All Versions
19
Latest Version
Avg Release Cycle
10 days
Latest Release
374 days ago

Changelog History
Page 2

  • v1.3.1

    November 24, 2019

    ๐Ÿš€ Release v1.3.1 (Nov 24, 2019)

    Issue #46 resulted in filing an errata to RFC 7049 (CBOR) after the same mistake was found in both 7049 and Wikipedia. RFC 7049 author (cabo) confirmed within an hour directly in #46 which was super nice of him.

    I'll let fuzzing continue for 1-10 days, due in part to issue #46 and initial valid fuzzing corpus. Maybe it'll generate fewer corpus files this time to reach a good stopping point.

    ๐Ÿ›  Most users of v1.3.0 won't notice any practical difference from these bugfixes. They involve data validation rules and an obscure difference in sorting rule for canonical encoding.

    ๐Ÿ”„ Changes include:

    • ๐Ÿ›  Fix: Relax decoding restriction on CBOR int to Go float (commit 71ea0c5)
    • ๐Ÿ›  Fix: Separate CTAP2 and RFC 7049 canonical encoding (commit 7164aa3)
    • ๐Ÿ›  Fix: Reject indefinite-length byte/text string if chunks are indefinite-length (commit a4adae8)
    • ๐Ÿ›  Fix: Reject CBOR primitive 2-byte simple value < 32 (commit aa44241)

    ๐Ÿš€ This release passed 877k+ executions (19 hours, and still running) of coverage-guided fuzzing using fxamacker/cbor-fuzz.

    workers: 2, corpus: 403 (48s ago), crashers: 0, restarts: 1/10000, execs: 877930249 (12405/sec), cover: 1501, uptime: 19h39m
    
  • v1.3.0

    November 21, 2019

    ๐Ÿ†• New struct tags "keyasint" and "toarray" make it easy to use Go structs with CBOR maps and arrays. Using COSE, CWT, SenML, etc. is more natural with less programming effort.

    ๐Ÿš€ Encoding and decoding speed is faster than prior releases due to safe optimizations. Encoding speed and structs got the biggest speedups.

    ๐Ÿš€ Benchmark comparisons are hard in v1.3 because older releases lack "keyasint" and "toarray". Some of the biggest speedups are from no longer having to use Go maps with COSE, CWT, SenML, etc.

    Specific changes include:

    • ๐Ÿ”‹ Feature: Encode/Decode CBOR map with integer keys to Go struct with "keyasint" struct tag (commit 3cbdc26)
    • ๐Ÿ”‹ Feature: Encode/Decode CBOR array to Go struct with "toarray" struct tag (commit 07c8226)
    • ๐Ÿ›  Fix: Skip embedded struct pointed to by nil pointer during encoding (commit 593ee34)
    • Speed: Improve decoding speed (commit 726c423, 23d2052)
    • Speed: Improve encoding speed (commit 8ea465d, d85552b, 90423eb, 05e6b7c)
    • โ™ป๏ธ Misc: Refactor (commit ca1f6f1, be23d57, 1e745c3)
    • Misc: Add examples and benchmarks (commit 61d7682, 2964577, 6c17db7)

    ๐Ÿš€ This release passed 2+ billion executions (72 hours) of coverage-guided fuzzing using fxamacker/cbor-fuzz v0.7.0:

    workers: 2, corpus: 719 (72h27m ago), crashers: 0, restarts: 1/10000, execs: 2275843330 (8725/sec), cover: 1492, uptime: 72h27m
    
  • v1.2.0

    November 05, 2019

    ๐Ÿ”„ Changes include:

    • ๐Ÿ”‹ Feature: Add RawMessage, Marshaler, and Unmarshaler (commit 1a29187)
    • Speed: Improve decoding into struct speed by +23% (commit 9ff43a1)
    • ๐Ÿ›  Fix: Return error on decoding unsupported CBOR neg int (commit 47055e7)
    • Misc: Add benchmarks using COSE and WebAuthn data (commit 22732d7)
    • โœ… Misc: Add more tests, including malicious CBOR data (credit: oasislabs/oasis-core)
    • โšก๏ธ Misc: Update README.md

    ๐Ÿš€ This release passed 42 hours of fuzzing with fxamacker/cbor-fuzz v0.7.0.

  • v1.1.2

    October 23, 2019

    Prevent an inappropriate use of BinaryUnmarshaler.

    Specifically, don't allow CBOR byte string (major type 2) as input to Go's Time.UnmarshalBinary.

    ๐Ÿ‘€ Time values should only be encoded/decoded using these CBOR data types: pos or neg integer, float, and text string. For more info, see RFC 7049 section 2.4.1.

    ๐Ÿ‘€ For details, see commit 34ffc3a.

    ๐Ÿš€ This release passed 24+ hours of fuzzing with fxamacker/cbor-fuzz v0.6.0.

  • v1.1.1

    October 18, 2019

    ๐Ÿ‘Œ Improve slice encoding speed by 50%, struct by 30%, and map by 14%.

    ๐Ÿ‘€ For details, see commit 29e05d7.

  • v1.1.0

    October 08, 2019

    โž• Add support for encoding.BinaryMarshaler and encoding.BinaryUnmarshaler interfaces.

    • Encoder encodes value implementing encoding.BinaryMarshaler as CBOR byte string.
    • Decoder decodes CBOR byte string into a value implementing encoding.BinaryUnmarshaler.

    ๐Ÿ‘€ For details, see commit 602ddc7 closing Issue #5.

  • v1.0.1

    October 08, 2019

    โ™ป๏ธ Code refactoring and README updates.

    • ๐Ÿ‘Œ Improve gocyclo score to 80% (was 70%) (commit 61c97a2)
    • โ™ป๏ธ Refactoring (commits 00264a3, 79019c2)
    • โšก๏ธ Update README.md (commit c293594)
  • v1.0.0

    September 29, 2019

    cbor v1.0.0 stable for Go 1.12+.

  • v0.5.0

    September 15, 2019

    โ™ป๏ธ Refactored and improved test coverage to 97%:

    • โœ‚ Removed unused type InvalidValueError.
    • โ™ป๏ธ Refactored and removed unreachable code (redundant error/bounds checking).
    • โž• Added tests for edge cases.
    • โฌ‡๏ธ Reduced compiled library size.