1.0.0rc4

This time we mean it! Release 1.0.0rc4 is, despite the non-zero RC number, the first Release Candidate for what will soon be the official ACA-Py 1.0.0. We started to do a 1.0.0 sequence (releasing several RCs) a long time ago, and decided to gate the transition on some requirements that were not as important as we thought at the time. Now we are really ready to publish ACA-Py Release 1.0.0. This release is again pulling from the main branch. The previous 1.0.0 RC, rc3, was approximately equal to ACA_Py Release 0.8.2. As such, this RC is a MAJOR change from that last one.

Release 1.0.0rc4 includes just over 100 PRs merged since Release 0.12.1. The vast majority of that work was in hardening the product in preparation for this 1.0.0 release. While there are a number of new features, the majority of the focus has been on eliminating technical debt and improving the underlying implementation. The full list of PRs in this release can be found below. here are the highlights of the release:

• The default underlying Python version has been upgraded to 3.12. Happily, there were minimal code changes to enable the upgrade to 3.12 from the previous Python 3.9.
• Pagination support has been added to a number of Admin API queries for object lists, enabling the development of better user interfaces for large deployments.
• Cleanup in the ACA-Py AnonCreds Revocation Registry handling to prevent errors that were found occurring under certain specific conditions.
• Upgraded pull request and release pipeline, including:
  • Enabling a much more aggressive approach to dependabot notifications, beyond just those for security vulnerabilities. Along with those upgrades, we've moved to newer/better build pipeline tooling, such as switching from Black to Ruff, and re-enable per pull request code coverage notifications.
    • Many of the PRs in this release are related to dependency updates from dependabot or applied directly.
  • A switch to more used tooling, such as a switch from black to ruff.
  • Improvements in coverage monitoring of pull requests.
• The start of a DIDComm v2 implementation in ACA-Py. The work is not complete, as we are taking an incremental approach to adding DIDComm v2 support.
• A decorator has been added for enabling direct support for Admin API authentication. Previously, the only option to enable (the necessary) Admin API was to put the API behind a proxy that could manage authentication. With this update, ACA-Py deployments can handle authentication directly, without a proxy.
• We have dropped support for the old, archived [Indy SDK]. If you have not migrated your deployment off of the Indy SDK, you must do so now. See this Indy SDK to Askar migration documentation for guidance.
• Support added for using AnonCreds in W3C VCDM format. The support is not fully completed, but on the way.

1.0.0rc4 Breaking Changes

With the focus of the pull requests for this release on stabilizing the implementation, there were a few breaking changes:

• The default underlying Python version has been upgraded to 3.12.
• Support for the Indy SDK has been dropped. It had been previously deprecated. See this Indy SDK to Askar migration documentation for guidance.
• The webhook sent after receipt of presentation by a verifier has been updated to include all of the information needed by the verifier so that the controller does not have to call the "Verify Presentation" endpoint. The issue with calling that endpoint after the presentation has been received is that there is a race condition between the controller and the ACA-Py cleanup process deleting completed Present Proof protocol instances. See ##3081 for additional details.

What's Changed

• Update README.md by @KPCOFGS in #2927
• chore(deps): Bump ecdsa from 0.16.1 to 0.19.0 in the pip group across 1 directory by @dependabot in #2933
• feat: Integrate AnonCreds with W3C VCDI Format Support in ACA-Py by @sarthakvijayvergiya in #2861
• Upgrade to anoncreds via api endpoint by @jamshale in #2922
• Feature: use decorators for admin api authentication by @esune in #2860
• Anoncreds - Send full registry list when getting revocation states by @jamshale in #2946
• Example integration test issuing 2 credentials under the same schema by @ianco in #2948
• Fix Snyk Container scanning workflow by @WadeBarnes in #2951
• ⬆️ Upgrade pydid (pydantic v2) by @ff137 in #2919
• Switch Snyk Container scan back to on push. by @WadeBarnes in #2953
• Add OpenSSF Scorecard GHA - weekly by @swcurran in #2955
• ⬆️ Upgrade test and lint dependencies by @ff137 in #2939
• feat: drop indy sdk by @dbluhm in #2892
• fix(interop): overly strict validation by @dbluhm in #2943
• Fix clear revocation logic by @jamshale in #2956
• Fix Snyk sarif file by @pradeepp88 in #2961
• Add anoncreds migration guide by @jamshale in #2881
• chore: updating dependabot to support gha, python, docker and dev container packages by @rajpalc7 in #2945
• Fix issue with requested to revoke before registry creation by @jamshale in #2995
• Sonarcloud with code coverage by @jamshale in #2968
• Manage integration tests with GitHub Actions (#2952) by @jamshale in #2996
• ⬆️ Upgrade aiohttp-apispec and apispec by @ff137 in #2920
• chore(deps): Bump untergeek/curator from 8.0.2 to 8.0.15 in /demo/elk-stack/extensions/curator by @dependabot in #2969
• feat: inject profile and session by @dbluhm in #2997
• ✨ Faster uuid generation by @ff137 in #2994
• chore(deps): Bump sphinx-rtd-theme from 1.1.1 to 1.3.0 in /docs by @dependabot in #2970
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/docker-agent by @dependabot in #2973
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.10.4 to py3.9-0.12.1 in /demo/playground by @dependabot in #2975
• Postgres Demo - Upgrade postgres and change entrypoint file by @jamshale in #3004
• chore(deps): Bump hyperledger/aries-cloudagent-python from py3.9-0.9.0 to py3.9-0.12.1 in /demo/multi-demo by @dependabot in #2976
• Merge all poetry dependabot PRs by @PatStLouis in #3007
• Merge all demo dependabot PRs by @PatStLouis in #3008
• Switch from pytz to dateutil by @jamshale in #3012
• Add sonarcloud badges by @jamshale in #3014
• chore(deps): Bump actions/checkout from 3 to 4 in the all-actions group by @dependabot in #3011
• feat: soft binding for plugin flexibility by @dbluhm in #3010
• Use a published version of aiohttp-apispec by @jamshale in #3019
• Add support for revocable credentials in vc_di handler by @EmadAnwer in #2967
• chore(deps): Bump pydid from 0.5.0 to 0.5.1 by @dependabot in #3024
• chore(deps-dev): Bump pytest from 8.2.1 to 8.2.2 by @dependabot in #3025
• chore(deps): Update prompt-toolkit requirement from ~=2.0.9 to ~=2.0.10 in /demo by @dependabot in #3026
• chore(deps): Bump sphinx from 1.8.4 to 1.8.6 by @dependabot in #3021
• docs: added section on environment variables by @Executioner1939 in #3028
• ✨ Adds support for paginated storage queries, and implements pagination for the wallets_list endpoint by @ff137 in #3000
• chore(deps): Bump dawidd6/action-download-artifact from 3 to 5 in the all-actions group by @dependabot in #3027
• chore(deps): Bump uuid-utils from 0.7.0 to 0.8.0 by @dependabot in #3034
• chore(deps): Bump configargparse from 1.5.5 to 1.7 by @dependabot in #3035
• chore(deps): Bump mkdocs-material from 9.5.10 to 9.5.27 by @dependabot in #3036
• chore(deps): Bump packaging from 23.1 to 23.2 by @dependabot in #3037
• chore(deps): Bump marshmallow from 3.20.2 to 3.21.3 by @dependabot in #3038
• chore(deps): Bump urllib3 from 2.2.1 to 2.2.2 in /demo/playground/examples in the pip group by @dependabot in #3045
• Fix - only run integration tests on opened PR's by @jamshale in #3042
• Fix and refactor anoncreds revocation recovery by @jamshale in #3029
• Prevent getting stuck with no active registry by @jamshale in #3032
• chore(deps): Bump the pip group with 2 updates by @dependabot in #3046
• 🩹 add exception handling to wallet-upgrade check by @ff137 in #3048
• Handle failed tails server issuance [Anoncreds] by @jamshale in #3049
• fix: didexchange manager not checking the did-rotate content correctly by @gmulhearn-anonyome in #3057
• Enable no-transport mode as startup parameter by @PatStLouis in #2990
• chore(deps): Bump dawidd6/action-download-artifact from 5 to 6 in the all-actions group by @dependabot in #3064
• chore(deps): Bump markupsafe from 2.0.1 to 2.1.5 by @dependabot in #3062
• ✨ Add pagination support for listing Connection, Cred Ex, and Pres Ex records by @ff137 in #3033
• chore(deps-dev): Bump pydevd-pycharm from 193.6015.41 to 193.7288.30 by @dependabot in #3060
• chore(deps-dev): Bump ruff from 0.4.4 to 0.4.10 by @dependabot in #3058
• For proof problem handler, allow no connection record (OOB cases), prevent unhandled exception by @loneil in #3068
• Re-enable ledger plugin when --no-legder is set by @PatStLouis in #3070
• chore(deps): Bump requests from 2.32.2 to 2.32.3 by @dependabot in #3076
• chore(deps): Bump uuid-utils from 0.8.0 to 0.9.0 by @dependabot in #3075
• chore(deps-dev): Bump ruff from 0.4.10 to 0.5.0 by @dependabot in #3073
• chore(deps): Bump mike from 2.0.0 to 2.1.2 by @dependabot in #3074
• DIDComm V2 Initial Implementation by @TheTechmage in #2959
• fix: respond to did:peer:1 with did:peer:4 by @dbluhm in #3050
• fix: print provision messages when auto-provision is triggered by @TheTechmage in #3077
• Use anoncreds registry for holder credential endpoints by @jamshale in #3063
• Rule D417 by @jamshale in #3072
• Add by_format to terse webhook for presentations by @ianco in #3081
• 🐛 fix storage record pagination with post-filter query params by @ff137 in #3082
• Switch from black to ruff by @jamshale in #3080
• 🎨 improve record querying logic by @ff137 in #3083
• Upgrade python to version 3.12 by @jamshale in #3067
• chore(deps): Bump certifi from 2024.6.2 to 2024.7.4 in the pip group by @dependabot in #3085
• 🐛 fix IndyAttrValue bad reference in OpenAPI spec by @ff137 in #3090
• chore(deps): Bump mkdocs-material from 9.5.27 to 9.5.28 by @dependabot in #3089
• chore(deps-dev): Bump ruff from 0.5.0 to 0.5.1 by @dependabot in #3087
• chore(deps): Bump aries-askar from 0.3.1 to 0.3.2 by @dependabot in #3088
• chore(deps): Bump certifi from 2024.6.2 to 2024.7.4 in /demo/playground/examples in the pip group by @dependabot in #3084
• 1.0.0rc4 by @swcurran in #3092

New Contributors

• @KPCOFGS made their first contribution in #2927
• @rajpalc7 made their first contribution in #2945
• @EmadAnwer made their first contribution in #2967
• @Executioner1939 made their first contribution in #3028

Full Changelog: 0.12.1...1.0.0rc4