2024-05-07 Aries Cloud Agent - Python Maintainers Meeting
- Stephen Curran
- Daniel Bluhm
Owned by Stephen Curran
Summary:
Topics:
- Status: Adding support in ACA-Py for AnonCreds in W3C VCDM Format
- Status: Upgrading Wallet Types
- Status: Logging in ACA-Py
- aiohttp CVE and older ACA-Py releases
- Getting to 1.0.0
- PRs and Issues
Zoom Link: https://zoom.us/j/91279968714?pwd=Yk9GVVNLOFE1cklkSk51UEZQTklOQT09
Call Time: 9:00 Pacific / 18:00 Central Europe
Recordings From the Call:
|
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Welcome, Introductions and Announcements
Attendees
- Stephen Curran (Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
- Daniel Bluhm (Indicio PBC) <daniel@indicio.tech>
Announcements
- ACA-Py documentation: https://aca-py.org
Agenda
- Status: Adding support in ACA-Py for AnonCreds in W3C VCDM Format
- PR for the issue credential is working. Review, tag, and then hopefully merge.
- PR is pending on the proof request – Ian to check on that.
- Status: Upgrading Wallet Types
- Looking at the holder side – the handling of the link secret (renamed from master secret to link secret) – exposed by running the demo.
- Case: Have credential, get a new credential of the same type, goes down a different path – being investigated.
- Noted a different problem – if you have multiple credentials and you revoke one, the verification fails – to be investigated.
- Questions about the fact that the wallet upgrade is from Askar CredX to Askar AnonCreds-RS
- If a deployment is on Indy Wallet they have to do the Indy-Askar update first, then the CredX to AnonCreds-RS
- Looking at the holder side – the handling of the link secret (renamed from master secret to link secret) – exposed by running the demo.
- Status: Logging in ACA-Py
- Considering refactoring.
- aiohttp CVE and older ACA-Py releases
- CVE – crafted query can cause an infinite loop
- 0.12.1 has been upgraded to the patched version.
- We need to get the other instances of ACA-Py based Aries repos updated.
- Do we patch 0.11.0? Earlier?
- Getting to 1.0.0
- PRs
- Issues
- What's the next priority?
- Open Discussion
Upcoming Meeting Topics:
Future Topics
- Sonar Cloud - is this actually working? Add issue to take a look – perhaps Wade or Jason Syrotuck.
- OpenAPI - Indicio is doing post processing on the OpenAPI file, because what is in the repo is not especially useful.
- too many values being marked as optional – especially on receipt of results from the Admin API.
- multiple use of the schema – technically they are optional in other places, but not in the OpenAPI
- Response schemas aren't enforced allowing for returned values to differ
- Code coverage reports on ACA-Py