Skip to content

[freeze] STABILITY.md: the 1.0 promise (semver surface, feature tiers, MSRV, crypto-bump policy + re-export leakage audit) #86

Description

@joeldsouzax

Problem

cesr-rs is published and consumers pin it, but the stability promise lives in tribal knowledge ("the API was re-frozen post-extraction", M3). Before 1.0, write down what pinning cesr-rs 1.x actually guarantees — bombay (M4), agency, and external KERI-ecosystem users will all read this page before depending.

Write STABILITY.md covering

  • Semver surface: public API = the prelude + module paths preserved at M3; what's explicitly out (fuzz targets, keripy_diff internals, bench code)
  • Feature-tier guarantees: the support matrix (std / alloc+no_std / wasm32) and which tiers are CI-gated promises vs best-effort; features are additive-forever
  • MSRV policy: pinned 1.95 today — bump rule (recommend: minor bump, N-2 floor, stated)
  • Crypto-bump policy: how major bumps of ed25519-dalek/k256/p256/blake3 are handled (this is P3.1 · Evaluate deferred major crypto bumps #34's recurring question — answer it once as policy: crypto major bump = cesr minor IF no public-type leakage, which is why sealing re-exports matters; audit that no dalek/RustCrypto types leak through the public API TODAY, pre-freeze)
  • keripy-parity promise: what "parity" means versioned (parity as-of keripy X.Y, watcher-fed §P3.2 · Track new algorithms keripy adopts #35–38), so a keripy table addition isn't read as a cesr-rs breakage
  • Wire/encoding stability: qb64/qb2 output is spec-pinned (CESR spec + keripy differential) — distinguish "encoding bytes never change" (spec promise) from "Rust API may evolve" (semver promise)
  • Unsafe/security posture: zero-unsafe, zeroization, fuzz cadence — stated as maintained invariants (this is marketing-grade material for the B3 safety-researcher audience too)

Why pre-freeze

Same as the nexus twin card: writing it audits the freeze. The crypto-leakage clause in particular is a real pre-1.0 action item, not just prose.

Acceptance

STABILITY.md merged + linked from README/crates.io page; re-export leakage audit done (any leaked crypto type fixed or consciously documented); #34/#35 watchers reference the policy instead of re-deciding.

From the 2026-07-05 cross-repo roadmap review (twin of the nexus stability-policy card).

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions