Merge branch 'main' into vuln-checks

Signed-off-by: Samim Mirhosseini <ssmirr@users.noreply.github.com>
hyperledger · Mar 28, 2024 · 14d592e · 14d592e
2 parents 037f4c8 + a90c44b
commit 14d592e
Show file tree

Hide file tree

Showing 62 changed files with 11,750 additions and 44,259 deletions.
diff --git a/.env b/.env
@@ -1,7 +1,6 @@
 PORT=3000
 ETHCONNECT_URL=http://127.0.0.1:5102
-ETHCONNECT_TOPIC=token
-FACTORY_CONTRACT_ADDRESS=
-AUTO_INIT=true
+ETHCONNECT_TOPIC=tokens_0_0
+FACTORY_CONTRACT_ADDRESS="0xd85b3fba5552c48389607954e042e7313a9aec6e"
 USE_LEGACY_ERC20_SAMPLE=false
 USE_LEGACY_ERC721_SAMPLE=false
diff --git a/.github/workflows/docker_main.yml b/.github/workflows/docker_main.yml
@@ -9,7 +9,7 @@ jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Set build tag
         id: build_tag_generator

diff --git a/.github/workflows/docker_release.yml b/.github/workflows/docker_release.yml
@@ -8,7 +8,7 @@ jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -30,7 +30,7 @@ jobs:
         run: |
           echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
           docker push ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${GITHUB_REF##*/}
-      
+
       - name: Push head tag
         run: |
           echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -8,22 +8,22 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Use Node.js
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v3
         with:
-          node-version: '16.x'
+          node-version: '20.9.0'
       - run: npm ci
       - run: npm run test
       - run: npm run test:e2e
   solidity-test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Use Node.js
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v3
         with:
-          node-version: '16.x'
+          node-version: '20.9.0'
       - run: npm ci
         working-directory: ./samples/solidity
       - run: npm run compile
@@ -33,6 +33,6 @@ jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Docker build
-        run: docker build --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 .
+        run: docker build --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 .
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -0,0 +1,33 @@
+{
+  // Use IntelliSense to learn about possible attributes.
+  // Hover to view descriptions of existing attributes.
+  // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Run Tests",
+      "runtimeExecutable": "npm",
+      "args": ["run", "test"],
+      "request": "launch",
+      "type": "node",
+      "outputCapture": "std"
+    },
+    {
+      "name": "Run E2E Tests",
+      "runtimeExecutable": "npm",
+      "args": ["run", "test:e2e"],
+      "request": "launch",
+      "type": "node",
+      "outputCapture": "std"
+    },
+    {
+      "type": "node",
+      "request": "launch",
+      "name": "Launch Program",
+      "skipFiles": ["<node_internals>/**"],
+      "program": "${file}",
+      "preLaunchTask": "tsc: build - tsconfig.json",
+      "outFiles": ["${workspaceFolder}/dist/**/*.js"]
+    }
+  ]
+}
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -1,11 +1,9 @@
 {
   "solidity.compileUsingRemoteVersion": "v0.6.12+commit.27d51765",
   "editor.codeActionsOnSave": {
-    "source.fixAll.eslint": true
+    "source.fixAll.eslint": "explicit"
   },
   "eslint.validate": ["javascript"],
   "solidity.defaultCompiler": "remote",
-  "cSpell.words": [
-    "fftm"
-  ]
+  "cSpell.words": ["eventstream", "fftm"]
 }
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -1,4 +1,3 @@
 # SPDX-License-Identifier: Apache-2.0
 
-# FireFly Core Maintainers
-- @awrichar @peterbroadhurst @nguyer @eberger727 @shorsher
+- @hyperledger/firefly-tokens-erc20-erc721-maintainers
diff --git a/Dockerfile b/Dockerfile
@@ -1,13 +1,13 @@
-FROM node:16-alpine3.15 as build
+FROM node:20-alpine3.17 as build
 USER node
 WORKDIR /home/node
 ADD --chown=node:node package*.json ./
 RUN npm install
 ADD --chown=node:node . .
 RUN npm run build
 
-FROM node:16-alpine3.15 as solidity-build
-RUN apk add python3 alpine-sdk
+FROM node:20-alpine3.17 as solidity-build
+RUN apk add python3=3.10.13-r0 alpine-sdk=1.0-r1
 USER node
 WORKDIR /home/node
 ADD --chown=node:node ./samples/solidity/package*.json ./
@@ -23,8 +23,8 @@ RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/
 RUN trivy fs --format spdx-json --output /sbom.spdx.json /SBOM
 RUN trivy sbom /sbom.spdx.json --severity UNKNOWN,HIGH,CRITICAL --exit-code 1
 
-FROM node:16-alpine3.15
-RUN apk add curl jq
+FROM node:20-alpine3.17
+RUN apk add curl=8.5.0-r0 jq=1.6-r2
 RUN mkdir -p /app/contracts/source \
     && chgrp -R 0 /app/ \
     && chmod -R g+rwX /app/ \
@@ -39,6 +39,8 @@ COPY --from=solidity-build --chown=1001:0 /home/node/contracts /home/node/packag
 RUN npm install --production
 WORKDIR /app/contracts
 COPY --from=solidity-build --chown=1001:0 /home/node/artifacts/contracts/TokenFactory.sol/TokenFactory.json ./
+# We also need to keep copying it to the old location to maintain compatibility with the FireFly CLI
+COPY --from=solidity-build --chown=1001:0 /home/node/artifacts/contracts/TokenFactory.sol/TokenFactory.json /home/node/contracts/
 WORKDIR /app
 COPY --from=build --chown=1001:0 /home/node/dist ./dist
 COPY --from=build --chown=1001:0 /home/node/package.json /home/node/package-lock.json ./

diff --git a/MAINTAINERS.md b/MAINTAINERS.md
@@ -9,45 +9,6 @@ The following is the list of current maintainers this repo:
 | Nicko Guyer       | nguyer          | nicko.guyer@kaleido.io       | nguyer            |
 | David Echelberger | eberger727      | david.echelberger@kaleido.io | dech727           |
 
-
 This list is to be kept up to date as maintainers are added or removed.
 
-# Expectations of Maintainers
-
-Maintainers are expected to regularly:
-
-- Make contributions to FireFly code repositories including code or documentation
-- Review pull requests
-- Investigate open GitHub issues
-- Participate in Community Calls
-
-# Becoming a Maintainer
-
-The FireFly Project welcomes and encourages people to become maintainers of the project if they are interested and meet the following criteria:
-
-## Criteria for becoming a member
-
-- Expressed interest and commitment to meet the expectations of a maintainer for at least 6 months
-- A consistent track record of contributions to FireFly code repositories which could be:
-  - Enhancements
-  - Bug fixes
-  - Tests
-  - Documentation
-- A consistent track record of helpful code reviews on FireFly code repositories
-- Regular participation in Community Calls
-- A demonstrated interest and aptitude in thought leadership within the FireFly Project
-- Sponsorship from an existing maintainer
-
-There is no specific quantity of contributions or pull requests, or a specific time period over which the candidate must prove their track record. This will be left up to the discretion of the existing maintainers.
-
-## Process for becoming a maintainer
-
-Once the above criteria have been met, the sponsoring maintainer shall propose the addition of the new maintainer at a public Community Call. Existing maintainers shall vote at the next public Community Call whether the new maintainer should be added or not. Proxy votes may be submitted via email _before_ the meeting. A simple majority of the existing maintainers is required for the vote to pass.
-
-## Maintainer resignation
-
-While maintainers are expected in good faith to be committed to the project for a significant period of time, they are under no binding obligation to do so. Maintainers may resign at any time for any reason. If a maintainer wishes to resign they shall open a pull request to update the maintainers list removing themselves from the list.
-
-## Maintainer inactivity
-
-If a maintainer has remained inactive (not meeting the expectations of a maintainer) for a period of time (at least several months), an email should be sent to that maintainer noting their inactivity and asking if they still wish to be a maintainer. If they continue to be inactive after being notified via email, an existing maintainer may propose to remove the inactive maintainer at a public Community Call. Existing maintainers shall vote at the next public Community Call whether the inactive maintainer should be removed or not. Proxy votes may be submitted via email _before_ the meeting. A simple majority of the existing maintainers is required for the vote to pass.
+For the full list of maintainers across all repos, the expectations of a maintainer and the process for becoming a maintainer, please see the [FireFly Maintainers page on the Hyperledger Wiki](https://wiki.hyperledger.org/display/FIR/Maintainers).