RUST-1795 Remove unstable from in-use encryption

.evergreen/azure-kms-test/Cargo.toml

@@ -10,4 +10,4 @@ tokio = "1.28.1"
 
 [dependencies.mongodb]
 path = "../.."
-features = ["in-use-encryption-unstable", "azure-kms"]
+features = ["in-use-encryption", "azure-kms"]

.evergreen/config.yml

@@ -1625,7 +1625,7 @@ functions:
 
           echo "Building test ... begin"
           . ${PROJECT_DIRECTORY}/.evergreen/env.sh
-          cargo test get_exe_name --features in-use-encryption-unstable,gcp-kms -- --ignored
+          cargo test get_exe_name --features in-use-encryption,gcp-kms -- --ignored
           cp $(cat exe_name.txt) test-contents/test-exe
           echo "Building test ... end"
 

.evergreen/run-csfle-tests.sh

@@ -10,7 +10,7 @@ set -o xtrace
 
 export CSFLE_TLS_CERT_DIR="${DRIVERS_TOOLS}/.evergreen/x509gen"
 
-FEATURE_FLAGS+=("in-use-encryption-unstable" "aws-auth" "azure-kms")
+FEATURE_FLAGS+=("in-use-encryption" "aws-auth" "azure-kms")
 
 if [[ "$OPENSSL" = true ]]; then
   FEATURE_FLAGS+=("openssl-tls")

Cargo.toml

@@ -58,8 +58,9 @@ zlib-compression = ["dep:flate2"]
 snappy-compression = ["dep:snap"]
 
 # Enables support for client-side field level encryption and queryable encryption.
-# The In Use Encryption API is unstable and may have backwards-incompatible changes in minor version updates.
-in-use-encryption-unstable = ["dep:mongocrypt", "dep:rayon", "dep:num_cpus"]
+in-use-encryption = ["dep:mongocrypt", "dep:rayon", "dep:num_cpus"]
+# The in-use encryption API is stable; this is for backwards compatibility.
+in-use-encryption-unstable = ["in-use-encryption"]
 
 # Enables support for emitting tracing events.
 # The tracing API is unstable and may have backwards-incompatible changes in minor version updates.

README.md

@@ -44,7 +44,7 @@ features = ["sync"]
 | `zlib-compression`           | Enable support for compressing messages with [`zlib`](https://zlib.net/). |
 | `zstd-compression`           | Enable support for compressing messages with [`zstd`](http://facebook.github.io/zstd/). |
 | `snappy-compression`         | Enable support for compressing messages with [`snappy`](http://google.github.io/snappy/). |
-| `in-use-encryption-unstable` | Enable support for client-side field level encryption and queryable encryption. This API is unstable and may be subject to breaking changes in minor releases. |
+| `in-use-encryption`          | Enable support for client-side field level encryption and queryable encryption. |
 | `tracing-unstable`           | Enable support for emitting [`tracing`](https://docs.rs/tracing/latest/tracing/) events. This API is unstable and may be subject to breaking changes in minor releases. |
 | `compat-3-0-0`               | Required for future compatibility if default features are disabled. |
 

src/action.rs

@@ -6,7 +6,7 @@ mod client_options;
 mod count;
 mod create_collection;
 mod create_index;
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 pub mod csfle;
 mod delete;
 mod distinct;

src/action/bulk_write.rs

@@ -120,7 +120,7 @@ where
     }
 
     async fn execute_inner(mut self) -> Result<R> {
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         if self.client.should_auto_encrypt().await {
             use mongocrypt::error::{Error as EncryptionError, ErrorKind as EncryptionErrorKind};
 

src/action/create_collection.rs

@@ -64,7 +64,7 @@ impl<'a> CreateCollection<'a> {
         change_stream_pre_and_post_images: crate::db::options::ChangeStreamPreAndPostImages,
         clustered_index: crate::db::options::ClusteredIndex,
         comment: bson::Bson,
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         encrypted_fields: Document,
     );
 

src/action/drop.rs

@@ -111,7 +111,7 @@ pub struct DropCollection<'a> {
 impl<'a> DropCollection<'a> {
     option_setters!(options: DropCollectionOptions;
         write_concern: WriteConcern,
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         encrypted_fields: bson::Document,
     );
 

src/client.rs

@@ -1,6 +1,6 @@
 pub mod action;
 pub mod auth;
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 pub(crate) mod csfle;
 mod executor;
 pub mod options;
@@ -11,7 +11,7 @@ use std::{
     time::{Duration, Instant},
 };
 
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 pub use self::csfle::client_builder::*;
 use derivative::Derivative;
 use futures_core::Future;
@@ -123,7 +123,7 @@ struct ClientInner {
     options: ClientOptions,
     session_pool: ServerSessionPool,
     shutdown: Shutdown,
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     csfle: tokio::sync::RwLock<Option<csfle::ClientState>>,
     #[cfg(test)]
     disable_command_events: AtomicBool,
@@ -159,7 +159,7 @@ impl Client {
                 pending_drops: SyncMutex::new(IdSet::new()),
                 executed: AtomicBool::new(false),
             },
-            #[cfg(feature = "in-use-encryption-unstable")]
+            #[cfg(feature = "in-use-encryption")]
             csfle: Default::default(),
             #[cfg(test)]
             disable_command_events: AtomicBool::new(false),
@@ -190,7 +190,7 @@ impl Client {
     /// # Ok(())
     /// # }
     /// ```
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub fn encrypted_builder(
         client_options: ClientOptions,
         key_vault_namespace: crate::Namespace,
@@ -213,7 +213,7 @@ impl Client {
 
     /// Whether commands sent via this client should be auto-encrypted.
     pub(crate) async fn should_auto_encrypt(&self) -> bool {
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         {
             let csfle = self.inner.csfle.read().await;
             match *csfle {
@@ -225,13 +225,13 @@ impl Client {
                 None => false,
             }
         }
-        #[cfg(not(feature = "in-use-encryption-unstable"))]
+        #[cfg(not(feature = "in-use-encryption"))]
         {
             false
         }
     }
 
-    #[cfg(all(test, feature = "in-use-encryption-unstable"))]
+    #[cfg(all(test, feature = "in-use-encryption"))]
     pub(crate) async fn mongocryptd_spawned(&self) -> bool {
         self.inner
             .csfle
@@ -241,7 +241,7 @@ impl Client {
             .map_or(false, |cs| cs.exec().mongocryptd_spawned())
     }
 
-    #[cfg(all(test, feature = "in-use-encryption-unstable"))]
+    #[cfg(all(test, feature = "in-use-encryption"))]
     pub(crate) async fn has_mongocryptd_client(&self) -> bool {
         self.inner
             .csfle
@@ -549,7 +549,7 @@ impl Client {
         &self.inner.topology
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub(crate) async fn primary_description(&self) -> Option<crate::sdam::ServerDescription> {
         let start_time = Instant::now();
         let timeout = self
@@ -578,7 +578,7 @@ impl Client {
         }
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub(crate) async fn auto_encryption_opts(
         &self,
     ) -> Option<tokio::sync::RwLockReadGuard<'_, csfle::options::AutoEncryptionOptions>> {

src/client/auth/aws.rs

@@ -456,17 +456,17 @@ impl AwsCredential {
         Ok(auth_header)
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub(crate) fn access_key(&self) -> &str {
         &self.access_key_id
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub(crate) fn secret_key(&self) -> &str {
         &self.secret_access_key
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub(crate) fn session_token(&self) -> Option<&str> {
         self.session_token.as_deref()
     }

src/client/executor.rs

@@ -1,7 +1,7 @@
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 use bson::RawDocumentBuf;
 use bson::{doc, RawBsonRef, RawDocument, Timestamp};
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 use futures_core::future::BoxFuture;
 use once_cell::sync::Lazy;
 use serde::de::DeserializeOwned;
@@ -621,7 +621,7 @@ impl Client {
 
         #[allow(unused_mut)]
         let mut message = Message::from_command(cmd, Some(request_id))?;
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         {
             let guard = self.inner.csfle.read().await;
             if let Some(ref csfle) = *guard {
@@ -781,7 +781,7 @@ impl Client {
                 })
                 .await;
 
-                #[cfg(feature = "in-use-encryption-unstable")]
+                #[cfg(feature = "in-use-encryption")]
                 let response = {
                     let guard = self.inner.csfle.read().await;
                     if let Some(ref csfle) = *guard {
@@ -812,7 +812,7 @@ impl Client {
         }
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     fn auto_encrypt<'a>(
         &'a self,
         csfle: &'a super::csfle::ClientState,
@@ -828,7 +828,7 @@ impl Client {
         })
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     fn auto_decrypt<'a>(
         &'a self,
         csfle: &'a super::csfle::ClientState,

src/coll/action/drop.rs

@@ -11,7 +11,7 @@ impl<'a> Action for DropCollection<'a> {
     async fn execute(mut self) -> Result<()> {
         resolve_options!(self.cr, self.options, [write_concern]);
 
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         self.cr
             .drop_aux_collections(self.options.as_ref(), self.session.as_deref_mut())
             .await?;
@@ -24,7 +24,7 @@ impl<'a> Action for DropCollection<'a> {
     }
 }
 
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 impl<T> crate::Collection<T>
 where
     T: Send + Sync,

src/coll/options.rs

@@ -1046,7 +1046,7 @@ pub struct DropCollectionOptions {
     /// Map of encrypted fields for the collection.
     // Serialization is skipped because the server doesn't accept this option; it's needed for
     // preprocessing.  Deserialization needs to remain because it's used in test files.
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     #[serde(skip_serializing)]
     pub encrypted_fields: Option<Document>,
 }

src/db/action/create_collection.rs

@@ -18,7 +18,7 @@ impl<'a> Action for CreateCollection<'a> {
             coll: self.name,
         };
 
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         let has_encrypted_fields = {
             self.db
                 .resolve_encrypted_fields(&ns, &mut self.options)
@@ -38,7 +38,7 @@ impl<'a> Action for CreateCollection<'a> {
             .execute_operation(create, self.session.as_deref_mut())
             .await?;
 
-        #[cfg(feature = "in-use-encryption-unstable")]
+        #[cfg(feature = "in-use-encryption")]
         if has_encrypted_fields {
             use crate::action::Action;
             use bson::{doc, Document};
@@ -56,7 +56,7 @@ impl<'a> Action for CreateCollection<'a> {
 }
 
 impl Database {
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     async fn resolve_encrypted_fields(
         &self,
         base_ns: &Namespace,
@@ -82,7 +82,7 @@ impl Database {
         }
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     #[allow(clippy::needless_option_as_deref)]
     async fn create_aux_collections(
         &self,

src/db/options.rs

@@ -115,7 +115,7 @@ pub struct CreateCollectionOptions {
     pub comment: Option<Bson>,
 
     /// Map of encrypted fields for the created collection.
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub encrypted_fields: Option<Document>,
 }
 

src/error.rs

@@ -301,7 +301,7 @@ impl Error {
         )
     }
 
-    #[cfg(all(test, feature = "in-use-encryption-unstable"))]
+    #[cfg(all(test, feature = "in-use-encryption"))]
     pub(crate) fn is_csfle_error(&self) -> bool {
         matches!(self.kind.as_ref(), ErrorKind::Encryption(..))
     }
@@ -372,7 +372,7 @@ impl Error {
             ErrorKind::Transaction { message } => Some(message.clone()),
             ErrorKind::IncompatibleServer { message } => Some(message.clone()),
             ErrorKind::InvalidArgument { message } => Some(message.clone()),
-            #[cfg(feature = "in-use-encryption-unstable")]
+            #[cfg(feature = "in-use-encryption")]
             ErrorKind::Encryption(err) => err.message.clone(),
             _ => None,
         }
@@ -533,7 +533,7 @@ impl Error {
             | ErrorKind::Custom(_)
             | ErrorKind::Shutdown
             | ErrorKind::GridFs(_) => {}
-            #[cfg(feature = "in-use-encryption-unstable")]
+            #[cfg(feature = "in-use-encryption")]
             ErrorKind::Encryption(_) => {}
         }
     }
@@ -580,7 +580,7 @@ impl From<std::io::ErrorKind> for ErrorKind {
     }
 }
 
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 impl From<mongocrypt::error::Error> for ErrorKind {
     fn from(err: mongocrypt::error::Error) -> Self {
         Self::Encryption(err)
@@ -693,7 +693,7 @@ pub enum ErrorKind {
     MissingResumeToken,
 
     /// An error occurred during encryption or decryption.
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     #[error("An error occurred during client-side encryption: {0}")]
     Encryption(mongocrypt::error::Error),
 

src/lib.rs

@@ -18,7 +18,7 @@
 pub mod options;
 
 pub use ::bson;
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 pub use ::mongocrypt;
 
 pub mod action;
@@ -55,7 +55,7 @@ mod test;
 mod trace;
 pub(crate) mod tracking_arc;
 
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 pub use crate::client::csfle::client_encryption;
 pub use crate::{
     client::{session::ClientSession, Client},

src/operation.rs

@@ -69,7 +69,7 @@ pub(crate) use find_and_modify::FindAndModify;
 pub(crate) use get_more::GetMore;
 pub(crate) use insert::Insert;
 pub(crate) use list_indexes::ListIndexes;
-#[cfg(feature = "in-use-encryption-unstable")]
+#[cfg(feature = "in-use-encryption")]
 pub(crate) use raw_output::RawOutput;
 pub(crate) use search_index::{CreateSearchIndexes, DropSearchIndex, UpdateSearchIndex};
 pub(crate) use update::{Update, UpdateOrReplace};

src/operation/run_command.rs

@@ -33,7 +33,7 @@ impl<'conn> RunCommand<'conn> {
         })
     }
 
-    #[cfg(feature = "in-use-encryption-unstable")]
+    #[cfg(feature = "in-use-encryption")]
     pub(crate) fn new_raw(
         db: String,
         command: RawDocumentBuf,