Skip to content

v5.0.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 18 Feb 20:01
· 27 commits to main since this release
v5.0.0
fbbc44c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlighted Features

This release improves client stability and sync ergonomics, introduces a new certificate generation tool, and strengthens code safety with arithmetic overflow checks.

  • IPC timeout handling - Client IPC timeouts have been increased to prevent timeouts during long-running operations like sync_now.
  • Hello sync ergonomics - Replaced individual duration parameters in sync_hello_subscribe with a HelloSubscriptionConfig builder pattern with sensible defaults, including a longer default subscription duration.
  • Client API improvements - aranya-id-based IDs are now exposed directly through the client API.
  • KeyBundle renamed to PublicKeyBundle - Better reflects the type's purpose. The old name is deprecated but still available.
  • New aranya-certgen crate - A CLI tool and library for generating PEM-formatted root CA certificates and signed certificates using P-256 ECDSA keys. This lays groundwork for the upcoming migration from PSKs to mTLS for QUIC sync authentication.
  • C API test suite - A ctest-based test suite for the C API enables testing individual C API functions without requiring lengthy example applications exercising the entire API.
  • Syncer reorganization - Internal syncer restructuring (SyncPeers -> SyncHandle, Syncer -> SyncManager) to prepare for upcoming transport traits and parallel sync.

Coming Soon

  • Custom roles rank-based hierarchy checks.
  • Migration from PSKs to mTLS certs for authenticating QUIC connections.

Security Patches

  • Added clippy::arithmetic_side_effects workspace lint to catch unchecked integer arithmetic, pushing toward checked/saturating operations to prevent potential overflow panics.
  • Updated time to resolve RUSTSEC-2026-0009.

Breaking Changes

  • Sync wire protocol changed: The aranya-core sync protocol now includes graph_id in more message types — Subscribe, Unsubscribe, Hello, Push, and Poll messages all carry an explicit graph_id field (renamed from storage_id). This ensures the protocol itself handles graph identification rather than relying on the transport or application layer to track it. Additionally, the return address is now sent as just a port (2 bytes) instead of the full serialized address, with the server deriving the IP from the QUIC connection. This fixes an issue where a server's bind address (e.g. 0.0.0.0) did not match the outgoing client address, causing peers to receive an unusable return address. Nodes running previous versions will not be able to sync with 5.0.0 nodes.
  • Daemon config toggle parsing fixed: The Toggle deserializer had swapped boolean matching — False was accepting true and vice versa. Configs that relied on the buggy behavior may parse differently after the fix. Empty or missing toggle sections now correctly default to disabled.
  • Minimum supported Rust version updated to 1.90.

What's Changed

Full Changelog: v4.1.1...v5.0.0

Contributors

djohnson-spideroak, jdygert-spok, and 4 other contributors
Assets 15
Loading