Cro

Cro Release History

0.8.9§

This is a small bugfix release. Various tests involve use of TLS, which uses test certificates bundled with the modules. Unfortunately, their lifetime is bounded to a year, and it was forgotten to update them in the previous release, leading to module tests failing. Due to the Raku norm of running module tests at installation time, this caused inconvenience, which this earlier-than-planned release resolves. To avoid a repeat of this, all tests that depend on TLS are now moved under the xt directory rather than t, meaning they are not run at module installation time. Along with this are a couple of further small bugfixes.

The following changes were made to the Cro::Core distribution:

  • Fix parsing of media types with '.' in them

The following changes were made to the Cro::TLS distribution:

  • Regenerate test certificates and move certificate-dependent tests under xt/

The following changes were made to the Cro::HTTP distribution:

  • Regenerate test certificates and move certificate-dependent tests under xt/

The following changes were made to the Cro::WebSocket distribution:

  • Regenerate test certificates and move certificate-dependent tests under xt/

  • Make WebSocket client header handling correctly accept headers specified using Raku pairs

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Patrick Böker.

0.8.8§

This release brings numerous bug fixes and improvements. There are no intended or known breaking changes.

The improvements center around Cro::Webapp templates, which gain a structured tag syntax that leads to shorter and less error-prone template code. An elsif/else syntax and a template comment syntax is also available. Live reload of templates now also properly accounts for dependencies. Documentation of the template engine is also divided into a few articles for easier navigation.

The fixes span numerous areas of Cro, and include corrected IRI to URI conversion, more liberal media type parsing, fixes to HTTP/2.0 semantics, and corrected router handling of slurpy route path arguments with where clauses. Template <:use ...> now properly respects route-scoped template locations and can locate templates from resources.

The following changes were made to the Cro::Core distribution:

  • Fix parsing of media types of the form application/x-amz-json-1.1

  • Add a Str method to the Cro::Iri class

  • Fix bugs in IRI to URI conversion

The following changes were made to the Cro::TLS distribution:

  • Depend on a newer, more stable version of IO::Socket::Async::SSL

The following changes were made to the Cro::HTTP distribution:

  • Add support for parsing and extracting cookie extensions

  • Support route block plugins in before/after blocks (meaning that Cro::WebApp's template sub can now be used in an after block to produce an error page response, for example)

  • Include the request method and URI in Cro::HTTP::Client error messages

  • Add a way to get a route handler resource resolver via route-resource-resolver subroutine, for the benefit of router plugins that wish to work with resources

  • Implement HTTP/2.0 remote window handling

  • Provide a way to pass arbitrary TLS configuration options down to the underlying TLS module in Cro::HTTP::Client

  • Fix cleanup of timed out connections and make timeout handling more robust

  • Fix a bug where using where clause on a slurpy route parameter could cause an exception

  • Fix a bug where the HTTP/2 END_OF_STREAM flag was sent twice

  • Fix a bug where an incorrect MIME type was set when using the resource subroutine

  • Add support for the application/wasm MIME type

  • Fix a bug where percent encoding for a request body did not have enough digits, resulting in a protocol violation

  • Depend on a newer HTTP::HPACK version which supports more recent Rakudo versions

  • Clean up the cookie handling code

The following changes were made to the Cro::WebApp distribution:

  • Implement conditional structural tags, so that <?.foo><div>bar</div></?> can instead be written <?.foo div>bar</?>

  • Implement iteration structural tags, so <@items><li><$_></li></@> can instead be written <@items li><$_></@>

  • Provide an elsif and else syntax in templates (it takes the form <?foo>...</?> <!?bar>...</?> <!>baz</!>, and works with structured tag syntax also

  • Provide a syntax for template-level comments (no output send to the client) with the delimiters <#>...</#>

  • Make template live reload account for a template's dependencies

  • Ensure that template-locations of all kinds are properly respected when resolving template <:use ...> directives

  • Handle the template prelude entirely in the template repository base role, to avoid custom template repositories needing to handle it

  • Fix subclassing semantics for forms

The following changes were made to the Cro distribution:

  • Restructure the template documentation so that the template language gets its own page, along with dedicated pages for modules and parts

  • Document new template features (structured tags, elsif/else forms, and comments)

  • Document Cro::HTTP::Log::File

  • Have cro stub produce output using modern Raku file extensions

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Brian Duggan, dakkar, Juan Julián Merelo Guervós, Patrick Böker, Sylvain Colinet, Xliff.

0.8.7§

This release brings a number of bug fixes and new features, the most significant being an easy way to set up reverse proxying (where HTTP requests are forwarded to another server for processing, perhaps with modifications), configurable timeouts in the Cro HTTP client, and support for separators in Cro template iteration. Those using Cro templates will also enjoy file/line information from the template file when undefined values are encountered during template rendering.

The following changes were made to the Cro::Core distribution:

  • Add a role for timeout policies, along with a default concrete timeout policy implementation for staged operations

The following changes were made to the Cro::TLS distribution:

  • Set minimum version of IO::Socket::Async::SSL module

The following changes were made to the Cro::HTTP distribution:

  • Add Cro::HTTP::ReverseProxy, a reverse proxy transform. Reverse proxies forward requests to other HTTP servers. The headers and body can be manipulated in either direction, and the target URL selected dynamically based on the request if needed

  • Implement support for timeouts in Cro::HTTP::Client. Timeouts can be set individually for establishing a connection to the server, receiving the response headers, and receiving the response body; an overall time budget for the total process can also be set

  • Fix a memory leak on every connection when middleware was used

  • Fix parsing of cookie values wrapped in double quotes

  • Report an error on no matching body serializer (using the unhandled error reporter, which by default notes in on $*ERR)

  • Ensure content overrides any existing content type header of the response

  • Report a likely wrong router implementation case where a signature capture is specified instead of a signature

The following changes were made to the Cro::WebApp distribution:

  • Add a way to render a separator between items in an iteration tag

  • Give a better warning when data passed to a template contains a Nil or a type object, specifying the exact template file and line where the undefined value was encountered

  • Allow forms to be rendered with non-POST methods

  • Properly display DateTime fields in Cro::WebApp::Forms

The following changes were made to the Cro distribution:

  • Fix some typos in the documentation

  • Document new features

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Stefan Seifert, Will "Coke" Coleda, Clifton Wood, James Raspass.

0.8.6§

This release brings a number of significant improvements.

Cro templates gain a major new feature: template parts, which are primarily useful for factoring out provision of data for common page elements, such as indicating the currently logged in user or showing shopping basket size. They also offer an alternative way to write templates: the MAIN part receives the top-level template data, giving an alternative to accessing everything via the topic variable.

While it has long been easy to serve static content from files in Cro, it's now also straightforward to serve them from resources; Cro templates can also be stored as resources. This makes it far easier to distribute Cro applications via the module ecosystem.

The Cro::HTTP::Client now handles IRIs (International Resource Identifiers), along with having convenience methods for when one only wants the body of a response, rather than having to get the response object and then obtain the body from that. Instead of get, call get-body (and the same for the other request methods).

Last but not least, profiling led to the identification of a number of straightforward performance improvements, and we've measured upto 50% more requests per second being processed in a simple Cro HTTP application.

The following changes were made to the Cro::Core distribution:

  • Improve support of IRI and URI, introduce a common role Cro::ResourceIdentifier as well as a package named the same way containing the decode-percents, encode-percents and encode-percents-excvept-ASCII subroutines

  • Add methods parse-relative and parse-ref to Cro::Iri

  • The IRI parser now handles URI and both IRI and URI now support URI with forbidden characters such as [ and automatically encodes them as RFC 3986 suggests

  • Fix a bug with padding in the encode-percents subroutine

The following changes were made to the Cro::HTTP distribution:

  • Improve the performance of a Cro HTTP application up to 50% more requests per second

  • Add a router plugin mechanism which is used to make template-resources serve templates from the distribution resources, allow the template-location subroutine to respect the route block structure and configure a resource hash that will will be used for serving static content. Its API is documented and can be utilized for writing extensions for the Cro HTTP router.

  • The Cro::HTTP::Client now accepts IRI, a Unicode superset of URI, and automatically encodes the given IRI so that it will be understood by the server

  • Add a family of *-body methods to Cro::HTTP::Client which are shortcuts for an await for the response and an await for the body, corresponding to HTTP methods (such as get-body, post-body, put-body, delete-body, path-body and generic request-body)

  • Add a quality-header for the Cro::HTTP::Message

  • Warn if a route block is sunk (most likely a forgotten include or delegate call)

The following changes were made to the Cro::WebSocket distribution:

  • Fix a flapper test

The following changes were made to the Cro::WebApp distribution:

  • The template-location subroutine now works in a lexical fashion instead of being global, this is a breaking change

  • Introduce the template parts mechanism to factor out data obtaining for common parts in templates

  • Implement getting templates from the distribution resources

  • Add a parse-template subroutine allowing to parse and compile a template from a Str

  • Suppress a misleading warning during the test run

Fix parsing of HTML comments that contain < within the comment

The following changes were made to the Cro distribution:

  • Make tests a bit more robust

  • Improve documentation

This release was contributed to by Alexander Kiryuhin, Jonathan Worthington, and vendethiel from Edument, together with the following community members: Vadim Belman, Geoffrey Broadwell.

0.8.5§

This release brings support for the TCP_NODELAY option and enables it by default for TCP and TLS connections, improving latency. Meanwhile, Cro templates will now be reloaded without a service restart if CRO_DEV=1 is set in the environment, and template parse error reporting is significantly improved.

The following changes were made to the Cro::Core distribution:

  • Add support for enabling TCP_NODELAY by providing a nodelay subroutine updating the socket to enable the option, add a flag in Cro::TCP connector to enable it.

  • Make media type parsing more lenient

  • Provide a proper error message on calling the stop method on a Cro::Service before start

The following changes were made to the Cro::TLS distribution:

  • Support TCP_NODELAY for TLS connections.

The following changes were made to the Cro::HTTP distribution:

  • Add Log::Timeline logging in Cro::HTTP::Client, so request processing can be visualized

  • Enable TCP_NODELAY by default

  • Fix redirection to a relative URL when the initial request URL had no trailing /

The following changes were made to the Cro::WebSocket distribution:

  • Make web-socket routine a multi to allow overloading it

The following changes were made to the Cro::WebApp distribution:

  • Allow hot reload of compiled templates when the CRO_DEV environment variable is set

  • Add Log::Timeline logging for template compilation and rendering

  • Improve parse error in templates

  • Allow optional dot after an array sigil in iteration (e.g. <@.foo>)

  • Add the :test parameter to the template-location routine, allowing one to setup filtering of files taken as templates

  • Provide a preliminary API for making a custom template repository. Expose the Cro::WebApp::Template::Repository role to be implemented.

The following changes were made to the Cro::HTTP::Test distribution:

  • Add semantic test subs is-ok, is-no-content, is-bad-request, is-unauthorized, is-forbidden, is-not-found, is-method-not-allowed, is-conflict and is-unprocessable-entity

The following changes were made to the Cro distribution:

  • Change the order of questions asked during cro stub invocation, making deciding on HTTPS usage optional depending on the HTTP versions specified

  • Properly warn a user during a cro run invocation if no .cro.yml configuration file was found in the current directory tree

0.8.4§

This release brings lots of small improvements and plenty of bug fixes. Of note, the WebSocket client received a lot of reliability fixes, and the HTTP client gained support for proxies, automatically honoring the HTTP_PROXY and HTTPS_PROXY environment variables. For those building HTTP services, a new around feature in the router allows for easier lifting out of error handling across all request handlers (and probably a few more interesting things that we didn't think of yet). No compatibility issues are foreseen.

The following changes were made to the Cro::Core distribution:

  • Add Cro::UnhandledErrorReporter to provide user control over the reporting of unhandled errors

  • Provide a means to give more context when there is a problem serializing a message body

  • Remove a workaround for a long-fixed Rakudo bug with the CLOSE phaser

The following changes were made to the Cro::TLS distribution:

  • Add a certificate regeneration script and update the certificates used by the tests

The following changes were made to the Cro::HTTP distribution:

  • Cro::HTTP::Client now has a user-agent option for specifying the user agent, which is more convenient than setting it via the headers mechanism. Furthermore, a default User-agent header with the value Cro is now set.

  • Decode + characters in query strings to spaces. This isn't part of the URI spec, but is a widely supported extension for query strings.

  • Support the identity transfer encoding

  • Handle the :authority pseudo-header in HTTP/2, mapping it to the Host header

  • Simplify the SameSite cookie processing code

  • Introduce the around router function, which enables installation of a wrapper around all of a route block's handlers

  • Give Cro::HTTP::Body::WWWFormUrlEncoded keys and values methods to make it behave a bit more like a standard hash, as well as a rather more useful gist output

  • Make Cro::HTTP::Client honor the HTTP_PROXY and HTTPS_PROXY environment variables, as well as providing a means to set proxy servers to use at the time the client is constructed

  • Improve error reporting then a response body cannot be serialized; the type of the body and the request URI that was being processed are now reported

  • Fix upgraded connections sometimes not being closed when the body ends

  • Ensure body streams are terminated on all kinds of connection termination (this issue was most commonly observed with WebSocket connections)

The following changes were made to the Cro::WebSocket distribution:

  • Honor override of Sec-WebSocket-Protocol header

  • Fix a deadlock that could occur in the client when a ping was received while a message was being sent

  • Avoid a possible race and exception when a ping times out in the client

  • Ensure all outstanding client-sent pings fail upon connection close, to avoid a hang in any code awaiting them

  • Make handling of unexpected connection close more consistent in the client

  • Make sure the close message is consistently set correctly in the client

  • Ensure that all kinds of serialization failure are conveyed back to the client send caller, fixing a potential hang when serialization failed in certain ways

  • Make sure tests can run reliably in parallel

  • Assorted small code quality improvements

The following changes were made to the Cro::WebApp distribution:

  • The Date and DateTime types may now be used on form field attributes, and imply the date and datetime-local control types respectively

  • Give generated forms a name, otherwise multi-select lists refuse to display the selected items in Firefox

  • Fix loss of current value with some control types in forms

  • In templates, support <@$foo> and <@$foo.bar> for iterating the contents of a variable

  • Add a direct dependency on OO::Monitors

The following changes were made to the Cro distribution:

  • Allow specification of the host for cro run and cro trace through a --host option

  • Handle IPv6 literals in the URL format to cro web

  • Add documentation for all new features

  • Clarify how base-uri is used in the HTTP client documentation

  • Fix assorted errors in the Cro::WebApp::Form documentation

  • Fix an example in the SPA tutorial so that it doesn't hang

  • Fix link to the Cro site in the README

This release was contributed to by Alexander Kiryuhin, Jonathan Worthington, and vendethiel from Edument, together with the following community members: Alastair Douglas, Elizabeth Mattijsen, Geoffrey Broadwell, Jeremy Studer, Joelle Maslak, Jonathan Stowe, Lukas Valle, Patrick Böker, and Stefan Seifert.

0.8.3§

This release brings a major new feature in Cro::WebApp: forms, which takes much of the tedium out of gathering data using forms. It also contains various fixes to HTTP/2 and WebSocket support, significant performance improvements for WebSockets, a range of new features relating to templates, and assorted smaller new features, fixes, and documentation improvements.

The following changes were made to the Cro::Core distribution:

  • Make Cro::Uri.parse and related methods respect subclassing

The following changes were made to the Cro::HTTP distribution:

  • Emit a HTTP/2 request or response object as soon as we have the headers, rather than waiting for the body. This brings it in line with how things work for HTTP/1, and also resolves issues where a hang could occur due to the await of the response never completing if there was an error while receiving the body.

  • Translate host header to :authority in HTTP/2 requests; some servers mandate this

  • Make sure that the trace output reports HTTP/2 when it is being used

  • Give Cro::Uri::HTTP a way to add query string arguments, taking care of the encoding of them

  • Add a query option to the request methods in Cro::HTTP::Client, to make it easy to form a query string

  • Ensure that basic authentication adds a WWW-Authenticate header on missing or failed authorization, and provide a way to set the realm

  • Fix Cro::HTTP::Auth::Basic in the case it was meant to update an existing session, not create one by itself

  • Fix a test that tried to use port 8080, which is commonly in use

  • Add more declarator docs, for better in-IDE documentation support

  • Assorted small code quality improvements

The following changes were made to the Cro::WebSocket distribution:

  • Fix mishandling of 2-byte extended payload length

  • Speed up payload masking by a factor of 200x

  • Simplify and improve performance of the WebSocket frame parser, up to around 4x faster

  • Simplify and improve performance of the WebSocket frame serializer by around 5-10%

  • Clean up logic in the message parser

The following changes were made to the Cro::WebApp distribution:

  • Add Cro::WebApp::Form, a mechanism for working with forms in web applications.

  • Implement named arguments and parameters in the template subs and macros (including the :$foo, :foo and :!foo forms)

  • Implement defaults on both positional and named arguments

  • Add True and False terms, which can be used as template arguments

  • Allow use of <?$foo.bar>...</?> in templates; this previously had to be written as <?{ $foo.bar }>...</?>

  • Don't blow up on <.foo> when it is dereferencing a hash and the hash key is missing; now it evaluates to Nil

  • Fixed transitive <:use ...> of templates

  • Implement support for template libraries, meaning that one can provide libraries of templates through the module ecosystem

The following changes were made to the Cro distribution:

  • Document the new Cro::HTTP::Client query option

  • Fix incorrect trailing / on an example in the HTTP router documentation

  • Correct documentation about HTTP basic authentication support

  • Bring the Cro::WebApp::Template documentation up to date with all new features

  • Add documentation for Cro::WebApp::Form

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, as well as Geoffrey Broadwell (who is to thank for the numerous Cro::WebSocket improvements).

0.8.2§

This release contains a number of small fixes and improvements, as well as adding documentation comments to the most commonly used parts of Cro.

The following changes were made to the Cro::Core distribution:

  • Provide an encode-percents function that is optionally exported by Cro::Uri when the :encode-percents tag is used

  • Directly cover the decode-percents function in Cro::Uri in the tests

  • Add documentation comments to various types and routines

The following changes were made to the Cro::HTTP distribution:

  • Fix a memory leak in the HTTP/2 frame parser when using more recent Rakudo versions; the parser accidentally relied on an optimizer bug, which was fixed in Rakudo

  • Update the default TLS cipher list, restoring an SSL Labs rating of "A" out of the box

  • Add support for the SameSite cookie directive

  • No longer buffer the logs written by Cro::HTTP::Log::File by default; this avoids delayed or lost log output when there is not a TTY attached to the service

  • Add documentation comments to various types and routines

The following changes were made to the Cro::WebApp distribution:

  • Implement template conditionals directly using variables, like <?$foo>...</?> and <!$foo>...</!>

  • Support all of the Perl 6 string comparison operators

  • Add documentation comments to various types and routines

The following changes were made to the Cro distribution:

  • Don't hardcode the name perl6 for the executable, since that is both unportable and won't work well with those using a raku executable

  • Suggest next steps in the getting started documentation

  • Document the new encode-percents function in Cro::Uri

  • Various typo fixes

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: AnaTofuZ, Elizabeth Mattijsen, James Raspass, Jeremy Studer, Nick Logan, Patrick Böker.

0.8.1§

This release brings a new distribution, Cro::WebApp, which is aimed at those who wish to use Cro to build server-side web applications that render dynamic content server-side (as opposed to Single Page Applications, where the backend consists almost entirely of a HTTP API called by a JavaScript application that runs in the browser). The distribution provides Cro::WebApp::Template, which is a templating engine that integrates neatly with Cro. We already have been using this successfully in production at Edument for many months.

Another interesting change in this release is integration with Log::Timeline, which allows visualization of Cro HTTP requests using Comma IDE (this feature is available in Comma Complete from 2019.5, and will be included in the Comma Community release 2019.7). The request visualization allows one to better understand the time taken in the request pipeline, as well as see parallel processing of requests. Further, this can be seen alongside any other Log::Timeline logging you place into your application.

Besides that, this release has numerous other bug fixes and improvements. There are no intended compatibility breaks with Cro 0.8.0.

The following changes were made to the Cro::Core distribution:

  • Ensure that the connection manager terminates all connection pipelines when the server is stopped; previously it did not keep track of the subscriptions properly

The following changes were made to the Cro::HTTP distribution:

  • Support adding cookies directly into Cro::HTTP::CookieJar

  • Add a static-resource response function, for serving content out of %?RESOURCES

  • Integrate Log::Timeline to provide insight into Cro HTTP pipelines

  • Fix a problem with handling of mutlipart/form-data bodies exposed by using them with OpenAPI validation

  • Don't leak top-level global symbols out of Cro::HTTP::Cookie; expose things with qualified names or as lexical exports instead

  • Tolerate missing spaces in cookie headers; some servers have bugs that produce such malformed cookie headers

  • Export route verbs like get and put as multi candidates, so we don't hide the put built-in, which may be used for debugging output

  • Correctly report which response function was used outside of a route block

  • Support latest version of JSON::Fast

  • Fix router tests on Windows

  • Fix a test that could fail in the absence of ALPN support

  • Fix possible issues if running tests in parallel

  • Eliminate use of v6.d.PREVIEW

The following changes were made to the Cro::WebSocket distribution:

  • Fix some cases where connection closed was not conveyed properly

  • Improve connection closed error reporting

  • Ensure that sending an unserializable value does not result in a silent failure

  • When reporting a crash in a WebSocket handler, note that's where it came from

  • Code cleanup in WebSocket client

  • Fix accidental reliance on a Rakudo optimizer bug in the WebSocket frame parser

  • Add tests to cover wss with a custom CA

The following changes were made to the Cro distribution:

  • Make the runner's file watching more robust

  • Document faking peer-host and peer-port in tests

  • Document directly adding to the cookie jar

  • Document Cro::HTTP::Request's connection method

  • Document Cro::MediaType

  • Note the need for a use statement in body parser and serializer examples

  • Assorted typo fixes in the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Clifton Wood, Elizabeth Mattijsen, Itsuki Toyota, Martin Barth, Olivier Mengué, Patrick Böker.

0.8.0§

This release introduces a backwards-incompatible change to the HTTP router's middleware semantics, the new behavior resolving a common point of confusion when dealing with authorization middleware. The release also contains many other bug fixes and tweaks.

Before this release, middleware applied with before and after ran once a route was matched and after a request was processed by a matched route. This made it impossible to apply authentication middleware without an extra level of route/delegate, since the authentication and authorization is handled as part of route matching.

The previous behavior (applying middleware only to a route that has been matched) is preserved and renamed to before-matched and after-matched. Therefore, any code can be adapted by replacing calls to before to use before-matched, and replacing calls to after to after-matched.

The new before and after-applied middleware semantics result in a route block returning the Cro composition of the before components, followed by the route handler, followed by the after components - much as happens when applying middleware at the server level.

Further, all middleware application in a route block will apply to all routes inside of the block, not just those located textually after it as was the case before. This is trivially the case for before and after (there's no other way it could be, given the new semantics), but is also now the case with before-matched and after-matched

The following changes were made to the Cro::HTTP distribution:

  • New middleware semantics, as described above.

  • Fix handling of cookies with the expires property defined instead of max-age.

  • Properly set a Cro::HTTP::Request object to the request attribute of a HTTP response received with Cro::HTTP::Client. Also add a request method to the client exception types as a shortcut for getting the request object that resulted in an error.

  • Add new uri method to Cro::HTTP::Request which gives the full request URI. This is especially useful if the HTTP client followed a redirect and one wishes to know exactly what URI was fetched in the end.

  • Fix an exception in Cro::HTTP2::FrameParser related to data decoding of HTTP/2.0 frame.

  • Fix a bug that led to lowercasing of cookie values in HTTP/2.0. This in turn fixes usage of Cro::HTTP::Session::InMemory under HTTP/2.0.

  • Indicate with an exception situation when HTTP/2.0 client/server sends RST frame of stream that Cro server/client does not know about.

  • Fix cookie setting path.

  • Make session cookie be always set to / path, so now Cro session mechanism correctly updates cookie with a new session after the old one expires.

  • Use the Authorization header name instead of Auth in Cro::HTTP::Auth::WebToken::Bearer.

  • Fix compliance with the HTTP spec on the host header: now we append Host header when non-standard HTTP port (not 80 nor 443) is used.

  • Force use of Perl 6.d semantics in the HTTP client, which avoids various ways that it might end up working slowly due to eating too many real threads.

  • When a route fails to match with 400 or 401, and another route fails to match with a 405, prefer the 400 or 401 error.

The following changes were made to the Cro::WebSocket distribution:

  • Do a note of unhandled exceptions in WebSocket handlers, instead of silently losing them.

The following changes were made to the Cro distribution:

  • Document new router middleware semantics of Cro::HTTP::Router.

  • Make Cro::Tools::Template::HTTPService easier to inherit by changing $include-websocket specialised parameter into more generic %options one.

  • Fix indentation-related warning on Cro installation.

  • Add a multipart/form-data body handling example on Cro::HTTP::Router documentation page.

  • Add document on structuring larger services/apps with Cro.

  • Document request property of HTTP client exception.

  • Document using CRO_TRACE with the HTTP client.

  • Document uri method of Cro::HTTP::Request.

  • Fix a long-standing issue with instant restart of Cro service right after its start with cro run.

  • Issues with .cro.yml file are now reported to user when cro run is being used, instead of too generic service cannot be started message.

  • Consider case when .cro.yml file is created, but its content is not yet written, which could lead to an exception before.

  • Better document Cro::WebSocket::Client.

  • Indicate cause of a service restart to the user to make it easier to discover which files to ignore if getting unwanted restarts.

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Xliff, lukasvalle, Rod Taylor, Lance Wicks, Nick Logan.

0.7.6§

This release contains a number of minor new features (better support for working with the less commonly used HTTP methods, and an ignore section in the .cro.yml file). It also contains numerous fixes and tweaks, as well as some documentation improvements.

The following changes were made to the Cro::Core distribution:

  • Allow a trailing ; in media types

  • Fix media type parse error on many-dot subtype

The following changes were made to the Cro::HTTP distribution:

  • Set default ciphers to Moz. Modern Compatibility

  • Do not provide a default randomized cookie name for the persistent session role, and instead give an error if the user does not set cookie-name. It's useless to keep sessions in a database if the cookie name changes on every application restart, but providing a hardcoded default is a platform fingerprinting risk. Making the user specify a cookie name is thus a better way forward.

  • Fix WWWUrlEncode body parser applicability test to use Cro::MediaType and so check more robustly (it used to do a string match on the header, and so would get confused by a charset parameter).

  • Fix static mime type handling on serving index files

  • Use original-target in Cro::HTTP::Log::File, so that delegated routes will produce the full request target in the logs

  • Provide allowed-methods on Cro::HTTP::Server in order to set the HTTP methods that will be accepted

  • Cro::HTTP::Router now exports a http sub, providing a more convenient way to write routes for some of the less widely used HTTP methods (or for implementing protocols based on HTTP)

The following changes were made to the Cro::WebSocket distribution:

  • Don't force the ca argument to be passed in order to use wss:// in Cro::WebSocket::Client

  • Force HTTP/1.1 use in Cro::WebSocket::Client (connecting to a secure endpoint hosted by a server supporting HTTP/2.0 could upgrade and then find itself unable to speak the WebSocket protocol, which is tied to HTTP/1.1)

  • Fix various issues with URI handling in Cro::WebSocket::Client

  • Provide more detailed trace output for WebSocket frames and messages

The following changes were made to the Cro distribution:

  • Remove bin/cro from the provides section of META6.json

  • Implement support for the env section in the .cro.yml file, so that additional environment variables can be provided at development time

  • Implement an ignore section in the .cro.yml file to ignore certain paths from being watched to decide to make a service restart

  • Fix dependencies of a generated ZeroMQ project

  • Clarify deployment documentation

  • Document new ignore support in .cro.yml

  • Document allowed-methods HTTP server option

  • Document new http sub for custom request methods in router

  • Text tweaks to HTTP client introduction text

  • Document custom HTTP methods in the client

  • Add a code example of .body in HTTP client docs

  • Various typo fixes in the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: cono, FCO, Fritz Zaucker, Lance Wicks, Moritz Lenz, Nick Logan.

0.7.5§

This release brings two major new features:

  • The Cro::OpenAPI::RoutesFromDefinition module, which supports implementing services specified using an OpenAPI v3 document without needing to repeat the routes, validation, and so forth from the document. This work was funded by Nick Logan (ugexe). Three modules for wider Perl 6 use were produced and released as part of this work: JSON::Pointer, OpenAPI::Model, and OpenAPI::Schema::Validate.

  • The Cro::HTTP::Test module, which offers a convenient way to write tests for HTTP services. It is, of course, primarily aimed at those services built using Cro, but may also be provided with a URI as the test target rather than a Cro application, and thus can be used to write tests for any HTTP service. This work was funded by Oetiker+Partner.

The following changes were made to the Cro::Core distribution:

  • Add parse-relative and parse-ref to Cro::Uri, which parse a relative URI and a URI reference (either relative or absolute URI) respectively

  • Provide an add method to Cro::Uri, which implements relative URI reference resolution

  • When a Cro::Uri is constructed with an authority component but no host, parse the authority component

  • The Str method on Cro::Uri now assembles the string from the URI components, rather than depending on retaining the original URI

The following changes were made to the Cro::HTTP distribution:

  • Use the new Cro::Uri.add(...) method to implement the base-uri feature of Cro::HTTP::Client, making it vastly more correct

  • Make it possible to replace the Cro::HTTP::Client connector pipeline component when subclassing the client

  • Make :@query parameters in Cro::HTTP::Router reflect the original query string order

The following changes were made to the Cro::WebSocket distribution:

  • Make matching of the Upgrade header's value case-insensitive, so as to permit the WebSocket some servers send instead of websocket.

The following changes were made to the Cro distribution:

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument. We would like to thank Nick Logan (ugexe) and Oetiker+Partner for supporting the key new features found in this release.

0.7.4§

This release brings a number of new features, along with some bug fixes. The Cro team now provides Docker base images for aiding deployment of Cro services. The cro stub command also generates a Dockerfile that uses these base images, meaning stubbed services can be built into a container without any further work.

The following changes were made to the Cro::Core distribution:

  • Add relative URL parsing support to Cro::Uri

  • Add Cro::Iri, a class for parsing and working with Internationalized Resource Identifiers

The following changes were made to the Cro::HTTP distribution:

  • Make the static router function accept an IO::Path as the first (base directory) argument

  • Make the static router function slurp up the rest of its positional arguments and use them as the path below the base; previously, it took an optional array

  • Make the static router function support an :indexes[...] option, which configures files that should be served as a directory index

  • Switch to using the DateTime::Parse module instead of having our own such parser

  • Make Cro::HTTP::Router::RouteSet more subclass-friendly, by making a number of attributes public and exposing the Handler base role

  • Implement cookies option to Cro::HTTP::Client, for setting cookies to be sent with the request

  • Make Cro::HTTP::Client more tolerant of an SSL library with no ALPN support under default usage

The following changes were made to the Cro::WebSocket distribution:

  • Make Upgrade header matching case-insensitive

The following changes were made to the cro distribution:

  • Generate a Dockerfile in HTTP projects produced by cro stub

  • Provide Docker deployment documentation

  • Follow changes in Webpack 4.0 in the SPA tutorial

  • Make cro serve serve some common directory index files

  • Document new static features

  • Correct session example in documentation to do Cro::HTTP::Auth

  • Fix watch-dir test on OSX

  • Don't remove digits in environment variable names when mangling the service ID in cro stub

  • Write a .gitignore file as part of cro stub

  • Be a bit more liberal with runner test timeout, for slower systems

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Geoffrey Broadwell, Itsuki Toyota, Nick Logan, scriplit, Tobias Leich.

0.7.3§

This release brings a range of new features, fixes, and improvements. The key new features include support for HTTP/2.0 push promises (both server side and client side), HTTP session support (which makes authentication/authorization far easier to handle), body parser/serialization support in WebSockets, and a UI for manipulating inter-service links in cro web.

Body parsing has been refactored with this release, the Cro::HTTP::BodyParser and Cro::HTTP::BodySerializer roles (and their related selector roles) now living in Cro::Core (as Cro::BodyParser and so forth). Further, various body-related infrastructure is in the new Cro::MessageWithBody role, which is used in both the HTTP and WebSocket message objects. This is the only intended backward-incompatible change in this release, and will only impact those who have written custom body parsers and serializers. Thankfully, the changes should be no more than simply deleting ::HTTP from the role names.

A more detailed summary of the changes follows.

The following changes were made to the Cro::Core distribution:

  • Lower default limit of binary blob trace output to 512 bytes

  • Add Cro::BodyParser, Cro::BodyParserSelector, Cro::BodySerializer, and Cro::BodySerializerSelector roles, based on those previously in the Cro::HTTP distribution

  • Add Cro::MessageWithBody role to factor out the commonalities of body handling between HTTP and WebSockets (and, in the future, ZeroMQ)

The following changes were made to the Cro::HTTP distribution:

  • Add auth attribute to Cro::HTTP::Request, which can be used to carry an "authority" object (session, authorization, etc.)

  • Support getting a request's auth into an initial route argument in the router

  • Implement Cro::HTTP::Session::InMemory middleware, for in-memory sessions

  • Provide a base role (Cro::HTTP::Session::Persistent) for implementing persistent sessions

  • Implement Cro::HTTP::Auth::Basic middleware

  • Implement JWT (JSON Web Token) authorization middleware

  • Implement support for HTTP/2.0 push promises, both client and server side

  • Correctly configure HTTPS for the HTTP/2.0 security profile when HTTP/2.0 is being used (improvements were contributed to the IO::Socket::Async::SSL module also)

  • Various fixes to HTTP/2.0 header handling (fixes were contributed to the HTTP::HPACK module also)

  • Correctly handle an empty HTTP/2.0 settings frame

  • Refactor to use the body parser and serializer infrastructure now in the Cro::Core distribution, and remove Cro::HTTP::BodyParser, Cro::HTTP::BodySerializer, and related roles

The following changes were made to the Cro::WebSocket distribution:

  • Refactor to support body parsers and serializers, both client and server side

  • Add JSON body parser and serializer for WebSockets

  • Add :json option to web-socket router plug-in and Cro::WebSocket::Client as a shortcut to use the JSON body parser and serializer

  • Fix a data race between the frame and message parser due to failing to create fresh frame objects

  • Run WebSocket message handlers asynchronously, to avoid blocking on await of a fragmented message body

  • Address an unreliable test

The following changes were made to the cro distribution:

  • Refactor HTTP application templates for easier extensibility

  • Add a cro stub template for React/Redux Single Page Applications

  • Implement adding and editing inter-service links in the cro web UI

  • Workaround for a concurrency bug in YAML parsing, which caused tests (and, less often, cro run) to occasionally fail

  • Numerous documentation updates to cover the changes in this release

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument. The cro stub changes (including the React/Redux stub) are thanks to Geoffrey Broadwell.

0.7.2§

This release brings a number of new features making it easier to create and consume HTTP middleware, as well as support for middleware at a route block level. In tooling, the cro web tool now supports adding inter-service links when stubbing, and there are improvements for those writing templates for use with cro stub. Read on for details of the full set of improvements.

The following changes were made to the Cro::Core distribution:

  • Factor out trace output repeated code

  • Avoid trace output throwing exceptions on Windows

The following changes were made to the Cro::HTTP distribution:

  • Add Cro::HTTP::Middleware module, with a range of roles to simplify the implementation of middleware. These include Conditional (for request middleware that may wish to send an early response) and RequestResponse (for middleware interested in both requests and responses).

  • Support before and after in route blocks taking a block argument for writing simple inline middleware, together with support for before middleware to itself produce a response

  • Pass named arguments to the / route in Cro::HTTP::Router

  • Fix Cro::HTTP::Client handling of the http-only flag on cookies

  • Add the PATCH HTTP method to the default set of those accepted by the request parser, add a patch method to Cro::HTTP::Client, and a patch function to Cro::HTTP::Router

The following changes were made to the cro distribution:

  • Support creation of inter-service links when stubbing a service in the Cro web tool

  • Allow F5 to work in the Cro web tool even after navigating to other pages

  • Introduce the Cro::Tools::Template::Common role to factor out many common tasks between stub templates, and use it

  • Make existing templates more possible to subclass, to ease adding further stubbing templates

  • Fix HTTPS service stub generation

  • Document new Cro::HTTP middleware features

  • Document client and router support for the HTTP PATCH method

  • A range of typo and layout fixes across the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: dakkar, Geoffrey Broadwell, James Raspass, Michal Jurosz, Timo Paulssen, vendethiel.

0.7.1§

This is the second public BETA release of Cro, and the first to be distributed on CPAN. While this doesn't change how you will install Cro, it does provide the safety of installing a version we've vetted rather than the latest development commits. This release contains numerous improvements, including new features, bug fixes, and better documentation.

The following changes were made to the Cro::Core distribution:

  • Improve message tracing API and output, showing hex dump style output for binary data

  • Provide a mode for machine-readable trace output

  • Always flush handle after producing trace output

  • Add a workaround for a CLOSE phaser bug

The Cro::SSL distribution is deprecated in favor of Cro::TLS. In Cro::TLS, the following changes were made:

  • Eliminate a workaround for an older IO::Socket::Async::SSL bug

  • The tests no longer assume the availability of an OpenSSL version with ALPN

  • Add a workaround for a CLOSE phaser bug

Furthermore, the Cro team contributed bug fixes to IO::Socket::Async::SSL.

The following changes were made to the Cro::HTTP distribution:

  • Cro::HTTP::Router * Reply with 204 instead of dying when no status is set * Implement include * Implement delegate, with HTTP requests now carrying both the original-target and having a relative target * Properly handle % sequences in URL segments in HTTP router * Partial implementation of per-route-block middleware (before and after)

  • Cro::HTTP::Client * Fix an HTTP/1.1 vs HTTP/2.0 detection bug * Remove unused attributes in HTTP client internals * Fix client to pass on the query string in the target URI * Implement base-uri constructor argument, which will be prepended to all requests made with that client instance * Various fixes to HTTPS requests * Fix hang in HTTP client on unexpected connection close

  • HTTP/2.0 support fixes and improvements * Answer HTTP/2.0 pings * Don't try to negotiate HTTP/2.0 if ALPN is unavailable * Don't run HTTP/2.0 tests without ALPN * Don't rely on new HTTP/2.0 streams opening in order * Fix a couple of occasional hangs in the HTTP/2.0 client * Implement window size handling in HTTP/2.0

  • General * Correct misspelled body serializer class names * Implement new trace-output API for better trace output * Fix missing JSON::Fast dependency * Use Cro::TLS instead of Cro::SSL * Make urlencoded and multipart bodies associative, so they can be hash-indexed * Avoid port conflicts in parallel test runs

The following changes were made to the cro distribution:

  • cro tool * Add cro web, which launches a web frontend that can perform most of the tasks that the command line interface can * Implemented tools for working with inter-service links, including link templates and the new cro link sub-command * Make cro run inject environment variables with host/port for linked services * Implement cro services command to inspect known services * Output service STDOUT on runner's STDOUT, not STDERR * Layout tweaks to trace output * Correct HTTP service stub's .cro.yml generation * Default to "no" for HTTPS in HTTP service stub * Disarm any Failure found in template locator, avoiding a lot of noise

  • Documentation improvements * Add a getting started page * Add a tutorial showing how to build a single page application using Cro and React/Redux * Clarify parser/serializer passing * Document new include, delegate, before, and after functions in the HTTP router * Fix created example * Add example of body byte stream use in HTTP client * Clear up some confusions in cro-tool docs * Correct method name in example for header-list * Try to organize the docs in the index a bit better * Fix many typos and various formatting errors

  • Other * Harden tests against potential hangs

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Alexander Hartmaier, Alex Chen, Curt Tilmes, Kai Carver, Karl Rune Nilsen, MasterDuke17, Nick Logan, Salve J. Nilsen, Simon Proctor, Steve Mynott, and Tom Browder.

0.7.0§

This was the first public BETA release of Cro.