Skip to content

v0.6.0

Choose a tag to compare

View all tags
@erskingardner erskingardner released this 23 Feb 12:00
· 22 commits to master since this release
v0.6.0
136a9ee
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • Add github CI workflow by @erskingardner in #1
  • Add encrypted media support (MIP-04) by @erskingardner in #2
  • Update openmls, cleanup deps, improve checks/actions by @erskingardner in #3
  • Fix key package metdata and extension version. Add tests. by @erskingardner in #6
  • fix(mdk-sqlite-storage/migrations): rename migration table to _refinery_schema_history_nostr_mls by @jgmontoya in #5
  • Remove complex sanitization code and simply strip by @erskingardner in #7
  • Refactor of common image validations and metadata functions for MIP-01 and MIP-04 by @erskingardner in #9
  • feat(mdk_core/messages groups): add mls_group_id to MessageProcessingResult variants by @jgmontoya in #10
  • Fix blurhash generation by @erskingardner in #11
  • Create credentials with correct identity encoding by @erskingardner in #13
  • feat: add test coverage reporting with regression prevention by @mubarakcoded in #14
  • fix: resolve baseline artifact download in coverage workflow by @mubarakcoded in #18
  • Improve test coverage and add edge case tests by @mubarakcoded in #21
  • Add key package validation by @erskingardner in #17
  • Add comprehensive edge case tests for encrypted media, groups, and messages by @mubarakcoded in #22
  • ci: remove redundant test execution from CI workflow by @mubarakcoded in #28
  • Skip comment on PRs from fork repos by @erskingardner in #31
  • Improve image key handling: migrate to HKDF seed derivation (MIP-01 v2) by @dannym-arx in #30
  • Implement hex-to-base64 encoding migration for KeyPackage and Welcome by @mubarakcoded in #29
  • refactor: Always include encoding tag for KeyPackage and Welcome events by @mubarakcoded in #32
  • Rubygems and PyPI publishing by @erskingardner in #34
  • separate accept_welcome and accept_welcome_json by @dannym-arx in #36
  • Image key separation by @dannym-arx in #33
  • fix minor clippy warning by @dannym-arx in #37
  • Update README by @kuba-04 in #39
  • chore: Update dependencies and refactor imports in mdk-core by @erskingardner in #43
  • Implement admin update validation in group management by @erskingardner in #42
  • Add identity binding verification for KeyPackage events by @erskingardner in #41
  • Enhance message processing with author verification by @erskingardner in #40
  • fix: add input validation to prevent unbounded storage writes by @mubarakcoded in #94
  • check for changelog.md in PRs by @dannym-arx in #99
  • Add AGENTS.md and update changelog for previous PRs by @erskingardner in #101
  • add changelog entry for issue #71 by @mubarakcoded in #103
  • bindings should also have a changelog by @dannym-arx in #100
  • minor kotlin binding cleanup by @dannym-arx in #38
  • (Fixes #58) Issue O: Missing Hash Verification in decrypt_group_image Allows Storage-Level Blob Substitution by @dannym-arx in #97
  • fix: correct error type in admins() when group not found by @erskingardner in #104
  • fix(sqlite): propagate last_message_id parse errors in row_to_group by @erskingardner in #105
  • Mdk issue 91 fix by @erskingardner in #107
  • Enhance admin authorization logic in group management by @erskingardner in #108
  • (Fixes #84) Issue AO: MLS Group ID Leakage in Error Messages by @dannym-arx in #112
  • 51 issue h missing mip 02 validation for welcome events by @mubarakcoded in #96
  • (Fixes #76) Issue AG: Function all_groups Aborts on First Deserialization Error by @dannym-arx in #115
  • fix: add pagination to prevent memory exhaustion in pending_welcomes by @mubarakcoded in #110
  • (fixes #61) Issue R: Refactor encoding handling to enforce base64 usage for key packages and welcomes by @dannym-arx in #98
  • FIX: Unify UniFFI welcomes pagination API by @mubarakcoded in #119
  • fix(mdk-core/groups): remove the correct member on remove_members when the tree has holes by @jgmontoya in #120
  • fix: add pagination and validation to messages query to prevent memory exhaustion by @mubarakcoded in #111
  • (Fixes #64) Issue U: Deterministic Nonce Derivation Causes Nonce Reuse and Message Linkability by @dannym-arx in #114
  • Fix/self update requires cached exporter secret by @jgmontoya in #121
  • feat(mdk-core/src/groups): add nostr_group_id field to NostrGroupDataUpdate as Optional by @jgmontoya in #127
  • Fix: Propagate mandatory group-data extension parse failures in sync_group_metadata_from_mls by @mubarakcoded in #125
  • Fix: Persist failed message processing state to prevent DoS via repeated reprocessing by @mubarakcoded in #116
  • Add claude code base permissions and slash commands by @erskingardner in #129
  • fix(mdk-core): add identity validation in proposal and commit processing (Fixes #55) by @erskingardner in #126
  • fix(mdk-core): allow proposals from non-admin members (Audit Issue I) by @erskingardner in #122
  • docs(mdk-core): document privacy-preserving group creation behavior by @erskingardner in #133
  • Encrypted & Secure Storage by @erskingardner in #102
  • Fix: Add admin authorization check for MLS commit messages by @erskingardner in #130
  • fix: address CodeRabbit nitpicks from PR #130 by @erskingardner in #135
  • fix(mdk-memory-storage): improve save_message performance from O(n) to O(1) (Audit Issue 6) by @erskingardner in #134
  • fix(mdk-core): improve error message for failed welcome retry attempts by @erskingardner in #136
  • feat: Add a coverage helper script for development by @dannym-arx in #123
  • Fix: Add comprehensive Nostr-based validations for message processing (Issue AE #74) by @mubarakcoded in #128
  • (Fixes #68) Fix Issue Y: Missing Zeroization for secrets, and introduce Secret type by @dannym-arx in #109
  • (Fixes #62) Issue S: Missing Validation of Mandatory Relays Tag in MLS KeyPackage Events by @dannym-arx in #118
  • feat(mdk-core): allow creating single-member groups by @erskingardner in #138
  • fix: improve Android cross-compilation with OpenSSL support by @erskingardner in #140
  • fix(mdk-core): handle removed member commit processing gracefully (Fixes #80) by @erskingardner in #137
  • fix(mdk-core): remove legacy 64-byte credential identity format support by @erskingardner in #141
  • fix: install OpenSSL on Windows for UniFFI bindings build by @erskingardner in #144
  • (fixes #83) Issue AN: Unvalidated Group ID Allows LRU Cache Pollution in save_message by @dannym-arx in #113
  • (Fixes #56): Fixed messages being overwritten across groups by @dannym-arx in #124
  • (Fixes #63 and #66) Fix Mime Related Security Issues by @dannym-arx in #95
  • (Fixes #65) labels no longer set in stone, now just set in bytes, bytes that can be updated in the future by @dannym-arx in #145
  • (Fixes #117) refactor(legacy): RIP legacy code, you will not be missed (2025-2026) by @dannym-arx in #146
  • chore(mdk-core/src/encrypted_media/manager): fix parse_imeta_tag comment by @jgmontoya in #139
  • feat(mdk-core): add GREASE support for MLS protocol extensibility by @erskingardner in #142
  • fix: prevent nostr_group_id cache collision and stale key entries in memory storage by @mubarakcoded in #149
  • Make sure that ai agents don't log sensitive information, and that coderabbit reports those as critical must fixes by @dannym-arx in #150
  • Fix: Add input validation to prevent memory exhaustion (Issue #82) by @mubarakcoded in #147
  • Replace Claude configuration with OpenCode setup by @erskingardner in #151
  • refactor: unified storage architecture by @erskingardner in #148
  • Going out of order is fine, maybe. by @dannym-arx in #155
  • Remove AI directories from project. AGENTS.md should be the only thing checked in by @erskingardner in #158
  • feat: Deterministic commit race resolution (MIP-03) by @erskingardner in #152
  • Fix: Return Unprocessable instead of error for previously failed messages by @mubarakcoded in #156
  • chore(Cargo): bump rust-nostr to version 0.44 by @jgmontoya in #162
  • processed_at was a misnomer by @dannym-arx in #163
  • fix: use std::sync::Mutex for SQLite connection to avoid tokio runtime panics by @jgmontoya in #164
  • feat: implement retryable state and preserve message context on failure by @erskingardner in #161
  • fix #154 (and fix #159 because that's a duplicate) by @dannym-arx in #165
  • fix timing issues by @dannym-arx in #166
  • fix: Add epoch fallback for MIP-04 media decryption by @JSKitty in #167
  • Fix windows builds of python and ruby bindings by @dannym-arx in #172
  • chore: upgrade openmls to 0.8.0, fix security advisories, add CodeQL config by @erskingardner in #174
  • chore: add quiet precommit mode for AI agents by @erskingardner in #175
  • feat(crates/mdk-core): make NIP-70 protected tag optonal in key package creation for relay compatibility by @jgmontoya in #173
  • [Fixes #170] allow users of mdk to choose whether to sort by createdAt or processedAt first by @dannym-arx in #171
  • Add key package hash_ref computation and deletion by serialized bytes by @mubarakcoded in #176
  • Remove mentions of nostr-mls by @erskingardner in #177
  • Return hash_ref from create_key_package_for_event by @mubarakcoded in #178
  • fix(sqlite-storage): fix snapshot group_id encoding mismatch and switch MLS codec to postcard by @erskingardner in #179
  • [Fix #181] feat(mdk-core): add required 'i' tag with KeyPackageRef to key package events by @dannym-arx in #182
  • fix(welcomes): make client tag optional in welcome validation per MIP-02 by @erskingardner in #186
  • feat(core): switch admin_pubkeys to raw 32-byte arrays in TLS wire format by @erskingardner in #185
  • feat: add self-update tracking fields to Group struct by @alltheseas in #184
  • [Fixes #187] Update OpenSSL Android build script with per-ABI Clang toolchain configuration by @dannym-arx in #188
  • chore: prepare 0.6.0 release by @erskingardner in #189
  • Fix kotlin by @dannym-arx in #190
  • feat: add clear_pending_commit for publish failure recovery by @JSKitty in #192
  • Expose clear_pending_commit in UniFFI bindings by @dannym-arx in #196
  • fix: delete orphaned SignatureKeyPair when clearing a self_update commit by @erskingardner in #197
  • fix(ci): remove local-cache from Android NDK setup to fix Kotlin build by @erskingardner in #198
  • chore: prepare crates for crates.io publishing by @erskingardner in #199
  • fix: move storage-traits integration tests to mdk-core by @erskingardner in #202

New Contributors

Full Changelog: https://github.com/marmot-protocol/mdk/commits/v0.6.0

Contributors

erskingardner, mubarakcoded, and 5 other contributors
Assets 2
Loading