|
1 | 1 | # Changelog |
2 | 2 |
|
| 3 | +## [0.0.11] - 2026-02-28 |
| 4 | + |
| 5 | +### <!-- 0 -->⛰️ Features |
| 6 | + |
| 7 | +- Support server-side tls handshake completion path |
| 8 | +- Add server-side tls clienthello processing API |
| 9 | +- Add serverhello builder from clienthello |
| 10 | +- Integrate server alpn selection from clienthello |
| 11 | +- Enforce zero-rtt frame allowlist with regressions |
| 12 | +- Enforce strict initial handshake frame allowlist |
| 13 | +- Enforce crypto frame legality by packet space |
| 14 | +- Tighten handshake_done legality across packet spaces |
| 15 | +- Tighten unknown reserved frame handling by packet space |
| 16 | +- Propagate alpn mismatch as deterministic handshake close |
| 17 | +- Add server-side alpn selection policy helper |
| 18 | +- Normalize negotiation result across tls and ssh |
| 19 | +- Add explicit mode capability matrix |
| 20 | +- Enforce packet-space frame legality matrix |
| 21 | +- Require integrated tls server hello for readiness |
| 22 | +- Consume tls transport params from server hello |
| 23 | +- Enforce tls alpn verification and establish gating |
| 24 | +- Gate stream read and close on negotiation readiness |
| 25 | +- Gate app stream traffic on negotiated handshake |
| 26 | +- Add handshake negotiated readiness check |
| 27 | +- Add negotiation snapshot API |
| 28 | +- Expose negotiated alpn in connected metadata |
| 29 | +- Wire tls config alpn into connect handshake |
| 30 | +- Parse tls extensions and capture alpn |
| 31 | +- Encode tls extensions and client params |
| 32 | +- Refine connection state transitions and frame validation |
| 33 | + |
| 34 | +### <!-- 1 -->🐛 Bug Fixes |
| 35 | + |
| 36 | +- Reject reserved frame types in application space |
| 37 | +- Unify tls handshake failure taxonomy and close mapping |
| 38 | +- Validate ssh handshake transport params |
| 39 | +- Close on stream receive flow control violations |
| 40 | +- Enforce local receive stream data limits |
| 41 | +- Enforce negotiated per-stream data limits |
| 42 | +- Apply peer transport params via API |
| 43 | +- Enforce transport parameter validation and stream limits |
| 44 | + |
| 45 | +### <!-- 6 -->🧪 Testing |
| 46 | + |
| 47 | +- Add targeted loss detection and ack safety regressions |
| 48 | +- Add targeted pto and ack-eliciting recovery regressions |
| 49 | +- Harden connection-level flow-control edge conformance |
| 50 | +- Add packet-space frame legality matrix baseline |
| 51 | +- Extend packet-space legality regressions for token and cid frames |
| 52 | +- Add ALPN boundary validation in integrated tls path |
| 53 | +- Reject duplicate tls extensions in integrated handshake path |
| 54 | +- Expand tls handshake failure matrix coverage |
| 55 | +- Add paired tls ssh regression scenarios |
| 56 | +- Enforce closeStream readiness semantics |
| 57 | + |
| 58 | +### <!-- 7 -->⚙️ Miscellaneous Tasks |
| 59 | + |
| 60 | +- Add dedicated dual-mode regression ci target |
| 61 | + |
3 | 62 | ## [0.0.10] - 2026-02-27 |
4 | 63 |
|
5 | 64 | ### <!-- 1 -->🐛 Bug Fixes |
|
0 commit comments