Releases: Entrolution/cdx-core
Releases · Entrolution/cdx-core
v0.7.0
Changed
- Breaking:
ExtensionMark::glossary()now emits"ref"instead of"termId"to match the spec'sglossaryMarkschema - Breaking:
GlossaryRef.term_idserializes as"ref"instead of"termId" - Deserialization accepts both old
"termId"and new"ref"for backward compatibility
Added
ExtensionMark::get_glossary_ref()helper supporting both"ref"and legacy"termId"keysExtensionMark::normalize_glossary_attrs()to migrate"termId"→"ref"in-place- Backward-compatibility tests for glossary
"termId"deserialization
v0.6.0
Changed
- Breaking:
Citation.reference(String) renamed toCitation.refs(Vec<String>) to support multi-citation clusters (e.g.,[smith2023; jones2024]) - Breaking:
ExtensionMark::citation()andcitation_with_page()now emit"refs"(array) instead of"ref"(string) - Deserialization accepts both old
"ref"(string) and new"refs"(array) for backward compatibility
Added
Citation::multi()constructor for multi-reference citationsCitation::first_ref()andCitation::refs()accessorsExtensionMark::multi_citation()convenience constructorExtensionMark::get_string_array_attribute()for array-typed attributesExtensionMark::get_citation_refs()helper supporting both"refs"and legacy"ref"keysExtensionMark::normalize_citation_attrs()to migrate"ref"→"refs"in-placeExtensionBlock::get_string_array_attribute()for parity withExtensionMark- Backward-compatibility conformance tests for singular
"ref"deserialization - Multi-reference citation roundtrip tests
v0.5.0
Changed
Spec Serialization Compliance
- Breaking:
Mark::Math { value }field renamed toMark::Math { source }to match spec - Breaking: Simple marks (Bold, Italic, etc.) now serialize as strings (
"bold") instead of objects ({"type":"bold"}) - Breaking: Extension marks serialize with colon-delimited type (
"semantic:citation") instead of wrapper ({"type":"extension","namespace":"semantic","markType":"citation"}) - Breaking: Extension blocks serialize with colon-delimited type (
"academic:theorem") instead of wrapper format - Breaking:
Block::block_type()returnsCow<'_, str>instead of&'static str; extension blocks return"namespace:blockType"instead of"extension" FigCaptionblock type serializes as"figcaption"(lowercase) instead of"figCaption"- All old formats are accepted on deserialization for backward compatibility
CLI Restructuring
- Split
cdx-cli/src/main.rsintocli.rs(argument definitions),dispatcher.rs(command dispatch), andmain.rs(entry point)
Added
Spec Conformance Testing
- Conformance test suite (
tests/conformance.rs) covering all 78 testable spec requirements - Conformance matrix (
docs/conformance-matrix.md) mapping spec sections to tests — 78/79 PASS, 0 TODO - Hash boundary tests verifying document ID includes/excludes correct fields
- Asset embedding tests: hash verification, missing file detection, hash mismatch errors
- State machine enforcement tests for review/frozen/published requirements
- Provenance/lineage validation tests
- Property-based tests using proptest for hash determinism, metadata inclusion, block round-trips
- Fuzz targets for Block, Mark, and Content deserialization (
fuzz/fuzz_targets/)
Security Policy
- Added
SECURITY.mdwith supported versions and vulnerability reporting process
v0.4.0
Added
Unified Anchor System
ContentAnchorfor block-level, point, and range anchorsContentAnchorUrifor URI format parsing/formatting (#blockId/start-end)Mark::Anchor { id }variant for named anchor marks in text- Full bidirectional conversion between anchor types
Phantom Extension
PhantomClustersfor off-page annotation clustersPhantomClusterwith anchor, scope, author, and metadataPhantomwith position, size, content, and connectionsPhantomScopefor visibility control (Shared, Private, Role-based)PhantomConnectionwith style options (Line, Arrow, Dashed)- Connection validation with cycle detection
- Archive integration:
read_phantoms()andwrite_phantoms()
Scoped Signatures
SignatureScopefor layout attestation- JCS (RFC 8785) serialization for deterministic scope hashing
Signature.scopefield for scoped signature supportwith_layout()builder for adding layout hashes
Declarative Validation Rules
ValidationRule::ContainsUppercase- requires uppercase letterValidationRule::ContainsLowercase- requires lowercase letterValidationRule::ContainsDigit- requires digitValidationRule::ContainsSpecial- requires special characterValidationRule::MatchesField- cross-field validation
Collaboration
Collaborator.colorfield for real-time cursor coloringwith_color()builder method
Spec Compliance: Core Struct Fields (PR #66)
PhantomsRefstruct andphantomsfield onManifestKeyManagementAlgorithmenum andkey_managementfield onEncryptionMetadataephemeral_public_keyfield onRecipientTrustedTimestampstruct andtimestampfield onSignature
Spec Compliance: Content & Extension Fields (PR #67)
CodeTokenstruct,highlightingandtokensfields onCodeBlockFigureNumberingenum,Subfigurestruct,numberingandsubfiguresfields onFigureBlockusesandrestatefields onTheoremStructuralInduction,Counting,Probabilisticvariants onProofMethodstart_linefield onAlgorithmdocketfield onCaption
Spec Compliance: Key Wrapping (PR #71)
EcdhEsKeyWrapperandEcdhEsKeyUnwrapperfor ECDH-ES+A256KW key agreement (RFC 7518 / RFC 3394)WrappedKeyDatastruct for wrapped content encryption keys- New
key-wrappingfeature flag (depends onencryption, addsaes-kwandhkdf)
Spec Compliance: Extended Key Wrapping + BOM (PR #73)
RsaOaepKeyWrapperandRsaOaepKeyUnwrapperfor RSA-OAEP-256 key wrappingPbes2KeyWrapperandPbes2KeyUnwrapperfor PBES2-HS256+A256KW password-based key wrapping- New
key-wrapping-rsaandkey-wrapping-pbes2feature flags - UTF-8 BOM stripping for all JSON files in archive reader
Spec Compliance: Form Conditional Validation (PR #75)
ConditionalValidation,Condition,ConditionOperator,ConditionalActiontypesconditional_validationfield on all 7 form field types- Supports
equals,notEquals,isEmpty,isNotEmptyoperators
Spec Compliance: Advanced Presentation (PR #76)
TypographyConfigwithLineNumbering,BaselineGrid,HyphenationConfigColumnLayoutandGridLayoutwithGridAreafor multi-column and CSS Grid layoutsTocConfigwithTocLeadersfor table of contents configurationFootnotesConfig,FootnotePosition,FootnoteSeparatorfor footnote placement and stylingEndnotesConfigfor endnote section configuration
Changed
Spec Compliance: Validation Fixes (PR #70)
- Relax lineage validation: root (non-forked) documents can now reach Frozen/Published without lineage
- Enforce manifest-first ordering in archive reader (error instead of silent acceptance)
- Add decompression bomb protection: 256 MiB file size limit with declared-size pre-check and bounded reads
- Add
is_url_safe_path()utility for spec SHOULD-level asset path validation - Add
FileTooLargeandInvalidArchiveStructureerror variants
Dependencies
- Coordinated RustCrypto ecosystem upgrade:
rand_core0.6 → 0.10 (stable);der0.7 → 0.8 (stable)p2560.13 → 0.14.0-rc;p3840.13 → 0.14.0-rc;ecdsa0.16 → 0.17.0-rcrsa0.9 → 0.10.0-rc;x509-cert0.2 → 0.3.0-rc- Migrate from
OsRng/fill_bytestogetrandom::fillandGeneratetrait - Use
rsa::sha2::Sha256for RSA operations (sha2 0.10 → 0.11 split) - Use
PublicKey::from_sec1_bytesfor P-256 key parsing (replacesEncodedPointchain) - Use
tbs_certificate()/serial_number()/extensions()accessors (x509-cert 0.3 made fields private)
- Replace
fips204with RustCryptoml-dsa0.1.0-rc for ML-DSA-65 signatures (uses standardsignature::Signer/Verifiertraits, 32-byte seed key format) - Bump
zipfrom 7.2 to 8.0 (resolves yanked 7.4.0; no code changes required) - Bump
assert_cmdfrom 2.0 to 2.1.2 - Update
keccakfrom 0.1.5 (yanked) to 0.1.6
Code Quality
- Enable
clippy::pedanticincdx-cli(already zero warnings; prevents regressions) - Remove unused
PropertySchemavariants (Integer,Number,Boolean) and their match arms - Replace
strumderive macros for ~10 enum Display implementations (PR #55) - Extract shared crypto helpers into
crypto_commonmodule (PR #57) - Fix all pedantic lint warnings across workspace (PR #58)
- Tighten
cargo-denyconfiguration:yanked = "deny", remove unused license allowances - Replace
clippy::too_many_argumentssuppressions with parameter structs in CLI (PR #64) - Bump
uniffifrom 0.28 to 0.31 incdx-swift-bridge(PR #65)
Breaking Changes
- Paginated presentation:
blockRefrenamed toblockId,blockRefstoblockIds - Forms: Removed
ValidationRule::Custom(executable expressions prohibited per DD-010/DD-019) - EquationGroup (PR #74):
Equationrenamed toEquationLine,latexfield renamed tovalue,equationsfield renamed tolines, addedtagfield, addedAlignatenvironment variant - Legal SignatureBlock (PR #74):
SignatoryandFirmInfoflattened intoLegalSigner, addedrolefield onLegalSignatureBlock - ML-DSA (PR #78): Switched from
fips204to RustCryptoml-dsacrate;MlDsaSigner::from_bytesnow accepts a 32-byte seed (was 4032-byte expanded key); key/signature bytes are incompatible with priorfips204-based output
CI
- Increase cargo-tarpaulin timeout to 180s and make coverage non-blocking (
continue-on-error)
Documentation
- Clarified lineage requirements: parent only required for forked documents
- Clarified hash scope: document ID covers semantic content only, not layout
- Fix MSRV in CONTRIBUTING.md (1.85 → 1.88)
- Add security audit documentation (
cargo audit,cargo deny) to CONTRIBUTING.md