chore(deps): update dependency vapor/vapor to from: "4.117.0"

[renovate]

This PR contains the following updates:

Package	Update	Change
vapor/vapor	minor	from: "4.92.5" -> from: "4.117.0"

---

Release Notes

vapor/vapor (vapor/vapor)

v4.117.0: - Fix warnings in 6.2

Compare Source

What's Changed

Fix warnings in 6.2 by @​0xTim in #​3361

Fixes the warnings from the 6.2 RC

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.116.0...4.117.0

v4.116.0: - Allow initializing Vapor.Application with a Logger

Compare Source

What's Changed

Allow initializing Vapor.Application with a Logger by @​czechboy0 in #​3359

When using a single Logger in the whole app, it’s useful to be able to initialize the Vapor app with one as well, rather than letting it create one internally.

This doesn’t change behavior for existing users, just adds a new variant of the Vapor.Application.make method that takes a Logger explicitly.

Added unit tests to cover both the default and the new option.

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.115.1...4.116.0

v4.115.1: - Add Sendable annotations to the OTP types

Compare Source

What's Changed

Add Sendable annotations to the OTP types by @​0xTim in #​3345

Add some missing Sendable annontations to the OTP types so @preconcurrency import is not required when using the types across isolation boundaries

Reviewers

Thanks to the reviewers for their help:

• @​ptoffy

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.115.0...4.115.1

v4.115.0: - Improve VaporTesting's withApp method

Compare Source

What's Changed

Improve VaporTesting's withApp method by @​fpseverino in #​3332

This PR makes the withApp helper method work as advertised, allowing an optional configuration method for the Application to be passed.

Also, marks it with @discardableResult to avoid unnecessary warnings.

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.114.1...4.115.0

v4.114.1: - Correct SessionData's Codable conformance

Compare Source

What's Changed

Correct SessionData's Codable conformance by @​gwynne in #​3317

The SessionData type (which is nothing but a very thin wrapper over a [String: String] dictionary anyway) had a Codable implementation that was technically incorrect. This corrects it. There should not be any effect whatsoever on behavior unless someone is using a very esoteric Encoder or Decoder to encode or decode it, but it’s still more correct this way.

Also took the opportunity to do a little code formatting cleanup and to replace the silly use of .reduce() in the ExpressibleByDictionaryLiteral initializer with use of the applicable (and somewhat faster) Dictionary initializer.

Reviewers

Thanks to the reviewers for their help:

• @​ptoffy

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.114.0...4.114.1

v4.114.0: - Added a cache policy for file middleware

Compare Source

What's Changed

Added a cache policy for file middleware by @​dimitribouniol in #​3314

Currently, if a vapor app uses FileMiddleware to deliver static resources, it would have no control over the cache policy used by the browser for those files. This adds a configurable cache policy interface with reasonable defaults to better control when and how often a browser re-requests files (for instance, disabling caches during development).

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.113.2...4.114.0

v4.113.2: - Fix warning in service fix

Compare Source

What's Changed

Fix warning in service fix by @​0xTim in #​3303

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.113.1...4.113.2

v4.113.1: - Prevent stack overflow by using NIOLock instead of NIOLockedValueBox during service initialization

Compare Source

What's Changed

Prevent stack overflow by using NIOLock instead of NIOLockedValueBox during service initialization by @​MrMage in #​3302

At first glance, one could think that using a NIOLockedValueBox<(@&#8203;Sendable (Application) -> ServiceType)?> for makeService would be sufficient here. However, for some reason, calling self.storage.makeService.withLockedValue({ $0 }) repeatedly in Service.service causes each subsequent call to the function stored inside the locked value to perform one (or several) more “trampoline” function calls, slowing down the execution and eventually leading to a stack overflow. This is why we use a NIOLock here instead; it seems to avoid the { $0 } issue above despite still accessing _makeService from within a closure ({ self._makeService }).

• Replace NIOLockedValueBox with NIOLock to avoid adding trampoline function calls
• Add detailed comment explaining the rationale behind the locking mechanism change
• Simplify service initialization with direct fatalError instead of optional handling
• Remove redundant nil checks in service getter

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.113.0...4.113.1

v4.113.0: - Fix warnings from NIO 2.79.0

Compare Source

What's Changed

Fix warnings from NIO 2.79.0 by @​0xTim in #​3285

Fixes a number of Sendable warnings introduced by https://github.com/apple/swift-nio/releases/tag/2.79.0

This also deprecates the main Application.init() API that was blocking on an event loop that has been marked as noasync for a while. Vapor users should migrate to the async APIs.

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.112.2...4.113.0

v4.112.2: - Android support

Compare Source

What's Changed

Android support by @​marcprux in #​3282

This PR adds experimental support for building and testing on Android. It simply involves adding some conditional imports.

Building is contingent on apple/swift-distributed-tracing#163, apple/swift-http-structured-headers#57, swift-server/async-http-client#799, and apple/swift-nio-extras#244, but if you use local snapshots of those packages, you can build with the Android SDK using:

~/Library/Developer/Toolchains/swift-6.0.3-RELEASE.xctoolchain/usr/bin/swift build --swift-sdk aarch64-unknown-linux-android24 --build-tests

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.112.1...4.112.2

v4.112.1: - Use singleton NIOThreadPool by default

Compare Source

What's Changed

Use singleton NIOThreadPool by default by @​gwynne in #​3298

All Vapor applications currently end up with at least two running thread pools - the global singleton and the one created by Vapor by default. This change configures the global singleton (whose thread count defaults to System.coreCount anyway) as the default, eliminating the additional thread pool. This is especially nice for backtraces, as it cuts down noticeably on the number of excess threads in a Vapor process.

We also now ignore UnsupportedOperation errors during thread pool shutdown, which is necessary for using the singleton pool, and was previously preventing users from explicitly configuring use of the singleton thread pool, due to the (inconsistent) use of try!.

Reviewers

Thanks to the reviewers for their help:

• @​MahdiBM

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.112.0...4.112.1

v4.112.0: - Adds Support for Tracing Header Extraction

Compare Source

What's Changed

Adds Support for Tracing Header Extraction by @​NeedleInAJayStack in #​3280

This adds header extraction support for tracing backends as described in this document. In the context of OTEL, this is used to correlate trace data across the HTTP boundary by passing the traceparent and tracestate header, as documented here and implemented in the swift-otel package here.

It also adds a closure to TracingMiddleware that allows users to set custom span metadata on requests.

Finally, it fixes a few warnings caused by the MiddlewareTest function introduced in vapor/vapor#3253

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.111.1...4.112.0

v4.111.1: - do not truncate response when streaming on error

Compare Source

What's Changed

do not truncate response when streaming on error by @​weissi in #​3283

As described in #​2949, Vapor silently truncates a streamed response body for error responses. This leads to data loss. This pull request addresses that.

• Fixes #​2949

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.111.0...4.111.1

v4.111.0: - Validation API | Custom Validator

Compare Source

What's Changed

Validation API | Custom Validator by @​WilliamFernsV3 in #​3263

Resolves this issue I created the other day: vapor/vapor#3261

Problem:

The Validation API allows you to create custom validators. It works, and it is good enough. In some cases however, extending the Validation API is not needed, as the validation is only for one Content object, meaning it will only be used once. I also find it more complex to extend the Validation API.

Solution:

In some if not most cases where a user wants to add some custom validation, they can now use the Custom validator. It is simpler, and the implementation is shorter.

extension Validator where T == String {
    public static var usPhoneNumber: Validator<T> {
        .init { input -> ValidatorResult in
            let stripped = input
                .replacingOccurrences(of: "(", with: "")
                .replacingOccurrences(of: ")", with: "")
                .replacingOccurrences(of: "-", with: "")
                .replacingOccurrences(of: " ", with: "")
…

…

Reviewers

Thanks to the reviewers for their help:

• @​MrSuddenJoy
• @​Naveen-C-Ramachandrappa

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.110.2...4.111.0

v4.110.2: - In withApp(), always shut down app even if error is thrown

Compare Source

What's Changed

In withApp(), always shut down app even if error is thrown by @​gwynne in #​3275

This method is documented as “while handling the lifecycle of the application”, so let’s actually do so.

Reviewers

Thanks to the reviewers for their help:

• @​MahdiBM

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.110.1...4.110.2

v4.110.1: - Minor swift-testing related improvements

Compare Source

What's Changed

Minor swift-testing related improvements by @​MahdiBM in #​3274

This patch was released by @​MahdiBM

Full Changelog: vapor/vapor@4.110.0...4.110.1

v4.110.0: - Better compatibility with Swift Testing

Compare Source

What's Changed

Better compatibility with Swift Testing by @​MahdiBM in #​3257

Introduces a new VaporTesting module for testing with better compatibility with Swift Testing that removes usages of XCTest.

Use the new testing() extension on Application to write your tests. E.g.:

try await app.testing().test(.POST, "/decode") { req in
  try req.content.encode(MyContent())
} afterResponse: { res in
  #expect(res.status == .ok)
  expectContains(res.body.string, "Hello World!")
}

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.109.0...4.110.0

v4.109.0: - Adds swift-distributed-tracing and TracingMiddleware

Compare Source

What's Changed

Adds swift-distributed-tracing and TracingMiddleware by @​NeedleInAJayStack in #​3253

This adds support for swift-distributed-tracing and adds a TracingMiddleware type. This type will create a span for each wrapped request, and apply a standard set of span attributes according to OTEL standards.

For background, see: vapor/vapor#3033

Reviewers

Thanks to the reviewers for their help:

• @​ktoso

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.108.0...4.109.0

v4.108.0: - Make Services in Vapor Usable

Compare Source

What's Changed

Make Services in Vapor Usable by @​0xTim in #​2901

This adds real support to Vapor to make it easy to integrate different services that can be tested.

For example, if you have a service defined as:

protocol MyService {
    func `for`(_ request: Request) -> MyService
    func doSomething() -> String
}

You may then have a real implementation:

import Vapor

struct MyRealService: MyService {
    let logger: Logger
    let eventLoop: EventLoop
    
    func `for`(_ request: Vapor.Request) -> MyService {
        return MyRealService(logger: request.logger, eventLoop: request.eventLoop)
    }
    
    func doSomething() -> String {
        return "Tada"
    }
    
}

This is a very contrived example, but shows a service that needs a Logger and EventLoop - things that are normally tied to specific requests. Doing this in a safe and testable way involves a lot of boilerplate. This moves the boilerplate into Vapor to make it easier to do.

extension Application.Services {
    var myService: Application.Service<MyService> {
        .init(app…

…

Reviewers

Thanks to the reviewers for their help:

• @​Joannis
• @​dimitribouniol
• @​Andrewangeta

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.107.0...4.108.0

v4.107.0: - Fix Concurrency Warnings and Deprecations

Compare Source

What's Changed

Fix Concurrency Warnings and Deprecations by @​0xTim in #​3265

• Fix some deprecation warnings caused by HTTPMethod.name being deprecated (not sure why this wasn’t caught during the deprecation)
• Fix sendable warning related to HTTPClient.Response not being marked as Sendable - there’s no point moving over to the async APIs for now
• Fix more Sendable warnings related to .get() and friends requiring values to be Sendable - see https://github.com/apple/swift-nio/releases/tag/2.76.0
• As a result, View and Content now have sendability requirements

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.7...4.107.0

v4.106.7: - Fix typo in ContenConfiguration error

Compare Source

What's Changed

Fix typo in ContenConfiguration error by @​WilliamFernsV3 in #​3259

Missing single quote in print statement
Added missing closing single quote for print statement.

New Contributor

• @​WilliamFernsV3 made their first contribution in #​3259 🎉

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.6...4.106.7

v4.106.6: - Pass the method, url, and user agent from the ErrorMiddleware to the logger in the metadata.

Compare Source

What's Changed

Pass the method, url, and user agent from the ErrorMiddleware to the logger in the metadata. by @​maciejtrybilo in #​3233

The ErrorMiddleware reports an error to the logger of the request. Sometimes it might be useful to know the endpoint that failed.

This PR adds the method, url, and user agent of the request in the metadata of the report.

Reviewers

Thanks to the reviewers for their help:

• @​petrpavlik
• @​ptoffy

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.5...4.106.6

v4.106.5: - Fix .noSignalReceived body streaming crash

Compare Source

What's Changed

Fix .noSignalReceived body streaming crash by @​ptoffy in #​3232

Update SwiftNIO’s minimum version to fix the preconditionFailure being thrown in AsyncSequenceProducerDelegate

Reviewers

Thanks to the reviewers for their help:

• @​dimitribouniol

This patch was released by @​ptoffy

Full Changelog: vapor/vapor@4.106.4...4.106.5

v4.106.4: - Use application's logger in InMemory tester

Compare Source

What's Changed

Use application's logger in InMemory tester by @​sidepelican in #​3239

Usually, a copy of the application’s Logger is passed to the Request. However, for the InMemory part of XCTApplicationTester, it seems the default Logger is used.
This PR fix the behavior so that the application’s Logger is used instead of the default one.

Reviewers

Thanks to the reviewers for their help:

• @​Naveen-C-Ramachandrappa

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.3...4.106.4

v4.106.3: - Adds JPEG XL (JXL) and AVIF HTTPMediaTypes

Compare Source

What's Changed

Adds JPEG XL (JXL) and AVIF HTTPMediaTypes by @​vamsii777 in #​3250

Add additional image types:

app.post("upload") { req in
 guard [.jpeg, .png, .tiff, .webp, .jxl, .avif].contains(req.content.contentType) else {
    throw Abort(.unsupportedMediaType)
   }
  // ...
}

New Contributor

• @​vamsii777 made their first contribution in #​3250 🎉

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.2...4.106.3

v4.106.2: - fix HTTPMethod.RAW(value: String) string representation

Compare Source

What's Changed

fix HTTPMethod.RAW(value: String) string representation by @​RandomHashTags in #​3249

Should fix #​3248

New Contributor

• @​RandomHashTags made their first contribution in #​3249 🎉

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.1...4.106.2

v4.106.1: - Omit ACAO header instead of empty value

Compare Source

What's Changed

Omit ACAO header instead of empty value by @​grahamburgsma in #​3243

For context, Vapor currently sends an empty Access-Control-Allow-Origin (ACAO) header when the origin does not match or is set to none.

We recently had a pentest done against our Vapor server and the tester reported the following regarding the empty ACAO header:

When the header is empty, browsers might reject the request without detailed error messages, making it harder for developers to debug or even realize there is a problem. This lack of transparency can lead to extended periods of vulnerability before the issue is discovered.

Looking at some other sources as well, an empty header doesn’t appear to be a valid value and so could result in unexpected behaviour.

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#the_http_response_headers
https://fetch.spec.whatwg.org/#http-access-control-allow-origin

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.0...4.106.1

v4.106.0: - Drop Support for Swift 5.8

Compare Source

What's Changed

Drop Support for Swift 5.8 by @​0xTim in #​3240

• Removes support for Swift 5.8, making 5.9 the lowest supported version
• Updates Swift Crypto dependency to accept 4.0.0 that is about to land
• Fixes up some warnings in Swift 6
• Removes code paths from old Swift versions

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.105.2...4.106.0

v4.105.2: - Raise error when the data expected an array but not parsed as array

Compare Source

What's Changed

Raise error when the data expected an array but not parsed as array by @​sidepelican in #​3222

URLEncodedFormDecoder fails silently without throwing an error when attempting to decode data in the following pattern: array[0]=0&array[1]=1&array[3]=3. Now it is decoded as an empty array.
Typically, a decoder throws an error when data cannot be parsed as the expected structure, so I propose modifying the decoder to throw an error in this case as well.

Reviewers

Thanks to the reviewers for their help:

• @​Naveen-C-Ramachandrappa
• @​ptoffy

This patch was released by @​ptoffy

Full Changelog: vapor/vapor@4.105.1...4.105.2

v4.105.1: - Throw an error if unkeyed container is at end

Compare Source

What's Changed

Throw an error if unkeyed container is at end by @​supersonicbyte in #​3226

Throwing an error if the unkeyed container is at end while decoding query params fixes the crash mentioned with this issue:
vapor/vapor#3217

The error being thrown is DecodingError.valueNotFound and it’s matching the error thrown by JSONDecoder.

New Contributor

• @​supersonicbyte made their first contribution in #​3226 🎉

Reviewers

Thanks to the reviewers for their help:

• @​ptoffy
• @​Naveen-C-Ramachandrappa

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.105.0...4.105.1

v4.105.0: - Support Swift 6

Compare Source

What's Changed

Support Swift 6 by @​0xTim in #​3225

• Drop support for Swift 5.7
• Fix warnings in Vapor with latest Swift 6 changes
• Fix tests on Linux nightlies

Reviewers

Thanks to the reviewers for their help:

• @​dimitribouniol
• @​ptoffy

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.104.0...4.105.0

v4.104.0: - Conditional Content Response Compression

Compare Source

What's Changed

Conditional Content Response Compression by @​dimitribouniol in #​3215

Added support for conditionally compressing responses based on content type or marker headers. This is necessary because some resource types, such as images, don’t compress much, and end up maxing out CPU time on the thread and sometimes block the entire channel while they compress. This results in pipelined resources taking a long time to load even on fast connections.

This change comes with three knobs to control this:

• A global disabled/enabled by default state for the entire server.
• Allow and disallow lists of content types for automatic configurations.
• A marker header for explicitly configuring certain requests or routes to compress or not.

Notably, since the response compression handler now takes a predicate, it is always installed, and the predicate statelessly determines if a response should be compressed based on the server configuration:

• If a response compression configuration was never set, this continues to be a no-op and no compression will occur, though routes can now explicitly enable it as needed.
  …

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.103.2...4.104.0

v4.103.2: - Use Configured JSONEncoder in ErrorMiddleware

Compare Source

What's Changed

Use Configured JSONEncoder in ErrorMiddleware by @​0xTim in #​3224

Use the prescribed content encoder for the body of ErrorMiddleware instead of a contained JSONEncoder that can’t be overridden.

You can set the encoder with

ContentConfiguration.global.use(encoder: myCustomEncoder, for: .json)

Resolves #​3218

Reviewers

Thanks to the reviewers for their help:

• @​dimitribouniol

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.103.1...4.103.2

v4.103.1: - fix: support capital letters in the domain part of email validation

Compare Source

What's Changed

fix: support capital letters in the domain part of email validation by @​Austinpayne in #​3211

Fixes #​2889

New Contributor

• @​Austinpayne made their first contribution in #​3211 🎉

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.103.0...4.103.1

v4.103.0: - HTTPHeaders.LastModified Public Initializer

Compare Source

What's Changed

HTTPHeaders.LastModified Public Initializer by @​dimitribouniol in #​3216

Added a public initializer for HTTPHeaders.LastModified, and updated the value property to be readwrite, which would prevent needing to roll your own formatter and header access in application code.

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.102.1...4.103.0

v4.102.1: - Incorrect HTTPMediaType/parameters Documentation Formatting.

Compare Source

What's Changed

Incorrect HTTPMediaType/parameters Documentation Formatting. by @​dimitribouniol in #​3214

Fixed an issue where docs for HTTPMediaType/parameters were incorrectly formatted. This was because parameters was being interpreted as the argument list, and wouldn’t render.

Before

…

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.102.0...4.102.1

v4.102.0: - Add Sendable conformance to XCTApplicationTester, XCTHTTPRequest/Response, and some others

Compare Source

What's Changed

Add Sendable conformance to XCTApplicationTester, XCTHTTPRequest/Response, and some others by @​gwynne in #​3208

This prevents compiler errors in the Swift 6 language mode for test methods isolated to global actors (especially @MainActor). Also adds Sendable conformance to XCTHTTPRequest and XCTHTTPResponse, for much the same reason.

Also fixes lots and lots of various Sendable warnings in Vapor in general, including adding Sendable conformance to ContentConfiguration, ContentEncoder, ContentDecoder, URLQueryEncoder, URLQueryDecoder, URLEncodedFormEncoder, and URLEncodedFormDecoder.

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.101.4...4.102.0

v4.101.4: - Fixed an issue where response compression would fail when returning 304 Not Modified

Compare Source

What's Changed

Fixed an issue where response compression would fail when returning 304 Not Modified by @​dimitribouniol in #​3206

I recently discovered that when response compression was enabled, browsers would fail to load resources they had cached when the server responded with 304 Not Modified, indicating the browser should use the resource they have, but failed to do so leading to images or stylesheets not loading. This applied to both HTTP 1.1 and 2 servers, using the FileMiddleware to provide the caching logic. This was fixed in SwiftNIO, and has new tests in NIOHTTPCompression, so this PR just bumps the minimum version to ensure folks don’t run into the bug if response compression is enabled and caching is actually used.

Learn More:

• Discussion on Discord
• apple/swift-nio#2737
• apple/swift-nio-extras#224

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.101.3...4.101.4

v4.101.3: - Fix decoding 'flag' URL query params via .decode(StructType.self)

Compare Source

What's Changed

Fix decoding 'flag' URL query params via .decode(StructType.self) by @​challfry in #​3164

Fixes #​3163.

The code:

struct QueryStruct: Content {
    var flag1: Bool?
}
let queryStruct = try req.query.decode(QueryStruct.self)

produces queryStruct.flag1 == true when decoding the URL query “?flag1”, matching the behavior of req.query[Bool.self, at: "flag1"].

New Contributor

• @​challfry made their first contribution in #​3164 🎉

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.101.2...4.101.3

v4.101.2: - Adds TIFF and WebP HTTP Media Types

Compare Source

What's Changed

Adds TIFF and WebP HTTP Media Types by @​qalandarov in #​3194

Add additional image types:

app.post("upload") { req in
    guard [.jpeg, .png, .tiff, .webp].contains(req.content.contentType) else {
        throw Abort(.unsupportedMediaType)
    }
    // ...
}

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.101.1...4.101.2

v4.101.1: - Exclude Query and Fragment from URI semicolon fix on Linux

Compare Source

On Linux, URLComponents does not have 100% the same behavior like on macOS. Vapor accounts for this unfixed bug by replacing percent-encoded semicolon %3B with ; in URIs.

This is however not fully correct, because if a URI contains a percent encoded semicolon, this might have a different meaning, than when it is not percent encoded, compare the following sentence from RFC 3986:

A percent-encoding mechanism is used to represent a data octet in a
component when that octet's corresponding character is outside the
allowed set or is being used as a delimiter of, or within, the component.

This PR aims to limit the impact of the required semicolon fix by ensuring that query and fragments are not unnecessarily and incorrectly modified.

Hopefully, in a future with the new swift-foundation this fix will not be needed anymore. But for now it would solve an issue on our side which is related to the concept of a signed request.

v4.101.0: - Add Async Storage shutdown

Compare Source

What's Changed

Add Async Storage shutdown by @​0xTim in #​3196

Currently running

Task {
    try? await Task.sleep(for: .seconds(5))
    app.running?.stop()
}

When you try and install NIO as the global executor will crash because the storage API didn’t have any async entry points so stopping would trigger a synchronous shutdown, with a wait(). This fixes that

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.100.2...4.101.0

v4.100.2: - asyncBoot will no longer try booting server again if it is already booted

Compare Source

What's Changed

asyncBoot will no longer try booting server again if it is already booted by @​RussBaz in #​3195

The synchronous boot function skips running the lifecycle handlers if the server is already booted. However, the async version ignored this check. I have added a small fix to add this check again.

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.100.1...4.100.2

v4.100.1: - Update URLEncodedFormEncoder encoding rules

Compare Source

What's Changed

Update URLEncodedFormEncoder encoding rules by @​ptoffy in #​3192

Solves #​3173
References https://url.spec.whatwg.org/#application-x-www-form-urlencoded-percent-encode-set to set the encoding rules

The application/x-www-form-urlencoded percent-encode set contains all code points, except the ASCII alphanumeric, U+002A (*), U+002D (-), U+002E (.), and U+005F (_).

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.100.0...4.100.1

v4.100.0: - Add Async Lifecycle Handlers

Compare Source

What's Changed

Add Async Lifecycle Handlers by @​0xTim in #​3193

Adds new protocol functions to LifecycleHandlers to support async contexts. This is important because packages like Redis use this to know when to shutdown their connection pool. In the shutdown function, these call .wait() which can cause application crashes if called when trying to use NIO’s event loop concurrency executor.

This provides async alternatives to allow packages to provide full async calls through their stack to avoid these crashes

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.99.3...4.100.0

v4.99.3: - Async Serve Command

Compare Source

What's Changed

Async Serve Command by @​0xTim in #​3190

Migrate ServeCommand to an AsyncCommand to enable proper custom executor support and remove any calls to wait()

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.99.2...4.99.3

v4.99.2: - Support compiling against Musl

Compare Source

What's Changed

Support compiling against Musl by @​simonjbeaumont in #​3188

Vapor already makes some provision for compiling against Musl in the RFC1123 implementation, where Glibc is not assumed and is imported conditionally alongside a conditional import of Musl. However, there are a couple of other places where Glibc is still assumed when compiling for Linux.

This patch replaces these imports with the same #if canImport(...) pattern.

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.99.1...4.99.2

v4.99.1: - Fix availability message

Compare Source

What's Changed

Fix availability message by @​valeriyvan in #​3191

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.99.0...4.99.1

v4.99.0: - Add async alternative for Application.shutdown

Compare Source

What's Changed

Add async alternative for Application.shutdown by @​0xTim in #​3189

Adds an async alternative for Application.shutdown() and annotates shutdown() with noasync

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.98.0...4.99.0

v4.98.0: - Mark all functions that use wait as noasync

Compare Source

What's Changed

Mark all functions that use wait as noasync by @​0xTim in #​3168

⚠️ WARNING: If you have strict concurrency checking enabled you should migrate to the async Application.make()

NIO’s EventLoopFuture.wait() is marked as noasync because is can cause issues when used in a concurrency context. All places where we call .wait() should also be marked as noasync to avoid this issue.

This adds async alternatives for those functions and adds noasync annotations where appropriate.

Also adds an async Application.make to replace the old initialiser that is now noasync

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.97.1...4.98.0

v4.97.1: - Log source file and line info for errors in ErrorMiddleware when possible

Compare Source

What's Changed

Log source file and line info for errors in ErrorMiddleware when possible by @​gwynne in #​3187

Ever since the last changes to ErrorMiddleware (by me, naturally), the error logging fails to correctly report file/line/function information even when the error has that data available. We now correctly pass these along to the logging machinery. The error responses sent to clients are unchanged.

Additional changes:

• Restore recognition of the DebuggableError protocol (reason and source location information for such errors are now used again).
• Handle generating error responses slightly more efficiently.
• Include the original error message in the fallback text if encoding an error to JSON fails.
• Improve the correctness of the reason messages used for DecodingErrors.

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.97.0...4.97.1

v4.97.0: - Provide AsyncFileStreaming API

Compare Source

What's Changed

Provide AsyncFileStreaming API by @​0xTim in #​3184

Builds on the work of #​2998, #​3170 and #​3167 to provide a full async streaming API that can be used in Swift Concurrency environments:

• Provides a new asyncStreamFile(at:chunkSize:mediaType:advancedETagComparison:onCompleted:) that takes advantage of the full async response streaming
• Fixes a number of bugs with the async Response body streaming
• FileMiddleware is now an AsyncMiddleware
• Replaces usages of FileManager with NIOFileSystem apart from in one deprecated API that can’t be async
• Correctly marks XCTVapor functions as noasync where they use .wait() and provides proper async alternatives

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.96.0...4.97.0

v4.96.0: - Make # of connections accepted per event loop cycle configurable, and raise the default

Compare Source

What's Changed

Make # of connections accepted per event loop cycle configurable, and raise the default by @​gwynne in #​3186

As per @​weissi’s suggestion in this forums post, we raise the default maximum number of connections accepted per cycle of the server’s event loop from 4 to 256, and the value is now user-configurable.

There are no new tests for this because I’m not sure if there’s a way to measure the effect of changing this value that doesn’t involve nondeterministic timing measurements.

Also takes the opportunity/excuse to add the missing customCertificateVerifyCallback parameter to the initializers of HTTPServer.Configuration.

Reviewers

Thanks to the reviewers for their help:

• @​weissi
• @​MahdiBM

This patch was released by @​gwynne

Full Changelog: vapor/vapor@4.95.0...4.96.0

v4.95.0: - Add support for asynchronous body stream writing

Compare Source

What's Changed

Add support for asynchronous body stream writing by @​Joannis in #​2998

• Fixes #​2930 - a crash when users try to write a body from within a task towards the ELF APIs.
• Introduces a new API

---

Configuration

📅 Schedule: Branch creation - "before 12pm every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks