In February, we merged 17 pull requests.
The TreeSync module now has public accessors to make it easier for developers to inspect, the state of the Ratchet Tree. This may be used to optimize commit behaviour.
We also released new point releases for OpenMLS, picking up security fixes in dependencies. We recommend everyone to update.
v0.8.1
New features
- #1955: Expose functions that allow access to (blank) leaves and parent nodes
Changed
- #1964: update libcrux and rust_crypto provider dependencies, due to https://github.com/cryspen/libcrux/security/advisories/GHSA-435g-fcv3-8j26 and https://github.com/cryspen/hpke-rs/security/advisories/GHSA-g433-pq76-6cmf
Links
v0.7.4
The security fixes for libcrux and rust_crypto provider dependencies were backported to the v0.7 release as v0.7.4.
Links
Other releases
Also released in February were OpenMLS v0.8.0, v0.7.3 and v0.7.2 (also see This Month in OpenMLS #17)
Merged PRs February 2026
- #1965: Derive TlsSerializeBytes for SignatureScheme
- #1964: chore: prepare 0.8.1 release
- #1962: update libcrux and hpke-rs depdencenies
- #1959: Expose TreeSync for MlsGroup and PublicGroup
- #1955: TreeSync: expose full_leaves/parents; make full_leaves provide LeafNodeIndex
- #1954: update ciphersuites in book
- #1953: chore: bump memory provider version to 0.5.0
- #1952: chore: prep v0.8.0 release
- #1950: feat: derive serde Serialize and Deserialize for MlsMessageOut
- #1949: Relax Wasm size limit
- #1948: update changelog
- #1945: update libcrux and hpke deps
- #1944: fix: correctly access credentials from past epochs
- #1943: fix: skip removed members in capabilities check
- #1936: Add APIs to access information about the next epoch from a StagedCommit
- #1933: Add and document more validation checks
- #1929: feat: don’t replace groups by default