Latest Results
feat!: Store `Context` as `Arc` for shared context and threading support (#1680)
* Document Context API
* Add Context-based API improvements and new Builder methods
- Add Reader::new() and Reader::from_context() for consistent API
- Add Builder::save_to_stream() and Builder::save_to_file() methods
- Automatically use signer from context, avoiding borrow checker issues
- Provides simpler alternative to sign() for common use cases
- Add Builder::context() and Builder::context_mut() accessors
- Implement lazy signer initialization in Context with SignerState enum
- Update documentation to use new Context-based patterns
* replair clippy test issue
* Remove context_mut() from Builder
This method allowed mutable access to the Context after Builder creation.
Removing it in preparation for making Context shared via Arc, which will
make it immutable once created.
* Add shared context support using Rc<Context>
- Changed Builder and Reader to store context as Rc<Context> internally
- Added from_context(Context) method that wraps in Rc
- Added from_shared_context(&Rc<Context>) method for explicit sharing
- Context can now be shared across multiple builders/readers (single-threaded)
- Tests added for both single-use and shared context patterns
This is a checkpoint before implementing thread-safe Arc<Context> version.
* Make Context Send + Sync for thread-safe sharing with Arc
BREAKING CHANGE: Custom Signer and HttpResolver implementations must now be Send + Sync
Changes:
- Added Send + Sync bounds to all trait objects in Context:
* Box<dyn Signer + Send + Sync>
* Box<dyn SyncHttpResolver + Send + Sync>
* Box<dyn AsyncHttpResolver + Send + Sync>
* Box<dyn RawSigner + Send + Sync>
- Implemented unsafe Send + Sync for Context (safe because all contained
types are now Send + Sync)
- Changed Builder and Reader to use Arc<Context> instead of Rc<Context>
for thread-safe sharing across threads and async tasks
- Updated all method signatures that accept custom implementations to
require Send + Sync bounds
- Replaced RefCell with RwLock in IdentityAssertionSigner for thread safety
- Updated all Signer-returning functions to return Box<dyn Signer + Send + Sync>
This enables:
- Sharing Context across multiple threads
- Using Context with multi-threaded async runtimes (tokio, etc.)
- Spawning builders/readers in parallel threads
- Creating Context once and sharing efficiently
Migration: Most users won't need changes as all built-in signers and resolvers
are already Send + Sync. Custom implementations must add Send + Sync bounds.
* Use conditional compilation for WASM-compatible Arc<Context> sharing
Use BoxedSigner type alias with platform-specific Send + Sync bounds to enable
Arc<Context> sharing on both native and WASM targets.
Changes:
- Added BoxedSigner type alias in lib.rs with conditional Send + Sync bounds
* Non-WASM: Box<dyn Signer + Send + Sync> for thread safety
* WASM: Box<dyn Signer> (single-threaded, no Send/Sync needed)
- Updated Context to use conditional compilation for internal trait objects:
* BoxedSigner, BoxedSyncResolver, BoxedAsyncResolver type aliases
* Conditional unsafe impl Send/Sync for Context (non-WASM only)
* Method signatures use #[cfg] for platform-specific bounds
- Updated all signer-returning functions to use BoxedSigner:
* create_signer.rs - from_keys(), from_files()
* settings/signer.rs - signer(), c2pa_signer(), cawg_signer()
* settings/mod.rs - Settings::signer()
* utils/test_signer.rs - test_signer(), test_cawg_signer()
* c2pa_c_ffi/src/signer_info.rs - SignerInfo::signer()
- Builder and Reader continue using Arc<Context> with from_shared_context()
methods for efficient context sharing
- Fixed doc links in create_signer.rs to use crate::Signer path
This enables:
- Thread-safe Context sharing on native platforms (FFI, tokio, threads)
- WASM compatibility without Send + Sync overhead
- Clean API: Arc::new(Context::new()) works on all platforms
All builds verified: native, WASM, clippy, doctests
* Add documentation to unsafe Send + Sync impls
All contained types have explicit Send + Sync bounds on non-WASM targets.
* Remove unnecessary Clippy allow attributes from Builder and Reader
The arc_with_non_send_sync Clippy warning is now handled by the unsafe impl
Send + Sync on Context itself, so these module-level allow attributes are no
longer needed.
* Add tests confirming Builder and Reader are Send + Sync
Key findings:
- Builder and Reader are thread-safe (Send + Sync auto-derived)
- All fields are Send + Sync so no unsafe code needed
- Thread tests gated with cfg(not(target_arch = wasm32))
Builder and Reader can be sent between threads or shared with Arc.
* chore: release (#1662)
* fix: Flush stream to finish write operations before rewind for FFI layer improvements (#1672)
* fix: Stream flush
* fix: Weird repro
* fix: Appease clippy once more
* fix: CHange test name
* fix: Nested ingredient serializing-deserializing (fix for #1685) (#1686)
* fix: cbindgen change
* fix: Make changes consistent
* fix: Nested ingredients handling
* fix: Add ingredient tests
* fix: Appease clippy
* fix: Handle cycles, or at least try to
* fix: Refactor
* fix: Refactor and appease clippy
* fix: Refactor and appease clippy 3
* chore: release (#1687)
* feat: Adds `Context` to contain settings, HTTPS resolvers, and signers (#1631)
* feat: adds Ingredient_assertion::from_stream and claim::thumbnaiI()
updates unit test to use this.
* feat: content_credential concept
* feat: remove validation_results and get it from the parent_ingredient.
* chore more validation_status removal
* fix: Reader to_folder now writes c2pa_data.c2pa and c2patool doesn't write a duplicate manifest.json file.
* feat: add cc from_stream add_assertion and validation_results to reports.
adds unit test for from_stream and c2p2.created.
* feat: Adds claim.add_action and action, add_action_checked()
* feat: add create and add_action method
add_ingredient_from_stream
always set position to zero inside read methods
* allow claim thumbnail for ingredient if valid or trusted.
* use shared b64 hash function
* Context to contain settings and resolvers.
* use context in most of the sdk, instead of settings and resolvers.
* Builder can be created with context and will use it internally
added Builder::from_context()
builder.with_json()
* Add Signer support in Context
Add ContentCredential.open_stream()
* add content_credential open_stream
* add update_from_str to settings, so that you can overlay settings on a settings instance
* add try_from for &ClaimGeneratorInfoSettings
* context.with_settings() support IntoSettings trait
* Add context to Reader
Reader::new and reader.with_stream added.
* remove cr:from_stream
* formatting
* fmt
* Ingredient::from_stream works without a manifest store.
Context uses Options instead of Oncecell
asset.rs removed
* Integrate RestrictedResolver into Context defaults
* fix wasi build
* fmt
* remove content_credential.rs and c2patool fix to different PRs.
* Document Context API
* Add Context-based API improvements and new Builder methods
- Add Reader::new() and Reader::from_context() for consistent API
- Add Builder::save_to_stream() and Builder::save_to_file() methods
- Automatically use signer from context, avoiding borrow checker issues
- Provides simpler alternative to sign() for common use cases
- Add Builder::context() and Builder::context_mut() accessors
- Implement lazy signer initialization in Context with SignerState enum
- Update documentation to use new Context-based patterns
* replair clippy test issue
* Add unit test for builder settings try_from cases.
* add unit test for Ingredient::from_stream() -- the assertion version
* doc tweak
* Remove context_mut() from Builder
This method allowed mutable access to the Context after Builder creation.
Removing it in preparation for making Context shared via Arc, which will
make it immutable once created.
* review cleanup
remove assertion_input.rs
move is_uri_allowed to RestrictedResolver
* code cleanup from review, better examples,
builder.with_json to mut self
* refactor: use TryFrom/TryInto for Builder and Context
- Add Builder::with_definition() using TryFrom/TryInto pattern
- Supports JSON strings, ManifestDefinition objects, and serde_json::Value
- Implements TryFrom for &str, String, and serde_json::Value
- Replace IntoSettings trait with TryFrom implementations
- Update Context::with_settings() to use TryInto<Settings>
- More idiomatic Rust using standard library traits
- Add From<Infallible> for Error to support infallible conversions
- Update all examples to use json! macro for cleaner syntax
- Keep from_json() without deprecation
Benefits:
- Consistent API between with_settings and with_definition
- Standard library traits instead of custom traits
- More flexible input types
- Cleaner, more readable examples
* fixes merge issues
---------
Co-authored-by: Eric Scouten <scouten@adobe.com>
* Fix merge conflict resolution issues
* Fix clippy warnings and update tests to use with_definition instead of with_json
* resolve merge issues for tests
* Update documentation for new Context apis.
* fix wasm compilation issues for send sync using maybesend
* export BoxedSigner
* add async signer support to Context and added BoxedAsyncSigner
AsyncSigner now requires Send (as it always should have)
* rework BoxedSigner and BoxedResolver impls
Adds resolver unit tests
* move boxed signer and resolver to appropriate places
Add unit tests for context resolvers
* fix unit test bug
* fmt empty space fix
* review feedback fixes (mostly docs)
* docs: sentence case fixes
---------
Co-authored-by: CAI Open Source Builds <caiopensrc@adobe.com>
Co-authored-by: tmathern <60901087+tmathern@users.noreply.github.com>
Co-authored-by: Eric Scouten <scouten@adobe.com> cargo fittimmurphydev:feature/add-roles-to-signer-settings Active Branches
#16920%
#1697+10%
#1699-1%
© 2026 CodSpeed Technology