Hey everyone! We have just released version 2.6.0 of the OpenZeppelin SDK! This includes the CLI and its corresponding upgrades library. This is a small release that includes a handful of bugfixes, a dependency upgrade, and a new telemetry opt-in feature.

How to install

Just run npm install -D @openzeppelin/cli@2.6 to install locally to your project, or use the --global flag to install globally. And if you are upgrading from a previous version, you don’t need to change anything in your projects!

Telemetry

When running your first CLI command in 2.6, you will get prompted whether you want to report anonymous usage info. This decision will be stored in your workstation and apply to all OpenZeppelin SDK projects. If at any point you change your mind, you can remove the file ~/.local/share/openzeppelin-sdk-nodejs/telemetry.json to erase this setting.

We know that smart contract operations can be very sensitive, that’s why all data is fully anonymized. We only collect the command name and the network where it’s run, and then salt & hash all arguments to the command. The datetime when it was run is rounded to the week, so we cannot pinpoint the operation by its timestamp. Besides info on the command itself, we also collect generic environment info, such as the platform and the versions of some web3 dependencies.

All this data is stored in a Firebase datastore, and is not shared with any 3rd parties. There are no 3rd party tracking plugins either - all the code for submitting telemetry info is home made. Also, note that enabling telemetry does not incur in any performance penalties, as the report is submitted via a separate process, which does not block the CLI.

With this, we hope to get a better understanding of how the community is using the open source tools we build, so we can better inform our roadmap in the future. If you have any concerns or questions about how this feature works, please don’t hesitate to ask!

Upgrade to web3@1.2.2

Last but not least, this new version upgrades the web3.js dependency to version 1.2.2. Among other things, this means that the SDK no longer depends on @types/web3 , so typescript users of the @openzeppelin/upgrades library can use the typings shipped directly with web3.js.

Yarn workspaces

If you are a contributor to the SDK repository, we have recently migrated from npm with lerna to using yarn workspaces. We are seeing faster installation times, and a better development experience overall with this setup. To start developing, clone the repo and just run yarn in the root - and that’s it! No more lerna bootstrap is needed.

We’ll be updating the CONTRIBUTING documentation with these new instructions during this week!

As the new telemetry information starts rolling in, we plan to focus on the commands most used by the community, to help us create more meaningful releases for all our user base. Stay tuned, and happy coding!