* Flask security update
The Pallets Project Flask before 1.0 is affected by: unexpected memory
usage. The impact is: denial of service.
The attack vector is: crafted encoded JSON data. The fixed version is:
1. NOTE: this may overlap CVE-2018-1000656.
Signed-off-by: David Dashyan <mail@davie.li>
* Make send_naughty_tx error regex more robust
Signed-off-by: David Dashyan <mail@davie.li>
* Reorganized docs
* Fixed internal links in basic usage
* fixed the docker-compose command and volume for docs
* fixed docs tests
* fix travis docs test
* tox ini file
* fixed readme localhost links
* edited tox and test docs to previous state
* Fix tests errors related to docs reorganization
Signed-off-by: David Dashyan <mail@davie.li>
* Added ansible script installation option
Signed-off-by: Lana Ivina <lana@ipdb.io>
* Added ansible script to network setup guide
Signed-off-by: Lana Ivina <lana@ipdb.io>
* Hid the non-working button for now.
Signed-off: Lana Ivina <lana@ipdb.io>
* Try now button
Co-authored-by: David Dashyan <mail@davie.li>
Problem statement:
BigchainDB v2.0.0b9 has been around for quite a while. Recently we have updated
Tendermint supported version to v0.31.5 which has incompatible blockchain.
Despite the fact that we have defined instructions on chain migration, no one
expected to migrate to incompatible chain within patch version range. So there
is a demand for Tendermint v0.22.8 compatibility among BigchainDB users.
Work has been done:
bigchaindb-abci package was upgraded to support multiple API versions.
New configuration field stating tendermint version was added.
Signed-off-by: David Dashyan <mail@davie.li>
From version 3.6+ mongodb by default binds only to localhost (127.0.0.1) IP. That can be checked with "netstat -tulpn | grep LISTEN" command in container. It will return "127.0.0.1:27017 | 0.0.0.0:* | LISTEN | 15/mongod" for mongod. That causes inability to connect to running mongo from host machine. Proposed change allows mongo to bind to container network interface, thus allowing connections from host machine.
* added last_tx switch to the TX get query to only get the latest TX for a given asset.
* extended test case to contain last_tx field
* Add last_tx option in query module
* Fix natural descending cursor sort argument
Since version 3.10, Alpine linux has removed mongodb from the available packages.
Using v3.9 it's still possible to build the all-in-one configuration using the provided Dockerfile.
Signed-off-by: Giuseppe Raveduto <giuseppe.raveduto@eng.it>
To account for sporadic failures on bigchaindb server and container stop, it would be beneficial to include in docker-compose the ability for the containers to restart on failure or docker daemon restart. Issue #2624