ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-02-21 09:51:57 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
6,575 Commits 96 Branches 407 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
James Brown c205a10ec0
ENT-2684 Fix owasp dependency checker to fail builds based on CVSS level (#4169) 
OWASP Dependency Checker has been updated so that it can be configured to automatically fail a build when a vulnerable dependency is detected. This option is exposed through gradle settings, so that a build can be configured in TeamCity to pass/fail. This change is backward-compatible - i.e. it does not affect a build by default unless configured to do so.

Ability to fail a build is exposed by the new owasp.failBuildOnCVSS gradle property
By default this is set to '11.0' which will always pass a build even if a vulnerability is found (so will not affect anything by default)
Reduce the CVSS level between 0-10 to indicate what level to fail a build on
Example usage to catch Medium severity (and above) issues:

Configure gradle with the option -Powasp.failBuildOnCVSS=4
2018-11-07 09:00:19 +00:00
.ci
StatePointer (#4074)
2018-11-05 10:33:26 +00:00
.github
Typo. (#3750)
2018-08-07 10:14:23 +01:00
.idea
[CORDA-2011] [CORDA-2057] CryptoService interface and BC HSM simulation (#4099)
2018-11-06 12:57:13 +00:00
buildSrc
CORDA-1509 Configure and enable Gradle Build Cache (#3908)
2018-09-26 13:38:23 +01:00
client
ENT-2659 Eliminate lots of contention in serialization (#4120)
2018-10-30 15:26:46 +00:00
common
[CORDA-1763]: Add node CLI option for validating configuration. (#4121)
2018-10-29 13:33:43 +00:00
confidential-identities
CORDA-2030: Resolve build warnings about kotlin-stdlib-jre8 in unit tests too. (#4043)
2018-10-08 12:49:05 +01:00
config
CORDA-2183: Show root cause of error in console to aid with debugging (#4178)
2018-11-06 22:15:22 +00:00
core
Don't check signers of META-INF/LIST.INDEX file (workaround for CORDA-2116) (#4148)
2018-11-06 14:34:03 +00:00
core-deterministic
Feature/corda 1947/add package ownership (#4097)
2018-10-22 15:00:08 +01:00
create-jdk8u
ENT-1467: Make the deterministic JDK image compatible with IntelliJ. (#3416)
2018-06-26 11:53:16 +01:00
djvm
ENT-1906: Don't transform java.Object[] to sandbox.Object[]. (#4115)
2018-10-29 16:32:40 +00:00
docs
CORDA 2131 - Extend Network Bootstrapper to enable registration of Java Package Namespaces. (#4116)
2018-11-06 09:28:55 +00:00
experimental
CORDA-1489 Exposure of node internals in mock network (#4130)
2018-11-05 09:29:05 +00:00
finance
CORDA-1489 Exposure of node internals in mock network (#4130)
2018-11-05 09:29:05 +00:00
gradle/wrapper
CORDA-1983: Upgrade to Gradle 4.10.1. (#3947)
2018-09-15 14:23:16 +01:00
jdk8u-deterministic
CID-251: Integrate DJVM with Corda's existing deterministic-rt. (#3846)
2018-08-24 15:51:40 +01:00
lib
[CORDA-1611] Upgrade Quasar to 0.7.10 (#3342)
2018-06-12 09:38:14 +01:00
node
CORDA-2183: Show root cause of error in console to aid with debugging (#4178)
2018-11-06 22:15:22 +00:00
node-api
[CORDA-2011] [CORDA-2057] CryptoService interface and BC HSM simulation (#4099)
2018-11-06 12:57:13 +00:00
release-tools
NOTICK - Enable generation of test tickets for snapshots (#4123)
2018-10-29 13:18:50 +00:00
samples
StatePointer (#4074)
2018-11-05 10:33:26 +00:00
serialization
ENT-2659 Eliminate lots of contention in serialization (#4120)
2018-10-30 15:26:46 +00:00
serialization-deterministic
ENT-2659 Eliminate lots of contention in serialization (#4120)
2018-10-30 15:26:46 +00:00
testing
Don't check signers of META-INF/LIST.INDEX file (workaround for CORDA-2116) (#4148)
2018-11-06 14:34:03 +00:00
tools
Ignoring invalid test (works on Linux not on Windows) (#4173)
2018-11-06 17:31:11 +00:00
webserver
CORDA-1985: Configure Gradle capsule plugin to use Capsule 1.0.3. (#3949)
2018-09-17 13:55:31 +01:00
.gitignore
Update references to point to new repo and remove other redundant references. (#3151)
2018-05-15 17:09:50 +01:00
build.gradle
ENT-2684 Fix owasp dependency checker to fail builds based on CVSS level (#4169)
2018-11-07 09:00:19 +00:00
buildCacheSettings.gradle
Explicitly disable remote gradle build cache when building locally. (#4095)
2018-10-19 16:40:06 +01:00
constants.properties
ENT-2509 - Make @InitiatedBy flows overridable via node config (#3960)
2018-10-23 16:45:07 +01:00
CONTRIBUTING.md
Expanded message to contributors (#2969)
2018-05-04 09:18:36 +01:00
CONTRIBUTORS.md
Update CONTRIBUTORS.md
2018-10-30 09:46:38 +00:00
deterministic.gradle
ENT-1463, ENT-1903: Refactor Gradle for deterministic modules (#3387)
2018-06-18 14:14:48 +01:00
gradle.properties
ENT-2684 Fix owasp dependency checker to fail builds based on CVSS level (#4169)
2018-11-07 09:00:19 +00:00
gradlew
Upgraded to gradle 4.1.
2017-08-23 15:36:08 +01:00
gradlew.bat
Upgrade gradle to 4.4.1
2018-01-24 16:15:43 +00:00
LICENSE
Update license year to 2018 (#3000)
2018-04-25 14:47:32 +01:00
README.md
Fix mailing list link to point to corda-dev
2018-11-01 16:04:12 +01:00
settings.gradle
[CORDA-1778, CORDA-1835]: Decoupled configuration parsing mechanism (#4093)
2018-10-25 16:45:14 +01:00
TRADEMARK
Updated URL link to R3 trademark policy
2017-07-13 11:43:41 +01:00

README.md

Corda

License

Corda

Corda is an open source blockchain project, designed for business from the start. Only Corda allows you to build interoperable blockchain networks that transact in strict privacy. Corda's smart contract technology allows businesses to transact directly, with value.

Features

  • Smart contracts that can be written in Java and other JVM languages
  • Flow framework to manage communication and negotiation between participants
  • Peer-to-peer network of nodes
  • "Notary" infrastructure to validate uniqueness and sequencing of transactions without global broadcast
  • Enables the development and deployment of distributed apps called CorDapps
  • Written in Kotlin, targeting the JVM

Getting started

  1. Read the Getting Started documentation
  2. Run the Example CorDapp
  3. Read about Corda's Key Concepts
  4. Follow the Hello, World! tutorial

Useful links

Contributing

We welcome contributions to Corda! Please see our CONTRIBUTING.md.

License

Apache 2.0

Acknowledgements

YourKit

YourKit supports open source projects with its full-featured Java Profiler.

YourKit, LLC is the creator of YourKit Java Profiler and YourKit .NET Profiler, innovative and intelligent tools for profiling Java and .NET applications.

Description
Corda is an open source blockchain project, designed for business from the start. Only Corda allows you to build interoperable blockchain networks that transact in strict privacy. Corda's smart contract technology allows businesses to transact directly, with value.
cordadistributed-ledgerdltkotlin
Readme Pixar 354 MiB
Languages
Kotlin 94.3%
Java 2.5%
C++ 2.1%
Python 0.3%
Shell 0.3%
Other 0.3%