OpenZeppelin 2.0 RC 2

Make sure to read the release notes for the first release candidate!

This second release candidate only moves two more things to the unstable drafts directory: Counter (#1332) and BreakInvariantBounty (#1334), and fixes an error in a few import paths (#1319, #1321).

v2.0.0-rc.1...v2.0.0-rc.2

OpenZeppelin 2.0 RC 1

We are very excited to announce the first release candidate of OpenZeppelin 2.0! 🎉

The major feature in this release is that we are now commiting to a stable API. In the process of stabilizing we've also reviewed a lot of the existing API in order to ensure a more straightforward experience for users.

To install the release candidate run npm install openzeppelin-solidity@next. We want to hear what you think!

Featuring...

Stable API

So far OpenZeppelin's API has sometimes changed from release to release, in backwards-incompatible ways. This has enabled us to iterate on features and design ideas, but we're at a point now where we want to commit to having a stable API and delivering reliable updates.

You can expect the external and internal API of contracts to remain stable. We're only making an exception to this for the contracts in the drafts/ subdirectory; this is where ERCs in Draft status, as well as more experimental contracts will go, and might have breaking changes in minor versions. We'll be documenting exactly what stability guarantees we provide in the coming weeks.

Granular permissions

Features which require permissions have used the almighty Ownable so far. We are now moving towards a more granular system of roles, like the MinterRole. Just like Ownable, the creator of a contract is assigned all roles at first, but they can selectively give them out to other accounts.

Improved test suite

Although this is not visible to users, we have been improving the test suite, increasing coverage, and cleaning up all of our tests, which had diverged in style. This is part of a bigger effort towards making contributing easier and involving our amazing contributors more in the entire process of building OpenZeppelin.

Changelog

v1.12.0...v2.0.0-rc.1

• Ownable contracts have moved to role based access. (#1291, #1302, #1303)
• ERC contracts have all been renamed to follow the same convention. The interfaces are called IERC##, and their implementations are ERC##. Check out, for example, IERC20 and ERC20. (#1252, #1288)
• All state variables are now private, which means that derived contracts cannot access them directly, but have to use getters. This is to increase encapsulation, to be able to reason better about the code. (#1197, #1265, #1267, #1269, #1270, #1268, #1281)
• Events have been changed to be consistently in the past tense except for those which are defined by an ERC. (#1181)
• Separated ERC721 into the different optional interfaces, and introduced ERC721Full which implements all. (#1304)
• Added ERC165Query to query support for ERC165 interfaces. (#1086)
• Added an experimental contract for migration between ERC20 tokens. (#1054)
• Added SafeMath.mod. (#915)
• Added Math.average. (#1170)
• Added ERC721Pausable. (#1154)
• Changed SafeMath to use require instead of assert. (#1187, #1120, interesting discussion!)
• Removed restriction on who can release funds in PullPayments, SplitPayment, PostDeliveryCrowdsale, RefundableCrowdsale. (#1275)
• Optimized ReentrancyMutex gas usage. (#1155)
• Made ERC721.exists internal. (#1193)
• Changed preconditions on SplitPayment constructor arguments. (#1131)
• Fixed ERC721.getApproved to be in compliance with spec. (#1256)
• Simplified interface of IndividuallyCappedCrowdsale. (#1296)
• Renamed ERC20.decreaseApproval to decreaseAllowance, and changed its semantics slightly to be more secure. (#1293)
• Renamed MerkleProof.verifyProof to MerkleProof.verify. (#1294)
• Renamed ECRecovery to ECDSA, and AddressUtils to Address. (#1253)
• Moved ECDSA and MerkleProof to a cryptography/ subdirectory. (#1253)
• Moved ReentrancyGuard, AutoIncrementing, and Address to a utils/ subdirectory. (#1253)
• Renamed proposals/ subdirectory to drafts/. (#1271)
• Moved TokenVesting, SignatureBouncer to drafts/. (#1271)
• Removed ERC20Basic, now there's only ERC20. (#1125)
• Removed Math.min64 and Math.max64, left only the uint256 variants. (#1156)
• Removed Mint and Burn events from ERC20Mintable and ERC20Burnable. (#1305)
• Removed underscores from event arguments. (#1258)
• Removed a few contracts that we thought were not generally secure enough: LimitBalance, HasNoEther, HasNoTokens, HasNoContracts, NoOwner, Destructible, TokenDestructible, CanReclaimToken. (#1253, #1254, #1306)
• Removed extensions of Owable: Claimable, DelayedClaimable, Heritable. (#1274)

v1.12.0

And thus concludes another release cycle of OpenZeppelin! 😄

Among other things, we have been busy enhancing the quality and consistency of the test suite. We think this will improve the experience for future contributors. Check it out! 📑 🙌

This is the last release before our planned 2.0 release, which will mark a commitment to a stable API. Keep an eye out for it! 👁️

Changelog

v1.11.0...v1.12.0

Additions

• We now have a code of conduct! (#1061)
• A small library with a Counter datatype. (#1023)
• A description in the README of the different categories of contracts we have and their organization. (#1089)

Improvements

• Moved ERC165 interface IDs to interface contracts. (#1070)
• Moved RBAC contract to the access directory. (#1114)
• Fixed an inheritance order that was causing some contracts to fail linearization. (#1128)
• Lots of test improvements, including the removal of Babel. (#1009, #1050, #1074, #1094, #1116, #1112, #1117)
• Fix assertRevert test helper. (#1123)
• Some gas optimizations. (#1043, #1063, #1030, #1017, #1057)
• Removed unnecessary payable constructor from Destructible. (#1107)
• Documentation tidbits. (#1035, #1082, #1084, #1083, #1060, #1101)
• Made code style more consistent with prefix underscore in all arguments. (#1133)
• Fixes for Solidity 0.5.0. (#1080, #1134)
• Silenced a compilation warning in HasNoTokens. (#1122)

v1.12.0 RC 2

Includes #1128, which fixes the inheritance order of two crowdsale contracts that was preventing some feature combinations.

Find the log of changes staged for this release at v1.11.0...v1.12.0-rc.2!

v1.12.0 RC 1

Find the log of changes staged for this release at v1.11.0...v1.12.0-rc.1!

v1.11.0

We hit our 1000th issue during this release cycle! Congrats to everyone and thank you for the hard work. 😄

Changelog

v1.10.0...v1.11.0

Added

• 🗃️ Escrow, a new class of contracts that we used to enhance the security of PullPayments. (#1014)
• ✍️ isValidSignatureAndData, a new method of SignatureBouncer to validate signed function calls. (#973)
• 📝 Initial implementation of ERC1046. (#933)

Changed

• 🌋 Updated the ERC721 contracts to the final version of the protocol. (#972, #993, #1047)
• 🦈 Updated minor things for the newer versions of Solidity. (#951, #1002, #1008, #1033)
• 🛡️ Fixed unchecked token transfer in Crowdsale. (#1006)
• 💺 Moved Whitelist to access directory. (#994)

Removed

• ⚠️ We removed the implementation of ERC827 due to concerns about its security (#1044). The code was moved to windingtree/erc827.

v1.11.0 RC 1

Thanks to all the amazing contributors who participated in this release cycle! 🎉 🐶

We love seeing the community involved, so we're trying something new this time.

Instead of our monthly release, this is a release candidate. We want to encourage the community to review the code introduced, and to report and help us fix significant bugs in the release branch, should any show up. The review period will last for a week, after which we'll release v1.11.0.

You'll find the release candidate in the next tag of the npm package.

$ npm install openzeppelin-solidity@next

We know some of you have been waiting for the implementation of the now final ERC721. You will find it here, but for any serious use please wait for the review period to be over. 🙂

Find the log of changes staged for this release at v1.10.0...v1.11.0-rc.1.

v1.10.0

The release includes the new constructor syntax in Solidity (goodbye warnings 👋).

🎉 🎉 🎉

Changelog

v1.9.0...v1.10.0

• Updated contracts for Solidity 0.4.23 including the new constructor syntax (#921)
• Added renounceOwnership to Ownable (#907)
• Added Superuser, an extension of Ownable with an emergency mechanism (#952, #978)
• Added an Ownable "behavior" to test that your ownable contracts do not break the semantics (#929)

v1.9.0

⚠️ Beginning with this release we're renaming the npm package to openzeppelin-solidity. Make sure to update your dependencies!

The release includes the new emit keyword in Solidity, some new functionality, and other enhancements. Thanks everyone for participating!

🎉 🎉 🎉

Changelog

v1.8.0...v1.9.0

• 🎀 Updated our contracts for Solidity 0.4.21, including the new emit keyword (#876)
• 🔥 Added StandardBurnableToken with a burnFrom function (#870)
• 👩‍🏫 Changed MerkleProof interface slightly (#879)
• 👮‍♀️ Removed admin functionality from RBAC (#836)
• 📝 Changes to ERC827 (#871, #838)
• 🔧 Cleaned up the npm package files and dependencies (#843, #904)

v1.8.0

This release contains the full implementation of EIP721, following the last details settled in the recently closed EIP. Thanks to all the community for your contributions! 🚀

Changelog

v1.7.0...v1.8.0

• ✨ Final EIP721 implementation (#803)
• 🔥 Add Transfer event to BurnableToken (#735)
• 👨‍🏫 ECRecovery recover is now internal (#818)
• 💅 Documentation and tests enhancements