This commit complete the migration to 'tracing' for all logging. Below
is a summary of all relevant commits, including this one:
Log improvements:
- All log (trace) messages are structured which means they contain fields
that can formatted by any subscriber.
- Logging can be disabled entirely by disabling the default `trace` feature.
- Routes and catchers now contain location (file/line) information.
- Two log format kinds: pretty and compact via ROCKET_LOG_FORMAT
- Coloring is not disabled globally. Thus applications can color even if
Rocket is configured not to.
- Rocket is more conservative about 'warn' and 'error' messages, reserving
those log levels for messages useful in production.
- Errors from guards logged by codegen now use the 'Display' implementation of
those errors when one exists.
- Secrets are never logged, even when directly asked for.
New features:
- Many Rocket types know how to trace themselves via a new `Trace` trait.
- `Either` types can now be used in `uri!()` calls.
- A `RequestIdLayer` tags all requests with a unique ID.
Breaking changes to configuration:
- `Config::log_level` is of type `Option<Level>`. `None` disables tracing.
- `log_level` now uses the traditional log level names: "off", "error",
"warn", "info", "debug", "trace", or 0-5. This replace the Rocket-specific
"normal", "debug", "critical".
- A new option, `log_format`, which is either `compact` or `pretty`,
determines how Rocket's tracing subscriber log trace messages.
Breaking changes:
- Hidden `rocket::Either` is now publicly available at `rocket::either::Either`.
- `rocket::Error` no longer panics when dropped.
- `main` generated by `#[launch]` returns an `ExitCode`.
- `FromParam` `Err` now always returns the actual error as opposed to the
string that failed to parse. To recover the original string, use `Either<T,
&str>`, where `T: FromParam`, as a parameter guard.
- Many types that implemented `Display` now instead implement `Trace`.
- `Error::pretty_print()` was removed. Use `Error::trace()` via `Trace` impl.
Internal improvements:
- Made more space in CI machines for tasks.
- Cleaned up testbench code using `inventory`.
Resolves#21.
This commit:
- Remove all traces of 'log'.
- Send all logs unedited via tracing.
- Parses and propagate log_level.
- Implements an initial formatting subscriber.
Co-authored-by: Eliza Weisman <eliza@buoyant.io>
Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
This commit is a codebase-wide cleanup driven by clippy warnings. In
addition to fixing every reasonable warning, the following new
functionality was introduced:
* `Accept::new()` now takes any `T: Into<QMediaType>` iterator.
* `TempFile::is_empty()` was added.
* `HeaderMap` now implements `IntoIterator`.
This commit makes the following breaking changes:
* The `IntoCollection` trait is gone. Generics previously bound by the
trait are now bound by `IntoIterator`. This affects:
- `Accept::new()`
- `ContentType::with_params()`
- `Permission::{allow, allowed}()`
* `MediaType`, `QMediaType`, and `Allow` implement `IntoIterator`,
enabling most existing code to continue working without change.
* The inherent `HeaderMap::into_iter()` method was removed.
* The `Ok` variant in ErrorKind::Liftoff` is now `Box<Rocket<Orbit>>`.
This commit completely rewrites Rocket's HTTP serving. In addition to
significant internal cleanup, this commit introduces the following major
features:
* Support for custom, external listeners in the `listener` module.
The new `listener` module contains new `Bindable`, `Listener`, and
`Connection` traits which enable composable, external
implementations of connection listeners. Rocket can launch on any
`Listener`, or anything that can be used to create a listener
(`Bindable`), via a new `launch_on()` method.
* Support for Unix domain socket listeners out of the box.
The default listener backwards compatibly supports listening on Unix
domain sockets. To do so, configure an `address` of
`unix:path/to/socket` and optional set `reuse` to `true` (the
default) or `false` which controls whether Rocket will handle
creating and deleting the unix domain socket.
In addition to these new features, this commit makes the following major
improvements:
* Rocket now depends on hyper 1.
* Rocket no longer depends on hyper to handle connections. This allows
us to handle more connection failure conditions which results in an
overall more robust server with fewer dependencies.
* Logic to work around hyper's inability to reference incoming request
data in the response results in a 15% performance improvement.
* `Client`s can be marked secure with `Client::{un}tracked_secure()`,
allowing Rocket to treat local connections as running under TLS.
* The `macros` feature of `tokio` is no longer used by Rocket itself.
Dependencies can take advantage of this reduction in compile-time
cost by disabling the new default feature `tokio-macros`.
* A new `TlsConfig::validate()` method allows checking a TLS config.
* New `TlsConfig::{certs,key}_reader()`,
`MtlsConfig::ca_certs_reader()` methods return `BufReader`s, which
allow reading the configured certs and key directly.
* A new `NamedFile::open_with()` constructor allows specifying
`OpenOptions`.
These improvements resulted in the following breaking changes:
* The MSRV is now 1.74.
* `hyper` is no longer exported from `rocket::http`.
* `IoHandler::io` takes `Box<Self>` instead of `Pin<Box<Self>>`.
- Use `Box::into_pin(self)` to recover the previous type.
* `Response::upgrade()` now returns an `&mut dyn IoHandler`, not
`Pin<& mut _>`.
* `Config::{address,port,tls,mtls}` methods have been removed.
- Use methods on `Rocket::endpoint()` instead.
* `TlsConfig` was moved to `tls::TlsConfig`.
* `MutualTls` was renamed and moved to `mtls::MtlsConfig`.
* `ErrorKind::TlsBind` was removed.
* The second field of `ErrorKind::Shutdown` was removed.
* `{Local}Request::{set_}remote()` methods take/return an `Endpoint`.
* `Client::new()` was removed; it was previously deprecated.
Internally, the following major changes were made:
* A new `async_bound` attribute macro was introduced to allow setting
bounds on futures returned by `async fn`s in traits while
maintaining good docs.
* All utility functionality was moved to a new `util` module.
Resolves#2671.
Resolves#1070.
This is a two-prong effort. First, we warn on launch if a known key is
used. Second, we document using invalid keys where possible.
Co-authored-by: Jonas Møller <jonas@moesys.no>
Adds an `ip_header` configuration parameter that allows modifying the
header Rocket attempts to use to retrieve the "real IP" address of the
client via `Request` methods like `client_ip()`. Additionally allows
disabling the use of any such header.
This has the following nice benefits:
* The 'JsonValue' wrapper type is gone.
* 'Local{Request, Response}' natively support JSON/MessagePack.
* The 'json' and 'msgpack' limits are officially recognized.
* Soon, Rocket application will not require an explicit 'serde' dep.
This marks the beginning of the end of 'rocket_contrib'.
This has the following positive effects:
1) The lifetime retrieved through 'Deref' is now long-lived.
2) An '&State<T>` can be created via an '&T'.
3) '&State<T>' is shorter to type than 'State<'_, T>'.
The core 'Rocket' type is parameterized: 'Rocket<P: Phase>', where
'Phase' is a newly introduced, sealed marker trait. The trait is
implemented by three new marker types representing the three launch
phases: 'Build', 'Ignite', and 'Orbit'. Progression through these three
phases, in order, is enforced, as are the invariants guaranteed by each
phase. In particular, an instance of 'Rocket' is guaranteed to be in its
final configuration after the 'Build' phase and represent a running
local or public server in the 'Orbit' phase. The 'Ignite' phase serves
as an intermediate, enabling inspection of a finalized but stationary
instance. Transition between phases validates the invariants required
by the transition.
All APIs have been adjusted appropriately, requiring either an instance
of 'Rocket' in a particular phase ('Rocket<Build>', 'Rocket<Ignite>', or
'Rocket<Orbit>') or operating generically on a 'Rocket<P>'.
Documentation is also updated and substantially improved to mention
required and guaranteed invariants.
Additionally, this commit makes the following relevant changes:
* 'Rocket::ignite()' is now a public interface.
* 'Rocket::{build,custom}' methods can no longer panic.
* 'Launch' fairings are now 'ignite' fairings.
* 'Liftoff' fairings are always run, even in local mode.
* All 'ignite' fairings run concurrently at ignition.
* Launch logging occurs on launch, not any point prior.
* Launch log messages have improved formatting.
* A new launch error kind, 'Config', was added.
* A 'fairing::Result' type alias was introduced.
* 'Shutdown::shutdown()' is now 'Shutdown::notify()'.
Some internal changes were also introduced:
* Fairing 'Info' name for 'Templates' is now 'Templating'.
* Shutdown is implemented using 'tokio::sync::Notify'.
* 'Client::debug()' is used nearly universally in tests.
Resolves#1154.
Resolves#1136.
...because loading up a Rocket while it's ignited is a bad idea.
More seriously, because 'Rocket.ignite()' will become an "execute
everything up to here" method.
The new examples directory...
* Contains a `README.md` explaining each example.
* Consolidates examples into more complete chunks.
* Is just better.
Resolves#1447.
Launch fairings are now fallible and take the place of attach fairings,
but they are only run, as the name implies, at launch time.
This is is a fundamental shift from eager execution of set-up routines,
including the now defunct attach fairings, to lazy execution,
precipitated by the transition to `async`. The previous functionality,
while simple, caused grave issues:
1. A instance of 'Rocket' with async attach fairings requires an async
runtime to be constructed.
2. The instance is accessible in non-async contexts.
3. The async attach fairings have no runtime in which to be run.
Here's an example:
```rust
let rocket = rocket::ignite()
.attach(AttachFairing::from(|rocket| async {
Ok(rocket.manage(load_from_network::<T>().await))
}));
let state = rocket.state::<T>();
```
This had no real meaning previously yet was accepted by running the
attach fairing future in an isolated runtime. In isolation, this causes
no issue, but when attach fairing futures share reactor state with other
futures in Rocket, panics ensue.
The new Rocket application lifecycle is this:
* Build - A Rocket instance is constructed. No fairings are run.
* Ignition - All launch fairings are run.
* Liftoff - If all launch fairings succeeded, the server is started.
New 'liftoff' fairings are run in this third phase.
This allows us to test all of the "core" crates (and the guide) by
testing the root workspace, and all of the examples by testing in the
examples workspace.
This commit also improves config pretty-printing and warning messages.
It also fixes an issue that resulted in config value deprecation
warnings not being emitted. The 'workers' value is now a 'usize', not a
'u16'; contrib pool sizes now default to 'workers * 2'.
Closes#1470.
This commit reverts most of dea940c7 and d89c7024. The "fix" is to run
attach fairings on a new thread. If a runtime is already running, it is
used. Otherwise, the future is executed in a single-threaded executor.
This commit completely overhauls Rocket's configuration systems, basing
it on the new Figment library. It includes many breaking changes
pertaining to configuration. They are:
* "Environments" are replaced by "profiles".
* 'ROCKET_PROFILE' takes the place of 'ROCKET_ENV'.
* Profile names are now arbitrary, but 'debug' and 'release' are given
special treatment as default profiles for the debug and release
compilation profiles.
* A 'default' profile now sits along-side the meta 'global' profile.
* The concept of "extras" is no longer present; users can extract any
values they want from the configured 'Figment'.
* The 'Poolable' trait takes an '&Config'.
* The 'secrets' feature is disabled by default.
* It is a hard error if 'secrets' is enabled under the 'release'
profile and no 'secret_key' is configured.
* 'ConfigBuilder' no longer exists: all fields of 'Config' are public
with public constructors for each type.
* 'keep_alive' is disabled with '0', not 'false' or 'off'.
* Inlined error variants into the 'Error' structure.
* 'LoggingLevel' is now 'LogLevel'.
* Limits can now be specified in SI units: "1 MiB".
The summary of other changes are:
* The default config file can be configured with 'ROCKET_CONFIG'.
* HTTP/1 and HTTP/2 keep-alive configuration is restored.
* 'ctrlc' is now a recognized config option.
* 'serde' is now a core dependency.
* TLS misconfiguration errors are improved.
* Several example use '_' as the return type of '#[launch]' fns.
* 'AdHoc::config()' was added for simple config extraction.
* Added more documentation for using 'Limits'.
* Launch information is no longer treated specially.
* The configuration guide was rewritten.
Resolves#852.
Resolves#209.
Closes#1404.
Closes#652.
In brief, this commit:
* Updates to the latest upstream 'cookie', fixing a memory leak.
* Make changes to 'CookieJar' observable only through 'pending()'.
* Deprecates 'Client::new()' in favor of 'Client::tracked()'.
* Makes 'dispatch()' on tracked 'Client's synchronize on cookies.
* Makes 'Client::untracked()' actually untracked.
This commit updates to the latest 'cookie' which removes support for
'Sync' cookie jars. Instead of relying on 'cookie', this commit
implements an op-log based 'CookieJar' which internally keeps track of
changes. The API is such that changes are only observable through
specialized '_pending()' methods.
This commit adds the 'local::blocking' module and moves the existing
asynchronous testing to 'local::asynchronous'. It also includes several
changes to improve the local API, bringing it to parity (and beyond)
with master. These changes are:
* 'LocalRequest' implements 'Clone'.
* 'LocalResponse' doesn't implement 'DerefMut<Target=Response>'.
Instead, direct methods on the type, such as 'into_string()', can
be used to read the 'Response'.
* 'Response::body()' returns an '&ResponseBody' as opposed to '&mut
ResponseBody', which is returned by a new 'Response::body_mut()'.
* '&ResponseBody' implements 'known_size()` to retrieve a body's size,
if it is known.
Co-authored-by: Jeb Rosen <jeb@jebrosen.com>
The attribute is applied everywhere it can be across the codebase and is
the newly preferred method for launching an application. This commit
also makes '#[rocket::main]` stricter by warning when it is applied to
functions other than 'main'.
observed.
This is a prerequisite for async on_attach fairings. 'Rocket' is now a
builder wrapper around the 'Manifest' type, with operations being
applied when needed by 'launch()', 'Client::new()', or 'inspect()'.
'inspect()' returns an '&Manifest', which now provides the methods that
could be called on an '&Rocket'.
* body_string_wait and body_bytes_wait are removed; use `.await` instead
* `dispatch()` is now an async fn and must be .await-ed
* Add `#[rocket::async_test]` macro, similar in purpose to `tokio::test`
* Tests now use either `rocket::async_test(async { })` or
`#[rocket::async_test]` in order to `.await` the futures returned
from `dispatch()` and `body_{string,bytes}()`
* Update 'test.sh' to reflect the tests that should be passing.
Broken:
* Cloned dispatch and mut_dispatch() with a live previous response now both fail, due to a (partial) check for mutable aliasing in LocalRequest.
* Some tests are still failing and need example-specific changes.
This commits also implement the query reform from #608. It also consists
of many, many breaking changes. Among them are:
* Query parts in route paths use new query reform syntax.
* Routing for queries is now lenient.
- Default ranking has changed to reflect query reform.
* Format routing matching has been fixed.
- Routes with formats matching "accept" will always collide.
- Routes with formats matching "content-type" require requests to
have an equivalent content-type header to match.
- Requests with imprecise content-types are treated as not having a
content-type.
* Generated routes and catchers respect visibility modifiers.
* Raw getter methods from request were renamed and retooled.
- In particular, the index parameter is based on segments in the
route path, not dynamic parameters.
* The method-based attributes no longer accept a keyed 'path'.
* The 'rocket_codegen' crate is gone and will no longer be public.
* The 'FormItems' iterator emits values of type 'FormItem'.
- The internal form items' string can no longer be retrieved.
* In general, routes are more strictly validated.
* Logging from codegen now funnels through logging infrastructure.
* Routing has been optimized by caching routing metadata.
Resolves#93.
Resolves#608.
Resolves#693.
Resolves#476.
The directory structure has changed to better isolate crates serving
core and contrib. The new directory structure is:
contrib/
lib/ - the contrib library
core/
lib/ - the core Rocket library
codegen/ - the "compile extension" codegen library
codegen_next/ - the new proc-macro library
examples/ - unchanged
scripts/ - unchanged
site/ - unchanged
This commit also removes the following files:
appveyor.yml - AppVeyor (Rust on Windows) is far too spotty for use
rustfmt.toml - rustfmt is, unfortunately, not mature enough for use
Finally, all example Cargo crates were marked with 'publish = false'.
Rust's linting API is incredibly unstable, resulting in unnecessary
breakage to `rocket_codegen`. Rocket's lints are also not as
conservative as would be desired, resulting in spurious warnings. For
these reasons, this commit removes linting from `rocket_codegen`.
These lints will likely be reintroduced as part of a 'rocket_lints'
crate. Factoring the lints out to a separate crate means that lint
breakage can be dealt with by uncommenting the dependency instead of
waiting for a new release or backtracking nightlies. In the same vein,
it will likely improve stability of the 'rocket_codegen' crate.
Sessions
--------
This commit removes the `Session` type in favor of methods on the
`Cookies` types that allow for adding, removing, and getting private
(signed and encrypted) cookies. These methods provide a superset of
the functionality of `Session` while also being a minimal addition to
the existing API. They can be used to implement the previous `Session`
type as well as other forms of session storage. The new methods are:
* Cookie::add_private(&mut self, Cookie)
* Cookie::remove_private(&mut self, Cookie)
* Cookie::get_private(&self, &str)
Resolves#20
Testing
-------
This commit removes the `rocket::testing` module. It adds the
`rocket::local` module which provides a `Client` type for local
dispatching of requests against a `Rocket` instance. This `local`
package subsumes the previous `testing` package.
Rocket Examples
---------------
The `forms`, `optional_result`, and `hello_alt_methods` examples have
been removed. The following example have been renamed:
* extended_validation -> form_validation
* hello_ranks -> ranking
* from_request -> request_guard
* hello_tls -> tls
Other Changes
-------------
This commit also includes the following smaller changes:
* Config::{development, staging, production} constructors have been
added for easier creation of default `Config` structures.
* The `Config` type is exported from the root.
* `Request` implements `Clone` and `Debug`.
* `Request::new` is no longer exported.
* A `Response::body_bytes` method was added to easily retrieve a
response's body as a `Vec<u8>`.
Sergio Benitez
Konrad Borowski
Jeb Rosen
Jacob Pratt
Donald Robertson