github hyperledger/fabric v2.2.2
on GitHub

latest releases: v3.0.0, v2.5.10, v3.0.0-rc1...
3 years ago

v2.2.2 Release Notes - January 27, 2021

Fixes

peer and orderer - Always Finalize the PKCS#11 FindObject Operation

In certain error paths, a PKCS#11 session was not finalized, leaving the session
in a locked state so that it could not be reused.
This fix finalizes session handles even in error paths, so that the session can be reused
by subsequent calls.

FAB-18308: peer and orderer - Restore support for MSPs that contain RSA certificate authorities

While Fabric has never supported RSA for transaction signatures or validation,
certificate authorities included in MSP definitions could be associated with
RSA keys. This ability was inadvertently removed during the development of
release 2.0 and prevented migration of some networks to a 2.x version. With
these changes, version 2.x components will no longer panic when attempting to
initialize MSPs that include CA certificates associated with RSA keys.

orderer - Allow tick interval override via orderer.yaml

If a raft network becomes unstable, sometimes, adjusting the tick
interval duration can be effective to restore it. However, the tick interval is
stored in the channel configuration, so if the network is not operational,
modifying it is very challenging. This fix adds Consensus.TickIntervalOverride
option to orderer.yaml configuration, allowing the channel configuration parameter
to be overridden from the local configuration.

FAB-18192: orderer - Consenter certificate validation fails when MSP is not part of existing configuration

If adding an organization MSP and a Raft consenter in the same configuration update transaction, validation fails
with error "consensus metadata update for channel config update is invalid" "certificate signed by unknown authority".
This fix adds logic to verify consenters based on the updated set of organization MSP root CAs.

FAB-18244: orderer - Single node orderer will not start due to inconsistent state

If using a single node orderer, it was possible to get into an inconsistent state where
a Raft WAL snapshot was taken but an in-flight block at the associated height is not yet written.
This fix resolves the inconsistent state by writing the last block, so that the
single node orderer can start.

orderer - Remove duplicate orderer server TLS root CAs

This fix reduces processing overhead when an ordering service node participates
in many channels.

FAB-18298: orderer - Default values for General.Cluster.ClientCertificate and General.Cluster.ClientPrivateKey

If orderer.yaml configuration options
General.Cluster.ClientCertificate and General.Cluster.ClientPrivateKey are not set,
default them to the server General.TLS.Certificate and General.TLS.PrivateKey values
when the orderer is not configured to use a separate cluster port.
This change simplifies orderer node configuration by not requiring the client certificates to be explicitly set.

peer - incorrect handling of values set to empty byte array in node chaincode

Peer should handle key values set to nil or empty byte arrays as a delete of the key.
While the behavior worked as expected when using Go chaincode and Java chaincode, if using
node chaincode it did not work correctly when setting key values to empty byte arrays.
This fix ensures that peer will interpret empty byte arrays as deletes even for node chaincodes.
If using node chaincode with private data, if you had set private data values to an empty byte array,
the private data hash would have been committed incorrectly to the state database.
To repair the state database, after applying the fix, with the peer stopped,
request that the state database be rebuilt by calling "peer node rebuild-dbs"
or by deleting the state database. Upon the next start, the peer will rebuild the state
database from the already processed block store.
If subsequent transactions had referenced the existence of such a private data hash by
calling GetPrivateDataHash, then the subsequent transactions may have been
processed incorrectly and the peer will need to additionally reprocess blocks,
which can be triggered by calling "peer node reset" instead of "peer node rebuild-dbs".
If using regular channel data only and not private data, the empty byte array will
not have been committed, and therefore no action is required on the peer beyond applying the fix.

Dependencies

Fabric v2.2.2 has been tested with the following dependencies:

  • Go 1.14.12
  • CouchDB v3.1.1

Deprecations (existing)

FAB-15754: The 'Solo' consensus type is deprecated.

The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.

FAB-16408: The 'Kafka' consensus type is deprecated.

The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.

Fabric CouchDB image is deprecated

v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.

FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.

Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.

FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate is deprecated.

The --outputAnchorPeersUpdate mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.

FAB-15406: The fabric-tools docker image is deprecated

The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.

FAB-15317: Block dissemination via gossip is deprecated

Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration: 

peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false

FAB-15061: Legacy chaincode lifecycle is deprecated

The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.

Changes:

  • bebb75f v2.2.2 release commit
  • a80c772 Add release notes for v2.2.2 (#2232)
  • 1de0825 Fix the issue of Nil/Zero-length-byte-array value (#2310)
  • e5ecdef Remove system channel from Test Network tutorial
  • c25eb86 [FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678)
  • a861c00 cherry pick test network doc chaincode deployment fix
  • 10c7839 Remove unreachable and unnecessary code in gossip membership (#2295)
  • 6805515 Orderer deployment tutorial update
  • fba5d90 [doc] fix broken link
  • 48bad48 [FAB-18170] Endorsement policy page discusses NodeSDK
See More
  • ee8fcfc [FAB-18392] Clarify scope and limitations of test network
  • 90326b8 [FAB-18252] Documentation should reference Java chaincode support
  • 813be7f Remove anchor peers from configtx.yaml tutorial (#2257)
  • 11526cf Cherry pick org3 edits to release-2.2 branch (#2256)
  • 5953056 Split command in "add an org to network" tutorial
  • 91d9621 Add more details to logging specification examples
  • 7b1dbf1 Update image filter used by integration tests
  • 2a8d96c Remove Short Names and Replace With Full Path in Fabric
  • b2a5aec Check correct error
  • 73b39dc [FAB-18378] Log warning when peer is lagging behind and cannot catch up
  • d5d9965 [FAB-17039] Skip retrieving pvtdata from transient store when txid is missing (#2183) (#2201)
  • 3496dfc [FAB-17954] Document CouchDB JSON determinism (#2187)
  • 26cbec6 [FAB-18323] CherryPick: remove ephemeral from BCCSP SW options (#1553)
  • db9a56f Fixes Hardened to Hardware
  • a381654 remove repeated the
  • bbaa5b8 update private-data sample instruction for Asset owner string
  • 82b4566 Remove reference to first-network
  • 0a1fc23 [FAB-17727] Log warning if system channel has no consortium members (#2149)
  • 935a5c2 Deploy production ordering service doc
  • c928359 Add release note for RSA CA changes
  • 50ca5d4 Add integration test for MSPs with RSA CA certs
  • b3646e5 Restore RSA support for x509 public key import
  • 4026413 Add check for invalid key before hitting couchdb (#2133) (#2135)
  • b8a095f Add persistent volume note to peer deploy guide
  • bf2ebb6 [FAB-18298] Default cluster cert and key (#2119)
  • cae9a63 Update Go to 1.14.12
  • b247ed4 Revert "Allow BCCSP config to be set using env var (#1900)"
  • d1b4524 Update Jira instructions in contributing guide
  • d1730da Cherry pick [FAB-18290] Add channel name to pvtdata reconciler log msgs (#2091)
  • 99c2d12 Deduplicate orderer server TLS root CAs
  • 1e15b64 Log TLS handshake duration
  • 9c5b283 FAB-18244 single node catches up with snapshot (#1964) (#2021)
  • 09234c0 Remove common name from private data doc
  • 5a37306 Fixed TLS certs validation for consenters (release-2.2) (#2005) [ #1888 ]
  • 6f3ad12 [FAB-18270] Disable debug of CouchDB response body
  • 4d40d65 Peer deployment guide
  • 70c41c1 Update help text in test net tutorial
  • 8930c8c Fix Node OU error message
  • ab7104a Update release docs
  • 4a63642 Cherry pick private data tutorial rebase
  • e36ca29 Add Troubleshooting topic to Test Network for Docker Desktop setting
  • e05c443 Allow tick interval override via orderer.yaml
  • 32cb396 Fix chaincode lifecycle tutorial invoke
  • ceb23df Always Finalize the PKCS11 FindObject Operation
  • 2d59f18 Corrected to capitalized function names.
  • 6a370f7 Fix table width issue
  • f2e9e6e Allow BCCSP config to be set using env var (#1900)
  • 6bd0699 Exercise a full end-to-end flow with PKCS11 (#1717)
  • 0b3b95f removed unused variable
  • bf0b300 [FAB-17129] Configure peer and orderer to use PKCS#11 as BCCSP in integration test
  • 8407bc8 Prepare for next release v2.2.2
  • 74ac27c Add two and three digit publishing
  • 344fda6 Release commit for v2.2.1
  • bebb5d8 Cherry pick secured asset transfer tutorial to 2.2
  • ba9eaff [FAB-18041] Add Node.js to CC as external service
  • 107a867 Remove No Longer Relevant Release Note
  • 99a01b2 Update release notes with FAB-18250
  • 7b7ad6b Fix missing word
  • f9f3caf Add change in documentation to explain how to add collaborators in translation
  • 61c05b8 [FAB-18250] Check Error Before Returning Session to Pool (#1937)
  • 765bb73 Remove escc and vscc from list of system chaincodes
  • 9906643 Update v2.2.1 release notes with latest fixes
  • c5cf627 Fix empty address in peer CLI ClientWait log
  • 75046cf Remove GetSessionInfo Call
  • 2e4527b Bug Fix: Saving big payloads by cache CouchDB (#1909)
  • fe684f8 Fix flakey raft/cft integration test
  • e2fa653 Add release notes for v2.2.1
  • 6b1ac6f [FAB-18237] always update stateInfo message upon chaincode update
  • f32cb81 Bugfix in collection config history mgr (#1904)
  • 3ee47a7 fix function name typo in store private data command
  • ffcbf25 Clarify tlsHandshakeTimeShift CLI help text (#1894)
  • 673c364 Correct the explanation for signcerts in Membership section
  • 68d13ed Update write_first_app.rst
  • dc8660b Regenerate peer CLI docs
  • 6c9abf9 Peer CLI communicate with orderers with expired TLS certs (#1863)
  • 6f76408 Bump fabric-config dep to 0.0.7
  • c5c1105 address review comments (#1890) (#1893)
  • a5a6acd pass unreconciled missing pvtdata to pvtdata store (backport to release-2.2) (#1886)
  • ee2bc1b pass unreconciled missing data info to ledger from reconciler (#1797)
  • bc00758 construct unreconciled missing pvtdata (#1699)
  • e500de9 deprioritize unreconcilable missingPvtData (#1721)
  • 10cb4ea mv oldpvtdata commit to separate file
  • 7eaead1 refactor pvtdatastore
  • 659fe39 Adding notes for the usage of script during samples install
  • 2d895c4 [FAB-18208] Do not sign gossip message if membership is empty
  • 42da963 Convert Azure Pipeline To Stages (#1874)
  • 6a02559 Fix data race in gossip/discovery test
  • 7dcd9fd Minor doc fix to clear Sphinx local build error
  • 09764d8 fix missing err check in the block commit path (#1543)
  • cc6dc99 minor cleanup of pvtdatastore
  • 20f0697 reset leveldb batch after the commit
  • bebe131 Use directly leveldb batch (#1507)
  • 99332da [FAB-18194] Fix service discovery for legacy installed chaincodes
  • 0bd0ab2 Update RTD Placeholder
  • ef2632e [FAB-18191] Remove contents of leveldb dir instead of the dir itself when dropping dbs (#1828)
  • 8dae484 [FAB-18120] Adding DevMode integration test for new lifecycle.
  • 9da753a [FAB-18169] Add DevMode support in ChaincodeEndorsementInfoSource
  • 8bbedb8 Revert "[FAB-18183] Bump sphinx in requirements.txt to v1.8.5"
  • bf8f6fc [FAB-18188] Log orderer and peer cert expiration date upon startup (#1804)
  • 0e52fff [FAB-18171] Disregard certificate validity period in intra-orderer communication
  • 445b997 [FAB-18183] Bump sphinx in requirements.txt to v1.8.5
  • 2fc575c Cache bccsp keys generated from getECKey
  • 7b8de81 Add object handle cache to PKCS#11 bccsp provider
  • bf2f3fc Make ecPoint a method on impl
  • 2a22160 Make findKeyPairFromSKI a method on impl
  • 86a5c64 Replace loadLib with initialize method
  • 8a63732 Merge pkcs11/impl.go and pkcs11/pkcs11.go
  • f47ac7d Drain session pool before creating new sessions
  • 4fd232e Add instructions for how to use @Mergifyio backport command
  • 2d522b5 Update Add an Org to a Channel tutorial
  • 2813aba Updates to CouchDB doc tutorial
  • 4919fa7 Updated Using CouchDB to use asset transfer ledger queries smart contract
  • 64c7600 Update Channel Update (Adding an Org) tutorial
  • 7d6bb0f Update docs to replace fabcar references with basic asset transfer
  • 1450e3c Add links for Go and Java sample applications
  • b8b7af7 Refactor tutorial to 'Writing Your First Chaincode'
  • 14ad1d7 [FAB-18109] Update peer chaincode invoke
  • e042657 Fix code snippet display (#1759)
  • 9783edb Write Your First App tutorial updates (#1757)
  • 9563518 Update "Deploying a smart contract" tutorial. (#1756)
  • 417bcd4 Update "Using the Fabric Test network" tutorial (#1755)
  • 0b598c4 Update Write Your First Application Tutorial (#1754)
  • c4e310d Remove Use of Manifest Tool
  • 5f16da8 Update RTD to Target Correct GH Release Branch
  • 6491f6a Fix and improve discovery TLS authentication comments in document
  • 50aea5e Update doc to reflect change in FAB-18163 (#1729)
  • 25a5c40 FAB-18163 TLS Timeshift w/o Separate Cluster Port (#1724) (#1725)
  • f60c78a Add Raft metrics to Raft config doc
  • c932bb4 Use correct gossip SecretEnvelope reference
  • 2821cfc Log Error When PKCS11 Key Not Found (#1679)
  • cce8553 fix: modify certificate alternate DNS duplication
  • 6e97dd0 fix glossary.rst by reverting commit 21fa648
  • 8d590c6 typo fix
  • 05655d0 Fix link in Develop apps doc
  • 67ce3cb Fix: Missing addToWallet.js in ls command output
  • 534e87a Add link to Use a CA to deployment guide
  • 9099e5b Fix international language make html instructions
  • 3741860 Raft: Check suspect info once per suspect interval (#1600)
  • 03f0544 Add LTS release status to What's New doc.
  • 6be80ae Print channel name in learnAnchorPeers
  • dd556f3 Advice for translators, PRs and tools
  • 5dc22d5 Remove ccenv dependency in platforms unit test
  • 9bca8d6 Changes for i18n
  • 5f11b9b Simple Typo fix
  • 5ea85bc Fabric v2.2.0 release commit
  • 7b1a1a2 Add release notes for v2.2
  • d2dfc63 Improve peer CLI error message when no orderer address passed (#1555)
  • 9c3c599 [FAB-18054] Remove default value for top level orderer addresses if (#1550)
  • ff00d9b Improve private data logging (#1545)
  • 62dfb2d Add org name to consortium error message
  • 0de7fc1 Restore couchdb logger (#1532)
  • 2169710 Use tcp for statsd and poll for metric arrival
  • 568d346 Fix chaincode package example path
  • ac3f596 Remove Thirdparty Images From Bootstrap Script
  • 9b187f5 Edits to style guide
  • a6ad407 Upgrade updates
  • 8fd785a Deploy Chaincode Doc
  • 4591d52 Add Check For CouchDB 3.1 (#1491)
  • 529a931 Only canonize ECDSA signatures in MSP:IsWellFormed (#1498)
  • 3d305f7 Disable channel participation API in release-2.2
  • a7dc1d4 [FAB-18028] Create new PropagateEnvironment key

This list of changes was auto generated.

Check out latest releases or
releases around hyperledger/fabric v2.2.2

Don't miss a new fabric release

NewReleases is sending notifications on new releases.

Get notifications