A link shortener

Overview

Goxidize

A link shortener.

Perquisites

  • Rust 1.56+
  • npm CLI and Node.js
  • Any officially supported PostgreSQL

Build

Before building the project, please create a .env file with a valid PostgreSQL URL, such as the following.

DATABASE_URL=postgresql://localhost:5432/goxidize

Then, run the database migrations.

sqlx migrate run

This database is queried against for compile-time checks done by sqlx.

If you don't have a database set up, sqlx will check against sqlx-data.json. To generate this file, run cargo sqlx prepare -- --lib and cargo sqlx prepare --check -- --lib. Note that you will still need a working database to run the tests.

Development

The Parcel development server supports auto-reloading for frontend assets. Use the following file to let the Parcel server proxy requests to the backend.

const { createProxyMiddleware } = require("http-proxy-middleware");

module.exports = function (app) {
  app.use(
      createProxyMiddleware(["/**", "!/", "!**/*.html", "!**/*.js", "!*.css", "!**/*.css", "!**/*.map"], {
        target: "http://localhost:8000/",
      })
  );
};

Run the following to start the servers.

cargo run # use cargo watch for auto-reloading
# then on a separate terminal, run
# `npm install` if you have not installed the dependencies, and
npm start

Production

npm run build

Configuration

A YAML file is used for configuration. This affects the run-time behaviour of the program.

# configuration.yml
port: 8000
database:
  url: postgresql://localhost:5432
  name: goxidize
debug: true

Deployment

An example of deployment using docker-compose is provided below.

# docker-compose.yml
version: '3'
services:
  db:
    image: postgres:14
    restart: always
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: password
      POSTGRES_DB: goxidize
      LANG: C.UTF-8
    volumes:
      - dbdata:/var/lib/postgresql/data
  goxidize:
    image: ghcr.io/caizixian/goxidize:master
    restart: always
    depends_on:
      - "db"
    ports:
      - "8000:8000"
    environment:
      GOXIDIZE_HOST: "0.0.0.0"
      GOXIDIZE_PORT: "8000"
      GOXIDIZE_DATABASE_URL: "postgresql://postgres:password@db:5432"
      GOXIDIZE_DATABASE_NAME: "goxidize"
      GOXIDIZE_DEBUG: "false"

volumes:
  dbdata:

License

Except as otherwise noted (e.g., in individual files), the project is licensed under the Apache License, Version 2.0 LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0 or the MIT license LICENSE-MIT or http://opensource.org/licenses/MIT, at your option.

Comments
  • Bump actions/checkout from 1 to 2.4.0

    Bump actions/checkout from 1 to 2.4.0

    Bumps actions/checkout from 1 to 2.4.0.

    Release notes

    Sourced from actions/checkout's releases.

    v2.4.0

    • Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

    v2.3.5

    Update dependencies

    v2.3.4

    v2.3.3

    v2.3.2

    Add Third Party License Information to Dist Files

    v2.3.1

    Fix default branch resolution for .wiki and when using SSH

    v2.3.0

    Fallback to the default branch

    v2.2.0

    Fetch all history for all tags and branches when fetch-depth=0

    v2.1.1

    Changes to support GHES (here and here)

    v2.1.0

    v2.0.0

    • Improved fetch performance
      • The default behavior now fetches only the commit being checked-out
    • Script authenticated git commands
      • Persists the input token in the local git config
      • Enables your scripts to run authenticated git commands
      • Post-job cleanup removes the token
      • Opt out by setting the input persist-credentials: false
    • Creates a local branch
      • No longer detached HEAD when checking out a branch

    ... (truncated)

    Changelog

    Sourced from actions/checkout's changelog.

    Changelog

    v2.3.1

    v2.3.0

    v2.2.0

    v2.1.1

    • Changes to support GHES (here and here)

    v2.1.0

    v2.0.0

    v2 (beta)

    • Improved fetch performance
      • The default behavior now fetches only the SHA being checked-out
    • Script authenticated git commands
      • Persists with.token in the local git config
      • Enables your scripts to run authenticated git commands
      • Post-job cleanup removes the token
      • Coming soon: Opt out by setting with.persist-credentials to false
    • Creates a local branch
      • No longer detached HEAD when checking out a branch
      • A local branch is created with the corresponding upstream branch set
    • Improved layout

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 2
  • Bump tracing-opentelemetry from 0.17.4 to 0.18.0

    Bump tracing-opentelemetry from 0.17.4 to 0.18.0

    Bumps tracing-opentelemetry from 0.17.4 to 0.18.0.

    Release notes

    Sourced from tracing-opentelemetry's releases.

    tracing-opentelemetry 0.18.0

    Breaking Changes

    • Upgrade to v0.18.0 of opentelemetry (#2303) For list of breaking changes in OpenTelemetry, see the v0.18.0 changelog.

    Fixed

    • on_event respects event's explicit parent (#2296)

    Thanks to @​wprzytula for contributing to this release!

    #2303: tokio-rs/tracing#2303 #2296: tokio-rs/tracing#2296

    Commits
    • a4f2ee2 opentelemetry: prepare for v0.18.0 release (#2312)
    • ffad660 tracing: add dyn keyword for trait objects in valueset! expansion (#2308)
    • e42e322 opentelemetry: fix on_event not respecting events' explicit parents (#2296)
    • e4d3e36 tracing: add tracing-web to the list of related crates (#2283)
    • 9fccc01 core: add {Subscriber,Layer}::on_register_dispatch (#2269)
    • 41b0ace subscriber: say which crate the disabled level warning refers to (#2285)
    • 760170b attributes: add fake return to improve span on type error (#2270)
    • 39798ae docs: correct grammar in README (#2260)
    • 13ac1e4 docs: add tracing-chrome to list of related crates (#2275)
    • 1413f04 chore: fix clippy::borrow_deref_ref lints (#2277)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump reqwest from 0.11.11 to 0.11.12

    Bump reqwest from 0.11.11 to 0.11.12

    Bumps reqwest from 0.11.11 to 0.11.12.

    Release notes

    Sourced from reqwest's releases.

    v0.11.12

    What's Changed

    • Add ClientBuilder::resolve_to_addrs() which allows a slice of IP addresses to be specified for a single host.
    • Add Response::upgrade() to await whether the server agrees to an HTTP upgrade.

    New Contributors ❤️

    Changelog

    Sourced from reqwest's changelog.

    v0.11.12

    • Add ClientBuilder::resolve_to_addrs() which allows a slice of IP addresses to be specified for a single host.
    • Add Response::upgrade() to await whether the server agrees to an HTTP upgrade.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump tracing-actix-web from 0.6.0 to 0.6.1

    Bump tracing-actix-web from 0.6.0 to 0.6.1

    Bumps tracing-actix-web from 0.6.0 to 0.6.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump opentelemetry from 0.17.0 to 0.18.0

    Bump opentelemetry from 0.17.0 to 0.18.0

    Bumps opentelemetry from 0.17.0 to 0.18.0.

    Release notes

    Sourced from opentelemetry's releases.

    v0.18.0

    Added

    • Pull sampling probability from OTEL_TRACES_SAMPLER_ARG in default sdk config #737
    • Add schema_url to Tracer #743
    • Add schema_url to Resource #775
    • Add Span::set_attributes #638
    • Support concurrent exports #781
    • Add jaeger remote sampler #797
    • Allow Custom Samplers #833
    • Add SpanExporter::force_flush and default implementation #845

    Changed

    • Deprecate metrics ValueRecorder in favor of Histogram #728
    • Move IdGenerator to SDK, rename to RandomIdGenerator #742
    • meter_with_version accepts optional parameter for version and schema_url #752
    • Unify Event and Link access patterns #757
    • move SpanKind display format impl to jaeger crate #758
    • make TraceStateError private #755
    • rename Span::record_exception to Span::record_error #756
    • Replace StatusCode and message with Status #760
    • Move TracerProvider::force_flush to SDK #658
    • Switch to static resource references #790
    • Allow O(1) get operations for SpanBuilder::attributes [breaking] #799
    • Allow ref counted keys and values #821
    • Bump MSRV from 1.49 to 1.55 #811
    • bump MSRV to 1.56 #866
    • Update metrics API and SDK for latest spec #819
    • Switch to pin-project-lite #830

    Fixed

    • Update dashmap to avoid soundness hole #818
    • Perform sampling as explained in the specification #839
    • Remove internal message queue between exporter and exporting tasks #848
    • Fix span processor exporting unsampled spans #871

    Removed

    • Remove serialize feature #738
    • Remove StatusCode::as_str #741
    • Remove Tracer::with_span #746
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump opentelemetry-otlp from 0.10.0 to 0.11.0

    Bump opentelemetry-otlp from 0.10.0 to 0.11.0

    Bumps opentelemetry-otlp from 0.10.0 to 0.11.0.

    Release notes

    Sourced from opentelemetry-otlp's releases.

    v0.11.0

    Added

    • Add force_flush method to span processors #358
    • Add timeout for force_flush and shutdown #362

    Changed

    • Implement Display trait for Key and Value types #353
    • Remove Option from Array values #359
    • Update ShouldSample's parent parameter to be Context #368
    • Consolidate error types in trace module into TraceError #371
    • Add #[must_use] to uninstall structs #372
    • Move 3rd party propagators and merge exporter into sdk::export #375
    • Add instrumentation version to instrument config #392
    • Use instrumentation library in metrics #393
    • start_from_context renamed to start_with_context #399
    • Removed build_with_context as full context is now stored in builder #399
    • SpanBuilder's with_parent renamed to with_parent_context #399

    Fixed

    • Fix parent based sampling in tracer #354
    • StatusCode enum value ordering #377
    • Counter adding the delta from last collection #395
    • HistogramAggregator returning sum vs count #398
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump actix-web from 4.1.0 to 4.2.0

    Bump actix-web from 4.1.0 to 4.2.0

    Bumps actix-web from 4.1.0 to 4.2.0.

    Release notes

    Sourced from actix-web's releases.

    actix-web: v4.2.0

    Added

    • Add #[routes] macro to support multiple paths for one handler. #2718
    • Add ServiceRequest::{parts, request}() getter methods. #2786
    • Add configuration options for TLS handshake timeout via HttpServer::{rustls, openssl}_with_config methods. #2752

    Changed

    • Minimum supported Rust version (MSRV) is now 1.59 due to transitive time dependency.

    #2718: actix/actix-web#2718 #2752: actix/actix-web#2752 #2786: actix/actix-web#2786

    Commits
    • 7767cf3 prepare actix-web release 4.2.0
    • b59a96d prepare actix-web-codegen release 4.1.0
    • 037740b prepare actix-http release 3.2.2
    • 386258c clarify worker_max_blocking_threads default
    • 99bf774 update gh-pages deploy action
    • 35b0fd1 specify branch in doc job
    • 0b5b4dc reduce size of docs branch
    • c993055 replace askama_escape in favor of v_htmlescape (#2824)
    • 679f61c bump msrv to 1.59
    • 056de32 fix scope doc example
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump @types/react from 18.0.15 to 18.0.16

    Bump @types/react from 18.0.15 to 18.0.16

    Bumps @types/react from 18.0.15 to 18.0.16.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies javascript 
    opened by dependabot[bot] 1
  • Bump serde from 1.0.140 to 1.0.141

    Bump serde from 1.0.140 to 1.0.141

    Bumps serde from 1.0.140 to 1.0.141.

    Release notes

    Sourced from serde's releases.

    v1.0.141

    • Add no-std category to crates.io metadata
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump tracing-subscriber from 0.3.11 to 0.3.12

    Bump tracing-subscriber from 0.3.11 to 0.3.12

    Bumps tracing-subscriber from 0.3.11 to 0.3.12.

    Release notes

    Sourced from tracing-subscriber's releases.

    tracing-subscriber 0.3.12

    This release of tracing-subscriber adds a new Layer::event_enabled method, which allows Layers to filter events after their field values are recorded; a Filter implementation for reload::Layer, to make using reload with per-layer filtering more ergonomic, and additional inherent method downcasting APIs for the Layered type. In addition, it includes dependency updates, and minor fixes for documentation and feature flagging.

    Added

    • layer: Layer::event_enabled method, which can be implemented to filter events based on their field values (#2008)
    • reload: Filter implementation for reload::Layer (#2159)
    • layer: Layered::downcast_ref and Layered::is inherent methods (#2160)

    Changed

    • parking_lot: Updated dependency on parking_lot to 0.13.0 (#2143)
    • Replaced lazy_static dependency with once_cell (#2147)

    Fixed

    • Don't enable tracing-core features by default (#2107)
    • Several documentation link and typo fixes (#2064, #2068, #[2077], #2161, #1088)

    Thanks to @​ben0x539, @​jamesmunns, @​georgemp, @​james7132, @​jswrenn, @​CAD97, and @​guswynn for contributing to this release!

    #2008: tokio-rs/tracing#2008 #2159: tokio-rs/tracing#2159 #2160: tokio-rs/tracing#2160 #2143: tokio-rs/tracing#2143 #2107: tokio-rs/tracing#2107 #2064: tokio-rs/tracing#2064 #2068: tokio-rs/tracing#2068 #2077: tokio-rs/tracing#2077 #2161: tokio-rs/tracing#2161 #1088: tokio-rs/tracing#1088

    Commits
    • d86d2a4 subscriber: prepare to release v0.3.12 (#2187)
    • ebea0e4 tracing: reorganize benchmarks for comparability (#2178)
    • 181bdbe tracing: actually run global_subscriber benchmark
    • 542c34d chore: prepare to release tracing-core v0.1.28 (#2177)
    • af699c9 chore(ci): whoops, wrong commands for no-std tests
    • 2dc1f39 chore(ci): also run CI on pushes to v0.1.x
    • 2c1af52 chore(ci): test workflow embetterments (#2176)
    • 42fc29e subscriber: implement FIlter for reload::Layer (#2159)
    • b007591 opentelemetry: add semconv exception fields (#2135)
    • f7966bd core: remove vendored lazy_static on no-std (#2173)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Bump sqlx from 0.5.13 to 0.6.0

    Bump sqlx from 0.5.13 to 0.6.0

    Bumps sqlx from 0.5.13 to 0.6.0.

    Changelog

    Sourced from sqlx's changelog.

    0.6.0 - 2022-06-16

    This release marks the end of the 0.5.x series of releases and contains a number of breaking changes, mainly to do with backwards-incompatible dependency upgrades.

    As we foresee many more of these in the future, we [surveyed the community] on how to handle this; the consensus appears to be "just release breaking changes more often."

    As such, we expect the 0.6.x release series to be a shorter one.

    [39 pull requests(!)][0.6.0-prs] (not counting "prepare 0.5.12 release", of course) were merged this release cycle.

    Breaking

    • [#1384]: (Postgres) Move server_version_num from trait to inherent impl [[@​AtkinsChang]]
    • [#1426]: Bump ipnetwork to 0.19 [[@​paolobarbolini]]
    • [#1455]: Upgrade time to 0.3 [[@​paolobarbolini]]
    • [#1505]: Upgrade rustls to 0.20 [[@​paolobarbolini]]
      • Fortunately, future upgrades should not be breaking as webpki is no longer exposed in the API.
    • [#1529]: Upgrade bigdecimal to 0.3 [[@​e00E]]
    • [#1602]: postgres: use Oid everywhere instead of u32 [[@​paolobarbolini]]
      • This drops the Type, Decode, Encode impls for u32 for Postgres as it was misleading. Postgres doesn't support unsigned ints without using an extension. These impls were decoding Postgres OIDs as bare u32s without any context (and trying to bind a u32 to a query would produce an OID value in SQL). This changes that to use a newtype instead, for clarity.
    • [#1612]: Make all ConnectOptions types cloneable [[@​05storm26]]
    • [#1618]: SQLite chrono::DateTime<FixedOffset> timezone fix [[@​05storm26]]
      • DateTime<FixedOffset> will be stored in SQLite with the correct timezone instead of always in UTC. This was flagged as a "potentially breaking change" since it changes how dates are sent to SQLite.
    • [#1733]: Update git2 to 0.14 [[@​joshtriplett]]
    • [#1734]: Make PgLTree::push() infallible and take PgLTreeLabel directly [[@​sebpuetz]]
    • [#1785]: Fix Rust type for SQLite REAL [[@​pruthvikar]]
      • Makes the macros always map a REAL column to f64 instead of f32 as SQLite uses only 64-bit floats.
    • [#1816]: Improve SQLite support for sub-queries and CTEs [[@​tyrelr]]
      • This likely will change the generated code for some invocations sqlx::query!() with SQLite.
    • [#1821]: Update uuid crate to v1 [[@​paolobarbolini]]
    • [#1901]: Pool fixes and breaking changes [[@​abonander]]
      • Renamed PoolOptions::connect_timeout to acquire_timeout for clarity.
      • Changed the expected signatures for PoolOptions::after_connect, before_acquire, after_release
      • Changed the signature for Pool::close() slightly
        • Now eagerly starts the pool closing, .awaiting is only necessary if you want to ensure a graceful shutdown.
      • Deleted PoolConnection::release() which was previously deprecated in favor of PoolConnection::detach().
      • Fixed connections getting leaked even when calling .close().
    • [#1748]: Derive PgHasArrayType for #[sqlx(transparent)] types [[@​carols10cents]]
      • This change was released with 0.5.12 but [we didn't realize it was a breaking change] at the time.
        It was reverted in 0.5.13 and postponed until this release.

    Added

    • [#1843]: Expose some useful methods on PgValueRef [[@​mfreeborn]]
    • [#1889]: SQLx-CLI: add --connect-timeout [[@​abonander]]
      • Adds a default 10 second connection timeout to all commands.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • RUSTSEC-2021-0139: ansi_term is Unmaintained

    RUSTSEC-2021-0139: ansi_term is Unmaintained

    ansi_term is Unmaintained

    | Details | | | ------------------- | ---------------------------------------------- | | Status | unmaintained | | Package | ansi_term | | Version | 0.12.1 | | URL | https://github.com/ogham/rust-ansi-term/issues/72 | | Date | 2021-08-18 |

    The maintainer has adviced this crate is deprecated and will not receive any maintenance.

    The crate does not seem to have much dependencies and may or may not be ok to use as-is.

    Last release seems to have been three years ago.

    Possible Alternative(s)

    The below list has not been vetted in any way and may or may not contain alternatives;

    See advisory page for additional details.

    opened by github-actions[bot] 0
  • RUSTSEC-2021-0131: Integer overflow in the bundled Brotli C library

    RUSTSEC-2021-0131: Integer overflow in the bundled Brotli C library

    Integer overflow in the bundled Brotli C library

    | Details | | | ------------------- | ---------------------------------------------- | | Package | brotli-sys | | Version | 0.3.2 | | URL | https://github.com/bitemyapp/brotli2-rs/issues/45 | | Date | 2021-12-20 |

    A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB.

    An updated version of brotli-sys has not been released. If one cannot update the C library, its authors recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

    In Rust the issue can be mitigated by migrating to the brotli crate, which provides a Rust implementation of Brotli compression and decompression that is not affected by this issue.

    See advisory page for additional details.

    opened by github-actions[bot] 0
  • RUSTSEC-2020-0056: stdweb is unmaintained

    RUSTSEC-2020-0056: stdweb is unmaintained

    opened by github-actions[bot] 0
  • RUSTSEC-2020-0071: Potential segfault in the time crate

    RUSTSEC-2020-0071: Potential segfault in the time crate

    Potential segfault in the time crate

    | Details | | | ------------------- | ---------------------------------------------- | | Package | time | | Version | 0.1.43 | | URL | https://github.com/time-rs/time/issues/293 | | Date | 2020-11-18 | | Patched versions | >=0.2.23 | | Unaffected versions | =0.2.0,=0.2.1,=0.2.2,=0.2.3,=0.2.4,=0.2.5,=0.2.6 |

    Impact

    Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

    The affected functions from time 0.2.7 through 0.2.22 are:

    • time::UtcOffset::local_offset_at
    • time::UtcOffset::try_local_offset_at
    • time::UtcOffset::current_local_offset
    • time::UtcOffset::try_current_local_offset
    • time::OffsetDateTime::now_local
    • time::OffsetDateTime::try_now_local

    The affected functions in time 0.1 (all versions) are:

    • at
    • at_utc
    • now

    Non-Unix targets (including Windows and wasm) are unaffected.

    Patches

    Pending a proper fix, the internal method that determines the local offset has been modified to always return None on the affected operating systems. This has the effect of returning an Err on the try_* methods and UTC on the non-try_* methods.

    Users and library authors with time in their dependency tree should perform cargo update, which will pull in the updated, unaffected code.

    Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3 series.

    Workarounds

    No workarounds are known.

    References

    time-rs/time#293

    See advisory page for additional details.

    opened by github-actions[bot] 0
  • RUSTSEC-2020-0159: Potential segfault in `localtime_r` invocations

    RUSTSEC-2020-0159: Potential segfault in `localtime_r` invocations

    Potential segfault in localtime_r invocations

    | Details | | | ------------------- | ---------------------------------------------- | | Package | chrono | | Version | 0.4.19 | | URL | https://github.com/chronotope/chrono/issues/499 | | Date | 2020-11-10 |

    Impact

    Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

    Workarounds

    No workarounds are known.

    References

    See advisory page for additional details.

    opened by github-actions[bot] 0
Owner
Zixian Cai
PhD student at ANU CECS. Collecting garbage @mmtk, powered by @rust-lang. Former intern @MicrosoftResearch, @twitter
Zixian Cai
A link shortener

Goxidize A link shortener. Perquisites Rust 1.56+ npm CLI and Node.js Any officially supported PostgreSQL Build Before building the project, please cr

Zixian Cai 4 Nov 16, 2022
A simple but production-ready link shortener. Repository belonging to one of my YouTube videos

What is this? This is a simple link shortener, which is the result of a tutorial I did on YouTube. Important technologies used Rust (as our most belov

Oliver Jumpertz 7 Apr 21, 2024
A very-very simple url shortener for Rust

urlshortener-rs A very simple urlshortener for Rust. This library aims to implement as much URL shortener services as possible and to provide an inter

Victor Polevoy 39 Nov 20, 2022
A mini paste bin and url shortener written in rust without databases.

pb Build $ cargo build --release Environment Variables PB_DATA: /some/path (Default: ./pb_data) PB_SITE: Url of your site. (Default: http://localhost:

Edward P 5 Jul 26, 2022
A URL shortener that uses emojis, only emojis.

emojied Shorten your URLs with emojis! Features Well, shorten your URLs! Customize what emoji to use. e.g Want to use an eggplant emoji? Sure, as long

SEKUN 99 Dec 31, 2022
Shurly, this is a URL shortener with API management

Shurly Shurly, this is a URL shortener with API management Features Management of destinations through a REST'ish API Permanent/temporary redirects; p

WorkplaceBuddy 3 Nov 30, 2022
A modest URL shortener for personal usage.

bref A modest URL shortener for personal usage. Shortens URLs to a 6 characters-length key that is generated based on current time. Why? Why not? Usag

Nicolas Gryman 3 Oct 8, 2023
link is a command and control framework written in rust

link link is a command and control framework written in rust. Currently in alpha. Table of Contents Introduction Features Feedback Build Process Ackno

null 427 Dec 24, 2022
A federated forum / link aggregator using ActivityPub.

lotide A federated forum / link aggregator using ActivityPub. To track progress and report issues, visit the issue tracker. Submit patches on the mail

null 9 Oct 16, 2022
A boiler plate code to create dynamic link library in rust.

?? rust-dll-bp This is a boiler plate code that will be generated as a dll binary. I personally cache this here for me but if you're intend to create

s3pt3mb3r 9 Nov 7, 2022
osu-link is a program which links osu!stable beatmaps to osu!lazer's new store format, saving you disk space.

osu-link is a program which links osu!stable beatmaps to osu!lazer's new store format, saving you disk space.

LavaDesu 2 Nov 8, 2021
🐀 Building a federated link aggregator in rust

English | Español | Русский Lemmy A link aggregator / Reddit clone for the fediverse. Join Lemmy · Documentation · Report Bug · Request Feature · Rele

LemmyNet 7.2k Jan 2, 2023
Quickly set up a `probe-run` + `defmt` + `flip-link` embedded project

app-template Quickly set up a probe-run + defmt + flip-link embedded project Dependencies 1. flip-link: $ cargo install flip-link 2. probe-run: $ # ma

Knurling 201 Dec 29, 2022
Rust library that helps you change the domain of the link to another domain 🦀🔐

Rust library that helps you to change the domain of the link to another domain, the library helps with privacy. It can be used to change the domain of sites that do not care about privacy to another that does.

TheAwiteb 2 Mar 28, 2022
The missing link to modern server controlling for TrackMania Forever.

xrd (XASeCo Replacing Daemon) xrd is a next-gen server controller for TrackMania Forever and Nations ESWC that is designed to be hassle-free and easil

Autumn Leaf 6 Mar 26, 2022
Plain Rust wrapper of Ableton Link's C 11 extension

rusty_link rusty_link is a Rust wrapper of abl_link, which is a C 11 extension for Ableton Link, provided by Ableton. This library attempts to be most

anzbert 7 Jan 7, 2023
Fetch and extract HTML's title and description by given link.

extd Fetch and extract HTML's title and description by given link. Usage in Cargo.toml: [dependencies] extd = "0.1.4" Example use extd::extract_td; f

null 4 Nov 4, 2022
STKLR is a tool to help you automatically link up named stuff in your rust docs!

_____ _______ _ ___ _____ / ____|__ __| |/ / | | __ \ | (___ | | | ' /| | | |__) | \___ \ | | | < | | | _ / ___

Jer 3 Oct 25, 2022
An open source WCH-Link library/command line tool written in Rust.

wlink - WCH-Link command line tool NOTE: This tool is still in development and not ready for production use. Known Issue: Only support binary firmware

WCH MCU for Rust 22 Mar 7, 2023
📡Proxy HTTP/1.1 requests over a sensitive point-to-point link

ptproxy Motivation What's this? Why do I need this? What's a sensitive network link? What's wrong with a VPN? What's wrong with HTTP[S]? What's wrong

Alba Mendez 5 Jul 26, 2023