Skip to content

Releases: didx-xyz/aries-cloudapi-python

v4.2.0

13 Dec 14:39
059be4c
Compare
Choose a tag to compare

What's Changed

Full Changelog: v4.1.0...v4.2.0

v4.1.0-1

02 Dec 21:23
Compare
Choose a tag to compare

Relevant changes in v4.1.0 and v4.1.0-1

Breaking Changes

  1. GET /v1/wallet/credentials

    • Query parameters count and start have been renamed to limit and offset.
  2. GET /v1/wallet/credentials/w3c

    • Changes to query parameters:
      • count has been renamed to limit.
      • start and wql parameters have been removed, as these are not implemented in ACA-Py.
      • New filtering fields issuer_did and schema_ids have been added.

Deprecations

  1. Field Deprecations in Indy Credentials

    • The referent field in the Indy credential object (IndyCredInfo) and the list response (CredInfoList) is now deprecated.
    • A new field credential_id has been introduced as its replacement.
    • Affected endpoints:
      • GET /v1/wallet/credentials
      • GET /v1/wallet/credentials/{credential_id}
  2. Field Deprecations in W3C Credentials

    • The record_id field in the W3C credential object (VCRecord) and the list response (VCRecordList) is now deprecated.
    • A new field credential_id has been introduced as its replacement.
    • Affected endpoints:
      • GET /v1/wallet/credentials/w3c
      • GET /v1/wallet/credentials/w3c/{credential_id}

Full Changelog: v4.1.0...v4.1.0-1

v4.1.0

14 Nov 16:32
01e1d67
Compare
Choose a tag to compare

What's Changed

Full Changelog: v4.0.1...v4.1.0

v4.0.1-1

12 Nov 08:25
Compare
Choose a tag to compare

Full Changelog: v4.0.1...v4.0.1-1

v4.0.1

07 Nov 13:12
96560f1
Compare
Choose a tag to compare

What's Changed

  • 🧪 Skip test which modifies Faber wallet settings by @ff137 in #1126
  • ⬆️ Bump helmfile/helmfile-action from 1.9.2 to 1.9.3 by @dependabot in #1131
  • ⬆️ Upgrade uvicorn and update lock files by @ff137 in #1132
  • 📝 Update Waypoint doc & SSE docstring by @cl0ete in #1118
  • ⬆️ Upgrade ddtrace (2.14.4) by @ff137 in #1134
  • ⬆️ Upgrade to our 1.1.1b0 acapy release by @ff137 in #1136
  • ⬆️ Bump MishaKav/pytest-coverage-comment from 1.1.52 to 1.1.53 by @dependabot in #1117
  • 🐛 fix DidRotate Hangup error by @ff137 in #1138
  • ⚡ Waypoint start time by @cl0ete in #1137
  • ➕ Add ddtrace to waypoint by @ff137 in #1139
  • ⬆️ Upgrade cloudcontroller by @ff137 in #1140
  • ✨ Implement retry logic in RichAsyncClient by @ff137 in #1141
  • ⚡ replace FastAPI JSONResponse with ORJSONResponse by @ff137 in #1144
  • ✨ improve acapy exception handling by @ff137 in #1142
  • ⚡️ add state monitoring stream by @henrymsiska in #1143

Full Changelog: v4.0.0...v4.0.1

v4.0.0

17 Oct 15:38
c6b887e
Compare
Choose a tag to compare

v4.0.0 Release Summary

We’re excited to announce the release of v4.0.0, which marks a significant milestone in our platform's evolution. This release is packed with new features, improvements, and critical changes that streamline development, enhance integration with webhook events, and simplify protocol interactions. Read on for all the details!

✨ New Features

NATS for Webhook Event Processing & SSE Changes

We’ve replaced our Webhook service, previously reliant on Redis, with NATS JetStream and Benthos for storing and processing webhook events. This update significantly improves scalability and reliability for event processing. As a result, all consumers are now recommended to use NATS for webhook event subscriptions.

Additionally, the deprecated /webhooks and websocket endpoints have been completely removed. Several SSE endpoints have also been removed as part of this migration, simplifying the system. The following SSE endpoints are no longer available:

  • /sse/{wallet_id}
  • /sse/{wallet_id}/{topic}
  • /sse/{wallet_id}/{topic}/{desired_state}
  • /sse/{wallet_id}/{topic}/{field}/{field_id}

Moving forward, there is only one SSE endpoint:

  • /sse/{wallet_id}/{topic}/{field}/{field_id}/{desired_state}

For all other event subscriptions, we recommend switching to NATS.

DID-Rotate and DID-Exchange Protocol Support

We’ve introduced support for DID-Rotate and DID-Exchange methods, providing more flexible DID management throughout the lifecycle of a connection.

Notably, connections established using the DID-Exchange protocol can now utilize the hangup feature, which automatically deletes the connection record for both parties. Previously, with the old connections protocol, deleting a connection record would leave the other party with an unusable connection, as they would not be aware of its deletion. With DID-Exchange, this issue is resolved, and connections are automatically hung up when the DID-Exchange record is deleted.

The old connections protocol has now been marked as deprecated in favor of DID-Exchange.

To clarify: connection records themselves are not deprecated—they are still fetched and returned the same way. However, if a connection is established using DID-Exchange, the connection_protocol field in the record will now be labeled as didexchange/1.0, instead of connections/1.0.

Issuer & Verifier Image URL in Trust Registry

We’ve introduced an image_url field for both issuers and verifiers in the trust registry, allowing a visual representation to accompany their names. Tenant-admins can now onboard or update actors with an image using the PUT /tenant-admin/{wallet_id} endpoint, enhancing the clarity and recognition of trusted parties in the registry.

Swagger Replaced by Scalar

You will notice that our API Docs have gotten a make-over, as the Swagger OpenAPI documentation interface has been replaced with Scalar. Scalar offers a sleeker, more modern interface for exploring our API documentation. It’s easier to navigate, and we hope you’ll love the new look and feel!


🗑️ Deprecations and 💥 Breaking Changes

Protocol Version Cleanup

With the removal of v1 protocol support, there’s no longer a need to specify a protocol_version in your requests. We now default to v2, simplifying interactions and ensuring the latest features are used.

Deprecation of Old Connections Protocol

The old connections protocol has officially been deprecated. We recommend migrating to the DID-Exchange protocol for all new integrations to benefit from improved DID management and secure connection flows. Please see the Action Required section for more detail.

Webhook Event Changes

As stated in the new features: websocket subscription of webhook events is now removed; bulk fetching using the deprecated /webhooks endpoint is also no longer available; and some of the SSE endpoints mentioned above have been removed.


📝 Documentation Improvements

We’ve added several new and detailed documentation guides to help you get the most out of our platform. These additions provide clear guidance on managing proofs, revocations, and restrictions during verification processes:

  • Self-Attested Proofs: Learn how to handle and process self-attested attributes when responding to proof requests.
  • Predicate Proofs: Detailed guides on using predicates in proofs, allowing verifiers to request conditions on attributes, such as proving someone is over a certain age without revealing the actual value.
  • Revocation: Updated instructions on managing credential revocation, including how to handle revoked credentials during verification and ensure validity using NATS-based event subscriptions.
  • Proof Restrictions: New guidance on applying restrictions to proofs, allowing verifiers to set conditions on attributes, such as schema, issuer, or attribute values.

You can explore these guides in more detail on our public docs page.

👷 Developer Improvements

Kubernetes Native Development with Mise, Kind, and Tilt

We’ve officially migrated away from ./manage up and Docker Compose in favor of a Kubernetes-native setup using Mise, Kind, and Tilt. This powerful combination enables live reloading and a more standardized development environment. Say goodbye to local inconsistencies and embrace a more seamless workflow! 🎉


❗ Action Required

To ensure smooth transitions and compatibility, please review the following:

  • For webhook consumers: If you’re still using SSE or websockets for webhook event subscription, you’ll need to switch to NATS JetStream. Please contact us if you need help with this integration.

  • Connections protocol: Please begin migrating to use the DID-Exchange protocol, as the old one is deprecated. You'll find that the flow is now much simpler: every issuer has a public DID, and a tenant can now connect to them directly in a single call, using the new /connections/did-exchange/create-request endpoint. For connections with verifiers that don't have a public DID, please use the Out-Of-Band protocol instead of the connections protocol. If you need any assistance with this migration, please contact us.

  • Protocol version changes: Please search for where you make use of specifying a protocol_version in the issuer or verifying flows. This field can be removed as it will now have no effect. The v1 protocol is no longer supported, and we now default to using the recommended v2 protocols.

We also recommend regenerating any OpenAPI clients to reflect all the latest changes.


We hope you enjoy the improvements in v4.0.0! If you have any questions or need further assistance, feel free to reach out.


What's Changed

Read more

v3.4.0

03 Sep 11:48
6df55dd
Compare
Choose a tag to compare

v3.4.0 Release Summary

Our latest release is packed with improvements, including an upgrade to ACA-Py's latest v1.0.0 release, together with performance enhancements and new features!

Below are the detailed changes, with recommended actions at the end:

✨ New Features

Pagination with Ordering Support

A key feature in this release is pagination support for fetching tenants, connection records, credential exchange records, and proof records. This allows for improved performance and scalability when working with potentially thousands of tenants or records.

The following query parameters are now available:

  • limit: Specifies the number of records to return.
  • offset: Specifies the starting point for fetching records.
  • descending: Controls the order of results based on the created_at timestamp.

These parameters are supported on the following routes:

  • Tenant-admin API: GET /v1/tenants
  • Tenant API: GET /v1/connections, GET /v1/issuer/credentials, GET /v1/verifier/proofs

By default, results are ordered with descending=true, which returns the most recently created records at the top. Set descending=false to retrieve the oldest records first.

Example usage:

  • GET /v1/tenants?limit=10&descending=false will fetch the oldest 10 tenant records.
  • GET /v1/tenants?limit=10&offset=10&descending=false will return the next 10 records.
  • GET /v1/connections?limit=1 will return the most recently created connection record.

The maximum allowable limit is 10'000, to prevent excessively large fetch queries.

NB: The default behaviour, when limit is not specified, will now return 1'000 records, instead of the previous default of returning all records. This represents a 💥 breaking change for integrations that previously expected all records to be returned in a single call.

Note on Custom Ordering:
Due to encrypted storage, custom ordering during record retrieval is not supported. Therefore, to correctly order by updated_at, for example, all records must be fetched before applying custom ordering in post-processing. We plan to support this in a future release, but for now, clients requiring custom ordering will need to implement it after retrieving all records.

New Query Parameters for Fetching Matching Credentials

The GET /v1/verifier/proofs/{proof_id}/credentials endpoint returns matching credentials for a proof request. Previously the default behaviour would return up to 10 valid credentials. This endpoint now also supports limit and offset query parameters, to benefit from pagination functionality, together with an additional referent query parameter that allows filtering by presentation referent as well.

New Response Model for /revoke Endpoint

The /v1/issuer/credentials/revoke endpoint no longer returns an empty success response (204). Instead, it now returns a RevokedResponse model, providing clearer confirmation of which credential revocation IDs have been successfully published in the request.

New Endpoint: Get Pending Revocations

We’ve introduced a new endpoint, GET /v1/issuer/credentials/get-pending-revocations/{revocation_registry_id}, which allows you to retrieve pending revocations for a given revocation registry ID. This provides better insight into revocation statuses and assists in managing revocation workflows more effectively.

❗ Action Required

To maintain compatibility with the changes in this release, please take the following actions:

  • For the /v1/issuer/credentials/revoke endpoint: Update your integrations to handle the new RevokedResponse model.
  • For pagination: Review and update any usage of the affected endpoints to incorporate limit, offset, and descending parameters as necessary.
    • If you previously expected all records to be returned in a single call, you must now explicitly specify a limit that meets your needs. If your dataset exceeds 10,000 records, fetching all records will require multiple iterative calls.
    • To fetch all records:
      • Begin by calling the endpoint with your desired limit (up to 10,000) and an initial offset of 0.
      • Continue making calls, incrementing the offset by the limit value, until the response is either empty or contains fewer records than the requested limit.

We also recommend regenerating any OpenAPI clients to reflect all the latest changes.


If you have any questions about these changes, please feel free to contact us!


What's Changed

  • ⬆️ Bump docker/build-push-action from 5 to 6 by @dependabot in #849
  • ⬆️ upgrade to latest ACA-Py build by @ff137 in #839
  • Update Helm, Helmfile, and Tailscale by @rblaine95 in #853
  • Create a service for definitions endpoints by @cl0ete in #842
  • ⬆️ Update setuptools requirement from ~=70.1.0 to ~=70.2.0 by @dependabot in #858
  • ⬆️ Update pydantic requirement from ~=2.7.0 to ~=2.8.2 by @dependabot in #859
  • ⬆️ ACA-Py 1.0.0rc4 by @ff137 in #861
  • ⬆️ Bump MishaKav/pytest-coverage-comment from 1.1.51 to 1.1.52 by @dependabot in #852
  • ⬆️ Bump codacy/codacy-analysis-cli-action from 4.4.1 to 4.4.5 by @dependabot in #865
  • ✨ Pagination support for fetching wallets, connections, cred ex and proof records by @ff137 in #850
  • ⬆️ update redis events plugin to latest release by @ff137 in #870
  • Definition routes/services unit tests by @cl0ete in #857
  • ✅ ensure test tenants are deleted upon test failure by @ff137 in #878
  • ✅ adjust sleep durations in tests by @ff137 in #879
  • ✨ better dependency management with Poetry by @ff137 in #863
  • ⬆️ Bulk dependency upgrades by @ff137 in #900
  • 🐛 Fix scanning of redis keys by @ff137 in #898
  • ⬆️ Bump pytest from 8.3.1 to 8.3.2 in /app by @dependabot in #913
  • 👷 K6 by @wdbasson in #897
  • 👷 K6 refactor by @wdbasson in #917
  • 👷 K6 create issuers by @wdbasson in #918
  • 🎨 👷‍♂️ Make Markdownlint happy in k6 readme by @rblaine95 in #920
  • 🎨 👷‍♂️ K6 run Biome Lint and Format by @rblaine95 in #921
  • 🔧 Increase default pagination limit to 1000 and ✅ fix regression tests when fetching many records by @ff137 in #953
  • ⬆️ Bump docker/build-push-action from 5 to 6 by @dependabot in #952
  • ⬆️ Bulk dependency upgrades: black, fastapi, uvicorn, aiohttp by @ff137 in #950
  • 🎨 fix lint warnings by @ff137 in #951
  • ⬆️ Upgrade redis and redis_events plugin dependencies by @ff137 in #956
  • Revoc reg size by @wdbasson in #958
  • 👷 Increase deploy timeout by @wdbasson in #960
  • ✅ Add self_attested_attributes e2e test by @cl0ete in #922
  • 🩹 Remove _backfill_events method from webhooks service startup by @ff137 in #961
  • 🩹 Increase expiry time of redis webhook event locks by @ff137 in #963
  • ✅ K6 cred def by @wdbasson in #974
  • ⬆️ Upgrade dependencies: aiohttp, orjson, pyjwt, pyyaml by @ff137 in #973
  • Configure global concurrency by @wdbasson in #976
  • 🩹 Increase issuer-endorser connection timeout to 15s by @wdbasson in #964
  • ✅ fix regression tests when fetching "trust registry" connections by @ff137 in #975
  • ⚡✅ Add pytest-xdist to pytest container by @wdbasson in #977
  • ✅ Ensure e2e test resources are always cleaned up by @ff137 in #981
  • 🎨 Ensure appropriate log levels for a production context by @ff137 in #980
  • 🧑‍💻 Remove patch proxy CICD logic by @wdbasson in #979
  • ✅ fix test to work with pytest-xdist by @ff137 in #98...
Read more

v3.3.2-0.12.1

29 Jul 12:08
Compare
Choose a tag to compare
v3.3.2-0.12.1 Pre-release
Pre-release

v3.3.1-0.12.1

10 Jul 17:14
Compare
Choose a tag to compare
v3.3.1-0.12.1 Pre-release
Pre-release

v3.3.0-0.12.1

24 Jun 11:49
557c549
Compare
Choose a tag to compare

v3.3.0 Release Summary

Our latest release brings several enhancements, including an upgrade to the latest ACA-Py release, improvements in credential revocation, expanded documentation, and some important deprecations and model changes.

Below are the detailed changes, with recommended actions at the end:

⬆️ Upgrade to latest ACA-Py release (0.12.1)

  • Includes latest improvements and security updates.
  • The latest features, such as anoncreds support, will be implemented in a future release.

✨ Revoking a credential now asserts successful publishing

Revoking a credential with auto_publish_to_ledger=True, or publishing pending revocations, now includes a wait to assert that revocations are successfully published to the ledger.

📝 Documentation

Our Swagger/OpenAPI documentation has seen significant improvements, with more detailed descriptions and examples to clarify the functionality of different endpoints. More documentation improvements are coming soon! In the meantime, we welcome any requests for more specific examples, use cases, or further improvements. Feel free to let us know and we can be of assistance.

⚠️ Deprecations

  • Endpoint: /v1/issuer/credentials/{credential_exchange_id}/store
    • Credentials are auto-stored after being accepted, and so this endpoint is no longer needed, and marked as deprecated.
  • The model CredentialExchange contains a credential_id field, which is now renamed to credential_exchange_id, for clarity.
    • The old name credential_id is preserved for backward compatibility, and marked as deprecated.

Note: This deprecation notice will be followed by a sunset notice in an upcoming release, after which the relevant features will be removed in subsequent release. There will be at least 1 month before removal.

🎨 Changes to our request and response models

These are mostly minor changes that may have impact on integrations.

Request Models:

  • CreateCredentialDefinition request body for POST /v1/definitions/credentials no longer takes a revocation_registry_size option (the maximum possible size is now always used, as this is recommended to minimise ledger write operations).
  • RevokeCredential request body for /v1/issuer/credentials/revoke endpoint no longer takes a credential_definition_id field.
  • CreateOobInvitation request body for /v1/oob/create-invitation no longer takes a handshake_protocols field.
  • The trace field has been removed from the create and send proof request models, as this only had internal usage.
  • The Credential model used in sending LD Proof credentials now accepts an optional credentialStatus.
  • Options when sending an LD Proof now accept a new field: verificationMethod.

Response Models:

  • DELETE /v1/connections/{connection_id} now returns a 204 status code, instead of a 200 with an empty response.
  • OobRecord, the response when accepting an OOB invitation, now includes a multi_use field, indicating if it allows for multiple uses.
  • InvitationResult, the response when creating a connection invitation, now has all fields required, guaranteeing they are populated in our responses.
  • The DID model, returned in our wallet-dids API, now guarantees required fields: did, key_type, method, posture, verkey.

❗ Action Required

With regards to the deprecations:

  • Ensure that the /store endpoint is no longer needed in your applications.
  • Update any usage of credential_id to credential_exchange_id when working with credential exchange records.

The following is related to fields removed from our requests. They can still be passed, but will now have no effect. We recommend:

  • Remove revocation_registry_size when creating revocable credential definitions.
  • Remove credential_definition_id when revoking a credential.
  • Remove handshake_protocols when creating OOB invitations
  • Remove trace when creating proof requests.

With regards to changes to our response models:

  • If you are asserting that a 200 status code is returned when deleting a connection record, instead of a general success response, it should now expect a 204.

For those working closely with the Swagger/OpenAPI specification:

  • We recommend that users of OpenAPI autogenerated clients should regenerate the client using the latest specifications, in order to reflect all the latest updates.

If you have any questions about these changes, please feel free to contact us!


What's Changed

  • 🧪 skip ledger-related tests when in regression mode by @ff137 in #807
  • 🎨 Update trust registry models by @ff137 in #808
  • ⬆️ Update pylint requirement from ~=3.1.0 to ~=3.2.0 by @dependabot in #809
  • ⬆️ Bump helmfile/helmfile-action from 1.9.0 to 1.9.1 by @dependabot in #810
  • Definitions swagger update by @cl0ete in #793
  • ✨ Speed up tests by adjusting fixture scope by @ff137 in #813
  • ✅ test coverage for connection routes by @ff137 in #816
  • ⬆️ Update setuptools requirement from ~=69.5.1 to ~=70.0.0 by @dependabot in #819
  • ⬆️ Update typing-extensions requirement from ~=4.11.0 to ~=4.12.0 by @dependabot in #822
  • ⬆️ Bump SonarSource/sonarcloud-github-action from 2.1.1 to 2.2.0 by @dependabot in #823
  • ⬆️ Update pylint requirement from ~=3.2.0 to ~=3.2.2 by @dependabot in #821
  • ⬆️ Update uvicorn[standard] requirement from ~=0.29.0 to ~=0.30.0 by @dependabot in #828
  • ⬆️ Update anyio requirement from ~=4.3.0 to ~=4.4.0 by @dependabot in #830
  • ➖ Remove unused dependency: watchfiles by @dependabot in #829
  • Add regression test logic to pipeline by @wdbasson in #806
  • Swagger updates message oob by @cl0ete in #804
  • Predicate proof tests by @cl0ete in #827
  • ⬆️ Upgrade ACA-Py version to 0.12.1 by @ff137 in #758
  • ✅ test coverage for wallet-dids routes by @ff137 in #841
  • Update verifier endpoints swagger docs by @cl0ete in #781
  • ✅ test coverage for issuer routes by @ff137 in #843
  • 📝 Update openapi specs by @ff137 in #844
  • Only comment test coverage on Pull Request by @rblaine95 in #845
  • Only comment test coverage on Pull Request (Take 2) by @rblaine95 in #846
  • ⬆️ Update setuptools requirement from ~=70.0.0 to ~=70.1.0 by @dependabot in #848
  • ⬆️ Bump SonarSource/sonarcloud-github-action from 2.2.0 to 2.3.0 by @dependabot in #840

Full Changelog: v3.2.5-0.11.0...v3.3.0-0.12.1