v0.7.1

What's Changed

• [Fixes #209] feat: expose MIP-04 encrypted media in UniFFI bindings by @dannym-arx in #215
• fix(mip04): derive file key with HKDF-Expand PRK by @erskingardner in #217
• chore: prepare 0.7.1 release by @erskingardner in #218

Full Changelog: v0.7.0...v0.7.1

v0.7.0

What's Changed

• chore(Cargo): bump openmls and other dependencies by @jgmontoya in #204
• Methods to expose ratchet tree with pubkeys by @dannym-arx in #206
• fix: wire max_past_epochs into OpenMLS group config and bump to 0.8.1 by @erskingardner in #207
• ci: split jobs, add path filters and concurrency cancellation [skip-changelog] by @dannym-arx in #210
• feat: replace NIP-44 with ChaCha20-Poly1305 for kind:445 (MIP-03) and update MIP-04 exporter label by @erskingardner in #208
• ci: add UniFFI bindings coverage checker by @dannym-arx in #212
• fix(ios): set IPHONEOS_DEPLOYMENT_TARGET=15.0 to fix ___chkstk_darwin link error by @dannym-arx in #214
• chore: prepare 0.7.0 release by @erskingardner in #213

Full Changelog: v0.6.0...v0.7.0

v0.6.0

What's Changed

• Add github CI workflow by @erskingardner in #1
• Add encrypted media support (MIP-04) by @erskingardner in #2
• Update openmls, cleanup deps, improve checks/actions by @erskingardner in #3
• Fix key package metdata and extension version. Add tests. by @erskingardner in #6
• fix(mdk-sqlite-storage/migrations): rename migration table to _refinery_schema_history_nostr_mls by @jgmontoya in #5
• Remove complex sanitization code and simply strip by @erskingardner in #7
• Refactor of common image validations and metadata functions for MIP-01 and MIP-04 by @erskingardner in #9
• feat(mdk_core/messages groups): add mls_group_id to MessageProcessingResult variants by @jgmontoya in #10
• Fix blurhash generation by @erskingardner in #11
• Create credentials with correct identity encoding by @erskingardner in #13
• feat: add test coverage reporting with regression prevention by @mubarakcoded in #14
• fix: resolve baseline artifact download in coverage workflow by @mubarakcoded in #18
• Improve test coverage and add edge case tests by @mubarakcoded in #21
• Add key package validation by @erskingardner in #17
• Add comprehensive edge case tests for encrypted media, groups, and messages by @mubarakcoded in #22
• ci: remove redundant test execution from CI workflow by @mubarakcoded in #28
• Skip comment on PRs from fork repos by @erskingardner in #31
• Improve image key handling: migrate to HKDF seed derivation (MIP-01 v2) by @dannym-arx in #30
• Implement hex-to-base64 encoding migration for KeyPackage and Welcome by @mubarakcoded in #29
• refactor: Always include encoding tag for KeyPackage and Welcome events by @mubarakcoded in #32
• Rubygems and PyPI publishing by @erskingardner in #34
• separate accept_welcome and accept_welcome_json by @dannym-arx in #36
• Image key separation by @dannym-arx in #33
• fix minor clippy warning by @dannym-arx in #37
• Update README by @kuba-04 in #39
• chore: Update dependencies and refactor imports in mdk-core by @erskingardner in #43
• Implement admin update validation in group management by @erskingardner in #42
• Add identity binding verification for KeyPackage events by @erskingardner in #41
• Enhance message processing with author verification by @erskingardner in #40
• fix: add input validation to prevent unbounded storage writes by @mubarakcoded in #94
• check for changelog.md in PRs by @dannym-arx in #99
• Add AGENTS.md and update changelog for previous PRs by @erskingardner in #101
• add changelog entry for issue #71 by @mubarakcoded in #103
• bindings should also have a changelog by @dannym-arx in #100
• minor kotlin binding cleanup by @dannym-arx in #38
• (Fixes #58) Issue O: Missing Hash Verification in decrypt_group_image Allows Storage-Level Blob Substitution by @dannym-arx in #97
• fix: correct error type in admins() when group not found by @erskingardner in #104
• fix(sqlite): propagate last_message_id parse errors in row_to_group by @erskingardner in #105
• Mdk issue 91 fix by @erskingardner in #107
• Enhance admin authorization logic in group management by @erskingardner in #108
• (Fixes #84) Issue AO: MLS Group ID Leakage in Error Messages by @dannym-arx in #112
• 51 issue h missing mip 02 validation for welcome events by @mubarakcoded in #96
• (Fixes #76) Issue AG: Function all_groups Aborts on First Deserialization Error by @dannym-arx in #115
• fix: add pagination to prevent memory exhaustion in pending_welcomes by @mubarakcoded in #110
• (fixes #61) Issue R: Refactor encoding handling to enforce base64 usage for key packages and welcomes by @dannym-arx in #98
• FIX: Unify UniFFI welcomes pagination API by @mubarakcoded in #119
• fix(mdk-core/groups): remove the correct member on remove_members when the tree has holes by @jgmontoya in #120
• fix: add pagination and validation to messages query to prevent memory exhaustion by @mubarakcoded in #111
• (Fixes #64) Issue U: Deterministic Nonce Derivation Causes Nonce Reuse and Message Linkability by @dannym-arx in #114
• Fix/self update requires cached exporter secret by @jgmontoya in #121
• feat(mdk-core/src/groups): add nostr_group_id field to NostrGroupDataUpdate as Optional by @jgmontoya in #127
• Fix: Propagate mandatory group-data extension parse failures in sync_group_metadata_from_mls by @mubarakcoded in #125
• Fix: Persist failed message processing state to prevent DoS via repeated reprocessing by @mubarakcoded in #116
• Add claude code base permissions and slash commands by @erskingardner in #129
• fix(mdk-core): add identity validation in proposal and commit processing (Fixes #55) by @erskingardner in #126
• fix(mdk-core): allow proposals from non-admin members (Audit Issue I) by @erskingardner in #122
• docs(mdk-core): document privacy-preserving group creation behavior by @erskingardner in #133
• Encrypted & Secure Storage by @erskingardner in #102
• Fix: Add admin authorization check for MLS commit messages by @erskingardner in #130
• fix: address CodeRabbit nitpicks from PR #130 by @erskingardner in #135
• fix(mdk-memory-storage): improve save_message performance from O(n) to O(1) (Audit Issue 6) by @erskingardner in #134
• fix(mdk-core): improve error message for failed welcome retry attempts by @erskingardner in #136
• feat: Add a coverage helper script for development by @dannym-arx in #123
• Fix: Add comprehensive Nostr-based validations for message processing (Issue AE #74) by @mubarakcoded in #128
• (Fixes #68) Fix Issue Y: Missing Zeroization for secrets, and introduce Secret type by @dannym-arx in #109
• (Fixes #62) Issue S: Missing Validation of Mandatory Relays Tag in MLS KeyPackage Events by @dannym-arx in #118
• feat(mdk-core): allow creating single-member groups by @erskingardner in #138
• fix: improve Android cross-compilation with OpenSSL support by @erskingardner in #140
• fix(mdk-core): handle removed member commit processing gracefully (Fixes #80) by @erskingardner in #137
• fix(mdk-core): remove legacy 64-byte credential identity format support by @erskingardner in #141
• fix: install OpenSSL on Windows for UniFFI bindings build by @erskingardner in #144
• (fixes #83) Issue AN: Unvalidated Group ID Allows LRU Cache Pollution in save_message by @dannym-arx in #113
• (Fixes #56): Fixed messages being overwritten across groups by @dannym-arx in #124
• (Fixes #63 and #66) Fix Mime Related Security Issues by @dannym-arx in #95
• (Fixes #65) labels no longer set in stone, now just set in bytes, bytes that can be updated in the future by @dannym-arx in #145
• (Fixes #117) refactor(legacy): RIP legacy code, you will not be missed (2025-2026) by @dannym-arx in #146
• chore(mdk-core/src/encryp...