Skip to content

Commit 86cd28a

Browse files
committed
Prepare hashavatar 1.0.1 candidate
1 parent 2336442 commit 86cd28a

11 files changed

Lines changed: 100 additions & 20 deletions

File tree

CHANGELOG.md

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,22 @@
11
# Changelog
22

3+
## 1.0.1
4+
5+
- Bumped the crate to `1.0.1`.
6+
- Refreshed compatible transitive dependencies in `Cargo.lock` and the fuzz
7+
harness lockfile.
8+
- Updated the GitHub CI `taiki-e/install-action` pin to `v2.79.14`.
9+
- Lowered the documented and manifest MSRV to Rust `1.90.0` after running the
10+
full release gate on `1.90.0` and compatibility checks through Rust `1.96.0`.
11+
- Added the README header artwork and Rust version support table. The README
12+
image is kept in the repository but excluded from the published crate package.
13+
- Added a debug assertion for future out-of-range identity digest byte access
14+
while keeping release builds non-panicking.
15+
- Changed public avatar size helper arithmetic to saturating multiplication for
16+
future-proofing.
17+
- Clarified that the `StdRng::from_seed` by-value seed argument copy is part of
18+
the documented zeroization residual.
19+
320
## 1.0.0
421

522
- Bumped the crate to `1.0.0`.

Cargo.lock

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "hashavatar"
3-
version = "1.0.0"
3+
version = "1.0.1"
44
edition = "2024"
55
rust-version = "1.90"
66
description = "Stable deterministic procedural avatars in Rust with configurable identity hashing, WebP, optional PNG/JPEG/GIF, and SVG export"

README.md

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ The crate starts conservative: validated avatar dimensions, bounded identity inp
2929

3030
## Current Status
3131

32-
The current crate version is `1.0.0`.
32+
The current crate version is `1.0.1`.
3333

3434
Implemented now:
3535

@@ -99,7 +99,7 @@ to split it.
9999
The minimum supported Rust version is Rust `1.90.0`. New deployments should
100100
prefer the latest stable Rust; as of May 29, 2026, that is Rust `1.96.0`.
101101

102-
Compatibility evidence for `1.0.0`:
102+
Compatibility evidence for `1.0.1`:
103103

104104
| Rust | Local Evidence |
105105
| --- | --- |
@@ -120,29 +120,29 @@ Optional hash modes are mutually exclusive, so `hashavatar` cannot use a single
120120

121121
```toml
122122
[dependencies]
123-
hashavatar = "1.0.0"
123+
hashavatar = "1.0.1"
124124
```
125125

126126
Optional identity hash modes and extra raster encoders are disabled by default.
127127
Hash modes are mutually exclusive, so enable at most one of `blake3` or `xxh3`:
128128

129129
```toml
130130
[dependencies]
131-
hashavatar = { version = "1.0.0", features = ["blake3"] }
131+
hashavatar = { version = "1.0.1", features = ["blake3"] }
132132
```
133133

134134
Enable additional raster formats explicitly:
135135

136136
```toml
137137
[dependencies]
138-
hashavatar = { version = "1.0.0", features = ["png", "jpeg", "gif"] }
138+
hashavatar = { version = "1.0.1", features = ["png", "jpeg", "gif"] }
139139
```
140140

141141
Or enable every optional raster encoder at once:
142142

143143
```toml
144144
[dependencies]
145-
hashavatar = { version = "1.0.0", features = ["all-formats"] }
145+
hashavatar = { version = "1.0.1", features = ["all-formats"] }
146146
```
147147

148148
Combine these as needed, for example `features = ["blake3", "png"]`.
@@ -162,7 +162,7 @@ license = "MIT OR Apache-2.0"
162162

163163
## Stable Contract
164164

165-
`1.0.0` freezes the crate's public API shape and documented rendering contract.
165+
The `1.x` series keeps the crate's public API shape and documented rendering contract stable.
166166
Patch releases should not intentionally change output for the same explicit
167167
rendering tuple except for correctness or security fixes. Minor releases may
168168
add opt-in features, output formats, avatar families, backgrounds, or visual
@@ -440,7 +440,7 @@ your namespace style version when intentionally migrating output.
440440

441441
```toml
442442
[dependencies]
443-
hashavatar = { version = "1.0.0", features = ["blake3"] }
443+
hashavatar = { version = "1.0.1", features = ["blake3"] }
444444
```
445445

446446
```rust
@@ -468,7 +468,7 @@ assert!(svg.contains("alien avatar"));
468468

469469
```toml
470470
[dependencies]
471-
hashavatar = { version = "1.0.0", features = ["xxh3"] }
471+
hashavatar = { version = "1.0.1", features = ["xxh3"] }
472472
```
473473

474474
```rust

docs/PANIC_POLICY.md

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,11 @@ Library code should return `Result` for caller-controlled invalid input. Panics
66

77
- Public rendering APIs return `AvatarSpecError` for unsupported dimensions instead of panicking.
88
- Rectangle helpers use saturating or clamping arithmetic so future internal placement changes cannot overflow or panic in these helpers.
9+
- `AvatarIdentity::byte` uses a debug-only assertion to catch internal digest
10+
offset mistakes in tests and debug builds. Release builds keep the
11+
non-panicking fallback for defense in depth.
912
- Tests may use `expect`, `panic`, and related assertions freely.
1013

11-
New production `unwrap`, `expect`, `panic`, or `unreachable` sites should be added only with a concrete invariant and a matching update to the validation script.
14+
New production `unwrap`, `expect`, `panic`, `debug_assert`, or `unreachable`
15+
sites should be added only with a concrete invariant and a matching update to
16+
the validation script.

docs/SECURITY_CONTROLS.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,9 @@
3939
- The temporary 256-bit RNG seed copy is stored in `zeroize::Zeroizing`, so the
4040
digest-derived seed copy is scrubbed on scope exit. The final value passed to
4141
`StdRng::from_seed` is also held in a `Zeroizing` guard before the copy into
42-
`StdRng`.
42+
`StdRng`. `StdRng::from_seed` still takes the seed by value, so a transient
43+
unguarded argument copy is part of the crate's documented by-value-copy
44+
zeroization caveat.
4345
- The procedural RNG itself is `rand::rngs::StdRng`. Its expanded internal
4446
state is not zeroized on drop because `StdRng` does not currently implement
4547
`ZeroizeOnDrop`. In the default SHA-512 mode, recovering the original
Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
# hashavatar 1.0.1
2+
3+
`1.0.1` is a maintenance and documentation release for `hashavatar`.
4+
5+
## Changed
6+
7+
- Refreshed compatible transitive dependencies in `Cargo.lock` and
8+
`fuzz/Cargo.lock`.
9+
- Updated the GitHub CI `taiki-e/install-action` pin to `v2.79.14`.
10+
- Lowered the manifest and toolchain MSRV to Rust `1.90.0` after validating the
11+
release gate and compatibility matrix.
12+
- Added a polished README header with the project image, documentation links,
13+
and Rust version support table.
14+
- Kept the README image in the repository while excluding `.github/images/**`
15+
from the published crate package.
16+
17+
## Security And Hardening
18+
19+
- Added a debug assertion for out-of-range internal identity digest byte access
20+
so future renderer mistakes fail in debug/test builds while release builds
21+
remain non-panicking.
22+
- Changed `AvatarSpec::pixel_count()` and `AvatarSpec::rgba_buffer_len()` to
23+
use saturating multiplication as defense-in-depth for future dimension-limit
24+
changes.
25+
- Clarified that the transient by-value seed argument passed to
26+
`StdRng::from_seed` is part of the documented zeroization residual.
27+
28+
## Compatibility Evidence
29+
30+
- Rust `1.90.0`: full release gate.
31+
- Rust `1.91.0` through `1.96.0`: `cargo check --features all-formats`.
32+
- Rust `1.90.0`: additional checks for `blake3 all-formats` and
33+
`xxh3 all-formats`.

fuzz/Cargo.lock

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

fuzz/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ publish = false
88
cargo-fuzz = true
99

1010
[dependencies]
11-
hashavatar = { path = "..", version = "1.0.0", features = ["fuzzing"] }
11+
hashavatar = { path = "..", version = "1.0.1", features = ["fuzzing"] }
1212
libfuzzer-sys = "0.4"
1313
roxmltree = "0.21.1"
1414

scripts/validate-panic-policy.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,9 @@ check_file() {
1717
if ($0 ~ /unreachable!\("SVG is handled outside AvatarOutputFormat"\)/) {
1818
allowed = 1
1919
}
20+
if ($0 ~ /debug_assert!\(/) {
21+
allowed = 1
22+
}
2023
if (!allowed) {
2124
printf "panic policy: unreviewed panic-like site in %s:%d: %s\n", FILENAME, FNR, $0 > "/dev/stderr"
2225
failed = 1

0 commit comments

Comments
 (0)