facebook / voprf

An implementation of a verifiable oblivious pseudorandom function (RFC 9497)
Apache License 2.0
58 stars 15 forks source link

Update curve25519-dalek requirement from =4.0.0-rc.1 to =4.0.0-rc.2 #108

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Updates the requirements on curve25519-dalek to permit the latest version.

Changelog

Sourced from curve25519-dalek's changelog.

Changelog

Entries are listed in reverse chronological order per undeprecated major series.

4.x series

4.0.0

Breaking changes

  • Update the MSRV from 1.41 to 1.60
  • Provide SemVer policy
  • Make digest an optional feature
  • Make rand_core an optional feature
  • Remove std feature flag
  • Remove nightly feature flag
  • Automatic serial backend selection between u32 and u64 over the default u32
  • Backend selection is now via cfg(curve25519_dalek_backend) over additive features.
  • Provide override to select u32 or u64 backend via cfg(curve25519_dalek_bits)
  • Replace methods Scalar::{zero, one} with constants Scalar::{ZERO, ONE}
  • Deprecate EdwardsPoint::hash_from_bytes and rename it EdwardsPoint::nonspec_map_to_curve
  • Require including a new trait, use curve25519_dalek::traits::BasepointTable whenever using EdwardsBasepointTable or RistrettoBasepointTable
  • Scalar::from_canonical_bytes now returns CtOption
  • Scalar::is_canonical now returns Choice

Other changes

  • Add precomputed-tables feature
  • Update Maintenance Policies for SemVer
  • Migrate documentation to docs.rs hosted
  • Fix backend documentation generation
  • Fix panic when Ristretto::double_and_compress_batch receives the identity point
  • Remove byteorder dependency
  • Update the criterion dependency to 0.4.0
  • Include README.md into crate Documentation
  • Update the rand_core dependency version and the rand dev-dependency version.
  • Relax the zeroize dependency to ^1
  • Update the edition from 2015 to 2021

3.x series

3.2.0

  • Add support for getting the identity element for the Montgomery form of curve25519, which is useful in certain protocols for checking contributory behaviour in derivation of shared secrets.

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
daxpedda commented 1 year ago

Already checked out the changelog, this is fine!