-
Notifications
You must be signed in to change notification settings - Fork 0
Versioning and Deprecation
openvc follows Semantic Versioning. This page is the contract:
what "stable" covers, and how change is signalled. It has been in full effect
since 1.0.0 (during 0.x, minor versions could break — each break was
called out in the CHANGELOG).
Given a released MAJOR.MINOR.PATCH:
- MAJOR — a backwards-incompatible change to the stable public API (a name removed/renamed, a signature or return-object field changed incompatibly, a default that changes a security decision).
- MINOR — backwards-compatible additions (a new function, a new module, a new optional parameter, a new defaulted field on a result/policy dataclass).
- PATCH — backwards-compatible bug and security fixes with no API change.
The stable public API is every name in a public module's __all__, reached from
its documented import path (see Public surface & stability in
CONVENTIONS).
Concretely:
- the package-root re-exports (
from openvc import verify_credential, …); - every non-underscore module and the names in its
__all__; - the return-object contract — the fields of
VerificationResult,VerificationPolicyand the per-suiteVerified*dataclasses, which are add-only (a field may be added with a default; never removed, renamed or reordered without a MAJOR bump).tests/test_return_contract.pypins them.
Not covered (may change in any release, no deprecation cycle): any
leading-underscore module or name (openvc.proof._verify_common,
openvc.status._decompress, every _name), and behaviour explicitly documented as
unspecified.
A stable name is not removed abruptly. To remove or rename one:
- The old name keeps working for at least one MINOR release, emitting a
DeprecationWarningthat names the replacement. - The deprecation is recorded under Deprecated in the CHANGELOG, with the replacement and the earliest version that may remove it.
- Removal happens only in a subsequent MAJOR release, noted under Removed.
Currently deprecated (removable at the next MAJOR): the verb-last
openvc.proof.ecdsa_sd codec aliases — cbor_encode/cbor_decode,
serialize_base_proof/parse_base_proof,
serialize_derived_proof/parse_derived_proof — each warns and forwards to its
verb-first replacement (encode_cbor/decode_cbor, encode_base_proof/…).
RFC 9864 (Oct 2025) marks the polymorphic
EdDSA Deprecated in the IANA JOSE registry and introduces the fully-specified
name Ed25519 for the same Ed25519 signature. openvc tracks this without breaking
anyone:
-
Verify accepts both.
Ed25519joined the{ES256, ES384, EdDSA}allow-list (so it is now{ES256, ES384, EdDSA, Ed25519}); a token withalg: Ed25519verifies exactly like anEdDSAone across VC-JWT, SD-JWT VC and the status-list token. RS*/HS*/alg:nonestay rejected before any crypto. -
Signing still emits
EdDSAby default — no wire change unless you ask for it. Opt into the fully-specified name per key:Ed25519SigningKey.generate(kid, alg="Ed25519")(also on.from_jwk/.from_pem). -
ES256/ES384are not deprecated, so their fully-specifiedESP256/ESP384names are not accepted yet — deferred until forward-looking signers actually emit them, to keep the allow-list narrow (the EBSI/EUDI world is ES256-centric).
📖 Published automatically from the wiki/ directory of the main repository — edits made directly on the wiki are overwritten by the next sync. To change a page, open a PR against wiki/. Every python block on these pages is executed by CI. · API reference · LGPL-3.0-or-later
Start
Proof formats
Verifying in practice
- Presentations & OpenID4VP
- Resolving issuer keys
- Relying-party certificates
- Credential schemas
- Status lists
- Trust anchors: EU TL & EBSI
- Async verification
Walkthroughs
Operating
Reference