|
1 | 1 | # Changelog |
2 | 2 |
|
| 3 | +## [Unreleased] |
| 4 | + |
| 5 | +### Security |
| 6 | + |
| 7 | +- **Memory amplification protection**: Deserialization now validates that claimed sequence/string lengths are plausible given the remaining input, preventing DoS attacks where a small malicious payload could trigger large memory allocations. |
| 8 | +- **Duplicate map key detection**: Serialization now returns `Error::NonCanonicalMap` when duplicate keys are encountered instead of silently dropping duplicates, ensuring data integrity. |
| 9 | + |
| 10 | +### Added |
| 11 | + |
| 12 | +- `to_bytes_with_capacity()` function for pre-allocating output buffers when the serialized size is known or estimated, reducing allocations. |
| 13 | +- Comprehensive `# Errors` documentation sections on all public functions. |
| 14 | +- `#[must_use]` attribute on `is_human_readable()`. |
| 15 | +- Explicit `#![forbid(unsafe_code)]` via Cargo.toml lints section. |
| 16 | +- Full pedantic clippy lint compliance with minimal, justified exceptions for binary serialization casts. |
| 17 | +- `rustfmt.toml` configuration for consistent code formatting. |
| 18 | + |
| 19 | +### Changed |
| 20 | + |
| 21 | +- **Optimized ULEB128 encoding/decoding**: Added fast paths for single-byte values (0-127), which are common for sequence lengths and enum variant indices. |
| 22 | +- **Optimized bulk byte reading**: Deserialization now uses slice splitting instead of byte-by-byte copying for integer parsing. |
| 23 | +- **Added `#[inline]` hints** on hot serialization/deserialization paths for better performance. |
| 24 | +- Replaced `sort_by` with `sort_unstable_by` for map key sorting (faster, no stability needed for unique keys). |
| 25 | + |
| 26 | +### CI/CD |
| 27 | + |
| 28 | +- Added separate CI jobs for formatting (`cargo fmt`), linting (`cargo clippy`), testing, coverage, documentation, and MSRV verification. |
| 29 | +- Added code coverage reporting with Codecov integration and 90% line coverage threshold. |
| 30 | +- Added Minimum Supported Rust Version (MSRV) check at Rust 1.78.0. |
| 31 | +- Improved CI caching for faster builds. |
| 32 | +- Documentation builds now use `-D warnings` to catch doc issues. |
| 33 | + |
| 34 | +### Testing |
| 35 | + |
| 36 | +- Expanded test suite with security-focused tests for memory amplification and duplicate key detection. |
| 37 | +- Added tests for `to_bytes_with_capacity`, `from_bytes_seed`, and other previously uncovered code paths. |
| 38 | +- Improved benchmark suite with comprehensive type coverage and deserialization benchmarks. |
| 39 | + |
3 | 40 | ## [v0.1.1] - 2020-12-11 |
4 | 41 | - Renaming crate into "bcs". |
5 | 42 |
|
6 | 43 | ## [v0.1.0] - 2020-11-17 |
7 | 44 | - Initial release. |
8 | 45 |
|
| 46 | +[Unreleased]: https://github.com/diem/bcs/compare/v0.1.1...HEAD |
9 | 47 | [v0.1.1]: https://github.com/diem/bcs/releases/tag/v0.1.1 |
10 | 48 | [v0.1.0]: https://github.com/diem/bcs/releases/tag/v0.1.0 |
0 commit comments