Skip to content

Release 0.5.0

Choose a tag to compare

View all tags
@stormer78 stormer78 released this 18 Apr 15:54
· 6 commits to main since this release
v0.5.0
This tag was signed with the committer’s verified signature.
stormer78 Glenn Gore
GPG key ID: 0B38AB3EDD4BDCB9
Verified
Learn about vigilant mode.
90c7f4e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

First breaking release in the 0.5.x line.

Fixes

  • Fix #35 — logs using plain key rotation (no pre-rotation) now resolve. Previous behaviour silently truncated the log to the genesis entry when encountering a non-pre-committed entry.

Breaking changes

  • Loud truncationDIDWebVHState::validate now returns Result<ValidationReport, _> instead of Result<(), _>. #[must_use] + a truncated: Option<TruncationReason> field force callers to acknowledge partial validation, and a new PostDeactivation variant surfaces tampered [genesis, deactivate, attacker-appended] logs that previously went silent. assert_complete() is the one-call strict-mode helper.
  • Spec-strict witness proofs by default: eddsa-jcs-2022 + proofPurpose: assertionMethod per didwebvh 1.0. WitnessVerifyOptions::check_proof_shape is the public entry point for shape checks.
  • Slim top-level re-exportsSigner, KeyType, Secret, async_trait moved out of the crate root into didwebvh_rs::prelude::*. One-release #[deprecated] shim covers the affinidi_secrets_resolver re-export.
  • MSRV bumped to 1.94.0 (required by upstream affinidi-* 0.5.x / 0.6.x).

Features

  • `experimental-pqc` feature — real, not a stub. ML-DSA-{44,65,87} + SLH-DSA-SHA2-128s work end-to-end for DID create/resolve/rotate. Runtime `WitnessVerifyOptions::extra_allowed_suites` for opting into PQC witness proofs without recompiling.

Dependency hygiene

  • Dropped `affinidi-tdk` runtime dep (cli feature). Replaced the one-method wrapper with `did_key::generate_did_key`; removes messaging-SDK + meeting-place transitive graph from cli users.
  • ssi 0.15 → 0.16 — unsticks `cargo update` (0.15 pulled yanked `core2 0.4.0` transitively via `libipld 0.14`).

Quality

  • Clippy pedantic on with a curated allowlist; `-D warnings` in CI.
  • 443 tests (unit + integration + PQC) passing; `cargo audit` clean on default build.

See CHANGELOG.md for full migration notes.

Known issues

  • `didwebvh-ts` entryHash upstream bug (non-genesis entries use `"{SCID}"` placeholder instead of previous `versionId` per spec). Cross-impl interop test is `#[ignore]`-d.
  • Optional `ssi` feature pulls 7 known-advisory transitive crates (all outside our direct control); default build is advisory-free.

Full Changelog: v0.4.2...v0.5.0

Assets 2
Loading