Skip to content

release: publish v0.8.0#604

Merged
EffortlessSteven merged 1 commit into
mainfrom
release/v0.8.0
May 12, 2026
Merged

release: publish v0.8.0#604
EffortlessSteven merged 1 commit into
mainfrom
release/v0.8.0

Conversation

@EffortlessSteven

Copy link
Copy Markdown
Member

Summary

TLS contract-pack and public crate-surface cleanup release. Bumps workspace from v0.7.x to v0.8.0.

What's new

TLS contract pack

Task-first user docs sweep

Five new how-to pages: Vault KV export (#590), build.rs materialize (#591), WebAuthn ceremony validation (#592), PKCS#11 mock fixtures (#593), webhook signature validation (#594).

Public crate-surface cleanup

29 published-internal shim crates removed. v0.7.0 folded their content into owner crate `srp::*` modules; v0.7.x kept the shims as compatibility re-exports; v0.8.0 removes them entirely. The v0.7.x crate versions remain on crates.io as historical records.

Publish-system hardening

Toolchain

No MSRV change. v0.8.0 stays on Rust 1.95.

Claim boundary

`uselesskey` is a test-fixture layer. It is not production key management, scanner evasion, or cryptographic assurance.

Validation

Local validation (worktree):

  • `cargo xtask public-surface` — ok
  • `cargo xtask docs-sync --check` — ok
  • `cargo xtask publish-preflight` — ok
  • `cargo xtask publish-check` — ok

CI will run the full `xtask pr` lane (bdd, full test matrix, fuzz build, clippy, etc.) plus the rest of `release-evidence --version 0.8.0 --summary` (TLS contract-pack proof, scanner-safe proof, OIDC proof, economics, audit-surface, perf, mutants-nightly --scope public). The local lane couldn't complete the fuzz build because the agent ran from a worktree where `cargo fuzz` resolves `fuzz/Cargo.toml` against the main-checkout workspace root.

Post-merge

  1. Tag v0.8.0 on the merge commit and push the tag.
  2. `release.yml` runs end-to-end with `cargo xtask publish`.
  3. Verify all 22 publishable crates land at 0.8.0 on crates.io.
  4. `gh release edit v0.8.0 --notes-file <$TEMP/v0.8.0-release-body.md>` to swap in the hand-written body.
  5. Run `cargo xtask cratesio-smoke --version 0.8.0` post-publish to prove the registry user path.
  6. Complete the v0.8.0 post-release audit per `docs/release/post-release-audit.md`.

References

  • v0.7.0 retrospective: `docs/release/v0.7.0-lessons-learned.md`
  • Publish recovery procedures: `docs/release/publish-recovery.md`
  • v0.7.x -> v0.8.0 migration guide: `docs/how-to/migrate-to-v0.8.md`

Test plan

TLS contract-pack and public crate-surface cleanup release. Bumps
workspace to 0.8.0. CHANGELOG entry curated from merged PRs:
#485-#605 (TLS lane #585/#587/#588/#589, task-first how-tos
#590-#594, SRP collapse #595/#598/#599/#602, migration guide #603,
Clippy ratchets #505, dep bumps #484-#491).
@gemini-code-assist

Copy link
Copy Markdown

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@coderabbitai

coderabbitai Bot commented May 12, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 2 minutes and 34 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 2c539f27-0b66-4d76-86de-b68a8376168f

📥 Commits

Reviewing files that changed from the base of the PR and between 6633eae and 1b2bb97.

⛔ Files ignored due to path filters (1)
  • Cargo.lock is excluded by !**/*.lock
📒 Files selected for processing (47)
  • CHANGELOG.md
  • Cargo.toml
  • README.md
  • crates/materialize-buildrs-example/Cargo.toml
  • crates/materialize-shape-buildrs-example/Cargo.toml
  • crates/uselesskey-aws-lc-rs/Cargo.toml
  • crates/uselesskey-aws-lc-rs/README.md
  • crates/uselesskey-axum/Cargo.toml
  • crates/uselesskey-bdd-steps/Cargo.toml
  • crates/uselesskey-bench/Cargo.toml
  • crates/uselesskey-cli/Cargo.toml
  • crates/uselesskey-cli/README.md
  • crates/uselesskey-core/Cargo.toml
  • crates/uselesskey-ecdsa/Cargo.toml
  • crates/uselesskey-ed25519/Cargo.toml
  • crates/uselesskey-entropy/Cargo.toml
  • crates/uselesskey-feature-grid/Cargo.toml
  • crates/uselesskey-hmac/Cargo.toml
  • crates/uselesskey-jsonwebtoken/Cargo.toml
  • crates/uselesskey-jsonwebtoken/README.md
  • crates/uselesskey-jwk/Cargo.toml
  • crates/uselesskey-pgp/Cargo.toml
  • crates/uselesskey-pkcs11-mock/Cargo.toml
  • crates/uselesskey-ring/Cargo.toml
  • crates/uselesskey-ring/README.md
  • crates/uselesskey-rsa/Cargo.toml
  • crates/uselesskey-rustcrypto/Cargo.toml
  • crates/uselesskey-rustcrypto/README.md
  • crates/uselesskey-rustls/Cargo.toml
  • crates/uselesskey-rustls/README.md
  • crates/uselesskey-ssh/Cargo.toml
  • crates/uselesskey-test-grid/Cargo.toml
  • crates/uselesskey-test-server/Cargo.toml
  • crates/uselesskey-test-support/Cargo.toml
  • crates/uselesskey-token/Cargo.toml
  • crates/uselesskey-tonic/Cargo.toml
  • crates/uselesskey-tonic/README.md
  • crates/uselesskey-webauthn/Cargo.toml
  • crates/uselesskey-webhook/Cargo.toml
  • crates/uselesskey-x509/Cargo.toml
  • crates/uselesskey/Cargo.toml
  • crates/uselesskey/README.md
  • crates/uselesskey/src/lib.rs
  • docs/how-to/choose-features.md
  • docs/how-to/materialize-fixtures-in-build-rs.md
  • docs/metadata/workspace-docs.json
  • tests/Cargo.toml
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch release/v0.8.0

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@EffortlessSteven EffortlessSteven merged commit a8a32b9 into main May 12, 2026
6 checks passed
@EffortlessSteven EffortlessSteven deleted the release/v0.8.0 branch May 12, 2026 20:49
@EffortlessSteven

Copy link
Copy Markdown
Member Author

Post-release audit for v0.8.0: pass. Release visible at https://github.com/EffortlessMetrics/uselesskey/releases/tag/v0.8.0 with the hand-written fixture-layer boundary. Tag v0.8.0 points at a8a32b9f5373fda29e74553f0a73a89aa526a018. release.yml run 25761411730 succeeded across preflight, publish, and release jobs. cargo search uselesskey --limit 5 shows uselesskey = "0.8.0" and uselesskey-cli = "0.8.0". The merged PUBLISH_CRATES list contains 24 crates, not 22; the extra shipped crates versus the handoff list are uselesskey-pkcs11-mock and uselesskey-test-server. cargo info <crate> --registry crates-io showed all 24 at 0.8.0. Removed shim spot-check passed: uselesskey-core-cache, uselesskey-core-hmac-spec, uselesskey-core-rustls-pki, uselesskey-pgp-native, and uselesskey-jose-openid remain at 0.7.1. Docs.rs is queued, not complete yet: v0.8.0 docs URLs currently return 404, latest still shows 0.7.1, and the docs.rs queue contains uselesskey 0.8.0; this is not a republish reason. Local checks passed: cargo xtask cratesio-smoke --version 0.8.0, cargo xtask public-surface, cargo xtask publish-check, cargo xtask scanner-safe-reference --check, cargo xtask bundle-proof --profile tls --out target/release-evidence/tls, cargo xtask docs-sync --check, cargo xtask publish-preflight, and cargo xtask no-blob. Open follow-up: monitor docs.rs until 0.8.0 is live or failed; no publish gap found.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant