A patch release to add the verification of a linkage between an inbound message and its associated connection (if any) before processing the message. Also adds some additional cleanup/fix PRs from the main branch (see list below) that might be useful for deployments currently using Release 0.12.1.

0.12.2rc1 Breaking Changes

There are no breaking changes in this release.

0.12.2rc1 List of Pull Requests From The main Branch

• Check connection is ready in all connection required handlers #3095 jamshale
• fix: multiuse invites with did peer 4 #3112 dbluhm
• fix: respond to did:peer:1 with did:peer:4 #3050 dbluhm
• feat: soft binding for plugin flexibility #3010 dbluhm
• feat: inject profile and session #2997 dbluhm
• feat: external signature suite provider interface #2835 dbluhm
• fix(interop): overly strict validation #2943 dbluhm

What's Changed

• Patch release 0.12.x by @jamshale in #3121
• 0.12.2rc1 by @swcurran in #3123

Full Changelog: 0.12.1...0.12.2rc1

A patch release to add the verification of a linkage between an inbound message and its associated connection (if any) before processing the message.

0.11.2 Breaking Changes

There are no breaking changes in this release.

0.11.2 List of Pull Requests from main Branch

• Check connection is ready in all connection required handlers #3095 jamshale

What's Changed

• Apply security patch 0.11.x by @jamshale in #3120
• 0.11.2 by @swcurran in #3122

Full Changelog: 0.11.1...0.11.2

Release 1.0.0rc5 includes well over 100 PRs merged since Release 0.12.1. The vast majority of that work was in hardening the product in preparation for this 1.0.0 release. While there are a number of new features, the majority of the focus has been on eliminating technical debt and improving the underlying implementation. The full list of PRs in this release can be found below. here are the highlights of the release:

• The default underlying Python version has been upgraded to 3.12. Happily, there were minimal code changes to enable the upgrade to 3.12 from the previous Python 3.9.
• Pagination support has been added to a number of Admin API queries for object lists, enabling the development of better user interfaces for large deployments.
• Cleanup in the ACA-Py AnonCreds Revocation Registry handling to prevent errors that were found occurring under certain specific conditions.
• Upgraded pull request and release pipeline, including:
  • Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
    • Many of the PRs in this release are related to dependency updates from dependabot or applied directly.
  • A switch to more used tooling, such as a switch from black to ruff.
  • Improvements in coverage monitoring of pull requests.
• The start of a DIDComm v2 implementation in ACA-Py. The work is not complete, as we are taking an incremental approach to adding DIDComm v2 support.
• A decorator has been added for enabling direct support for Admin API authentication. Previously, the only option to enable (the necessary) Admin API was to put the API behind a proxy that could manage authentication. With this update, ACA-Py deployments can handle authentication directly, without a proxy.
• We have dropped support for the old, archived [Indy SDK]. If you have not migrated your deployment off of the Indy SDK, you must do so now. See this Indy SDK to Askar migration documentation for guidance.
• Support added for using AnonCreds in W3C VCDM format.

1.0.0rc5 Breaking Changes

With the focus of the pull requests for this release on stabilizing the implementation, there were a few breaking changes:

• The default underlying Python version has been upgraded to 3.12.
• Support for the Indy SDK has been dropped. It had been previously deprecated. See this Indy SDK to Askar migration documentation for guidance.
• The webhook sent after receipt of presentation by a verifier has been updated to include all of the information needed by the verifier so that the controller does not have to call the "Verify Presentation" endpoint. The issue with calling that endpoint after the presentation has been received is that there is a race condition between the controller and the ACA-Py cleanup process deleting completed Present Proof protocol instances. See #3081 for additional details.
• A fix to an obscure bug includes a change to the data sent to the controller after publishing multiple, endorsed credential definition revocation registries in a single call. The bug fix was to properly process the publishing. The breaking change is that when the process (now successfully) completes, the controller is sent the list of published credential definitions. Previously only a single value was being sent. See PR #3107 for additional details.

What's Changed

• Update README.md by @KPCOFGS in #2927
• chore(deps): Bump ecdsa from 0.16.1 to 0.19.0 in the pip group across 1 directory by @dependabot in #2933
• feat: Integrate AnonCreds with W3C VCDI Format Support in ACA-Py by @sarthakvijayvergiya in #2861
• Upgrade to anoncreds via api endpoint by @jamshale in #2922
• Feature: use decorators for admin api authentication by @esune in #2860
• Anoncreds - Send full registry list when getting revocation states by @jamshale in #2946
• Example integration test issuing 2 credentials under the same schema by @ianco in #2948
• Fix Snyk Container scanning workflow by @WadeBarnes in #2951
• ⬆️ Upgrade pydid (pydantic v2) by @ff137 in #2919
• Switch Snyk Container scan back to on push. by @WadeBarnes in #2953
• Add OpenSSF Scorecard GHA - weekly by @swcurran in #2955
• ⬆️ Upgrade test and lint dependencies by @ff137 in #2939
• feat: drop indy sdk by @dbluhm in #2892
• fix(interop): overly strict validation by @dbluhm in #2943
• Fix clear revocation logic by @jamshale in #2956
• Fix Snyk sarif file by @pradeepp88 in #2961
• Add anoncreds migration guide by @jamshale in #2881
• chore: updating dependabot to support gha, python, docker and dev container packages by @rajpalc7 in #2945
• Fix issue with requested to revoke before registry creation by @jamshale in #2995
• Sonarcloud with code coverage by @jamshale in #2968
• Manage integration tests with GitHub Actions (#2952) by @jamshale in #2996
• ⬆️ Upgrade aiohttp-apispec and apispec by @ff137 in #2920
• chore(deps): Bump untergeek/curator from 8.0.2 to 8.0.15 in /demo/elk-stack/extensions/curator by @dependabot in #2969
• feat: inject profile and session by @dbluhm in #2997
• ✨ Faster uuid generation by @ff137 in #2994
• chore(deps): Bump sphinx-rtd-theme from 1.1.1 to 1.3.0 in /docs by @dependabot in #2970
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/docker-agent by @dependabot in #2973
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.10.4 to py3.9-0.12.1 in /demo/playground by @dependabot in #2975
• Postgres Demo - Upgrade postgres and change entrypoint file by @jamshale in #3004
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/multi-demo by @dependabot in #2976
• Merge all poetry dependabot PRs by @PatStLouis in #3007
• Merge all demo dependabot PRs by @PatStLouis in #3008
• Switch from pytz to dateutil by @jamshale in #3012
• Add sonarcloud badges by @jamshale in #3014
• chore(deps): Bump actions/checkout from 3 to 4 in the all-actions group by @dependabot in #3011
• feat: soft binding for plugin flexibility by @dbluhm in #3010
• Use a published version of aiohttp-apispec by @jamshale in #3019
• Add support for revocable credentials in vc_di handler by @EmadAnwer in #2967
• chore(deps): Bump pydid from 0.5.0 to 0.5.1 by @dependabot in #3024
• chore(deps-dev): Bump pytest from 8.2.1 to 8.2.2 by @dependabot in #3025
• chore(deps): Update prompt-toolkit requirement from ~=2.0.9 to ~=2.0.10 in /demo by @dependabot in #3026
• chore(deps): Bump sphinx from 1.8.4 to 1.8.6 by @dependabot in #3021
• docs: added section on environment variables by @Executioner1939 in #3028
• ✨ Adds support for paginated storage queries, and implements pagination for the wallets_list endpoint by @ff137 in https://github.com/hyperledger/aries-cloudagent-python/p...

This time we mean it! Release 1.0.0rc4 is, despite the non-zero RC number, the first Release Candidate for what will soon be the official ACA-Py 1.0.0. We started to do a 1.0.0 sequence (releasing several RCs) a long time ago, and decided to gate the transition on some requirements that were not as important as we thought at the time. Now we are really ready to publish ACA-Py Release 1.0.0. This release is again pulling from the main branch. The previous 1.0.0 RC, rc3, was approximately equal to ACA_Py Release 0.8.2. As such, this RC is a MAJOR change from that last one.

Release 1.0.0rc4 includes just over 100 PRs merged since Release 0.12.1. The vast majority of that work was in hardening the product in preparation for this 1.0.0 release. While there are a number of new features, the majority of the focus has been on eliminating technical debt and improving the underlying implementation. The full list of PRs in this release can be found below. here are the highlights of the release:

• The default underlying Python version has been upgraded to 3.12. Happily, there were minimal code changes to enable the upgrade to 3.12 from the previous Python 3.9.
• Pagination support has been added to a number of Admin API queries for object lists, enabling the development of better user interfaces for large deployments.
• Cleanup in the ACA-Py AnonCreds Revocation Registry handling to prevent errors that were found occurring under certain specific conditions.
• Upgraded pull request and release pipeline, including:
  • Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
    • Many of the PRs in this release are related to dependency updates from dependabot or applied directly.
  • A switch to more used tooling, such as a switch from black to ruff.
  • Improvements in coverage monitoring of pull requests.
• The start of a DIDComm v2 implementation in ACA-Py. The work is not complete, as we are taking an incremental approach to adding DIDComm v2 support.
• A decorator has been added for enabling direct support for Admin API authentication. Previously, the only option to enable (the necessary) Admin API was to put the API behind a proxy that could manage authentication. With this update, ACA-Py deployments can handle authentication directly, without a proxy.
• We have dropped support for the old, archived [Indy SDK]. If you have not migrated your deployment off of the Indy SDK, you must do so now. See this Indy SDK to Askar migration documentation for guidance.
• Support added for using AnonCreds in W3C VCDM format. The support is not fully completed, but on the way.

1.0.0rc4 Breaking Changes

With the focus of the pull requests for this release on stabilizing the implementation, there were a few breaking changes:

• The default underlying Python version has been upgraded to 3.12.
• Support for the Indy SDK has been dropped. It had been previously deprecated. See this Indy SDK to Askar migration documentation for guidance.
• The webhook sent after receipt of presentation by a verifier has been updated to include all of the information needed by the verifier so that the controller does not have to call the "Verify Presentation" endpoint. The issue with calling that endpoint after the presentation has been received is that there is a race condition between the controller and the ACA-Py cleanup process deleting completed Present Proof protocol instances. See ##3081 for additional details.

What's Changed

• Update README.md by @KPCOFGS in #2927
• chore(deps): Bump ecdsa from 0.16.1 to 0.19.0 in the pip group across 1 directory by @dependabot in #2933
• feat: Integrate AnonCreds with W3C VCDI Format Support in ACA-Py by @sarthakvijayvergiya in #2861
• Upgrade to anoncreds via api endpoint by @jamshale in #2922
• Feature: use decorators for admin api authentication by @esune in #2860
• Anoncreds - Send full registry list when getting revocation states by @jamshale in #2946
• Example integration test issuing 2 credentials under the same schema by @ianco in #2948
• Fix Snyk Container scanning workflow by @WadeBarnes in #2951
• ⬆️ Upgrade pydid (pydantic v2) by @ff137 in #2919
• Switch Snyk Container scan back to on push. by @WadeBarnes in #2953
• Add OpenSSF Scorecard GHA - weekly by @swcurran in #2955
• ⬆️ Upgrade test and lint dependencies by @ff137 in #2939
• feat: drop indy sdk by @dbluhm in #2892
• fix(interop): overly strict validation by @dbluhm in #2943
• Fix clear revocation logic by @jamshale in #2956
• Fix Snyk sarif file by @pradeepp88 in #2961
• Add anoncreds migration guide by @jamshale in #2881
• chore: updating dependabot to support gha, python, docker and dev container packages by @rajpalc7 in #2945
• Fix issue with requested to revoke before registry creation by @jamshale in #2995
• Sonarcloud with code coverage by @jamshale in #2968
• Manage integration tests with GitHub Actions (#2952) by @jamshale in #2996
• ⬆️ Upgrade aiohttp-apispec and apispec by @ff137 in #2920
• chore(deps): Bump untergeek/curator from 8.0.2 to 8.0.15 in /demo/elk-stack/extensions/curator by @dependabot in #2969
• feat: inject profile and session by @dbluhm in #2997
• ✨ Faster uuid generation by @ff137 in #2994
• chore(deps): Bump sphinx-rtd-theme from 1.1.1 to 1.3.0 in /docs by @dependabot in #2970
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/docker-agent by @dependabot in #2973
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.10.4 to py3.9-0.12.1 in /demo/playground by @dependabot in #2975
• Postgres Demo - Upgrade postgres and change entrypoint file by @jamshale in #3004
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/multi-demo by @dependabot in #2976
• Merge all poetry dependabot PRs by @PatStLouis in #3007
• Merge all demo dependabot PRs by @PatStLouis in #3008
• Switch from pytz to dateutil by @jamshale in #3012
• Add sonarcloud badges by @jamshale in #3014
• chore(deps): Bump actions/checkout from 3 to 4 in the all-actions group by @dependabot in #3011
• feat: soft binding for plugin flexibility by @dbluhm in #3010
• Use a published version of aiohttp-apispec by @jamshale in #3019
• Add support for revocable credentials in vc_di handler by @EmadAnwer in #2967
• chore(deps): Bump pydid from 0.5.0 to 0.5.1 by @dependabot in #3024
• chore(deps-dev): Bump pytest from 8.2.1 to 8.2.2 by @dependabot in #3025
• chore(deps): Update prompt-toolkit requirement from ~=2.0.9 to ~=2.0.10 in /demo by @dependabot in #3026
• chore(deps): Bump sphinx from 1.8.4 to 1.8.6 by @dependabot in #3021
• docs: added section on environment variables by @Executioner1939 in #3028
• ✨ Adds support for paginated storage querie...

A patch release to update the aiohttp library such that a reported serious vulnerability is addressed such that a crafted payload delivered to aiohttp can put it in an infinite loop, which can be used for a low cost denial of service attack. CVE-2024-30251 describes the issue.

0.11.1 Breaking Changes

There are no breaking changes in this release. The only changed is the updated aiohttp dependency.

What's Changed

• 0.11.1 and aiohttp dependency update by @swcurran in #2936
• 0.11.1 ChangeLog fixes by @swcurran in #2937

Full Changelog: 0.11.0...0.11.1

Release 0.12.1 is a small patch to cleanup some edge case issues in the handling of Out of Band invitations, revocation notification webhooks, and connection querying uncovered after the 0.12.0 release. Fixes and improvements were also made to the generation of ACA-Py's OpenAPI specifications.

0.12.1 Breaking Changes

There are no breaking changes in this release.

What's Changed

• chore(deps): Bump idna from 3.6 to 3.7 by @dependabot in #2887
• Some updates to the mkdocs publishing process by @swcurran in #2888
• Fix ack during for auto endorsement by @jamshale in #2883
• Prevent 500 error when re-promoting DID with endorsement by @jamshale in #2885
• fix: integration tests should use didex 1.1 by @dbluhm in #2889
• fix: look up conn record by invite msg id instead of key by @dbluhm in #2891
• 🐛 Fix IndyAttrValue model that was dropped from openapi spec by @ff137 in #2894
• fix: oob record their_service should be updatable by @dbluhm in #2897
• ⬆️ Upgrade codegen tools used in generate-open-api-specols by @ff137 in #2899
• chore(deps): Bump psf/black from 24.3.0 to 24.4.0 in the all-actions group by @dependabot in #2893
• chore(deps): Bump idna from 3.4 to 3.7 in /demo/playground/examples by @dependabot in #2886
• fix: consider all resolvable dids in invites "public" by @dbluhm in #2900
• 🎨 fix typos by @ff137 in #2898
• fix Faber demo to use oob with aip10 to support connection reuse by @ianco in #2903
• chore(deps): Bump aiohttp from 3.9.3 to 3.9.4 by @dependabot in #2902
• 🐛 Fix ServiceDecorator parsing in oob record handling by @ff137 in #2910
• Fix api schema mixup in revocation routes by @jamshale in #2909
• refactor: logging configs setup by @amanji in #2870
• 0.12.1rc0 by @swcurran in #2912
• fix: rev notifications on publish pending by @dbluhm in #2916
• Update AnonCreds to 0.2.2 by @swcurran in #2917
• fix: fixes a regression that requires a log file in multi-tenant mode by @amanji in #2918
• 0.12.1rc1 by @swcurran in #2921
• chore(deps): Bump psf/black from 24.4.0 to 24.4.2 in the all-actions group by @dependabot in #2924
• 0.12.1 by @swcurran in #2926

Full Changelog: 0.12.0...0.12.1

Release 0.12.1rc1 is a small patch to cleanup some edge case issues in the handling of Out of Band invitations, revocation notification webhooks, and connection querying uncovered after the 0.12.0 release. Fixes and improvements were also made to the generation of ACA-Py's OpenAPI specifications.

0.12.1rc1 Breaking Changes

There are no breaking changes in this release.

What's Changed

• chore(deps): Bump idna from 3.6 to 3.7 by @dependabot in #2887
• Some updates to the mkdocs publishing process by @swcurran in #2888
• Fix ack during for auto endorsement by @jamshale in #2883
• Prevent 500 error when re-promoting DID with endorsement by @jamshale in #2885
• fix: integration tests should use didex 1.1 by @dbluhm in #2889
• fix: look up conn record by invite msg id instead of key by @dbluhm in #2891
• 🐛 Fix IndyAttrValue model that was dropped from openapi spec by @ff137 in #2894
• fix: oob record their_service should be updatable by @dbluhm in #2897
• ⬆️ Upgrade codegen tools used in generate-open-api-specols by @ff137 in #2899
• chore(deps): Bump psf/black from 24.3.0 to 24.4.0 in the all-actions group by @dependabot in #2893
• chore(deps): Bump idna from 3.4 to 3.7 in /demo/playground/examples by @dependabot in #2886
• fix: consider all resolvable dids in invites "public" by @dbluhm in #2900
• 🎨 fix typos by @ff137 in #2898
• fix Faber demo to use oob with aip10 to support connection reuse by @ianco in #2903
• chore(deps): Bump aiohttp from 3.9.3 to 3.9.4 by @dependabot in #2902
• 🐛 Fix ServiceDecorator parsing in oob record handling by @ff137 in #2910
• Fix api schema mixup in revocation routes by @jamshale in #2909
• refactor: logging configs setup by @amanji in #2870
• 0.12.1rc0 by @swcurran in #2912
• fix: rev notifications on publish pending by @dbluhm in #2916
• Update AnonCreds to 0.2.2 by @swcurran in #2917
• fix: fixes a regression that requires a log file in multi-tenant mode by @amanji in #2918
• 0.12.1rc1 by @swcurran in #2921

Full Changelog: 0.12.0...0.12.1rc1

Release 0.12.1rc0 is a small patch to cleanup some edge case issues in the handling of Out of Band invitations and connection querying uncovered after the 0.12.0 release. Fixes and improvements were also made to the generation of ACA-Py's OpenAPI specifications.

0.12.1rc0 Breaking Changes

There are no breaking changes in this release.

What's Changed

• chore(deps): Bump idna from 3.6 to 3.7 by @dependabot in #2887
• Some updates to the mkdocs publishing process by @swcurran in #2888
• Fix ack during for auto endorsement by @jamshale in #2883
• Prevent 500 error when re-promoting DID with endorsement by @jamshale in #2885
• fix: integration tests should use didex 1.1 by @dbluhm in #2889
• fix: look up conn record by invite msg id instead of key by @dbluhm in #2891
• 🐛 Fix IndyAttrValue model that was dropped from openapi spec by @ff137 in #2894
• fix: oob record their_service should be updatable by @dbluhm in #2897
• ⬆️ Upgrade codegen tools used in generate-open-api-specols by @ff137 in #2899
• chore(deps): Bump psf/black from 24.3.0 to 24.4.0 in the all-actions group by @dependabot in #2893
• chore(deps): Bump idna from 3.4 to 3.7 in /demo/playground/examples by @dependabot in #2886
• fix: consider all resolvable dids in invites "public" by @dbluhm in #2900
• 🎨 fix typos by @ff137 in #2898
• fix Faber demo to use oob with aip10 to support connection reuse by @ianco in #2903
• chore(deps): Bump aiohttp from 3.9.3 to 3.9.4 by @dependabot in #2902
• 🐛 Fix ServiceDecorator parsing in oob record handling by @ff137 in #2910
• Fix api schema mixup in revocation routes by @jamshale in #2909
• refactor: logging configs setup by @amanji in #2870
• 0.12.1rc0 by @swcurran in #2912

Full Changelog: 0.12.0...0.12.1rc0

Release 0.12.0 is a large release with many new capabilities, feature improvements, upgrades, and bug fixes. Importantly, this release completes the ACA-Py implementation of Aries Interop Profile v2.0, and enables the elimination of unqualified DIDs. While only deprecated for now, all deployments of ACA-Py SHOULD move to using only fully qualified DIDs as soon as possible.

Much progress has been made on did:peer support in this release, with the handling of inbound DID Peer 1 added, and inbound and outbound support for DID Peer 2 and 4. Much attention was also paid to making sure that the Peer DID and DID Exchange capabilities match those of Credo-TS (formerly Aries Framework JavaScript). The completion of that work eliminates the remaining places where "unqualified" DIDs were being used, and to enable the "connection reuse" feature in the Out of Band protocol when using DID Peer 2 and 4 DIDs in invitations. See the document Qualified DIDs for details about how to control the use of DID Peer 2 or 4 in an ACA-Py deployment, and how to eliminate the use of unqualified DIDs. Support for DID Exchange v1.1 has been added to ACA-Py, with support for DID Exchange v1.0 retained, and we've added support for DID Rotation.

Work continues towards supporting ledger agnostic AnonCreds, and the new Hyperledger AnonCreds Rust library. Some of that work is in this release, the rest will be in the next release.

Attention was given in the release to simplifying the handling of JSON-LD Data Integrity Verifiable Credentials.

An important change in this release is the re-organization of the ACA-Py documentation, moving the vast majority of the documents to the folders within the docs folder -- a long overdue change that will allow us to soon publish the documents on https://aca-py.org directly from the ACA-Py repository, rather than from the separate aries-acapy-docs currently being used.

A big developer improvement is a revamping of the test handling to eliminate ~2500 warnings that were previously generated in the test suite. Nice job @ff137!

0.12.0 Breaking Changes

A deployment of this release that uses DID Peer 2 and 4 invitations may encounter problems interacting with agents deployed using older Aries protocols. Led by the Aries Working Group, the Aries community is encouraging the upgrade of all ecosystem deployments to accept all commonly used qualified DIDs, including DID Peer 2 and 4. See the document Qualified DIDs for more details about the transition to using only qualified DIDs. If deployments you interact with are still using unqualified DIDs, please encourage them to upgrade as soon as possible.

Specifically for those upgrading their ACA-Py instance that create Out of Band invitations with more than one handshake_protocol, the protocol for the connection has been removed. See Issue #2879 contains the details of this subtle breaking change.

New deprecation notices were added to ACA-Py on startup and in the OpenAPI/Swagger interface. Those added are listed below. As well, we anticipate 0.12.0 being the last ACA-Py release to include support for the previously deprecated Indy SDK.

• RFC 0036 Issue Credential v1
  • Migrate to use RFC 0453 Issue Credential v2
• RFC 0037 Present Proof v2
  • Migrate to use RFC 0454 Present Proof v2
• RFC 0169 Connections
  • Migrate to use RFC 0023 DID Exchange and 0434 Out-of-Band
• The use of did:sov:... as a Protocol Doc URI
  • Migrate to use https://didcomm.org/

What's Changed

• Initial code migration from anoncreds-rs branch by @ianco in #2596
• Bump aiohttp from 3.8.6 to 3.9.0 by @dependabot in #2635
• Feature Suggestion: Include a Reason When Constraints Cannot Be Applied by @Ennovate-com in #2630
• Fix: RevRegEntry Transaction Endorsement by @shaangill025 in #2558
• fix: update broken demo dependency by @mrkaurelius in #2638
• Bump cryptography from 41.0.5 to 41.0.6 by @dependabot in #2636
• Integrate Anoncreds rs into credential and presentation endpoints by @ianco in #2632
• Initial migration of anoncreds revocation code by @ianco in #2643
• feat: add did:jwk resolver by @dbluhm in #2645
• Feat: DIDX Implicit Request auto-accept and Delete OOB Invitation related records by @shaangill025 in #2642
• Add ConnectionProblemReport handler by @usingtechnology in #2600
• Update integration tests for anoncreds-rs by @ianco in #2651
• Connection and DIDX Problem Reports by @usingtechnology in #2653
• feat: support resolving did:peer:1 received in did exchange by @dbluhm in #2611
• Slight improvement to credx proof validation error message by @ianco in #2655
• Update snyk workflow to execute on Pull Request by @usingtechnology in #2658
• refactor: make ldp_vc logic reusable by @dbluhm in #2533
• Additional anoncreds integration tests by @ianco in #2660
• Tweak scope of GHA integration tests by @ianco in #2662
• fix: link to raw content change from master to main by @Ennovate-com in #2663
• Ensure "preserve_exchange_records" flags are set. by @usingtechnology in #2664
• fix: open-api generator script by @dbluhm in #2661
• Anoncreds - Add unit testing by @jamshale in #2672
• Fix: Change To Use Timezone Aware UTC datetime by @Ennovate-com in #2679
• Cache TAA by wallet name by @jamshale in #2676
• Improve Per Tenant Logging: Fix issues around default log file path by @shaangill025 in #2659
• Return 404 when schema not found by @jamshale in #2683
• Update dependencies by @andrewwhitehead in #2686
• Add unit tests for anoncreds revocation by @jamshale in #2688
• chore(deps): Bump jwcrypto from 1.5.0 to 1.5.1 by @dependabot in #2689
• Emit did:peer:2 for didexchange by @Jsyro in #2687
• did peer 4 resolution by @Jsyro in #2692
• Remove if condition which checks if the credential.type array is equal to 1 by @PatStLouis in #2670
• Improve api documentation and error handling by @jamshale in #2690
• Add did web method type as a default option by @PatStLouis in #2684
• fix: update constants in TransactionRecord by @amanji in #2698
• Remove tiny-vim from being added to the container image to reduce reported vulnerabilities from scanning by @swcurran in #2699
• fix: save multi_use to the DB for OOB invitations by @frostyfrog in #2694
• Update legacy bcgovimages references. by @WadeBarnes in #2700
• Feature/emit did peer 4 by @Jsyro in #2696
• feat: inject profile by @dbluhm in #2705
• chore(deps): Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #2707
• feat: make VcLdpManager pluggable by @dbluhm in #2706
• Update RTD requirements after security vulnerability recorded by @swcurran in https://github.com/hyperledger/aries-cloudagent-pytho...

Release 0.12.0 is a relatively large release with many new capabilities, feature improvements, upgrades and bug fixes. Importantly, this release completes the ACA-Py implementation of Aries Interop Profile v2.0, and enables the elimination of unqualified DIDs. While only deprecated for now, all deployments of ACA-Py to move to using only fully qualified DIDs.

Much progress has been made on did:peer support in this release, with the handling of inbound DID Peer 1 added, and inbound and outbound support for DID Peer 2 and 4. Much attention was also paid to making sure that the Peer DID and DID Exchange capabilities match those of Credo-TS (formerly Aries Framework JavaScript). The completion of that work eliminates the remaining places where "unqualified" DIDs are being used, and to enable the "connection reuse" in the Out of Band protocol when using DID Peer 2 and 4 DIDs. See the document Qualified DIDs for details about how to control the use of DID Peer 2 or 4 in an ACA-Py deployment, and how to eliminate the use of unqualified DIDs. Support for DID Exchange v1.1 has been added to ACA-Py, with support for DID Exchange v1.0 retained, and we've added support for DID Rotation.

Work continues towards supporting ledger agnostic AnonCreds, and the new Hyperledger AnonCreds Rust library. Some of that work is in this release, the rest will be in the next release.

Attention was given in the release to simplifying the handling of JSON-LD Data Integrity Verifiable Credentials.

An important change in this release is the re-organization of the ACA-Py documentation, moving the vast majority of the documents to the folders within the docs folder -- a long overdue change that will allow us to soon publish the documents on https://aca-py.org directly from the ACA-Py repository, rather than from the separate aries-acapy-docs currently being used.

A big developer improvement is a revamping of the test handling to eliminate ~2500 warnings that were previously generated in the test suite. Nice job @ff137!

0.12.0rc3 Breaking Changes

A deployment of this release that proactively uses DID Peer 2 and 4 will encounter problems interacting with agents deployed using older Aries protocols. Led by the Aries Working Group, the Aries community is encouraging the upgrade of all ecosystem deployments to accept all commonly used qualified DIDs, including DID Peer 2 and 4. See the document Qualified DIDs for more details about the transition to using only qualified DIDs.

New deprecation notices were added to ACA-Py on startup and in the OpenAPI/Swagger interface. Those added are listed below. As well, we anticipate 0.12.0 being the last ACA-Py release to include support for the previously deprecated Indy SDK.

• RFC 0036 Issue Credential v1
  • Migrate to use RFC 0453 Issue Credential v2
• RFC 0037 Present Proof v2
  • Migrate to use RFC 0454 Present Proof v2
• RFC 0169 Connections
  • Migrate to use RFC 0023 DID Exchange and 0434 Out-of-Band
• The use of did:sov:... as a Protocol Doc URI
  • Migrate to use https://didcomm.org/.

What's Changed

• Initial code migration from anoncreds-rs branch by @ianco in #2596
• Bump aiohttp from 3.8.6 to 3.9.0 by @dependabot in #2635
• Feature Suggestion: Include a Reason When Constraints Cannot Be Applied by @Ennovate-com in #2630
• Fix: RevRegEntry Transaction Endorsement by @shaangill025 in #2558
• fix: update broken demo dependency by @mrkaurelius in #2638
• Bump cryptography from 41.0.5 to 41.0.6 by @dependabot in #2636
• Integrate Anoncreds rs into credential and presentation endpoints by @ianco in #2632
• Initial migration of anoncreds revocation code by @ianco in #2643
• feat: add did:jwk resolver by @dbluhm in #2645
• Feat: DIDX Implicit Request auto-accept and Delete OOB Invitation related records by @shaangill025 in #2642
• Add ConnectionProblemReport handler by @usingtechnology in #2600
• Update integration tests for anoncreds-rs by @ianco in #2651
• Connection and DIDX Problem Reports by @usingtechnology in #2653
• feat: support resolving did:peer:1 received in did exchange by @dbluhm in #2611
• Slight improvement to credx proof validation error message by @ianco in #2655
• Update snyk workflow to execute on Pull Request by @usingtechnology in #2658
• refactor: make ldp_vc logic reusable by @dbluhm in #2533
• Additional anoncreds integration tests by @ianco in #2660
• Tweak scope of GHA integration tests by @ianco in #2662
• fix: link to raw content change from master to main by @Ennovate-com in #2663
• Ensure "preserve_exchange_records" flags are set. by @usingtechnology in #2664
• fix: open-api generator script by @dbluhm in #2661
• Anoncreds - Add unit testing by @jamshale in #2672
• Fix: Change To Use Timezone Aware UTC datetime by @Ennovate-com in #2679
• Cache TAA by wallet name by @jamshale in #2676
• Improve Per Tenant Logging: Fix issues around default log file path by @shaangill025 in #2659
• Return 404 when schema not found by @jamshale in #2683
• Update dependencies by @andrewwhitehead in #2686
• Add unit tests for anoncreds revocation by @jamshale in #2688
• chore(deps): Bump jwcrypto from 1.5.0 to 1.5.1 by @dependabot in #2689
• Emit did:peer:2 for didexchange by @Jsyro in #2687
• did peer 4 resolution by @Jsyro in #2692
• Remove if condition which checks if the credential.type array is equal to 1 by @PatStLouis in #2670
• Improve api documentation and error handling by @jamshale in #2690
• Add did web method type as a default option by @PatStLouis in #2684
• fix: update constants in TransactionRecord by @amanji in #2698
• Remove tiny-vim from being added to the container image to reduce reported vulnerabilities from scanning by @swcurran in #2699
• fix: save multi_use to the DB for OOB invitations by @frostyfrog in #2694
• Update legacy bcgovimages references. by @WadeBarnes in #2700
• Feature/emit did peer 4 by @Jsyro in #2696
• feat: inject profile by @dbluhm in #2705
• chore(deps): Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #2707
• feat: make VcLdpManager pluggable by @dbluhm in #2706
• Update RTD requirements after security vulnerability recorded by @swcurran in #2712
• fix: minor type hint corrections for VcLdpManager by @dbluhm in #2704
• Integration test for did:peer by @ianco in #2713
• Fix subwallet record removal by @andrewwhitehead in #2721
• Remove exception on connectionless presentation problem report handler by @loneil in https://github.com/h...