• Deprecated APIs that were removed in v5.
• Fixed docs.rs build

Deprecated APIs that were removed in v5.

Upgrade to 4.21.0 first and fix any deprecation warnings.

• FIPS only needs the fips Cargo feature, and the rest is customized via env vars (like BORING_BSSL_FIPS_PATH): https://github.com/cloudflare/boring/pull/383
• Removed the "kx-*" features https://github.com/cloudflare/boring/pull/393
• Removed "pq-experimental". Post-quantum is enabled by default (X25519MLKEM768 and P256Kyber768Draft00).

• Updated BoringSSL to a newer version with updated patches by @nox in https://github.com/cloudflare/boring/pull/419
• Removed SslCurve API https://github.com/cloudflare/boring/pull/390
• Removed deprecated X509CheckFlags https://github.com/cloudflare/boring/pull/425
• X509Store is immutable, but cloneable https://github.com/cloudflare/boring/pull/426
• Minimum Hyper version upgraded from v0
• Added SslRef::curve_name() by @ghedo in https://github.com/cloudflare/boring/pull/396
• Added set_ticket_key_callback (SSL_CTX_set_tlsext_ticket_key_cb) by @toidiu in https://github.com/cloudflare/boring/pull/330
• SslCipherRef::protocol_id by @nox in https://github.com/cloudflare/boring/pull/409
• set_strict_cipher_list by @abernardeau-wallix in https://github.com/cloudflare/boring/pull/416
• set_ex_data() will always Drop previous values https://github.com/cloudflare/boring/pull/424
• Removed blanket Eq from FFI types
• BIO_set_retry_write on WouldBlock @ihciah in https://github.com/cloudflare/boring/pull/118

Full Changelog: https://github.com/cloudflare/boring/compare/v4.19.0...v5.0.0-alpha.1

• Add a more reliable Error::library_reason()
• Fix string data conversion in ErrorStack::put()
• CStr vs UTF-8 improvements in https://github.com/cloudflare/boring/pull/371
• Fix swapped host/target args and support TARGET_CC and CC_{target} in https://github.com/cloudflare/boring/pull/375

Full Changelog: https://github.com/cloudflare/boring/compare/v4.19.0...v4.20.0

• Error improvements by @kornelski in https://github.com/cloudflare/boring/pull/372
• Add binding for X509_check_ip_asc by @evanrittenhouse in https://github.com/cloudflare/boring/pull/381

Full Changelog: https://github.com/cloudflare/boring/compare/v4.18.0...v4.19.0

• Add set_verify_param by @semaj-cf in https://github.com/cloudflare/boring/pull/357
• Add support for X509_STORE_CTX_get0_untrusted by @semaj-cf in https://github.com/cloudflare/boring/pull/356
• Add X509VerifyParamRef::copy_from by @nox in https://github.com/cloudflare/boring/pull/361
• Fix X509VerifyContextRef::set_verify_param by @nox in https://github.com/cloudflare/boring/pull/358
• Ensure we call X509_STORE_CTX_cleanup on error path too by @nox in https://github.com/cloudflare/boring/pull/360
• Improve X509StoreContext initialization API by @nox in https://github.com/cloudflare/boring/pull/359
• Don't unwrap when Result can be returned instead by @kornelski in https://github.com/cloudflare/boring/pull/367
• Make X509Store shareable between contexts by @kornelski in https://github.com/cloudflare/boring/pull/366
• Sprinkle #[must_use] by @kornelski in https://github.com/cloudflare/boring/pull/368
• Expose SSL_set1_groups to Efficiently Set Curves on SSL Session by @Justin-Kwan in https://github.com/cloudflare/boring/pull/346
• Upgrade bindgen to v0.72.0 by @akonradi-signal in https://github.com/cloudflare/boring/pull/369
• Expose PKey::raw_{private,public}_key by @jrose-signal in https://github.com/cloudflare/boring/pull/364
• Don't compile binaries for docs.rs by @kornelski in https://github.com/cloudflare/boring/pull/370
• Remove some comments referring to OpenSSL by @hcstern in https://github.com/cloudflare/boring/pull/374

• @Justin-Kwan made their first contribution in https://github.com/cloudflare/boring/pull/346
• @akonradi-signal made their first contribution in https://github.com/cloudflare/boring/pull/369
• @hcstern made their first contribution in https://github.com/cloudflare/boring/pull/374

Full Changelog: https://github.com/cloudflare/boring/compare/v4.17.0...v4.18.0

• Add X509_STORE_CTX_get0_cert interface by @semaj-cf in https://github.com/cloudflare/boring/pull/349
• expose SSL_set_compliance_policy by @schien in https://github.com/cloudflare/boring/pull/342
• add SslCurve::X25519_MLKEM768 constant by @ehaydenr in https://github.com/cloudflare/boring/pull/345
• Fix linking SystemFunction036 from advapi32 in Rust 1.87 by @kornelski in https://github.com/cloudflare/boring/pull/351
• boring(ssl): use corresponds macro in add_certificate_compression_algorithm by @0x676e67 in https://github.com/cloudflare/boring/pull/348
• Update bindgen from 0.70.1 to 0.71.1 by @mstyura in https://github.com/cloudflare/boring/pull/347

• @schien made their first contribution in https://github.com/cloudflare/boring/pull/342

Full Changelog: https://github.com/cloudflare/boring/compare/v4.16.0...v4.17.0

• Advertise X25519MLKEM768 with "kx-client-pq-preferred" by @cjpatton in https://github.com/cloudflare/boring/pull/329
• Add feature "fips-no-compat" by @cjpatton in https://github.com/cloudflare/boring/pull/332 https://github.com/cloudflare/boring/pull/334
• boring-sys: Ignore patches when boringSSL is precompiled by @cjpatton in https://github.com/cloudflare/boring/pull/331
• Document linking to C++ standard library by @fhanau in https://github.com/cloudflare/boring/pull/335
• Add fips-precompiled feature to support newer versions of FIPS by @rushilmehra in https://github.com/cloudflare/boring/pull/338
• Add missing release notes entry by @rushilmehra in https://github.com/cloudflare/boring/pull/324
• Update to actions/cache@v4 by @andrew-signal in https://github.com/cloudflare/boring/pull/328

• @andrew-signal made their first contribution in https://github.com/cloudflare/boring/pull/328
• @fhanau made their first contribution in https://github.com/cloudflare/boring/pull/335

Full Changelog: https://github.com/cloudflare/boring/compare/v4.15.0...v4.16.0

• Actually expose SslEchKeys by @rushilmehra in https://github.com/cloudflare/boring/pull/318
• Revert breaking changes by @rushilmehra in https://github.com/cloudflare/boring/pull/319
• Introduce a builder pattern for SslEchKeys + make set_ech_keys take a reference by @rushilmehra in https://github.com/cloudflare/boring/pull/320
• Revert cmake bump (for now) as it is overly restrictive by @rushilmehra in https://github.com/cloudflare/boring/pull/321
• Fix lifetimes in ssl::select_next_proto by @rushilmehra in https://github.com/cloudflare/boring/pull/323
• Expose API to enable certificate compression. by @mstyura in https://github.com/cloudflare/boring/pull/241

NOTE: v4.14.0 has been yanked due to accidentally including breaking changes

Full Changelog: https://github.com/cloudflare/boring/compare/v4.14.0...v4.15.0

• Refactor!: Remove strict TokioIo response requirement from hyper_boring::v1::HttpsConnector by @PaulDance in https://github.com/cloudflare/boring/pull/305
• Refactor!: Introduce a Cargo feature for optional Hyper 0 support by @PaulDance in https://github.com/cloudflare/boring/pull/304
• Prepare for syncing with upstream by @rushilmehra in https://github.com/cloudflare/boring/pull/264
• Remove INVALID_CALL from mid-handshake error message by @TheJokr in https://github.com/cloudflare/boring/pull/291
• Allow dead_code instead of disabling clippy entirely for bindgen by @rushilmehra in https://github.com/cloudflare/boring/pull/251
• RTG-3333 Support X25519MLKEM768 by default, but don't sent it as client by @bwesterb in https://github.com/cloudflare/boring/pull/306
• replace once_cell with LazyLock by @ghedo in https://github.com/cloudflare/boring/pull/307
• chore: Fix docs on SslRef::replace_ex_data by @evanrittenhouse in https://github.com/cloudflare/boring/pull/308
• Detailed error codes by @kornelski in https://github.com/cloudflare/boring/pull/303
• Clean up boring_sys::init() by @rushilmehra in https://github.com/cloudflare/boring/pull/310
• Expose client/server-side ECH by @rushilmehra in https://github.com/cloudflare/boring/pull/309
• Expose SSL_set_enable_ech_grease by @rushilmehra in https://github.com/cloudflare/boring/pull/311
• Use corresponds macro by @kornelski in https://github.com/cloudflare/boring/pull/302
• build: Fix the build for 32-bit Linux platform by @0x676e67 in https://github.com/cloudflare/boring/pull/312
• Set CMAKE_BUILD_PARALLEL_LEVEL to available_parallelism by @rushilmehra in https://github.com/cloudflare/boring/pull/217
• Expose SSL_CTX_set1_ech_keys from SslContextRef by @rushilmehra in https://github.com/cloudflare/boring/pull/314
• Bump cmake-rs to improve Mac OS build parallelism by @rushilmehra in https://github.com/cloudflare/boring/pull/315

• @TheJokr made their first contribution in https://github.com/cloudflare/boring/pull/291

Full Changelog: https://github.com/cloudflare/boring/compare/v4.13.0...v4.14.0