Release: v1.5.22

Weekly release for July 07 2025

Release Summary

• Add a new security policy for CRT that supports FIPS and TLS1.2.
• The fmt::Debug message for application errors in the Rust bindings now use the application error's fmt::Debug implementation, rather than a generic message.

What's Changed

• chore(ci): add a cargo timing buildspec by @dougch in #5176
• build(deps): update pprof requirement from 0.14 to 0.15 in /bindings/rust/standard by @dependabot in #5334
• refactor(examples): remove connection pool by @jmayclin in #5353
• ci: Fix the sslyze test for nix by @dougch in #5283
• Include application message in Debug impl by @Mark-Simulacrum in #5359
• build: prevent needless rebuild with S2N_INTERN_LIBCRYPTO=ON and Ninja by @kou in #5356
• build(deps): bump baptiste0928/cargo-install from 3.3.0 to 3.3.1 in /.github/workflows in the all-gha-updates group by @dependabot in #5361
• tests(integv2): fix flaky session resumption test by @lrstewart in #5362
• tests(integ): add more debug logging by @lrstewart in #5363
• build(deps): bump nixbuild/nix-quick-install-action from 30 to 31 in /.github/workflows in the all-gha-updates group by @dependabot in #5366
• build(deps): bump nixbuild/nix-quick-install-action from 31 to 32 in /.github/workflows in the all-gha-updates group by @dependabot in #5371
• fix: policy util should ignore deprecated TLS1.2 kems if missing by @lrstewart in #5372
• chore: apply clippy and fmt fixes by @boquan-fang in #5386
• feature: new TLS1.2 + FIPS CRT security policy by @lrstewart in #5375

Full Changelog: v1.5.21...v1.5.22