Blockchain Explorer Versions Save

New Features

• None

Bug Fixes and Updates

• BE-880 Fix incorrect multi-process logging (#260)
• docs: add code snippet for admin cert modification (#257) (#258)

Known Vulnerabilities

package-lock.json

jsrsasign  <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
  fabric-ca-client  *
  Depends on vulnerable versions of fabric-common
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-ca-client
  fabric-common  >=2.1.1-snapshot.390
  Depends on vulnerable versions of jsrsasign

client/package-lock.json

New Features

• None

Bug Fixes and Updates

• BE-876 Stop unnecessary discovery request (#255)
• Bugfix: tailing ampersand sign prevents container from restarting (#254)
• BE-857 Change invoking function of lifecycle scc to allow non-admin client access (#252)
• Bugfix: timeout error crashing explorer (#253)
• Bugfix: disable enableAuthentication auth auto login using wrong network key issue (#250)

Known Vulnerabilities

jsrsasign  <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
  fabric-ca-client  *
  Depends on vulnerable versions of fabric-common
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-ca-client
  fabric-common  >=2.1.1-snapshot.390
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-common
    fabric-network  >=1.4.19-snapshot.1
    Depends on vulnerable versions of fabric-common
    node_modules/fabric-network

4 critical severity vulnerabilities

New Features

• BE-871 Introduce dropdown to put together icons (#247)
• BE-870 display direct trans link (#237)
• Add typescript compilation on main.sh install (#234)
• BE-865 repolinter codeofconduct (#231)

Bug Fixes and Updates

• BE-855 Stop unnecessary sync process triggered by FabricEvent (#240)
• BE-855 Add try catch block to handle block in-process exception (#239)

Known Vulnerabilities

jsrsasign  <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
  fabric-ca-client  *
  Depends on vulnerable versions of fabric-common
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-ca-client
  fabric-common  >=2.1.1-snapshot.390
  Depends on vulnerable versions of jsrsasign
  node_modules/fabric-common
    fabric-network  >=1.4.19-snapshot.1
    Depends on vulnerable versions of fabric-common
    node_modules/fabric-network

4 critical severity vulnerabilities

New Features

• BE-694 Add UI link to trans (#227)
• BE-858 Upgrade base image of Explorer container image (#220)
• BE-801 Add the steps to configure a subdomain (#219)
• Upgrade fabric version supported by Explorer (#227)

Bug Fixes and Updates

• BE-862 Fix sync error (#228)
• Fix layout of icons on navigation bar (#218)

Known Vulnerabilities

None

New Features

• Upgrade fabric version supported by Explorer (#208)
• Admin User Panel lists all users, allows admin to delete users (#188)

Bug Fixes and Updates

• Resolve race condition of discovery request (#212)
• Fix to get RWset for config TX synced correctly (#211)
• Add examples for fabric CA enabled network (#210)
• Migrate gui e2e-test framework to PlayWright (#207)
• Fix memory leak issue of sync process (#206)
• Distinguish each node with both IP and Port (#203)
• walletstore location docker-compose (#202)
• Single Line TLSCA Cert PEM in CA (#200)
• Fix url of the fabric official tuto (#199)
• Fix discovery error on mutual TLS (#197)
• Change to useful log in initialize (#198)
• Fix transaction creator certificate sync (#196)
• Configure eslint for typescript (#195)
• Transform SQL queries to parameterized queries (prepared statements) (#192)

Bug Fixes and Updates

• Fixed issue that network name including spaces cause error (#172)
• Fix transaction timestamps (#177)

Known issues

• when multiple nodes share same IP address, explorer will show all nodes as one (BE-829)

New Features

• Add user management feature/API
  • Please refer README-CONFIG.md
• Reduce container image size (#148)
• Add fabric 1.4.8 / 2.2.0 support (#150)
• Change default encode of value in TX details (#157)
  • Please refer README-CONFIG.md
• Update example of connection profile for docker setup (#165)

Bug Fixes and Updates

• Fixed typos in "SyncService" (#149)
• Fix typo in "Transaction Details" view (#147)
• Correct index to get validation code from metadata (#164)

New Features

• Publish new simple landing page on Github (#134)
  • Add another README for detail of each configuration (#139)
• Add configuration for mutual TLS support (#138)
• Add PEM string format support for connection profile (#137)
• Add Fabric CA support to retrieve credential for admin access to fabric network (#135)

Bug Fixes and Updates

• Fix an issue of authentication (#140)
• Fix an issue the targets of discovery service are always mapped to localhost (#142)
• Fix calculation of block hash (#141)

Known Vulnerabilities

client/package.json

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ react-scripts                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ react-scripts > webpack-dev-server > yargs > yargs-parser    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1500                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 2141 scanned packages
  1 vulnerability requires manual review. See the full report for details.

New Features

• Support for Hyperledger Fabric v2.1.1
  • Support for Hyperledger Fabric v1.4.6 as well in same codebase

Bug Fixes and Updates

• Fix segfault in Explorer container
• Making Hyperledger Explorer compatible to Amazon Managed Blockchain Network

Instruction of migration from Explorer v1.0 to v1.1

• Peers array for organisation is now mandatory in a connection profile as follow e.g. app/platform/fabric/connection-profile/first-network.json
• If you have already had existing wallet for the previous version of Explorer, you need to migrate your wallet with the steps described in the following page Step for fabric wallet migration

Correct release tag from V1.0.0 to v1.0.0