/
2024-05-07 Aries Cloud Agent - Python Maintainers Meeting

2024-05-07 Aries Cloud Agent - Python Maintainers Meeting

May 07, 2024

Summary:

Topics:

  • Status: Adding support in ACA-Py for AnonCreds in W3C VCDM Format

  • Status: Upgrading Wallet Types

  • Status: Logging in ACA-Py

  • aiohttp CVE and older ACA-Py releases

  • Getting to 1.0.0

  • PRs and Issues

 

Zoom Link: https://zoom.us/j/91279968714?pwd=Yk9GVVNLOFE1cklkSk51UEZQTklOQT09

Call Time: 9:00 Pacific / 18:00 Central Europe

Recordings From the Call:  

 

Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Welcome, Introductions and Announcements

Attendees

  • Stephen Curran (Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>

  • Daniel Bluhm (Indicio PBC) <daniel@indicio.tech>

Announcements

Agenda

  • Status: Adding support in ACA-Py for AnonCreds in W3C VCDM Format

    • PR for the issue credential is working.  Review, tag, and then hopefully merge.

    • PR is pending on the proof request – Ian to check on that.

  • Status: Upgrading Wallet Types

    • Looking at the holder side – the handling of the link secret (renamed from master secret to link secret) – exposed by running the demo.

      • Case: Have credential, get a new credential of the same type, goes down a different path – being investigated.

    • Noted a different problem – if you have multiple credentials and you revoke one, the verification fails – to be investigated.

    • Questions about the fact that the wallet upgrade is from Askar CredX to Askar AnonCreds-RS

      • If a deployment is on Indy Wallet they have to do the Indy-Askar update first, then the CredX to AnonCreds-RS

  • Status: Logging in ACA-Py

    • Considering refactoring.

  • aiohttp CVE and older ACA-Py releases

    • CVE – crafted query can cause an infinite loop

    • 0.12.1 has been upgraded to the patched version.

    • We need to get the other instances of ACA-Py based Aries repos updated.

    • Do we patch 0.11.0?  Earlier?

  • Getting to 1.0.0

  • PRs

  • Issues

  • What's the next priority?

  • Open Discussion

Upcoming Meeting Topics:

Future Topics

  • Sonar Cloud - is this actually working? Add issue to take a look – perhaps Wade or Jason Syrotuck.

  • OpenAPI - Indicio is doing post processing on the OpenAPI file, because what is in the repo is not especially useful.

    • too many values being marked as optional – especially on receipt of results from the Admin API.

    • multiple use of the schema – technically they are optional in other places, but not in the OpenAPI

    • Response schemas aren't enforced allowing for returned values to differ

  • Code coverage reports on ACA-Py

Action items