Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

upstream update #3

Open
wants to merge 131 commits into
base: master
Choose a base branch
from
Open

upstream update #3

wants to merge 131 commits into from

Conversation

sambacha
Copy link

No description provided.

timbeiko and others added 9 commits September 8, 2020 10:26
@timbeiko
Update links, emails and PegaSys references (#325)
2eb9aa5 
Signed-off-by: Tim Beiko <[email protected]>
@jframe
metrics endpoint (#328)
d9c3db9
@rain-on
Ensure txns are handled in parallel (#331)
418b106
@rain-on
Remove access-control-allow-origin header from web3provider response (#…
76dc4e1 
…334)

It appears some web3providers (or stubs) insert the CORS response header, regardless of the existence of the ORIGIN header in the request - this in turn breaks CORS validation when EthSIgner is used.

To overcome this, Ethsigner now strips the access-control-allow-origin header from the proxied response.
@mkrielza
Add eth_signTransaction endpoint (#336)
419e559
@joshuafernandes
adding in quorumengineering as the new namespace and pegasyseng as th…
f4c57f9 
…e secondary namespace (#338)
@joshuafernandes
updates for circle (#339)
7f2e975
@joshuafernandes
adding in docker contexts (#340)
17e0eb2
@macfarla
fixed typo (#341)
2825600 
Signed-off-by: Sally MacFarlane <[email protected]>
@freight-trust freight-trust deleted a comment from CLAassistant Oct 15, 2020
joshuafernandes and others added 20 commits October 22, 2020 15:45
@joshuafernandes
updating docker namespace (#342)
0d8690d
@rain-on
Update changelog for 20.10.0 (#343)
694af4b
@rain-on
20.10.0 release (#344)
29b640d 
Signed-off-by: Trent Mohay <[email protected]>
@rain-on
Update version to 20.10.1-SNAPSHOT (#345)
4a55878 
Signed-off-by: Trent Mohay <[email protected]>
@jframe
Improve error message if the http server fails to start (#347)
caf7603
@macfarla
update links to consensys.net (#348)
8b9414d 
Signed-off-by: Sally MacFarlane <[email protected]>
@macfarla
added GoQuorum private transaction type (#349)
d13f083 
* round trip to get enclave lookup ID from besu is working
* call eth_sendRawPrivateTransaction once we have the enclave lookup id
* refactor updateNonce()

Signed-off-by: Sally MacFarlane <[email protected]>
@macfarla
added changelog for 21.1 (#350)
329af9a 
* added changelog for 21.1

Signed-off-by: Sally MacFarlane <[email protected]>
@macfarla
Added GoQuorum private transaction serializer (#352)
59d943f 
* added GoQuorum private tx serializer which ignores chainId
* fix signature - don't pass chainId of zero but use null signature in that step

Signed-off-by: Sally MacFarlane <[email protected]>
@usmansaleem
Updating CI and gradle build to upload to cloudsmith (#353)
8409aef 
* Updating CI and gradle build to upload to cloudsmith

Signed-off-by: Usman Saleem <[email protected]>
@usmansaleem
Update changelog for 21.2.0 (#354)
2b45667 
Signed-off-by: Usman Saleem <[email protected]>
@usmansaleem
Fixing version in CHANGELOG for release 21.1.0 (#355)
c9070bb 
Signed-off-by: Usman Saleem <[email protected]>
@usmansaleem
21.1.0 release (#356)
6e30f44 
Signed-off-by: Usman Saleem <[email protected]>
@usmansaleem
Prepare for version 21.1.1-SNAPSHOT (#357)
87644e1 
Signed-off-by: Usman Saleem <[email protected]>
@usmansaleem
Resolve and publish to cloudsmith (#359)
0dd7d1e 
* Resolve signers from cloudsmith
* Publish EthSigner module jars to cloudsmith as they are used by Besu AT.

Signed-off-by: Usman Saleem <[email protected]>
@usmansaleem
Upgrade besu metrics library (#360)
53e6ec5 
-- Upgrade besu metrics library
-- update license aliases in check-licenses
@usmansaleem
Support git tag based release (#363)
2c78c84 
- version calculation is automated based on git commits and tags
@usmansaleem
Updating latest Besu release to use with AT (#361)
866cf3a 
* webclientoptions tryUseCompression property to true
* AT DSL Handle Json Error
* Enable support for compression for EthSigner clients
* add debug headers output
* set 100 continue automatically
@usmansaleem
Enable tag build in circleci config (#364)
3645eba
@pinges
fixing NONCE_TOO_LOW retries and adding retries for ETH_SEND_TX_REPLA…
224a15a 
…CEMENT_UNDERPRICED (#367)

Signed-off-by: Stefan Pingel <[email protected]>
usmansaleem and others added 30 commits February 28, 2023 11:46
@usmansaleem
Suppress false positive CVE-2022-45688 for json-java (#494)
f557595 
Update owasp gradle plugin version
Add suppression for json-java
@usmansaleem
CI: Fix owasp reported CVE (#497)
e80958e 
-- Update owasp plugin version
-- Update owasp suppression for org.json
-- Update owasp suppression for CVE-2020-8908
-- manual override of json-smart and nimbus-jost-kwt
@gfukushima
Change nightly scheduled time (#496)
d844f3a 
Signed-off-by: Gabriel Fukushima <[email protected]>
@joshuafernandes
adding trivy nightly scan (#504)
53e60e7
@jframe
Update library dependencies (#509)
cc546da
@jframe
23.6.0 changelog (#510)
bf6fed0
@siladu
Upgrade netty and exclude old bouncycastle dep to fix CVEs (#511)
69223fe
@siladu
Move bouncycastle to implementation level so javadoc can see it (#512)
50f5890
@siladu
Add suppression for disputed CVE-2023-35116 (#513)
a6781cc
@jframe
Update docker to latest LTS (#517)
b804688 
* Update docker to latest LTS
* Add changelog
@jframe
Override the okhttp dependency to fix CVE-2023-3635 (#519)
b6888db
@siladu
Update creds for docker dct signer (#520)
5f57ac3
@siladu
Update hardcoded Azure values (#521)
d2f5443 
* Change hardcoded values
* Remove duplication from hardcoded values
@siladu
Run Azure tests on nightly build (#523)
72aa797
@gfukushima
Upgrade grpc library to fix CVE (#524)
d0c5ed0 
* update grpc library

Signed-off-by: Gabriel Fukushima <[email protected]>

* add changelog

Signed-off-by: Gabriel Fukushima <[email protected]>

---------

Signed-off-by: Gabriel Fukushima <[email protected]>
@siladu
Dependency updates and suppressions (#525)
3e648f8
@non-fungible-nelson
Update README.md (#526)
bafb183
@usmansaleem
Fetch latest libc6 and libc-bin in docker image (#528)
d29a07a 
* Fetch latest libc6 and libc-bin in docker image
* Removing libssl3 from docker image as latest libssl3 is part of base image
@usmansaleem
Fix ethsigner build (#529)
c787fd8 
* Upgrading gradle wrapper to 7.6
* temporary suppression of CVE-2023-4586
@usmansaleem
Use Java 17 and upgrade Azure and web3j libraries (#530)
9d9e01e 
* Upgrade Azure libraries to fix CVE-2023-36415
 -- suppress CVE for azure-identity 1.10.2 to 1.10.9 as it is only applicable on 1.10.1 and lower.
* Use Java 17.

 -- Update spotless plugin
 -- Fix javadoc
 -- Update circleci
 -- Update dockerfile

* Use Java 17 in trivy github action
* Update codeql analysis github workflow
* web3j 4.10.2
* okhttp logging-interceptor override
* changelog
* Add web3j in changelog
@usmansaleem
Do not fail gradle javadoc task on javadoc comments warnings (#531)
8f02e28 
Java 17 enforces several javadoc comments warnings which results in EthSigner javadoc task to be failed (called during publish task). This PR updates javadoc task to not fail on reported javadoc comments warnings.
@jframe
Override the netty dependency to fix CVE-2023-44487 (#532)
cea5614
@siladu
Re-add suppression in for false positive CVE-2023-4586 (#533)
3105b88
@siladu
Upgrade reactor-netty-http to fix CVE-2023-34062 (#534)
df7d959
@jframe
Dependency check upgrade and suppress FP (#536)
f625de5
@jframe
Update vertx to 4.4.6 and suppress unrelated CVE (#537)
e0322b8
@jframe
remove build slack notification (#538)
b3b62a8
@usmansaleem
Update various vulnerabilities suppressions (#539)
9ede0b4 
Update various vulnerabilities suppressions that are not relevant to EthSigner build.
@usmansaleem
Override nimbus-jose-jwt version to avoid CVE-2023-52428 (#540)
7c0f3ae
@jframe
Deprecate ethsigner (#542)
7a2a1d3 
Update readme to make it clear EthSigner is no longer supported

Signed-off-by: Jason Frame <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.