Skip to content

Latest commit

 

History

History
1244 lines (783 loc) · 107 KB

CHANGELOG.md

File metadata and controls

1244 lines (783 loc) · 107 KB
Raw

Static Web Server v2 - Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Note: See changelog for v1 under the 1.x branch.

v2.30.0 - 2024-04-29

This new v2.30.0 release brings security and dependency updates as well as several bug fixes. Overall performance improvements (directory listing particularly), continuous HTTP load testing benchmarks, project refactorings for increased stability, security and correctness as well as several other improvements.

Fixes

  • 6683446 Bugfix/security dependency updates including rustls, tokio, async-compression, regex, chrono, clap and other crates (also 8cfc7ed, a876cd5, 69bfdd4).
  • c04357e Missing custom headers for directory requests (trailing slash). PR #333.
  • 1c4fad2 CORS does not work properly when used with Basic Auth. PR #343 by @ms140569.
  • 528ed08 Accept-Encoding handling does not work correctly if only two compression schemes are available. PR #361 by @palant.
  • c8e39aa Errors due to "unused code" when features are disabled. PR #368 by @palant.
  • 5d66301 Unreserved characters are percent-encoded in directory listing links. PR #371.
  • 114862a Malformed UTF-8 file names are not handled correctly. PR #374 by @palant.

Features

  • 012ef11 Crate: Display platforms-specific documentation on docs.rs.
  • a197f20 CI: Load testing benchmarks comparison for each commit via Github Actions. PR #355 by @palant.

Refactorings

  • a451a93 Improve performance when serving static files. PR #334.
  • e569a71 Reduce some allocations in several modules. PR #337.
  • 183102d Build error when using specific or no Cargo compression features. PR #339.
  • fe6a2a1 Move health endpoint-related code into a separate file. PR #344 by @palant.
  • cc6784a Move metrics endpoint-related code into a separate file. PR #345 by @palant.
  • 76531e6 Move all of Basic authentication logic into basic_auth module. PR #346 by @palant.
  • d44e5a1 Move all redirect handling logic into the redirects module. PR #348 by @palant.
  • e965933 Move most of CORS-related code into the cors module. PR #349 by @palant.
  • 1246e37 Move most of maintenance mode logic into maintenance_mode module. PR #350 by @palant.
  • 941f692 Move various code related to header handling to the respective modules. PR #351 by @palant.
  • a13f496 Replaced fork of the headers module by an in-tree handler for the Accept-Encoding header. PR #354 by @palant.
  • 207fa4a Move all rewrite handling logic into the rewrites module. PR #353 by @palant.
  • c3c55a4 Prefer querying available cpus using Rust std. PR #358.
  • ddda871 Apply the usual post-processing to error responses for consistency. PR #359 by @palant.
  • cfd1390 Improve performance of directory listings. PR #357 by @palant.
  • 5a4035f Improve recognition of text MIME types for compression. PR #360 by @palant.
  • b66c89e Move all compression-related code into compression and compression_static modules. PR #369 by @palant.
  • 5b5ea98 Use maud templates and serde_json for directory listings. PR #367 by @palant.
  • f311e94 Move all fallback page logic into the corresponding module. PR #372 by @palant.
  • 7d61c91 Move directory listing initialization into the corresponding module. PR #373 by @palant.

Docs

For more details see v2.30.0 milestone and the full changelog v2.28.0...v2.30.0.

v2.28.0 - 2024-03-09

This new v2.28.0 release brings several dependency updates and bug fixes. Cancellation ability to shut down the server gracefully on demand when using the library, Docker examples and Windows Firewall instructions as well as other improvements.

Fixes

  • 769daf1 Bugfix/security dependency updates including mio, ring, http, rustls-pemfile, regex, chrono, clap and other crates (also a97cc77).
  • e031a7d Docker: Debian 12.5 image update.
  • b6444f4 Crate: TryFrom imported redundantly in Rust nightly. PR #318 by @yonas.

Features

  • afd6a87 Crate: Cancellation ability for server::Server::run_server_on_rt and server::Server::run_standalone functions in Linux/BSDs. PR #319 resolves #315 suggested by @hanaTsuk1.

Refactorings

  • a68349c Crate: Add targets to Crate docs metadata.
  • afa8575 Misc: Refactor the static files module and delegate functionality to separated files. PR #329.

Docs

  • 9fb2111 Windows Firewall rule instructions for the Windows service feature. See docs.
  • 668ecfe Docker and related examples. It resolves #323 suggested by @hanscees. See docs.

v2.27.0 - 2024-02-13

This new v2.27.0 release brings a few dependency updates and bug fixes. Two new Cargo feature flags and fixes a regression introduced by the previous release when building SWS from source.

Fixes

  • ec93d6c Bugfix/security dependency updates including chrono, indexmap, indexmap and other crates.

Features

v2.26.0 - 2024-02-10

This new v2.26.0 release brings several dependency security updates and bug fixes. Support for Range requests out of bounds, experimental Tokio Runtime metrics for Prometheus, new Discord server as well as other improvements.

Fixes

  • 80af0aa Bugfix/security dependency updates including tokio, regex, chrono, libc, toml, serde and other crates. Also 1d4f423
  • 5623799 Docker: Alpine 3.18.6 update.
  • a7dc6ac Docker: linux/s590x and linux/ppc64le images are missing dependencies. PR #309 resolves #308 reported by @glehmann.
    • It is solved by dropping support for the linux/ppc64le and linux/s390x of the Alpine Scratch images because those binaries provided are not static-linked. Prefer the Debian image variant for those targets instead.

Features

Refactorings

  • 563367c Minimum Rust stable version 1.74.0.
  • 370d288 Misc: Base fuzz and micro-benchmark testing for static files module. PR #310.

Acknowledgments

Thanks to our new donor @c0m4r for supporting the project.

v2.25.0 - 2024-01-23

This new v2.25.0 release brings several dependency security updates and bug fixes. An optional Host URI support for the URL Redirects feature, a bug fix when capturing a Glob pattern using brace expansion for URL Rewrites/Redirects as well as other improvements.

Fixes

  • 477ed00 Bugfix/security dependency updates including rustls, h2, regex, chrono, libc, async-compression, serde and other crates. Also 32e86aa
  • 42f52e8 Fix wrong Glob brace expansion capture in URL Rewrites/Redirects. PR #304.
  • 9f2a4f0 Docker: Alpine 3.18.5 update.

Features

  • 8c6ab53 Optional Host URI support for the URL Redirects feature. PR #301. This will allow users for example to perform www to non-www redirects or vice versa. See docs.

Refactorings

  • 83e4277 Migrate TLS module to use tokio-rustls 0.25. PR #303.
  • 1bbc703 CI: Cache Rust toolchain and Cargo directories for CI devel workflow. PR #300.
  • 67a2403 CI: Prefer cross precompiled binary on CI devel workflow.
  • ef9876a CI: Prefer cross precompiled binary on CI release workflow.

Docs

  • 3076d08 Optional Host uri support for URL Redirects feature. See docs.
  • dedefc5 Fix a few page typos.

Acknowledgments

Thanks to our new donors for supporting the project.

v2.24.2 - 2023-12-28

This new v2.24.2 release brings general dependency security updates, bug fixes and improvements.

Fixes

  • 5554522 Bugfix/security dependency updates including hyper, tokio, rustls/ring, h2, tracing, regex, toml, futures, serde and other crates.
  • 8cdb305 Docker: Debian 12.4 update.
  • af203ca Docker: Alpine 3.17.6 update.

Refactorings

  • 96ec477 Consistency when importing several types.
  • ab67bd7 Misc: GitHub issue and pull request template improvements. PR #294. Also a9d509e.

v2.24.1 - 2023-11-15

This new v2.24.1 release brings dependency security updates and bug fixes. In particular, it fixes an issue when executing the previous Windows ARM64 build and other improvements.

Fixes

  • c0c88f1 Bugfix/security dependency updates including tokio, http, rustls-pemfile, tracing, clap and other crates.
  • f4e9142 Windows ARM64 binary does not execute due to missing DLLs. PR #290.

Refactorings

  • 990bb7c Statically link the C runtime for Windows MSVC x86 (32-bit) build. PR #291.

Docs

Misc

  • 3099dba CI: Manual Docker build CI workflow for testing. PR #286.
  • 680323c CI: Manual release build CI workflow for testing. PR #288.

v2.24.0 - 2023-11-09

This new v2.24.0 release brings dependency security updates and bug fixes. It introduces three new targets (PowerPC (PPC64LE), S390x and Windows ARM64). Features like automatic TOML configuration file detection at startup and 404/50x error pages loading at runtime as well as several improvements.

Fixes

  • e767938 Bugfix/security dependency updates including ring, rustls, regex, clap, serde, futures, brotli and other crates (also b0c0775).
  • 4fa09ab CI: cross does not build when using libc 0.2.149+ on NetBSD.

Features

Refactorings

  • 4de9acd Allowed methods response for OPTIONS file requests. PR #278.
  • d06ad0f Remove some unused TLS configuration APIs and use defaults directly. PR #279.
  • ab16187 Improve the server maintenance mode debug logs. PR #282.

Docs

  • 2798725 Linux PowerPC (PPC64LE) and S390x targets information. See docs.

v2.23.0 - 2023-10-15

This new v2.23.0 release brings several dependency updates and bug fixes. New features like multiple index files and maintenance mode support, more performance and resource optimizations (~15% less memory usage), a bug fix for the directory listing, documentation for using SWS in WebAssembly and TrueNAS SCALE and other improvements.

Fixes

  • 85ea7c4 Bugfix/security dependency updates including tokio, regex, clap, async-compression (zstd, flate2), tracing, serde and other crates (also 27cb09d).
  • 7c5df01 Wrong directory type for empty files in JSON directory listing. PR #271 resolves #270 reported by @carueda.
  • 89d70d0 Docker: Debian 12.2 image update.
  • aeebc6f Installer: Installer script breakage. PR #274 resolves #273 reported by @kzhui125.
  • e3cd810 Crate: Docs links in compression module.

Features

Refactorings

  • d53c252 Optimize buffer size for static file reads (Linux/Unix targets). PR #269.

Docs

  • 7a407c6 WebAssembly page and Wasmer Wasix example. See docs.
  • b70058c TrueNAS SCALE installation via TrueCharts. See docs.
  • ddbf881 Improve content across several pages.

Acknowledgments

Thanks to our new donor @kirillt for supporting the project.

v2.22.1 - 2023-09-19

This new v2.22.1 release brings several dependency updates and bug fixes. In particular, it fixes an issue when capturing glob groups for URL Rewrites and Redirects.

Fixes

  • 0b5f590 Bugfix/security dependency updates including aho-corasick (regex), clap, syn and other crates.
  • 2e3e49f URL Rewrites and Redirects do not capture glob groups like /dir/{*} correctly. PR #265 resolves #264 reported by @clembu.

v2.22.0 - 2023-09-18

This new v2.22.0 release brings several dependency updates and bug fixes. It fixes a performance regression leading to better RAM utilization (~28% less) in comparison to the previous releases with a slight req/sec increase, a new Illumos x86_64 target, as well as improved responsiveness of the directory listing HTML page for mobile and desktop screens.

Fixes

  • 232677c Bugfix/security dependency updates including rustls, async-compression, chrono, clap, serde, regex and other crates. Also b2322a9.

Features

Refactorings

  • 698a244 Prefer optional slice references for several vec data arguments.
  • 257d47f Remove typed headers when appending cache-control.
  • 48d1910 Improve the responsiveness of the directory listing HTML view. PR #260 resolves #259 reported by @anantakrishna.
  • e551d67 Increase MSRV to 1.70.0.

v2.21.1 - 2023-08-23

This new v2.21.1 release brings several security dependency updates. In particular for serde_derive and rustls-webpki dependencies.

Fixes

  • c6172b4 Security dependency updates including serde_derive, rustls-webpki, h2 and other crates.
    • serde_derive: potential supply chain attack associated with shipping precompiled binaries (silently) serde-rs/serde#2538
    • rustls-webpki: potential CPU denial of service in certificate path building GHSA-fh2r-99q2-6mmg

v2.21.0 - 2023-08-19

This new v2.21.0 release brings several dependency updates and bug fixes, a new NetBSD x86_64 target, Virtual Hosting support, and other improvements.

Fixes

  • 91d8bf1 Bugfix/security dependency updates including tokio, regex, clap, serde, globset and other crates.
  • 2142053 Docker: Alpine 3.17.5 update.
  • 37a5113 Docker: Debian 12.1 update.

Features

Docs

  • 3f63a0b docs: improve several feature pages.

v2.20.2 - 2023-08-03

This new v2.20.2 release brings several dependency updates and bug fixes. Also, it fixes a regression in Windows introduced by the previous v2.20.1 release.

Fixes

  • bba9083 Bugfix/security dependency updates including jemallocator, rustls, clap, serde, globset and other crates.
  • 8cc073f Unable to initialize logger in Windows. #248 reported by @tripplet.

Refactorings

  • e9d33ca Basic-auth check request function.

v2.20.1 - 2023-07-20

This new v2.20.1 release brings several dependency updates and bug fixes. In particular, one fix for a regression introduced by the previous v2.20.0 release as well as other improvements.

Fixes

  • 1fe464b Bugfix/security dependency updates including zstd, clap, serde, bcrypt, globset, signal and other crates (also b763b50).
  • 3cf13dc URL Rewrites and Redirects don't work properly without replacements. PR #244 fixes #243 reported by @domi2120.
  • 8da2b69 Alpine 3.17.4.

Refactorings

  • 949c539 Initialize log system at config level.
  • 7fc0e1b Improve start-up server log information.
  • 032aaf3 CI: Post-release script and devel Makefile.

v2.20.0 - 2023-07-12

This new v2.20.0 release brings several dependency updates and bug fixes, advanced features like Glob pattern replacements for URL Redirects and Rewrites, a new health-check endpoint, GitHub Container Registry (GHCR) Docker images as well as other improvements.

Fixes

  • 9b84786 Bugfix/security dependency updates including tokio, hyper, h2, rustls, clap, serde, toml and other crates (also 9b84786).
  • b8473aa Potential panic when invalid content range.
  • 2331c88 CI: Post-release update script.

Features

Refactorings

  • 1bce204 Improve auto index options.
  • b2e4e49 Improve directory listing styling for HTML display.
  • e23a06d Lib: Crate docs metadata.

Docs

Acknowledgments

Thanks to our new donor @kirillt for supporting the project.

v2.19.0 - 2023-06-16

This new v2.19.0 release brings several dependency updates/bug fixes (including minor versions), a new Debian 12 "bookworm" Docker image, more Cargo features for controlling the SWS feature set when building, bug fixes for the SWS crate and one regression for the fallback-page feature, documentation for cross-compiling SWS from source using Zig as a linker as well as other improvements.

Fixes

  • d258803 Bugfix/security dependency updates including clap, async-compression, zstd, tokio-rustls, toml, pin-project, form_urlencoded, percent-encoding and other crates.
  • 3e4bd47 Value is required for fallback-page when using empty values. PR #219 fixes #218 reported by @OdyX
  • 558fd96 Lib: Unresolved/unused imports when disabling all Cargo features.
  • 911a1c2 Misc: Fix some module typos.
  • b751b40 CI: Wrong release tag for checksums workflow.

Features

Refactorings

  • 986b663 Lib: Enable Crate docsrs config flag.
  • 9e635bd Lib: Improve Cargo docs for some SWS features.
  • a0f92f5 CI: Post-release updates script.

Docs

v2.18.0 - 2023-06-07

This new v2.18.0 release brings several dependency updates/bug fixes, bug fixes for the security-headers and page-fallback features, the C runtime in Windows x86_64 is now statically linked, possibility to use CLI boolean flags without explicit values as well as some refactorings and improvements.

Fixes

  • ddfc00b Bugfix/security dependency updates including clap, parking_lot, libc, percent-encoding, form_urlencoded, regex and other crates.
  • cbb21c0 security-headers not enabled by default when using http2 via config file. PR #216 fixes #210 resported by @mac-chaffee.
  • 91519c9 Obsolete X-XSS-Protection header on security-headers (also d5279ff). Reported on #213 by @picchietti.
  • e183ea3 Missing SWS base modules when page-fallback is enabled. Reported on #213 by @picchietti.
    The following SWS modules are now used when page-fallback feature is activated:
    • cors
    • compression
    • cache_control_headers
    • security_headers
    • custom_headers
  • fba6665 CI: Workflow fails to generate proper checksums.

Features

  • 2150c74 Support for CLI boolean flags without explicit values (E.g. static-web-server -d public/ --compression -z). PR #215 resolves #209 suggested by @mac-chaffee.

Refactorings

  • fa0cca5 Statically link the C runtime on Windows MSVC x86_64 to avoid the VCRUNTIME140.dll.
  • a75147e Lib: Rust nightly toolchain for crate docs.
  • 520e66d CI: Increase verbosity of cargo build across pipelines.

Acknowledgments

Thanks to our new donor @picchietti for supporting the project.

v2.17.0 - 2023-06-03

This new v2.17.0 release brings several dependency updates/bug fixes, ECC private keys support for the tls feature, HTTP to HTTPS redirect support, several Cargo features for controlling the SWS compression and compression-static, dependency migrations like the clap CLI parser and tokio-rustls as well as various refactorings and improvements.

Fixes

  • b685cda Bugfix/security dependency updates including tokio, tracing, chrono, serde, h2, libc, pin-project, windows-sys and other crates.

Features

Refactorings

  • 4e01de6 Migrate clap CLI parser to v3. PR #211 by @mac-chaffee.
  • e8560a0 Update tokio-rustls to 0.24.
  • 20de5d0 HTTP to HTTPS redirect feature improvements.
  • 647e9b0 Lib: Include missing rustls-pemfile in Cargo tls feature.
  • 53ef76e Lib: Improve Rust docs for Cargo features.
  • 6b81c48 Lib: Simplify http2 Cargo feature.
  • ae17023 CI: Simplify workflow scripts.

Docs

v2.16.0 - 2023-04-25

This new v2.16.0 release brings several dependency updates/bug fixes including the Alpine Docker image, a new Android ARM64 target, Zstandard (zstd) auto-compression and pre-compressed files support, static-web-server available as a crate, as well as other additions and improvements.

Fixes

  • 44daf6b Bugfix/security dependency updates including hyper, tokio, futures, serde, h2, libc, windows and other crates. Also (be8ba9b, fff3d4e).
  • 39cfbab Improve error handling when reading file entries on the directory listing module. PR #192 fixes #191 reported by @PlkMarudny.
  • e36a522 Docker: Update Alpine to 3.17.3. PR #199 by @gaby.
  • 9d7de82 CI: Error when installing the latest Rust on FreeBSD.

Features

Refactorings

  • e751bfb Remove needless as_ref() for several paths on static file module.
  • cc1de08 Rename .html auto-suffix files metadata function.
  • 981c388 CI: Runner images and dependency updates.
  • 4a12898 CI: Improve devel/prod pipelines.
  • cf0d618 Misc: Logo and project description.
  • 90ec4b6 Misc: Move the website to static-web-server.net.

Docs

v2.15.0 - 2023-03-13

This new v2.15.0 release brings several dependency updates, one bug fix for the compression-static, new features like Tokio's --max-blocking-threads or .html prefixing for directory requests, the possibility to build SWS on non-Unix/Windows platforms and performance optimizations and improvements across several modules including static_file which speeds up SWS around ~4.37% (req/sec) for almost the same computing.

Fixes

  • 5d49c09 Bugfix/security dependency updates including hyper, tokio, futures, serde, h2, listenfd, windows-service, bcrypt, chrono and other crates.
  • 06cba46 Compression static auto index.html check missing. PR #186 resolves #178 reported by @glehmann.

Features

Refactorings

Docs

  • a4250fd Mention Cargo features when running or building from source.

Acknowledgments

Thanks to our new donnors @marcusbuffett and @scottsweb for support the project.

v2.14.2 - 2023-02-15

Fixes

  • 495f3ae Bugfix/security dependency updates including hyper, tokio, tikv-jemallocator, futures, rustls, toml, serde, parking_lot and other crates. Also (41a9b0b).
  • 7b81f0c Explicit Alpine 3.16.4 Docker images update.
  • e81b277 Unnecessary u32 cast on directory listing last modified function.

Refactorings

  • 2cf9008 Remove TOML incompatibility hacks.
  • d9f9204 Minor clippy syntax and format improvements.
  • 190db74 Project Minimum Supported Rust Version (MSRV) is now 1.66.0.

v2.14.1 - 2022-12-02

Fixes

  • e723716 Bugfix/security dependency updates including tokio-macros, flate2, parking_lot, serde and other crates.
  • b431c68 Panic on compression-static when root dir is a dot and client supports compression. PR #166 fixes #165 by @eduardo-gomes.

v2.14.0 - 2022-11-22

Fixes

  • ff69788 Bugfix/security dependency updates including tokio, hyper, chrono, listenfd, num_cpus, windows-service, serde, regex and other crates. (also d1baad6, efda237, 676d7e9)
  • 9d67d9d Unhandled panic when get "last modified" info on directory_listing module.
  • 6f059fd Needless borrow on signals module.
  • edc3fdf Update CI cross dependency to latest 0.2.x.

Breaking

  • a09ff1f Add missing SERVER prefix for the REDIRECT_TRAILING_SLASH env. PR #161.
    This is a breaking change only if the previous REDIRECT_TRAILING_SLASH env was used explicitly.
    Otherwise, if not set/used (default behavior) or using the equivalent CLI argument then there is no impact or action required.
    However, we highly encourage users to prefer SERVER_REDIRECT_TRAILING_SLASH env instead.

Features

  • 800416d Ignore hidden files/directories (dotfiles) via the new --ignore-hidden-files option. PR #162. See docs.

Refactorings

  • 6798ff7 Reduce allocations when using the fixed HTTP method list.
  • 2828f58 Strip symbols on release profile via Cargo.
  • ea4c24c Reorder imports on TLS module.
  • 0e538dd Introduce http-related extension traits. PR #160.
  • fb3fb23 Move project to its static-web-server organization.
  • 5435f3c Simplify FreeBSD test and release CI pipelines.
  • d66494c Project files clean up.

Docs

Advice about the new organization change

Certainly, there is no impact if you still rely on previous Github release links (E.g pre-compiled binaries) because they are always redirected permanently.
However, since we moved to a new organization, we highly encourage you to update your links using the new GitHub release address of the static-web-server organization.

v2.13.1 - 2022-10-17

Fixes

  • 41dd5c6 Bugfix/security dependency updates including cxx and proc-macro2 crates.
  • abef785 Directory listing JSON syntax error when requesting for an empty folder.

Refactorings

  • d1b72fd Significant ~58% performance boost for serving static files and ~10% (CPU) / ~52% (RAM) less resource utilization. PR #153 resolves #146 reported by @jonashaag.

v2.13.0 - 2022-10-12

Fixes

  • cce7a85 Bugfix/security dependency updates including jemallocator, http headers, async-compression, rustls-pemfile, tracing and other crates (also ed8dec3, ea0facd).
  • 3c863fd Directory listing links not encoded properly. PR #150 fixes #149 reported by @nestor-custodio.

Features

  • f369c80 CORS exposed headers support via new --cors-expose-headers option. PR #144 by @nelsonjchen. See docs.
  • 997e493 HTML/JSON support for directory listing entries via new --directory-listing-format option. PR #151. See docs.

Refactorings

  • 61d4bb2 Restore ANSI terminal colors for Unix systems previously disabled.

Docs

  • 3d8c74b Directory listing format description.

Codebase

  • 6a5ed83 Update CI workflow dependencies.

v2.12.0 - 2022-09-27

Fixes

  • 467affc Bugfix/security dependency updates including tokio, serde, tracing, h2, httparse, futures and other crates (also 303d1b4, c340f8f).
  • 82caf15 Potential segfault in the time crate. RUSTSEC-2020-0071 #142
  • 76fd7ea Unmaintained ansi_term crate. RUSTSEC-2021-0139 #143

Features

Refactorings

  • e9a4aa3 Directory listing module.
  • eee45f9 Remove indirections on static file module (performance improvement).

Docs

Codebase

v2.11.0 - 2022-08-15

Fixes

  • 1b7636c Bugfix/security dependency updates including tokio, serde, tracing, libc, futures and other crates (also 6840d0f, 32517b6).
  • 6570498 Enable the missing windows-service option when used via the config file.

Features

Docs

v2.10.0 - 2022-07-10

Fixes

  • b902cb7 Bugfix/security dependency updates including tokio, hyper, tracing, jemallocator and other crates (also 5c9b797, 4cf9a6b).
  • b73959f Fix wrong prefix config file path (\\?\) when logging on Windows.

Features

Docs

v2.9.0 - 2022-05-28

Fixes

  • 446576a Bugfix/security dependency updates including tokio, hyper, rustls, compression, windows-rs, serde, log and other crates (also fa531a0, 0879c84).

Features

Docs

v2.8.0 - 2022-05-04

Fixes

  • 446576a Bugfix/security dependency updates including http, tokio, httparse, windows-rs, serde, log and other crates.

Features

Refactorings

  • 9f4bbd7 Update tokio-rustls to v0.23.
  • 024531c Move to maintained jemallocator (tikv-jemallocator) on Linux (Musl libc).
  • 3e40153 Remove deprecated git.io link. PR #103 by @renbaoshuo.
  • 959c325 PathBuf data type for cli/file config path options.

Docs

  • 7dda2ea Config file and custom http headers.

v2.7.1 - 2022-04-17

Fixes

  • 9c58496 Bugfix/security dependency updates including httparse, flate2, h2, tracing, brotli, windows-rs and other crates (also bc62634, 8a1d1cb, eabc559).
  • 041f0f8 Prevent arbitrary files access on Windows.
    It mitigates accessing files outside of server root directory on Windows when a driver label is used as part of a request URL.
    E.g http://localhost:1234/whatever/c:/windows/win.ini.

Refactorings

  • fa05773 Small performance improvement for tracing.

Docs

  • 9c58496 Build documentation from source.

v2.7.0 - 2022-03-21

Fixes

  • dc8bc4d Bugfix/security dependency updates including h2, tracing, listenfd, mio, libc, syn and other crates (also 3b2a287, d57ee2f, 15cf1ac).
  • da85b16 --cors-allow-origins doesn't assign headers properly. PR #87 resolves #86 reported by @mr-moon.
  • dcc8a32 Security Alpine 3.15 Docker image upgrade. PR #92.

Features

Refactorings

  • d33d093 Reduce few allocations on HTTP request handler.
  • 06cc379 Reduce small allocation when encoding headers during compression.
  • a5e87e5 Typed Content-Type header for error pages and dir listing responses.

Docs

Testing

  • 7b6fc0b Cache-Control test cases.
  • f22b952 Stable Rust for ARM CI pipelines.

v2.6.0 - 2022-02-28

Fixes

  • fb84c0b Bugfix/security dependency updates including hyper, tokio, httparse, futures, tracing, headers and other crates (also 7f70a13, d3fb137).

Features

  • 7d32a67 Multi-arch Docker images (Scratch/Alpine). PR #82 resolves #54.
    • New armv7-unknown-linux-musleabihf (armv7) and arm-unknown-linux-musleabihf (armv6) binary targets.
    • New Docker images for linux/arm64, linux/386, linux/arm/v7 and linux/arm/v6 platforms.
  • 50974fe Compress WebAssembly (application/wasm) files. PR #84 by @acelot. See docs.
  • 70ec60c Arch Linux AUR package support. See docs.

Refactorings

  • e109b77 Improve startup server error messages providing context.
  • c085147 Prefer cfg(unix) instead of cfg(not(windows)).

Docs

  • eb482a4 Documentation for Multi-arch Docker images. See docs.
  • 70ec60c Documentation for Arch Linux support. See docs.

v2.6.0-beta.2 - 2022-02-08

Fixes

  • 65007f9 Wrong binary path for alpine docker image.

v2.6.0-beta.1 - 2022-02-08

Fixes

  • fb84c0b Bugfix dependency updates including httparse, futures and other crates.

Features

  • c2ae6a5 Multi-arch Docker images. PR #82 resolves #54.
    • New armv7-unknown-linux-musleabihf (armv7) and arm-unknown-linux-musleabihf (armv6) binary targets.
    • New Docker images for linux/arm64, linux/386, linux/arm/v7 and linux/arm/v6 platforms.

v2.5.0 - 2022-02-04

Fixes

Features

Refactorings

  • 4caf0aa Log info entry after ctrl+c on Windows.

v2.4.0 - 2022-01-06

Fixes

  • fd227b3 Bugfix dependency updates including Tokio, futures, http, syn, libc and other crates. (also fd227b3, 7becd4e).

Refactorings

  • 5926c9b Trailing slash checking and redirection for directory requests. PR #74 resolves #73 suggested by @knyzorg.

Features

  • ac8f87c Alpine 3.14 Docker images.

v2.3.0 - 2021-12-11

Fixes

  • 366e6a9 Security/bug fixes dependency updates including Hyper, Tokio, h2, libc, futures and other crates. (Also dfe87c7, 1231b50).

Features

v2.2.0 - 2021-11-04

Fixes

Features

Refactorings

  • 6f10ef1 Disable ANSI for tracing logs on Windows in order to display characters correctly.
  • 17ceec0 Log Basic Authentication info.

Docs

v2.1.0 - 2021-10-23

Fixes

  • 5f3842b Update dependencies including Hyper, Tokio, h2, futures, tracing bug/security fixes and related crates (also 5528bcb, dc98fbb).
  • 62e98c6 aarch64-unknown-linux-musl build fails using Rust nightly.

Features

Refactorings

Docs

  • f89c5c9 Describe Basic HTTP Authentication feature.
  • a6d0e53 Minor general description improvements.

v2.0.3 - 2021-09-29

Fixes

Refactorings

  • b2f09ab Remove optional extra Docker volume /public of scratch and alpine images. PR #52 resolves #51 reported by @bergi9.
  • 906106f Remove never read origins_str field on Cors module.
  • 6f7a6bc Fix Rust edition idioms.

Tests

v2.0.2 - 2021-08-29

Fixes

  • ab83e2a Update dependencies including Hyper, h2, httparse bug fixes. Tokio leak fix and related crates (also adb8ca6)

v2.0.1 - 2021-08-18

Fixes

  • 2459ec4 Return incorrect first bytes range when final bytes are requested. For example a request using Range: bytes=-10 header returned incorrectly the first 10 bytes rather than the last 10 ones.

Updates

Refactorings

  • 8fc1812 Remove needless borrow on static file and handle modules.
  • 27f5687 UTF-8 for default Docker index.html file.
  • ffb2e54 Update Rust stable to 1.54.0 on CI.

Tests

  • 5cdcffc More directory listing test cases.
  • c7e8ec9 More static files test cases.
  • 37f2371 More static file methods and compression test cases.
  • dd7f995 More static file test cases for during request handling.

Docs

  • f389cbc Minor badges and link updates.

v2.0.0 - 2021-07-18

The second major stable release is finally available after around half a year of work. It introduces notable changes including new features, performance improvements and new targets support like ARM64 and OSes like FreeBSD.

This version was re-written almost from scratch on top of Hyper and Tokio runtime which give us the Rust asynchronous ability by default and latest HTTP/1 - HTTP/2 implementation improvements. However it still try to keep the same principles of its first version: lightness and easy to use. Therefore a migration should not be a big deal.

Your feedback is very appreciated.

Features

This list only shows new features not present in previous v1.

  • Static Web Server is now asynchronous by default powered by latest Hyper and Tokio.
  • It supports opt-in GZip, Deflate and Brotli compression for text-based web files only.
  • HTTP/2 + TLS support (via --http2 option).
  • Security headers like STS, CSP and others for HTTP/2 by default.
  • Customizable number of worker threads (via --threads-multiplier option).
  • Redesigned directory listing (via --directory-listing option).
  • Cache control header is now optional (via --cache-control-headers).
  • Ability to accept a socket listener as a file descriptor for use in sandboxing and on-demand applications (E.g systemd). Via --fd option. Thanks to @tim-seoss.
  • Binaries for various i686/x86_64 targets (Linux/Windows/FreeBSD) and ARM/ARM64 (Linux/Macos M1)

For the full list, options details and usage please check it out the README file.

Breaking changes

This major version has few breaking changes. However a migration should not represent a problem. Please have in mind the following changes:

  • The server supports now only a root directory path (via --root or its equivalent env) so an assets path option is no longer required.
  • Cache control headers is applied to assets in an arbitrary manner. See src/control_headers.rs for more details.
  • OpenSSL TLS for HTTP/1 is not longer supported instead for the HTTP/2 + TLS (via --http2 option) the server uses h2 which is on top of Rustls. It means that instead of using a .p12 or .pfx file you can now use only a certificate file along with its private key. More details on README file.

The rest of known options are equivalent to v1 except the new ones of course. However it's worth to always recommend to test this server update first with your applications on a development environment or similar.

Please see the full list of options with their details on the README file.

Changes after the latest v2.0.0-beta.7 release:

Performance

  • 157ade1 Decrease few allocations during 404/50x error page responses.
  • 941572c Reduce few allocations on control headers checking.

Features

  • 012b626 Cache control headers optional via --cache-control-headers.

Refactorings

  • 5aa587f Minor syntax improvements on static file module.
  • 45988db Minor style updates on server module.

Docs

v2.0.0-beta.7 - 2021-07-09

Seventh and last beta release v2.0.0-beta.7 with notable changes.

Updates

Features

  • 432b591 FreeBSD i686 and x86_64 targets support.
    • i686-unknown-freebsd
    • x86_64-unknown-freebsd

Find the binaries for new targets attached to this release.

Performance

  • 70a76ed Optimize root path of static file module which increases performance and reduces memory usage.

Codebase

  • 2aa130d Move source ./public to ./docker dir.

v2.0.0-beta.6 - 2021-07-07

Sixth beta release v2.0.0-beta.6 with notable changes.

Updates

Fixes

  • a1b7836 Missing Content-Type header for directory listing index and error pages.

Features

  • e2bf778 Windows 64-bit target support. It also improves Ctrl+C signal handling cross-platform. Note Windows ARM64 is in stand by temporarily, see README file for more details.
  • 0fa5015 Windows/Linux i686 targets support and one Windows x86_64
    • i686-pc-windows-msvc
    • i686-unknown-linux-gnu
    • i686-unknown-linux-musl
    • x86_64-pc-windows-gnu
  • 59cf8bc More text-based mime types for compression.
    • text/csv
    • text/calendar
    • text/markdown
    • text/x-yaml
    • text/x-toml
    • application/rtf
    • application/xhtml+xml

Find the binaries for new targets attached to this release and all targets supported also described in the README file.

Refactorings

  • 2a699e4 Follow symlinks during directory listing, displaying the index page properly for symlinks that points to directories or files.
  • b4f1bcc Prefer stabilized Poll::map_err on compression stream.
  • 55ffd06 Handle potential panic for 404/50x error page responses.
  • 920acb2 Prefer to_owned() for string literals over to_string() in some cases.
  • c0dca6e Improve directory path scanning when directory listing.
  • 0ed6287 Auto compression error result logging.
  • 87b8744 Minor server config info updates.
  • b025536 Minor code styling and docs changes.

Release notes

FreeBSD i686/x86_64 binaries are coming in next and last beta release which is very close to the final v2 releasing.

v2.0.0-beta.5 - 2021-06-22

Fifth beta release v2.0.0-beta.5 with notable changes.

Updates

Features

  • c96af53 Security headers for HTTP/2 by default (--security-headers). PR #44 resolves #39
  • 3c95d1a Support five more targets. (also e6faff8)
    • x86_64-unknown-linux-gnu
    • aarch64-apple-darwin
    • aarch64-unknown-linux-gnu
    • aarch64-unknown-linux-musl
    • arm-unknown-linux-gnueabihf

Find binaries for those targets attached to this release.

Note about releases

Rust Nightly is powering the releases from now on the CI. This makes possible to reach more targets in the future. For more details about it see Rust Nightly targets supported. However clarify that the static-web-server project is not using any nightly feature but only stable Rust ones and the project is also tested against nightly and stable Rust on CI periodically in order to be notified in case of "regressions or bugs introduced in Nightly Rust". However it is known that the nightly compiler is very stable therefore the reason why we have chosen it for release targets via CI like many other popular Rust projects. In any case, please don't hesitate to file an issue or send a PR.

Refactorings

  • 2b2da3a --http2-tls-cert and --http2-tls-key options now require --http2 enabled.
  • 6fe04a5 Update Docker files in order to get the new Linux binary source.
  • 77d231c Drop redundant reference on CORS module.
  • d5189ec Drop root arc-path on static files module.

v2.0.0-beta.4 - 2021-06-02

Fourth beta release v2.0.0-beta.4 with notable changes.

Updates

  • a8b9379 Binaries compiled with latest Rust 1.52.1 release.
  • c3389cc Update dependencies including latest Hyper, Tokio and related crates. (also 7cbe483)

Features

  • 21bdf8c Support inheriting TCP listener from parent process via file descriptor (-f, --fd). PR #40 by @tim-seoss.
  • 5428eb3 Redefined directory listing (-z, --directory-listing). PR #41
  • d389803 Opt-in response body auto compression (Gzip, Deflate, Brotli) based on Accept-Encoding header (-x, --compression).
  • 74b9eaf Just one file associated metadata per request as possible.
  • af9a329 CORS support (-c, --cors-allow-origins).
  • 6ed3fe5 Unix-like termination signals handling.

Refactorings

  • a8d462a Drop Warp in favor of just Hyper + Tokio. PR #38
  • 04ec1b1 One worker thread per available core by default (-n, --threads-multiplier).
  • 991d4b8 Introduce a custom Hyper service implementation for the HTTP1 & HTTP2 web servers.
  • 58ff9b7 Reject non HEAD or GET requests on static assets and error page handlers.
  • 5cede7e Log info for compression and directory listing features.

Docs

All feature flags as well as their equivalent environment variables are described on the updated README file.

v2.0.0-beta.3 - 2021-04-20

Third beta release v2.0.0-beta.3 with notable changes.

Updates

Refactorings

  • 5d8b266 Static server configuration and static default error pages content.
  • e853410 Drop support for Deflate compression.
  • bbb5a8f Improve log information on server runtime setup.
  • c05471f Tokio server tasks simplifications.
  • 7ea40a7 Minor CLI typos.

Fixes

  • 99b8b7e Linking error for ring crate during Darwin build.

Docs

  • 3c36c9b Minor README description improvements.

v2.0.0-beta.2 - 2021-01-30

Second beta release v2.0.0-beta.2 with notable changes.

Updates

Features

More details about features on README file.

Refactorings

  • 6d3e2d1 Remove redundant 'static lifetime on constants.
  • 866c7cd Remove Tokio macros feature.
  • f7f2bf6 Some improvement suggestions by Clippy.
  • bff49a0 Few improvement on filter and helper modules.

Codebase

  • 7265f6b Github Actions as new CI.
  • c63b549 Remove Travis CI.
  • 65250c0 Minor simplications on server module.
  • b94fe72 Update core modules structure.
  • da5bdc3 Re-export few core lib modules.
  • 57c27f4 Deny(warnings) on lib
  • a3744d4 Simplify conditionals on rejection filter.

Docs

  • 933a3c4 Feature documentations updates (also 0ef21c4)
  • 78033d0 CLI arguments and environment variables descriptions.

v2.0.0-beta.1 - 2021-01-12

First major beta release v2.0.0-beta.1 with notable changes.

Built-in features

It uses Tokio v0.2 and Warp v0.2 (Hyper v0.13). PR #28

  • Environment variables and CLI arguments setup
  • Lightweight and configurable logging
  • Head responses support
  • GZip, Deflate and Brotli compression support
  • Compression for text-based web file only
  • Termination signal handling.
  • Default error pages (404, 500x, etc)
  • GZip, Deflate or Brotli compression can be optional
  • Compression on demand via Accept-Encoding header
  • Cache control headers for assets
  • Docker scratch & Alpine images
  • MacOs binary support

Bugfixes

  • Resolves #24 - Error on 8GB file

Additional features

  • Resolves #17 - Make assets directory path optional. Since this major release doesn't include an assets dir just a root.