Skip to content

Releases: openwallet-foundation/acapy

1.1.0

15 Oct 19:42
3d1682c
Compare
Choose a tag to compare

Release 1.1.0 is the first release of ACA-Py from the OpenWallet Foundation (OWF). The only reason for the release is to test out all of the release publishing actions now that we have moved the repo to its new home (https://github.com/openwallet-foundation/acapy). Almost all of the changes in the release are related to the move.

The move triggered some big changes for those with existing ACA-Py deployments resulting from the change in the GitHub organization (from Hyperledger to OWF) and source code name (from aries_cloudagent to acapy_agent). See the Release 1.1.0 breaking changes for the details.

For up to date details on what the repo move means for ACA-Py users, including steps for updating deployments, please follow the updates in GitHub Issue #3250. We'll keep you informed about the approach, timeline, and progress of the move. Stay tuned!

1.1.0 Deprecation Notices

The same deprecation notices from the 1.0.1 release about AIP 1.0 protocols still apply. The protocols remain in the 1.1.0 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.1.0 Breaking Changes

The only (but significant) breaking changes in 1.1.0 are related to the GitHub organization and project name changes. Specific impacts are:

  • the renaming of the source code folder from aries_cloudagent to acapy_agent,
  • the publication of the PyPi project under the new acapy_agent name, and
  • the use of the OWF organizational GitHub Container Registry (GHCR) and acapy_agent as the name for release container image artifacts.
    • The patterns for the image tags remain the same as before. So, for example, the new nightly artifact can be found here: [docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly](docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly).

Anyone deploying ACA-Py should use this release to update their existing deployments. Since there are no other changes to ACA-Py, any issues found should relate back to those changes.

  • Deployments referencing the PyPi project (including those in custom plugins) MUST update their deployments to use the new name.
  • Deployments sourcing the ACA-Py published container image artifacts to GHCR must update their deployments to use the new URLs.

Please note that if and when the current LTS releases (0.11 and 0.12) have new releases, they will continue to use the aries_cloudagent source folder, the existing locations for the PyPi and GHCR container image artifacts.

What's Changed

Full Changelog: 1.0.1...1.1.0

1.1.0rc1

15 Oct 17:13
6e2e91e
Compare
Choose a tag to compare
1.1.0rc1 Pre-release
Pre-release

Release 1.1.0 is the first release of ACA-Py from the OpenWallet Foundation (OWF). The only reason for the release is to test out all of the release publishing actions now that we have moved the repo to its new home (https://github.com/openwallet-foundation/acapy). Almost all of the changes in the release are related to the move.

The move triggered some big changes for those with existing ACA-Py deployments resulting from the change in the GitHub organization (from Hyperledger to OWF) and source code name (from aries_cloudagent to acapy_agent). See the Release 1.1.0 breaking changes for the details.

For up to date details on what the repo move means for ACA-Py users, including steps for updating deployments, please follow the updates in GitHub Issue #3250. We'll keep you informed about the approach, timeline, and progress of the move. Stay tuned!

1.1.0rc0 Deprecation Notices

The same deprecation notices from the 1.0.1 release about AIP 1.0 protocols still apply. The protocols remain in the 1.1.0 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.1.0rc0 Breaking Changes

The only (but significant) breaking changes in 1.1.0 are related to the GitHub organization and project name changes. Specific impacts are:

  • the renaming of the source code folder from aries_cloudagent to acapy_agent,
  • the publication of the PyPi project under the new acapy_agent name, and
  • the use of the OWF organizational GitHub Container Registry (GHCR) and acapy_agent as the name for release container image artifacts.
    • The patterns for the image tags remain the same as before. So, for example, the new nightly artifact can be found here: [docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly](docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly).

Anyone deploying ACA-Py should use this release to update their existing deployments. Since there are no other changes to ACA-Py, any issues found should relate back to those changes.

  • Deployments referencing the PyPi project (including those in custom plugins) MUST update their deployments to use the new name.
  • Deployments sourcing the ACA-Py published container image artifacts to GHCR must update their deployments to use the new URLs.

Please note that if and when the current LTS releases (0.11 and 0.12) have new releases, they will continue to use the aries_cloudagent source folder, the existing locations for the PyPi and GHCR container image artifacts.

What's Changed

Full Changelog: 1.0.1...1.1.0rc1

1.1.0rc0

11 Oct 21:21
79fd911
Compare
Choose a tag to compare
1.1.0rc0 Pre-release
Pre-release

Release 1.1.0 is the first release of ACA-Py from the OpenWallet Foundation (OWF). The only reason for the release is to test out all of the release publishing actions now that we have moved the repo to its new home (https://github.com/openwallet-foundation/acapy). Almost all of the changes in the release are related to the move.

The move triggered some big changes for those with existing ACA-Py deployments resulting from the change in the GitHub organization (from Hyperledger to OWF) and source code name (from aries_cloudagent to acapy_agent). See the Release 1.1.0 breaking changes for the details.

For up to date details on what the repo move means for ACA-Py users, including steps for updating deployments, please follow the updates in GitHub Issue #3250. We'll keep you informed about the approach, timeline, and progress of the move. Stay tuned!

1.1.0rc0 Deprecation Notices

The same deprecation notices from the 1.0.1 release about AIP 1.0 protocols still apply. The protocols remain in the 1.1.0 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.1.0rc0 Breaking Changes

The only (but significant) breaking changes in 1.1.0 are related to the GitHub organization and project name changes. Specific impacts are:

  • the renaming of the source code folder from aries_cloudagent to acapy_agent,
  • the publication of the PyPi project under the new acapy_agent name, and
  • the use of the OWF organizational GitHub Container Registry (GHCR) and acapy_agent as the name for release container image artifacts.
    • The patterns for the image tags remain the same as before. So, for example, the new nightly artifact can be pulled by: docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly.

Anyone deploying ACA-Py should use this release to update their existing deployments. Since there are no other changes to ACA-Py, any issues found should relate back to those changes.

  • Deployments referencing the PyPi project (including those in custom plugins) MUST update their deployments to use the new name.
  • Deployments sourcing the ACA-Py published container image artifacts to GHCR must update their deployments to use the new URLs.

Please note that if and when the current LTS releases (0.11 and 0.12) have new releases, they will continue to use the aries_cloudagent source folder, the existing locations for the PyPi and GHCR container image artifacts.

1.1.0rc0 Categorized List of Pull Requests

What's Changed

Full Changelog: 1.0.1...1.1.0rc0

1.0.1

08 Oct 21:38
06d1cf8
Compare
Choose a tag to compare

Release 1.0.1 will be the last release of ACA-Py from the Hyperledger organization before the repository moves to the OpenWallet Foundation (OWF). Soon after this release, the ACA-Py project and this repository will move to the OWF's GitHub organization as the new "acapy" project.

For details on what this means for ACA-Py users, including steps for updating deployments, please follow the updates in GitHub Issue #3250. We'll keep you informed about the approach, timeline, and progress of the move. Stay tuned!

The 1.0.1 release contains mostly internal clean ups, technical debt elimination, and a revision to the integration testing approach, incorporating the Aries Agent Test Harness tests in the ACA-Py continuous integration testing process. There are substantial enhancements in the management of keys and their use with VC-DI proofs, and web-based DID methods like did:web. See the Wallet and Key Handling updates in the categorized PR list below.

There are several important deprecation notices in this release in preparation for the next ACA-Py release. Please review these notifications carefully!

In an attempt to shorten the categorized list of PRs in the release, rather than listing all of the dependabot PRs in the release, we've included a link to a list of those PRs.

Deprecation Notices

  • ACA-Py will soon be moved from the Hyperledger GitHub organization to that of the OpenWallet Foundation. As such, there will be changes in the names and locations of the artifacts produced -- the PyPi project and the container images in the GitHub Container Registry. We will retain the ability to publish LTS releases of ACA-Py for the current LTS versions (0.11, 0.12) in the current locations. For details, guidance, timing, and progress on the move, please monitor the description of GitHub Issue #3250 that will be maintained throughout the process.
  • In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0160 Connections, [RFC 0037 Issue Credentials v1.0] and [RFC 0037 Present Proof v1.0] DIDComm protocols. Each of the protocols will be moved to the [ACA-Py Plugins] repo. All deployers that use those protocols SHOULD update to the AIP 2.0 versions of those protocols (RFC 0434 Out of Band+RFC 0023 DID Exchange, RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.0.1 Breaking Changes

There are no breaking changes in ACA-Py Release 1.0.1.

What's Changed

Read more

1.0.1rc1

01 Oct 20:21
db5ead3
Compare
Choose a tag to compare
1.0.1rc1 Pre-release
Pre-release

Release 1.0.1 might be the last release of ACA-Py from the Hyperledger organization before the repository moves to the OpenWallet Foundation (OWF). As noted in the repository README.md, the ACA-Py project will soon be moving soon to the OWF's GitHub organization as the new "acapy" project.

For details on what this means for ACA-Py users, including steps for updating deployments, please follow the updates in GitHub Issue #3250. We'll keep you informed about the approach, timeline, and progress of the move. Stay tuned!

The release contains mostly internal clean ups, technical debt elimination, and a revision to the integration testing approach, incorporating the Aries Agent Test Harness tests in the ACA-Py continuous integration testing process. There are substantial enhancements in the management of keys and their use with VC-DI proofs, and web-based DID methods like did:web. See the Wallet and Key Handling updates in the categorized PR list below.

There are several important deprecation notices in this release in preparation for the next ACA-Py release. Please review these notifications carefully!

In an attempt to shorten the categorized list of PRs in the release, rather than listing all of the dependabot PRs in the release, we've included a link to a list of those PRs.

Deprecation Notices

  • ACA-Py will soon be moved from the Hyperledger GitHub organization to that of the OpenWallet Foundation. As such, there will be changes in the names and locations of the artifacts produced -- the PyPi project and the container images in the GitHub Container Registry. We will retain the ability to publish LTS releases of ACA-Py for the current LTS versions (0.11, 0.12) in the current locations. For details, guidance, timing, and progress on the move, please monitor the description of GitHub Issue #3250 that will be maintained throughout the process.
  • In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0160 Connections, [RFC 0037 Issue Credentials v1.0] and [RFC 0037 Present Proof v1.0] DIDComm protocols. Each of the protocols will be moved to the [ACA-Py Plugins] repo. All deployers that use those protocols SHOULD update to the AIP 2.0 versions of those protocols (RFC 0434 Out of Band+RFC 0023 DID Exchange, RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols must adjust their configuration to load those protocols from the respective plugins.

1.0.1rc1 Breaking Changes

There are no breaking changes in ACA-Py Release 1.0.1.

What's Changed

Read more

1.0.1rc0

26 Sep 14:06
dc66c82
Compare
Choose a tag to compare
1.0.1rc0 Pre-release
Pre-release

Release 1.0.1 might be the last release of ACA-Py from the Hyperledger organization before the repository moves to the OpenWallet Foundation (OWF). As noted in the repository README.md, the ACA-Py project will soon be
moving soon to the OWF's GitHub organization as the new "acapy" project.

For details on what this means for ACA-Py users, including steps for updating deployments, please follow the updates in GitHub Issue #3250. We'll keep you informed about the approach, timeline, and progress of the move. Stay tuned!

The release contains mostly internal clean ups, technical debt elimination, and a revision to the integration testing approach, incorporating the Aries Agent Test Harness tests in the ACA-Py continuous integration testing process.

There are several important deprecation notices in this release in preparation for the next ACA-Py release. Please review these notifications carefully!

In an attempt to shorten the categorized list of PRs in the release, rather than listing all of the dependabot PRs in the release, we've included a link to a list of those PRs.

Deprecation Notices

  • ACA-Py will soon be moved from the Hyperledger GitHub organization to that of the OpenWallet Foundation. As such, there will be changes in the names and locations of the artifacts produced -- the PyPi project and the container images in the GitHub Container Registry. We will retain the ability to publish LTS releases of ACA-Py for the current LTS versions (0.11, 0.12) in the current locations. For details, guidance, timing, and progress on the move, please monitor the description of GitHub Issue #3250 that will be maintained throughout the process.
  • In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0160 Connections, [RFC 0037 Issue Credentials v1.0] and [RFC 0037 Present Proof v1.0] DIDComm protocols. Each of the protocols will be moved to the [ACA-Py Plugins] repo. All deployers that use those protocols SHOULD update to the AIP 2.0 versions of those protocols (RFC 0434 Out of Band+RFC 0023 DID Exchange, RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols must adjust their configuration to load those protocols from the respective plugins.

1.0.1rc0 Breaking Changes

There are no breaking changes in ACA-Py Release 1.0.1.

What's Changed

New Contributors

Full Changelog: 1.0.0...1.0.1rc0

1.0.0

16 Aug 21:16
8e539b5
Compare
Choose a tag to compare

Release 1.0.0 is finally here! While Aries Cloud Agent Python has been used in production for several years, the maintainers have decided it is finally time to put a "1.0" tag on the project. The 1.0.0 release itself includes well over 100 PRs merged since Release 0.12.1. The vast majority of that work was in hardening the product in preparation for this 1.0.0 release. While there are a number of new features and a new Long Term Support (LTS) policy, the majority of the focus has been on eliminating technical debt and improving the underlying implementation. Here are the highlights of the release:

  • A formal ACA-Py Long Term Support (LTS) policy has been documented and is being followed.
  • The default underlying Python version has been upgraded to 3.12. Happily, there were minimal code changes to enable the upgrade to 3.12 from the previous Python 3.9.
  • A new ACA-Py Plugins Store at https://plugins.aca-py.org. Check out the plugins that have been published by ACA-Py contributors, and learn how to add your own plugins!
  • We've improved the developer experience by enabling support in ACA-Py artifacts for the ARM Architecture (and notably, Mac M1 and later systems). To do so, we have removed default support for BBS Signatures. BBS Signatures are still supported in the codebase, and guidance is provided for how to enable the support in artifacts (Docker images, etc.) for those needing it. We look forward to updating the BBS support in ACA-Py based on libraries that include multi-architecture support.
  • Pagination support has been added to a number of Admin API queries for object lists, enabling the development of better user interfaces for large deployments.
  • Cleanup in the ACA-Py AnonCreds Revocation Registry handling to prevent errors that were found occurring under certain specific conditions.
  • Upgraded pull request and release pipeline, including:
    • Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
      • Many of the PRs in this release are related to dependency updates from dependabot or applied directly.
    • A switch to more used tooling, such as a switch from black to ruff.
    • Improvements in coverage monitoring of pull requests.
  • The start of a DIDComm v2 implementation in ACA-Py. The work is not complete, as we are taking an incremental approach to adding DIDComm v2 support.
  • A decorator has been added for enabling direct support for Admin API authentication. Previously, the only option to enable (the necessary) Admin API was to put the API behind a proxy that could manage authentication. With this update, ACA-Py deployments can handle authentication directly, without a proxy.
  • We have dropped support for the old, archived [Indy SDK]. If you have not migrated your deployment off of the Indy SDK, you must do so now. See this Indy SDK to Askar migration documentation for guidance.
  • Support added for using AnonCreds in W3C VCDM format.

1.0.0 Breaking Changes

With the focus of the pull requests for this release on stabilizing the implementation, there were just a few breaking changes:

  • The default underlying Python version has been upgraded to 3.12.
  • ACA-Py has supported BBS Signatures for some time. However, the dependency that is used (bbs) does not support the ARM architecture, and its inclusion in the default ACA-Py artifacts mean that developers using ARM-based hardware (such as Apple M1 Macs or later) cannot run ACA-Py "out-of-the-box". We feel that providing a better developer experience by supporting the ARM architecture is more important than BBS Signature support at this time. As such, we have removed the BBS dependency from the base ACA-Py artifacts and made it an add-on that those using ACA-Py with BBS must take extra steps to build into their own artifacts, as documented here.
  • Support for the Indy SDK has been dropped. It had been previously deprecated. See this Indy SDK to Askar migration documentation for guidance. Hyperledger Indy is still fully supported - it's just the Indy SDK client-side library that has been removed.
  • The webhook sent after receipt of presentation by a verifier has been updated to include all of the information needed by the verifier so that the controller does not have to call the "Verify Presentation" endpoint. The issue with calling that endpoint after the presentation has been received is that there is a race condition between the controller and the ACA-Py cleanup process deleting completed Present Proof protocol instances. See #3081 for additional details.
  • A fix to an obscure bug includes a change to the data sent to the controller after publishing multiple, endorsed credential definition revocation registries in a single call. The bug fix was to properly process the publishing. The breaking change is that when the process (now successfully) completes, the controller is sent the list of published credential definitions. Previously only a single value was being sent. See PR #3107 for additional details.
  • The configuration settings around whether a multitenant wallet uses a single database vs. a database per tenant has been made more explicit. The previous settings were not clear, resulting in some deployments that were intended to be a database per tenant actually result in all tenants being in the same database. For details about the change, see #3105.

What's Changed

Read more

1.0.0rc6

02 Aug 21:56
53e569d
Compare
Choose a tag to compare
1.0.0rc6 Pre-release
Pre-release

Release 1.0.0rc6 includes well over 100 PRs merged since Release 0.12.1. The vast majority of that work was in hardening the product in preparation for this 1.0.0 release. While there are a number of new features and a new Long Term Support (LTS) policy, the majority of the focus has been on eliminating technical debt and improving the underlying implementation. The full list of PRs in this release can be found below. here are the highlights of the release:

  • A formal ACA-Py Long Term Support (LTS) policy has been documented and is being followed.
  • The default underlying Python version has been upgraded to 3.12. Happily, there were minimal code changes to enable the upgrade to 3.12 from the previous Python 3.9.
  • We've improved the developer experience by enabling support in ACA-Py artifacts for the ARM Architecture (and notably, Mac M1 and later systems), we have removed default support for BBS Signatures. BBS Signatures are still supported, and guidance is provided for how to enable the support for those needing it. We look forward to updating the BBS support in ACA-Py based on libraries that include multi-architecture support.
  • Pagination support has been added to a number of Admin API queries for object lists, enabling the development of better user interfaces for large deployments.
  • Cleanup in the ACA-Py AnonCreds Revocation Registry handling to prevent errors that were found occurring under certain specific conditions.
  • Upgraded pull request and release pipeline, including:
    • Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
      • Many of the PRs in this release are related to dependency updates from dependabot or applied directly.
    • A switch to more used tooling, such as a switch from black to ruff.
    • Improvements in coverage monitoring of pull requests.
  • The start of a DIDComm v2 implementation in ACA-Py. The work is not complete, as we are taking an incremental approach to adding DIDComm v2 support.
  • A decorator has been added for enabling direct support for Admin API authentication. Previously, the only option to enable (the necessary) Admin API was to put the API behind a proxy that could manage authentication. With this update, ACA-Py deployments can handle authentication directly, without a proxy.
  • We have dropped support for the old, archived [Indy SDK]. If you have not migrated your deployment off of the Indy SDK, you must do so now. See this Indy SDK to Askar migration documentation for guidance.
  • Support added for using AnonCreds in W3C VCDM format. The support is not fully completed, but on the way.

1.0.0rc6 Breaking Changes

With the focus of the pull requests for this release on stabilizing the implementation, there were a few breaking changes:

  • The default underlying Python version has been upgraded to 3.12.
  • ACA-Py has supported BBS Signatures for some time. However, the dependency that is used (bbs) does not support the ARM architecture, and its inclusion in the default ACA-Py artifacts mean that developers using ARM-based hardware (such as Apple M1 Macs or later) cannot run ACA-Py "out-of-the-box". We feel that providing a better developer experience by supporting the ARM architecture is more important than BBS Signature support at this time. As such, we have removed the BBS dependency from the base ACA-Py artifacts and made it an add-on that those using ACA-Py with BBS must take extra steps to build their own artifacts, as documented here.
  • Support for the Indy SDK has been dropped. It had been previously deprecated. See this Indy SDK to Askar migration documentation for guidance.
  • The webhook sent after receipt of presentation by a verifier has been updated to include all of the information needed by the verifier so that the controller does not have to call the "Verify Presentation" endpoint. The issue with calling that endpoint after the presentation has been received is that there is a race condition between the controller and the ACA-Py cleanup process deleting completed Present Proof protocol instances. See #3081 for additional details.
  • A fix to an obscure bug includes a change to the data sent to the controller after publishing multiple, endorsed credential definition revocation registries in a single call. The bug fix was to properly process the publishing. The breaking change is that when the process (now successfully) completes, the controller is sent the list of published credential definitions. Previously only a single value was being sent. See PR #3107 for additional details.

What's Changed

Read more

0.12.2

01 Aug 22:24
1631eb9
Compare
Choose a tag to compare

A patch release to add the verification of a linkage between an inbound message and its associated connection (if any) before processing the message. Also adds some additional cleanup/fix PRs from the main branch (see list below) that might be useful for deployments currently using Release 0.12.1 or 0.12.0.

0.12.2 Breaking Changes

There are no breaking changes in this release.

PRs cherry-picked from the main branch:

  • fix: multiuse invites with did peer 4 #3112 dbluhm
  • Check connection is ready in all connection required handlers #3095 jamshale
  • Add by_format to terse webhook for presentations #3081 ianco
  • fix: respond to did:peer:1 with did:peer:4 #3050 dbluhm
  • feat: soft binding for plugin flexibility #3010 dbluhm
  • feat: inject profile and session #2997 dbluhm
  • feat: external signature suite provider interface #2835 dbluhm
  • fix(interop): overly strict validation #2943 dbluhm

What's Changed

Full Changelog: 0.12.1...0.12.2

0.11.3

01 Aug 22:20
c901828
Compare
Choose a tag to compare

A patch release to add a fix that ensures that sufficient webhook information is sent to an ACA-Py controller that is executing the AIP 2.0 Present Proof 2.0 Protocol.

0.11.3 Breaking Changes

There are no breaking changes in this release.

0.11.3 PRs Cherry-picked from the main branch

  • Add by_format to terse webhook for presentations #3081 ianco

What's Changed

Full Changelog: 0.11.2...0.11.3