1.2.3

This patch release addresses a bug in the publishing of AnonCreds revocation entries that caused the ledger and issuer wallet to become out of sync. As a result, revoked credentials were not being correctly flagged as revoked when presented. Previously, this issue was mitigated by an automatic “sync-revocation” process, which generally resolved the problem. However, we recently identified scenarios where the presence of an Indy Endorser in the revocation publication flow caused the “sync-revocation” process to fail silently.

This patch resolves that issue. Once applied, if a revocation batch results in an out-of-sync state, the “sync-revocation” process will automatically run to correct it.

For more details, see Issue 3546.

1.2.3 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in this 1.2.3 release, but the Connections Protocol has been removed from the ACA-Py main branch, and is available as a plugin. The Issue Credential v1 and Present Proof v1 protocols will soon be changed similarly. Please review these notifications carefully!

1.2.3 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 1.2.LTS Fix revocation accum sync when endorsement txn fails (#3547) by @jamshale in #3555
• 1.2.3 by @swcurran in #3559

Full Changelog: 1.2.2...1.2.3

0.12.5

This patch release addresses a bug in the publishing of AnonCreds revocation entries that caused the ledger and issuer wallet to become out of sync. As a result, revoked credentials were not being correctly flagged as revoked when presented. Previously, this issue was mitigated by an automatic “sync-revocation” process, which generally resolved the problem. However, we recently identified scenarios where the presence of an Indy Endorser in the revocation publication flow caused the “sync-revocation” process to fail silently.

This patch resolves that issue. Once applied, if a revocation batch results in an out-of-sync state, the “sync-revocation” process will automatically run to correct it.

For more details, see Issue 3546.

0.12.5 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 0.12.lts Fix revocation accum sync when endorsement txn fails (#3547) by @jamshale in #3554
• 0.12.lts Patch the fix_ledger_entry improvements by @jamshale in #3558
• 0.12.5 by @swcurran in #3560

Full Changelog: 0.12.4...0.12.5

1.2.2

A patch release to upgrade Askar to 0.4.3 and fixes a problem with wallet names in a multitenant, single-wallet configuration.

Addresses the problem outlined in #3471 around profiles in multi-tenant/single wallet deployments. The update to Askar addresses an intermittent hang on startup, and a dependency change that can result in a substantial performance improvement in some cases. See issues: openwallet-foundation/askar#350, openwallet-foundation/askar#351, openwallet-foundation/askar#354. This comment on one of the PRs describes the scenario where a substantial performance improvement was seen as a result of the change in Askar.

1.2.2 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in the 1.2.2 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.2.2 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 1.2 LTS: Askar upgrade and fix profile unique names by @jamshale in #3477
• 1.2.2 by @swcurran in #3482

Full Changelog: 1.2.1...1.2.2

0.12.4

A patch release to upgrade Askar to 0.4.3 and fixes a problem with wallet names in a multitenant, single-wallet configuration.

Addresses the problem outlined in #3471 around profiles in multi-tenant/single wallet deployments. The update to Askar addresses an intermittent hang on startup, and a dependency change that can result in a substantial performance improvement in some cases. See issues: openwallet-foundation/askar#350, openwallet-foundation/askar#351, openwallet-foundation/askar#354. This comment on one of the PRs describes the scenario where a substantial performance improvement was seen as a result of the change in Askar.

0.12.4 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 0.12 LTS: Askar upgrade and fix profile unique names by @jamshale in #3475
• 0.12.4 by @swcurran in #3481

Full Changelog: 0.12.3...0.12.4

1.2.1

Release 1.2.1 is a patch to fix a couple of issues introduced in Release 1.2.0 that prevent the startup of multi-tenant/single database instances of ACA-Py. The release includes the fixes, plus a new test for testing ACA-Py upgrades -- a new test type introduced in Release 1.2.0. Given that there are no breaking changes in this release, we'll move the 1.2.lts branch to be based on this release.

Enhancements in Release 1.2.1 are the addition of support for the Linked Data proof cryptosuite EcdsaSecp256r1Signature2019, and support for P256 keys generally and in did:key form.

1.2.1 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in the 1.2.1 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.2.1 Breaking Changes

There are no breaking changes in this release, just fixes, new tests and minor updates.

What's Changed

• Add some more functionality and checks to the restart/upgrade test by @ianco in #3431
• Follow up from Release 1.2.0 -- including LTS change by @swcurran in #3432
• Change did:tdw resolver naming to did:webvh by @jamshale in #3429
• chore(deps-dev): Bump pytest-asyncio from 0.25.1 to 0.25.2 by @dependabot in #3437
• chore(deps): Bump marshmallow from 3.23.3 to 3.25.1 by @dependabot in #3438
• chore(deps-dev): Bump ruff from 0.8.6 to 0.9.1 by @dependabot in #3439
• chore(deps): Bump pygments from 2.18.0 to 2.19.1 by @dependabot in #3440
• Only copy agent code in dockerfiles by @jamshale in #3393
• Support P256 keys & did:keys by @gmulhearn in #3442
• ♻️ Sync ruff version in workflows by @ff137 in #3447
• Fixed handling of base wallet routes in auth decorator by @esune in #3448
• Support EcdsaSecp256r1Signature2019 linked data proof by @gmulhearn in #3443
• Prevent dummy profiles on start up by @jamshale in #3449
• ⬆️ Upgrade dev dependencies by @ff137 in #3454
• Pass the correct key for multitenant single wallets by @jamshale in #3450
• chore(deps): Bump mkdocs-material from 9.5.49 to 9.5.50 by @dependabot in #3453
• Add Multi-tenancy single wallet upgrade test by @jamshale in #3457
• Check admin wallet anoncreds upgrade on startup by @jamshale in #3458
• 1.2.1rc0 by @swcurran in #3459
• 1.2.1 by @swcurran in #3460

Full Changelog: 1.2.0...1.2.1

1.2.1rc0

Release 1.2.1 is a patch to fix a couple of issues introduced in Release 1.2.0 that prevent the startup of multi-tenant/single database instances of ACA-Py. The release includes the fixes, plus a new test for testing ACA-Py upgrades -- a new test type introduced in Release 1.2.0. Given that there are no breaking changes in this release, we'll move the 1.2.lts branch to be based on this release.

Enhancements in Release 1.2.1 are the addition of support for the Linked Data proof cryptosuite EcdsaSecp256r1Signature2019, and support for P256 keys generally and in did:key form.

1.2.1rc0 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in the 1.2.1 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.2.1rc0 Breaking Changes

There are no breaking changes in this release, just fixes, new tests and minor updates.

What's Changed

• Add some more functionality and checks to the restart/upgrade test by @ianco in #3431
• Follow up from Release 1.2.0 -- including LTS change by @swcurran in #3432
• Change did:tdw resolver naming to did:webvh by @jamshale in #3429
• chore(deps-dev): Bump pytest-asyncio from 0.25.1 to 0.25.2 by @dependabot in #3437
• chore(deps): Bump marshmallow from 3.23.3 to 3.25.1 by @dependabot in #3438
• chore(deps-dev): Bump ruff from 0.8.6 to 0.9.1 by @dependabot in #3439
• chore(deps): Bump pygments from 2.18.0 to 2.19.1 by @dependabot in #3440
• Only copy agent code in dockerfiles by @jamshale in #3393
• Support P256 keys & did:keys by @gmulhearn in #3442
• ♻️ Sync ruff version in workflows by @ff137 in #3447
• Fixed handling of base wallet routes in auth decorator by @esune in #3448
• Support EcdsaSecp256r1Signature2019 linked data proof by @gmulhearn in #3443
• Prevent dummy profiles on start up by @jamshale in #3449
• ⬆️ Upgrade dev dependencies by @ff137 in #3454
• Pass the correct key for multitenant single wallets by @jamshale in #3450
• chore(deps): Bump mkdocs-material from 9.5.49 to 9.5.50 by @dependabot in #3453
• Add Multi-tenancy single wallet upgrade test by @jamshale in #3457
• Check admin wallet anoncreds upgrade on startup by @jamshale in #3458
• 1.2.1rc0 by @swcurran in #3459

Full Changelog: 1.2.0...1.2.1rc0

1.2.0

Release 1.2.0 is a minor update to ACA-Py that contains an update to the AnonCreds implementation to make it easier to deploy on other than Hyperledger Indy, and a lengthy list of adjustments, improvements and fixes, with a focus on removing technical debt. In addition to the AnonCreds updates, the most visible change is the removal of the "in-memory wallet" implementation in favour of using the SQLite in-memory wallet (sqlite://:memory:), including removing the logic for handling that extra wallet type. In removing the in-memory wallet, all of the unit and integration tests that used the in-memory wallet have been updated to use SQLite's in-memory wallet.

Release 1.2.x is the new current Long Term Support (LTS) for ACA-Py, as defined in the LTS Strategy document. With this release, the "end of life" for the previous "current LTS release" -- 0.12 -- is set for October 2025.

The first step to full support of did:webvh ("did:web + Verifiable History"-- formerly did:tdw) has been added to ACA-Py -- a resolver. We're working on improving the new DID Registration mechanism for it, Cheqd and other DID Methods, enabling ACA-Py to be used easily with a variety of DID Methods.

The move to the OpenWallet Foundation is now complete. If you haven't done so already, please update your ACA-Py deployment to use:

• the ACA-Py OWF repository,
• the new acapy-agent in PyPi, and
• the container images for ACA-Py hosted by the OpenWallet Foundation GitHub organization within the GitHub Container Repository (GHCR).

A significant testing capability was added in this release -- the ability to run an integration test that includes an ACA-Py upgrade in the middle. This allows us to test, for example starting an agent on one release, doing an upgrade (possibly including running a migration script), and then completing the test on the upgraded release. This is enable by adding a capability to restart Docker containers in the middle of tests. Nice work, @ianco!

What's Changed

• 📝 Fix links in README by @ff137 in #3295
• ⬆️ Update lock file by @ff137 in #3296
• chore(deps): Bump mkdocs-material from 9.5.39 to 9.5.41 by @dependabot in #3293
• chore(deps): Bump jsonpath-ng from 1.6.1 to 1.7.0 by @dependabot in #3288
• 🐛 Handle failure to resolve DIDComm services in DIDXManager by @ff137 in #3298
• chore(deps): Bump mkdocs-material from 9.5.41 to 9.5.42 by @dependabot in #3305
• chore(deps-dev): Bump ruff from 0.6.9 to 0.7.0 by @dependabot in #3304
• chore(deps): Bump marshmallow from 3.22.0 to 3.23.0 by @dependabot in #3303
• chore(deps): Update asyncpg requirement from ~=0.29.0 to ~=0.30.0 by @dependabot in #3302
• Fix endorsement setup with existing connection by @jamshale in #3309
• 🐛 Rearrange connection record deletion after hangup by @ff137 in #3310
• 🎨 Refactor string concatenation in model descriptions by @ff137 in #3313
• chore(deps-dev): Bump ruff from 0.7.0 to 0.7.1 by @dependabot in #3314
• Docs (devcontainer) Change folder names by @loneil in #3317
• 🔧 set default fixture scope for pytest-asyncio by @ff137 in #3318
• 🎨 Refactor the logging module monolith by @ff137 in #3319
• 🎨 Refactor Multitenant Manager errors and exception handling by @ff137 in #3323
• chore(deps): Bump marshmallow from 3.23.0 to 3.23.1 by @dependabot in #3325
• chore(deps-dev): Bump ruff from 0.7.1 to 0.7.2 by @dependabot in #3326
• chore(deps): Bump mkdocs-material from 9.5.42 to 9.5.43 by @dependabot in #3324
• Update accumulator value in wallet on repair by @jamshale in #3299
• ✨ Handle NotFound and UnprocessableEntity errors in middleware by @ff137 in #3327
• Remove in memory wallet by @jamshale in #3311
• ✅ Re-add ready_middleware unit tests by @ff137 in #3330
• 👷 Fix Nightly Publish to not run on forks by @ff137 in #3333
• chore(deps): Bump mkdocs-material from 9.5.43 to 9.5.44 by @dependabot in #3336
• Don't pass rekey to sub_wallet_profile by @jamshale in #3312
• chore(deps-dev): Bump ruff from 0.7.2 to 0.7.3 by @dependabot in #3334
• chore(deps-dev): Bump debugpy from 1.8.7 to 1.8.8 by @dependabot in #3335
• More robust verification method selection by did by @dbluhm in #3279
• 🎨 Fix current test warnings by @ff137 in #3338
• chore(deps-dev): Bump ruff from 0.7.3 to 0.7.4 by @dependabot in #3341
• chore(deps): Bump aiohttp from 3.11.0 to 3.11.2 by @dependabot in #3340
• chore(deps): Bump pyjwt from 2.9.0 to 2.10.0 by @dependabot in #3339
• did:tdw resolver by @jamshale in #3237
• chore(deps): Bump aiohttp from 3.10.5 to 3.10.11 in /scenarios in the pip group across 1 directory by @dependabot in #3342
• Fix tails upload for anoncreds multitenancy by @jamshale in #3346
• Add anoncreds issuance and presentation format by @jamshale in #3331
• Restore --base-wallet-routes flag functionality by @esune in #3344
• Fix subwallet anoncreds upgrade check by @jamshale in #3345
• Fix/universal resolver by @jamshale in #3354
• chore(deps-dev): Bump ruff from 0.7.4 to 0.8.0 by @dependabot in #3348
• chore(deps): Bump mkdocs-material from 9.5.44 to 9.5.46 by @dependabot in #3352
• chore(deps): Bump uuid-utils from 0.9.0 to 0.10.0 by @dependabot in #3351
• chore(deps-dev): Bump debugpy from 1.8.8 to 1.8.9 by @dependabot in #3350
• chore(deps): Bump aiohttp from 3.11.2 to 3.11.7 by @dependabot in #3349
• 🎨 Sync Ruff version in configs and apply formatting by @ff137 in #3358
• 🎨 Replace deprecated ABC decorators by @ff137 in #3357
• Add test wallet config option by @jamshale in #3355
• Week 49 Library upgrades by @jamshale in #3368
• ⚡ Add class caching to DeferLoad by @ff137 in #3361
• fix: check routing keys on indy_vdr endpoint refresh by @dbluhm in #3371
• Make vc libraries mandatory by @jamshale in #3356
• Repair release bdd tests by @jamshale in #3376
• 1.1.1rc0 by @swcurran in #3372
• Fix for demo initial cred_type override by @ianco in #3378
• chore(deps): Bump dawidd6/action-download-artifact from 6 to 7 in the all-actions group by @dependabot in #3370
• Update anoncreds format names by @jamshale in #3374
• 🎨 Fix model name for consistency by @ff137 in #3382
• chore(deps): Bump aiohttp from 3.11.9 to 3.11.10 by @dependabot in #3385
• chore(deps-dev): Bump ruff from 0.8.1 to 0.8.2 by @dependabot in #3384
• chore(deps): Bump mkdocs-material from 9.5.47 to 9.5.48 by @dependabot in #3386
• Fix sonar coverage on merge main by @jamshale in #3388
• Switch to COPY commands in dockerfiles by...

1.2.0rc0

Release 1.2.0 is a minor update to ACA-Py that contains an update to the AnonCreds implementation to make it easier to deploy on other than Hyperledger Indy, and a lengthy list of adjustments, improvements and fixes, with a focus on removing technical debt. In addition to the AnonCreds updates, the most visible change is the removal of the "in-memory wallet" implementation in favour of using the SQLite in-memory wallet (sqlite://:memory:), including removing the logic for handling that extra wallet type. In removing the in-memory wallet, all of the unit and integration tests that used the in-memory wallet have been updated to use SQLite's in-memory wallet.

The first step to full support of did:webvh ("did:web + Verifiable History"-- formerly did:tdw) has been added to ACA-Py -- a resolver. We're working on improving the new DID Registration mechanism for it, Cheqd and other DID Methods, enabling ACA-Py to be used easily with a variety of DID Methods.

The move to the OpenWallet Foundation is now complete. For up to date details on what the repo move means for ACA-Py users, including steps for updating deployments, please see latest in GitHub Issue #3250.

A significant testing capability was added in this release -- the ability to run an integration test that includes an ACA-Py upgrade in the middle. This allows us to test, for example starting an agent on one release, doing an upgrade (possibly including running a migration script), and then completing the test on the upgraded release. This is enable by adding a capability to restart Docker containers in the middle of tests. Nice work, @ianco!

1.2.0rc0 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in the 1.2.0 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!

1.2.0rc0 Breaking Changes

The removal of the "in-memory" wallet implementation might be break some test scripts. Rather than using the in-memory wallet, tests should be updated to use SQLite's special sqlite://:memory: database instead. This results in a better alignment between the Askar storage configuration in test environments and what is used in production.

A fix for a multi-tenancy bug in the holding of VC-LD credentials that resulted in the storing of such credentials in the base wallet versus the intended tenant wallet in included in this release. As part of that fix, PR #3391 impacts those using the GET /vc/credentials endpoint; the response is now an object with a single results attribute where it was previously a flat list.

What's Changed

• 📝 Fix links in README by @ff137 in #3295
• ⬆️ Update lock file by @ff137 in #3296
• chore(deps): Bump mkdocs-material from 9.5.39 to 9.5.41 by @dependabot in #3293
• chore(deps): Bump jsonpath-ng from 1.6.1 to 1.7.0 by @dependabot in #3288
• 🐛 Handle failure to resolve DIDComm services in DIDXManager by @ff137 in #3298
• chore(deps): Bump mkdocs-material from 9.5.41 to 9.5.42 by @dependabot in #3305
• chore(deps-dev): Bump ruff from 0.6.9 to 0.7.0 by @dependabot in #3304
• chore(deps): Bump marshmallow from 3.22.0 to 3.23.0 by @dependabot in #3303
• chore(deps): Update asyncpg requirement from ~=0.29.0 to ~=0.30.0 by @dependabot in #3302
• Fix endorsement setup with existing connection by @jamshale in #3309
• 🐛 Rearrange connection record deletion after hangup by @ff137 in #3310
• 🎨 Refactor string concatenation in model descriptions by @ff137 in #3313
• chore(deps-dev): Bump ruff from 0.7.0 to 0.7.1 by @dependabot in #3314
• Docs (devcontainer) Change folder names by @loneil in #3317
• 🔧 set default fixture scope for pytest-asyncio by @ff137 in #3318
• 🎨 Refactor the logging module monolith by @ff137 in #3319
• 🎨 Refactor Multitenant Manager errors and exception handling by @ff137 in #3323
• chore(deps): Bump marshmallow from 3.23.0 to 3.23.1 by @dependabot in #3325
• chore(deps-dev): Bump ruff from 0.7.1 to 0.7.2 by @dependabot in #3326
• chore(deps): Bump mkdocs-material from 9.5.42 to 9.5.43 by @dependabot in #3324
• Update accumulator value in wallet on repair by @jamshale in #3299
• ✨ Handle NotFound and UnprocessableEntity errors in middleware by @ff137 in #3327
• Remove in memory wallet by @jamshale in #3311
• ✅ Re-add ready_middleware unit tests by @ff137 in #3330
• 👷 Fix Nightly Publish to not run on forks by @ff137 in #3333
• chore(deps): Bump mkdocs-material from 9.5.43 to 9.5.44 by @dependabot in #3336
• Don't pass rekey to sub_wallet_profile by @jamshale in #3312
• chore(deps-dev): Bump ruff from 0.7.2 to 0.7.3 by @dependabot in #3334
• chore(deps-dev): Bump debugpy from 1.8.7 to 1.8.8 by @dependabot in #3335
• More robust verification method selection by did by @dbluhm in #3279
• 🎨 Fix current test warnings by @ff137 in #3338
• chore(deps-dev): Bump ruff from 0.7.3 to 0.7.4 by @dependabot in #3341
• chore(deps): Bump aiohttp from 3.11.0 to 3.11.2 by @dependabot in #3340
• chore(deps): Bump pyjwt from 2.9.0 to 2.10.0 by @dependabot in #3339
• did:tdw resolver by @jamshale in #3237
• chore(deps): Bump aiohttp from 3.10.5 to 3.10.11 in /scenarios in the pip group across 1 directory by @dependabot in #3342
• Fix tails upload for anoncreds multitenancy by @jamshale in #3346
• Add anoncreds issuance and presentation format by @jamshale in #3331
• Restore --base-wallet-routes flag functionality by @esune in #3344
• Fix subwallet anoncreds upgrade check by @jamshale in #3345
• Fix/universal resolver by @jamshale in #3354
• chore(deps-dev): Bump ruff from 0.7.4 to 0.8.0 by @dependabot in #3348
• chore(deps): Bump mkdocs-material from 9.5.44 to 9.5.46 by @dependabot in #3352
• chore(deps): Bump uuid-utils from 0.9.0 to 0.10.0 by @dependabot in #3351
• chore(deps-dev): Bump debugpy from 1.8.8 to 1.8.9 by @dependabot in #3350
• chore(deps): Bump aiohttp from 3.11.2 to 3.11.7 by @dependabot in #3349
• 🎨 Sync Ruff version in configs and apply formatting by @ff137 in #3358
• 🎨 Replace deprecated ABC decorators by @ff137 in #3357
• Add test wallet config option by @jamshale in #3355
• Week 49 Library upgrades by @jamshale in #3368
• ⚡ Add class caching to DeferLoad by @ff137 in #3361
• fix: check routing keys on indy_vdr endpoint refresh by @dbluhm in #3371
• Make vc libraries mandatory by @jamshale in #3356
• Repair release bdd tests by @jamshale in #3376
• 1.1.1rc0 by @swcurran in #3372
• Fix for demo initial cred_type override by @ianco in #3378
• chore(deps): Bump dawidd6/action-download-artifact from 6 to 7 in the all-actions group by @dependabot in https://github.com/openwallet-foundation/aca...

0.12.3

A patch release to add address a bug found in the Linked Data Verifiable Credential handling for multi-tenant holders. The bug was fixed in the main branch, PR 3391 - BREAKING: VCHolder multitenant binding, and with this release is backported to 0.12 Long Term Support branch. Prior to this release, holder credentials received into a tenant wallet were actually received into the multi-tenant admin wallet.

0.12.3 Breaking Changes

There are no breaking changes in this release.

What's Changed

• Patch PR 3391 - 0.12.lts by @jamshale in #3396
• 0.12.3rc0 by @swcurran in #3406
• Add legacy pypi token by @jamshale in #3408
• 0.12.3 by @swcurran in #3409

Full Changelog: 0.12.2...0.12.3

0.12.3rc0

A patch release to add address a bug found in the Linked Data Verifiable Credential handling for multi-tenant holders. The bug was fixed in the main branch, PR 3391 - BREAKING: VCHolder multitenant binding, and with this release is backported to 0.12 Long Term Support branch. Prior to this release, holders credentials received into a tenant wallet were actually received into the multitenant admin wallet.

0.12.3rc0 Breaking Changes

There are no breaking changes in this release.

What's Changed

• Patch PR 3391 - 0.12.lts by @jamshale in #3396
• 0.12.3rc0 by @swcurran in #3406

Full Changelog: 0.12.2...0.12.3rc0