2
0
Fork 0
mirror of https://git.asonix.dog/asonix/pict-rs synced 2024-12-22 19:31:35 +00:00
pict-rs/releases/0.5.17-pre.1.md

47 lines
1.9 KiB
Markdown
Raw Permalink Normal View History

2024-06-24 22:10:13 +00:00
# pict-rs 0.5.17-pre.1
pict-rs is a simple image hosting microservice, designed to handle storing and retrieving images,
animations, and videos, as well as providing basic image processing functionality.
## Overview
pict-rs 0.5.17-pre.1 is a dependency upgrade release. The primary change is the object storage
implementation has been swapped from rusty-s3 with custom reqwest code, to an off-the-shelf option
called object_store. Because this change is significant and might not fully respect existing
configurations, I've decided to put out a prerelease.
### Changes
- [Object Storage Rewrite](#object-storage-rewrite)
- [Dependency Upgrades](#dependency-upgrades)
## Upgrade Notes
The object storage backend has been rewritten since 0.5.16, and existing configurations are not
guaranteed to work. If this release breaks your setup, please let me know.
## Descriptions
### Object Storage Rewrite
In order to improve compatibility with existing implementations, and reduce maintenance burden, most
of the object-storage code has been removed in favor of using an off-the-shelf library. The
underlying technologies are largely the same as the previous implementation, so the impact on
pict-rs' dependency tree is minimal.
That said, object_store enforces the use of rustls-native-tls with reqwest, which could potentially
cause issues in some environments. If this change breaks anyone I will work with upstream to resolve
this.
### Dependency Upgrades
Outside of the object storage changes, various dependencies have been updated to their latest
versions. Notably, reqwest 0.12.5 removes the last dependency on rustls 0.22, allowing pict-rs to
fully migrate to rustls 0.23. Additionally, pict-rs has dropped aws-lc-rs in favor of ring after the
previous release which introduced aws-lc-rs. My reasoning is that the new object_store dependency
pulls in ring anyway and there's no real reason to have two crypto providers in the same
application.