conductor icon indicating copy to clipboard operation
conductor copied to clipboard

Published 20 hours ago β€’ verified publisher icon the-guild-org

fix(deps): update rust crate reqwest to v0.12.14

Open renovate[bot] opened this issue 1 year ago β€’ 4 comments

This PR contains the following updates:

Package Type Update Change
reqwest dependencies patch 0.12.8 -> 0.12.14
reqwest workspace.dependencies patch 0.12.8 -> 0.12.14

Release Notes

seanmonstar/reqwest (reqwest)

v0.12.14

Compare Source

What's Changed

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.13...v0.12.14

v0.12.13

Compare Source

  • Add Form::into_reader() for blocking multipart forms.
  • Add Form::into_stream() for async multipart forms.
  • Add support for SOCKS4a proxies.
  • Fix decoding responses with multiple zstd frames.
  • Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
  • Fix cloning of request timeout in blocking::Request.
  • Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
  • Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
  • Fix blocking read to correctly reserve and zero read buffer.
  • (wasm) Add support for request timeouts.
  • (wasm) Fix Error::is_timeout() to return true when from a request timeout.

v0.12.12

Compare Source

  • (wasm) Fix compilation by not compiler tokio/time on WASM.

v0.12.11

Compare Source

  • Fix decompression returning an error when HTTP/2 ends with an empty data frame.

v0.12.10

Compare Source

  • Add ClientBuilder::connector_layer() to allow customizing the connector stack.
  • Add ClientBuilder::http2_max_header_list_size() option.
  • Fix propagating body size hint (content-length) information when wrapping bodies.
  • Fix decompression of chunked bodies so the connections can be reused more often.

v0.12.9

Compare Source

  • Add tls::CertificateRevocationLists support.
  • Add crate features to enable webpki roots without selecting a rustls provider.
  • Fix connection_verbose() to output read logs.
  • Fix multipart::Part::file() to automatically include content-length.
  • Fix proxy to internally no longer cache system proxy settings.

Configuration

πŸ“… Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about these updates again.

  • [ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate[bot] avatar Nov 27 '24 05:11 renovate[bot]

🚨 Rust Panic Audit: 342 Potential Panic Points Detected 🚨

Crate: ``

πŸ“Š Total Usages: 239

  • πŸ”Ž expect usages: 41
  • πŸ”’ array_index usages: 31
  • 🚨 panic usages: 8
  • 🎁 unwrap usages: 159

Crate: federation_query_planner

πŸ“Š Total Usages: 50

  • πŸ”’ array_index usages: 10
  • πŸ”Ž expect usages: 8
  • 🚨 panic usages: 3
  • 🎁 unwrap usages: 29

Crate: conductor

πŸ“Š Total Usages: 11

  • 🎁 unwrap usages: 2
  • πŸ”Ž expect usages: 7
  • 🚨 panic usages: 2

Crate: common

πŸ“Š Total Usages: 11

  • 🎁 unwrap usages: 10
  • πŸ”’ array_index usages: 1

Crate: cloudflare_worker

πŸ“Š Total Usages: 8

  • πŸ”Ž expect usages: 2
  • 🚨 panic usages: 1
  • 🎁 unwrap usages: 5

Crate: telemetry

πŸ“Š Total Usages: 7

  • πŸ”’ array_index usages: 4
  • 🎁 unwrap usages: 3

Crate: engine

πŸ“Š Total Usages: 7

  • 🎁 unwrap usages: 6
  • πŸ”Ž expect usages: 1

Crate: tracing

πŸ“Š Total Usages: 6

  • πŸ”Ž expect usages: 1
  • 🎁 unwrap usages: 5

Crate: config

πŸ“Š Total Usages: 3

  • 🎁 unwrap usages: 2
  • 🚨 panic usages: 1

πŸ“Œ Expected Annotations

Crate: common

πŸ“Š Total Expected Usages: 1

expand details
  1. Reason: "we're parsing a statically defined constant, we know it works ;)"
  • Code: .unwrap()
  • Location: ./libs/common/src/graphql.rs:31

Crate: jwt_auth

πŸ“Š Total Expected Usages: 1

expand details
  1. Reason: "if initiating an http client fails, then we have to exit."
  • Code: let client = wasm_polyfills::create_http_client().build().unwrap();
  • Location: ./plugins/jwt_auth/src/jwks_provider.rs:49

Crate: engine

πŸ“Š Total Expected Usages: 2

expand details
  1. Reason: "if we are unable to construct the endpoints and attach them onto the gateway's http server, we have to exit"
  • Code: Err(e) => panic!("failed to construct endpoint: {:?}", e),
  • Location: ./libs/engine/src/gateway.rs:158
  1. Reason: "we can safely index here, it's inside a test with constant defined fixtures."
  • Code: ConductorGateway::execute(request, &gw.routes[0].route_data).await
  • Location: ./libs/engine/src/gateway.rs:190

Crate: conductor

πŸ“Š Total Expected Usages: 2

expand details
  1. Reason: "we need to exit the process, if the logger can't be correctly set."
  • Code: let _guard = tracing::subscriber::set_default(subscriber);
  • Location: ./bin/conductor/src/lib.rs:64
  1. Reason: "we need to exit the process, if the provided configuration file is incorrect."
  • Code: panic!("Failed to initialize gateway: {:?}", e);
  • Location: ./bin/conductor/src/lib.rs:103

Crate: cloudflare_worker

πŸ“Š Total Expected Usages: 4

expand details
  1. Reason: "it panics only if the header name is not valid, and we know it is."
  • Code: .unwrap()
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:20
  1. Reason: "it panics only if the URL source is not valid, and it's already validated before."
  • Code: let url = req.url().unwrap();
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:23
  1. Reason: "it only panics if we are not running in a CF context, should be safe."
  • Code: let cf_info = req.cf().unwrap();
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:27
  1. Reason: "unwraps only in special cases where "data:text" is used."
  • Code: let http_host = url.host().unwrap().to_string();
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:36

Crate: napi

πŸ“Š Total Expected Usages: 1

expand details
  1. Reason: "we need this"
  • Code: panic!("Exited process!")
  • Location: ./libs/napi/src/lib.rs:18

Crate: vrl

πŸ“Š Total Expected Usages: 2

expand details
  1. Reason: "if the provided VRL code in the config file can't compile, we have to exit."
  • Code: panic!("failed to compile vrl program");
  • Location: ./plugins/vrl/src/plugin.rs:129
  1. Reason: "states is a non-user provided variable"
  • Code: .expect("can't merge states when states is an empty vector!")
  • Location: ./plugins/vrl/src/plugin.rs:146

Crate: config

πŸ“Š Total Expected Usages: 9

expand details
  1. Reason: "part of development docgen CLI"
  • Code: .expect("Failed to serialize json schema for config file!");
  • Location: ./libs/config/src/generate-json-schema.rs:50
  1. Reason: "part of development docgen CLI"
  • Code: .expect("Failed to write the json schema to the file system!");
  • Location: ./libs/config/src/generate-json-schema.rs:54
  1. Reason: "πŸ‘‡"
  • Code: let raw_contents = read_to_string(file_path)
  • Location: ./libs/config/src/lib.rs:815
  1. Reason: "πŸ‘‡"
  • Code: panic!("Failed to interpolate config file, please resolve the above errors");
  • Location: ./libs/config/src/lib.rs:847
  1. Reason: "πŸ‘‡"
  • Code: parse_config_from_json(&config_string).expect("Failed to parse JSON config file")
  • Location: ./libs/config/src/lib.rs:854
  1. Reason: "πŸ‘‡"
  • Code: parse_config_from_yaml(&config_string).expect("Failed to parse YAML config file")
  • Location: ./libs/config/src/lib.rs:858
  1. Reason: "πŸ‘‡"
  • Code: _ => panic!("Unsupported config file extension"),
  • Location: ./libs/config/src/lib.rs:875
  1. Reason: "πŸ‘‡"
  • Code: None => panic!("Config file has no extension"),
  • Location: ./libs/config/src/lib.rs:878
  1. Reason: "statically defined regex pattern, we know it works ;)"
  • Code: .unwrap();
  • Location: ./libs/config/src/interpolate.rs:18

Crate: ``

πŸ“Š Total Expected Usages: 22

expand details
  1. Reason: "if we are unable to construct the endpoints and attach them onto the gateway's http server, we have to exit"
  • Code: Err(e) => panic!("failed to construct endpoint: {:?}", e),
  • Location: ./libs/engine/src/gateway.rs:158
  1. Reason: "we can safely index here, it's inside a test with constant defined fixtures."
  • Code: ConductorGateway::execute(request, &gw.routes[0].route_data).await
  • Location: ./libs/engine/src/gateway.rs:190
  1. Reason: "we're parsing a statically defined constant, we know it works ;)"
  • Code: .unwrap()
  • Location: ./libs/common/src/graphql.rs:31
  1. Reason: "we need this"
  • Code: panic!("Exited process!")
  • Location: ./libs/napi/src/lib.rs:18
  1. Reason: "part of development docgen CLI"
  • Code: .expect("Failed to serialize json schema for config file!");
  • Location: ./libs/config/src/generate-json-schema.rs:50
  1. Reason: "part of development docgen CLI"
  • Code: .expect("Failed to write the json schema to the file system!");
  • Location: ./libs/config/src/generate-json-schema.rs:54
  1. Reason: "πŸ‘‡"
  • Code: let raw_contents = read_to_string(file_path)
  • Location: ./libs/config/src/lib.rs:815
  1. Reason: "πŸ‘‡"
  • Code: panic!("Failed to interpolate config file, please resolve the above errors");
  • Location: ./libs/config/src/lib.rs:847
  1. Reason: "πŸ‘‡"
  • Code: parse_config_from_json(&config_string).expect("Failed to parse JSON config file")
  • Location: ./libs/config/src/lib.rs:854
  1. Reason: "πŸ‘‡"
  • Code: parse_config_from_yaml(&config_string).expect("Failed to parse YAML config file")
  • Location: ./libs/config/src/lib.rs:858
  1. Reason: "πŸ‘‡"
  • Code: _ => panic!("Unsupported config file extension"),
  • Location: ./libs/config/src/lib.rs:875
  1. Reason: "πŸ‘‡"
  • Code: None => panic!("Config file has no extension"),
  • Location: ./libs/config/src/lib.rs:878
  1. Reason: "statically defined regex pattern, we know it works ;)"
  • Code: .unwrap();
  • Location: ./libs/config/src/interpolate.rs:18
  1. Reason: "we need to exit the process, if the logger can't be correctly set."
  • Code: let _guard = tracing::subscriber::set_default(subscriber);
  • Location: ./bin/conductor/src/lib.rs:64
  1. Reason: "we need to exit the process, if the provided configuration file is incorrect."
  • Code: panic!("Failed to initialize gateway: {:?}", e);
  • Location: ./bin/conductor/src/lib.rs:103
  1. Reason: "it panics only if the header name is not valid, and we know it is."
  • Code: .unwrap()
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:20
  1. Reason: "it panics only if the URL source is not valid, and it's already validated before."
  • Code: let url = req.url().unwrap();
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:23
  1. Reason: "it only panics if we are not running in a CF context, should be safe."
  • Code: let cf_info = req.cf().unwrap();
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:27
  1. Reason: "unwraps only in special cases where "data:text" is used."
  • Code: let http_host = url.host().unwrap().to_string();
  • Location: ./bin/cloudflare_worker/src/http_tracing.rs:36
  1. Reason: "if initiating an http client fails, then we have to exit."
  • Code: let client = wasm_polyfills::create_http_client().build().unwrap();
  • Location: ./plugins/jwt_auth/src/jwks_provider.rs:49
  1. Reason: "if the provided VRL code in the config file can't compile, we have to exit."
  • Code: panic!("failed to compile vrl program");
  • Location: ./plugins/vrl/src/plugin.rs:129
  1. Reason: "states is a non-user provided variable"
  • Code: .expect("can't merge states when states is an empty vector!")
  • Location: ./plugins/vrl/src/plugin.rs:146

github-actions[bot] avatar Nov 27 '24 05:11 github-actions[bot]

πŸ‹ This PR was built and pushed to the following Docker images:

Docker Bake metadata 
{
"conductor": {
  "buildx.build.provenance": {
    "buildType": "https://mobyproject.org/buildkit@v1",
    "materials": [
      {
        "uri": "pkg:docker/[email protected]?platform=linux%2Famd64",
        "digest": {
          "sha256": "a92ed51e0996d8e9de041ca05ce623d2c491444df6a535a566dabd5cb8336946"
        }
      },
      {
        "uri": "pkg:docker/[email protected]?platform=linux%2Famd64",
        "digest": {
          "sha256": "83101f6985c93e1e6501b3375de188ee3d2cbb89968bcc91611591f9f447bd42"
        }
      }
    ],
    "invocation": {
      "configSource": {
        "entryPoint": "Dockerfile"
      },
      "parameters": {
        "frontend": "dockerfile.v0",
        "args": {
          "label:org.opencontainers.image.authors": "The Guild <[email protected]>",
          "label:org.opencontainers.image.description": "Conductor is a robust GraphQL Gateway.",
          "label:org.opencontainers.image.docs": "https://the-guild.dev/graphql/gateway",
          "label:org.opencontainers.image.licenses": "MIT",
          "label:org.opencontainers.image.revision": "40b07f4ab1433e33134a2e8f0e7483c50ac9fde2",
          "label:org.opencontainers.image.source": "https://github.com/the-guild-org/conductor",
          "label:org.opencontainers.image.title": "Conductor",
          "label:org.opencontainers.image.url": "https://the-guild.dev/graphql/gateway",
          "label:org.opencontainers.image.vendor": "The Guild",
          "label:org.opencontainers.image.version": ""
        },
        "locals": [
          {
            "name": "context"
          },
          {
            "name": "dockerfile"
          }
        ]
      },
      "environment": {
        "platform": "linux/amd64"
      }
    }
  },
  "buildx.build.ref": "builder-d429ebef-6baa-4fd6-8403-ac4085337961/builder-d429ebef-6baa-4fd6-8403-ac40853379610/qt3at47h90thuffvbp743zrxp",
  "containerimage.config.digest": "sha256:2b550cb255b4fae2ea5f18049cd7582c7c7de3fe55f82de4eb24984151899bc0",
  "containerimage.descriptor": {
    "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
    "digest": "sha256:559fd8085d0d0a0cb8f0c5c4f7b3907da9c1a73ac5e00f78118a72277cb63463",
    "size": 902,
    "platform": {
      "architecture": "amd64",
      "os": "linux"
    }
  },
  "containerimage.digest": "sha256:559fd8085d0d0a0cb8f0c5c4f7b3907da9c1a73ac5e00f78118a72277cb63463",
  "image.name": "ghcr.io/the-guild-org/conductor/conductor:40b07f4ab1433e33134a2e8f0e7483c50ac9fde2"
}
}

github-actions[bot] avatar Nov 27 '24 05:11 github-actions[bot]

βœ… Benchmark Results

     data_received..................: 13 MB   221 kB/s
     data_sent......................: 22 MB   363 kB/s
     http_req_blocked...............: min=1.11Β΅s   avg=3.05Β΅s   med=2.19Β΅s   max=5.7ms   p(95)=3.22Β΅s   p(99)=12.97Β΅s 
     http_req_connecting............: min=0s       avg=457ns    med=0s       max=5.63ms  p(95)=0s       p(99)=0s      
     http_req_duration..............: min=315.19Β΅s avg=408.01Β΅s med=387.16Β΅s max=13.96ms p(95)=481.67Β΅s p(99)=553.82Β΅s
       { expected_response:true }...: min=315.19Β΅s avg=408.01Β΅s med=387.16Β΅s max=13.96ms p(95)=481.67Β΅s p(99)=553.82Β΅s
     βœ“ { scenario:rps_1000 }........: min=315.19Β΅s avg=408.01Β΅s med=387.16Β΅s max=13.96ms p(95)=481.67Β΅s p(99)=553.82Β΅s
     http_req_failed................: 0.00%   βœ“ 0           βœ— 60001
     βœ“ { scenario:rps_1000 }........: 0.00%   βœ“ 0           βœ— 60001
     http_req_receiving.............: min=10.27Β΅s  avg=26.35Β΅s  med=25.72Β΅s  max=1.59ms  p(95)=33.51Β΅s  p(99)=40.22Β΅s 
     http_req_sending...............: min=6.92Β΅s   avg=15.22Β΅s  med=14.01Β΅s  max=2.41ms  p(95)=23.33Β΅s  p(99)=36.84Β΅s 
     http_req_tls_handshaking.......: min=0s       avg=0s       med=0s       max=0s      p(95)=0s       p(99)=0s      
     http_req_waiting...............: min=278.95Β΅s avg=366.43Β΅s med=346.6Β΅s  max=13.84ms p(95)=438.9Β΅s  p(99)=508.91Β΅s
     http_reqs......................: 60001   1000.003424/s
     βœ“ { scenario:rps_1000 }........: 60001   1000.003424/s
     iteration_duration.............: min=394.64Β΅s avg=496.5Β΅s  med=474.08Β΅s max=14.22ms p(95)=574.3Β΅s  p(99)=695.76Β΅s
     iterations.....................: 60001   1000.003424/s
     βœ“ { scenario:rps_1000 }........: 60001   1000.003424/s
     valid_graphql_response.........: 100.00% βœ“ 60001       βœ— 0    
     βœ“ { scenario:rps_1000 }........: 100.00% βœ“ 60001       βœ— 0    
     valid_http_code................: 100.00% βœ“ 60001       βœ— 0    
     βœ“ { scenario:rps_1000 }........: 100.00% βœ“ 60001       βœ— 0    
     vus............................: 1       min=0         max=2  
     vus_max........................: 200     min=200       max=200

github-actions[bot] avatar Nov 27 '24 05:11 github-actions[bot]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

β™» Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock
Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path Cargo.toml --package [email protected] --precise 0.12.14
    Updating crates.io index
error: failed to select a version for `tower`.
    ... required by package `axum v0.7.7`
    ... which satisfies dependency `axum = "^0.7"` (locked to 0.7.7) of package `tonic v0.12.3`
    ... which satisfies dependency `tonic = "^0.12.3"` (locked to 0.12.3) of package `opentelemetry-otlp v0.27.0`
    ... which satisfies dependency `opentelemetry-otlp = "^0.27.0"` (locked to 0.27.0) of package `telemetry_plugin v0.0.0 (/tmp/renovate/repos/github/the-guild-org/conductor/plugins/telemetry)`
    ... which satisfies path dependency `telemetry_plugin` (locked to 0.0.0) of package `e2e v0.0.0 (/tmp/renovate/repos/github/the-guild-org/conductor/libs/e2e_tests)`
versions that meet the requirements `^0.5.1` (locked to 0.5.1) are: 0.5.1

all possible versions conflict with previously selected packages.

  previously selected package `tower v0.5.2`
    ... which satisfies dependency `tower = "^0.5.2"` of package `reqwest v0.12.14`
    ... which satisfies dependency `reqwest = "^0.12.8"` of package `smoke_tests v0.0.0 (/tmp/renovate/repos/github/the-guild-org/conductor/libs/smoke_tests)`

failed to select a version for `tower` which could resolve this conflict
File name: Cargo.lock
Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path plugins/telemetry/Cargo.toml --package [email protected] --precise 0.12.14
    Updating crates.io index
error: failed to select a version for `tower`.
    ... required by package `axum v0.7.7`
    ... which satisfies dependency `axum = "^0.7"` (locked to 0.7.7) of package `tonic v0.12.3`
    ... which satisfies dependency `tonic = "^0.12.3"` (locked to 0.12.3) of package `opentelemetry-otlp v0.27.0`
    ... which satisfies dependency `opentelemetry-otlp = "^0.27.0"` (locked to 0.27.0) of package `telemetry_plugin v0.0.0 (/tmp/renovate/repos/github/the-guild-org/conductor/plugins/telemetry)`
    ... which satisfies path dependency `telemetry_plugin` (locked to 0.0.0) of package `e2e v0.0.0 (/tmp/renovate/repos/github/the-guild-org/conductor/libs/e2e_tests)`
versions that meet the requirements `^0.5.1` (locked to 0.5.1) are: 0.5.1

all possible versions conflict with previously selected packages.

  previously selected package `tower v0.5.2`
    ... which satisfies dependency `tower = "^0.5.2"` of package `reqwest v0.12.14`
    ... which satisfies dependency `reqwest = "^0.12.8"` of package `smoke_tests v0.0.0 (/tmp/renovate/repos/github/the-guild-org/conductor/libs/smoke_tests)`

failed to select a version for `tower` which could resolve this conflict

renovate[bot] avatar Dec 16 '24 12:12 renovate[bot]