Skip to content

Releases: openwallet-foundation/acapy

0.10.0-rc0

11 Aug 19:54
@swcurran swcurran
0.10.0-rc0
cdfa488
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.10.0-rc0 Pre-release
Pre-release

Release 0.10.1 contains a breaking change, an important fix for a regression introduced in 0.8.2 that impacts certain deployments, and a number of fixes and updates.

The regression fix is for ACA-Py deployments that use multi-use invitations but do NOT use the --auto-accept-connection-requests flag/processing. A change in 0.8.2 (PR #2224) suppressed an extra webhook event firing during the processing after receiving a connection request. An unexpected side effect of that change was that the subsequent webhook event also did not fire, and as a result, the controller did not get any event signalling a new connection request had been received via the multi-use invitation. The update in this release ensures the proper event fires and the controller receives the webhook.

See below for the breaking changes and the CHANGELOG file for a categorized list of the pull requests included in this release.

Breaking Changes

#2352 is a breaking change related to the storage of presentation exchange records in ACA-Py. In previous releases, presentation exchange protocol state data records were retained in ACA-Py secure storage after the completion of protocol instances. With this release the default behavior changes to deleting those records by default, unless the --preserve-exchange-records flag is set in the configuration. This extends the use of that flag that previously applied only to issue credential records. The extension matches the initial intention of the flag--that it cover both issue credential and present proof exchanges. The "best practices" for ACA-Py is that the controller (business logic) store any long-lasting business information needed for the service that is using the Aries Agent, and ACA-Py storage should be used only for data necessary for the operation of the agent. In particular, protocol state data should be held in ACA-Py only as long as the protocol is running (as it is needed by ACA-Py), and once a protocol instance completes, the controller should extract and store the business information from the protocol state before it is deleted from ACA-Py storage.

What's Changed

  • Add workaround for ARM based macs by @finnformica in #2313
  • chore(deps): Bump certifi from 2023.5.7 to 2023.7.22 in /demo/playground/scripts by @dependabot in #2354
  • Extend --preserve-exchange-records to include Presentation Exchange. by @usingtechnology in #2352
  • Corrected typo on mediator invitation configuration argument by @jorgefl0 in #2365
  • Fix empty ServiceDecorator in OobRecord causing 422 Unprocessable Entity Error by @ff137 in #2362
  • Correct the response type in send_rev_reg_def by @ff137 in #2355
  • fix: additional tweaks for did:web and other methods as public DIDs by @dbluhm in #2392
  • fix: keylist update response race condition by @dbluhm in #2391
  • Feat: Support Selectable Write Ledger by @shaangill025 in #2339
  • fix: outbound send status missing on path by @dbluhm in #2393
  • Multitenant check endorser_info before saving by @usingtechnology in #2395
  • Chore: fix marshmallow warnings by @ff137 in #2398
  • Upgrade pre-commit and flake8 dependencies; fix flake8 warnings by @ff137 in #2399
  • feat: add DID Exchange specific problem reports and reject endpoint by @dbluhm in #2394
  • Fix: Ensure event/webhook is emitted for multi-use invitations by @esune in #2413
  • 0.10.0-rc0 by @swcurran in #2414

New Contributors

Full Changelog: 0.9.0...0.10.0-rc0

Contributors

swcurran, esune, and 7 other contributors
Assets 2
Loading

0.9.0

24 Jul 22:28
@swcurran swcurran
0.9.0
e06c363
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.9.0

Release 0.9.0 is an important upgrade that changes (PR #2302) the dependency on the now archived Hyperledger Ursa project to its updated, improved replacement, AnonCreds CL-Signatures. This important change is ONLY available when using Aries Askar as the wallet type, which brings in both [Indy VDR] and the CL-Signatures via the latest version of CredX from the indy-shared-rs repository. The update is NOT available to those that are using the Indy SDK, which will continue to use the old Ursa implementation. All new deployments of ACA-Py SHOULD use Aries Askar. Further, we strongly recommend that all deployments using the Indy SDK with ACA-Py upgrade their installation to use Aries Askar and the related components using the migration scripts available. An Indy SDK to Askar migration document added to the aca-py.org documentation site, and a deprecation warning added to the ACA-Py startup.

The second big change in this release is that we have upgraded the primary Python version from 3.6 to 3.9 (PR #2247). In this case, primary means that Python 3.9 is used to run the unit and integration tests on all Pull Requests. We also do nightly runs of the main branch using Python 3.10. As of this release we have dropped Python 3.6, 3.7 and 3.8, and introduced new dependencies that are not supported in those versions of Python. For those that use the published ACA-Py container images, the upgrade should be easily handled. If you are pulling ACA-Py into your own image, or a non-containerized environment, this is a breaking change that you will need to address.

Please see the next section for all breaking changes, and the subsequent section for a categorized list of all pull requests in this release.

Breaking Changes

In addition to the breaking Python 3.6 to 3.9 upgrade, there are two other breaking changes that may impact some deployments.

#2034 allows for additional flexibility in using public DIDs in invitations, and adds a restriction that "implicit" invitations must be proactively enabled using a flag (--requests-through-public-did). Previously, such requests would always be accepted if --auto-accept was enabled, which could lead to unexpected connections being established.

#2170 is a change to improve message handling in the face of delivery errors when using a persistent queue implementation such as the ACA-Py Redis Plugin. If you are using the Redis plugin, you MUST upgrade to Redis Plugin Release 0.1.0 in conjunction with deploying this ACA-Py release. For those using their own persistent queue solution, see the PR #2170 comments for information about changes you might need to make to your deployment.

What's Changed

Full Changelog: 0.8.2...0.9.0

Contributors

ryjones, swcurran, and 11 other contributors
Assets 2
Loading

0.9.0-rc0

21 Jul 17:52
@swcurran swcurran
0.9.0-rc0
73ba85d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.9.0-rc0 Pre-release
Pre-release

Release 0.9.0 is an important upgrade that changes (PR #2302) the dependency on the now archived Hyperledger Ursa project to its updated, improved replacement, AnonCreds CL-Signatures. This important change is ONLY available when using Aries Askar as the wallet type, which brings in both [Indy VDR] and the CL-Signatures via the latest version of CredX from the indy-shared-rs repository. The update is NOT available to those that are using the Indy SDK. All new deployments of ACA-Py SHOULD use Aries Askar. Further, we strongly recommend that all deployments using the Indy SDK with ACA-Py upgrade their installation to use Aries Askar and the related components using the migration scripts available. An Indy SDK to Askar migration document added to the aca-py.org documentation site, and a deprecation warning added to the ACA-Py startup.

The second big change in this release is that we have upgraded the primary Python version from 3.6 to 3.9 (PR #2247). In this case, primary means that Python 3.9 is used to run the unit and integration tests on all Pull Requests. We also do nightly runs of the main branch using Python 3.10. As of this release we have dropped Python 3.6, 3.7 and 3.8, and introduced new dependencies that are not supported in those versions of Python. For those that use the published ACA-Py container images, the upgrade should be easily handled. If you are pulling ACA-Py into your own image, or a non-containerized environment, this is a breaking change that you will need to address.

Please see the next section for all breaking changes, and the subsequent section for a categorized list of all pull requests in this release.

Breaking Changes

In addition to the breaking Python 3.6 to 3.9 upgrade, there are two other breaking changes that may impact some deployments.

#2034 allows for additional flexibility in using public DIDs in invitations, and adds a restriction that "implicit" invitations must be proactively enabled using a flag (--requests-through-public-did). Previously, such requests would always be accepted if --auto-accept was enabled, which could lead to unexpected connections being established.

#2170 is a change to improve message handling in the face of delivery errors when using a persistent queue implementation such as the ACA-Py Redis Plugin. If you are using the Redis plugin, you MUST upgrade to Redis Plugin Release 0.1.0 in conjunction with deploying this ACA-Py release. For those using their own persistent queue solution, see the PR #2170 comments for information about changes you might need to make to your deployment.

What's Changed

Full Changelog: 0.8.2...0.9.0-rc0

Contributors

ryjones, swcurran, and 11 other contributors
Assets 2
Loading

1.0.0-rc3

07 Jul 22:17
@swcurran swcurran
1.0.0-rc3
9e52c5f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0.0-rc3 Pre-release
Pre-release

ACA-Py 1.0.0 will be a breaking update to ACA-Py with the version number indicating the maturity of the implementation. The final 1.0.0 release will be Aries Interop Profile 2.0-complete, and based on Python 3.9 or higher. The decision to start tagging early 1.0.0 releases was probably a bad one given the subsequent focus in the community on optimization of what we have vs. completing the to-do list for AIP 2.0. However, some organizations are using 1.0.0-rc releases, so with this release of 1.0.0-rc3 we are providing an update that incorporates the many, many enhancements, improvements, and fixes that are in ACA-Py releases 0.8.0, 0.8.1 and 0.8.2.

Release 1.0.0-rc3 is identical in functionality to ACA-Py Release 0.8.2. The only differences are the versions in the code/Swagger/Open API files and the changelog entry for this release.

Assets 2
Loading

0.8.2

29 Jun 16:36
@swcurran swcurran
0.8.2
3199657
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.8.2

Release 0.8.2 contains a number of minor fixes and updates to ACA-Py, including the correction of a regression in Release 0.8.0 related to the use of plugins (see PR #2255).

Highlights include:

This release pulls in indy-shared-rs's indy-credx Release 0.3.3 which fixes a serious issue in AnonCreds verification, as described in issue #2036, where the verification of a presentation with multiple revocable credentials fails when using Aries Askar and the other shared components. This issue occurs only when using Aries Askar and Indy CredX versions prior to 0.3.3.

Making it easier to use tracing in a development environment to collect detailed performance information about what is going in within ACA-Py. See PR #2236.

An important new feature in this release is the ability to set some instance configuration settings at the tenant level of a multi-tenant deployment. See PR #2233.

There are no breaking changes in this release.

For more about this release, please see the CHANGELOG.md file.

What's Changed

New Contributors

Full Changelog: 0.8.1...0.8.2

Contributors

swcurran, chumbert, and 13 other contributors
Assets 2
Loading

0.8.2-rc2

28 Jun 18:08
@swcurran swcurran
0.8.2-rc2
548fb25
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.8.2-rc2 Pre-release
Pre-release

Release 0.8.2 contains a number of minor fixes and updates to ACA-Py, including the correction of a regression in Release 0.8.0 related to the use of plugins (see PR #2255). Highlights include making it easier to use tracing in a development environment to collect detailed performance information about what is going in within ACA-Py.

An important new feature in this release is the ability to set some instance configuration settings at the tenant level of a multi-tenant deployment. See PR #2233.

There are no breaking changes in this release.

For more about this release, please see the CHANGELOG.md file.

What's Changed

New Contributors

Full Changelog: 0.8.1...0.8.2-rc2

Contributors

swcurran, chumbert, and 13 other contributors
Assets 2
Loading

0.8.2-rc1

27 Jun 14:51
@swcurran swcurran
0.8.2-rc1
15ff792
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.8.2-rc1 Pre-release
Pre-release

Release 0.8.2 contains a number of minor fixes and updates to ACA-Py, including the correction of a regression in Release 0.8.0 related to the use of plugins (see [https://github.com//pull/2255]). Highlights include making it easier to use tracing in a development environment to collect detailed performance information about what is going in within ACA-Py.

There are no breaking changes in this release.

For more about this release, please see the CHANGELOG.md file.

What's Changed

New Contributors

Full Changelog: 0.8.1...0.8.2-rc1

Contributors

swcurran, chumbert, and 13 other contributors
Assets 2
Loading

0.8.2-rc0

08 Jun 21:36
@swcurran swcurran
0.8.2-rc0
8b22ed3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.8.2-rc0 Pre-release
Pre-release

Release 0.8.2 contains a number of minor fixes and updates to ACA-Py, including the correction of a regression in Release 0.8.0 related to the use of plugins (see [#2255]). Highlights include making it easier to use tracing in a development environment to collect detailed performance information about what is going in within ACA-Py.

There are no breaking changes in this release.

For more about this release, please see the CHANGELOG.md file.

What's Changed

New Contributors

Full Changelog: 0.8.1...0.8.2-rc0

Contributors

swcurran, ianco, and 10 other contributors
Assets 2
Loading

1.0.0-rc2

05 Jun 15:52
@swcurran swcurran
1.0.0-rc2
6422622
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0.0-rc2 Pre-release
Pre-release

ACA-Py 1.0.0 will be a breaking update to ACA-Py with the version number indicating the maturity of the implementation. The final 1.0.0 release will be Aries Interop Profile 2.0-complete, and based on Python 3.9 or higher. The decision to start tagging early 1.0.0 releases was probably a bad one given the subsequent focus in the community on optimization of what we have vs. completing the to-do list for AIP 2.0. However, some organizations are using 1.0.0-rc1, so with this release of 1.0.0-rc2, we are providing an update that incorporates the many, many enhancements, improvements, and fixes that are in releases 0.8.0 and 0.8.1.

Breaking Changes

See the breaking changes documented in Releases 0.8.1 and 0.8.0. There are no breaking changes in the merged pull requests listed below--those merged since Release 0.8.1.

What's Changed

  • fix: run only on main, forks ok by @anwalker293 in #2166
  • Add support for JsonWebKey2020 for the connection invitations by @dkulic in #2173
  • Update Alice Wants a JSON-LD Credential to fix invocation by @swcurran in #2219
  • Disable webhook trigger on initial response to multi-use connection invitation by @esune in #2223
  • Fix broken link in README by @ff137 in #2221
  • Fix formatting and grammatical errors in different readme's by @ff137 in #2222
  • Connection target should not be limited only to indy dids by @dkulic in #2229
  • Multi-tenant self-managed mediation verkey lookup by @usingtechnology in #2232
  • stand up multiple agents (single and multi) for local development and testing by @usingtechnology in #2230
  • Fix multitenant/mediation in demo by @ianco in #2075
  • Upgrade codegen tools in scripts/generate-open-api-spec and publish Swagger 2.0 and OpenAPI 3.0 specs by @ff137 in #2246
  • fix: route multitenant connectionless oob invitation by @TimoGlastra in #2243
  • Add updated ELK stack for demos. by @usingtechnology in #2236
  • ./run_demo performance -c 1 --mediation --timing --trace-log by @usingtechnology in #2245
  • Bump requests from 2.30.0 to 2.31.0 in /demo/playground/scripts by @dependabot in #2238
  • Pass document loader to jsonld.expand by @andrewwhitehead in #2175
  • fix: only cache completed connection targets by @dbluhm in #2240
  • 1.0.0-rc2 Updates by @swcurran in #2253

New Contributors

Full Changelog: 0.8.1...1.0.0-rc2

Contributors

swcurran, ianco, and 9 other contributors
Assets 2
Loading

0.8.1

06 Apr 14:41
@swcurran swcurran
0.8.1
e07e4fd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.8.1

Version 0.8.1 is an urgent update to Release 0.8.0 to address an inability to execute the upgrade command. The upgrade command is needed for 0.8.0 Pull Request #2116 - "UPGRADE: Fix multi-use invitation performance", which is useful for (at least) deployments of ACA-Py as a mediator. In the release, the upgrade process is revamped, and documented in Upgrading ACA-Py.

Key points about upgrading for those with production, pre-0.8.1 ACA-Py deployments:

  • Upgrades now happen automatically on startup, when needed.
  • The version of the last executed upgrade, even if it is a "no change" upgrade, is put into secure storage and is used to detect when future upgrades are needed.
    • Upgrades are needed when the running version is greater than the version is secure storage.
  • If you have an existing, pre-0.8.1 deployment with many connection records, there may be a delay in starting as an upgrade will be run that loads and saves every connection record, updating the data in the record in the process.
    • A mechanism is to be added (see Issue #2201) for preventing an upgrade running if it should not be run automatically, and requires using the upgrade command. To date, there has been no need for this feature.
  • See the Upgrading ACA-Py document for more details.

Postgres Support with Aries Askar

Recent changes to Aries Askar have resulted in Askar supporting Postgres version 11 and greater. If you are on Postgres 10 or earlier and want to upgrade to use Askar, you must migrate your database to Postgres 10.

We have also noted that in some container orchestration environments such as Red Hat's OpenShift and possibly other Kubernetes distributions, Askar using Postgres versions greater than 14 do not install correctly. Please monitor Issue #2199 for an update to this limitation. We have found that Postgres 15 does install correctly in other environments (such as in docker compose setups).

What's Changed

New Contributors

Full Changelog: 0.8.0...0.8.1

Contributors

swcurran, ianco, and 2 other contributors
Assets 2
Loading