Matthew Gumport

This commit **enhances** the `pingora-proxy`'s **subrequest piping mechanism** by exposing more detailed outcomes. It modifies the `PipeSubrequestState` structure in `pipe.rs` to include `header_received` and `join_handle` fields, allowing callers of `pipe_subrequest` to distinguish successful subrequests from silent failures or truncated responses. This **new capability** provides a `join_handle` that enables callers to await post-response cleanup tasks, such as **cache writes and logging**, before issuing further subrequests. This significantly improves control, reliability, and resource management for subrequest processing.

This commit **exposes** the `content_type` field within the `MultiRangeInfo` struct in the **`pingora-proxy`** crate by changing its visibility to public. This **feature enhancement** allows other modules or external consumers to directly access the content type information associated with multi-range HTTP requests. The change primarily affects the **proxy caching** and serving logic, providing greater introspection into range-based data. This enables more informed processing and decision-making based on the specific content type of partial responses.

This commit introduces a **new feature** to `pingora-core` that allows explicit configuration of TCP send (`SO_SNDBUF`) and receive (`SO_RCVBUF`) buffer sizes. It enhances the **network listener configuration** by adding these as optional settings to `TcpSocketOptions`, which are then applied to accepted streams alongside existing options. This provides users with greater control over **memory consumption** and network performance, enabling them to override potentially aggressive default OS auto-tuning. The implementation includes adding these options to `pingora-core/src/listeners/l4.rs` and a new `set_snd_buf` function in `pingora-core/src/protocols/l4/ext.rs`.

This commit **fixes a flaky test** within the **`pingora-proxy`** module's **test suite**. It modifies the **cache lock timing test** in `pingora-proxy/tests/test_upstream.rs` to use a **relative assertion** (lock time less than half of total request time) instead of absolute time bounds. This **maintenance** change prevents test failures caused by **CI timing jitter**, making the test suite more robust and reliable without altering the core proxy functionality.

This commit **fixes** an issue within the **`pingora-proxy`** crate by **stripping `Content-Encoding` and `Transfer-Encoding` headers from 416 (Range Not Satisfiable) responses**. This **maintenance** task ensures **HTTP compliance** and consistent header handling, aligning 416 response behavior with the existing logic for 304 Not Modified responses. The change primarily affects the `range_header_filter` within `pingora-proxy/src/proxy_cache.rs`, preventing clients from misinterpreting encoding headers on responses that inherently lack content.

This commit introduces a **bug fix** within the **`pingora-proxy`** module, specifically enhancing the **`proxy_cache`**'s HTTP range header parsing. Previously, the `parse_range_header` function incorrectly treated `"bytes="` as `RangeType::None`, implying no range request. Now, it correctly identifies such headers as **invalid** (`RangeType::Invalid`) by adding an early check for an empty or whitespace-only range-set after the `bytes=` prefix. This change aligns the proxy's behavior with RFC 9110, ensuring that requests with an empty `bytes=` range header correctly result in a 416 "Range Not Satisfiable" response, improving **HTTP compliance** and **error handling**.

This commit **refactors** the **`pingora-proxy` crate** by **removing the default implementation for `cache_key_callback`** from the `ProxyHttp` trait. This change ensures that any component utilizing the `ProxyHttp` trait for caching purposes must now **explicitly define its cache key generation logic**, preventing reliance on an implicit and potentially unsafe default. Consequently, this **improves the robustness and web standards compliance** of caching implementations by requiring an intentional decision about what constitutes a cache key. A test utility was updated to provide a concrete implementation for `cache_key_callback` to align with this new requirement.

This commit introduces a **subrequest piping mechanism** within **`pingora-proxy`** and **`pingora-core`**, allowing subrequests to directly stream request bodies and write response tasks, effectively treating them as a "pipe." This **new capability** establishes a dedicated state machine for managing the subrequest's lifecycle and data flow. A key enhancement is the implementation of **error propagation**, ensuring that downstream proxy failures are correctly relayed to the subrequest pipe via new `on_proxy_failure` methods in the HTTP server and subrequest session components. Furthermore, it enables subrequests to accept a **preset input body**, facilitating the reuse of captured session bodies for chained subrequests and improving flexibility in complex request processing.

This commit **updates the configuration of the `bleeper` tool** to **ignore the `gitlab-ci.yml` file**. This **maintenance change** ensures that `bleeper` will no longer process or track changes within the project's GitLab CI/CD pipeline definition. By excluding `gitlab-ci.yml` from `bleeper`'s scope, the commit streamlines the tool's operation by preventing it from analyzing irrelevant CI/CD configuration updates. The `.bleep` configuration file is updated to reflect this new exclusion rule.

This commit **refactors** the `pingora-core` library to **fix a visibility lint** within the `rustls` TLS connector. It makes the `VerificationMode` enum **public** in `pingora-core/src/connectors/tls/rustls/mod.rs` and adds `#[allow(dead_code)]` to its `Full` variant. This **maintenance** change addresses a linting warning that arose because the enum was returned by a public function while its `Full` variant was never directly constructed. The adjustment improves code hygiene and lint compliance for the **`pingora-core` TLS connector** without altering its runtime behavior or functionality.

This commit **deflakes a flaky test** within the **`pingora-proxy` test suite** by increasing the data volume used in a download timeout scenario. The `test_download_timeout` in `pingora-proxy/tests/test_upstream.rs` is updated to leverage a new `/download_large/` endpoint. This endpoint, added to the test `nginx.conf`, serves a 128MB response to simulate larger data transfers more effectively. This **test maintenance** ensures the reliability of the CI pipeline by preventing intermittent failures related to download timeouts, improving the overall stability of the **`pingora-proxy` testing infrastructure**.

This commit significantly **improves the project's documentation quality** by introducing a new `make` target that builds the documentation and enforces a strict policy of treating all warnings as errors. As part of this **documentation enhancement**, several pre-existing warnings have been addressed across key modules. Specifically, it **corrects type references** in `pingora-core`, **updates URL formats** in `pingora-limits`, and **refines cross-reference syntax** in `pingora-proxy`. This **maintenance work** ensures the documentation is accurate, consistent, and free of build-time issues, promoting better understanding for developers.

This commit introduces **enhanced tracing** for the **`pingora-cache` API**, specifically during cache put operations. It adds a new `trace_header` method to `CachePut` and `CachePutCtx` in `pingora-cache/src/put.rs` to log response headers and generated cache metadata to the parent span during `put_header` calls. A new helper function, `tag_span_with_meta`, is also introduced in `pingora-cache/src/trace.rs` to standardize the tagging of tracing spans with cache metadata. This **new capability** significantly improves the **observability** of cache behavior and metadata generation within the system.

This commit **enhances the `pingora-proxy` crate** by **increasing the visibility** of components related to multi-range item handling. It **exports the `MultiRangeInfo` type** from the `proxy_cache::range_filter` module and makes the `calculate_multipart_length` function public within the `proxy_cache` subsystem. This **feature enhancement** allows other modules or external consumers to directly access and utilize multi-range item information and the logic for calculating multipart lengths. Consequently, this enables more flexible and integrated handling of HTTP range requests within the proxy.

This commit performs **maintenance updates** to the project's build infrastructure. It **updates the Minimum Supported Rust Version (MSRV)** and the specific Rust toolchain versions utilized within the **GitHub Actions CI/CD workflow**, as configured in `.github/workflows/build.yml`. Additionally, the hash value in the `.bleep` file is adjusted, likely to align with these updated build environment parameters. This ensures that all automated builds consistently run against the intended Rust versions, enhancing **build reliability and compatibility** across the project.

This commit **improves the stability and reproducibility of the CI/CD pipeline** by adding the `--locked` flag to the `cargo install cargo-audit` command in the **GitHub Actions build workflow**. This **maintenance change** ensures that the `cargo-audit` tool is installed using the exact dependency versions specified in its `Cargo.lock` file, preventing unexpected dependency updates during CI runs. The modification to `.github/workflows/build.yml` specifically impacts the **build and security scanning process**, making the installation of this critical tool more robust and predictable across different environments.

This commit introduces a **bug fix** to the **`pingora-proxy`'s caching mechanism**, specifically addressing an issue where the system might attempt to fill the cache even after a `cache_miss` hook has disabled caching for a session. The **proxy's cache handling logic** in `proxy_cache.rs` is updated to explicitly check for cache enablement *after* the `cache_miss` callback, preventing unnecessary or incorrect cache filling operations. This change improves the **robustness and correctness** of the proxy's caching behavior, with updated documentation for the `cache_miss` trait method in `proxy_trait.rs` reflecting this new safeguard.

This commit **refactors** the **`pingora-cache`** module by adding the `Send` and `Sync` auto traits to the `EvictionManager` trait definition in `pingora-cache/src/eviction/mod.rs`. This crucial change enables implementations of the `EvictionManager` to be safely used and shared across multiple threads. The primary impact is to facilitate **concurrent operations** within the cache's eviction logic, enhancing its flexibility and potential performance in multi-threaded environments.

This commit introduces a **new capability** within the **`pingora-cache`** module, enabling users to **override default cache lock timeouts**. It achieves this by adding a `CacheOptionOverrides` struct, which can now be passed to `HttpCache::enable` and `HttpCache::set_cache_lock` to specify a custom wait timeout for cache acquisition. This change involves **refactoring** the underlying cache lock management, removing direct `wait_timeout` parameters from `CacheLock` constructors for a more centralized configuration approach. The update provides greater flexibility in tuning cache concurrency and performance, with corresponding test updates reflecting the new configuration method.

This commit **refactors** the **`pingora-cache`** crate by converting duration-related members within the `InterpretCacheControl` trait and associated structures from raw `u32` integers to the more robust `std::Duration` type. This change primarily affects **cache control interpretation**, **filtering logic**, and **metadata handling**, improving **type safety** and clarity for time-based calculations. The update propagates through various functions, tests, and traits, ensuring consistent use of `Duration` for concepts like `fresh_duration` and `serve_stale_while_revalidate_duration`. This **internal improvement** enhances the reliability and maintainability of the caching subsystem's time-sensitive operations.