1.2.1rc0

CHANGELOG.md

@@ -1,9 +1,62 @@
 # Aries Cloud Agent Python Changelog
 
+## 1.2.1rc0
+
+### January 21, 2025
+
+Release 1.2.1 is a patch to fix a couple of issues introduced in [Release 1.2.0](#120) that prevent the startup of multi-tenant/single database instances of ACA-Py. The release includes the fixes, plus a new test for testing ACA-Py upgrades -- a new test type introduced in [Release 1.2.0](#120). Given that there are no breaking changes in this release, we'll move the [1.2.lts branch](https://github.com/openwallet-foundation/acapy/tree/1.2.lts) to be based on this release.
+
+Enhancements in Release 1.2.1 are the addition of support for the Linked Data proof cryptosuite `EcdsaSecp256r1Signature2019`, and support for P256 keys generally and in `did:key` form.
+
+### 1.2.1rc0 Deprecation Notices
+
+The same **[deprecation notices](#101-deprecation-notices)** from the [1.1.0](#110) release about AIP 1.0 protocols still apply. The protocols remain in the 1.2.1 release, but will be moved out of the core and into plugins soon. Please review these notifications carefully!
+
+### 1.2.1rc0 Breaking Changes
+
+There are no breaking changes in this release, just fixes, new tests and minor updates.
+
+#### 1.2.1rc0 Categorized List of Pull Requests
+
+- Linked Data Proof and Key Type Additions
+  - Support EcdsaSecp256r1Signature2019 linked data proof [\#3443](https://github.com/openwallet-foundation/acapy/pull/3443) [gmulhearn](https://github.com/gmulhearn)
+  - Support P256 keys & did:keys [\#3442](https://github.com/openwallet-foundation/acapy/pull/3442) [gmulhearn](https://github.com/gmulhearn)
+
+- Startup, Wallet Keys, and Upgrade Fixes
+  - Check admin wallet anoncreds upgrade on startup [\#3458](https://github.com/openwallet-foundation/acapy/pull/3458) [jamshale](https://github.com/jamshale)
+  - Add Multi-tenancy single wallet upgrade test [\#3457](https://github.com/openwallet-foundation/acapy/pull/3457) [jamshale](https://github.com/jamshale)
+  - Pass the correct key for multitenant single wallets [\#3450](https://github.com/openwallet-foundation/acapy/pull/3450) [jamshale](https://github.com/jamshale)
+  - Prevent dummy profiles on start up [\#3449](https://github.com/openwallet-foundation/acapy/pull/3449) [jamshale](https://github.com/jamshale)
+  - Fixed handling of base wallet routes in auth decorator [\#3448](https://github.com/openwallet-foundation/acapy/pull/3448) [esune](https://github.com/esune)
+
+- DID Registration and Resolution
+  - Change did:tdw resolver naming to did:webvh [\#3429](https://github.com/openwallet-foundation/acapy/pull/3429) [jamshale](https://github.com/jamshale)
+
+- Test Suite Updates and Artifact Publishing
+  - Only copy agent code in dockerfiles [\#3393](https://github.com/openwallet-foundation/acapy/pull/3393) [jamshale](https://github.com/jamshale)
+
+- Internal Improvements / Cleanups / Tech Debt Updates
+  - Update versions.json to correct the version drop down on aca-py.org [\#3434](https://github.com/openwallet-foundation/acapy/pull/3434) [swcurran](https://github.com/swcurran)
+  - Follow up from Release 1.2.0 -- including LTS change [\#3432](https://github.com/openwallet-foundation/acapy/pull/3432) [swcurran](https://github.com/swcurran)
+
+- Consolidate Dependabot updates and other library/dependency updates
+  - :arrow_up: Upgrade dev dependencies [\#3454](https://github.com/openwallet-foundation/acapy/pull/3454) [ff137](https://github.com/ff137)
+  - :recycle: Sync ruff version in workflows [\#3447](https://github.com/openwallet-foundation/acapy/pull/3447) [ff137](https://github.com/ff137)
+
+- Release management pull requests:
+  - 1.2.1rc0 [\#3459](https://github.com/openwallet-foundation/acapy/pull/3459) [swcurran](https://github.com/swcurran)
+
+- Dependabot PRs
+  - [Link to list of Dependabot PRs in this release](https://github.com/openwallet-foundation/acapy/pulls?q=is%3Apr+is%3Amerged+merged%3A2025-01-08..2025-01-21+author%3Aapp%2Fdependabot+)
+
 ## 1.2.0
 
 ### January 8, 2025
 
+!!! warning "Multi-tenant, Single Database Deployments"
+
+    A bug in Release 1.2.0 prevents using the release with existing multi-tenant, single wallet deployments. Those requiring such support **must** skip Release 1.2.0 and move to Release 1.2.1rc0 or higher.
+
 Release 1.2.0 is a minor update to ACA-Py that contains an update to the AnonCreds implementation to make it easier to deploy on other than Hyperledger Indy, and a lengthy list of adjustments, improvements and fixes, with a focus on removing technical debt. In addition to the AnonCreds updates, the most visible change is the removal of the "in-memory wallet" implementation in favour of using the SQLite in-memory wallet (`sqlite://:memory:`), including removing the logic for handling that extra wallet type. In removing the in-memory wallet, all of the unit and integration tests that used the in-memory wallet have been updated to use SQLite's in-memory wallet.
 
 Release 1.2.x is the new current Long Term Support (LTS) for ACA-Py, as defined in the [LTS Strategy](./LTS-Strategy.md) document. With this release, the "end of life" for the previous "current LTS release" -- [0.12](#0123) -- is set for October 2025.
@@ -154,7 +207,7 @@ The only (but significant) breaking changes in 1.1.0 are related to the GitHub o
 - the renaming of the source code folder from `aries_cloudagent` to `acapy_agent`,
 - the publication of the [PyPi] project under the new `acapy_agent` name, and
 - the use of the OWF organizational GitHub Container Registry ([GHCR]) and `acapy_agent` as the name for release container image artifacts.
-  - The patterns for the image tags remain the same as before. So, for example, the new nightly artifact can be found here: [docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly](docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly).
+  - The patterns for the image tags remain the same as before. So, for example, the new nightly artifact can be found here: `docker pull ghcr.io/openwallet-foundation/acapy-agent:py3.12-nightly`.
 
 [PyPi]: https://pypi.org
 [GHCR]: https://ghcr.io

Managing-ACA-Py-Doc-Site.md

@@ -20,7 +20,7 @@ and mkdocs configuration.
 
 When the GitHub Action fires, it runs a container that carries out the following steps:
 
-- Checks out the triggering branch, either `main` or `docs-v<version>` (e.g `docs-v1.2.0`).
+- Checks out the triggering branch, either `main` or `docs-v<version>` (e.g `docs-v1.2.1rc0`).
 - Runs the script [scripts/prepmkdocs.sh], which moves and updates some of the
   markdown files so that they fit into the generated site. See the comments in
   the scripts for details about the copying and editing done via the script. In
@@ -97,7 +97,7 @@ To delete the documentation version, do the following:
 - Check your `git status` and make sure there are no changes in the branch --
   e.g., new files that shouldn't be added to the `gh-pages` branch. If there are
   any -- delete the files so they are not added.
-- Remove the folder for the RC.  For example `rm -rf 1.2.0`
+- Remove the folder for the RC.  For example `rm -rf 1.2.1rc0`
 - Edit the `versions.json` file and remove the reference to the RC release in
   the file.
 - Push the changes via a PR to the ACA-Py `gh-pages` branch (don't PR them into

PUBLISHING.md

@@ -6,7 +6,7 @@ a major, minor or patch release, per [semver](https://semver.org/) rules.
 
 Once ready to do a release, create a local branch that includes the following updates:
 
-1. Create a local PR branch from an updated `main` branch, e.g. "1.2.0".
+1. Create a local PR branch from an updated `main` branch, e.g. "1.2.1rc0".
 
 2. See if there are any Document Site `mkdocs` changes needed. Run the script
    `./scripts/prepmkdocs.sh; mkdocs`. Watch the log, noting particularly if
@@ -78,17 +78,17 @@ Once you have the list of PRs:
 - Check the dates in the `dependabot` URL to make sure the full period between the previous non-RC release to the date of the non-RC release you are preparing.
 - Include a PR in the list for this soon-to-be PR, initially with the "next to be issued" number for PRs/Issues. At the end output of the script is the highest numbered PR and issue. Your PR will be one higher than the highest of those two numbers. Note that you still might have to correct the number after you create the PR if someone sneaks an issue or PR in before you submit your PR.
 
-1. Check to see if there are any other PRs that should be included in the release.
+5. Check to see if there are any other PRs that should be included in the release.
 
-2. Update the ReadTheDocs in the `/docs` folder by following the instructions in
+6. Update the ReadTheDocs in the `/docs` folder by following the instructions in
    the `docs/UpdateRTD.md` file. That will likely add a number of new and modified
    files to the PR. Eliminate all of the errors in the generation process,
    either by mocking external dependencies or by fixing ACA-Py code. If
    necessary, create an issue with the errors and assign it to the appropriate
    developer. Experience has demonstrated to use that documentation generation
    errors should be fixed in the code.
 
-3. Search across the repository for the previous version number and update it
+7. Search across the repository for the previous version number and update it
    everywhere that makes sense. The CHANGELOG.md entry for the previous release
    is a likely exception, and the `pyproject.toml` in the root **MUST** be
    updated. You can skip (although it won't hurt) to update the files in the
@@ -101,28 +101,28 @@ Once you have the list of PRs:
    have dropped the previously used `-` in the release candidate version string
    to better follow the semver rules.
 
-4. Regenerate openapi.json and swagger.json by running
+8. Regenerate openapi.json and swagger.json by running
    `scripts/generate-open-api-spec` from within the `acapy_agent` folder.
 
    Command: `cd acapy_agent;../scripts/generate-open-api-spec;cd ..`
 
    Folders may not be cleaned up by the script, so the following can be run, likely with `sudo` -- `rm -rf open-api/.build`. The folder is `.gitignore`d, so there is not a danger they will be pushed, even if they are not deleted.
 
-5.  Double check all of these steps above, and then submit a PR from the branch.
+9.  Double check all of these steps above, and then submit a PR from the branch.
    Add this new PR to CHANGELOG.md so that all the PRs are included.
    If there are still further changes to be merged, mark the PR as "Draft",
    repeat **ALL** of the steps again, and then mark this PR as ready and then
    wait until it is merged. It's embarrassing when you have to do a whole new
    release just because you missed something silly...I know!
 
-6.    Immediately after it is merged, create a new GitHub tag representing the
+10.    Immediately after it is merged, create a new GitHub tag representing the
    version. The tag name and title of the release should be the same as the
    version in [pyproject.toml](https://github.com/openwallet-foundation/acapy/tree/main/pyproject.toml). Use
    the "Generate Release Notes" capability to get a sequential listing of the
    PRs in the release, to complement the manually curated Changelog. Verify on
    PyPi that the version is published.
 
-7.     New images for the release are automatically published by the GitHubAction
+11.     New images for the release are automatically published by the GitHubAction
    Workflows: [publish.yml] and [publish-indy.yml]. The actions are triggered
    when a release is tagged, so no manual action is needed. The images are
    published in the [OpenWallet Foundation Package Repository under
@@ -139,8 +139,8 @@ Once you have the list of PRs:
 [publish.yml]: https://github.com/openwallet-foundation/acapy/blob/main/.github/workflows/publish.yml
 [publish-indy.yml]: https://github.com/openwallet-foundation/acapy/blob/main/.github/workflows/publish-indy.yml
 
-1.   When a new release is tagged, create a new branch at the same commit with
-    the branch name in the format `docs-v<version>`, for example, `docs-v1.2.0`.
+12.   When a new release is tagged, create a new branch at the same commit with
+    the branch name in the format `docs-v<version>`, for example, `docs-v1.2.1rc0`.
     The creation of the branch triggers the execution of the [publish-docs]
     GitHub Action which generates the documentation for the new release,
     publishing it at [https://aca-py.org]. The GitHub Action also executes when

README.md

@@ -53,7 +53,7 @@ the [LTS strategy](./LTS-Strategy.md).
 
 Current LTS releases:
 
-- Release [1.2](https://github.com/openwallet-foundation/acapy/releases/tag/1.2.0) **Current LTS Release**
+- Release [1.2](https://github.com/openwallet-foundation/acapy/releases/tag/1.2.1rc0) **Current LTS Release**
 - Release [0.12](https://github.com/openwallet-foundation/acapy/releases/tag/0.12.3) **End of Life: October 2025**
 
 Past LTS releases:

docs/UpdateRTD.md

@@ -35,6 +35,9 @@ cd docs; sphinx-build -b html -a -E -c ./ ./ ./_build; cd ..
 Once generated, go into the `docs/_build` folder and open `index.html` in a browser. Note that the `_build` is
 `.gitignore`'d and so will not be part of a git push.
 
+If the script does not run at all, you may need to do a `pip install -r
+docs/requirements.txt` to update the Sphinx dependencies.
+
 ### Look for Errors
 
 This is the hard part; looking for errors in docstrings added by devs. Some tips:

docs/features/SupportedRFCs.md

@@ -8,7 +8,7 @@ ACA-Py or the repository `main` branch. Reminders (and PRs!) to update this page
 welcome! If you have any questions, please contact us on the #aries channel on
 [OpenWallet Foundation Discord](https://discord.gg/openwallet-foundation) or through an issue in this repo.
 
-**Last Update**: 2025-01-07, Release 1.2.0
+**Last Update**: 2025-01-21, Release 1.2.1rc0
 
 > The checklist version of this document was created as a joint effort
 > between [Northern Block](https://northernblock.io/), [Animo Solutions](https://animo.id/) and the Ontario government, on behalf of the Ontario government.
@@ -56,7 +56,7 @@ A summary of the Aries Interop Profiles and Aries RFCs supported in ACA-Py can b
 | Credential Type | Supported | Notes |
 | --- | :--: | -- |
 | [Hyperledger AnonCreds] | :white_check_mark: | Includes full issue VC, present proof, and revoke VC support. |
-| [W3C Verifiable Credentials Data Model](https://www.w3.org/TR/vc-data-model/) | :white_check_mark: | Supports JSON-LD Data Integrity Proof Credentials using the `Ed25519Signature2018`, `BbsBlsSignature2020` and `BbsBlsSignatureProof2020` signature suites.<br><br>Supports the [DIF Presentation Exchange](https://identity.foundation/presentation-exchange/) data format for presentation requests and presentation submissions.<br><br>Work currently underway to add support for [Hyperledger AnonCreds] in W3C VC JSON-LD Format |
+| [W3C Verifiable Credentials Data Model](https://www.w3.org/TR/vc-data-model/) | :white_check_mark: | Supports JSON-LD Data Integrity Proof Credentials using the `Ed25519Signature2018`, `EcdsaSecp256r1Signature2019`, `BbsBlsSignature2020` and `BbsBlsSignatureProof2020` signature suites.<br><br>Supports the [DIF Presentation Exchange](https://identity.foundation/presentation-exchange/) data format for presentation requests and presentation submissions.<br><br>Work currently underway to add support for [Hyperledger AnonCreds] in W3C VC JSON-LD Format |
 
 [Hyperledger AnonCreds]: https://www.hyperledger.org/projects/anoncreds
 

docs/generated/acapy_agent.anoncreds.models.rst

@@ -105,6 +105,14 @@ acapy\_agent.anoncreds.models.schema module
    :undoc-members:
    :show-inheritance:
 
+acapy\_agent.anoncreds.models.schema\_info module
+-------------------------------------------------
+
+.. automodule:: acapy_agent.anoncreds.models.schema_info
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
 acapy\_agent.anoncreds.models.utils module
 ------------------------------------------
 

docs/generated/acapy_agent.resolver.default.rst

@@ -73,14 +73,6 @@ acapy\_agent.resolver.default.peer4 module
    :undoc-members:
    :show-inheritance:
 
-acapy\_agent.resolver.default.tdw module
-----------------------------------------
-
-.. automodule:: acapy_agent.resolver.default.tdw
-   :members:
-   :undoc-members:
-   :show-inheritance:
-
 acapy\_agent.resolver.default.universal module
 ----------------------------------------------
 
@@ -96,3 +88,11 @@ acapy\_agent.resolver.default.web module
    :members:
    :undoc-members:
    :show-inheritance:
+
+acapy\_agent.resolver.default.webvh module
+------------------------------------------
+
+.. automodule:: acapy_agent.resolver.default.webvh
+   :members:
+   :undoc-members:
+   :show-inheritance:

docs/generated/acapy_agent.vc.ld_proofs.suites.rst

@@ -33,6 +33,14 @@ acapy\_agent.vc.ld\_proofs.suites.bbs\_bls\_signature\_proof\_2020 module
    :undoc-members:
    :show-inheritance:
 
+acapy\_agent.vc.ld\_proofs.suites.ecdsa\_secp256r1\_signature\_2019 module
+--------------------------------------------------------------------------
+
+.. automodule:: acapy_agent.vc.ld_proofs.suites.ecdsa_secp256r1_signature_2019
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
 acapy\_agent.vc.ld\_proofs.suites.ed25519\_signature\_2018 module
 -----------------------------------------------------------------
 

docs/requirements.txt

@@ -1,4 +1,5 @@
 # Defining the exact versions for ReadTheDocs that will make sure things don't break
 sphinx==5.3.0
 sphinx_rtd_theme==1.3.0
-readthedocs-sphinx-search==0.3.2
+readthedocs-sphinx-search==0.3.2
+sphinx-notfound-page==1.0.2

open-api/openapi.json

@@ -2,7 +2,7 @@
   "openapi" : "3.0.1",
   "info" : {
     "title" : "Aries Cloud Agent",
-    "version" : "v1.2.0"
+    "version" : "v1.2.1rc0"
   },
   "servers" : [ {
     "url" : "/"
@@ -7171,7 +7171,7 @@
           "in" : "query",
           "name" : "key_type",
           "schema" : {
-            "enum" : [ "ed25519", "bls12381g2" ],
+            "enum" : [ "ed25519", "bls12381g2", "p256" ],
             "type" : "string"
           }
         }, {
@@ -7388,7 +7388,7 @@
             "description" : ""
           }
         },
-        "summary" : "Create a EdDSA jws using did keys with a given payload",
+        "summary" : "Create a jws using did keys with a given payload",
         "tags" : [ "wallet" ],
         "x-codegen-request-body-name" : "body"
       }
@@ -7417,7 +7417,7 @@
             "description" : ""
           }
         },
-        "summary" : "Verify a EdDSA jws using did keys with a given JWS",
+        "summary" : "Verify a jws using did keys with a given JWS",
         "tags" : [ "wallet" ],
         "x-codegen-request-body-name" : "body"
       }
@@ -7528,7 +7528,7 @@
             "description" : ""
           }
         },
-        "summary" : "Create a EdDSA sd-jws using did keys with a given payload",
+        "summary" : "Create an sd-jws using did keys with a given payload",
         "tags" : [ "wallet" ],
         "x-codegen-request-body-name" : "body"
       }
@@ -7557,7 +7557,7 @@
             "description" : ""
           }
         },
-        "summary" : "Verify a EdDSA sd-jws using did keys with a given SD-JWS with optional key binding",
+        "summary" : "Verify an sd-jws using did keys with a given SD-JWS with optional key binding",
         "tags" : [ "wallet" ],
         "x-codegen-request-body-name" : "body"
       }
@@ -9400,7 +9400,7 @@
           },
           "key_type" : {
             "description" : "Key type associated with the DID",
-            "enum" : [ "ed25519", "bls12381g2" ],
+            "enum" : [ "ed25519", "bls12381g2", "p256" ],
             "example" : "ed25519",
             "type" : "string"
           },
@@ -9462,7 +9462,7 @@
           },
           "key_type" : {
             "description" : "Key type to use for the DID keypair. Validated with the chosen DID method's supported key types.",
-            "enum" : [ "ed25519", "bls12381g2" ],
+            "enum" : [ "ed25519", "bls12381g2", "p256" ],
             "example" : "ed25519",
             "type" : "string"
           }