Skip to content

elliptic-curve v0.11.10 #923

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tarcieri wants to merge 2 commits into from
Closed

elliptic-curve v0.11.10 #923

tarcieri wants to merge 2 commits into from

Conversation

@tarcieri
Copy link
Member

@tarcieri tarcieri commented Jan 27, 2022

Changed

Notes

We've received a number of complaints about zeroize compatibility (see RustCrypto/utils#723), which was exacerbated by #884 which bumped the zeroize version within a minor version series.

I had hoped the cargo resolver would've been able to select an older compatible version of zeroize in these cases, but I've gotten a lot of reports that isn't happening.

This release reverts #884 in hopes of supporting a wider range of zeroize versions for now. It's technically breaking in the event anyone is actually depending on ZeroizeOnDrop marker traits on these types, but it seems we've already broken things for current users and that's the much higher impact issue.

@tarcieri
Revert "Implement ZeroizeOnDrop on appropriate items (#884)"
cae1cdf 
This reverts commit e5b9920.
@tarcieri
elliptic-curve v0.11.10
cad4e11 
We've received a number of complaints about `zeroize` compatibility
(see RustCrypto/utils#723), which was exacerbated by #884 which bumped
the `zeroize` version within a minor version series.

I had hoped the cargo resolver would've been able to select an older
compatible version of zeroize in these cases, but I've gotten a lot of
reports that isn't happening.

This release reverts #884 in hopes of supporting a wider range of
`zeroize` versions for now. It's technically breaking in the event
anyone is actually depending on `ZeroizeOnDrop` marker traits on these
types, but it seems we've already broken things for current users and
that's the much higher impact issue.
@tarcieri
Copy link
Member Author

tarcieri commented Jan 27, 2022

cc @daxpedda

As it were, you originally warned about this being a breaking change on #884. Apparently I should've listened 😅

@tarcieri
Copy link
Member Author

tarcieri commented Jan 27, 2022

Went ahead and released and tagged this branch.

It's unmergable, as master is already the v0.12 prerelease series. I'll open a separate PR to incorporate a changelog entry.

@tarcieri tarcieri closed this Jan 27, 2022
@tarcieri tarcieri deleted the elliptic-curve/v0.11.10 branch January 27, 2022 19:17
tarcieri added a commit that referenced this pull request Jan 27, 2022
@tarcieri
elliptic-curve: v0.11.10 changelog entry
0c7f925 
The `master` branch is already the v0.12 prerelease series, however
another v0.11 release was cut in #923.

This adds a changelog entry, as well as "yanked" crate markers for
releases which depend on `zeroize` v1.5, which #923 downgrades.
@tarcieri tarcieri mentioned this pull request Jan 27, 2022
Merged
tarcieri added a commit that referenced this pull request Jan 27, 2022
@tarcieri
elliptic-curve: v0.11.10 changelog entry (#924)
6b05134 
The `master` branch is already the v0.12 prerelease series, however
another v0.11 release was cut in #923.

This adds a changelog entry, as well as "yanked" crate markers for
releases which depend on `zeroize` v1.5, which #923 downgrades.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tarcieri