1.0.0rc6
Pre-release
Pre-release
Release 1.0.0rc6 includes well over 100 PRs merged since Release 0.12.1. The vast majority of that work was in hardening the product in preparation for this 1.0.0 release. While there are a number of new features and a new Long Term Support (LTS) policy, the majority of the focus has been on eliminating technical debt and improving the underlying implementation. The full list of PRs in this release can be found below. here are the highlights of the release:
- A formal ACA-Py Long Term Support (LTS) policy has been documented and is being followed.
- The default underlying Python version has been upgraded to 3.12. Happily, there were minimal code changes to enable the upgrade to 3.12 from the previous Python 3.9.
- We've improved the developer experience by enabling support in ACA-Py artifacts for the ARM Architecture (and notably, Mac M1 and later systems), we have removed default support for BBS Signatures. BBS Signatures are still supported, and guidance is provided for how to enable the support for those needing it. We look forward to updating the BBS support in ACA-Py based on libraries that include multi-architecture support.
- Pagination support has been added to a number of Admin API queries for object lists, enabling the development of better user interfaces for large deployments.
- Cleanup in the ACA-Py AnonCreds Revocation Registry handling to prevent errors that were found occurring under certain specific conditions.
- Upgraded pull request and release pipeline, including:
- Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
- Many of the PRs in this release are related to dependency updates from dependabot or applied directly.
- A switch to more used tooling, such as a switch from black to ruff.
- Improvements in coverage monitoring of pull requests.
- Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
- The start of a DIDComm v2 implementation in ACA-Py. The work is not complete, as we are taking an incremental approach to adding DIDComm v2 support.
- A decorator has been added for enabling direct support for Admin API authentication. Previously, the only option to enable (the necessary) Admin API was to put the API behind a proxy that could manage authentication. With this update, ACA-Py deployments can handle authentication directly, without a proxy.
- We have dropped support for the old, archived [Indy SDK]. If you have not migrated your deployment off of the Indy SDK, you must do so now. See this Indy SDK to Askar migration documentation for guidance.
- Support added for using AnonCreds in W3C VCDM format. The support is not fully completed, but on the way.
1.0.0rc6 Breaking Changes
With the focus of the pull requests for this release on stabilizing the implementation, there were a few breaking changes:
- The default underlying Python version has been upgraded to 3.12.
- ACA-Py has supported BBS Signatures for some time. However, the dependency that is used (
bbs
) does not support the ARM architecture, and its inclusion in the default ACA-Py artifacts mean that developers using ARM-based hardware (such as Apple M1 Macs or later) cannot run ACA-Py "out-of-the-box". We feel that providing a better developer experience by supporting the ARM architecture is more important than BBS Signature support at this time. As such, we have removed the BBS dependency from the base ACA-Py artifacts and made it an add-on that those using ACA-Py with BBS must take extra steps to build their own artifacts, as documented here. - Support for the Indy SDK has been dropped. It had been previously deprecated. See this Indy SDK to Askar migration documentation for guidance.
- The webhook sent after receipt of presentation by a verifier has been updated to include all of the information needed by the verifier so that the controller does not have to call the "Verify Presentation" endpoint. The issue with calling that endpoint after the presentation has been received is that there is a race condition between the controller and the ACA-Py cleanup process deleting completed Present Proof protocol instances. See #3081 for additional details.
- A fix to an obscure bug includes a change to the data sent to the controller after publishing multiple, endorsed credential definition revocation registries in a single call. The bug fix was to properly process the publishing. The breaking change is that when the process (now successfully) completes, the controller is sent the list of published credential definitions. Previously only a single value was being sent. See PR #3107 for additional details.
What's Changed
- Update README.md by @KPCOFGS in #2927
- chore(deps): Bump ecdsa from 0.16.1 to 0.19.0 in the pip group across 1 directory by @dependabot in #2933
- feat: Integrate AnonCreds with W3C VCDI Format Support in ACA-Py by @sarthakvijayvergiya in #2861
- Upgrade to anoncreds via api endpoint by @jamshale in #2922
- Feature: use decorators for admin api authentication by @esune in #2860
- Anoncreds - Send full registry list when getting revocation states by @jamshale in #2946
- Example integration test issuing 2 credentials under the same schema by @ianco in #2948
- Fix Snyk Container scanning workflow by @WadeBarnes in #2951
- ⬆️ Upgrade pydid (pydantic v2) by @ff137 in #2919
- Switch Snyk Container scan back to on push. by @WadeBarnes in #2953
- Add OpenSSF Scorecard GHA - weekly by @swcurran in #2955
- ⬆️ Upgrade test and lint dependencies by @ff137 in #2939
- feat: drop indy sdk by @dbluhm in #2892
- fix(interop): overly strict validation by @dbluhm in #2943
- Fix clear revocation logic by @jamshale in #2956
- Fix Snyk sarif file by @pradeepp88 in #2961
- Add anoncreds migration guide by @jamshale in #2881
- chore: updating dependabot to support gha, python, docker and dev container packages by @rajpalc7 in #2945
- Fix issue with requested to revoke before registry creation by @jamshale in #2995
- Sonarcloud with code coverage by @jamshale in #2968
- Manage integration tests with GitHub Actions (#2952) by @jamshale in #2996
- ⬆️ Upgrade
aiohttp-apispec
andapispec
by @ff137 in #2920 - chore(deps): Bump untergeek/curator from 8.0.2 to 8.0.15 in /demo/elk-stack/extensions/curator by @dependabot in #2969
- feat: inject profile and session by @dbluhm in #2997
- ✨ Faster uuid generation by @ff137 in #2994
- chore(deps): Bump sphinx-rtd-theme from 1.1.1 to 1.3.0 in /docs by @dependabot in #2970
- chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/docker-agent by @dependabot in #2973
- chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.10.4 to py3.9-0.12.1 in /demo/playground by @dependabot in #2975
- Postgres Demo - Upgrade postgres and change entrypoint file by @jamshale in #3004
- chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/multi-demo by @dependabot in #2976
- Merge all poetry dependabot PRs by @PatStLouis in #3007
- Merge all demo dependabot PRs by @PatStLouis in #3008
- Switch from pytz to dateutil by @jamshale in #3012
- Add sonarcloud badges by @jamshale in #3014
- chore(deps): Bump actions/checkout from 3 to 4 in the all-actions group by @dependabot in #3011
- feat: soft binding for plugin flexibility by @dbluhm in #3010
- Use a published version of aiohttp-apispec by @jamshale in #3019
- Add support for revocable credentials in vc_di handler by @EmadAnwer in #2967
- chore(deps): Bump pydid from 0.5.0 to 0.5.1 by @dependabot in #3024
- chore(deps-dev): Bump pytest from 8.2.1 to 8.2.2 by @dependabot in #3025
- chore(deps): Update prompt-toolkit requirement from ~=2.0.9 to ~=2.0.10 in /demo by @dependabot in #3026
- chore(deps): Bump sphinx from 1.8.4 to 1.8.6 by @dependabot in #3021
- docs: added section on environment variables by @Executioner1939 in #3028
- ✨ Adds support for paginated storage queries, and implements pagination for the wallets_list endpoint by @ff137 in #3000
- chore(deps): Bump dawidd6/action-download-artifact from 3 to 5 in the all-actions group by @dependabot in #3027
- chore(deps): Bump uuid-utils from 0.7.0 to 0.8.0 by @dependabot in #3034
- chore(deps): Bump configargparse from 1.5.5 to 1.7 by @dependabot in #3035
- chore(deps): Bump mkdocs-material from 9.5.10 to 9.5.27 by @dependabot in #3036
- chore(deps): Bump packaging from 23.1 to 23.2 by @dependabot in #3037
- chore(deps): Bump marshmallow from 3.20.2 to 3.21.3 by @dependabot in #3038
- chore(deps): Bump urllib3 from 2.2.1 to 2.2.2 in /demo/playground/examples in the pip group by @dependabot in #3045
- Fix - only run integration tests on opened PR's by @jamshale in #3042
- Fix and refactor anoncreds revocation recovery by @jamshale in #3029
- Prevent getting stuck with no active registry by @jamshale in #3032
- chore(deps): Bump the pip group with 2 updates by @dependabot in #3046
- 🩹 add exception handling to wallet-upgrade check by @ff137 in #3048
- Handle failed tails server issuance [Anoncreds] by @jamshale in #3049
- fix: didexchange manager not checking the did-rotate content correctly by @gmulhearn-anonyome in #3057
- Enable
no-transport
mode as startup parameter by @PatStLouis in #2990 - chore(deps): Bump dawidd6/action-download-artifact from 5 to 6 in the all-actions group by @dependabot in #3064
- chore(deps): Bump markupsafe from 2.0.1 to 2.1.5 by @dependabot in #3062
- ✨ Add pagination support for listing Connection, Cred Ex, and Pres Ex records by @ff137 in #3033
- chore(deps-dev): Bump pydevd-pycharm from 193.6015.41 to 193.7288.30 by @dependabot in #3060
- chore(deps-dev): Bump ruff from 0.4.4 to 0.4.10 by @dependabot in #3058
- For proof problem handler, allow no connection record (OOB cases), prevent unhandled exception by @loneil in #3068
- Re-enable ledger plugin when
--no-legder
is set by @PatStLouis in #3070 - chore(deps): Bump requests from 2.32.2 to 2.32.3 by @dependabot in #3076
- chore(deps): Bump uuid-utils from 0.8.0 to 0.9.0 by @dependabot in #3075
- chore(deps-dev): Bump ruff from 0.4.10 to 0.5.0 by @dependabot in #3073
- chore(deps): Bump mike from 2.0.0 to 2.1.2 by @dependabot in #3074
- DIDComm V2 Initial Implementation by @TheTechmage in #2959
- fix: respond to did:peer:1 with did:peer:4 by @dbluhm in #3050
- fix: print provision messages when auto-provision is triggered by @TheTechmage in #3077
- Use anoncreds registry for holder credential endpoints by @jamshale in #3063
- Rule D417 by @jamshale in #3072
- Add by_format to terse webhook for presentations by @ianco in #3081
- 🐛 fix storage record pagination with post-filter query params by @ff137 in #3082
- Switch from black to ruff by @jamshale in #3080
- 🎨 improve record querying logic by @ff137 in #3083
- Upgrade python to version 3.12 by @jamshale in #3067
- chore(deps): Bump certifi from 2024.6.2 to 2024.7.4 in the pip group by @dependabot in #3085
- 🐛 fix IndyAttrValue bad reference in OpenAPI spec by @ff137 in #3090
- chore(deps): Bump mkdocs-material from 9.5.27 to 9.5.28 by @dependabot in #3089
- chore(deps-dev): Bump ruff from 0.5.0 to 0.5.1 by @dependabot in #3087
- chore(deps): Bump aries-askar from 0.3.1 to 0.3.2 by @dependabot in #3088
- chore(deps): Bump certifi from 2024.6.2 to 2024.7.4 in /demo/playground/examples in the pip group by @dependabot in #3084
- 1.0.0rc4 by @swcurran in #3092
- Update the docs for latest release and improve the publish flow and documentation by @swcurran in #3097
- Add DIF presentation exchange context and cache document by @gmulhearn in #3093
- VC DI proof request by @sarthakvijayvergiya in #2960
- Library update 15/07/24 / Fix unit test typing by @jamshale in #3103
- Check connection is ready in all connection required handlers by @jamshale in #3095
- Fix the check for vc_di proof by @ianco in #3106
- Make single wallet config more explicit by @jamshale in #3105
- Breaking: Fix publishing multiple rev reg defs with endorsement by @jamshale in #3107
- Add descriptive error for issuance without RevRegRecord by @jamshale in #3109
- chore(deps-dev): Bump pytest from 8.2.2 to 8.3.1 by @dependabot in #3115
- chore(deps-dev): Bump pytest-ruff from 0.4.0 to 0.4.1 by @dependabot in #3113
- chore(deps): Bump pytest-asyncio from 0.23.7 to 0.23.8 in /demo/playground/examples by @dependabot in #3117
- chore(deps-dev): Bump ruff from 0.5.2 to 0.5.4 by @dependabot in #3114
- fix: multiuse invites with did peer 4 by @dbluhm in #3112
- 1.0.0rc5 by @swcurran in #3118
- DOC: Verifiable Credential Data Integrity (VC-DI) Credentials in Aries Cloud Agent Python (ACA-Py) #2947 by @kenechukwu-orjiene in #3110
- Fix links to AliceGetsAPhone.md from abs to rel and blob refs by @rngadam in #3128
- Add rekey feature with blank key support by @jamshale in #3125
- chore(deps-dev): Bump pytest from 8.3.1 to 8.3.2 by @dependabot in #3132
- chore(deps): Bump mkdocs-material from 9.5.29 to 9.5.30 by @dependabot in #3130
- chore(deps-dev): Bump ruff from 0.5.4 to 0.5.5 by @dependabot in #3131
- chore(deps-dev): Bump pre-commit from 3.7.1 to 3.8.0 by @dependabot in #3129
- chore(deps): Bump ossf/scorecard-action from 2.3.3 to 2.4.0 in the all-actions group by @dependabot in #3134
- demo/Aries-Workshop.md tweak for Traction Sandbox update by @loneil in #3136
- BREAKING: Enable ARM-based ACA-Py artifacts by default by removing BBS+ Signatures as a default inclusion by @amanji in #3127
- LTS Strategy and Scanner GHA by @swcurran in #3143
- Fix typo credetial, uste by @rngadam in #3146
- 1.0.0rc6 by @swcurran in #3147
New Contributors
- @KPCOFGS made their first contribution in #2927
- @rajpalc7 made their first contribution in #2945
- @EmadAnwer made their first contribution in #2967
- @Executioner1939 made their first contribution in #3028
- @gmulhearn made their first contribution in #3093
- @kenechukwu-orjiene made their first contribution in #3110
- @rngadam made their first contribution in #3128
Full Changelog: 0.12.1...1.0.0rc6