7.0.0-dev10

Added

• GET and HEAD /node/ledger-chunk?since={seqno} and /node/ledger-chunk/{chunk_name} endpoints, gated by the LedgerChunkDownload RPC interface operator feature. See documentation for more detail.
• GET and HEAD /node/ledger-chunk/{chunk_name} and /node/snapshot/{snapshot_name} now support the Want-Repr-Digest request header and return the Repr-Digest response header accordingly (RFC 9530). Supported algorithms are sha-256, sha-384, and sha-512. If no supported algorithm is requested, the server defaults to sha-256 (#7650).
• ETag and If-None-Match support on GET /node/ledger-chunk/{chunk_name}, using SHA-256 by default for the ETag response header. Clients can supply If-None-Match with sha-256, sha-384, or sha-512 digest ETags to avoid re-downloading unchanged content (#7652).

Changed

• ccf::crypto::HashProvider::Hash() has been renamed to ccf::crypto::HashProvider::hash() for consistency with the rest of the API (#7660).

Fixed

• Only rollback uncommittable indices during become_leader (#7620)
• x509 parsing now correctly handles times validity beyond 2262. To support this, some public function signatures (ccf::ds::time_point_from_string(), ccf::crypto::Verifier::remaining_seconds()) now use time_points from ccf::nonstd::SystemClock rather than std::chrono::system_clock (#7648)

6.0.23

Changed

• Updated the Python cryptography package constraint to allow 46.x versions (< 47).

6.0.22

Fixed

• x509 parsing now correctly handles times validity beyond 2262. To support this, some public function signatures (ccf::ds::time_point_from_string(), ccf::crypto::Verifier::remaining_seconds()) now use time_points from ccf::nonstd::SystemClock rather than std::chrono::system_clock (#7648)

6.0.21

Fixed

• Snapshot fetching requests now handle either inclusive-end or exclusive-end content-range headers, for compatibility with 7.x nodes.
• Primaries now indicate all of their chunk-ending transactions in the transaction header, for better interop with 7.x nodes. Upgrades must create a snapshot from the network after it has upgraded to this version, and provide that to joining 7.x nodes.

6.0.20

Fixed

• Join client now sets SNI correctly (#7622)

7.0.0-dev9

Fixed

• Join client now sets SNI correctly (#7622)
• CBOR and COSE dependencies are now internal, and their headers are no longer exposed (#7616, #7617).

6.0.19

Changed

• Partial revert to fetch_recent_snapshot behaviour. Nodes will now use a local snapshot if available and sufficiently fresh, and only prefer the peer's snapshot if it is newer (#7589).

7.0.0-dev8

Fixed

• Linking issue that could affect applications that do not include main.cpp in their executable (#7595)
• Fixed two issues that could affect build reproducibility (#7606, #7607)
• Python test dependency update (#7609)

7.0.0-dev7

Added

• Experimental self-healing-open protocol for automatically transitioning-to-open during a disaster recovery without operator intervention. (#7189)

Changed

• Improved ccf::historical::verify_self_issued_receipt - now can verify receipts signed by the past service identities if they were back-endorsed (#7546).

Removed

• ccf::historical::adapter_v3 has been removed, ccf::historical::read_only_adapter_v4 and ccf::historical::read_write_adapter_v4 can be used instead (#7553).

6.0.18

Changed

• NodeInfoNetwork serialisation handling has become stricter (#7576), yielding better error messages in failure cases.
• JavaScript toolchain updates for security reasons (#7579).

Fixed

• Correct handling of double-sealed secrets in historical cache (#7558).

Added

• LedgerChunkRead feature flag (#7578), to enable compatible live migration. Note that the feature itself is not included.