Releases: microsoft/CCF
Releases · microsoft/CCF
6.0.0-dev13
Added
- Joining nodes can now request a snapshot from their peers at startup, rather than relying on file access. The joinee's snapshot will be fetched and used if it is more recent than the joiner has access to. This behaviour is enabled by default, but can be disabled via the
command.join.fetch_recent_snapshotconfig option (#6758).
Changed
- CCF now defaults to using libstdc++ rather than libc++, and no longer builds with LTO, to improve compatibility with other C++ libraries.
6.0.0-dev12
Dependencies
- nghttp2 is now picked up from the OS rather than vendored to enable libcurl usage
- Misc dependency updates (#6725)
6.0.0-dev11
Added
GET /gov/service/javascript-appnow takes an optional?case=originalquery argument. When passed, the response will contain the raw originalsnake_casefield names, for direct comparison, rather than the API-standardcamelCaseprojections.- Applications can now extend
js_generic(ie - a JS app where JS endpoints are edited by governance transactions), from the public headerccf/js/samples/governance_driven_registry.h. The API for existing JS-programmability apps usingDynamicJSEndpointRegistryshould be unaffected.
Fixed
cose_signaturesconfiguration (issuer/subject) is now correctly preserved across disaster recovery (#6709).
Deprecated
- The function
ccf::get_js_plugins()and associated FFI plugin system for JS is deprecated. Similar functionality should now be implemented through ajs::Extensionreturned fromDynamicJSEndpointRegistry::get_extensions().
Dependencies
- nghttp2 updated from 1.55.1 to 1.64.0
6.0.0-dev10
Added
- Expose
ccf:http::parse_accept_header()andccf::http::AcceptHeaderField(#6706). - Added
ccf::cose::AbstractCOSESignaturesConfigsubsystem to expose COSE signature configuration to application handlers (#6707). - Package
build_bundle.tsundernpx ccf-build-bundleto allow javascript users to build a ccf schema bundle (#6704).
6.0.0-dev9
Changed
- The
read_ledger.pytool now has a--quietoption which avoids printing anything per-transaction, as well as other performance improvements, which should make it more useful in verifying the integrity of large ledgers. - COSE signatures now set a kid that is a hex-encoded SHA-256 of the DER representation of the key used to produce them (#6703).
6.0.0-dev8
Changed
- All definitions in CCF's public headers are now under the
ccf::namespace. Any application code which references any of these types directly (notablyStartupConfig,http_status,LoggerLevel), they will now need to be prefixed with theccf::namespace.
5.0.11
5.0.10
- Added OpenAPI support for
std::unordered_set.
Changed
- Service certificates and endorsements used for historical receipts now have a pathlen constraint of 1 instead of 0, reflecting the fact that there can be a single intermediate in endorsement chains. Historically the value had been 0, which happened to work because of a quirk in OpenSSL when Issuer and Subject match on an element in the chain.
Fixed
- Services upgrading from 4.x to 5.x may accidentally change their service's subject name, resulting in cryptographic errors when verifying anything endorsed by the old subject name. The subject name field is now correctly populated and retained across joins, renewals, and disaster recoveries.
6.0.0-dev7
Changed
ccf::http::get_query_value()now supports bool types with"true"and"false"as values.- Service certificates and endorsements used for historical receipts now have a pathlen constraint of 1 instead of 0, reflecting the fact that there can be a single intermediate in endorsement chains. Historically the value had been 0, which happened to work because of a quirk in OpenSSL when Issuer and Subject match on an element in the chain.
Fixed
- Services upgrading from 4.x to 5.x may accidentally change their service's subject name, resulting in cryptographic errors when verifying anything endorsed by the old subject name. The subject name field is now correctly populated and retained across joins, renewals, and disaster recoveries.