Bumps [rustls](https://github.com/rustls/rustls) from 0.23.5 to 0.23.6.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="06dc1d540c"><code>06dc1d5</code></a>
deps: update cargo semver compatible deps</li>
<li><a
href="252b5d360b"><code>252b5d3</code></a>
Prepare 0.23.6</li>
<li><a
href="55890f0ee6"><code>55890f0</code></a>
Test for junk in unbuffered input after <code>close_notify</code></li>
<li><a
href="972da7ff71"><code>972da7f</code></a>
Test app data after <code>close_notify</code> is ignored</li>
<li><a
href="424bb317ea"><code>424bb31</code></a>
Test for junk in deframer buffer after <code>close_notify</code></li>
<li><a
href="749121a976"><code>749121a</code></a>
Ignore data appearing after <code>close_notify</code></li>
<li><a
href="ef024342d1"><code>ef02434</code></a>
Deduplicate Reader state checks</li>
<li><a
href="ccb352c075"><code>ccb352c</code></a>
Linearize Reader::read() and read_buf()</li>
<li><a
href="27d81e01e8"><code>27d81e0</code></a>
Warn on lints, don't deny</li>
<li><a
href="f214df9826"><code>f214df9</code></a>
bogo: fix config rewriting when cpp is clang</li>
<li>Additional commits viewable in <a
href="https://github.com/rustls/rustls/compare/v/0.23.5...v/0.23.6">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustls&package-manager=cargo&previous-version=0.23.5&new-version=0.23.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.4 to 0.23.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="14cb5d2eac"><code>14cb5d2</code></a>
Prepare 0.23.5</li>
<li><a
href="6e938bcfe8"><code>6e938bc</code></a>
complete_io: bail out if progress is impossible</li>
<li><a
href="2123576840"><code>2123576</code></a>
Regression test for <code>complete_io</code> infinite loop bug</li>
<li><a
href="f45664fbde"><code>f45664f</code></a>
Don't specially handle unauthenticated close_notify alerts</li>
<li><a
href="1f5146cdfa"><code>1f5146c</code></a>
docs: update SECURITY example</li>
<li><a
href="5ea02ed56f"><code>5ea02ed</code></a>
Return <code>Option</code> from <code>handshake_kind()</code></li>
<li><a
href="d2e1e668aa"><code>d2e1e66</code></a>
bogo: verify expected handshake kind</li>
<li><a
href="d8a2ae040c"><code>d8a2ae0</code></a>
Add API exposing shape of the performed handshake</li>
<li><a
href="740ca41773"><code>740ca41</code></a>
tests/api.rs: reformat</li>
<li><a
href="5ed2c9739d"><code>5ed2c97</code></a>
deps: update cargo semver compatible deps</li>
<li>Additional commits viewable in <a
href="https://github.com/rustls/rustls/compare/v/0.23.4...v/0.23.5">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustls&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/martin/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Install `nasm` when running CI on Windows (required by rustls new
faster crypto-provider)
* In integration testing, wrap connection in mutex due to `rstest` now
requiring `once` fixtures to be `Sync`
* Upgrade to Brotli v4, and disable FFI due to compilation conflict
Bumps [pbf_font_tools](https://github.com/stadiamaps/sdf_font_tools)
from 2.5.0 to 2.5.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stadiamaps/sdf_font_tools/releases">pbf_font_tools's
releases</a>.</em></p>
<blockquote>
<h2>tools-v2.5.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Housekeeping by <a
href="https://github.com/ianthetechie"><code>@ianthetechie</code></a>
in <a
href="https://redirect.github.com/stadiamaps/sdf_font_tools/pull/17">stadiamaps/sdf_font_tools#17</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stadiamaps/sdf_font_tools/compare/cli-v1.4.1...sdf-v1.0.1">https://github.com/stadiamaps/sdf_font_tools/compare/cli-v1.4.1...sdf-v1.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="011f994a59"><code>011f994</code></a>
Housekeeping (<a
href="https://redirect.github.com/stadiamaps/sdf_font_tools/issues/17">#17</a>)</li>
<li><a
href="97c5634b8e"><code>97c5634</code></a>
Fix CI issues round 2</li>
<li>See full diff in <a
href="https://github.com/stadiamaps/sdf_font_tools/compare/tools-v2.5.0...tools-v2.5.1">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pbf_font_tools&package-manager=cargo&previous-version=2.5.0&new-version=2.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This adds the lambda-web crate to adapt the actix App to speak to Lambda
by way of the lambda_runtime crate.
AWS Lambda has native support for scripting languages to
execute a function directly; compiled languages must embed a runtime to
fetch incoming events from Lambda and post the responses. This detects
the environment variables to start up in Lambda mode instead of the
normal HTTP server, and is added as an optional feature.
Lambda has five (!) distinct ways of routing HTTP requests to a
function; this supports some of them. (Specifically, the most obvious
way to do this is with a Function URL, which is newest and simplest, and
perhaps with CloudFront, which speaks to the Function URL and not Lambda
directly.)
The error handling could probably be refined, I was just trying to get
this to compile.
(Supported: API Gateway HTTP API with payload format version 2.0; API
Gateway REST API; Lambda function URLs / Not supported: API Gateway HTTP
API with payload format version 1.0; Application Load Balancer)
Necessary for #1102 to be able to run the released packages directly,
and only having to configure the appropriate environment.
---------
Co-authored-by: Yuri Astrakhan <yuriastrakhan@gmail.com>
Require SQLite v3.44+ ORDER BY clause inside aggregate function instead
of the windowing one - might solve out of memory issues reported by
users - see #1154
* Make it possible to have configuration specific to the file-based
config sections: pmtiles, mbtiles, and sprites.
* Implement PMTiles directory cache shared between all pmtiles (both
http and local), with configurable max cache size (in MB), or 0 to
disable. Defaults to 32MB (?)
* PMTiles now share web client instance, which optimizes connection
reuse in case multiple pmtiles reside on the same host
* Major refactoring to allow modular reuse, enabling the following build
features:
* **postgres** - enable PostgreSQL/PostGIS tile sources
* **pmtiles** - enable PMTile tile sources
* **mbtiles** - enable MBTile tile sources
* **fonts** - enable font sources
* **sprites** - enable sprite sources
* Use justfile in the CI
Fixes#1093
* `mbtiles update` now allows different types of zoom updates - reset to
content, grow only, or skip (dry run)
* `martin-cp` will now update (grow-only) metadata zooms
Addresses a few concerns in the #1081
PMTiles is a web-optimized format, allowing the actual file to be read
with HTTP range requests. Supporting this use case instantly allows
Martin to function as a lambda executable accessing PMTiles, but without
any significant investment into devops or hosting large file.
PMTiles config now also allows `http` and `https` protocol.
```
# Publish PMTiles files
pmtiles:
paths:
# specific pmtiles file will be published as mypmtiles source
# (use last portion of the URL without extension)
- http://example.org/path/to/mypmtiles.pmtiles
sources:
# named source matching source name to a single file
pm-src1: https://example.org/path/to/some_pmtiles.pmtiles
```
fixes#884
---------
Co-authored-by: Kyle Slugg-Urbino <35903887+kyleslugg@users.noreply.github.com>
This adds a new utility called `martin-cp` that allows copying any
number of tiles from a single source (or a composite source) to an
mbtiles file.
`martin-cp` is a tool for generating tiles in bulk, and save retrieved
tiles into a new or an existing MBTiles file. It can be used to generate
tiles for a large area or multiple areas. If multiple areas overlap, it
will generate tiles only once. `martin-cp` supports the same
configuration file and CLI arguments as Martin server, so it can support
all sources and even combining sources.
# MBTiles
* New `--agg-hash (update|verify|off)` flag replaces
`--update-agg-tiles-hash` (still supported, but not shown in the help
screen). This allows bypassing aggregate hash validation entirely,
without either updating or validating it.
* Simplify MBTiles SQL generation
* MBTiles now uses faster `1 << zoom` everywhere, and a dedicated TMS
inversion fn
* split up metadata insert and delete into separate fn
* consolidated schema initialization
* ensure db settings (like pragma) are always reset on new files
# Other
* Always sort JSON-serialized keys for consistency
* this affects `/catalog` key ordering, but content is the same
* Minor code cleanup
- Add separators to long literal.
- Use first() instead of get(0)
- Move some SQL-making code to their own functions
- Minor mathematics and rounding cleanup
---------
Co-authored-by: Yuri Astrakhan <YuriAstrakhan@gmail.com>
This implements dynamic font protobuf generation, allowing users to
request font ranges on the fly, and combining them in any order, e.g.
`Font1,Font2,Font3`, same as with sprites and tiles
This is a first iteration, without any multithreading support. In
theory, this could be done far faster by generating SDFs with multiple
threads.
### Current process
* during init, figure out all glyphs available in each font, and store
them as a bitset
* during request:
* combine requested bitsets to figure out which glyph should come from
which font file
* load those glyphs from files (using a single instance of the freetype
lib)
* convert them to SDFs and package them into a protobuf
---------
Co-authored-by: Lucas <zhangyijunmetro@hotmail.com>
* Fix metadata copying
* Introduce a new metadata field `agg_tiles_hash_after_apply` for diff
files
* Added a lot of new info and debug logging
* Simplified Copying interface - not much value in having all the
complex builder pattern here it seems, might as well use a simple
object.
## Testing
* Generate SQLite DBs in memory on the fly to validate just what we need
* Use `insta` for validating DB content
There is now a function `dump(connection) -> Vec<Entry>` to dump the
content of the entire SQLite DB into text with `serde`. At many steps
through the testing, the DB content is validated with the corresponding
.snap file with `insta` crate (which makes this process mega-simple,
including a simple way to "bless" (update) any changes).
## Discovered bugs
* Seems like normalized files do not get copied properly - they contain
extras that should be removed.
* Rename `TileCopierOptions` -> `TileCopier`
* remove a few un-needed sqlite open to detect mbtiles type
* move `open_and_detect_type` to `MBTiles`
* add `attach_to` to `MBTiles`
* move various table creation fn to mbtiles_queries file
* a few sql format
Bumps [json-patch](https://github.com/idubrov/json-patch) from 1.0.0 to
1.1.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="50a220ab4d"><code>50a220a</code></a>
chore: Release json-patch version 1.1.0</li>
<li><a
href="d3a5a121bb"><code>d3a5a12</code></a>
fix: tests and suggestion</li>
<li><a
href="227dd997c3"><code>227dd99</code></a>
refactor: do not use recursion but keep a stack</li>
<li><a
href="670981783d"><code>6709817</code></a>
Updating codecov and fixing the test.</li>
<li><a
href="0e1f7aab17"><code>0e1f7aa</code></a>
Use utoipa support for serde_json::Value</li>
<li>See full diff in <a
href="https://github.com/idubrov/json-patch/compare/v1.0.0...v1.1.0">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json-patch&package-manager=cargo&previous-version=1.0.0&new-version=1.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>