RomanEmreis
diff --git a/‎CHANGELOG.md‎
Lines changed: 7 additions & 12 deletions b/‎CHANGELOG.md‎
Lines changed: 7 additions & 12 deletions
diff --git a/‎README.md‎
Lines changed: 2 additions & 2 deletions b/‎README.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎volga-dev-cert/Cargo.toml‎
Lines changed: 1 addition & 1 deletion b/‎volga-dev-cert/Cargo.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎volga-dev-cert/README.md‎
Lines changed: 1 addition & 1 deletion b/‎volga-dev-cert/README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎volga-di/README.md‎
Lines changed: 3 additions & 3 deletions b/‎volga-di/README.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎volga-macros/Cargo.toml‎
Lines changed: 2 additions & 2 deletions b/‎volga-macros/Cargo.toml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎volga-macros/README.md‎
Lines changed: 2 additions & 2 deletions b/‎volga-macros/README.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎volga-rate-limiter/README.md‎
Lines changed: 1 addition & 1 deletion b/‎volga-rate-limiter/README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎volga/Cargo.toml‎
Lines changed: 1 addition & 1 deletion b/‎volga/Cargo.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎volga/src/app.rs‎
Lines changed: 69 additions & 1 deletion b/‎volga/src/app.rs‎
Lines changed: 69 additions & 1 deletion
@@ -5,18 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/).
 
-## Unreleased
-
-- Updated `HttpBody::json`/`form` to return Result so serialization errors surface instead of being embedded into the body, and added an Error conversion for `serde_urlencoded` failures.
-- Response helper macros now propagate JSON/form serialization errors, and problem-details responses match on `HttpBody::json` to return `Err` on failure.
-- Added explicit `ok!(text: ... )`/`ok!(fmt: ...)` and `status!(text: ... )`/`status!(fmt: ... )` macros for `text/plain` responses and documented them alongside existing `ok!`/`status!` examples.
-- Removed unnecessary boxing for `HttpBody::full`, `HttpBody::json` and `HttpBody::form`
-- Added additional methods: `HttpBody::text`, `HttpBody::from_static`, `HttpBody::from_static_text`, `HttpBody::from_str` and `HttpBody::from_slice` for better control.
-- Improved performance for all producing response macros and `IntoResponse` implementations.
-- Improved overall extractors' performance + added additional validation for the cases when mixed Path with NamedPath and positional arguments.
-- Added cached query-like path string handling for PathArgs, including into_parts/from_parts, and preserved the cache when cloning to reduce recomputation in extractor/middleware flows.
-- Switched route/allow header internals to Arc<str> and cached Allow values on route nodes to avoid recomputing 405 headers, plus simplified HSTS formatting to avoid intermediate allocation.
-- Added cached query-arg parsing in HttpRequest/HttpRequestMut to reduce repeated query parsing across extractors.
+## 0.8.1
+
+### Changed
+- HTTP/RFC compliance (#145)
+- `HttpBody` improvements (#146)
+- Performance Improvements (#147)
+-  Security Improvements (#148)
 
 ## 0.8.0
 
 
@@ -5,7 +5,7 @@ Fast, simple, and high-performance web framework for Rust, built on top of
 Volga is designed to make building HTTP services straightforward and explicit,
 while keeping performance predictable and overhead minimal.
 
-[![latest](https://img.shields.io/badge/latest-0.8.0-blue)](https://crates.io/crates/volga)
+[![latest](https://img.shields.io/badge/latest-0.8.1-blue)](https://crates.io/crates/volga)
 [![latest](https://img.shields.io/badge/rustc-1.90+-964B00)](https://crates.io/crates/volga)
 [![License: MIT](https://img.shields.io/badge/License-MIT-violet.svg)](https://github.com/RomanEmreis/volga/blob/main/LICENSE)
 [![Build](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml/badge.svg)](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml)
@@ -46,7 +46,7 @@ Volga is a good fit if you:
 ### Dependencies
 ```toml
 [dependencies]
-volga = "0.8.0"
+volga = "0.8.1"
 tokio = { version = "1", features = ["full"] }
 ```
 ### Simple request handler
 
@@ -14,7 +14,7 @@ categories.workspace = true
 keywords = ["volga", "server", "https", "tls"]
 
 [dependencies]
-rcgen = "0.14.6"
+rcgen = "0.14.7"
 
 [dev-dependencies]
 serial_test = "3.3.1"
 
@@ -1,7 +1,7 @@
 # Volga Development Certificates
 A Rust library for generating self-signed TLS certificates for local development.
 
-[![latest](https://img.shields.io/badge/latest-0.8.0-blue)](https://crates.io/crates/volga)
+[![latest](https://img.shields.io/badge/latest-0.8.1-blue)](https://crates.io/crates/volga)
 [![latest](https://img.shields.io/badge/rustc-1.90+-964B00)](https://crates.io/crates/volga)
 [![License: MIT](https://img.shields.io/badge/License-MIT-violet.svg)](https://github.com/RomanEmreis/volga/blob/main/LICENSE)
 [![Build](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml/badge.svg)](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml)
 
@@ -1,7 +1,7 @@
 # Volga DI
 A standalone, flexible, and easy-to-configure DI container.
 
-[![latest](https://img.shields.io/badge/latest-0.8.0-blue)](https://crates.io/crates/volga)
+[![latest](https://img.shields.io/badge/latest-0.8.1-blue)](https://crates.io/crates/volga)
 [![latest](https://img.shields.io/badge/rustc-1.90+-964B00)](https://crates.io/crates/volga)
 [![License: MIT](https://img.shields.io/badge/License-MIT-violet.svg)](https://github.com/RomanEmreis/volga/blob/main/LICENSE)
 [![Build](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml/badge.svg)](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml)
@@ -15,12 +15,12 @@ A standalone, flexible, and easy-to-configure DI container.
 #### Standalone
 ```toml
 [dependencies]
-volga-di = "0.8.0"
+volga-di = "0.8.1"
 ```
 #### Part of Volga Web Framework
 ```toml
 [dependencies]
-volga = { version = "0.8.0", features = ["di"] }
+volga = { version = "0.8.1", features = ["di"] }
 ```
 
 ### Example
 
@@ -17,9 +17,9 @@ keywords = ["volga", "http", "web", "framework"]
 proc-macro = true
 
 [dependencies]
-quote = "1.0.43"
+quote = "1.0.44"
 syn = { version = "2.0.114", features = ["full"] }
-proc-macro2 = "1.0.105"
+proc-macro2 = "1.0.106"
 
 [features]
 default = []
 
@@ -1,7 +1,7 @@
 # Volga Macros
 Macros library for Volga Web Framework
 
-[![latest](https://img.shields.io/badge/latest-0.8.0-blue)](https://crates.io/crates/volga)
+[![latest](https://img.shields.io/badge/latest-0.8.1-blue)](https://crates.io/crates/volga)
 [![latest](https://img.shields.io/badge/rustc-1.90+-964B00)](https://crates.io/crates/volga)
 [![License: MIT](https://img.shields.io/badge/License-MIT-violet.svg)](https://github.com/RomanEmreis/volga/blob/main/LICENSE)
 [![Build](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml/badge.svg)](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml)
@@ -13,6 +13,6 @@ Macros library for Volga Web Framework
 ## Dependencies
 ```toml
 [dependencies]
-volga = { version = "0.8.0", features = ["macros"] }
+volga = { version = "0.8.1", features = ["macros"] }
 ```
 
@@ -5,7 +5,7 @@ A lightweight and efficient rate-limiting library for Rust.
 This crate provides in-memory rate limiting algorithms designed
 for high-performance HTTP services and middleware.
 
-[![latest](https://img.shields.io/badge/latest-0.8.0-blue)](https://crates.io/crates/volga)
+[![latest](https://img.shields.io/badge/latest-0.8.1-blue)](https://crates.io/crates/volga)
 [![latest](https://img.shields.io/badge/rustc-1.90+-964B00)](https://crates.io/crates/volga)
 [![License: MIT](https://img.shields.io/badge/License-MIT-violet.svg)](https://github.com/RomanEmreis/volga/blob/main/LICENSE)
 [![Build](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml/badge.svg)](https://github.com/RomanEmreis/volga/actions/workflows/rust.yml)
 
@@ -49,7 +49,7 @@ tokio-rustls = { version = "0.26.4", default-features = false, features = ["tls1
 tokio-tungstenite = { version = "0.28.0", optional = true }
 tracing = { version = "0.1.44", default-features = false, optional = true }
 twox-hash = { version = "2.1.2", optional = true }
-uuid = { version = "1.19.0", features = ["v4"], optional = true }
+uuid = { version = "1.20.0", features = ["v4"], optional = true }
 
 # volga
 volga-dev-cert = { path = "../volga-dev-cert", version = "0.8.1", optional = true }
 
@@ -45,14 +45,28 @@ use crate::http::cors::CorsRegistry;
 use crate::auth::bearer::{BearerAuthConfig, BearerTokenService};
 
 #[cfg(feature = "rate-limiting")]
-use crate::rate_limiting::GlobalRateLimiter;
+use {
+    crate::rate_limiting::GlobalRateLimiter,
+    std::collections::HashSet
+};
 
 #[cfg(feature = "static-files")]
 pub use self::env::HostEnv;
 
 #[cfg(feature = "http2")]
 pub use crate::limits::Http2Limits;
 
+#[cfg(any(
+    feature = "decompression-brotli",
+    feature = "decompression-gzip",
+    feature = "decompression-zstd",
+    feature = "decompression-full"
+))]
+use crate::middleware::decompress::{
+    ResolvedDecompressionLimits,
+    DecompressionLimits
+};
+
 #[cfg(feature = "static-files")]
 pub mod env;
 pub mod router;
@@ -121,6 +135,10 @@ pub struct App {
     #[cfg(feature = "rate-limiting")]
     pub(super) rate_limiter: Option<GlobalRateLimiter>,
 
+    /// Trusted proxies for rate limiting IP extraction
+    #[cfg(feature = "rate-limiting")]
+    pub(super) trusted_proxies: Option<HashSet<IpAddr>>,
+
     /// Request/Middleware pipeline builder
     pub(super) pipeline: PipelineBuilder,
 
@@ -133,6 +151,15 @@ pub struct App {
     #[cfg(feature = "http2")]
     pub(super) http2_limits: Http2Limits,
 
+    /// Limits for decompression middleware
+    #[cfg(any(
+        feature = "decompression-brotli",
+        feature = "decompression-gzip",
+        feature = "decompression-zstd",
+        feature = "decompression-full"
+    ))]
+    pub(super) decompression_limits: DecompressionLimits,
+
     /// TCP connection parameters
     connection: Connection,
 
@@ -234,6 +261,10 @@ pub(crate) struct AppInstance {
     #[cfg(feature = "rate-limiting")]
     pub(super) rate_limiter: Option<Arc<GlobalRateLimiter>>,
 
+    /// Trusted proxies for rate limiting IP extraction
+    #[cfg(feature = "rate-limiting")]
+    pub(super) trusted_proxies: Option<Arc<HashSet<IpAddr>>>,
+
     /// HSTS configuration options
     #[cfg(feature = "tls")]
     pub(super) hsts: Option<HstsHeader>,
@@ -258,6 +289,15 @@ pub(crate) struct AppInstance {
     #[cfg(feature = "http2")]
     pub(super) http2_limits: Http2Limits,
 
+    /// Limits for decompression middleware
+    #[cfg(any(
+        feature = "decompression-brotli",
+        feature = "decompression-gzip",
+        feature = "decompression-zstd",
+        feature = "decompression-full"
+    ))]
+    pub(super) decompression_limits: ResolvedDecompressionLimits,
+
     /// Default `Cache-Control` header value
     pub(super) cache_control: Option<HeaderValue>,
 
@@ -305,12 +345,21 @@ impl TryFrom<App> for AppInstance {
             cors: app.cors,
             #[cfg(feature = "http2")]
             http2_limits: app.http2_limits,
+            #[cfg(any(
+                feature = "decompression-brotli",
+                feature = "decompression-gzip",
+                feature = "decompression-zstd",
+                feature = "decompression-full"
+            ))]
+            decompression_limits: app.decompression_limits.resolved(),
             #[cfg(feature = "static-files")]
             host_env: app.host_env,
             #[cfg(feature = "di")]
             container: app.container.build(),
             #[cfg(feature = "rate-limiting")]
             rate_limiter: app.rate_limiter.map(Arc::new),
+            #[cfg(feature = "rate-limiting")]
+            trusted_proxies: app.trusted_proxies.map(Arc::new),
             #[cfg(feature = "jwt-auth")]
             bearer_token_service,
             #[cfg(feature = "tracing")]
@@ -373,6 +422,8 @@ impl App {
             auth_config: None,
             #[cfg(feature = "rate-limiting")]
             rate_limiter: None,
+            #[cfg(feature = "rate-limiting")]
+            trusted_proxies: None,
             pipeline: PipelineBuilder::new(),
             connection: Default::default(),
             body_limit: Default::default(),
@@ -384,6 +435,13 @@ impl App {
             cache_control: None,
             #[cfg(feature = "http2")]
             http2_limits: Default::default(),
+            #[cfg(any(
+                feature = "decompression-brotli",
+                feature = "decompression-gzip",
+                feature = "decompression-zstd",
+                feature = "decompression-full"
+            ))]
+            decompression_limits: Default::default(),
             #[cfg(debug_assertions)]
             show_greeter: true,
             #[cfg(not(debug_assertions))]
@@ -938,4 +996,14 @@ mod tests {
 
         assert_eq!(format!("{connection:?}"), "Connection { socket: 127.0.0.1:5000 }");
     }
+    
+    #[test]
+    fn it_sets_default_connection_if_ip_is_invalid() {
+        let connection: Connection = "invalid_ip".into();
+
+        #[cfg(target_os = "windows")]
+        assert_eq!(connection.socket, SocketAddr::from(([127, 0, 0, 1], 7878)));
+        #[cfg(not(target_os = "windows"))]
+        assert_eq!(connection.socket, SocketAddr::from(([0, 0, 0, 0], 7878)));
+    }
 }