Releases · microsoft/CCF

28 May 12:23

achamayou

ccf-5.0.0-dev16

d9b0407

5.0.0-dev16 Pre-release

Pre-release

Added

Reusable functionality for creating an in-enclave JS interpreter has been added to the public C++ API. Applications should subclass CustomJSEndpointRegistry to get similar behaviour to the existing JS Generic app.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 15

26 Apr 14:00

achamayou

ccf-5.0.0-dev15

d01c350

5.0.0-dev15 Pre-release

Pre-release

Added

CCF now supports a mode where HTTP redirect responses are returned, rather than relying on internal forwarding. See docs for description of redirection behaviour and migration instructions.
Authentication policies can now be conjoined (AND) together, in addition to the previous disjoint (OR) behaviour. The new ccf::AllOfAuthnPolicy takes a collection of other policies, all of which must be true for this auth policy to pass. In JS, this can be configured in the app.json as "authn_policies": [{ "all_of": ["policy_a", "policy_b"] }].

Changed

proposalId is now passed to resolve(proposal, proposerId, votes, proposalId), allowing proposals to consider other pending proposals in their resolution process. (#5995)
The current state of an accepted proposal is written to the KV so that it can be accessed in the constitution's apply(proposal, proposalId) function (#6114).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 15

19 Mar 14:09

ccf-4.0.16

c85ddf5

4.0.16

Dependencies

Updated base image

Assets 14

18 Mar 20:20

achamayou

ccf-5.0.0-dev14

68d5937

5.0.0-dev14 Pre-release

Pre-release

Added

Added a ccfapp.checkedJson converter to the CCF TypeScript package, which will raise errors when given objects which cannot be roundtrip-converted through JSON (currently Map and Date). There is a slight cost to checking this on each instance during encode, so the behaviour is opt-in (not directly replacing ccfapp.json), but it is recommended that most tables update to use this converter.

Removed

The scurl.sh script has been removed. With #5137 removing support for HTTP signed requests, it is no longer needed.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 15

26 Feb 19:04

ccf-4.0.15

dcef0ce

4.0.15

Fixed

Improvements to the Raft implementation, to retain commit safety and liveness despite message loss (#6016).

Added

Added 2 new log lines which may be helpful diagnostics in production deployments, both including a new [rollback] tag.
[rollback] ... Dropping conflicting branch may be emitted after network partitions, and indicates that some Pending (non-committed) transactions have been lost. This is expected, but worth investigating if it occurs regularly - it is a sign of elections impacting service availability.
[rollback] ... Ignoring conflicting AppendEntries could also be emitted after a network partition, but should be reported to the CCF development team. It is a sign of an unexpected execution path, which could lead to loss of liveness (inability to advance commit).

Dependencies

The CCF Python package now requires cryptography 42.*

Assets 14

19 Feb 12:26

achamayou

ccf-5.0.0-dev13

a9c0eb8

5.0.0-dev13 Pre-release

Pre-release

Fixed

Improvements to the Raft implementation, to retain commit safety and liveness despite message loss (#6016).

Added

Added 2 new log lines which may be helpful diagnostics in production deployments, both including a new [rollback] tag.
[rollback] ... Dropping conflicting branch may be emitted after network partitions, and indicates that some Pending (non-committed) transactions have been lost. This is expected, but worth investigating if it occurs regularly - it is a sign of elections impacting service availability.
[rollback] ... Ignoring conflicting AppendEntries could also be emitted after a network partition, but should be reported to the CCF development team. It is a sign of an unexpected execution path, which could lead to loss of liveness (inability to advance commit).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 15

24 Jan 21:09

achamayou

ccf-5.0.0-dev12

c2b8a9e

5.0.0-dev12 Pre-release

Pre-release

Added

There is now a contains_globally_committed(k) method on kv::Set<K>, with the same semantics as get_globally_committed(k) on kv::Map<K, V> (#5928).

Changed

JS endpoints marked as "mode": "readonly" are prevented from writing to the KV. Attempting to call map.set(k, v), map.delete(k), or map.clear() on any KV table in such an endpoint will now result in an error being thrown (#5921).

Fixed

Nodes are now more robust to unexpected traffic on node-to-node ports (#5889).
Added a GET /node/backup endpoint, returning 200 when backup and 404 when not, for load balancers to use (#5789).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 15

09 Jan 14:09

ccf-4.0.14

6ddfb46

4.0.14

Fixed

Nodes are now more robust to unexpected traffic on node-to-node ports (#5889).
ccf.crypto.digest and ccf.crypto.isValidX509CertBundle are accessible again through ccf.digest and ccf.isValidX509CertBundle, to faciliate migration of CCF 3.x-era constitutions. The constitution sample under samples/constitutions/default/actions.js has been updated to show how migration is possible without relying on aliasing in 4.x.

Assets 14

20 Dec 10:39

ccf-5.0.0-dev11

5daf0c7

5.0.0-dev11 Pre-release

Pre-release

Removed

ccf::historical::adapter_v2 is removed, replaced by ccf::historical::adapter_v3 first introduced in 2.0.0.
ccf::EnclaveAttestationProvider has been removed. It is replaced by ccf::AttestationProvider
The attestation.environment.security_context_directory configuration entry and --snp-security-context-dir-var CLI option have been removed. SNP collateral must now be provided through the snp_security_policy_file, snp_uvm_endorsements_file and snp_endorsement_servers configuration values. See documentation for details and platform-specific configuration samples.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 14

15 Dec 17:56

ccf-5.0.0-dev10

7b3f22f

5.0.0-dev10 Pre-release

Pre-release

The url field in snp_endorsements_servers can now contain environment variables that will be resolved at startup, such as "$Fabric_NodeIPOrFQDN:2377" (#5862).
Add a new snp_security_policy_file configuration value under attestation, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR. The value can contain environment variables, for example: "snp_security_policy_file": "$UVM_SECURITY_CONTEXT_DIR/security-policy-base64".
Add a new snp_uvm_endorsements_file configuration value under attestation, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR. The value can contain environment variables, for example: "snp_uvm_endorsements_file": "$UVM_SECURITY_CONTEXT_DIR/reference-info-base64". This value can come from an untrusted location, like snp_security_policy_file and AMD endorsements (fetched from snp_endorsements_servers), because the CCF code contains pre-defined roots of trust.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

Assets 14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added

Added

Changed

Dependencies

Added

Removed

Fixed

Added

Dependencies

Fixed

Added

Added

Changed

Fixed

Fixed

Removed

Releases: microsoft/CCF

5.0.0-dev16

Added

5.0.0-dev15

Added

Changed

4.0.16

Dependencies

5.0.0-dev14

Added

Removed

4.0.15

Fixed

Added

Dependencies

5.0.0-dev13

Fixed

Added

5.0.0-dev12

Added

Changed

Fixed

4.0.14

Fixed

5.0.0-dev11

Removed

5.0.0-dev10