Skip to content

v0.7.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 11 May 15:20
· 228 commits to main since this release
v0.7.0
1a5b944
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

uselesskey v0.7.0

The Rust 1.95 scanner-safe fixture platform release.

What's new

Scanner-safe bundles, verification, inspection, and handoff

  • uselesskey bundle --profile scanner-safe produces a deterministic
    fixture directory with a manifest and per-artifact receipts.
  • uselesskey verify-bundle checks bundle outputs against the recorded
    manifest.json and receipts.
  • uselesskey inspect-bundle prints a human-readable summary without
    exposing fixture payloads.
  • uselesskey export k8s and uselesskey export vault-kv-json render
    Kubernetes and Vault payloads from a verified bundle.

OIDC/JWKS contract pack

  • uselesskey bundle --profile oidc emits valid JWKS and JWT-shape
    fixtures plus duplicate-kid, missing-kid, alg: none, and
    bad-audience negatives for downstream validator tests.

Negative payload shapes

  • Scanner-safe negative JWK/JWKS and token-shape helpers in
    uselesskey-jwk and uselesskey-token.
  • A new facade example, negative_payload_shapes, demonstrates the
    failure-path workflow end-to-end.

Public surface and compatibility

  • A public-surface promise map separates supported public crates from
    published-internal implementation shards.
  • cargo xtask public-surface enforces the map.
  • Internal JWK, token, core, and X.509 shards have been folded into their
    owner crates; the former uselesskey-core-*, uselesskey-token-spec,
    and uselesskey-core-x509* crates remain published as compatibility
    shims for this release.

Evidence lanes

  • RIPR PR exposure, targeted PR mutation, nightly public-scope mutation,
    scheduled performance evidence, and a release-evidence runner with
    scanner-safe and OIDC bundle proofs.
  • Mutation survivor ledger and per-run receipts.

Documentation

  • Failure atlas covering protocol-shaped negative fixtures.
  • Scanner-safe bundle reference and OIDC/JWT validator how-tos.
  • Release category notes, evidence matrix, checklist issue map, and
    post-release audit checklist.

Toolchain change

This release raises MSRV from Rust 1.92 to Rust 1.95 and enables the
Rust 1.95 compiler/Clippy lint floor. Downstreams pinned to 1.92 should
remain on v0.6.x or upgrade their toolchain.

Claim boundary

uselesskey is a test-fixture layer. It is not production key
management, scanner evasion, or cryptographic assurance.

Evidence

  • target/release-evidence/summary.md
  • target/release-evidence/release-evidence.md
  • target/release-evidence/scanner-safe/scanner-safe-bundle-proof.md
  • target/release-evidence/oidc/oidc-contract-pack-proof.md
  • target/mutation/nightly-receipt.md
  • target/xtask/perf/latest.md

See CHANGELOG.md for the full v0.7.0 list.

Assets 2
Loading