# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
## [0.33.0] - 2026-02-04
### Added
- **ZeroKMSBuilder**: New builder pattern for ergonomic ZeroKMS client construction
- `with_request_timeout()` - Configure request timeouts (defaults to 10s)
- `with_max_keys_per_req()` - Configure maximum keys per request (defaults to 100)
- `with_max_concurrent_reqs()` - Configure maximum concurrent requests (defaults to 10)
- `with_client_key()` - Add client key for encryption/decryption capabilities
- Type-safe API that tracks whether a client key has been added
- 10-second timeout to HttpConnection for ZeroKMS requests
### Changed
- `ZeroKMS::connect()` and `ZeroKMS::connect_with_client_key()` now accept `ZeroKMSClientOpts` instead of individual parameters
- Configuration now uses workspace CRN instead of workspace ID for better region handling
- Removed retry logic from zerokms client (now handled by underlying reqwest)
- Upgraded reqwest to 0.12.24
- Upgraded reqwest-retry to 0.7
- Updated `cllw-ore` dependency to 0.3.0
- Updated `cipherstash-config` dependency to 0.2.6
### Fixed
- Improved error handling in connection initialization
- Enhanced documentation for ZeroKMSBuilder with updated examples
- Removed automatic logging of decryptions in ZeroKMSWithClientKey; decrypt operations are no longer logged by default
### Deprecated
- `ZeroKMS::new()` - Use `ZeroKMS::connect()` instead
- `ZeroKMS::new_with_client_key()` - Use `ZeroKMS::connect_with_client_key()` instead
- `ZeroKMSWithClientKey::log_decryptions()` - Deprecated; automatic decrypt logging has been removed and callers should implement their own logging if needed
## [0.32.2] - Previous release
Previous versions were not tracked in this CHANGELOG.