Skip to content

Releases: hyperledger/fabric

v1.4.0 Release Notes - January 9, 2019

15 Nov 17:34
Compare
Choose a tag to compare
--------------------------------------

What's New in Hyperledger Fabric v1.4
-------------------------------------

The following features are included in this release:

Fabric operations service
A new HTTP based "operations" endpoint has been implemented on the orderer and
the peer. The endpoint exposes APIs to check the server's health, to query
and modify the logging level of the process, and, when configured, to expose
Fabric metrics.

FAB-3388 - Operational metrics for Fabric components
The peer and orderer have been instrumented to provide basic operational
metrics. The metrics can be surfaced for consumption by Prometheus or StatsD.

FAB-10851 - Health check endpoint
The orderer and the peer now provide a mechanism to check the health of the
process via an HTTP request. Requests to GET /healthz on the operations
endpoint will complete with a status 200 OK when the server believes it is
healthy. When a health check fails, the server will respond with a 503 Service
Unavailable and a JSON payload indicating which component detected an issue.
The types of health checks that are performed will be extended over time.

FAB-12265 - Dynamic log levels
The orderer and the peer now provide a mechanism to get and update the active
logging specification of the server. Requests to GET /logspec on the
operations endpoint will return with a JSON payload that contains the active
spec. When a JSON payload of `{"spec":"the-log-spec"}` is sent as the body of
a PUT /logspec request, the active logging spec will be updated.

FAB-12357 - Updates to logging
In earlier versions of Fabric, loggers were associated with named components
and configuration would control the active level of each logger. While this
model works in theory, because of the configuration management libraries used
by Fabric and the structure of the Fabric code base, in practice it had a
number of issues.
With 1.4, we're changing the model slightly. Instead of associating loggers
with components, we are naming loggers and to help avoid side effects during
initialization, the logging configuration is no longer obtained from the
fabric configuration system but from environment variables that define
the logging specification and log format.
The log specification is a single string that consists of colon separated
tokens. Each token declares one or more logger name prefixes (separated by
commas) and an optional log level. When the logger name prefix ends with a
period, it indicates that the log level should only apply to the logger with
that exact name without the trailing period. When the logger name pattern is
omitted, it specifies the default log level. In cases where multiple entries
reference the same name pattern or multiple instances of a default are
provided, the last specification takes precedence.

FAB-12363 - Logging for gRPC interactions
The orderer and the peer now provide logging (INFO level) for each gRPC
interaction completed.

FAB-12372 - Obtain Go routine stacks without termination
When SIGUSR1 is received by the peer or the orderer, the state of all go
routines will be captured and logged at the INFO level. This collection
activity will not terminate the process.

FAB-5093 - Private data reconciliation
Allows peers for organizations that are added to private data collections
to retrieve the private data for prior transactions to which they now are
entitled. This feature is only supported on peers that have joined
a channel since v1.4.

FAB-11409 - Private data client access control
Ability to automatically enforce access control within chaincode based
on the client organization collection membership without having to
write specific chaincode logic. This feature is configured by using
the collection configuration property memberOnlyRead:true. If you have
a mixed network of v1.4 peers and prior release peers, the prior
release peers will not honor this configuration until they are upgraded
to v1.4.

Changes, Known Issues, and Workarounds
--------------------------------------

FAB-12357 - Updates to logging
Instead of using logging.level and CORE_LOGGING_LEVEL to control the logging
level for the peer, and General.LogLevel or ORDERER_GENERAL_LOGLEVEL to
control logging at the orderer, both processes now use the FABRIC_LOGGING_SPEC
environment variable to acquire the initial logging specification for the
server. Existing logging configuration should be converted to the new model.

FAB-12489 - peer logging command updates
The `getlevel`, `setlevel`, and `revertlevels` subcommands of the `peer
logging` command are deprecated and users should migrate to the operations
server.
The behavior of `setlevel` has also changed slightly. The previous
implementation would treat the `logger` argument as a regular expression and
apply the new log level to all loggers that matched the expression. The
updated implementation treats the `logger` argument as a logger name and
appends it to the active logging spec at the indicated level.

FAB-12088 - Java chaincode support on s390 architecture
Java chaincode support is not yet available on s390 architecture.

FAB-12134 Same chaincode source receiving fingerprint mismatch error
Chaincode installed in different ways may result in "chaincode fingerprint
mismatch data mismatch" error upon instantiation.  This may happen when
installing chaincode by using different SDKs. To workaround the problem,
package the chaincode prior to installation and instantiation, by using
the "peer chaincode package" command.

Known Vulnerabilities
---------------------
FAB-8664 - Peer should detect and react when its org has been removed
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in a future release.

Resolved Vulnerabilities
------------------------
None.

Other improvements and fixes
----------------------------
Updated to Go version 1.11.1
Updated baseimage version to 0.4.14

For the full list of improvements and fixes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/release-1.4/CHANGELOG.md#v140

v1.3.0 Release Notes - October 10, 2018

22 Nov 15:33
Compare
Choose a tag to compare
---------------------------------------

What's New in Hyperledger Fabric v1.3
-------------------------------------

The following features/epics are included in this release:

FAB-10120 - Identity Mixer for anonymous transactions
Keep client identities anonymous and unlinkable through the use of
zero-knowledge proofs.

FAB-8812 - State-based endorsement
Allows the default chaincode-level endorsement policy to be overridden by a
per-key endorsement policy.

FAB-2809 - Chaincode pagination of query results
Clients can now page through result sets from chaincode queries, making it
feasible to support large result sets with high performance.

FAB-8779 - Java chaincode support
As an addition to the current Fabric support for chaincode written in Go and
Node.js, Java is now supported.

Changes, Known Issues, and Workarounds
--------------------------------------

FAB-11122 - Removal of event hub

The 'old' event hub has been removed in Hyperledger Fabric v1.3.  It is
replaced by the peer channel-based event service which was introduced in
Fabric v1.1.
Applications using the old event hub must switch over to the new
channel-based event service before upgrading to v1.3 peer or SDKs.

FAB-12088 - Java chaincode support on s390 architecture

Java chaincode support is not yet available on s390 architecture.

FAB-12134 Same chaincode source receiving fingerprint mismatch error

Chaincode installed in different ways may result in "chaincode fingerprint
mismatch data mismatch" error upon instantiation.  This may happen when
installing chaincode by using different SDKs. To workaround the problem,
package the chaincode prior to installation and instantiation, by using
the "peer chaincode package" command.

Known Vulnerabilities
---------------------
FAB-8664 - Peer should detect and react when its org has been removed
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in a future release.

Resolved Vulnerabilities
------------------------
None.

Other improvements and fixes
----------------------------
Updated to Go version 1.10.4
Updated baseimage version to 0.4.13

For the full list of improvements and fixes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v130

v1.2.1 September 27, 2018

22 Nov 15:31
Compare
Choose a tag to compare
------------------------

Release Notes
-------------
Bug fixes, documentation and test coverage improvements, UX improvements
based on user feedback and changes to address a variety of static scan
findings (unused code, static security scanning, spelling, linting and more).

Known Vulnerabilities
---------------------
FAB-8664 - Peer does not detect his own org ejection
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in an upcoming release.

Resolved Vulnerabilities
------------------------
FAB-11094 - Fix deadlock in block iterator
Fixes possible ledger deadlock condition when using the channel event
service.

FAB-10390 - Set PKCS11 CKA_MODIFIABLE to false
More secure default value when generating private keys when using PKCS#11.

FAB-10391 - Set CKA_EXTRACTABLE to false
More secure default value when generating private keys when using PKCS#11.

Known Issues & Workarounds
--------------------------
none

Change Log
----------
https://github.com/hyperledger/fabric/blob/release-1.2/CHANGELOG.md#v121

v1.3.0-rc1 Release Notes - September 24, 2018

22 Nov 15:34
Compare
Choose a tag to compare
---------------------------------------------

What's New in Hyperledger Fabric v1.3
-------------------------------------

The following features/epics are included in this release:

FAB-10120 - Identity Mixer for anonymous transactions
Keep client identities anonymous and unlinkable through the use of
zero-knowledge proofs.

FAB-8812 - State-based endorsement
Allows the default chaincode-level endorsement policy to be overridden by a
per-key endorsement policy.

FAB-2809 - Chaincode pagination of query results
Clients can now page through result sets from chaincode queries, making it
feasible to support large result sets with high performance.

FAB-8779 - Java chaincode support
As an addition to the current Fabric support for chaincode written in Go and
Node.js, Java is now supported.

Changes, Known Issues, and Workarounds
--------------------------------------

FAB-11122 - Removal of event hub

The 'old' event hub has been removed in Hyperledger Fabric v1.3.  It is
replaced by the peer channel-based event service which was introduced in
Fabric v1.1.
Applications using the old event hub must switch over to the new
channel-based event service before upgrading to v1.3 peer or SDKs.

FAB-12088 - Java chaincode support on s390 architecture

Java chaincode support is not yet available on s390 architecture.

FAB-12134 Same chaincode source receiving fingerprint mismatch error

Chaincode installed in different ways may result in "chaincode fingerprint
mismatch data mismatch" error upon instantiation.  This may happen when
installing chaincode by using different SDKs. To workaround the problem,
package the chaincode prior to installation and instantiation, by using
the "peer chaincode package" command.

Known Vulnerabilities
---------------------
FAB-8664 - Peer should detect and react when its org has been removed
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in a future release.

Resolved Vulnerabilities
------------------------
None.

Other improvements and fixes
----------------------------
Updated to Go version 1.10.4
Updated baseimage version to 0.4.12

For the full list of improvements and fixes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v130-rc1

v1.1.1 July 5, 2018

22 Nov 15:39
Compare
Choose a tag to compare
---------------------

Release Notes
-------------
Bug fixes, documentation and test coverage improvements, UX improvements
based on user feedback and changes to address a variety of static scan
findings (unused code, static security scanning, spelling, linting and more).

Known Vulnerabilities
---------------------
none

Resolved Vulnerabilities
------------------------
https://jira.hyperledger.org/browse/FAB-10537
https://jira.hyperledger.org/browse/FAB-10577

Known Issues & Workarounds
--------------------------
The fabric-ccenv image which is used to build chaincode, currently includes
the github.com/hyperledger/fabric/core/chaincode/shim ("shim") package.
This is convenient, as it provides the ability to package chaincode
without the need to include the "shim". However, this may cause issues in future
releases (and/or when trying to use packages which are included by the "shim").

In order to avoid any issues, users are advised to manually vendor the "shim"
package with their chaincode prior to using the peer CLI for packaging and/or
for installing chaincode.

Please refer to https://jira.hyperledger.org/browse/FAB-5177 for more details,
and kindly be aware that given the above, we may end up changing the
fabric-ccenv in the future.

Change Log
----------
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v111

v1.2.0 Release Notes - July 3, 2018

22 Nov 15:28
Compare
Choose a tag to compare
----------------------------------------

What's New in v1.2
------------------

The following features/epics are included in this release:

FAB-8718 - Channel Private Data
Keep chaincode data confidential among a subset of channel members.

FAB-8727 - Access control for peer functions
Configure which client identities can interact with peer functions, per channel.

FAB-8729 - Pluggable endorsement and validation
Utilize pluggable endorsement and validation logic per chaincode.

FAB-8779 - Service Discovery
Discover network services dynamically, including orderers, peers, chaincode,
and endorsement policies, to simplify client applications.

Hygiene and Technical debt
Ginkgo-based integration tests have been added, and component code has been
refactored for improved readability and maintainability.

Changes, Known Issues, and Workarounds
--------------------------------------

FAB-10151 - configtx.yaml samples fixed

Previous releases included example input files for configtxgen (configtx.yaml)
that contained invalid YAML which referenced YAML anchors before they were
defined. It was not a problem in prior releases since the golang YAML parser
tolerated references before definitions.
The configtx.yaml samples are corrected in version v1.2. Users are advised
to evaluate their configtxgen input documents for places where YAML anchors
are referenced before they are defined. Either reorder nodes to ensure
anchors are defined before they are referenced, or re-create YAML documents
using the updated configtx.yaml sample documents as a starting point.
Refer to https://jira.hyperledger.org/browse/FAB-10151 for more details.

FAB-8557 - Transaction index and query behavior changed

There is a change to how some of the indexes maintained by ledger are updated.
Specifically, this includes indexes that maintain information by txid. In the rare
scenario when two transactions were submitted with the same transaction ids,
in the previous releases, the last transaction would be indexed. Only the first
instance of a transaction can be valid, therefore it was possible for an invalid
transaction to overwrite the status of a valid transaction, and therefore APIs
such as 'GetTransactionByID' and 'GetBlockByTxID' may return the latter invalid
transaction. In these cases the ledger remained correct, however transaction
queries may have returned unexpected results.
In this release, the behavior is changed so that the first transaction (the only
instance that can be valid) will not be overwritten in the index.
In the rare scenario where this problem has occurred on a channel, the peer's
transaction index can be rebuilt after upgrading to version v1.2, by stopping the
peer, deleting the <CORE_PEER_FILESYSTEMPATH>/ledgersData/chains/index directory,
and restarting the peer. The peer will automatically rebuild its indexes
using the new behavior.
Refer to https://jira.hyperledger.org/browse/FAB-8557 for more details.

FAB-8877 - Reserved field validation for CouchDB state database

Prior releases did not validate chaincode data against all state database
content restrictions.  Specifically, version v1.2 adds validation during
chaincode execution to ensure that keys that will be written to CouchDB
state database are UTF8 complaint, do not start with an underscore, and
that there are no top-level JSON fields named '~version' or that start with
underscores, as these fields are reserved for use by CouchDB (and Fabric).
If these conditions are found during chaincode execution, an error will
be returned to the client in the proposal response.
For the same reason, all peers on a channel must utilize the same state
database type, and it is not possible to convert a channel's peers from
using LevelDB state database to CouchDB state database, unless the
chaincode performs the same validations.
Refer to https://jira.hyperledger.org/browse/FAB-8877 for more details.

Known Vulnerabilities
---------------------
FAB-8664 - Peer does not detect his own org ejection
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in an upcoming release.

Resolved Vulnerabilities
------------------------
FAB-10537 - Reject CONFIG/ORDERER_TRANSACTION messages
Ensures that clients cannot submit transactions intended to be generated
from orderer nodes.

Other improvements and fixes
----------------------------
For the full list of improvements and fixes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v120

v1.2.0-rc1 Release Notes - June 22, 2018

22 Nov 15:30
Compare
Choose a tag to compare
----------------------------------------

What's New in v1.2
------------------

The following features/epics are included in this release:

FAB-8718 - Channel Private Data
Keep chaincode data confidential among a subset of channel members.

FAB-8727 - Access control for peer functions
Configure which client identities can interact with peer functions, per channel.

FAB-8729 - Pluggable endorsement and validation
Utilize pluggable endorsement and validation logic per chaincode.

FAB-8779 - Service Discovery
Discover network services dynamically, including orderers, peers, chaincode,
and endorsement policies, to simplify client applications.

Hygiene and Technical debt
Ginkgo-based integration tests have been added, and component code has been
refactored for improved readability and maintainability.

Changes, Known Issues, and Workarounds
--------------------------------------

FAB-10151 - configtx.yaml samples fixed

Previous releases included example input files for configtxgen (configtx.yaml)
that contained invalid YAML which referenced YAML anchors before they were
defined. It was not a problem in prior releases since the golang YAML parser
tolerated references before definitions.
The configtx.yaml samples are corrected in version v1.2. Users are advised
to evaluate their configtxgen input documents for places where YAML anchors
are referenced before they are defined. Either reorder nodes to ensure
anchors are defined before they are referenced, or re-create YAML documents
using the updated configtx.yaml sample documents as a starting point.
Refer to https://jira.hyperledger.org/browse/FAB-10151 for more details.

FAB-8557 - Transaction index and query behavior changed

There is a change to how some of the indexes maintained by ledger are updated.
Specifically, this includes indexes that maintain information by txid. In the rare
scenario when two transactions were submitted with the same transaction ids,
in the previous releases, the last transaction would be indexed. Only the first
instance of a transaction can be valid, therefore it was possible for an invalid
transaction to overwrite the status of a valid transaction, and therefore APIs
such as 'GetTransactionByID' and 'GetBlockByTxID' may return the latter invalid
transaction. In these cases the ledger remained correct, however transaction
queries may have returned unexpected results.
In this release, the behavior is changed so that the first transaction (the only
instance that can be valid) will not be overwritten in the index.
In the rare scenario where this problem has occurred on a channel, the peer's
transaction index can be rebuilt after upgrading to version v1.2, by stopping the
peer, deleting the <CORE_PEER_FILESYSTEMPATH>/ledgersData/chains/index directory,
and restarting the peer. The peer will automatically rebuild its indexes
using the new behavior.
Refer to https://jira.hyperledger.org/browse/FAB-8557 for more details.

FAB-8877 - Reserved field validation for CouchDB state database

Prior releases did not validate chaincode data against all state database
content restrictions.  Specifically, version v1.2 adds validation during
chaincode execution to ensure that keys that will be written to CouchDB
state database are UTF8 complaint, do not start with an underscore, and
that there are no top-level JSON fields named '~version' or that start with
underscores, as these fields are reserved for use by CouchDB (and Fabric).
If these conditions are found during chaincode execution, an error will
be returned to the client in the proposal response.
For the same reason, all peers on a channel must utilize the same state
database type, and it is not possible to convert a channel's peers from
using LevelDB state database to CouchDB state database, unless the
chaincode performs the same validations.
Refer to https://jira.hyperledger.org/browse/FAB-8877 for more details.

Known Vulnerabilities
---------------------
FAB-8664 - Peer does not detect his own org ejection
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in an upcoming release.

Resolved Vulnerabilities
------------------------
FAB-10537 - Reject CONFIG/ORDERER_TRANSACTION messages
Ensures that clients cannot submit transactions intended to be generated
from orderer nodes.

Other improvements and fixes
----------------------------
For the full list of improvements and fixes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v120-rc1

v1.1.0 March 15, 2018

22 Nov 15:35
Compare
Choose a tag to compare
---------------------

Release Notes
-------------
The v1.1 release includes all of the features delivered in v1.1.0-preview
and v1.1.0-alpha.

Additionally, there are feature improvements, bug fixes, documentation and test
coverage improvements, UX improvements based on user feedback and changes to address a
variety of static scan findings (unused code, static security scanning, spelling,
linting and more).

Updated to Go version 1.9.2.
Updated baseimage version to 0.4.6.

Known Vulnerabilities
---------------------
none

Resolved Vulnerabilities
------------------------
https://jira.hyperledger.org/browse/FAB-4824
https://jira.hyperledger.org/browse/FAB-5406

Known Issues & Workarounds
--------------------------
The fabric-ccenv image which is used to build chaincode, currently includes
the github.com/hyperledger/fabric/core/chaincode/shim ("shim") package.
This is convenient, as it provides the ability to package chaincode
without the need to include the "shim". However, this may cause issues in future
releases (and/or when trying to use packages which are included by the "shim").

In order to avoid any issues, users are advised to manually vendor the "shim"
package with their chaincode prior to using the peer CLI for packaging and/or
for installing chaincode.

Please refer to https://jira.hyperledger.org/browse/FAB-5177 for more details,
and kindly be aware that given the above, we may end up changing the
fabric-ccenv in the future.

Change Log
----------
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v110

v1.1.0-rc1 March 1, 2018

22 Nov 15:38
Compare
Choose a tag to compare
-------------------------------

Release Notes
-------------
The v1.1 release candidate 1 (rc1) includes all of the features delivered in v1.1.0-preview
and v1.1.0-alpha.

Additionally, there are feature improvements, bug fixes, documentation and test
coverage improvements, UX improvements based on user feedback and changes to address a
variety of static scan findings (unused code, static security scanning, spelling,
linting and more).

Known Vulnerabilities
---------------------
none

Resolved Vulnerabilities
------------------------
none

Known Issues & Workarounds
--------------------------
The fabric-ccenv image which is used to build chaincode, currently includes
the github.com/hyperledger/fabric/core/chaincode/shim ("shim") package.
This is convenient, as it provides the ability to package chaincode
without the need to include the "shim". However, this may cause issues in future
releases (and/or when trying to use packages which are included by the "shim").

In order to avoid any issues, users are advised to manually vendor the "shim"
package with their chaincode prior to using the peer CLI for packaging and/or
for installing chaincode.

Please refer to https://jira.hyperledger.org/browse/FAB-5177 for more details,
and kindly be aware that given the above, we may end up changing the
fabric-ccenv in the future.

Change Log
----------
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v110-rc1

v1.1.0-alpha January 25, 2018

22 Nov 15:36
Compare
Choose a tag to compare
-------------------------------

Release Notes
-------------
This is a feature-complete *alpha* release of the up-coming 1.1 release. The 1.1 release
includes the following new major features:

  - https://jira.hyperledger.org/browse/FAB-6911 - Event service for blocks
  - https://jira.hyperledger.org/browse/FAB-5481 - Event service for block transaction events
  - https://jira.hyperledger.org/browse/FAB-5300 - Certificate Revocation List from CA
  - https://jira.hyperledger.org/browse/FAB-3067 - Peer management of CouchDB indexes
  - https://jira.hyperledger.org/browse/FAB-6715 - Mutual TLS between all components
  - https://jira.hyperledger.org/browse/FAB-5556 - Rolling Upgrade via configured capabilities
  - https://jira.hyperledger.org/browse/FAB-2331 - Node.js Chaincode support
  - https://jira.hyperledger.org/browse/FAB-5363 - Node.js SDK Connection Profile
  - https://jira.hyperledger.org/browse/FAB-830 - Encryption library for chaincode
  - https://jira.hyperledger.org/browse/FAB-5346 - Attribute-based Access Control
  - https://jira.hyperledger.org/browse/FAB-6089 - Chaincode APIs for creator identity
  - https://jira.hyperledger.org/browse/FAB-6421 - Performance improvements

Additionally, there are feature improvements, bug fixes, documentation and test
coverage improvements, UX improvements based on user feedback and changes to address a
variety of static scan findings (unused code, static security scanning, spelling,
linting and more).

Known Vulnerabilities
---------------------
none

Resolved Vulnerabilities
------------------------
none

Known Issues & Workarounds
--------------------------
The fabric-ccenv image which is used to build chaincode, currently includes
the github.com/hyperledger/fabric/core/chaincode/shim ("shim") package.
This is convenient, as it provides the ability to package chaincode
without the need to include the "shim". However, this may cause issues in future
releases (and/or when trying to use packages which are included by the "shim").

In order to avoid any issues, users are advised to manually vendor the "shim"
package with their chaincode prior to using the peer CLI for packaging and/or
for installing chaincode.

Please refer to https://jira.hyperledger.org/browse/FAB-5177 for more details,
and kindly be aware that given the above, we may end up changing the
fabric-ccenv in the future.

Change Log
----------
https://github.com/hyperledger/fabric/blob/master/CHANGELOG.md#v110-alpha