v0.45.1

Network:
- Improved logging
- Replaced rustls-native-certs with rustls-platform-verifier

Swift:
- Use thin LTO even in debug builds
- C functions with no arguments are declared '(void)', not '()'

v0.45.0

- BackupAuthCredential now uses an enum for its level; credentials
  containing unknown levels will fail to deserialize. Receiving a
  BackupAuthCredentialResponse no longer requires an expected level,
  but now requires a timestamp; this timestamp should be the one
  provided by the server as the key in the JSON object containing the
  response.

- The backup validator has been updated; in particular, it now expects
  the IV to be in the file, and allows padding after the compressed
  backup frames.

- Support for issuing AuthCredentials with the PNI reinterpreted as
  an ACI has been removed.

- The connectionReused field from ChatService's DebugInfo has been
  removed.

- SVR3 now supports TPM2SNP on GCP, and no longer supports it on
  Azure.

- Node: Exposed Net.setIpv6Enabled(). IPv6 remains on by default.

- Java: libsignal's CompletableFuture now supports whenComplete.

- Java: A number of ClassNotFound issues have been quashed.

- Swift: PreKeyBundle.preKeyId no longer returns the *signed* pre-key
  ID, and the Kyber key info, if any, is available as well.

- Swift: Add missing invalidAttestationData and connectionFailed
  error cases.

- Rust: More zkcredential and zkgroup types implement Debug and
  PartialEq. More types in several crates implement Error.

- Changes for upstream boring v4.6.0 have been merged.

v0.44.0

- All platforms: TLS proxy support added
- Node: ChatService extracted in a separate class
- GroupSendEndorsement: refine issuance proof
- Internal changes to the reconnect logic in libsignal-net

v0.43.0

- Exposed API for unauthenticated chat service communication in Swift and Java.
  This closely follows the existing TypeScript API.
- Disabled chat connection auto-reconnect on disconnect().
- Added cleanup code to close chat server connections more promptly.
- Removed timeout parameters for SVR3 and CDSI operations.
- Improved CDSI error handling. More granular error types are returned and
  additional server errors are now handled correctly.
- Updated message backup protobuf definition.
- Removed ProfileKeyCredentialPresentationV1 which is no longer used.

v0.42.0

- GroupSendEndorsement has been added, and GroupSendCredential has
  been removed. Endorsements are similar to credentials but have some
  different characteristics; see endorsements.rs in the zkcredential
  crate for more information.

  THIS REQUIRES UPDATED SERVER ZKPARAMS.

- AuthCredentialZkc has been added as a variant of
  AuthCredentialWithPni that's built on top of zkcredential rather
  than bespoke poksho proofs. The PNI-less AuthCredential has been
  removed in favor of AuthCredentialWithPni and AuthCredentialZkc.

- SVR3 now supports enclaves based on AMD SEV SNP with TPM2
  attestation. The default configuration in libsignal-net is now
  3-of-3 secret sharing. (Note that this is still only supported in
  staging at this time.)

- cpufeatures is no longer an unconditional requirement for
  libsignal-ffi. (Thanks, @Kladki!)

- The Java code now uses Java 17; the Android build additionally
  requires SDK 34 to desugar `record` classes.

- Rust dependencies have been updated.

v0.41.2

- Reverted a breaking change (zkgroup: Implement GroupSendEndorsements)

v0.41.1

- protocol: Flip SSv2 encryption to the "new" key derivation (no client-visible impact)
- Update message backup proto definition
- Fix a configuration issue for libsignal-net

v0.41.0

- SVR3 bridge, all clients
- CDSI bridge for FFI
- libsignal-net bridge for Node
- Retire old SVR2 enclaves
- Message backup:
	- Expose message backup purpose as an argument
	- Disallow messages that are expiring soon
- Usernames: Fix missing Cargo feature for curve25519-dalek
- Implement 3HashSDHI-based "passes" in zkcredential
- Java bridging layer changes:
	- Mark all bridge_fns that return Result as `throws Exception`
	- Add the FilterExceptions helper
- Node bridging layer changes:
	- Use JsBigInt for u64 bridging instead of a Buffer
	- Update to Neon 1.0
- General bridging layer changes:
	- Filter out log messages that aren't from libsignal
	- Make ProtocolAddress's getters infallible
	- Improve error messages

v0.40.1

- Android: run tests that rely on test-only library code
- Java: internal changes to fix Java object construction on Android
- Fixed message backup validation bug, added tests

v0.40.0

- Multiple improvements to libsignal-net (no client impact).
- Introduce processMinidumpBuffer for Desktop.
- Updated error handling in the bridging layer.
- Java APIs breaking changes:
  - DecryptionErrorMessage deserialization can throw InvalidKeyException
  - HsmEnclaveClient can fail at any point during the protocol
  - Aes256GcmSiv.encrypt can't fail
- Message backup validator is now available on all client platforms.
- Fix Java error handling for CDSI lookup.