🔥 rust-lang / rust-analyzer - A Rust compiler front-end for IDEs
GitHub热门项目 | A Rust compiler front-end for IDEs | Stars: 16,534 | 10 stars today | 语言: Rust
找到 277 篇相关文章
GitHub热门项目 | A Rust compiler front-end for IDEs | Stars: 16,534 | 10 stars today | 语言: Rust
GitHub热门项目 | Open source, composable payments platform | PCI compliant | SaaS and Self-host options | Enables connectivity to multiple payment, payout, fraud, vault and tokenization providers | Uplifts authorization with intelligent routing and revenue recovery | Reduce payment processing costs with cost observability | Reduces payment ops with reconciliation | Stars: 42,898 | 50 stars today | 语言: Rust
Most developers never have to design a network protocol from scratch. You use HTTP, gRPC, WebSockets, or something else that already exists and has been debugged by thousands of people over many years. That is the right call for most situations. I did not take that path when building Vaylix, a key-value database engine. I designed a custom binary protocol called VTP2, and the process taught me things about networking that I would not have picked up any other way. This is not an argument that you should also build a custom protocol. For most things, you should not. This is an honest account of what I ran into. Why not HTTP The first question anyone reasonably asks is: why not just use HTTP? HTTP is everywhere. The tooling is excellent. Every language has a client. Debugging with curl is trivial. If I had used HTTP, I would have had working client libraries in a dozen languages before writing a single line of server code. The problem is that HTTP is stateless by design. Every request is independent. Every request carries headers. Every response carries headers. The model assumes that each round trip is a fresh conversation with no memory of what came before. A database session is the opposite of that. A client connects, authenticates, and then issues many commands over the same connection. The authentication should happen once. The session should carry state. Pipelining requests without waiting for each response to return should be natural, not something you fight the protocol to achieve. HTTP/2 closes some of this gap. But using HTTP/2 correctly for a stateful session model involves working against the grain of what HTTP was designed for. I would have been spending a lot of time on infrastructure that exists to make HTTP behave less like HTTP. The other issue is overhead. HTTP headers are verbose. For small key-value operations, the headers can easily exceed the payload. That felt wrong for something designed to be a tight operational data store. So I went with TCP d
Introduction and Background The Rust ecosystem, celebrated for its memory safety and performance, relies heavily on crates —its package management system. These crates, hosted on the crates.io registry, are the building blocks of Rust projects, enabling developers to share and reuse code efficiently. However, this convenience comes with a hidden cost: a single compromised crate can cascade into a full-blown supply chain attack, as recently demonstrated by the 'onering' crate compromise . The Role of Crates in the Rust Ecosystem Crates serve as the backbone of Rust's dependency system. When a developer adds a crate to their project, Cargo , Rust's package manager, automatically resolves and includes all transitive dependencies. This mechanism, while streamlining development, amplifies the attack surface . A malicious crate, like 'onering', can propagate through multiple projects, executing harmful code during build or runtime. The attack on 'onering' exploited this very mechanism, leveraging the trust inherent in the Rust ecosystem to exfiltrate sensitive code from unsuspecting systems. The 'onering' Compromise: A Case Study in Supply Chain Vulnerability The 'onering' crate was compromised through a malicious code injection during an upload or update. This injection bypassed the insufficient security measures of the crates.io registry, which lacks robust checks for uploaded crates. Once deployed, the malicious code executed during the build process, exfiltrating sensitive data from systems that depended on it. The attack's success underscores the lack of developer vigilance regarding supply chain security and the overreliance on registry integrity . Systemic Failures and Their Mechanisms Insufficient Security Scanning: The crates.io registry failed to detect the malicious code during upload due to limited automated scanning capabilities . This allowed the compromised crate to enter the ecosystem undetected. Overreliance on Registry Security: Developers often trust cr
Every backend project I've worked on eventually hits the same wall. You start clean — one service, simple routes, everything works. Then slowly the requirements creep in. "We need rate limiting." "Can we add auth middleware?" "What happens when the user service goes down — does it take everything else with it?" You either bolt these things onto every service individually, copy-paste the same middleware across projects, or pay for a managed gateway like Kong or AWS API Gateway and hope it does what you need. I wanted to actually understand how these things work under the hood. So I'm building one — and this is what I've learned so far. What is Ferrox? Ferrox is a self-hosted, programmable API gateway written entirely in Rust. It sits in front of your backend services and handles everything a production system needs in one place: Dynamic routing — point any path prefix to any upstream service Authentication — JWT and API key validation on protected routes Rate limiting — Redis-backed per-IP and per-API-key limiting Circuit breaking — stops hammering a dead upstream service Response caching — Redis-backed TTL cache per route Real-time observability — WebSocket dashboard with live request stats Prometheus metrics — plug straight into Grafana The idea is simple. Instead of this: Client → Service A (has its own auth, rate limiting, logging) Client → Service B (has its own auth, rate limiting, logging) Client → Service C (has its own auth, rate limiting, logging) You get this: Client | v FERROX (auth, rate limiting, circuit breaking, logging — once) | +--------+--------+ | | | Svc A Svc B Svc C (clean) (clean) (clean) Your services stay clean. Ferrox handles the cross-cutting concerns. Why Rust? Honest answer — I already knew Rust from my backend work. But for a gateway specifically, it felt like the obvious choice. A gateway sits on the critical path of every single request. Every millisecond of latency it adds is latency your users feel. You need predictable performance
GitHub热门项目 | All-in-one Mail & Collaboration server. Secure, scalable and fluent in every protocol (IMAP, JMAP, SMTP, CalDAV, CardDAV, WebDAV). | Stars: 13,123 | 17 stars today | 语言: Rust
GitHub热门项目 | Low-level cross-platform audio I/O library in Rust | Stars: 3,797 | 3 stars today | 语言: Rust
GitHub热门项目 | ☄🌌️ The minimal, blazing-fast, and infinitely customizable prompt for any shell! | Stars: 58,253 | 99 stars today | 语言: Rust
GitHub热门项目 | ✨ Making your shell magical | Stars: 30,170 | 56 stars today | 语言: Rust
GitHub热门项目 | Search infrastructure for AI | Stars: 28,350 | 48 stars today | 语言: Rust
GitHub热门项目 | A minimal, secure Python interpreter written in Rust for use by AI | Stars: 7,519 | 165 stars today | 语言: Rust
GitHub热门项目 | An extremely fast Python linter and code formatter, written in Rust. | Stars: 47,898 | 17 stars today | 语言: Rust
GitHub热门项目 | 📊 Cube Core is open-source semantic layer for AI, BI and embedded analytics | Stars: 20,120 | 8 stars today | 语言: Rust
GitHub热门项目 | Semantic version control => entity-level diffs, blame, and impact analysis on top of git. 26 languages via tree-sitter. Built for coding agents. | Stars: 2,526 | 149 stars today | 语言: Rust
GitHub热门项目 | 아래한글 hwp viewer and editor by rust and wasm | Stars: 3,298 | 12 stars today | 语言: Rust
GitHub热门项目 | A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Linux guests, device offload with vhost-user and a minimal compact footprint. Written in Rust with a strong focus on security. | Stars: 5,755 | 9 stars today | 语言: Rust
GitHub热门项目 | Static analysis for GitHub Actions | Stars: 5,558 | 21 stars today | 语言: Rust
** How I instrument ASR, LLM, TTS, and the client with OpenTelemetry, and which number in each layer I actually look at ** TL;DR. A voice agent is four moving parts stuck together: speech to text, the model that writes the reply, text to speech, and the client that plays the audio back. End to end latency hides which of those four is slow on any given turn, so I stopped tracking it as one number and started tracing each stage as its own OTel span with a shared session id. The number I watch hardest is barge-in: when the user starts talking over the agent, how many milliseconds until the agent actually stops sending audio. In our setup we want that under 200ms, and when p95 barge-in creeps past that, the agent feels like it is talking at you instead of with you. Everything below is how I wire the spans, what attributes go on each one, and the p95 I page on per layer. The thing I keep saying, and the thing that keeps being true: voice agents fail in production not because of raw latency but because nobody simulated the audio and LLM pipeline together. You can have a fast ASR, a fast model, a fast TTS, and a voice agent that still feels broken, because the failure lives in the seams between them and in the parts (barge-in, jitter) that no single-stage benchmark touches. Tracing is how I get the seams to show up. A note before the layers. This is just the setup we run, the spans we emit, and the mistakes that made us add each attribute. Some of it is probably specific to our stack and will not transfer. I will flag that where I can. The shape of a turn, and why one span is not enough One turn is: user says a thing, agent says a thing back. Underneath that is roughly: audio frames come in, ASR turns them into text (streaming partials as it goes); the text plus history goes to the LLM, which streams tokens back; as text comes out, TTS turns it into audio, also streaming; the client receives audio frames and plays them, with some buffering to smooth out jitter. If you wrap
GitHub热门项目 | Qdrant - High-performance, massive-scale Vector Database and Vector Search Engine for the next generation of AI. Also available in the cloud https://cloud.qdrant.io/ | Stars: 31,915 | 33 stars today | 语言: Rust
GitHub热门项目 | Slint is an open-source declarative GUI toolkit to build native user interfaces for Rust, C++, JavaScript, or Python apps. | Stars: 22,839 | 15 stars today | 语言: Rust