v0.2.10 — 2026-01-14

Maintenance

• WSDL updates regarding ONVIF 25.12 release (#24) by @kaburagisec

Fix/Refactor

• [Test] Add "to_dict" to skipped helper methods in test (#22) by @kaburagisec
• [CLI] Exclude "to_dict" from service methods in CLI (#23) by @kaburagisec

---

Full Changelog: v0.2.9...v0.2.10

v0.2.9 — 2025-12-23 (Hotfix)

Fix/Refactor

• [Client] Remove ONVIFResponse class and move to_dict method for zeep objects serialization to ONVIFService (#19) by @kaburagisec

---

Full Changelog: v0.2.8...v0.2.9

v0.2.8 — 2025-12-23

Feat

• [Client] Add ONVIFResponse wrapper for zeep objects with serialization support (#15) by @kaburagisec

Docs

• [Examples] Added example implementation of to_dict() helper method (#16) by @kaburagisec

---

Full Changelog: v0.2.7...v0.2.8

v0.2.7 — 2025-12-14

Maintenance

• [Client] WSDL updates from remote and method additions in Device (#11) by @kaburagisec

Fix/Refactor

• [Client] Localize external schema dependencies to eliminate remote URLs and improve offline support (#13) by @kaburagisec, this close issue #10 reported by @pakheper.

Feat

• [CLI] Update version handling in CLI (#12) by @kaburagisec
• [Client] Add user role management methods to Device class based on WSDL changes (b2d07a3) by @kaburagisec

---

Full Changelog: v0.2.6...v0.2.7

v0.2.6 — 2025-11-18

Maintenance

• [Client] WSDL updates and method additions in Device and Media2 (#7)

Feat

• [Client] Added implementation of UpgradeFirmware method in Device class based on WSDL changes. (8d8deed)
• [Client] Implement multicast audio decoder configuration methods in Media2 class based on WSDL changes. (b2f273d)

Docs

• Update Codacy badge image for consistency (#8)

---

Full Changelog: v0.2.5...v0.2.6

v0.2.5 — 2025-11-03

PyPI

https://pypi.org/project/onvif-python/0.2.5 (19067313640)

Feat

• [CLI] Add output file option (--output/-o) for command results with format detection (0402c33)

Fix/Refactor

• [Client] Remove unused ONVIFOperator import (b033781)
• [CLI] Improve error handling in JSON serialization by specifying exception types (609fc35)
• [CLI] Prepare output data for JSON format in save_output_to_file function (73ccdc9)

Style

• [Examples] Enforce PEP8 Linting (8878fe1)

Docs

• Update badges links (a899a7c)
• Add library philosophy section with detailed description (6646ad3)
• Update contribution guidelines for branch naming and development setup (792c7a0)

---

Full Changelog: v0.2.4...v0.2.5

v0.2.4 — 2025-11-02

PyPI

https://pypi.org/project/onvif-python/0.2.4 (19009844081)

Feat

• [Client] Add PausableSubscription service class implementation (292a484)

Fix/Refactor

• [Client] Improve error handling for documentation retrieval in ONVIFService (5c1bc15)
• [CLI] Add JSON validation function to improve error handling in parse_json_params (28d56ad)
• [CLI] Fix all existing "Exception, Pass" implementations (8ae16ec)
• [CLI] Fix attribute resolve at type command from interactive shell (15427a1)

Maintenance

• Update wsdl folders from remote (https://github.com/onvif/specs) (4fafd8b)

Tests

• Add tests for PausableSubscription service compliance with WSDL (cf50a01)
• Remove obsolete WSDL map tests (632d953)
• Remove exception handling in method call to ensure proper error reporting (86d8313)
• Remove exception handling in method call to ensure proper error reporting (/2) (c37f08a)

Docs

• [Examples] Add example to Unsubscribe PullPointSubscription (bb7984f)
• [Examples] Add script to get and set system date and time on ONVIF device (3a91c86)
• [Release] Bump version 0.2.3 → 0.2.4 (3e48beb)

---

Full Changelog: v0.2.3...v0.2.4

v0.2.3 — 2025-10-31 (Hotfix)

PyPI

https://pypi.org/project/onvif-python/0.2.3 (18960494401)

Fix/Refactor

• [Client] Revert commit (83600fe) due to unexpected behavior in zeep flattening (fc51f6a)

---

Full Changelog: v0.2.2...v0.2.3

v0.2.2 — 2025-10-31

PyPI

https://pypi.org/project/onvif-python/0.2.2 (18959263050)

Feat

• [Client] Add ONVIFParser plugin for extracting XML elements from SOAP responses (4d1b634)
• [Client] Add support for user-provided plugins in ONVIFClient initialization (11163e1)
• [Client] Add lazy loading for security service capabilities in ONVIFClient (8e307af)
• [Client] Add lazy loading for JWT service in ONVIFClient (735a38c)
• [CLI] Enhance service availability checks for Security and JWT services (8f139f3)

Fix/Refactor

• [Client] Update service_path in AdvancedSecurity to use device_service (18fc581)
• [Client] Improve handling of wrapper elements and attribute parsing in ZeepPatcher (83600fe)

Docs

• [Examples] Add media profile creation example with video source and encoder configurations (5f12aa5)
• [Examples] Replace XMLCapturePlugin with ONVIFParser for topic extraction in pull_live_events.py (99e7e8d)
• [Release] Bump version 0.2.1 → 0.2.2 (29d1ffb)

---

Full Changelog: v0.2.1...v0.2.2

Technical Details

1. ONVIFParser: Solving Zeep's Text Element Limitation (4d1b634) (11163e1)

Problem Statement:

Zeep has a known limitation when parsing XML text elements that contain attributes, specifically when extracting Topic information from the PullPoint (Event) service responses. After extensive debugging and attempts to modify the ZeepPatcher class (originally implemented in v0.0.8 to enhance XML parsing for xsd:any fields), no viable solution was found within Zeep's architecture.

Issue Example:

Below is a comparison showing how Zeep fails to parse the Topic text value:

Zeep Parsed Object:

{
    'CurrentTime': datetime.datetime(2025, 10, 30, 22, 16, 42, tzinfo=<isodate.tzinfo.Utc>),
    'TerminationTime': datetime.datetime(2025, 10, 30, 22, 26, 47, tzinfo=<isodate.tzinfo.Utc>),
    'NotificationMessage': [
        {
            'SubscriptionReference': None,
            'Topic': {
                '_value_1': None,  # ❌ Topic text is missing!
                'Dialect': 'http://www.onvif.org/ver10/tev/topicExpression/ConcreteSet',
                '_attr_1': {}
            },
            'ProducerReference': None,
            'Message': {
                '_value_1': <Element {http://www.onvif.org/ver10/schema}Message at 0x1ea5df2bd00>
            }
        }
        # ... more notifications
    ]
}

Expected Raw XML:

<env:Header>
    <wsa:Action>http://www.onvif.org/ver10/events/wsdl/PullPointSubscription/PullMessagesResponse</wsa:Action>
</env:Header>
<env:Body>
    <tev:PullMessagesResponse>
        <tev:CurrentTime>2025-10-30T22:16:42Z</tev:CurrentTime>
        <tev:TerminationTime>2025-10-30T22:26:47Z</tev:TerminationTime>
        <wsnt:NotificationMessage>
            <wsnt:Topic Dialect="http://www.onvif.org/ver10/tev/topicExpression/ConcreteSet">
                tns1:RuleEngine/CellMotionDetector/Motion
            </wsnt:Topic>
            <wsnt:Message>
                <tt:Message UtcTime="2025-10-30T22:16:41Z" PropertyOperation="Initialized">
                    <tt:Source>
                        <tt:SimpleItem Name="VideoSourceConfigurationToken" Value="VideoSourceToken"/>
                        <tt:SimpleItem Name="VideoAnalyticsConfigurationToken" Value="VideoAnalyticsToken"/>
                        <tt:SimpleItem Name="Rule" Value="MyMotionDetectorRule"/>
                    </tt:Source>
                    <tt:Data>
                        <tt:SimpleItem Name="IsMotion" Value="false"/>
                    </tt:Data>
                </tt:Message>
            </wsnt:Message>
        </wsnt:NotificationMessage>
        <!-- ... more notifications -->
    </tev:PullMessagesResponse>
</env:Body>

The Issue:

The _value_1 field should contain the topic string "tns1:RuleEngine/CellMotionDetector/Motion", but Zeep fails to extract it when the <wsnt:Topic> element has attributes (in this case, the Dialect attribute).

Solution: ONVIFParser

To work around this limitation, a new utility class ONVIFParser was introduced that directly parses raw XML using XPath expressions before Zeep processes it. This provides reliable access to element text content regardless of attributes.

Implementation Changes:

• New Class: onvif.utils.ONVIFParser - Generic XML extraction plugin using Zeep's ingress() hook
• Updated Example: examples/pull_live_events.py now uses ONVIFParser instead of XMLCapturePlugin
• Removed in example: XMLCapturePlugin usage in production examples (this plugin is only suitable for development/testing as it stores all request/response XML in memory indefinitely)

Usage Example:

from onvif import ONVIFClient, ONVIFParser

# Create parser with XPath for topic extraction
parser = ONVIFParser(extract_xpaths={
    'topic': './/{http://docs.oasis-open.org/wsn/b-2}Topic'
})

# Pass parser to client
client = ONVIFClient(host, port, username, password, plugins=[parser])

# Use parsed data
event_service = client.pullpoint(...)
response = event_service.PullMessages(...)
topics = parser.get_extracted_texts('topic', len(response.NotificationMessage))

---

2. Advanced Security Service Discovery (18fc581) (8e307af) (735a38c)

Problem Statement:

The XAddr endpoint for the Security service (now called "Advanced Security" by the ONVIF consortium) was not discoverable through the standard 3-tier service discovery mechanism (GetServices → GetCapabilities → default URL). Extensive testing across multiple devices showed that neither "Security" nor "AdvancedSecurity" keys appeared in response structures, even within Extension or Extension.Extensions fields.

Investigation:

After thorough review of the ONVIF Advanced Security Service specification, the solution was discovered through experimentation: calling GetServiceCapabilities() on the Security service using the Device service's default endpoint (/onvif/device_service).

Discovery Response:

{
    'KeystoreCapabilities': None,
    'TLSServerCapabilities': None,
    'Dot1XCapabilities': None,
    'AuthorizationServer': None,
    'MediaSigning': None,
    '_value_1': [
        <Element {http://www.onvif.org/ver10/device/wsdl}Network at 0x1ddc2c13640>,
        <Element {http://www.onvif.org/ver10/device/wsdl}Security at 0x1ddc2c13680>,
        <Element {http://www.onvif.org/ver10/device/wsdl}System at 0x1ddc2c136c0>
    ],
    '_attr_1': None,
    'Network': {
        'IPFilter': False,
        'ZeroConfiguration': True,
        'IPVersion6': False,
        'DHCPv6': False,
        'DynDNS': False,
        'Dot11Configuration': False,
        'Dot1XConfigurations': 0,
        'HostnameFromDHCP': True,
        'NTP': 1
    },
    'Security': {
        'TLS1.0': True,
        'TLS1.1': True,
        'TLS1.2': True,
        'OnboardKeyGeneration': False,
        'AccessPolicyConfig': False,
        'DefaultAccessPolicy': True,
        'Dot1X': False,
        'RemoteUserHandling': False,
        'X.509Token': False,
        'SAMLToken': False,
        'KerberosToken': False,
        'UsernameToken': True,
        'HttpDigest': True,
        'RELToken': False,
        'SupportedEAPMethods': 0,
        'MaxUsers': 32,
        'MaxUserNameLength': 32,
        'MaxPasswordLength': 16
    },
    'System': {
        'DiscoveryResolve': False,
        'DiscoveryBye': True,
        'RemoteDiscovery': True,
        'SystemBackup': False,
        'SystemLogging': False,
        'FirmwareUpgrade': True,
        'HttpFirmwareUpgrade': True,
        'HttpSystemBackup': False,
        'HttpSystemLogging': False,
        'HttpSupportInformation': False,
        'StorageConfiguration': False,
        'MaxStorageConfigurations': 0
    }
}

Key Findings:

1. Endpoint Location: The Advanced Security service is accessible at /onvif/device_service (which is the endpoint of Device service)
2. Sub-service Detection: Security sub-services (Keystore, TLS Server, Dot1X, etc.) can be detected by checking if their capability objects are None or contain data
3. Capability Response: The `GetServiceCapabilities()...

v0.2.1 — 2025-10-30 (Hotfix)

PyPI

https://pypi.org/project/onvif-python/0.2.1 (18908407242)

Feat

• [CLI] Enhance search_products function to include product_category in search queries (365081f)

Fix/Refactor

• [Client] Add NullHandler to prevent duplicate logging errors in multiple modules (d42a68f)

Docs

• [Release] Bump version 0.2.0 → 0.2.1 (3ba8b64)

Technical Details

• In version 0.2.0, all logging implemented in the majority of main classes does not implement logger.addHandler(logging.NullHandler()), thus causing the log to run directly without being configured first by the user. This is a nuisance during application development when using this library, in this version NullHandler() has been implemented, and some logs that have the potential to appear duplicate have also been removed.
• The --search/-s feature for searching for products in the ONVIF CLI now filters the product_category key. This is because device details are sometimes more clearly defined in the product_category key than in the type key, which only contains 'device' or 'client'.

---

Full Changelog: v0.2.0...v0.2.1