v2026.7.20: Hotfix — FFI safety hardening for the Rust binding.
Hotfix — FFI safety hardening for the Rust binding.
An audit of the freshly published Rust crate found two real FFI-safety bugs in the C ABI shim. This release
fixes them forward (the engine and the Python binding are unchanged):
- The match iterator could dereference a null cursor. real_iter_next now has a full try/catch and a null
guard (contract 1=match / 0=end / -1=error), and the Rust wrapper checks the cursor and panics on an
engine error instead of risking undefined behaviour — a linear search is infallible after compile, so an
abort is surfaced, never silently turned into "no match". - The fallback feature classified unsupported vs syntax errors by matching the engine's message text. The
engine now tags each rejection with a stable kind, the C ABI exposes it as a code, and the binding
classifies on the code — so a reworded message can never silently stop delegating a pattern.
Also in this release: the bytes:: module reaches full regex::bytes parity (splitn / is_match_at /
captures_at / shortest_match), the crate's packaging dry-run is now enforced in CI, and a documentation
cleanup (the repository map and tier list catch up with the recent moves).
Users of the Rust crate on 2026.7.18 / 2026.7.19 should upgrade.