Skip to content

fix(deps): update rust crate tower-http to 0.3.3 #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update rust crate tower-http to 0.3.3 #21

wants to merge 1 commit into from

Conversation

@renovate
Copy link

@renovate renovate bot commented Dec 1, 2021
edited
Loading

WhiteSource Renovate

This PR contains the following updates:

Package Type Update Change
tower-http dependencies minor 0.1.2 -> 0.3.3

Release Notes

tower-rs/tower-http

v0.3.3

Compare Source

Added
  • serve_dir: Add ServeDir::call_fallback_on_method_not_allowed to allow calling the fallback
    for requests that aren't GET or HEAD (#​264)
  • request_id: Add MakeRequestUuid for generating request ids using UUIDs (#​266)
Fixed
  • serve_dir: Include Allow header for 405 Method Not Allowed responses (#​263)

v0.3.2

Compare Source

Fixed
  • serve_dir: Fix empty request parts being passed to ServeDir's fallback instead of the actual ones (#​258)

v0.3.1

Compare Source

Fixed
  • cors: Only send a single origin in Access-Control-Allow-Origin header when a list of
    allowed origins is configured (the previous behavior of sending a comma-separated list like for
    allowed methods and allowed headers is not allowed by any standard)

v0.3.0

Compare Source

Added
  • fs: Add ServeDir::{fallback, not_found_service} for calling another service if
    the file cannot be found (#​243)
  • fs: Add SetStatus to override status codes (#​248)
  • ServeDir and ServeFile now respond with 405 Method Not Allowed to requests where the
    method isn't GET or HEAD (#​249)
  • cors: Added CorsLayer::very_permissive which is like
    CorsLayer::permissive except it (truly) allows credentials. This is made
    possible by mirroring the request's origin as well as method and headers
    back as CORS-whitelisted ones (#​237)
  • cors: Allow customizing the value(s) for the Vary header (#​237)
Changed
  • cors: Removed allow-credentials: true from CorsLayer::permissive.
    It never actually took effect in compliant browsers because it is mutually
    exclusive with the * wildcard (Any) on origins, methods and headers (#​237)
  • cors: Rewrote the CORS middleware. Almost all existing usage patterns
    will continue to work. (BREAKING) (#​237)
  • cors: The CORS middleware will now panic if you try to use Any in
    combination with .allow_credentials(true). This configuration worked
    before, but resulted in browsers ignoring the allow-credentials header,
    which defeats the purpose of setting it and can be very annoying to debug
    (#​237)
Fixed
  • fs: Fix content-length calculation on range requests (#​228)

v0.2.5

Compare Source

Fixed

  • Fix content-length calculation on range requests (#​228)

v0.2.4

Compare Source

Added

  • Added CatchPanic middleware which catches panics and converts them
    into 500 Internal Server responses (#​214)

Fixed

  • Make parsing of Accept-Encoding more robust (#​220)

v0.2.3

Compare Source

Changed

  • Update to tokio-util 0.7 (#​221)

Fixed

  • The CORS layer / service methods allow_headers, allow_methods, allow_origin
    and expose_headers now do nothing if given an empty Vec, instead of sending
    the respective header with an empty value (#​218)

v0.2.2

Compare Source

Fixed

  • Add Vary headers for CORS preflight responses (#​216)

v0.2.1

Compare Source

Added

  • Support Last-Modified (and friends) headers in ServeDir and ServeFile (#​145)
  • Add AsyncRequireAuthorization::layer (#​195)

Fixed

  • Fix build error for certain feature sets (#​209)
  • Cors: Set Vary header (#​199)
  • ServeDir and ServeFile: Fix potential directory traversal attack due to
    improper path validation on Windows (#​204)

v0.2.0

Compare Source

Added

  • builder: Add ServiceBuilderExt which adds methods to tower::ServiceBuilder for
    adding middleware from tower-http (#​106)
  • request_id: Add SetRequestId and PropagateRequestId middleware (#​150)
  • trace: Add DefaultMakeSpan::level to make log level of tracing spans easily configurable (#​124)
  • trace: Add LatencyUnit::Seconds for formatting latencies as seconds (#​179)
  • trace: Support customizing which status codes are considered failures by GrpcErrorsAsFailures (#​189)
  • compression: Support specifying predicates to choose when responses should
    be compressed. This can be used to disable compression of small responses,
    responses with a certain content-type, or something user defined (#​172)
  • fs: Ability to serve precompressed files (#​156)
  • fs: Support Range requests (#​173)
  • fs: Properly support HEAD requests which return no body and have the Content-Length header set (#​169)

Changed

  • AddAuthorization, InFlightRequests, SetRequestHeader,
    SetResponseHeader, AddExtension, MapRequestBody and MapResponseBody
    now requires underlying service to use http::Request<ReqBody> and
    http::Response<ResBody> as request and responses (#​182) (BREAKING)
  • set_header: Remove unnecessary generic parameter from SetRequestHeaderLayer
    and SetResponseHeaderLayer. This removes the need (and possibility) to specify a
    body type for these layers (#​148) (BREAKING)
  • compression, decompression: Change the response body error type to
    Box<dyn std::error::Error + Send + Sync>. This makes them usable if
    the body they're wrapping uses Box<dyn std::error::Error + Send + Sync> as
    its error type which they previously weren't (#​166) (BREAKING)
  • fs: Change response body type of ServeDir and ServeFile to
    ServeFileSystemResponseBody and ServeFileSystemResponseFuture (#​187) (BREAKING)
  • auth: Change AuthorizeRequest and AsyncAuthorizeRequest traits to be simpler (#​192) (BREAKING)

Removed

  • compression, decompression: Remove BodyOrIoError. Its been replaced with Box<dyn std::error::Error + Send + Sync> (#​166) (BREAKING)
  • compression, decompression: Remove the compression and decompression feature. They were unnecessary
    and compression-full/decompression-full can be used to get full
    compression/decompression support. For more granular control, [compression|decompression]-gzip,
    [compression|decompression]-br and [compression|decompression]-deflate may
    be used instead (#​170) (BREAKING)

v0.1.3

Compare Source

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/tower-http-0.x branch from 04f84eb to 5c4f9fc Compare March 7, 2022 08:08
@renovate renovate bot changed the title fix(deps): update rust crate tower-http to 0.2.0 fix(deps): update rust crate tower-http to 0.2.3 Mar 7, 2022
@renovate renovate bot changed the title fix(deps): update rust crate tower-http to 0.2.3 fix(deps): update rust crate tower-http to 0.2.5 Mar 26, 2022
@renovate renovate bot force-pushed the renovate/tower-http-0.x branch from 5c4f9fc to 382795c Compare March 26, 2022 14:21
@renovate renovate bot force-pushed the renovate/tower-http-0.x branch from 382795c to 00ef953 Compare May 16, 2022 00:10
@renovate renovate bot changed the title fix(deps): update rust crate tower-http to 0.2.5 fix(deps): update rust crate tower-http to 0.3.3 May 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@renovate-bot