3.8.0 -- 2025-02-05

This release is available in the following languages:

• Java

Features

• SharedCache: Shared Cache for Searchable Encryption (#1476) (46076f8)
• bump to dafny 4.9.0 and mpl 1.9.0 (#1627)

Fixes

• ensure algorithmSuite is properly copied in getTableConfig for E… (#1474) (ff3acac)
• Java: Improve Collection of Errors string (#1478) (562b3ef)
• SearchableEncryption: disable shared cached (#1507) (ffc67be)
• SearchableEncryption: respect CMC contract (#1434) (b9333fb)
• support new input validation (#1518) (12bbfbf)
• Upgrade .net DDB SDK (8aeed4e)

Maintenance

• make const policy an extern (#1587) (be3b96e)
• mpl: Bump to 1.9.0 (#1621) (04a8eb2)
• release Rust 1.0.0 (#1612) (3392200)
• remove unsafe from interceptor (#1620) (f6ef3f4)
• TestVectors: Reuse single KeyVectors client across TestVectors (#1577) (dabcaf1)
• update for async support (#1560) (700f939)
• add dependabot for rust (#1481) (67f3d2e)
• Add ECDH examples (#1461) (cc937b4)
• add Rust release directory (#1479) (97dde01)
• add rust support (#1376) (98ddfe9)
• always use dotnet 6 for format checking. (#1403) (2b85507)
• bump macos from 12 to 13 in CI (#1472) (1abb2dd)
• Bump to MPL HEAD, Smithy-Dafny HEAD (#1299) (b2674a9)
• change exported names, update docs (#1524) (640b4d7)
• CI: make smithy fidd check smarter (#1381) (bb399bf)
• CI: mpl head step for rust (#1583) (98724d3)
• create Rust release runbook (#1488) (e51f340)
• enable local testing (#1380) (36f48b0)
• examples: Shared cache across Hierarchical Keyrings (#1410) (21f7fe1)
• GHA: Add pr-ci-all-required to pull.yaml; use ubuntu-22.04 instead of ubuntu-latest in CI (#1579) (c231473)
• gha: fix workflows triggered by dafny-interop.yml (#1598) (0cb009d)
• gha: use ubuntu-22.04 (#1594) (5e24233)
• Java: bump conversion library (#1423) (8931e27)
• new mpl (#1530) (fe03425)
• README: point to release examples (#1525) (a4ca2f9)
• Rust-docs: Update README (#1520) (96dd848)
• rust: add comments to release scripts (7b45929)
• slight updates to properly publish as a crate (#1480) (aa9175b)
• update for complete copyright notices (#1489) (c0ec84d)
• update Github alias (dc6ca47)
• update Github alias (ff4500a)
• update MPL (#1519) (b0a97e0)

3.7.0 -- 2024-09-17

3.7.0 (2024-09-17)

Features

• bump to dafny 4.8.0 and mpl 1.6.0 (#1356) (fedc0ad)

Fixes

• remove usage of :| (#1320) (eeb3f51)

Maintenance

• add check only keyword action (#1327) (5d777d6)
• add ddb local to dafny interop test vectors (#1316) (6128a39)
• allow local testing (#1311) (e758e97)
• remove /// from smithy files (#1349) (303a8bd)
• remove assert to fix verification (#1360) (8849c1e)

3.6.2 -- 2024-08-22

3.6.2 (2024-08-22)

Fixes

• revert change in error type (#1304) (33d7ee4)

Maintenance

• ...the nightly build. Again. (#1297) (b7a91c9)
• add timing output to test vectors (#1298) (30dfaa8)
• Enable local testing (#1278) (7093266)
• fix ci mpl head gha (#1306) (c572d6a)
• fix dafny interop build steps (#1293) (c6ce809)
• fix nightly (#1300) (a445eff)
• GHA: add backwards interop dafny tests (#1279) (1e6be80)
• GHA: another gha fix (#1292) (df64b30)
• GHA: fix dafny_interop_java (#1283) (5a1c921)
• GHA: fix test vector dafny interop (#1291) (fdefaff)
• GHA: update nightlies for interop and interop action (#1287) (8bec538)

3.6.1 -- 2024-08-13

3.6.1 (2024-08-12)

Fixes

• allow multi-tenant queries with allow_plaintext (#1240) (1487d7e)
• TestVectors: define StartUpObject in csproj (#1231) (2f97bf3)
• update error message (#1270) (7157e4d)

Maintenance

• Add examples to examine contents of query error list (#1251) (b5705ee)
• CI: add smithy diff checker GHA (#1226) (86406f5)
• deps: bump actions/setup-dotnet from 3 to 4 in /.github/workflows (#1191) (c3b736e)
• deps: bump aws-actions/configure-aws-credentials (#1190) (becbd0a)
• deps: bump com.amazonaws:aws-java-sdk-dynamodb (#1230) (3aa25d0)
• deps: bump dafny-lang/setup-dafny-action in /.github/workflows (#1200) (5284f0b)
• deps: bump software.amazon.awssdk:bom (#1227) (abd1727)
• deps: bump software.amazon.awssdk:bom (#1229) (bf3e1c3)
• deps: bump software.amazon.awssdk:core (#1228) (9c67729)
• do not add beacons when FORCE_PLAINTEXT_WRITE is used. (#1232) (23c8a18)
• include bad item keys in query errors (#1244) (07bba8b)
• update version to snapshot (#1225) (c817b5b)

3.6.0 -- 2024-07-24

3.6.0 (2024-07-23)

Features

• allow indirect attribute names with MultiKeyStore (#1208) (4ab97bc)

Maintenance

• bump dafny verification version to 4.7 (#1181) (e7801ec)
• CI/CD: use latest conventional-changelog-conventionalcommits (#1195) (510227e)
• Fix nightly build (aside from verification) (#1029) (862420e)
• GHA: add action for testing against MPL HEAD (#1187) (b2f70ca)
• GHA: fix daily ci (#1194) (a1427e0)
• MPL: Bump MPL to 1.5.1 (#1201) (808a5b4)
• Sonatype Migration to User Tokens (#1216) (a3b4ef9)
• Try to update existing issues (31c6b98)
• Try to update existing issues (4471295)
• update project.properties to be SNAPSHOT (#1087) (6f2825e)

3.5.0 -- 2024-05-03

3.5.0 (2024-05-30)

Features

• DynamoDbEncryption: Add GetEncryptedDataKeyDescription operation (#856) (8f8471a)
• Bump MPL to 1.4 (#1067) (51bbab5). This provides three new KMSConfiguration options when constructing a KeyStore (see https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/use-hierarchical-keyring.html). To KmsKeyArn are added KmsMRKeyArn, Discovery and MrDiscovery.

Maintenance

• improve verification (#1020) (cbde4ef)
• simplify structured encryption (#866) (a70a569)
• allow Legacy to use subclass of DynamoDBEncryptor (#1073) (135acd9)
• Java-Release: update release commands and use SNAPSHOT builds (#995) (ac9b79e)
• reformat and enforce formatting (#1035) (8a76a9d)
• verify with Dafny 4.6 (#1072) (9db6e78)

3.4.0 -- 2024-05-02

Notes

.NET

• #797 (785481c) Enforces User input Constraints at Type Conversion.

Prior to this fix, unset Integers defaulted to 0, and unset Booleans defaulted to false.

Now, all required fields MUST be set or a Runtime Exception will be thrown.

This particularly effects Searchable Encryption's
ConstructorPart, who's required field previously
would have defaulted to false.
Any configuration ever created for Searchable Encryption can be re-created with the fix, but they may look different.

Features

• feat(.NET): Validate user input #797 (785481c)

Maintenance

• format: enforce Dafny formatting (#865) (dfc0dbd)
• test: more test vectors (#959) (3ca15af)
• CI add verify test for test vectors (#897) (6c980e7)
• CI/CD: add semantic release automation (#949) (3f22abc)
• deps: bump actions/setup-dotnet from 3 to 4 in /.github/workflows (#943) (f5d9748)
• deps: bump aws-actions/configure-aws-credentials (#954) (90d7d78)
• deps(Java): bump io.github.gradle-nexus.publish-plugin (#903) (04c6cc4)
• deps(Java): bump org.projectlombok:lombok (#838) (56f1cd1)
• deps: bump rrainn/dynamodb-action in /.github/workflows (#932) (16e4d7b)
• docs: mention sign_and_include in javadoc for keyid supplier (#966) (2796693)
• docs: point to the correct readme (#845) (b950b4a)
• fix: repair json file names (#846) (3ca955a)
• test(.NET): "dotnet pack" in CI (#851) (75e44d0)
• test: add tests for attribute names that seem structured (#964) (c4c0886)
• deps(Java & .NET): Update MPL to 1.3.0 (#972) (3d8acae)

3.3.0 -- 2024-03-20

Features

• A fourth Crypto Action will be made available : SIGN_AND_INCLUDE_IN_ENCRYPTION_CONTEXT, to join the existing DO_NOTHING, SIGN_ONLY and ENCRYPT_AND_SIGN. SIGN_AND_INCLUDE_IN_ENCRYPTION_CONTEXT behaves like SIGN_ONLY, but also includes the value in the encryption context, making it available to the branch key selector.
• The Parsed Header, returned from EncryptItem and DecryptItem, now returns two more fields
  • encryptionContext : the full encryption context used for encryption
  • selectorContext : the encryption context as presented to the branch key selector
• The Java Enhanced Client now supports Single Table Design. When using the DynamoDbEnhancedTableEncryptionConfig builder, one can now specify schemaOnEncrypt multiple times, once for each class being modeled in the table.
• There was a hard limit of 100 on the size of maps and lists in Items to be encrypted. This limit has been removed.

3.2.0 -- 2024-01-16

Features

• support for .NET
• Beacon Styles :
  • PartOnly : save a little bit of space for a beacon that used as part of a Compound Beacon, but never alone
  • AsSet : turn a set of values into a set of beacons, rather than into a single beacon
  • Twinned : calculate beacons for one attribute to be compatible with those from a different attribute
  • TwinnedSet : both AsSet and Twinned
• Global Parts List : all compound beacons can now share a single list of Parts
• Test vectors to ensure cross language compatibility
• explicit error message when searching on a Compound Beacon that could never exist.
• New APIs : ResolveAttributes and GetVirtualFields to assist in development and debugging.

Fix

• String compare for client side filtering of Scan and Query results could somtimes produce the wrong result for certain characters.

3.1.2 -- 2023-11-13

Fix

Fixed an issue where, when using the DynamoDbEncryptionInterceptor,
an encrypted item in the Attributes field of a DeleteItem, PutItem, or UpdateItem
response was passed through unmodified instead of being decrypted.