vendor/ff/CHANGELOG.md

# Changelog
All notable changes to this library will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this library adheres to Rust's notion of
[Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [Unreleased]

## [0.13.1] - 2025-03-09
### Changed
- `ff_derive` now works with all odd primes, not just primes that are either
  `3 (mod 4)` or `1 (mod 16)`.

### Fixed
- A type inference problem when `ff_derive` and `hybrid-array` are in the same
  dependency tree has been fixed.

## [0.13.0] - 2022-12-06
### Added
- `ff::Field::{ZERO, ONE}`
- `ff::Field::pow`
- `ff::Field::{sqrt_ratio, sqrt_alt}`
- `core::iter::{Sum, Product}` bounds on `ff::Field`
- `ff::PrimeField::from_u128`
- `ff::PrimeField::{MODULUS, TWO_INV}`
- Constants related to multiplicative generators:
  - `ff::PrimeField::MULTIPLICATIVE_GENERATOR`
  - `ff::PrimeField::{ROOT_OF_UNITY, ROOT_OF_UNITY_INV}`
  - `ff::PrimeField::DELTA`
- `ff::WithSmallOrderMulGroup`
- `ff::FromUniformBytes`
- `ff::helpers`:
  - `sqrt_tonelli_shanks`
  - `sqrt_ratio_generic`

### Changed
- `ff::Field::sqrt` is now a provided method that uses the `Field::sqrt_ratio`
  method. Implementors of the `Field` trait can choose to implement
  `Field::sqrt_ratio` and use the provided `ff::Field::sqrt` method, especially
  if it is more efficient in practice, or they can keep their own implementation
  of `Field::sqrt` and implement `Field::sqrt_ratio` in terms of that
  implementation using the `ff::helpers::sqrt_ratio_generic` helper function.
- `ff::PrimeField` is now documented as representing a non-binary field (i.e.
  its prime is not 2). This was always the intention, but is now a concrete
  requirement in order for `PrimeField::TWO_INV` to exist.

### Removed
- `ff::Field::{zero, one}` (use `ff::Field::{ZERO, ONE}` instead).
- `ff::PrimeField::{multiplicative_generator, root_of_unity}` (use
  `ff::PrimeField::{MULTIPLICATIVE_GENERATOR, ROOT_OF_UNITY}` instead).

## [0.12.1] - 2022-10-28
### Fixed
- `ff_derive` previously generated a `Field::random` implementation that would
  overflow for fields that needed a full 64-bit spare limb.

## [0.12.0] - 2022-05-04
### Changed

- MSRV is now 1.56.0.
- Bumped `bitvec` to 1.0.

## [0.11.1] - 2022-05-04
### Fixed
- `ff_derive` procedural macro can now be invoked within regular macros.
- Previously, `ff_derive`'s procedural macro would generate implementations of
  `PrimeFieldBits` even when the `bits` crate feature was disabled. `ff_derive`
  can now be used without a dependency on `bitvec` by disabling feature
  features. The new crate feature `derive_bits` can be used to force the
  generation of `PrimeFieldBits` implementations. This new crate feature will be
  removed once our MSRV is at least 1.60 and we have access to [weak dependency
  features](https://blog.rust-lang.org/2022/04/07/Rust-1.60.0.html#new-syntax-for-cargo-features).

## [0.11.0] - 2021-09-02
### Added
- `subtle::ConstantTimeEq` bound on `ff::Field`
- `Copy + Send + Sync + 'static` bounds on `ff::PrimeField::Repr`
- `ff::derive` module behind the `derive` feature flag, containing dependencies for the
  `PrimeField` derive macro:
  - Re-exports of required crates.
  - `adc, mac, sbb` constant-time const helper functions.
- `ff::Field::is_zero_vartime`
- `ff::PrimeField::from_repr_vartime`

### Changed
- `ff::Field::is_zero` now returns `subtle::Choice`.
- `ff::PrimeField::{is_odd, is_even}` now return `subtle::Choice`.
- `ff::PrimeField::from_repr` now return `subtle::CtOption<Self>`.
- `ff::PrimeField::from_str` has been renamed to `PrimeField::from_str_vartime`.

### Removed
- `ff::{adc, mac_with_carry, sbb}` (replaced by `ff::derive::{adc, mac, sbb}`).

## [0.10.1] - 2021-08-11
### Added
- `ff::BatchInvert` extension trait, implemented for iterators over mutable field elements
  which allows those field elements to be inverted in a batch. This trait is behind the
  new `alloc` feature flag.
- `ff::BatchInverter` struct, which provides methods for non-allocating batch inversion of
  field elements contained within slices.

## [0.10.0] - 2021-06-01
### Added
- `ff::PrimeFieldBits: PrimeField` trait, behind a `bits` feature flag.

### Changed
- MSRV is now 1.51.0.
- Bumped `bitvec` to 0.22 to enable fixing a performance regression in `ff 0.9`.
  The `bitvec::view::BitView` re-export has been replaced by
  `bitvec::view::BitViewSized`.
- The `bitvec` dependency and its re-exports have been gated behind the `bits`
  feature flag.

### Removed
- `ff::PrimeField::{ReprBits, char_le_bits, to_le_bits}` (replaced by
  `ff::PrimeFieldBits` trait).

### Fixed
- `#[derive(PrimeField)]` now works on small moduli (that fit in a single `u64`
  limb).

## [0.9.0] - 2021-01-05
### Added
- Re-export of `bitvec::view::BitView`.
- `ff::FieldBits<V>` type alias for the return type of
  `ff::PrimeField::{char_le_bits, to_le_bits}`.

### Changed
- Bumped `bitvec` to 0.20, `rand_core` to 0.6.

### Removed
- `From<Self>` and `From<&Self>` bounds on `ff::PrimeField::Repr`.

## [0.8.0] - 2020-09-08
### Added
- `ff::PrimeField::{ReprBits, char_le_bits, to_le_bits}`, and a public
  dependency on `bitvec 0.18`.
- `ff::Field::cube` method with provided implementation.
- `Send + Sync` bounds on `ff::PrimeField::ReprBits`

### Changed
- MSRV is now 1.44.0.
- `ff::Field::random<R: RngCore + ?Sized>(rng: &mut R) -> Self` has been changed
  to `Field::random(rng: impl RngCore) -> Self`, to align with
  `group::Group::random`.

### Removed
- `fmt::Display` bound on `ff::Field`.
- `ff::PrimeField::char` (replaced by `ff::PrimeField::char_le_bits`).
- `ff::{BitIterator, Endianness, PrimeField::ReprEndianness` (replaced by
  `ff::PrimeField::to_le_bits`).
chore: checkpoint before Python removal 2026-03-26 22:33:59 +00:00			`# Changelog`
			`All notable changes to this library will be documented in this file.`

			`The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),`
			`and this library adheres to Rust's notion of`
			`[Semantic Versioning](https://semver.org/spec/v2.0.0.html).`

			`## [Unreleased]`

			`## [0.13.1] - 2025-03-09`
			`### Changed`
			- `ff_derive` now works with all odd primes, not just primes that are either
			`3 (mod 4)` or `1 (mod 16)`.

			`### Fixed`
			- A type inference problem when `ff_derive` and `hybrid-array` are in the same
			`dependency tree has been fixed.`

			`## [0.13.0] - 2022-12-06`
			`### Added`
			- `ff::Field::{ZERO, ONE}`
			- `ff::Field::pow`
			- `ff::Field::{sqrt_ratio, sqrt_alt}`
			- `core::iter::{Sum, Product}` bounds on `ff::Field`
			- `ff::PrimeField::from_u128`
			- `ff::PrimeField::{MODULUS, TWO_INV}`
			`- Constants related to multiplicative generators:`
			- `ff::PrimeField::MULTIPLICATIVE_GENERATOR`
			- `ff::PrimeField::{ROOT_OF_UNITY, ROOT_OF_UNITY_INV}`
			- `ff::PrimeField::DELTA`
			- `ff::WithSmallOrderMulGroup`
			- `ff::FromUniformBytes`
			- `ff::helpers`:
			- `sqrt_tonelli_shanks`
			- `sqrt_ratio_generic`

			`### Changed`
			- `ff::Field::sqrt` is now a provided method that uses the `Field::sqrt_ratio`
			method. Implementors of the `Field` trait can choose to implement
			`Field::sqrt_ratio` and use the provided `ff::Field::sqrt` method, especially
			`if it is more efficient in practice, or they can keep their own implementation`
			of `Field::sqrt` and implement `Field::sqrt_ratio` in terms of that
			implementation using the `ff::helpers::sqrt_ratio_generic` helper function.
			- `ff::PrimeField` is now documented as representing a non-binary field (i.e.
			`its prime is not 2). This was always the intention, but is now a concrete`
			requirement in order for `PrimeField::TWO_INV` to exist.

			`### Removed`
			- `ff::Field::{zero, one}` (use `ff::Field::{ZERO, ONE}` instead).
			- `ff::PrimeField::{multiplicative_generator, root_of_unity}` (use
			`ff::PrimeField::{MULTIPLICATIVE_GENERATOR, ROOT_OF_UNITY}` instead).

			`## [0.12.1] - 2022-10-28`
			`### Fixed`
			- `ff_derive` previously generated a `Field::random` implementation that would
			`overflow for fields that needed a full 64-bit spare limb.`

			`## [0.12.0] - 2022-05-04`
			`### Changed`

			`- MSRV is now 1.56.0.`
			- Bumped `bitvec` to 1.0.

			`## [0.11.1] - 2022-05-04`
			`### Fixed`
			- `ff_derive` procedural macro can now be invoked within regular macros.
			- Previously, `ff_derive`'s procedural macro would generate implementations of
			`PrimeFieldBits` even when the `bits` crate feature was disabled. `ff_derive`
			can now be used without a dependency on `bitvec` by disabling feature
			features. The new crate feature `derive_bits` can be used to force the
			generation of `PrimeFieldBits` implementations. This new crate feature will be
			`removed once our MSRV is at least 1.60 and we have access to [weak dependency`
			`features](https://blog.rust-lang.org/2022/04/07/Rust-1.60.0.html#new-syntax-for-cargo-features).`

			`## [0.11.0] - 2021-09-02`
			`### Added`
			- `subtle::ConstantTimeEq` bound on `ff::Field`
			- `Copy + Send + Sync + 'static` bounds on `ff::PrimeField::Repr`
			- `ff::derive` module behind the `derive` feature flag, containing dependencies for the
			`PrimeField` derive macro:
			`- Re-exports of required crates.`
			- `adc, mac, sbb` constant-time const helper functions.
			- `ff::Field::is_zero_vartime`
			- `ff::PrimeField::from_repr_vartime`

			`### Changed`
			- `ff::Field::is_zero` now returns `subtle::Choice`.
			- `ff::PrimeField::{is_odd, is_even}` now return `subtle::Choice`.
			- `ff::PrimeField::from_repr` now return `subtle::CtOption<Self>`.
			- `ff::PrimeField::from_str` has been renamed to `PrimeField::from_str_vartime`.

			`### Removed`
			- `ff::{adc, mac_with_carry, sbb}` (replaced by `ff::derive::{adc, mac, sbb}`).

			`## [0.10.1] - 2021-08-11`
			`### Added`
			- `ff::BatchInvert` extension trait, implemented for iterators over mutable field elements
			`which allows those field elements to be inverted in a batch. This trait is behind the`
			new `alloc` feature flag.
			- `ff::BatchInverter` struct, which provides methods for non-allocating batch inversion of
			`field elements contained within slices.`

			`## [0.10.0] - 2021-06-01`
			`### Added`
			- `ff::PrimeFieldBits: PrimeField` trait, behind a `bits` feature flag.

			`### Changed`
			`- MSRV is now 1.51.0.`
			- Bumped `bitvec` to 0.22 to enable fixing a performance regression in `ff 0.9`.
			The `bitvec::view::BitView` re-export has been replaced by
			`bitvec::view::BitViewSized`.
			- The `bitvec` dependency and its re-exports have been gated behind the `bits`
			`feature flag.`

			`### Removed`
			- `ff::PrimeField::{ReprBits, char_le_bits, to_le_bits}` (replaced by
			`ff::PrimeFieldBits` trait).

			`### Fixed`
			- `#[derive(PrimeField)]` now works on small moduli (that fit in a single `u64`
			`limb).`

			`## [0.9.0] - 2021-01-05`
			`### Added`
			- Re-export of `bitvec::view::BitView`.
			- `ff::FieldBits<V>` type alias for the return type of
			`ff::PrimeField::{char_le_bits, to_le_bits}`.

			`### Changed`
			- Bumped `bitvec` to 0.20, `rand_core` to 0.6.

			`### Removed`
			- `From<Self>` and `From<&Self>` bounds on `ff::PrimeField::Repr`.

			`## [0.8.0] - 2020-09-08`
			`### Added`
			- `ff::PrimeField::{ReprBits, char_le_bits, to_le_bits}`, and a public
			dependency on `bitvec 0.18`.
			- `ff::Field::cube` method with provided implementation.
			- `Send + Sync` bounds on `ff::PrimeField::ReprBits`

			`### Changed`
			`- MSRV is now 1.44.0.`
			- `ff::Field::random<R: RngCore + ?Sized>(rng: &mut R) -> Self` has been changed
			to `Field::random(rng: impl RngCore) -> Self`, to align with
			`group::Group::random`.

			`### Removed`
			- `fmt::Display` bound on `ff::Field`.
			- `ff::PrimeField::char` (replaced by `ff::PrimeField::char_le_bits`).
			- `ff::{BitIterator, Endianness, PrimeField::ReprEndianness` (replaced by
			`ff::PrimeField::to_le_bits`).