * BE-674 Lost connection to explorer-db * using connection pools instead to PostgreSQL Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: Ic2944a73cf35f4d8865cf59226c4b8a6e7c70800 * BE-702 Add condition to query for getting tx count Change-Id: If0c60a427f02fceff821dfbe3c5b7246f735803f Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-697 Add a column for block size on BLOCK view The size is approximate size calculated from block data(json) given via fabric node sdk. Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> Change-Id: Id06b431aa01e3cee1eb0a5f598a415ad1fb2135b * BE-679 Create online documentation phase -2 BE-674 Connection to DB lost, reverting Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: Ia3d2603c99d1a395aaf2809cea8b52fbf012a062 * BE-679 Create online documentation * removed a file * added content tabs in tutorial * centered zoom on click * removed _static folder from gitignore * updated links to .html files to include image zooming Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: I018a7bd2c4a575edfdbb4b5ff3518e280d54cb9c * BE-679 Create online documentation * added explorer screens, and descriptions Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: I3173806ff42323306fdeb99a4ebc585cef4ab993 * BE-679 Create online documentation * updated db services, and data model diagram * added logs images, sync, some updates * added diagrams, db description, etc Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: I684f688a8d4b470697160f8880967ac3e9be6491 * [BE-705] Add release pipeline This CR adds an AZP yaml file to create the release process by publishing the BE images to docker Signed-off-by: Brett Logan <Brett.T.Logan@ibm.com> Change-Id: Ib39b29e3b093001236a670d82c9c7227d6e76778 * BE-704 Online documentation-synchronizer Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: I9402769ea5eb1d9577412d33cbdc06364602e8f5 * BE-704 Online documentation-synchronizer * dashboard image updated * updated run sync process Signed-off-by: nfrunza <nfrunza@gmail.com> Change-Id: Ifdde5c7e3caad2aa8e231d26e9568c7cca5c61ba * BE-706 Switching to GitHub (hyperledger-labs#45) * BE-706 Switching to GitHub repo * updated documents Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub repo * updated documents Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub repo BE-706 Switching to GitHub repo updated maintainter list * BE-706 Switching to GitHub repo updated maintainter list * BE-706 Switching to GitHub repo fixed typo Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub removed stale file Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub fixed type in file name DCO.md removed stale file Signed-off-by: nfrunza <nfrunza@gmail.com> * Merge into master (hyperledger-labs#51) * BE-706 Switching to GitHub repo * updated documents Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub repo * updated documents Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub repo BE-706 Switching to GitHub repo updated maintainter list * BE-706 Switching to GitHub repo updated maintainter list * BE-706 Switching to GitHub repo fixed typo Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub removed stale file Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub fixed type in file name DCO.md removed stale file Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-706 Switching to GitHub [BE-706] * added the license header in files Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-700 v1.0.0-rc1 release Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-700 v1.0.0-rc1 release Signed-off-by: nfrunza <nfrunza@gmail.com> * [BE-708] Update build status badge (hyperledger-labs#52) Signed-off-by: Ry Jones <ry@linux.com> * [BE-708]Jenkins is no longer used Signed-off-by: Ry Jones <ry@linux.com> * [BE-708] Online docs issues (hyperledger-labs#54) * updated links Signed-off-by: nfrunza <nfrunza@gmail.com> * [BE-709] Add code coverage report to AZP Signed-off-by: Brett Logan <Brett.T.Logan@ibm.com> * BE-708 Online docs issues (hyperledger-labs#56) * BE-708 Online docs issues * updated links Signed-off-by: nfrunza <nfrunza@gmail.com> * [BE-708] Online docs issues * updated README.md, invalid readthe docs link Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-710 Security vulnerability (hyperledger-labs#57) * BE-708 Online docs issues * updated links Signed-off-by: nfrunza <nfrunza@gmail.com> * [BE-708] Online docs issues * updated README.md, invalid readthe docs link Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-710 Security vulnerability Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-713 Fix an issue to fail detecting newly added channel (hyperledger-labs#59) Added check to see if new channel is found. Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-702 Update documents, azure (hyperledger-labs#60) * BE-702 Update documents, azure * BE-711 add quality metrics * Updated fabric, and explorer version Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-702 Update documents, azure * Excluded .js test files from quality metrics * BE-711 add quality metrics * Updated fabric, and explorer version Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-702 fixed lgth.yml syntax Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-702 Exclude test files Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-702 Syntax fix Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-702 Exclude test files Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-702 Exclude test files Signed-off-by: nfrunza <nfrunza@gmail.com> * Be 711 code quality (hyperledger-labs#62) * BE-711 Code quality config * skiping some lines of code from coverage Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-711 Code quality config Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-711 Exclude typescript Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-711 Code quality * added excludes Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-711 Code quality excluded files Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-711 Update code quality config Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-716 v1.0.0-rc2 release (hyperledger-labs#63) Signed-off-by: nfrunza <nfrunza@gmail.com> * Be 716 v1.0.0 rc2 (hyperledger-labs#64) * BE-716 v1.0.0-rc2 release Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-716 Release canditate * fixed formating in release notes Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-718 Fix typo in CORE_PEER_GOSSIP_EXTERNAL_ENDPOINT (hyperledger-labs#67) Update environment variable "CORE_PEER_GOSSIP_EXTERNAL_ENDPOINT" to be "CORE_PEER_GOSSIP_EXTERNALENDPOINT" Signed-off-by: Yasser Abuomira <yasser.abuomira@4gtss.com> * BE-717 Code quality fix (hyperledger-labs#66) * fix sql injection * excluding warnings * updated lgtm.yml syntax * added code quality badge to README.md file Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-714 Refine app and client e2e-test environment for v1.4.4 (hyperledger-labs#65) * BE-714 Refine app and client e2e-test environment for v1.4.4 - Based on 64a5e04f5fc2b52ff584c9f68519899419fece0d of release-1.4 branch on fabric-test repo - For making it easy to maintainance - Need to download fabric-ca-client under e2e-test/feature/bin - Add fabric-v1.4.4 support Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-714 Add a network enabled service discovery Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-714 Fix an error and add README for e2e-test env Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-719 Fix parameter tampering (hyperledger-labs#68) * BE-719 Fix parameter tampering Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-719 Exclude warning * added js/superfluous-trailing-arguments to lgtm.yml config Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-719 Fix parameter tampering * added tests, removed console.debug statements Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-719 Fix parameter tampering * removed console.debug staement Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-716 RC v1.0.0-rc2 (hyperledger-labs#69) * release candidate v1.0.0-rc2 Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-722 Update troubleshoot doc (hyperledger-labs#70) * added javascript scan alert Signed-off-by: nfrunza <nfrunza@gmail.com> * BE-723 Fix files detected by license scan (hyperledger-labs#71) Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * Be 720 update log4js (hyperledger-labs#72) * BE-720 Refine logging by using latest log4js Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-720 Add environment variables to control log - LOG_LEVEL_APP=debug - LOG_LEVEL_DB=debug - LOG_LEVEL_CONSOLE=info - LOG_CONSOLE_STDOUT=true (console log is forwarded to stdout, instead of file) Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> * BE-720 Add configuration for log file to be rolled by size Each log is rolled by both date (7days) and size (8MB) Also updated README.md for logging configuration Signed-off-by: Atsushi Neki <atsushin@fast.au.fujitsu.com> Co-authored-by: Ry Jones <ry@linux.com> Co-authored-by: Atsushin <nekiaiken@gmail.com> Co-authored-by: Nik Frunza <nfrunza@gmail.com> Co-authored-by: Brett Logan <brett.t.logan@ibm.com> Co-authored-by: Yasser Massoud <yasser.mas2@gmail.com>
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixed security issues