1# Changelog
2
3Entries are listed in reverse chronological order per major series.
4
5## 4.x series
6
7### 4.0.1
8
9* Update README.
10
11### 4.0.0
12
13* Update the `rand_core` dependency to `0.6`.  This requires a major version
14  because the `digest` traits are part of the public API, but there are
15  otherwise no changes to the API.
16
17## 3.x series
18
19### 3.0.3
20
21* Add note about package naming and crate seizure.
22
23### 3.0.2
24
25* Fixes to make using alloc+no_std possible for stable Rust.
26
27### 3.0.1
28
29* Update the optional `packed-simd` dependency to rely on a newer,
30  maintained version of the `packed-simd-2` crate.
31
32### 3.0.0
33
34* Update the `digest` dependency to `0.9`.  This requires a major version
35  because the `digest` traits are part of the public API, but there are
36  otherwise no changes to the API.
37
38## 2.x series (unsupported)
39
40### 2.1.2
41
42* Fixes to make using alloc+no_std possible for stable Rust.
43
44### 2.1.1
45
46* Update the optional `packed-simd` dependency to rely on a newer,
47  maintained version of the `packed-simd-2` crate.
48
49### 2.1.0
50
51* Make `Scalar::from_bits` a `const fn`, allowing its use in `const` contexts.
52
53### 2.0.0
54
55* Fix a data modeling error in the `serde` feature pointed out by Trevor Perrin
56  which caused points and scalars to be serialized with length fields rather
57  than as fixed-size 32-byte arrays.  This is a breaking change, but it fixes
58  compatibility with `serde-json` and ensures that the `serde-bincode` encoding
59  matches the conventional encoding for X/Ed25519.
60* Update `rand_core` to `0.5`, allowing use with new `rand` versions.
61* Switch from `clear_on_drop` to `zeroize` (by Tony Arcieri).
62* Require `subtle = ^2.2.1` and remove the note advising nightly Rust, which is
63  no longer required as of that version of `subtle`.  See the `subtle`
64  changelog for more details.
65* Update `README.md` for `2.x` series.
66* Remove the `build.rs` hack which loaded the entire crate into its own
67  `build.rs` to generate constants, and keep the constants in the source code.
68
69The only significant change is the data model change to the `serde` feature;
70besides the `rand_core` version bump, there are no other user-visible changes.
71
72## 1.x series (unsupported)
73
74### 1.2.6
75
76* Fixes to make using alloc+no_std possible for stable Rust.
77
78### 1.2.5
79
80* Update the optional `packed-simd` dependency to rely on a newer,
81  maintained version of the `packed-simd-2` crate.
82
83### 1.2.4
84
85* Specify a semver bound for `clear_on_drop` rather than an exact version,
86  addressing an issue where changes to inline assembly in rustc prevented
87  `clear_on_drop` from working without an update.
88
89### 1.2.3
90
91* Fix an issue identified by a Quarkslab audit (and Jack Grigg), where manually
92  constructing unreduced `Scalar` values, as needed for X/Ed25519, and then
93  performing scalar/scalar arithmetic could compute incorrect results.
94* Switch to upstream Rust intrinsics for the IFMA backend now that they exist in
95  Rust and don't need to be defined locally.
96* Ensure that the NAF computation works correctly, even for parameters never
97  used elsewhere in the codebase.
98* Minor refactoring to EdwardsPoint decompression.
99* Fix broken links in documentation.
100* Fix compilation on nightly broken due to changes to the `#[doc(include)]` path
101  root (not quite correctly done in 1.2.2).
102
103### 1.2.2
104
105* Fix a typo in an internal doc-comment.
106* Add the "crypto" tag to crate metadata.
107* Fix compilation on nightly broken due to changes to the `#[doc(include)]` path
108  root.
109
110### 1.2.1
111
112* Fix a bug in bucket index calculations in the Pippenger multiscalar algorithm
113  for very large input sizes.
114* Add a more extensive randomized multiscalar multiplication consistency check
115  to the test suite to prevent regressions.
116* Ensure that that multiscalar and NAF computations work correctly on extremal
117  `Scalar` values constructed via `from_bits`.
118
119### 1.2.0
120
121* New multiscalar multiplication algorithm with better performance for
122  large problem sizes.  The backend algorithm is selected
123  transparently using the size hints of the input iterators, so no
124  changes are required for client crates to start using it.
125* Equality of Edwards points is now checked in projective coordinates.
126* Serde can now be used with `no_std`.
127
128### 1.1.4
129
130* Fix typos in documentation comments.
131* Remove unnecessary `Default` bound on `Scalar::from_hash`.
132
133### 1.1.3
134
135* Reverts the change in 1.1.0 to allow owned and borrowed RNGs, which caused a breakage due to a subtle interaction with ownership rules.  (The `RngCore` change is retained).
136
137### 1.1.2
138
139* Disabled KaTeX on `docs.rs` pending proper [support upstream](https://github.com/rust-lang/docs.rs/issues/302).
140
141## 1.1.1
142
143* Fixed an issue related to `#[cfg(rustdoc)]` which prevented documenting multiple backends.
144
145### 1.1.0
146
147* Adds support for precomputation for multiscalar multiplication.
148* Restructures the internal source tree into `serial` and `vector` backends (no change to external API).
149* Adds a new IFMA backend which sets speed records.
150* The `avx2_backend` feature is now an alias for the `simd_backend` feature, which autoselects an appropriate vector backend (currently AVX2 or IFMA).
151* Replaces the `rand` dependency with `rand_core`.
152* Generalizes trait bounds on `RistrettoPoint::random()` and `Scalar::random()` to allow owned and borrowed RNGs and to allow `RngCore` instead of `Rng`.
153
154### 1.0.3
155
156* Adds `ConstantTimeEq` implementation for compressed points.
157
158### 1.0.2
159
160* Fixes a typo in the naming of variables in Ristretto formulas (no change to functionality).
161
162### 1.0.1
163
164* Depends on the stable `2.0` version of `subtle` instead of `2.0.0-pre.0`.
165
166### 1.0.0
167
168Initial stable release.  Yanked due to a dependency mistake (see above).
169
170