Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(plugin-ledger-connector-fabric-socketio): upgrade Fabric due to jsrsasign #1800

Merged
merged 1 commit into from
Feb 4, 2022
Merged

fix(plugin-ledger-connector-fabric-socketio): upgrade Fabric due to jsrsasign #1800

merged 1 commit into from
Feb 4, 2022

Conversation

outSH
Copy link
Contributor

@outSH outSH commented Jan 20, 2022

Revert fabric sdk package change from PR #1754

Closes: #1799
Signed-off-by: Michal Bajer michal.bajer@fujitsu.com

After change:

@hyperledger/cactus@ /home/outsh/cactus
├─┬ @hyperledger/cactus-cmd-socket-server@1.0.0-rc.3 -> ./packages/cactus-cmd-socketio-server
│ └─┬ fabric-ca-client@1.4.19
│   └── jsrsasign@10.5.0
├─┬ @hyperledger/cactus-example-carbon-accounting-backend@1.0.0-rc.3 -> ./examples/cactus-example-carbon-accounting-backend
│ └─┬ fabric-network@2.2.10
│   └─┬ fabric-common@2.2.10
│     └── jsrsasign@10.5.0 deduped
├─┬ @hyperledger/cactus-plugin-ledger-connector-fabric-socketio@1.0.0-rc.3 -> ./packages/cactus-plugin-ledger-connector-fabric-socketio
│ └─┬ fabric-client@1.4.19
│   └── jsrsasign@10.5.0 deduped
├─┬ @hyperledger/cactus-plugin-ledger-connector-fabric@1.0.0-rc.3 -> ./packages/cactus-plugin-ledger-connector-fabric
│ ├─┬ fabric-ca-client@2.3.0-snapshot.62
│ │ └── jsrsasign@10.5.0
│ ├─┬ fabric-common@2.3.0-snapshot.63
│ │ └── jsrsasign@10.5.0 deduped
│ ├── jsrsasign@10.4.0
│ └─┬ ws-wallet@1.1.5
│   └── jsrsasign@10.4.1
└─┬ @hyperledger/cactus-test-tooling@1.0.0-rc.3 -> ./packages/cactus-test-tooling
  └─┬ fabric-ca-client@2.2.10
    ├─┬ fabric-common@2.2.10
    │ └── jsrsasign@10.5.0 deduped
    └── jsrsasign@10.5.0 deduped

@petermetz petermetz requested review from izuru0 and takeutak and removed request for jonathan-m-hamilton January 21, 2022 00:17
@petermetz petermetz added Fabric Security Related to existing or potential security vulnerabilities bug Something isn't working labels Jan 21, 2022
petermetz
petermetz requested changes Jan 21, 2022
View reviewed changes
examples/cartrade/package.json Outdated Show resolved Hide resolved
This was referenced Jan 21, 2022
Merged
Merged
@outSH outSH requested a review from petermetz January 31, 2022 08:48
izuru0
izuru0 approved these changes Jan 31, 2022
View reviewed changes
Copy link
Contributor

@izuru0 izuru0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@outSH
Copy link
Contributor Author

outSH commented Feb 2, 2022

@petermetz Can you approve and merge this please? It's blocking PR next in line :)

@petermetz
Copy link
Member

@petermetz Can you approve and merge this please? It's blocking PR next in line :)

@outSH Thank you for the information. I'm working on the reviews as fast as I can. :)

petermetz
petermetz approved these changes Feb 3, 2022
View reviewed changes
Copy link
Member

@petermetz petermetz left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@petermetz Oh, right! I'm currently working on putting them into containers and monorepo build right now, and for some reasons assumed it's already done in my mind :)

Thank you! I vote for exact versions, regardless of it being more effort to manually bump them later or not.

@outSH No worries, I mix up my own PRs all the time. Extending on my earlier answer: the yarn.lock wouldn't save us in some edge cases either and because of that I always ask people to specify exact versions instead of ranges (so I would've asked the same thing even if the packages were part of the monorepo already)

OK. Shall I switch to exact versions for every dependency in package.json? Only fabric one? Shall I do this for all package.json affected by this PR?

That can be part of another PR, I dont' want to complicate this one any further.

@petermetz petermetz removed the request for review from takeutak February 3, 2022 00:06
@outSH
Copy link
Contributor Author

outSH commented Feb 3, 2022
edited

Thank you for the information. I'm working on the reviews as fast as I can. :)

Sure, not rushing, I just wanted to put this PR to the front ;) Thank's for quick handling other PR as well, btw

@outSH
fix(plugin-ledger-connector-fabric-socketio): upgrade Fabric due to j…
9dbadf6 
…srsasign

Revert fabric sdk package change from PR hyperledger#1754

Closes: hyperledger#1799
Signed-off-by: Michal Bajer <michal.bajer@fujitsu.com>
@petermetz petermetz merged commit a9ecb19 into hyperledger:main Feb 4, 2022
@outSH outSH deleted the fix_fabric_sdk_version branch March 21, 2022 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@petermetz petermetz petermetz approved these changes

@izuru0 izuru0 izuru0 approved these changes

Assignees
No one assigned
Labels
bug Something isn't working Fabric Security Related to existing or potential security vulnerabilities
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(plugin-ledger-connector-fabric-socketio): upgrade Fabric due to jsrsasign
3 participants
@outSH @petermetz @izuru0