github AtalayaLabs/OxiCloud v0.5.0
v0.5.0 — Performance Overhaul & New Features
on GitHub

latest releases: v0.5.6, v0.5.5, v0.5.4...
2 months ago

🚀 OxiCloud v0.5.0

100 commits since v0.4.2 — the biggest release yet. Comprehensive performance audit, new features, and critical fixes.

⚡ Performance (30+ optimizations)

Critical (P0)

  • ZIP streaming: rewrite download_zip to stream via temp file instead of loading entire archive into RAM — eliminates OOM on large downloads
  • PostgreSQL TX during disk I/O: decouple PG transactions from slow disk operations in chunked uploads
  • RwLock → DashMap: replace RwLock<HashMap> with lock-free DashMap in ChunkedUploadService, eliminating write-lock contention

High Impact

  • Eliminate Vec<u8> copies: all uploads now stream directly to disk — no intermediate RAM buffers
  • Arc-wrap SearchResultsDto: zero-copy cache reads via Arc<SearchResultsDto>
  • Batch garbage_collect: 500-row mini-transactions instead of unbounded DELETE
  • stream_files_in_subtree: replace Vec<File> with async Stream — constant memory for subtree operations
  • ltree <@ in delete_folder: replace recursive CTE with GiST-indexed ltree operator
  • Persistent blob_hash cache: remove one-shot invalidation, keep cache warm across reads
  • Thumbnail single-read: eliminate double disk read with read-once buffer pattern
  • Trash bulk cleanup: replace N+1 sequential delete_permanently loop with 2-query bulk DELETE in a single transaction

Medium Impact

  • Streaming PROPFIND: parallelize WebDAV queries with tokio::join!
  • async Argon2 + Semaphore: bound concurrent password hashes to prevent CPU exhaustion
  • moka future::Cache: migrate sync cache to async for search service
  • async-compression streaming: eliminate double buffer copy in decompress
  • ltree bulk subtree fetch: eliminate N+1 queries in ZIP generation
  • COUNT(*) OVER(): eliminate double COUNT+SELECT in search pagination
  • SQL-level search filtering: push suggest() filtering + LIMIT to PostgreSQL
  • Adaptive thumbnail filters: Triangle for icons, CatmullRom for previews (instead of expensive Lanczos3)
  • spawn_blocking SHA-256: offload hash computation off the async runtime
  • Arc<str> for etag/content_type: reduce allocations in content cache

🔧 Features

  • WOPI protocol support: collaborative document editing via Collabora/LibreOffice Online
  • Audio/Video modal player: inline media playback with MIME detection via magic bytes (infer)
  • Breadcrumb navigation: full path navigation in Files tab + SPA view refactor
  • Collapsible mobile sidebar: responsive UI for mobile devices
  • Move dialog navigation: folder browsing + copy functionality in move dialog
  • OIDC improvements: email_verified check, auth source badge, password ops guard for OIDC users
  • Dual DB pools: separate primary + maintenance connection pools
  • German (de.json) locale: i18n support for Deutsch

🐛 Bug Fixes

  • OOM protection: lock-free thumbnail cache + OIDC JWKS TTL
  • Blob storage leak: prevent orphaned blobs on folder deletion
  • Temp file lifecycle: prevent premature temp file deletion during ZIP download
  • Storage usage calculation: correct query with direct SQL
  • Auto-create home folder: handle empty root folder listing
  • Dutch language selection: fix locale mapping
  • Unlimited quota display: show ∞ when storage_quota_bytes = 0
  • Trash test mocks: simulate PG CASCADE on clear_trash

🔒 Security

  • Fail-closed auth (P0): refuse to start when auth is enabled but cannot initialize
  • Ignore RUSTSEC-2023-0071: acknowledged advisory for rsa crate

🧹 Code Quality

  • cargo fmt --all — consistent formatting across entire codebase
  • cargo clippy --all-targets -- -D warnings — zero warnings
  • Dead code elimination after each optimization
  • Clean architecture maintained throughout all changes

📊 Impact Summary

Metric Before After
ZIP download (1 GB) OOM crash ~50 MB RSS
Trash cleanup (1000 items) ~6s (3000 queries) ~10ms (2 queries)
Subtree listing (10K files) 800 MB RSS spike ~constant memory
Concurrent uploads (lock) Serial via RwLock Lock-free DashMap
Thumbnail generation 2 disk reads per image 1 disk read
Folder deletion Recursive CTE (slow) ltree <@ (GiST index)
Search cache reads Clone per read Arc (zero-copy)
GC DELETE Unbounded single TX 500-row batches

Full Changelog: v0.4.2...v0.5.0

What's Changed

  • fix: display unlimited quota (∞) when storage_quota_bytes = 0 by @gbw in #132
  • feat(wopi): add WOPI protocol support for collaborative editing by @zjean in #133
  • Add email_verified check for OIDC login by @gbw in #134
  • Add missing version update from 0.4.1 to 0.4.2 by @gbw in #136
  • Feature/OIDC user identity by @zjean in #135
  • fix dutch language selection by @zjean in #137
  • fix: auto-create home folder when listing root folders returns empty by @gbw in #138
  • fix: correct storage usage calculation by using direct SQL query by @gbw in #140
  • Optimize search service with database-level pagination and improve cache handling by @gbw in #139
  • docs: add example.env and document all environment variables by @gbw in #141
  • feat(i18n): update de.json (deutsch by @roswitina in #142
  • feat: add breadcrumb navigation and refactor SPA view management by @gbw in #144
  • feat(ui): add collapsible sidebar for mobile devices by @gbw in #146
  • Ignore RUSTSEC-2023-0071 in security audit by @gbw in #147
  • feat: improve move dialog with folder navigation by @gbw in #148
  • Small documentation update and cargo fmt by @gbw in #150

Full Changelog: v0.4.2...v0.5.0

Check out latest releases or
releases around AtalayaLabs/OxiCloud v0.5.0

Don't miss a new OxiCloud release

NewReleases is sending notifications on new releases.

Get notifications