Cro Release History

2025-07-14 Cro::HTTP::Client gets more stable §

Another pesky bug in our HTTP2 protocol stack was squished. Let's see if this finally is the last fix on our year long journey to a Cro::HTTP::Client that Just Works.

Also installation on Windows should be a be a bit easier now.

The latest versions of the Cro libraries are:

Cro::Core:ver<0.8.10>:api<0>:auth
Cro::HTTP:ver<0.8.11>:api<0>:auth
Cro::TLS:ver<0.8.10>:api<0>:auth
Cro::WebApp:ver<0.10.0>:api<0>:auth
Cro::WebSocket:ver<0.8.10>:api<0>:auth
cro:ver<0.8.10>:api<0>:auth

To use the Cro libraries in a project, it usually suffices to only depend on Cro::HTTP and optionally Cro::WebApp or Cro::WebSocket.

Cro::HTTP 0.8.11 §

Avoid sending a 0-byte WINDOW_UPDATE frame
Permit use of updated HTTP::Pack module

This release was contributed to by:

Brian Duggan, Sam Gillespie

2025-04-14 Inline template support §

A small release of Cro::WebApp adding inline template support.

The latest versions of the Cro libraries are:

Cro::Core:ver<0.8.10>:api<0>:auth
Cro::HTTP:ver<0.8.10>:api<0>:auth
Cro::TLS:ver<0.8.10>:api<0>:auth
Cro::WebApp:ver<0.10.0>:api<0>:auth
Cro::WebSocket:ver<0.8.10>:api<0>:auth
cro:ver<0.8.10>:api<0>:auth

To use the Cro libraries in a project, it usually suffices to only depend on Cro::HTTP and optionally Cro::WebApp or Cro::WebSocket.

Cro::WebApp 0.10.0 §

Allow templates to be assembled within route blocks for HTML::Components.

This release was contributed to by:

Steve Roe

2025-01-15 The first Community Release and Fragment support §

This is the first Community release of Cro. I'd like to add another huge thanks to Edument for developing and freely releasing the Cro libraries. Let's hope that we as a community will manage to suitably continue the development of these libraries.

In this release we've changed the project structure to decouple the versions of the different distributions. So from now onward, the versions of the different distros do not necesssarily match up anymore. This will allow us to release changes faster. When installing one of the Cro distros, the dependency specifications will pull in the latest compatible versions of the other Cro distros. So the versions are not unchanging anymore. If you require a completely fixed version set of the Cro distros, please depend on all of the ones you need explicitly.

We've also renamed the default branch in all of the Cro repositories from master to main. To update your local repos respectively, please run the following commands:

git branch -m master main
git fetch origin
git branch -u origin/main main
git remote set-head origin -a

The biggest new feature introduced in this release set is fragment support in Cro templates. A fragment works somewhat like a template subroutine, except that it is intended to be placed inline within other template content. This allows rendering only parts of a template which can prove useful when building dynamic web pages using e.g. HTMX.

Apart from fragment support quite a few smaller other features and many bug fixes made it into the release as well. Below you'll find the full list of changes for each distro.

Happy hacking!

The latest versions of the Cro libraries are:

Cro::Core:ver<0.8.10>:api<0>:auth
Cro::HTTP:ver<0.8.10>:api<0>:auth
Cro::TLS:ver<0.8.10>:api<0>:auth
Cro::WebApp:ver<0.9.0>:api<0>:auth
Cro::WebSocket:ver<0.8.10>:api<0>:auth
cro:ver<0.8.10>:api<0>:auth

To use the Cro libraries in a project, it usually suffices to only depend on Cro::HTTP and optionally Cro::WebApp or Cro::WebSocket.

Cro::Core 0.8.10 §

Fix parsing URIs with empty path segments.
Enhance Cro::Message objects to allow adding arbitrary data via %.attributes.
Add an $.origin field to the X::Cro::Uri::ParseError exception so that consuming code can add origination information if so desired.
Change dependency management to allow individual Cro modules to be updated individually.
Rename all .pm6 files to .rakumod and .t files to .rakutest.

This release was contributed to by:

Clifton Wood, Patrick Böker

Cro::HTTP 0.8.10 §

Add two Response convenience methods: server-error (500) and not-supported (505).
Add support for HTTP/2 cookie headers.
Be more lenient when receiving Cookies with duplicate parameters.
Fix HTTP1.1 connection caching when explicitly passing the HTTP version.
Fix HTTP2 connections with multiple streams stalling.
Change dependency management to allow individual Cro modules to be updated individually.
Rename all .pm6 files to .rakumod and .t files to .rakutest.

This release was contributed to by:

Clifton Wood, Jeremy Carman, Patrick Böker, Vadim Belman

Cro::TLS 0.8.10 §

Change dependency management to allow individual Cro modules to be updated individually.
Update test certificates.
Rename all .pm6 files to .rakumod and .t files to .rakutest.

This release was contributed to by:

Patrick Böker

Cro::WebApp 0.9.0 §

Implement Fragment support. A template fragment works somewhat like a template subroutine, except that it is intended to be placed inline within other template content. This allows rendering only parts of a template. This can prove useful when building dynamic web pages using e.g. HTMX.
Fix using template parts via render-template.
Fix the generation of DateTime values in form elements.
Change dependency management to allow individual Cro modules to be updated individually.

This release was contributed to by:

Patrick Böker, Steve Roe

Cro::WebSocket 0.8.10 §

Change dependency management to allow individual Cro modules to be updated individually.
Rename all .pm6 files to .rakumod and .t files to .rakutest.

This release was contributed to by:

Patrick Böker

cro 0.8.10 §

Fix tests and CI.
Change dependency management to allow individual Cro modules to be updated individually.

This release was contributed to by:

Patrick Böker, Timo Paulssen, Tom Grimwood-Taylor

0.8.9 §

This is a small bugfix release. Various tests involve use of TLS, which uses test certificates bundled with the modules. Unfortunately, their lifetime is bounded to a year, and it was forgotten to update them in the previous release, leading to module tests failing. Due to the Raku norm of running module tests at installation time, this caused inconvenience, which this earlier-than-planned release resolves. To avoid a repeat of this, all tests that depend on TLS are now moved under the xt directory rather than t, meaning they are not run at module installation time. Along with this are a couple of further small bugfixes.

The following changes were made to the Cro::Core distribution:

Fix parsing of media types with '.' in them

The following changes were made to the Cro::TLS distribution:

Regenerate test certificates and move certificate-dependent tests under xt/

The following changes were made to the Cro::HTTP distribution:

Regenerate test certificates and move certificate-dependent tests under xt/

The following changes were made to the Cro::WebSocket distribution:

Regenerate test certificates and move certificate-dependent tests under xt/
Make WebSocket client header handling correctly accept headers specified using Raku pairs

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Patrick Böker.

0.8.8 §

This release brings numerous bug fixes and improvements. There are no intended or known breaking changes.

The improvements center around Cro::Webapp templates, which gain a structured tag syntax that leads to shorter and less error-prone template code. An elsif/else syntax and a template comment syntax is also available. Live reload of templates now also properly accounts for dependencies. Documentation of the template engine is also divided into a few articles for easier navigation.

The fixes span numerous areas of Cro, and include corrected IRI to URI conversion, more liberal media type parsing, fixes to HTTP/2.0 semantics, and corrected router handling of slurpy route path arguments with where clauses. Template <:use ...> now properly respects route-scoped template locations and can locate templates from resources.

The following changes were made to the Cro::Core distribution:

Fix parsing of media types of the form application/x-amz-json-1.1
Add a Str method to the Cro::Iri class
Fix bugs in IRI to URI conversion

The following changes were made to the Cro::TLS distribution:

Depend on a newer, more stable version of IO::Socket::Async::SSL

The following changes were made to the Cro::HTTP distribution:

Add support for parsing and extracting cookie extensions
Support route block plugins in before/after blocks (meaning that Cro::WebApp's template sub can now be used in an after block to produce an error page response, for example)
Include the request method and URI in Cro::HTTP::Client error messages
Add a way to get a route handler resource resolver via route-resource-resolver subroutine, for the benefit of router plugins that wish to work with resources
Implement HTTP/2.0 remote window handling
Provide a way to pass arbitrary TLS configuration options down to the underlying TLS module in Cro::HTTP::Client
Fix cleanup of timed out connections and make timeout handling more robust
Fix a bug where using where clause on a slurpy route parameter could cause an exception
Fix a bug where the HTTP/2 END_OF_STREAM flag was sent twice
Fix a bug where an incorrect MIME type was set when using the resource subroutine
Add support for the application/wasm MIME type
Fix a bug where percent encoding for a request body did not have enough digits, resulting in a protocol violation
Depend on a newer HTTP::HPACK version which supports more recent Rakudo versions
Clean up the cookie handling code

The following changes were made to the Cro::WebApp distribution:

Implement conditional structural tags, so that <?.foo><div>bar</div></?> can instead be written <?.foo div>bar</?>
Implement iteration structural tags, so <@items><li><$_></li></@> can instead be written <@items li><$_></@>
Provide an elsif and else syntax in templates (it takes the form <?foo>...</?> <!?bar>...</?> <!>baz</!>, and works with structured tag syntax also
Provide a syntax for template-level comments (no output send to the client) with the delimiters <#>...</#>
Make template live reload account for a template's dependencies
Ensure that template-locations of all kinds are properly respected when resolving template <:use ...> directives
Handle the template prelude entirely in the template repository base role, to avoid custom template repositories needing to handle it
Fix subclassing semantics for forms

The following changes were made to the Cro distribution:

Restructure the template documentation so that the template language gets its own page, along with dedicated pages for modules and parts
Document new template features (structured tags, elsif/else forms, and comments)
Document Cro::HTTP::Log::File
Have cro stub produce output using modern Raku file extensions

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Brian Duggan, dakkar, Juan Julián Merelo Guervós, Patrick Böker, Sylvain Colinet, Xliff.

0.8.7 §

This release brings a number of bug fixes and new features, the most significant being an easy way to set up reverse proxying (where HTTP requests are forwarded to another server for processing, perhaps with modifications), configurable timeouts in the Cro HTTP client, and support for separators in Cro template iteration. Those using Cro templates will also enjoy file/line information from the template file when undefined values are encountered during template rendering.

The following changes were made to the Cro::Core distribution:

Add a role for timeout policies, along with a default concrete timeout policy implementation for staged operations

The following changes were made to the Cro::TLS distribution:

Set minimum version of IO::Socket::Async::SSL module

The following changes were made to the Cro::HTTP distribution:

Add Cro::HTTP::ReverseProxy, a reverse proxy transform. Reverse proxies forward requests to other HTTP servers. The headers and body can be manipulated in either direction, and the target URL selected dynamically based on the request if needed
Implement support for timeouts in Cro::HTTP::Client. Timeouts can be set individually for establishing a connection to the server, receiving the response headers, and receiving the response body; an overall time budget for the total process can also be set
Fix a memory leak on every connection when middleware was used
Fix parsing of cookie values wrapped in double quotes
Report an error on no matching body serializer (using the unhandled error reporter, which by default notes in on $*ERR)
Ensure content overrides any existing content type header of the response
Report a likely wrong router implementation case where a signature capture is specified instead of a signature

The following changes were made to the Cro::WebApp distribution:

Add a way to render a separator between items in an iteration tag
Give a better warning when data passed to a template contains a Nil or a type object, specifying the exact template file and line where the undefined value was encountered
Allow forms to be rendered with non-POST methods
Properly display DateTime fields in Cro::WebApp::Forms

The following changes were made to the Cro distribution:

Fix some typos in the documentation
Document new features

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Stefan Seifert, Will "Coke" Coleda, Clifton Wood, James Raspass.

0.8.6 §

This release brings a number of significant improvements.

Cro templates gain a major new feature: template parts, which are primarily useful for factoring out provision of data for common page elements, such as indicating the currently logged in user or showing shopping basket size. They also offer an alternative way to write templates: the MAIN part receives the top-level template data, giving an alternative to accessing everything via the topic variable.

While it has long been easy to serve static content from files in Cro, it's now also straightforward to serve them from resources; Cro templates can also be stored as resources. This makes it far easier to distribute Cro applications via the module ecosystem.

The Cro::HTTP::Client now handles IRIs (International Resource Identifiers), along with having convenience methods for when one only wants the body of a response, rather than having to get the response object and then obtain the body from that. Instead of get, call get-body (and the same for the other request methods).

Last but not least, profiling led to the identification of a number of straightforward performance improvements, and we've measured upto 50% more requests per second being processed in a simple Cro HTTP application.

The following changes were made to the Cro::Core distribution:

Improve support of IRI and URI, introduce a common role Cro::ResourceIdentifier as well as a package named the same way containing the decode-percents, encode-percents and encode-percents-excvept-ASCII subroutines
Add methods parse-relative and parse-ref to Cro::Iri
The IRI parser now handles URI and both IRI and URI now support URI with forbidden characters such as [ and automatically encodes them as RFC 3986 suggests
Fix a bug with padding in the encode-percents subroutine

The following changes were made to the Cro::HTTP distribution:

Improve the performance of a Cro HTTP application up to 50% more requests per second
Add a router plugin mechanism which is used to make template-resources serve templates from the distribution resources, allow the template-location subroutine to respect the route block structure and configure a resource hash that will will be used for serving static content. Its API is documented and can be utilized for writing extensions for the Cro HTTP router.
The Cro::HTTP::Client now accepts IRI, a Unicode superset of URI, and automatically encodes the given IRI so that it will be understood by the server
Add a family of *-body methods to Cro::HTTP::Client which are shortcuts for an await for the response and an await for the body, corresponding to HTTP methods (such as get-body, post-body, put-body, delete-body, path-body and generic request-body)
Add a quality-header for the Cro::HTTP::Message
Warn if a route block is sunk (most likely a forgotten include or delegate call)

The following changes were made to the Cro::WebSocket distribution:

Fix a flapper test

The following changes were made to the Cro::WebApp distribution:

The template-location subroutine now works in a lexical fashion instead of being global, this is a breaking change
Introduce the template parts mechanism to factor out data obtaining for common parts in templates
Implement getting templates from the distribution resources
Add a parse-template subroutine allowing to parse and compile a template from a Str
Suppress a misleading warning during the test run

Fix parsing of HTML comments that contain < within the comment

The following changes were made to the Cro distribution:

Make tests a bit more robust
Improve documentation

This release was contributed to by Alexander Kiryuhin, Jonathan Worthington, and vendethiel from Edument, together with the following community members: Vadim Belman, Geoffrey Broadwell.

0.8.5 §

This release brings support for the TCP_NODELAY option and enables it by default for TCP and TLS connections, improving latency. Meanwhile, Cro templates will now be reloaded without a service restart if CRO_DEV=1 is set in the environment, and template parse error reporting is significantly improved.

The following changes were made to the Cro::Core distribution:

Add support for enabling TCP_NODELAY by providing a nodelay subroutine updating the socket to enable the option, add a flag in Cro::TCP connector to enable it.
Make media type parsing more lenient
Provide a proper error message on calling the stop method on a Cro::Service before start

The following changes were made to the Cro::TLS distribution:

Support TCP_NODELAY for TLS connections.

The following changes were made to the Cro::HTTP distribution:

Add Log::Timeline logging in Cro::HTTP::Client, so request processing can be visualized
Enable TCP_NODELAY by default
Fix redirection to a relative URL when the initial request URL had no trailing /

The following changes were made to the Cro::WebSocket distribution:

Make web-socket routine a multi to allow overloading it

The following changes were made to the Cro::WebApp distribution:

Allow hot reload of compiled templates when the CRO_DEV environment variable is set
Add Log::Timeline logging for template compilation and rendering
Improve parse error in templates
Allow optional dot after an array sigil in iteration (e.g. <@.foo>)
Add the :test parameter to the template-location routine, allowing one to setup filtering of files taken as templates
Provide a preliminary API for making a custom template repository. Expose the Cro::WebApp::Template::Repository role to be implemented.

The following changes were made to the Cro::HTTP::Test distribution:

Add semantic test subs is-ok, is-no-content, is-bad-request, is-unauthorized, is-forbidden, is-not-found, is-method-not-allowed, is-conflict and is-unprocessable-entity

The following changes were made to the Cro distribution:

Change the order of questions asked during cro stub invocation, making deciding on HTTPS usage optional depending on the HTTP versions specified
Properly warn a user during a cro run invocation if no .cro.yml configuration file was found in the current directory tree

0.8.4 §

This release brings lots of small improvements and plenty of bug fixes. Of note, the WebSocket client received a lot of reliability fixes, and the HTTP client gained support for proxies, automatically honoring the HTTP_PROXY and HTTPS_PROXY environment variables. For those building HTTP services, a new around feature in the router allows for easier lifting out of error handling across all request handlers (and probably a few more interesting things that we didn't think of yet). No compatibility issues are foreseen.

The following changes were made to the Cro::Core distribution:

Add Cro::UnhandledErrorReporter to provide user control over the reporting of unhandled errors
Provide a means to give more context when there is a problem serializing a message body
Remove a workaround for a long-fixed Rakudo bug with the CLOSE phaser

The following changes were made to the Cro::TLS distribution:

Add a certificate regeneration script and update the certificates used by the tests

The following changes were made to the Cro::HTTP distribution:

Cro::HTTP::Client now has a user-agent option for specifying the user agent, which is more convenient than setting it via the headers mechanism. Furthermore, a default User-agent header with the value Cro is now set.
Decode + characters in query strings to spaces. This isn't part of the URI spec, but is a widely supported extension for query strings.
Support the identity transfer encoding
Handle the :authority pseudo-header in HTTP/2, mapping it to the Host header
Simplify the SameSite cookie processing code
Introduce the around router function, which enables installation of a wrapper around all of a route block's handlers
Give Cro::HTTP::Body::WWWFormUrlEncoded keys and values methods to make it behave a bit more like a standard hash, as well as a rather more useful gist output
Make Cro::HTTP::Client honor the HTTP_PROXY and HTTPS_PROXY environment variables, as well as providing a means to set proxy servers to use at the time the client is constructed
Improve error reporting then a response body cannot be serialized; the type of the body and the request URI that was being processed are now reported
Fix upgraded connections sometimes not being closed when the body ends
Ensure body streams are terminated on all kinds of connection termination (this issue was most commonly observed with WebSocket connections)

The following changes were made to the Cro::WebSocket distribution:

Honor override of Sec-WebSocket-Protocol header
Fix a deadlock that could occur in the client when a ping was received while a message was being sent
Avoid a possible race and exception when a ping times out in the client
Ensure all outstanding client-sent pings fail upon connection close, to avoid a hang in any code awaiting them
Make handling of unexpected connection close more consistent in the client
Make sure the close message is consistently set correctly in the client
Ensure that all kinds of serialization failure are conveyed back to the client send caller, fixing a potential hang when serialization failed in certain ways
Make sure tests can run reliably in parallel
Assorted small code quality improvements

The following changes were made to the Cro::WebApp distribution:

The Date and DateTime types may now be used on form field attributes, and imply the date and datetime-local control types respectively
Give generated forms a name, otherwise multi-select lists refuse to display the selected items in Firefox
Fix loss of current value with some control types in forms
In templates, support <@$foo> and <@$foo.bar> for iterating the contents of a variable
Add a direct dependency on OO::Monitors

The following changes were made to the Cro distribution:

Allow specification of the host for cro run and cro trace through a --host option
Handle IPv6 literals in the URL format to cro web
Add documentation for all new features
Clarify how base-uri is used in the HTTP client documentation
Fix assorted errors in the Cro::WebApp::Form documentation
Fix an example in the SPA tutorial so that it doesn't hang
Fix link to the Cro site in the README

This release was contributed to by Alexander Kiryuhin, Jonathan Worthington, and vendethiel from Edument, together with the following community members: Alastair Douglas, Elizabeth Mattijsen, Geoffrey Broadwell, Jeremy Studer, Joelle Maslak, Jonathan Stowe, Lukas Valle, Patrick Böker, and Stefan Seifert.

0.8.3 §

This release brings a major new feature in Cro::WebApp: forms, which takes much of the tedium out of gathering data using forms. It also contains various fixes to HTTP/2 and WebSocket support, significant performance improvements for WebSockets, a range of new features relating to templates, and assorted smaller new features, fixes, and documentation improvements.

The following changes were made to the Cro::Core distribution:

Make Cro::Uri.parse and related methods respect subclassing

The following changes were made to the Cro::HTTP distribution:

Emit a HTTP/2 request or response object as soon as we have the headers, rather than waiting for the body. This brings it in line with how things work for HTTP/1, and also resolves issues where a hang could occur due to the await of the response never completing if there was an error while receiving the body.
Translate host header to :authority in HTTP/2 requests; some servers mandate this
Make sure that the trace output reports HTTP/2 when it is being used
Give Cro::Uri::HTTP a way to add query string arguments, taking care of the encoding of them
Add a query option to the request methods in Cro::HTTP::Client, to make it easy to form a query string
Ensure that basic authentication adds a WWW-Authenticate header on missing or failed authorization, and provide a way to set the realm
Fix Cro::HTTP::Auth::Basic in the case it was meant to update an existing session, not create one by itself
Fix a test that tried to use port 8080, which is commonly in use
Add more declarator docs, for better in-IDE documentation support
Assorted small code quality improvements

The following changes were made to the Cro::WebSocket distribution:

Fix mishandling of 2-byte extended payload length
Speed up payload masking by a factor of 200x
Simplify and improve performance of the WebSocket frame parser, up to around 4x faster
Simplify and improve performance of the WebSocket frame serializer by around 5-10%
Clean up logic in the message parser

The following changes were made to the Cro::WebApp distribution:

Add Cro::WebApp::Form, a mechanism for working with forms in web applications.
Implement named arguments and parameters in the template subs and macros (including the :$foo, :foo and :!foo forms)
Implement defaults on both positional and named arguments
Add True and False terms, which can be used as template arguments
Allow use of <?$foo.bar>...</?> in templates; this previously had to be written as <?{ $foo.bar }>...</?>
Don't blow up on <.foo> when it is dereferencing a hash and the hash key is missing; now it evaluates to Nil
Fixed transitive <:use ...> of templates
Implement support for template libraries, meaning that one can provide libraries of templates through the module ecosystem

The following changes were made to the Cro distribution:

Document the new Cro::HTTP::Client query option
Fix incorrect trailing / on an example in the HTTP router documentation
Correct documentation about HTTP basic authentication support
Bring the Cro::WebApp::Template documentation up to date with all new features
Add documentation for Cro::WebApp::Form

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, as well as Geoffrey Broadwell (who is to thank for the numerous Cro::WebSocket improvements).

0.8.2 §

This release contains a number of small fixes and improvements, as well as adding documentation comments to the most commonly used parts of Cro.

The following changes were made to the Cro::Core distribution:

Provide an encode-percents function that is optionally exported by Cro::Uri when the :encode-percents tag is used
Directly cover the decode-percents function in Cro::Uri in the tests
Add documentation comments to various types and routines

The following changes were made to the Cro::HTTP distribution:

Fix a memory leak in the HTTP/2 frame parser when using more recent Rakudo versions; the parser accidentally relied on an optimizer bug, which was fixed in Rakudo
Update the default TLS cipher list, restoring an SSL Labs rating of "A" out of the box
Add support for the SameSite cookie directive
No longer buffer the logs written by Cro::HTTP::Log::File by default; this avoids delayed or lost log output when there is not a TTY attached to the service
Add documentation comments to various types and routines

The following changes were made to the Cro::WebApp distribution:

Implement template conditionals directly using variables, like <?$foo>...</?> and <!$foo>...</!>
Support all of the Perl 6 string comparison operators
Add documentation comments to various types and routines

The following changes were made to the Cro distribution:

Don't hardcode the name perl6 for the executable, since that is both unportable and won't work well with those using a raku executable
Suggest next steps in the getting started documentation
Document the new encode-percents function in Cro::Uri
Various typo fixes

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: AnaTofuZ, Elizabeth Mattijsen, James Raspass, Jeremy Studer, Nick Logan, Patrick Böker.

0.8.1 §

This release brings a new distribution, Cro::WebApp, which is aimed at those who wish to use Cro to build server-side web applications that render dynamic content server-side (as opposed to Single Page Applications, where the backend consists almost entirely of a HTTP API called by a JavaScript application that runs in the browser). The distribution provides Cro::WebApp::Template, which is a templating engine that integrates neatly with Cro. We already have been using this successfully in production at Edument for many months.

Another interesting change in this release is integration with Log::Timeline, which allows visualization of Cro HTTP requests using Comma IDE (this feature is available in Comma Complete from 2019.5, and will be included in the Comma Community release 2019.7). The request visualization allows one to better understand the time taken in the request pipeline, as well as see parallel processing of requests. Further, this can be seen alongside any other Log::Timeline logging you place into your application.

Besides that, this release has numerous other bug fixes and improvements. There are no intended compatibility breaks with Cro 0.8.0.

The following changes were made to the Cro::Core distribution:

Ensure that the connection manager terminates all connection pipelines when the server is stopped; previously it did not keep track of the subscriptions properly

The following changes were made to the Cro::HTTP distribution:

Support adding cookies directly into Cro::HTTP::CookieJar
Add a static-resource response function, for serving content out of %?RESOURCES
Integrate Log::Timeline to provide insight into Cro HTTP pipelines
Fix a problem with handling of mutlipart/form-data bodies exposed by using them with OpenAPI validation
Don't leak top-level global symbols out of Cro::HTTP::Cookie; expose things with qualified names or as lexical exports instead
Tolerate missing spaces in cookie headers; some servers have bugs that produce such malformed cookie headers
Export route verbs like get and put as multi candidates, so we don't hide the put built-in, which may be used for debugging output
Correctly report which response function was used outside of a route block
Support latest version of JSON::Fast
Fix router tests on Windows
Fix a test that could fail in the absence of ALPN support
Fix possible issues if running tests in parallel
Eliminate use of v6.d.PREVIEW

The following changes were made to the Cro::WebSocket distribution:

Fix some cases where connection closed was not conveyed properly
Improve connection closed error reporting
Ensure that sending an unserializable value does not result in a silent failure
When reporting a crash in a WebSocket handler, note that's where it came from
Code cleanup in WebSocket client
Fix accidental reliance on a Rakudo optimizer bug in the WebSocket frame parser
Add tests to cover wss with a custom CA

The following changes were made to the Cro distribution:

Make the runner's file watching more robust
Document faking peer-host and peer-port in tests
Document directly adding to the cookie jar
Document Cro::HTTP::Request's connection method
Document Cro::MediaType
Note the need for a use statement in body parser and serializer examples
Assorted typo fixes in the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Clifton Wood, Elizabeth Mattijsen, Itsuki Toyota, Martin Barth, Olivier Mengué, Patrick Böker.

0.8.0 §

This release introduces a backwards-incompatible change to the HTTP router's middleware semantics, the new behavior resolving a common point of confusion when dealing with authorization middleware. The release also contains many other bug fixes and tweaks.

Before this release, middleware applied with before and after ran once a route was matched and after a request was processed by a matched route. This made it impossible to apply authentication middleware without an extra level of route/delegate, since the authentication and authorization is handled as part of route matching.

The previous behavior (applying middleware only to a route that has been matched) is preserved and renamed to before-matched and after-matched. Therefore, any code can be adapted by replacing calls to before to use before-matched, and replacing calls to after to after-matched.

The new before and after-applied middleware semantics result in a route block returning the Cro composition of the before components, followed by the route handler, followed by the after components - much as happens when applying middleware at the server level.

Further, all middleware application in a route block will apply to all routes inside of the block, not just those located textually after it as was the case before. This is trivially the case for before and after (there's no other way it could be, given the new semantics), but is also now the case with before-matched and after-matched

The following changes were made to the Cro::HTTP distribution:

New middleware semantics, as described above.
Fix handling of cookies with the expires property defined instead of max-age.
Properly set a Cro::HTTP::Request object to the request attribute of a HTTP response received with Cro::HTTP::Client. Also add a request method to the client exception types as a shortcut for getting the request object that resulted in an error.
Add new uri method to Cro::HTTP::Request which gives the full request URI. This is especially useful if the HTTP client followed a redirect and one wishes to know exactly what URI was fetched in the end.
Fix an exception in Cro::HTTP2::FrameParser related to data decoding of HTTP/2.0 frame.
Fix a bug that led to lowercasing of cookie values in HTTP/2.0. This in turn fixes usage of Cro::HTTP::Session::InMemory under HTTP/2.0.
Indicate with an exception situation when HTTP/2.0 client/server sends RST frame of stream that Cro server/client does not know about.
Fix cookie setting path.
Make session cookie be always set to / path, so now Cro session mechanism correctly updates cookie with a new session after the old one expires.
Use the Authorization header name instead of Auth in Cro::HTTP::Auth::WebToken::Bearer.
Fix compliance with the HTTP spec on the host header: now we append Host header when non-standard HTTP port (not 80 nor 443) is used.
Force use of Perl 6.d semantics in the HTTP client, which avoids various ways that it might end up working slowly due to eating too many real threads.
When a route fails to match with 400 or 401, and another route fails to match with a 405, prefer the 400 or 401 error.

The following changes were made to the Cro::WebSocket distribution:

Do a note of unhandled exceptions in WebSocket handlers, instead of silently losing them.

The following changes were made to the Cro distribution:

Document new router middleware semantics of Cro::HTTP::Router.
Make Cro::Tools::Template::HTTPService easier to inherit by changing $include-websocket specialised parameter into more generic %options one.
Fix indentation-related warning on Cro installation.
Add a multipart/form-data body handling example on Cro::HTTP::Router documentation page.
Add document on structuring larger services/apps with Cro.
Document request property of HTTP client exception.
Document using CRO_TRACE with the HTTP client.
Document uri method of Cro::HTTP::Request.
Fix a long-standing issue with instant restart of Cro service right after its start with cro run.
Issues with .cro.yml file are now reported to user when cro run is being used, instead of too generic service cannot be started message.
Consider case when .cro.yml file is created, but its content is not yet written, which could lead to an exception before.
Better document Cro::WebSocket::Client.
Indicate cause of a service restart to the user to make it easier to discover which files to ignore if getting unwanted restarts.

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Xliff, lukasvalle, Rod Taylor, Lance Wicks, Nick Logan.

0.7.6 §

This release contains a number of minor new features (better support for working with the less commonly used HTTP methods, and an ignore section in the .cro.yml file). It also contains numerous fixes and tweaks, as well as some documentation improvements.

The following changes were made to the Cro::Core distribution:

Allow a trailing ; in media types
Fix media type parse error on many-dot subtype

The following changes were made to the Cro::HTTP distribution:

Set default ciphers to Moz. Modern Compatibility
Do not provide a default randomized cookie name for the persistent session role, and instead give an error if the user does not set cookie-name. It's useless to keep sessions in a database if the cookie name changes on every application restart, but providing a hardcoded default is a platform fingerprinting risk. Making the user specify a cookie name is thus a better way forward.
Fix WWWUrlEncode body parser applicability test to use Cro::MediaType and so check more robustly (it used to do a string match on the header, and so would get confused by a charset parameter).
Fix static mime type handling on serving index files
Use original-target in Cro::HTTP::Log::File, so that delegated routes will produce the full request target in the logs
Provide allowed-methods on Cro::HTTP::Server in order to set the HTTP methods that will be accepted
Cro::HTTP::Router now exports a http sub, providing a more convenient way to write routes for some of the less widely used HTTP methods (or for implementing protocols based on HTTP)

The following changes were made to the Cro::WebSocket distribution:

Don't force the ca argument to be passed in order to use wss:// in Cro::WebSocket::Client
Force HTTP/1.1 use in Cro::WebSocket::Client (connecting to a secure endpoint hosted by a server supporting HTTP/2.0 could upgrade and then find itself unable to speak the WebSocket protocol, which is tied to HTTP/1.1)
Fix various issues with URI handling in Cro::WebSocket::Client
Provide more detailed trace output for WebSocket frames and messages

The following changes were made to the Cro distribution:

Remove bin/cro from the provides section of META6.json
Implement support for the env section in the .cro.yml file, so that additional environment variables can be provided at development time
Implement an ignore section in the .cro.yml file to ignore certain paths from being watched to decide to make a service restart
Fix dependencies of a generated ZeroMQ project
Clarify deployment documentation
Document new ignore support in .cro.yml
Document allowed-methods HTTP server option
Document new http sub for custom request methods in router
Text tweaks to HTTP client introduction text
Document custom HTTP methods in the client
Add a code example of .body in HTTP client docs
Various typo fixes in the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: cono, FCO, Fritz Zaucker, Lance Wicks, Moritz Lenz, Nick Logan.

0.7.5 §

This release brings two major new features:

The Cro::OpenAPI::RoutesFromDefinition module, which supports implementing services specified using an OpenAPI v3 document without needing to repeat the routes, validation, and so forth from the document. This work was funded by Nick Logan (ugexe). Three modules for wider Perl 6 use were produced and released as part of this work: JSON::Pointer, OpenAPI::Model, and OpenAPI::Schema::Validate.
The Cro::HTTP::Test module, which offers a convenient way to write tests for HTTP services. It is, of course, primarily aimed at those services built using Cro, but may also be provided with a URI as the test target rather than a Cro application, and thus can be used to write tests for any HTTP service. This work was funded by Oetiker+Partner.

The following changes were made to the Cro::Core distribution:

Add parse-relative and parse-ref to Cro::Uri, which parse a relative URI and a URI reference (either relative or absolute URI) respectively
Provide an add method to Cro::Uri, which implements relative URI reference resolution
When a Cro::Uri is constructed with an authority component but no host, parse the authority component
The Str method on Cro::Uri now assembles the string from the URI components, rather than depending on retaining the original URI

The following changes were made to the Cro::HTTP distribution:

Use the new Cro::Uri.add(...) method to implement the base-uri feature of Cro::HTTP::Client, making it vastly more correct
Make it possible to replace the Cro::HTTP::Client connector pipeline component when subclassing the client
Make :@query parameters in Cro::HTTP::Router reflect the original query string order

The following changes were made to the Cro::WebSocket distribution:

Make matching of the Upgrade header's value case-insensitive, so as to permit the WebSocket some servers send instead of websocket.

The following changes were made to the Cro distribution:

Add documentation for Cro::HTTP::Test
Add documentation for Cro::OpenAPI::RoutesFromDefinition
Document new features for Cro::Uri, as well as others that existed, but were missing from the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument. We would like to thank Nick Logan (ugexe) and Oetiker+Partner for supporting the key new features found in this release.

0.7.4 §

This release brings a number of new features, along with some bug fixes. The Cro team now provides Docker base images for aiding deployment of Cro services. The cro stub command also generates a Dockerfile that uses these base images, meaning stubbed services can be built into a container without any further work.

The following changes were made to the Cro::Core distribution:

Add relative URL parsing support to Cro::Uri
Add Cro::Iri, a class for parsing and working with Internationalized Resource Identifiers

The following changes were made to the Cro::HTTP distribution:

Make the static router function accept an IO::Path as the first (base directory) argument
Make the static router function slurp up the rest of its positional arguments and use them as the path below the base; previously, it took an optional array
Make the static router function support an :indexes[...] option, which configures files that should be served as a directory index
Switch to using the DateTime::Parse module instead of having our own such parser
Make Cro::HTTP::Router::RouteSet more subclass-friendly, by making a number of attributes public and exposing the Handler base role
Implement cookies option to Cro::HTTP::Client, for setting cookies to be sent with the request
Make Cro::HTTP::Client more tolerant of an SSL library with no ALPN support under default usage

The following changes were made to the Cro::WebSocket distribution:

Make Upgrade header matching case-insensitive

The following changes were made to the cro distribution:

Generate a Dockerfile in HTTP projects produced by cro stub
Provide Docker deployment documentation
Follow changes in Webpack 4.0 in the SPA tutorial
Make cro serve serve some common directory index files
Document new static features
Correct session example in documentation to do Cro::HTTP::Auth
Fix watch-dir test on OSX
Don't remove digits in environment variable names when mangling the service ID in cro stub
Write a .gitignore file as part of cro stub
Be a bit more liberal with runner test timeout, for slower systems

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Geoffrey Broadwell, Itsuki Toyota, Nick Logan, scriplit, Tobias Leich.

0.7.3 §

This release brings a range of new features, fixes, and improvements. The key new features include support for HTTP/2.0 push promises (both server side and client side), HTTP session support (which makes authentication/authorization far easier to handle), body parser/serialization support in WebSockets, and a UI for manipulating inter-service links in cro web.

Body parsing has been refactored with this release, the Cro::HTTP::BodyParser and Cro::HTTP::BodySerializer roles (and their related selector roles) now living in Cro::Core (as Cro::BodyParser and so forth). Further, various body-related infrastructure is in the new Cro::MessageWithBody role, which is used in both the HTTP and WebSocket message objects. This is the only intended backward-incompatible change in this release, and will only impact those who have written custom body parsers and serializers. Thankfully, the changes should be no more than simply deleting ::HTTP from the role names.

A more detailed summary of the changes follows.

The following changes were made to the Cro::Core distribution:

Lower default limit of binary blob trace output to 512 bytes
Add Cro::BodyParser, Cro::BodyParserSelector, Cro::BodySerializer, and Cro::BodySerializerSelector roles, based on those previously in the Cro::HTTP distribution
Add Cro::MessageWithBody role to factor out the commonalities of body handling between HTTP and WebSockets (and, in the future, ZeroMQ)

The following changes were made to the Cro::HTTP distribution:

Add auth attribute to Cro::HTTP::Request, which can be used to carry an "authority" object (session, authorization, etc.)
Support getting a request's auth into an initial route argument in the router
Implement Cro::HTTP::Session::InMemory middleware, for in-memory sessions
Provide a base role (Cro::HTTP::Session::Persistent) for implementing persistent sessions
Implement Cro::HTTP::Auth::Basic middleware
Implement JWT (JSON Web Token) authorization middleware
Implement support for HTTP/2.0 push promises, both client and server side
Correctly configure HTTPS for the HTTP/2.0 security profile when HTTP/2.0 is being used (improvements were contributed to the IO::Socket::Async::SSL module also)
Various fixes to HTTP/2.0 header handling (fixes were contributed to the HTTP::HPACK module also)
Correctly handle an empty HTTP/2.0 settings frame
Refactor to use the body parser and serializer infrastructure now in the Cro::Core distribution, and remove Cro::HTTP::BodyParser, Cro::HTTP::BodySerializer, and related roles

The following changes were made to the Cro::WebSocket distribution:

Refactor to support body parsers and serializers, both client and server side
Add JSON body parser and serializer for WebSockets
Add :json option to web-socket router plug-in and Cro::WebSocket::Client as a shortcut to use the JSON body parser and serializer
Fix a data race between the frame and message parser due to failing to create fresh frame objects
Run WebSocket message handlers asynchronously, to avoid blocking on await of a fragmented message body
Address an unreliable test

The following changes were made to the cro distribution:

Refactor HTTP application templates for easier extensibility
Add a cro stub template for React/Redux Single Page Applications
Implement adding and editing inter-service links in the cro web UI
Workaround for a concurrency bug in YAML parsing, which caused tests (and, less often, cro run) to occasionally fail
Numerous documentation updates to cover the changes in this release

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument. The cro stub changes (including the React/Redux stub) are thanks to Geoffrey Broadwell.

0.7.2 §

This release brings a number of new features making it easier to create and consume HTTP middleware, as well as support for middleware at a route block level. In tooling, the cro web tool now supports adding inter-service links when stubbing, and there are improvements for those writing templates for use with cro stub. Read on for details of the full set of improvements.

The following changes were made to the Cro::Core distribution:

Factor out trace output repeated code
Avoid trace output throwing exceptions on Windows

The following changes were made to the Cro::HTTP distribution:

Add Cro::HTTP::Middleware module, with a range of roles to simplify the implementation of middleware. These include Conditional (for request middleware that may wish to send an early response) and RequestResponse (for middleware interested in both requests and responses).
Support before and after in route blocks taking a block argument for writing simple inline middleware, together with support for before middleware to itself produce a response
Pass named arguments to the / route in Cro::HTTP::Router
Fix Cro::HTTP::Client handling of the http-only flag on cookies
Add the PATCH HTTP method to the default set of those accepted by the request parser, add a patch method to Cro::HTTP::Client, and a patch function to Cro::HTTP::Router

The following changes were made to the cro distribution:

Support creation of inter-service links when stubbing a service in the Cro web tool
Allow F5 to work in the Cro web tool even after navigating to other pages
Introduce the Cro::Tools::Template::Common role to factor out many common tasks between stub templates, and use it
Make existing templates more possible to subclass, to ease adding further stubbing templates
Fix HTTPS service stub generation
Document new Cro::HTTP middleware features
Document client and router support for the HTTP PATCH method
A range of typo and layout fixes across the documentation

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: dakkar, Geoffrey Broadwell, James Raspass, Michal Jurosz, Timo Paulssen, vendethiel.

0.7.1 §

This is the second public BETA release of Cro, and the first to be distributed on CPAN. While this doesn't change how you will install Cro, it does provide the safety of installing a version we've vetted rather than the latest development commits. This release contains numerous improvements, including new features, bug fixes, and better documentation.

The following changes were made to the Cro::Core distribution:

Improve message tracing API and output, showing hex dump style output for binary data
Provide a mode for machine-readable trace output
Always flush handle after producing trace output
Add a workaround for a CLOSE phaser bug

The Cro::SSL distribution is deprecated in favor of Cro::TLS. In Cro::TLS, the following changes were made:

Eliminate a workaround for an older IO::Socket::Async::SSL bug
The tests no longer assume the availability of an OpenSSL version with ALPN
Add a workaround for a CLOSE phaser bug

Furthermore, the Cro team contributed bug fixes to IO::Socket::Async::SSL.

The following changes were made to the Cro::HTTP distribution:

Cro::HTTP::Router * Reply with 204 instead of dying when no status is set * Implement include * Implement delegate, with HTTP requests now carrying both the original-target and having a relative target * Properly handle % sequences in URL segments in HTTP router * Partial implementation of per-route-block middleware (before and after)
Cro::HTTP::Client * Fix an HTTP/1.1 vs HTTP/2.0 detection bug * Remove unused attributes in HTTP client internals * Fix client to pass on the query string in the target URI * Implement base-uri constructor argument, which will be prepended to all requests made with that client instance * Various fixes to HTTPS requests * Fix hang in HTTP client on unexpected connection close
HTTP/2.0 support fixes and improvements * Answer HTTP/2.0 pings * Don't try to negotiate HTTP/2.0 if ALPN is unavailable * Don't run HTTP/2.0 tests without ALPN * Don't rely on new HTTP/2.0 streams opening in order * Fix a couple of occasional hangs in the HTTP/2.0 client * Implement window size handling in HTTP/2.0
General * Correct misspelled body serializer class names * Implement new trace-output API for better trace output * Fix missing JSON::Fast dependency * Use Cro::TLS instead of Cro::SSL * Make urlencoded and multipart bodies associative, so they can be hash-indexed * Avoid port conflicts in parallel test runs

The following changes were made to the cro distribution:

cro tool * Add cro web, which launches a web frontend that can perform most of the tasks that the command line interface can * Implemented tools for working with inter-service links, including link templates and the new cro link sub-command * Make cro run inject environment variables with host/port for linked services * Implement cro services command to inspect known services * Output service STDOUT on runner's STDOUT, not STDERR * Layout tweaks to trace output * Correct HTTP service stub's .cro.yml generation * Default to "no" for HTTPS in HTTP service stub * Disarm any Failure found in template locator, avoiding a lot of noise
Documentation improvements * Add a getting started page * Add a tutorial showing how to build a single page application using Cro and React/Redux * Clarify parser/serializer passing * Document new include, delegate, before, and after functions in the HTTP router * Fix created example * Add example of body byte stream use in HTTP client * Clear up some confusions in cro-tool docs * Correct method name in example for header-list * Try to organize the docs in the index a bit better * Fix many typos and various formatting errors
Other * Harden tests against potential hangs

This release was contributed to by Alexander Kiryuhin and Jonathan Worthington from Edument, together with the following community members: Alexander Hartmaier, Alex Chen, Curt Tilmes, Kai Carver, Karl Rune Nilsen, MasterDuke17, Nick Logan, Salve J. Nilsen, Simon Proctor, Steve Mynott, and Tom Browder.

0.7.0 §

This was the first public BETA release of Cro.