Skip to content

chore: release v0.4.0#73

Merged
joeldsouzax merged 1 commit into
mainfrom
release-plz-2026-07-03T23-35-55Z
Jul 5, 2026
Merged

chore: release v0.4.0#73
joeldsouzax merged 1 commit into
mainfrom
release-plz-2026-07-03T23-35-55Z

Conversation

@devrandom-release-plz

@devrandom-release-plz devrandom-release-plz Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🤖 New release

  • cesr-rs: 0.3.0 -> 0.4.0 (⚠ API breaking changes)

cesr-rs breaking changes

--- failure enum_variant_added: enum variant added on exhaustive enum ---

Description:
A publicly-visible enum without #[non_exhaustive] has a new variant.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#enum-variant-new
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/enum_variant_added.ron

Failed in:
  variant ValidationError:SizeOverflow in /tmp/.tmp5s9DIO/cesr/src/core/matter/error.rs:178
  variant SignatureError:Invalid in /tmp/.tmp5s9DIO/cesr/src/crypto/error.rs:26
  variant SignatureError:CodeMismatch in /tmp/.tmp5s9DIO/cesr/src/crypto/error.rs:35
  variant SignatureError:Invalid in /tmp/.tmp5s9DIO/cesr/src/crypto/error.rs:26
  variant SignatureError:CodeMismatch in /tmp/.tmp5s9DIO/cesr/src/crypto/error.rs:35
  variant SerderError:UnparseablePrimitive in /tmp/.tmp5s9DIO/cesr/src/serder/error.rs:52
  variant SerderError:UnparseablePrimitive in /tmp/.tmp5s9DIO/cesr/src/serder/error.rs:52
  variant SerderError:UnparseablePrimitive in /tmp/.tmp5s9DIO/cesr/src/serder/error.rs:52

--- failure enum_variant_missing: pub enum variant removed or renamed ---

Description:
A publicly-visible enum has at least one variant that is no longer available under its prior name. It may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/enum_variant_missing.ron

Failed in:
  variant SerderError::Encoding, previously in file /tmp/.tmph5j28R/cesr-rs/src/serder/error.rs:57
  variant SerderError::Qb64Encoding, previously in file /tmp/.tmph5j28R/cesr-rs/src/serder/error.rs:61
  variant SerderError::Encoding, previously in file /tmp/.tmph5j28R/cesr-rs/src/serder/error.rs:57
  variant SerderError::Qb64Encoding, previously in file /tmp/.tmph5j28R/cesr-rs/src/serder/error.rs:61
  variant SerderError::Encoding, previously in file /tmp/.tmph5j28R/cesr-rs/src/serder/error.rs:57
  variant SerderError::Qb64Encoding, previously in file /tmp/.tmph5j28R/cesr-rs/src/serder/error.rs:61

--- failure function_missing: pub fn removed or renamed ---

Description:
A publicly-visible function cannot be imported by its prior path. A `pub use` may have been removed, or the function itself may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/function_missing.ron

Failed in:
  function cesr::stream::encode::matter_to_qb64, previously in file /tmp/.tmph5j28R/cesr-rs/src/stream/encode.rs:79

--- failure function_requires_different_generic_type_params: function now requires a different number of generic type parameters ---

Description:
A function now requires a different number of generic type parameters than it used to. Uses of this function that supplied the previous number of generic types (e.g. via turbofish syntax) will be broken.
        ref: https://doc.rust-lang.org/reference/items/generics.html
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/function_requires_different_generic_type_params.ron

Failed in:
  function verify (0 -> 1 generic types) in /tmp/.tmp5s9DIO/cesr/src/crypto/verify.rs:38
  function verify (0 -> 1 generic types) in /tmp/.tmp5s9DIO/cesr/src/crypto/verify.rs:38

--- failure method_requires_different_generic_type_params: method now requires a different number of generic type parameters ---

Description:
A method now requires a different number of generic type parameters than it used to. Uses of this method that supplied the previous number of generic types will be broken.
        ref: https://doc.rust-lang.org/reference/items/generics.html
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.48.0/src/lints/method_requires_different_generic_type_params.ron

Failed in:
  cesr::crypto::keypair::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::crypto::keypair::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::crypto::keypair::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::crypto::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::crypto::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::crypto::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
  cesr::KeyPair::verify takes 1 generic types instead of 0, in /tmp/.tmp5s9DIO/cesr/src/crypto/keypair.rs:73
Changelog

0.4.0 - 2026-07-05

Added

Fixed

Other

Changed

  • core (Unchecked size arithmetic in MatterBuilder variable-size parse (size * 4 overflow, wasm32/32-bit) #76): ValidationError gains a new SizeOverflow variant, returned
    when computing a variable-size primitive's full size from its decoded soft field
    overflows usize. As ValidationError is public and not #[non_exhaustive],
    this is breaking (MINOR under 0.x) for downstream exhaustive match on it.
  • error ergonomics (P2.3 · Error ergonomics review #33): removed the terrors::OneOf error-union layer in
    favour of purpose-built thiserror enums. Breaking (MINOR under 0.x):
    • MatterBuilder::{from_qualified_base64, from_qualified_base2, build} now return
      Result<_, MatterBuildError> (variants Parsing, Validation) instead of
      OneOf<(ParsingError, ValidationError)>.
    • crypto::verify now returns Result<(), VerificationError> (variants
      Signature, CodeMismatch) instead of OneOf<(SignatureError, CodeMismatchError)>.
    • The indexer builder's parse/validation methods (from_qb64, from_qb2,
      with_index, with_indices, with_raw) return the bare IndexerParseError /
      IndexerValidationError (previously wrapped in a single-element OneOf).
    • Consumers matching on these results switch from .take:: / .narrow:: to a
      normal match on the new enums / bare types.
    • SerderError gains a new UnparseablePrimitive variant (see Fixed below).
      As SerderError is public and not #[non_exhaustive], this is breaking for
      downstream exhaustive match on it.
    • The terrors dependency is dropped.
  • core / serder (qb64 encoding of a Matter requires the stream feature (encode/decode live in different layers) #67): qb64 text encoding moved to core. Breaking
    (MINOR under 0.x):
    • Matter<C> gains infallible to_qb64() -> String and to_qb64b() -> Vec<u8>;
      encoding a key/digest/signature to text no longer requires the stream feature.
    • stream::encode::matter_to_qb64 removed (use Matter::to_qb64b).
    • serder::primitives::{to_qb64_string, identifier_to_qb64_string} now return
      String instead of Result<String, SerderError>; the internal
      serder::serialize::{seal_to_json, matters_to_json_array} helpers likewise
      became infallible.
    • SerderError loses the Qb64Encoding and Encoding variants (their only
      producers are gone). Breaking for downstream exhaustive match on SerderError.

Fixed

  • core (Unchecked size arithmetic in MatterBuilder variable-size parse (size * 4 overflow, wasm32/32-bit) #76): MatterBuilder::{from_qualified_base64, from_qualified_base2} no
    longer compute the frame size (fs = size * 4 + cs, bfs = ceil(fs * 3 / 4)) from
    the attacker-controlled soft field with unchecked arithmetic. The three sites now
    use checked_mul/checked_add and return ValidationError::SizeOverflow on
    overflow, per the arithmetic-safety rule — previously a large declared size would
    panic in debug or silently wrap in release (a truncated frame slicing as valid).
    Latent, not reachable through the parse API today (variable codes cap the soft
    field at ss=4, so size <= 2^24-1); fixed as a defense-in-depth rule violation.
  • serder (P2.3 · Error ergonomics review #33): a malformed-but-unparseable field value no longer collapses a
    ParsingError into ValidationError::UnknownMatterCode(..) via string
    formatting; a new SerderError::UnparseablePrimitive { field, source } variant
    carries the parsing error in its own failure domain.
  • stream (P2.3 · Error ergonomics review #33): removed an unreachable!() panic on the matter-parse error path
    in stream::parse::parse_matter; the error mapping is now a total match.
  • core (P2.3 · Error ergonomics review #33): MatterBuilder::from_qualified_base64 no longer panics
    (range end index N out of range for slice of length 0) on a malformed qb64 whose
    decoded buffer is shorter than the code's declared lead size (e.g. 5BAA). The
    lead-byte slices are now bounds-checked and return
    MatterBuildError::Validation(ValidationError::StructuralIntegrityError). Found by
    the deep-fuzz matter_from_qb64 target; the crash input is committed as a fuzz
    corpus regression seed.

Added

  • crypto/devx (No indexed-signature verification: sign_indexed yields Siger but verify only accepts Cigar #69): indexed signatures (Siger, the form attached to KERI
    events) can now be verified directly — closing the sign/verify asymmetry where
    sign_indexed produced a Siger but verify only accepted a Cigar. This
    lands as a type-unified verify surface rather than a one-off method:
    • A crypto::Signature trait implemented by both Cigar (non-indexed) and
      Siger (indexed), so a single generic verify covers both — the caller
      never branches on "indexed or not".
    • KeyPair::<A>::verify<S: Signature>(&self, data, &S) -> Result<(), SignatureError>
      — one generic method (was three duplicated verify methods) with per-curve
      crypto dispatched on A at compile time via the new
      Algorithm::verify_bytes. kp.verify(msg, &cigar) and kp.verify(msg, &siger)
      both work.
    • Free crypto::verify<S: Signature>(verfer, data, &S) — the verifier-key-driven
      form (mirrors keripy's siger.verfer.verify(siger.raw, ser)) for verifying
      with only public keys. Composes into lazy iterator chains over stream-parsed
      signature groups: sigers.try_for_each(|s| verify(verfer, msg, s)).
    • Verification is strict: a signature whose CESR code does not belong to the
      key's algorithm is a typed error, not a silent failure. The Siger index is
      CESR framing metadata and is not part of the signed payload.
    • Also adds Algorithm::owns_indexed and Algorithm::NAME.
      (#69)

Breaking


This PR was generated with release-plz.

@codspeed-hq

codspeed-hq Bot commented Jul 3, 2026

Copy link
Copy Markdown

Merging this PR will not alter performance

✅ 21 untouched benchmarks


Comparing release-plz-2026-07-03T23-35-55Z (f18fb18) with main (dd304d1)

Open in CodSpeed

@devrandom-release-plz devrandom-release-plz Bot force-pushed the release-plz-2026-07-03T23-35-55Z branch 2 times, most recently from 03d1cac to 254b9ed Compare July 4, 2026 20:10
@devrandom-release-plz devrandom-release-plz Bot force-pushed the release-plz-2026-07-03T23-35-55Z branch from 254b9ed to f18fb18 Compare July 5, 2026 13:00
@joeldsouzax joeldsouzax merged commit e251e01 into main Jul 5, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant