0.11.0-rc1

Release 0.11.0 is a relatively large release of new features, fixes, and internal updates. 0.11.0 is planned to be the last major update before we transition to using the AnonCreds Rust in a release that is expected to bring some Admin/Controller API changes. We plan to do patches to 0.11.0 while the transition is made to the next breaking release.

Release 0.11.0-rc0 failed to publish because of a reference to a dependency via its GitHub repository rather than to its published artifact.

A significant addition to ACA-Py is support for signing and verifying SD-JWT verifiable credentials. We expect this to be the first of the changes to extend ACA-Py to support OpenID4VC protocols.

In the CI/CD realm, substantial changes were applied to the source base in switching from:

• pip to Poetry for packaging and dependency management,
• Flake8 to Ruff for linting,
• asynctest to IsolatedAsyncioTestCase and AsyncMock objects now included in Python's builtin unittest package for unit testing.

These are necessary and important modernization changes, with the latter two triggering many (largely mechanical) changes to the codebase.

NOTE: In addition to these PRs in the 0-11.0-rc0 release, we also expect to include at least those ACA-Py PRs labelled "0.11.0" in the release.

0.11.0 Breaking Changes

In addition to the impacts of the change for developers in switching from pip to Poetry, the only significant breaking change is the (overdue) transition of ACA-Py to always use the new DIDComm message type prefix, changing the DID Message prefix from the old hardcoded did:sov:BzCbsNYhMrjHiqZDTUASHg;spec to the new hardcoded https://didcomm.org value, and using the new DIDComm MIME type in place of the old. The vast majority (all?) Aries deployments have long since been updated to accept both values, so this change just forces the use of the newer value in sending messages. In updating this, we retained the old configuration parameters most deployments were using (--emit-new-didcomm-prefix and --emit-new-didcomm-mime-type) but updated the code to set the configuration parameters to true even if the parameters were not set. See PR #2517.

What's Changed

• #2289 Migrate to Poetry by @Gavinok in #2436
• Swap out flake8 in favor of Ruff by @dbluhm in #2438
• Update Python image version to 3.9.18 by @WadeBarnes in #2456
• chore: add black back in as a dev dep by @dbluhm in #2465
• feat: add timeout to did resolver resolve method by @dbluhm in #2464
• Remove old routing protocol code by @dbluhm in #2466
• fix: issue #2434: Change DIDExchange States to Match rfc160 by @anwalker293 in #2461
• fix: version should be set by pyproject.toml by @dbluhm in #2471
• fix: unique ids for services in legacy peer by @dbluhm in #2476
• peer did 2/3 resolution by @Jsyro in #2472
• Bugfix: Issue with write ledger pool when performing Accumulator sync by @shaangill025 in #2480
• Update steps for Manually Creating Revocation Registries by @WadeBarnes in #2491
• Issue #2419 InvalidClientTaaAcceptanceError time too precise error if container timezone is not UTC by @Ennovate-com in #2420
• Update devcontainer to read version from aries-cloudagent package by @usingtechnology in #2483
• Issue #2488 KeyError raised when Subject ID is not a URI by @Ennovate-com in #2490
• fix: run tests script copying local env by @dbluhm in #2495
• Feat/sd jwt implementation by @cjhowland in #2487
• Use correct rust log level in dockerfiles by @loneil in #2499
• Remove unused dependencies by @andrewwhitehead in #2510
• Feat: Upgrade from tags and fix issue with legacy IssuerRevRegRecords [<=v0.5.2] by @shaangill025 in #2486
• Change arg_parse to always set --emit-new-didcomm-prefix and --emit-new-didcomm-mime-type to true by @swcurran in #2517
• Fix: Problem Report Before Exchange Established by @Ennovate-com in #2519
• refactor: drop mediator_terms and recipient_terms by @dbluhm in #2515
• Avoid multiple open wallet connections by @andrewwhitehead in #2521
• chore(deps): Bump urllib3 from 2.0.5 to 2.0.6 by @dependabot in #2525
• chore(deps): Bump urllib3 from 2.0.2 to 2.0.6 in /demo/playground/scripts by @dependabot in #2524
• chore: update pydid by @dbluhm in #2527
• 🎨 clarify LedgerError message when TAA is required and not accepted by @ff137 in #2545
• fix: correct minor typos by @Ennovate-com in #2544
• Update .readthedocs.yaml by @swcurran in #2547
• Update .readthedocs.yaml by @swcurran in #2548
• fix: routing behind mediator by @dbluhm in #2536
• Feat: Support subwallet upgradation using the Upgrade command by @shaangill025 in #2529
• chore(deps): Bump urllib3 from 2.0.6 to 2.0.7 by @dependabot in #2552
• fix: taa rough timestamp timezone from datetime by @dbluhm in #2554
• refactor: replace multiformats library by @dbluhm in #2559
• fix: mediation routing keys as did key by @dbluhm in #2516
• chore(deps): Bump urllib3 from 2.0.6 to 2.0.7 in /demo/playground/scripts by @dependabot in #2551
• fix: clean up requests and invites by @dbluhm in #2560
• Update demo/playground scripts by @usingtechnology in #2562
• refactor: use did-peer-2 instead of peerdid by @dbluhm in #2561
• Issue 2555 playground scripts readme by @usingtechnology in #2563
• Playground needs optionally external network by @usingtechnology in #2564
• chore: dependency updates by @dbluhm in #2565
• fix: drop asynctest by @dbluhm in #2566
• 0.11.0-rc0 by @swcurran in #2575
• chore: point to official sd-jwt lib release by @dbluhm in #2573
• 0.11.0-rc1 by @swcurran in #2576

New Contributors

• @Ennovate-com made their first contribution in #2420

Full Changelog: 0.10.1...0.11.0-rc1

0.10.4

Release 0.10.4 is a patch release to correct an issue with the handling of did:key routing keys in some mediator scenarios, notably with the use of Aries Framework Kotlin. See the details in the PR and Issue #2531 Routing for agents behind a aca-py based mediator is broken.

Thanks to codespree for raising the issue and providing the fix.

What's Changed

• fix (backport): routing behind mediator by @dbluhm in #2537
• 0.10.4 by @swcurran in #2539

Full Changelog: 0.10.3...0.10.4

0.10.3

Release 0.10.3 is a patch release to add an upgrade process for very old versions of Aries Cloud Agent Python (circa 0.5.2). If you have a long time deployment of an issuer that uses revocation, this release could correct internal data (tags in secure storage) related to revocation registries. Details of the about the triggering problem can be found in Issue #2485.

The upgrade is applied by running the following command for the ACA-Py instance to be upgraded:

./scripts/run_docker upgrade --force-upgrade --named-tag fix_issue_rev_reg

What's Changed

• 0.10.3 by @swcurran in #2522
• Feat: Upgrade from tags and fix issue with legacy IssuerRevRegRecords [<=v0.5.2] @shaangill025 #2486

Full Changelog: 0.10.2...0.10.3

0.10.2

Release 0.10.2 is a patch release for 0.10.1 that addresses three specific regressions found in deploying Release 0.10.1. The regressions are to fix:

• An ACA-Py instance upgraded to 0.10.1 that had an existing connection to another Aries agent where the connection has both an http and ws (websocket) service endpoint with the same ID cannot message that agent. A scenario is an ACA-Py issuer connecting to an Endorser with both http and ws service endpoints. The updates made in 0.10.1 to improve ACA-Py DID resolution did not account for this scenario and needed a tweak to work (Issue #2474, #2476).
• The "fix revocation registry" endpoint used to fix scenarios an Issuer's local revocation registry state is out of sync with the ledger was broken by some code being added to support a single ACA-Py instance writing to different ledgers (Issue #2477, #2480).
• The version of the PyDID library we were using did not handle some unexpected DID resolution use cases encountered with mediators. The PyDID library version dependency was updated in #2500.

What's Changed

• 0.10.2 Patch Release - fix issue #2475, #2477 by @shaangill025 in #2482
• 0.10.2-rc0 by @swcurran in #2484
• fix: update pydid by @dbluhm in #2500
• 0.10.2 by @swcurran in #2509

Full Changelog: 0.10.1...0.10.2

0.10.2-rc0

Release 0.10.2 is a patch release for 0.10.1 that addresses two specific regressions found
in deploying Release 0.10.1. The regressions are to fix:

• An ACA-Py instance upgraded to 0.10.1 that had an existing connection to another Aries agent
  where the connection has both an http and ws (websocket) service endpoint with the same ID cannot
  message that agent. A scenario is an ACA-Py issuer connecting to an Endorser with both http and
  ws service endpoints. The updates made in 0.10.1 to improve ACA-Py DID resolution did not account
  for this scenario and needed a tweak to work (Issue #2474, PR #2475).
• The "fix revocation registry" endpoint used to fix scenarios an Issuer's local revocation registry
  state is out of sync with the ledger was broken by some code being added to support a single
  ACA-Py instance writing to different ledgers (Issue #2477, PR #2480).

What's Changed

• 0.10.2 Patch Release - fix issue #2475, #2477 by @shaangill025 in #2482
• 0.10.2 by @swcurran in #2484

Full Changelog: 0.10.1...0.10.2-rc0

0.10.1

Release 0.10.1 contains a breaking change, an important fix for a regression introduced in 0.8.2 that impacts certain deployments, and a number of fixes and updates. Included in the updates is a significant internal reorganization of the DID and connection management code that was done to enable more flexible uses of different DID Methods, such as being able to use did:web DIDs for DIDComm messaging connections. The work also paves the way for coming updates related to support for did:peer DIDs for DIDComm. For details on the change see #2409, which includes some of the best pull request documentation ever created.

Release 0.10.1 has the same contents as 0.10.0. An error on PyPi prevented the 0.10.0 release from being properly uploaded because of an existing file of the same name. We immediately released 0.10.1 as a replacement.

The regression fix is for ACA-Py deployments that use multi-use invitations but do NOT use the --auto-accept-connection-requests flag/processing. A change in 0.8.2 (PR #2223) suppressed an extra webhook event firing during the processing after receiving a connection request. An unexpected side effect of that change was that the subsequent webhook event also did not fire, and as a result, the controller did not get any event signalling a new connection request had been received via the multi-use invitation. The update in this release ensures the proper event fires and the controller receives the webhook.

See below for the breaking changes and the CHANGELOG for a categorized list of the pull requests included in this release.

Updates in the CI/CD area include adding the publishing of a nightly container image that includes any changes in the main branch since the last nightly was published. This allows getting the "latest and greatest" code via a container image vs. having to install ACA-Py from the repository. In addition, Snyk scanning was added to the CI pipeline, and Indy SDK tests were removed from the pipeline.

0.10.1 Breaking Changes
#2352 is a breaking change related to the storage of presentation exchange records in ACA-Py. In previous releases, presentation exchange protocol state data records were retained in ACA-Py secure storage after the completion of protocol instances. With this release the default behavior changes to deleting those records by default, unless the ----preserve-exchange-records flag is set in the configuration. This extends the use of that flag that previously applied only to issue credential records. The extension matches the initial intention of the flag--that it cover both issue credential and present proof exchanges. The "best practices" for ACA-Py is that the controller (business logic) store any long-lasting business information needed for the service that is using the Aries Agent, and ACA-Py storage should be used only for data necessary for the operation of the agent. In particular, protocol state data should be held in ACA-Py only as long as the protocol is running (as it is needed by ACA-Py), and once a protocol instance completes, the controller should extract and store the business information from the protocol state before it is deleted from ACA-Py storage.

What's Changed

• Add workaround for ARM based macs by @finnformica in #2313
• chore(deps): Bump certifi from 2023.5.7 to 2023.7.22 in /demo/playground/scripts by @dependabot in #2354
• Extend --preserve-exchange-records to include Presentation Exchange. by @usingtechnology in #2352
• Corrected typo on mediator invitation configuration argument by @jorgefl0 in #2365
• Fix empty ServiceDecorator in OobRecord causing 422 Unprocessable Entity Error by @ff137 in #2362
• Correct the response type in send_rev_reg_def by @ff137 in #2355
• fix: additional tweaks for did:web and other methods as public DIDs by @dbluhm in #2392
• fix: keylist update response race condition by @dbluhm in #2391
• Feat: Support Selectable Write Ledger by @shaangill025 in #2339
• fix: outbound send status missing on path by @dbluhm in #2393
• Multitenant check endorser_info before saving by @usingtechnology in #2395
• Chore: fix marshmallow warnings by @ff137 in #2398
• Upgrade pre-commit and flake8 dependencies; fix flake8 warnings by @ff137 in #2399
• feat: add DID Exchange specific problem reports and reject endpoint by @dbluhm in #2394
• Fix: Ensure event/webhook is emitted for multi-use invitations by @esune in #2413
• 0.10.0-rc0 by @swcurran in #2414
• fix: ensure request matches offer, if sent by @dbluhm in #2341
• Remove Indy tests from workflows by @dbluhm in #2415
• Enable Snyk scanning by @ryjones in #2418
• feat: add legacy peer did resolver by @dbluhm in #2404
• Issue #2250 Nightly publish workflow by @Gavinok in #2421
• Don't run Snyk on forks by @ryjones in #2429
• Fix for nightly tests failing on Python 3.10 by @Gavinok in #2435
• feat: resolve connection targets and permit connecting via public DID by @dbluhm in #2409
• 0.10.0-rc1 by @swcurran in #2442
• fix: more doc corrections by @dbluhm in #2446
• Add symlink to /home/indy/.indy_client for backwards compatibility by @esune in #2443
• fix: ignore duplicate record errors on add key by @dbluhm in #2447
• 0.10.0-rc2 by @swcurran in #2448
• fix: handle stored afgo and findy docs in corrections by @dbluhm in #2450
• chore: relax connections filter DID format by @chumbert in #2451
• 0.10.0 by @swcurran in #2452
• 0.10.1 by @swcurran in #2454

New Contributors

• @finnformica made their first contribution in #2313
• @jorgefl0 made their first contribution in #2365
• @Gavinok made their first contribution in #2421

Full Changelog: 0.9.0...0.10.1

0.10.0

Release 0.10.1 has the same contents as 0.10.0. An error on PyPi prevented the 0.10.0 release from being properly uploaded because of an existing file of the same name. We immediately released 0.10.1 as a replacement.

0.10.0-rc2

Release 0.10.0 contains a breaking change, an important fix for a regression introduced in 0.8.2 that impacts certain deployments, and a number of fixes and updates. Included in the updates is a significant internal reorganization of the DID and connection management code that was done to enable more flexible uses of different DID Methods, such as being able to use did:web DIDs for DIDComm messaging connections. The work also paves the way for coming updates related to support for did:peer DIDs for DIDComm. For details on the change see PR #2409, which includes some of the best pull request documentation ever created.

The regression fix is for ACA-Py deployments that use multi-use invitations but do NOT use the --auto-accept-connection-requests flag/processing. A change in 0.8.2 (PR #2223) suppressed an extra webhook event firing during the processing after receiving a connection request. An unexpected side effect of that change was that the subsequent webhook event also did not fire, and as a result, the controller did not get any event signalling a new connection request had been received via the multi-use invitation. The update in this release ensures the proper event fires and the controller receives the webhook.

See below for the breaking changes and the CHANGELOG file for a categorized list of the pull requests included in this release.

Updates in the CI/CD area include adding the publishing of a nightly container image that includes any changes in the main branch since the last nightly was published. This allows getting the "latest and greatest" code via a container image vs. having to install ACA-Py from the repository. In addition, Snyk scanning was added to the CI pipeline, and Indy SDK tests were removed from the pipeline.

0.10.1 Breaking Changes

#2352 is a breaking change related to the storage of presentation exchange records in ACA-Py. In previous releases, presentation exchange protocol state data records were retained in ACA-Py secure storage after the completion of protocol instances. With this release the default behavior changes to deleting those records by default, unless the ----preserve-exchange-records flag is set in the configuration. This extends the use of that flag that previously applied only to issue credential records. The extension matches the initial intention of the flag--that it cover both issue credential and present proof exchanges. The "best practices" for ACA-Py is that the controller (business logic) store any long-lasting business information needed for the service that is using the Aries Agent, and ACA-Py storage should be used only for data necessary for the operation of the agent. In particular, protocol state data should be held in ACA-Py only as long as the protocol is running (as it is needed by ACA-Py), and once a protocol instance completes, the controller should extract and store the business information from the protocol state before it is deleted from ACA-Py storage.

What's Changed

• Add workaround for ARM based macs by @finnformica in #2313
• chore(deps): Bump certifi from 2023.5.7 to 2023.7.22 in /demo/playground/scripts by @dependabot in #2354
• Extend --preserve-exchange-records to include Presentation Exchange. by @usingtechnology in #2352
• Corrected typo on mediator invitation configuration argument by @jorgefl0 in #2365
• Fix empty ServiceDecorator in OobRecord causing 422 Unprocessable Entity Error by @ff137 in #2362
• Correct the response type in send_rev_reg_def by @ff137 in #2355
• fix: additional tweaks for did:web and other methods as public DIDs by @dbluhm in #2392
• fix: keylist update response race condition by @dbluhm in #2391
• Feat: Support Selectable Write Ledger by @shaangill025 in #2339
• fix: outbound send status missing on path by @dbluhm in #2393
• Multitenant check endorser_info before saving by @usingtechnology in #2395
• Chore: fix marshmallow warnings by @ff137 in #2398
• Upgrade pre-commit and flake8 dependencies; fix flake8 warnings by @ff137 in #2399
• feat: add DID Exchange specific problem reports and reject endpoint by @dbluhm in #2394
• Fix: Ensure event/webhook is emitted for multi-use invitations by @esune in #2413
• 0.10.0-rc0 by @swcurran in #2414
• fix: ensure request matches offer, if sent by @dbluhm in #2341
• Remove Indy tests from workflows by @dbluhm in #2415
• Enable Snyk scanning by @ryjones in #2418
• feat: add legacy peer did resolver by @dbluhm in #2404
• Issue #2250 Nightly publish workflow by @Gavinok in #2421
• Don't run Snyk on forks by @ryjones in #2429
• Fix for nightly tests failing on Python 3.10 by @Gavinok in #2435
• feat: resolve connection targets and permit connecting via public DID by @dbluhm in #2409
• 0.10.0-rc1 by @swcurran in #2442
• fix: more doc corrections by @dbluhm in #2446
• Add symlink to /home/indy/.indy_client for backwards compatibility by @esune in #2443
• fix: ignore duplicate record errors on add key by @dbluhm in #2447
• 0.10.0-rc2 by @swcurran in #2448

New Contributors

• @finnformica made their first contribution in #2313
• @jorgefl0 made their first contribution in #2365
• @Gavinok made their first contribution in #2421

Full Changelog: 0.9.0...0.10.0-rc2

0.10.0-rc1

Release 0.10.0 contains a breaking change, an important fix for a regression introduced in 0.8.2 that impacts certain deployments, and a number of fixes and updates. Included in the updates is a significant internal reorganization of the DID and connection management code that was done to enable more flexible uses of different DID Methods, such as being able to use did:web DIDs for DIDComm messaging connections. The work also paves the way for coming updates related to support for did:peer DIDs for DIDComm. For details on the change see PR #2409, which includes some of the best pull request documentation ever created.

The regression fix is for ACA-Py deployments that use multi-use invitations but do NOT use the --auto-accept-connection-requests flag/processing. A change in 0.8.2 (PR #2223) suppressed an extra webhook event firing during the processing after receiving a connection request. An unexpected side effect of that change was that the subsequent webhook event also did not fire, and as a result, the controller did not get any event signalling a new connection request had been received via the multi-use invitation. The update in this release ensures the proper event fires and the controller receives the webhook.

See below for the breaking changes and the CHANGELOG file for a categorized list of the pull requests included in this release.

Updates in the CI/CD area include adding the publishing of a nightly container image that includes any changes in the main branch since the last nightly was published. This allows uses the "latest and greatest" code via a container image vs. having to install ACA-Py from the repository. In addition, Snyk scanning was added to the CI pipeline, and Indy SDK tests were removed from the pipeline.

0.10.0 Breaking Changes

#2352 is a breaking change related to the storage of presentation exchange records in ACA-Py. In previous releases, presentation exchange protocol state data records were retained in ACA-Py secure storage after the completion of protocol instances. With this release the default behavior changes to deleting those records by default, unless the ----preserve-exchange-records flag is set in the configuration. This extends the use of that flag that previously applied only to issue credential records. The extension matches the initial intention of the flag--that it cover both issue credential and present proof exchanges. The "best practices" for ACA-Py is that the controller (business logic) store any long-lasting business information needed for the service that is using the Aries Agent, and ACA-Py storage should be used only for data necessary for the operation of the agent. In particular, protocol state data should be held in ACA-Py only as long as the protocol is running (as it is needed by ACA-Py), and once a protocol instance completes, the controller should extract and store the business information from the protocol state before it is deleted from ACA-Py storage.

0.10.0-rc0

Release 0.10.1 contains a breaking change, an important fix for a regression introduced in 0.8.2 that impacts certain deployments, and a number of fixes and updates.

The regression fix is for ACA-Py deployments that use multi-use invitations but do NOT use the --auto-accept-connection-requests flag/processing. A change in 0.8.2 (PR #2224) suppressed an extra webhook event firing during the processing after receiving a connection request. An unexpected side effect of that change was that the subsequent webhook event also did not fire, and as a result, the controller did not get any event signalling a new connection request had been received via the multi-use invitation. The update in this release ensures the proper event fires and the controller receives the webhook.

See below for the breaking changes and the CHANGELOG file for a categorized list of the pull requests included in this release.

Breaking Changes

#2352 is a breaking change related to the storage of presentation exchange records in ACA-Py. In previous releases, presentation exchange protocol state data records were retained in ACA-Py secure storage after the completion of protocol instances. With this release the default behavior changes to deleting those records by default, unless the --preserve-exchange-records flag is set in the configuration. This extends the use of that flag that previously applied only to issue credential records. The extension matches the initial intention of the flag--that it cover both issue credential and present proof exchanges. The "best practices" for ACA-Py is that the controller (business logic) store any long-lasting business information needed for the service that is using the Aries Agent, and ACA-Py storage should be used only for data necessary for the operation of the agent. In particular, protocol state data should be held in ACA-Py only as long as the protocol is running (as it is needed by ACA-Py), and once a protocol instance completes, the controller should extract and store the business information from the protocol state before it is deleted from ACA-Py storage.

What's Changed

• Add workaround for ARM based macs by @finnformica in #2313
• chore(deps): Bump certifi from 2023.5.7 to 2023.7.22 in /demo/playground/scripts by @dependabot in #2354
• Extend --preserve-exchange-records to include Presentation Exchange. by @usingtechnology in #2352
• Corrected typo on mediator invitation configuration argument by @jorgefl0 in #2365
• Fix empty ServiceDecorator in OobRecord causing 422 Unprocessable Entity Error by @ff137 in #2362
• Correct the response type in send_rev_reg_def by @ff137 in #2355
• fix: additional tweaks for did:web and other methods as public DIDs by @dbluhm in #2392
• fix: keylist update response race condition by @dbluhm in #2391
• Feat: Support Selectable Write Ledger by @shaangill025 in #2339
• fix: outbound send status missing on path by @dbluhm in #2393
• Multitenant check endorser_info before saving by @usingtechnology in #2395
• Chore: fix marshmallow warnings by @ff137 in #2398
• Upgrade pre-commit and flake8 dependencies; fix flake8 warnings by @ff137 in #2399
• feat: add DID Exchange specific problem reports and reject endpoint by @dbluhm in #2394
• Fix: Ensure event/webhook is emitted for multi-use invitations by @esune in #2413
• 0.10.0-rc0 by @swcurran in #2414

New Contributors

• @finnformica made their first contribution in #2313
• @jorgefl0 made their first contribution in #2365

Full Changelog: 0.9.0...0.10.0-rc0