js-sdk

Threefold Grid extension based on js-ng framework. JS-SDK allows developing solutions for and on the Threefold Grid. Right now, it has the code for - 3Bot server - 3Bot admin dashboard - Polls package - ThreefoldToken statistics APIs

Getting started

• Our wiki https://threefoldtech.github.io/js-sdk/wiki
• quick start https://threefoldtech.github.io/js-sdk/wiki/#/./quick_start

Contribution

• Clean code (pep-8)
• Documentation
• Tests

API Docs

browsable at https://threefoldtech.github.io/js-sdk/api/jumpscale/

Issues

Bump cryptography from 3.3.2 to 39.0.1

opened on 2023-02-08 00:53:42 by dependabot[bot]

Bumps cryptography from 3.3.2 to 39.0.1.

Changelog

Sourced from cryptography's changelog.

39.0.1 - 2023-02-07

* **SECURITY ISSUE** - Fixed a bug where ``Cipher.update_into`` accepted Python
  buffer protocol objects, but allowed immutable buffers. **CVE-2023-23931**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.8.
.. _v39-0-0:
39.0.0 - 2023-01-01

• BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.0 has been removed. Users on older version of OpenSSL will need to upgrade.
• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.5. The new minimum LibreSSL version is 3.5.0. Going forward our policy is to support versions of LibreSSL that are available in versions of OpenBSD that are still receiving security support.
• BACKWARDS INCOMPATIBLE: Removed the encode_point and from_encoded_point methods on :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers, which had been deprecated for several years. :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes and :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point should be used instead.
• BACKWARDS INCOMPATIBLE: Support for using MD5 or SHA1 in :class:~cryptography.x509.CertificateBuilder, other X.509 builders, and PKCS7 has been removed.
• BACKWARDS INCOMPATIBLE: Dropped support for macOS 10.10 and 10.11, macOS users must upgrade to 10.12 or newer.
• ANNOUNCEMENT: The next version of cryptography (40.0) will change the way we link OpenSSL. This will only impact users who build cryptography from source (i.e., not from a wheel), and specify their own version of OpenSSL. For those users, the CFLAGS, LDFLAGS, INCLUDE, LIB, and CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS environment variables will no longer be respected. Instead, users will need to configure their builds as documented here_.
• Added support for :ref:disabling the legacy provider in OpenSSL 3.0.x<legacy-provider>.
• Added support for disabling RSA key validation checks when loading RSA keys via :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key, :func:~cryptography.hazmat.primitives.serialization.load_der_private_key, and :meth:~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers.private_key. This speeds up key loading but is :term:unsafe if you are loading potentially attacker supplied keys.
• Significantly improved performance for :class:~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305

... (truncated)

Commits

• d6951dc changelog + security fix backport (#8231)
• 138da90 workaround scapy bug in downstream tests (#8218) (#8228)
• 69527bc bookworm is py311 now (#8200)
• 111deef backport main branch CI to 39.0.x (#8153)
• 338a65a 39.0.0 version bump (#7954)
• 84a3cd7 automatically download and upload circleci wheels (#7949)
• 525c0b3 Type annotate release.py (#7951)
• 46d2a94 Use the latest 3.10 release when wheel building (#7953)
• f150dc1 fix CI to work with ubuntu 22.04 (#7950)
• 8867724 fix README for python3 (#7947)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/threefoldtech/js-sdk/network/alerts).

Bump setuptools from 65.5.0 to 65.5.1

opened on 2022-12-27 17:40:00 by dependabot[bot]

Bumps setuptools from 65.5.0 to 65.5.1.

Changelog

Sourced from setuptools's changelog.

v65.5.1

Misc ^^^^

• #3638: Drop a test dependency on the mock package, always use :external+python:py:mod:unittest.mock -- by :user:hroncok
• #3659: Fixed REDoS vector in package_index.

Commits

• a462cb5 Bump version: 65.5.0 → 65.5.1
• de35d8b Merge pull request #3656 from bmorris3/typos
• 58e23de Update changelog. Ref #3659.
• 43a9c9b Limit the amount of whitespace to search/backtrack. Fixes #3659.
• 5791343 Add test capturing failed expectation. Ref #3659.
• 1f97905 ⚫ Fade to black.
• 6254567 Remove workaround for emacs.
• 729b180 ⚫ Fade to black.
• c068081 Typo corrections
• f777a40 Suppress deprecation warning in --rsyncdir. Workaround for #3655.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/threefoldtech/js-sdk/network/alerts).

Bump certifi from 2019.11.28 to 2022.12.7

opened on 2022-12-08 04:39:40 by dependabot[bot]

Bumps certifi from 2019.11.28 to 2022.12.7.

Commits

• 9e9e840 2022.12.07
• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/threefoldtech/js-sdk/network/alerts).

cover stellar client with more tests

opened on 2022-10-31 13:41:48 by abom None

Run workflows on source files change

opened on 2022-10-26 01:31:23 by abom

Not it runs on any change to any type of files, e.g. md. Also, only run formatting workflow if there's any python files to format (not it runs anyway and fails if it cannot find any python files in the diff)

add a new pipeline for ubuntu 22.04 and python 3.10

opened on 2022-09-26 08:29:44 by abom

To test build/tests

Releases

v12.0.0 2022-12-28 16:57:00

What's Changed

• bump js-sdk version to b12 by @waleedhammam in https://github.com/threefoldtech/js-sdk/pull/3364
• Stellar: fix getting balance from an account with liquidity pool shares by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3366
• bump to 11.5b13 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3368
• Remove deprecated stellar TFTECHTEST network by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3372
• clean up explorer 2 dependency by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3376
• cont. gridv2 cleanup by @abom in https://github.com/threefoldtech/js-sdk/pull/3377
• update deps to work with python3.10 by @abom in https://github.com/threefoldtech/js-sdk/pull/3379
• bump version to 11.5b14 by @abom in https://github.com/threefoldtech/js-sdk/pull/3380
• fix stellar client transfers due to version upgrade of stellar-sdk by @abom in https://github.com/threefoldtech/js-sdk/pull/3381
• bump version to 11.5b15 by @abom in https://github.com/threefoldtech/js-sdk/pull/3384
• Fix stellar client trustline adding by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3386
• bump version to 11.5b16 by @abom in https://github.com/threefoldtech/js-sdk/pull/3387
• Fix escrow account unlock time parsing again by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3389
• release 11.5b17 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3391
• release 11.5b17 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3392
• Fix stellar token transfers for non-TFT/xlm by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3394
• black codebase by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3395
• release v11.5-b18 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3396
• release 11.0b18 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3397
• release v11.5-b18 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3398
• release by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3399
• Fix Authentication by @sameh-farouk in https://github.com/threefoldtech/js-sdk/pull/3402
• bump 11.5-b19 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3404
• Adapt stellar client vesting account recognisition to stellar_sdk 8.x by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3406
• 11.5-b20 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3407
• 11.5-b20 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3408
• Adapt claiming locked tokens to stellar_sdk 8.x by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3411
• fix black actions by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3418
• release 12.0 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3413
• release 12.0.0 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3419

New Contributors

• @MohamedElmdary made their first contribution in https://github.com/threefoldtech/js-sdk/pull/3310
• @Omarabdul3ziz made their first contribution in https://github.com/threefoldtech/js-sdk/pull/3329
• @rawdaGastan made their first contribution in https://github.com/threefoldtech/js-sdk/pull/3391

Full Changelog: https://github.com/threefoldtech/js-sdk/compare/v11.2...v12.0.0

11.5-b20 2022-12-09 10:38:56

What's Changed

• bump 11.5-b19 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3404
• Adapt stellar client vesting account recognisition to stellar_sdk 8.x by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3406
• 11.5-b20 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3407
• 11.5-b20 by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3408

Full Changelog: https://github.com/threefoldtech/js-sdk/compare/v11.5-b19...v11.5-b20

11.5-b19 2022-12-08 14:20:59

What's Changed

• Fix Authentication by @sameh-farouk in https://github.com/threefoldtech/js-sdk/pull/3402

Full Changelog: https://github.com/threefoldtech/js-sdk/compare/v11.5-b18...v11.5-b19

v11.5-b18 2022-11-28 13:38:49

What's Changed

• Fix escrow account unlock time parsing again by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3389
• release 11.5b17 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3391
• Fix stellar token transfers for non-TFT/xlm by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3394
• black codebase by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3395
• release v11.5-b18 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3396
• release v11.5-b18 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3398

Full Changelog: https://github.com/threefoldtech/js-sdk/compare/v11.5-b16...v11.5-b18

v11.5-b17 2022-11-21 09:22:46

What's Changed

• Remove deprecated stellar TFTECHTEST network by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3372
• clean up explorer 2 dependency by @xmonader in https://github.com/threefoldtech/js-sdk/pull/3376
• cont. gridv2 cleanup by @abom in https://github.com/threefoldtech/js-sdk/pull/3377
• update deps to work with python3.10 by @abom in https://github.com/threefoldtech/js-sdk/pull/3379
• bump version to 11.5b14 by @abom in https://github.com/threefoldtech/js-sdk/pull/3380
• fix stellar client transfers due to version upgrade of stellar-sdk by @abom in https://github.com/threefoldtech/js-sdk/pull/3381
• bump version to 11.5b15 by @abom in https://github.com/threefoldtech/js-sdk/pull/3384
• Fix stellar client trustline adding by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3386
• bump version to 11.5b16 by @abom in https://github.com/threefoldtech/js-sdk/pull/3387
• Fix escrow account unlock time parsing again by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3389
• release 11.5b17 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3391
• release 11.5b17 by @rawdaGastan in https://github.com/threefoldtech/js-sdk/pull/3392

New Contributors

• @rawdaGastan made their first contribution in https://github.com/threefoldtech/js-sdk/pull/3391

Full Changelog: https://github.com/threefoldtech/js-sdk/compare/v11.5-b13...v11.5-b17

v11.5-b16 2022-11-17 14:08:08

What's Changed

• Fix stellar client trustline adding by @robvanmieghem in https://github.com/threefoldtech/js-sdk/pull/3386
• bump version to 11.5b16 by @abom in https://github.com/threefoldtech/js-sdk/pull/3387

Full Changelog: https://github.com/threefoldtech/js-sdk/compare/v11.5-b15...v11.5-b16