Merge branch 'main' into tm/format-the-snake

Author: Sl1mb0

.github/dependabot.yml

@@ -8,12 +8,13 @@ updates:
     open-pull-requests-limit: 10
     # NOTE: groups are "match first", and "unmatched dependencies have individual PRs"
     groups:
-      arrow-and-datafusion:
+      apache:
         patterns:
           - "arrow"
           - "arrow-*"
           - "datafusion"
           - "datafusion-*"
+          - "sqlparser"
       wasmtime:
         patterns:
           - "wasmtime"

.github/workflows/ci.yml

@@ -24,7 +24,7 @@ jobs:
         run: pip install --requirement=.github/workflows/requirements.txt
 
       - name: Install `cargo-deny` & `just`
-        uses: taiki-e/install-action@81ee1d48d9194cdcab880cbdc7d36e87d39874cb  # v2
+        uses: taiki-e/install-action@f535147c22906d77695e11cb199e764aa610a4fc  # v2
         with:
           tool: cargo-deny,just
 

guests/python/requirements.txt

@@ -1,2 +1,7 @@
-# That's https://github.com/urllib3/urllib3/pull/3593 as a wheel.
-urllib3 @ https://github.com/crepererum/urllib3/releases/download/2.5.100/urllib3-2.5.100-py3-none-any.whl --hash=sha256:b48be99c923c989e8db2a41a21f2511d830a7b7e99bfde24ae7214baadf7daaf
+certifi==2025.10.5 --hash=sha256:0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de
+charset_normalizer==3.4.4 --hash=sha256:7a32c560861a02ff789ad905a2fe94e3f840803362c84fecf1851cb4cf3dc37f
+idna==3.11 --hash=sha256:771a87f49d9defaf64091e6e6fe9c18d4833f140bd19464795bc32d966ca37ea
+requests==2.32.5 --hash=sha256:2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6
+
+# That's https://github.com/urllib3/urllib3/pull/3593 + https://github.com/golemcloud/urllib3/pull/2 as a wheel.
+urllib3 @ https://github.com/crepererum/urllib3/releases/download/2.5.101/urllib3-2.5.101-py3-none-any.whl --hash=sha256:2b2dcd0944a3b5d6ce7517cf068c232c1963a6702146695147454c46b4da71f1

guests/python/src/python_modules/mod.rs

@@ -1147,6 +1147,12 @@ mod wit_world {
                     self.inner.take();
                 }
 
+                fn finish(&mut self) -> PyResult<FutureTrailers> {
+                    let body = self.inner.take().require_resource()?;
+                    let trailers = wasip2::http::types::IncomingBody::finish(body);
+                    Ok(FutureTrailers { inner: trailers })
+                }
+
                 fn stream(&self) -> PyResult<InputStream> {
                     let stream = self.inner()?.stream().to_pyres()?;
                     Ok(InputStream {

host/src/lib.rs

@@ -4,6 +4,7 @@
 //! [DataFusion]: https://datafusion.apache.org/
 use std::{any::Any, ops::DerefMut, sync::Arc};
 
+use ::http::HeaderName;
 use arrow::datatypes::DataType;
 use datafusion_common::{DataFusionError, Result as DataFusionResult};
 use datafusion_expr::{ColumnarValue, ScalarFunctionArgs, ScalarUDFImpl, Signature};
@@ -17,7 +18,10 @@ use wasmtime_wasi_http::{
     HttpResult, WasiHttpCtx, WasiHttpView,
     bindings::http::types::ErrorCode as HttpErrorCode,
     body::HyperOutgoingBody,
-    types::{HostFutureIncomingResponse, OutgoingRequestConfig, default_send_request_handler},
+    types::{
+        DEFAULT_FORBIDDEN_HEADERS, HostFutureIncomingResponse, OutgoingRequestConfig,
+        default_send_request_handler,
+    },
 };
 
 use crate::{
@@ -26,7 +30,7 @@ use crate::{
     http::{HttpRequestValidator, RejectAllHttpRequests},
     linker::link,
     tokio_helpers::async_in_sync_context,
-    vfs::{VfsCtxView, VfsState, VfsView},
+    vfs::{VfsCtxView, VfsLimits, VfsState, VfsView},
 };
 
 // unused-crate-dependencies false positives
@@ -43,7 +47,7 @@ mod error;
 pub mod http;
 mod linker;
 mod tokio_helpers;
-mod vfs;
+pub mod vfs;
 
 /// State of the WASM payload.
 struct WasmStateImpl {
@@ -110,9 +114,12 @@ impl WasiHttpView for WasmStateImpl {
 
     fn send_request(
         &mut self,
-        request: hyper::Request<HyperOutgoingBody>,
+        mut request: hyper::Request<HyperOutgoingBody>,
         config: OutgoingRequestConfig,
     ) -> HttpResult<HostFutureIncomingResponse> {
+        // Python `requests` sends this so we allow it but later drop it from the actual request.
+        request.headers_mut().remove(hyper::header::CONNECTION);
+
         // technically we could return an error straight away, but `urllib3` doesn't handle that super well, so we
         // create a future and validate the error in there (before actually starting the request of course)
 
@@ -132,6 +139,15 @@ impl WasiHttpView for WasmStateImpl {
 
         Ok(HostFutureIncomingResponse::pending(handle))
     }
+
+    fn is_forbidden_header(&mut self, name: &HeaderName) -> bool {
+        // Python `requests` sends this so we allow it but later drop it from the actual request.
+        if name == hyper::header::CONNECTION {
+            return false;
+        }
+
+        DEFAULT_FORBIDDEN_HEADERS.contains(name)
+    }
 }
 
 impl VfsView for WasmStateImpl {
@@ -205,6 +221,9 @@ impl std::fmt::Debug for WasmComponentPrecompiled {
 pub struct WasmPermissions {
     /// Validator for HTTP requests.
     http: Arc<dyn HttpRequestValidator>,
+
+    /// Virtual file system limits.
+    vfs: VfsLimits,
 }
 
 impl WasmPermissions {
@@ -218,6 +237,7 @@ impl Default for WasmPermissions {
     fn default() -> Self {
         Self {
             http: Arc::new(RejectAllHttpRequests),
+            vfs: VfsLimits::default(),
         }
     }
 }
@@ -230,6 +250,15 @@ impl WasmPermissions {
     {
         Self {
             http: Arc::new(http),
+            ..self
+        }
+    }
+
+    /// Set virtual filesystem limits.
+    pub fn with_vfs_limits(self, limits: VfsLimits) -> Self {
+        Self {
+            vfs: limits,
+            ..self
         }
     }
 }
@@ -274,7 +303,7 @@ impl WasmScalarUdf {
         let WasmComponentPrecompiled { engine, component } = component;
 
         // Create in-memory VFS
-        let vfs_state = VfsState::new();
+        let vfs_state = VfsState::new(&permissions.vfs);
 
         let stderr = MemoryOutputPipe::new(1024);
         let wasi_ctx = WasiCtx::builder().stderr(stderr.clone()).build();

host/src/vfs.rs

@@ -2,7 +2,7 @@
 //!
 //! This provides a very crude, read-only in-mem virtual file system for the WASM guests.
 //!
-//! The data gets [populated via a TAR container](VfsState::populate_from_tar).
+//! The data gets populated via a TAR container.
 //!
 //! While this implementation has rather limited functionality, it is sufficient to get a Python guest interpreter
 //! running.
@@ -11,7 +11,10 @@ use std::{
     collections::HashMap,
     hash::Hash,
     io::{Cursor, Read},
-    sync::{Arc, RwLock, Weak},
+    sync::{
+        Arc, RwLock, Weak,
+        atomic::{AtomicU64, Ordering},
+    },
 };
 
 use rand::Rng;
@@ -58,7 +61,7 @@ enum VfsNodeKind {
     /// A directory containing child nodes.
     Directory {
         /// Child nodes indexed by name.
-        children: HashMap<String, SharedVfsNode>,
+        children: HashMap<Box<str>, SharedVfsNode>,
     },
 }
 
@@ -188,6 +191,125 @@ impl VfsNode {
     }
 }
 
+/// Tracked allocation of some resource.
+#[derive(Debug)]
+struct Allocation {
+    /// Current amount of allocation.
+    n: AtomicU64,
+
+    /// Name of the resource.
+    name: &'static str,
+
+    /// Allocation limit.
+    limit: u64,
+}
+
+impl Allocation {
+    /// Create new allocation tracker for given resource.
+    fn new(name: &'static str, limit: u64) -> Self {
+        Self {
+            n: AtomicU64::new(0),
+            name,
+            limit,
+        }
+    }
+
+    /// Increase allocation by given amount.
+    fn inc(&self, n: u64) -> Result<(), FailedAllocation> {
+        self.n
+            .fetch_update(Ordering::SeqCst, Ordering::SeqCst, |old| {
+                let new = old.checked_add(n)?;
+                (new <= self.limit).then_some(new)
+            })
+            .map(|_| ())
+            .map_err(|current| FailedAllocation {
+                name: self.name,
+                limit: self.limit,
+                current,
+                requested: n,
+            })
+    }
+}
+
+/// Failed allocation error.
+#[derive(Debug)]
+struct FailedAllocation {
+    /// Name of the allocation type/resource.
+    name: &'static str,
+
+    /// Allocation limit.
+    limit: u64,
+
+    /// Current allocation size.
+    current: u64,
+
+    /// Requested/additional allocation.
+    requested: u64,
+}
+
+impl std::fmt::Display for FailedAllocation {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        let Self {
+            name,
+            limit,
+            current,
+            requested,
+        } = self;
+
+        write!(
+            f,
+            "{name} limit reached: limit<={limit} current=={current} requested+={requested}"
+        )
+    }
+}
+
+impl From<FailedAllocation> for std::io::Error {
+    fn from(e: FailedAllocation) -> Self {
+        Self::new(std::io::ErrorKind::QuotaExceeded, e.to_string())
+    }
+}
+
+/// Limits for virtual filesystems.
+#[derive(Debug, Clone)]
+#[expect(missing_copy_implementations, reason = "allow later extensions")]
+pub struct VfsLimits {
+    /// Maximum number of inodes.
+    pub inodes: u64,
+
+    /// Maximum number of bytes in size.
+    pub bytes: u64,
+}
+
+impl Default for VfsLimits {
+    fn default() -> Self {
+        Self {
+            inodes: 10_000,
+            // 100MB
+            bytes: 100 * 1024 * 1024,
+        }
+    }
+}
+
+/// Current virtual filesystem allocation.
+#[derive(Debug)]
+struct VfsAllocation {
+    /// Number of inodes.
+    inodes: Allocation,
+
+    /// Number of bytes.
+    bytes: Allocation,
+}
+
+impl VfsAllocation {
+    /// Create new empty allocation tracker.
+    fn new(limits: &VfsLimits) -> Self {
+        Self {
+            inodes: Allocation::new("inodes", limits.inodes),
+            bytes: Allocation::new("bytes", limits.bytes),
+        }
+    }
+}
+
 /// State for the virtual filesystem.
 #[derive(Debug)]
 pub(crate) struct VfsState {
@@ -196,11 +318,14 @@ pub(crate) struct VfsState {
 
     /// Hash key for metadata hashes.
     metadata_hash_key: [u8; 16],
+
+    /// Current allocation.
+    allocation: VfsAllocation,
 }
 
 impl VfsState {
     /// Create a new empty VFS.
-    pub(crate) fn new() -> Self {
+    pub(crate) fn new(limits: &VfsLimits) -> Self {
         Self {
             root: Arc::new(RwLock::new(VfsNode {
                 kind: VfsNodeKind::Directory {
@@ -209,6 +334,7 @@ impl VfsState {
                 parent: None,
             })),
             metadata_hash_key: rand::rng().random(),
+            allocation: VfsAllocation::new(limits),
         }
     }
 
@@ -228,6 +354,8 @@ impl VfsState {
                 tar::EntryType::Regular => {
                     let mut content = Vec::new();
                     entry.read_to_end(&mut content)?;
+                    content.shrink_to_fit();
+                    self.allocation.bytes.inc(content.capacity() as u64)?;
                     VfsNodeKind::File { content }
                 }
                 other => {
@@ -252,6 +380,17 @@ impl VfsState {
                 VfsNode::resolve_path(Arc::clone(&self.root), Arc::clone(&self.root), path_str)
                     .map_err(|e| std::io::Error::new(std::io::ErrorKind::InvalidData, e))?;
 
+            let child = Arc::new(RwLock::new(VfsNode {
+                kind,
+                parent: Some(Arc::downgrade(&node)),
+            }));
+
+            self.allocation.inodes.inc(1)?;
+            self.allocation.bytes.inc(name.len() as u64)?;
+            self.allocation
+                .bytes
+                .inc(std::mem::size_of_val(&child) as u64)?;
+
             match &mut node.write().unwrap().kind {
                 VfsNodeKind::File { .. } => {
                     return Err(std::io::Error::new(
@@ -260,13 +399,7 @@ impl VfsState {
                     ));
                 }
                 VfsNodeKind::Directory { children } => {
-                    children.insert(
-                        name.to_owned(),
-                        Arc::new(RwLock::new(VfsNode {
-                            kind,
-                            parent: Some(Arc::downgrade(&node)),
-                        })),
-                    );
+                    children.insert(name.into(), child);
                 }
             }
         }
@@ -461,7 +594,7 @@ impl<'a> filesystem::types::HostDescriptor for VfsCtxView<'a> {
                         };
 
                         DirectoryEntry {
-                            name: name.clone(),
+                            name: name.as_ref().to_owned(),
                             type_,
                         }
                     })