Implement response framing with serialization

[leynos]

Summary

• add SerializationFormat config module
• implement LengthPrefixedProcessor and response sending helpers
• update roadmap and design docs for response serialization
• provide tests for encoding handler responses
• document config module

Testing

• cargo clippy -- -D warnings
• RUSTFLAGS="-D warnings" cargo test
• markdownlint docs/preamble-validator.md docs/roadmap.md docs/rust-binary-router-library-design.md docs/rust-testing-with-rstest-fixtures.md README.md
• nixie docs/preamble-validator.md docs/roadmap.md docs/rust-binary-router-library-design.md docs/rust-testing-with-rstest-fixtures.md README.md

---

https://chatgpt.com/codex/tasks/task_e_6850a3439ea8832287c8431cdfbb87f9

Summary by Sourcery

Implement configurable response serialization and framing by introducing a Serializer trait and FrameProcessor abstraction with default BincodeSerializer and LengthPrefixedProcessor, extend WireframeApp with serializer and frame_processor fields, and add an async send_response method for encoding and transmitting handler outputs; update examples and documentation to reflect these changes and add tests covering encoding, framing, and error scenarios.

New Features:

• Add a Serializer trait and default BincodeSerializer implementation.
• Introduce FrameProcessor abstraction and LengthPrefixedProcessor for length-prefixed framing.
• Parameterize WireframeApp over serializer and frame_processor and add an async send_response method for serializing and sending responses.
• Expose BincodeSerializer and Serializer in the public API and add SerializationFormat config module.
• Provide response framing and serialization support in examples, README, and roadmap documentation.

Enhancements:

• Refactor WireframeApp builder to return generic serializer type and include default frame_processor setup.
• Define SendError for unified error handling during response serialization and I/O.
• Simplify FrameProcessor trait to synchronous decode/encode methods and update design docs accordingly.

Documentation:

• Update design and roadmap docs with response serialization and framing sections.
• Revise README examples to use the new .serializer and framing abstractions.

Tests:

• Add async tests for send_response covering successful encoding, framing, and write errors.
• Add tests for LengthPrefixedProcessor decode behavior with incomplete headers and frames.
• Validate serialization errors propagate correctly when encoding fails.

Summary by CodeRabbit

• New Features

  • Introduced configurable serialization formats, with support for Bincode.
  • Added a length-prefixed frame processor for handling message framing.
  • Enabled customisation of frame processor and serialization format in application setup.
  • Provided a utility to send serialized, framed responses over asynchronous streams.

• Documentation

  • Updated design documentation to clarify response serialization and transmission details.
  • Marked the relevant roadmap item as complete.
  • Added README section explaining response serialization and framing process.

• Tests

  • Added tests verifying encoding, framing, decoding of responses, handling of partial frames, and error propagation.

[sourcery-ai]

Reviewer's Guide

This PR implements pluggable response serialization and framing by introducing a Serializer trait with a default BincodeSerializer, converting FrameProcessor to a synchronous interface with a new LengthPrefixedProcessor, extending WireframeApp to store and configure both serializer and frame processor along with a new send_response API, and updating related documentation and tests.

Sequence diagram for send_response serialization and framing process

sequenceDiagram
    participant App as WireframeApp
    participant Ser as Serializer
    participant FP as FrameProcessor
    participant Stream as AsyncWrite
    participant Msg as Message

    App->>Ser: serialize(Msg)
    Ser-->>App: Vec<u8> (serialized bytes)
    App->>FP: encode(bytes, framed_buffer)
    FP-->>App: framed_buffer (with length prefix)
    App->>Stream: write_all(framed_buffer)
    App->>Stream: flush()
    Stream-->>App: ok/error

Loading

Class diagram for new serialization and framing abstractions

classDiagram
    class Serializer {
        <<trait>>
        +serialize(value: M): Result<Vec<u8>, Error>
        +deserialize(bytes: &[u8]): Result<(M, usize), Error>
    }
    class BincodeSerializer {
        +serialize(value: M): Result<Vec<u8>, Error>
        +deserialize(bytes: &[u8]): Result<(M, usize), Error>
    }
    Serializer <|.. BincodeSerializer

    class FrameProcessor {
        <<trait>>
        +decode(src: &mut BytesMut): Result<Option<Frame>, Error>
        +encode(frame: &Frame, dst: &mut BytesMut): Result<(), Error>
    }
    class LengthPrefixedProcessor {
        +decode(src: &mut BytesMut): Result<Option<Vec<u8>>, Error>
        +encode(frame: &Vec<u8>, dst: &mut BytesMut): Result<(), Error>
    }
    FrameProcessor <|.. LengthPrefixedProcessor

    class WireframeApp {
        -routes: HashMap<u32, Service>
        -services: Vec<Service>
        -middleware: Vec<Box<dyn Middleware>>
        -frame_processor: Box<FrameProcessor>
        -serializer: Serializer
        +frame_processor(processor): Self
        +serializer(serializer): WireframeApp<Ser>
        +send_response(stream, msg): Result<(), SendError>
    }

Loading

File-Level Changes

Change	Details	Files
Introduce Serializer trait with default BincodeSerializer for customizable message encoding	Add serializer.rs module defining Serializer trait and BincodeSerializer Re-export Serializer and BincodeSerializer in lib.rs Make WireframeApp generic over a Serializer with default BincodeSerializer Add .serializer() builder method to configure custom serializers	src/serializer.rs src/lib.rs src/app.rs
Convert FrameProcessor trait to synchronous interface and add LengthPrefixedProcessor	Remove async methods from FrameProcessor and update decode/encode signatures to sync Implement LengthPrefixedProcessor using big-endian u32 length prefixes	src/frame.rs src/app.rs
Extend WireframeApp to store frame processor and serializer and implement send_response API	Add frame_processor field (boxed FrameProcessor) to WireframeApp builder Define SendError enum with Display, Error and From implementations Implement async send_response method to serialize, frame, write and flush handler responses	src/app.rs
Update documentation and examples to reflect response serialization and framing API	Replace .serialization_format with .serializer() and .frame_processor() in code examples Add Response Serialization and Framing section in README Extend design docs and roadmap to document and mark serialization feature complete	docs/rust-binary-router-library-design.md README.md docs/roadmap.md
Add integration and unit tests for response serialization, framing, and error handling	Create tests/response.rs covering send_response success path and error propagation Add unit tests for LengthPrefixedProcessor header and frame completeness behaviors	tests/response.rs

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

This update introduces response serialization and transmission to the framework. It adds a configurable serialization format and frame processor to the application struct, implements a length-prefixed framing protocol, and provides utilities for encoding, framing, and sending handler responses. Documentation and tests are updated to reflect and verify these new capabilities.

Changes

File(s)	Change Summary
docs/roadmap.md	Checked off the roadmap item for response serialization and transmission.
docs/rust-binary-router-library-design.md	Expanded documentation on handler response processing, detailing encoding and framing steps.
README.md	Added section explaining response serialization and framing with example of length-prefixed framing.
src/app.rs	Added configurable frame_processor and serializer fields, builder methods, and send_response async method.
src/config.rs	New module defining SerializationFormat enum with methods for serialization and deserialization.
src/frame.rs	Added LengthPrefixedProcessor struct implementing length-prefixed frame encoding/decoding.
src/lib.rs	Publicly exposed the new config module and re-exported SerializationFormat.
tests/response.rs	Added async tests verifying response encoding, framing, decoding, and error propagation.

Sequence Diagram(s)

sequenceDiagram
    participant Handler
    participant WireframeApp
    participant FrameProcessor
    participant Stream

    Handler->>WireframeApp: yield response (implements Message)
    WireframeApp->>WireframeApp: serialize response (SerializationFormat)
    WireframeApp->>FrameProcessor: encode serialized bytes (frame)
    FrameProcessor-->>WireframeApp: framed bytes
    WireframeApp->>Stream: write framed bytes
    Stream-->>WireframeApp: flush

Loading

Possibly related PRs

• Implement trait foundations #8: Introduced the foundational FrameProcessor trait, which this PR extends with a concrete implementation and integration for response handling.
• Update roadmap with connection features #26: Added the roadmap checklist item for response serialization and transmission, related as a prior documentation step.
• Fix bincode trait bounds #44: Adjusted message serialization/deserialization trait bounds, related at the trait abstraction level to the new serialization logic added here.

Poem

A rabbit with bytes in its paws,
Frames responses with barely a pause.
It serialises with care,
Sends frames through the air,
Now every reply gets well-deserved applause!

🐇✨

✨ Finishing Touches

🧪 Generate Unit Tests

• Create PR with Unit Tests
• Post Copyable Unit Tests in Comment
• Commit Unit Tests in branch codex/add-response-serialization-and-transmission

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai auto-generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sourcery-ai]

Hey @leynos - I've reviewed your changes and they look great!

Prompt for AI Agents

Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `src/app.rs:146` </location>
<code_context>
+        S: AsyncWrite + Unpin,
+        M: Message,
+    {
+        let bytes = self.serializer.serialize(msg).map_err(io::Error::other)?;
+        let mut framed = BytesMut::new();
+        self.frame_processor.encode(&bytes, &mut framed).await?;
</code_context>

<issue_to_address>
Wrapping serialization errors with `io::Error::other` loses context

Use `io::Error::new(io::ErrorKind::InvalidData, e)` or implement `From<EncodeError> for io::Error` to retain error details and kind.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
        let bytes = self.serializer.serialize(msg).map_err(io::Error::other)?;
=======
        let bytes = self.serializer.serialize(msg).map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
>>>>>>> REPLACE

</suggested_fix>

### Comment 2
<location> `src/app.rs:131` </location>
<code_context>
+    /// # Errors
+    ///
+    /// This function currently never fails.
+    pub fn serialization_format(mut self, format: SerializationFormat) -> Result<Self> {
+        self.serializer = format;
+        Ok(self)
</code_context>

<issue_to_address>
`serialization_format` never fails, so `Result` is unnecessary

Consider returning `Self` directly from this setter to simplify the API, as it cannot currently fail.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
    /// Choose the serialization format for messages.
    ///
    /// # Errors
    ///
    /// This function currently never fails.
    pub fn serialization_format(mut self, format: SerializationFormat) -> Result<Self> {
        self.serializer = format;
        Ok(self)
=======
    /// Choose the serialization format for messages.
    pub fn serialization_format(mut self, format: SerializationFormat) -> Self {
        self.serializer = format;
        self
>>>>>>> REPLACE

</suggested_fix>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[coderabbitai]

Actionable comments posted: 8

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b4f4242 and 92e4b49.

📒 Files selected for processing (7)

• docs/roadmap.md (1 hunks)
• docs/rust-binary-router-library-design.md (1 hunks)
• src/app.rs (3 hunks)
• src/config.rs (1 hunks)
• src/frame.rs (2 hunks)
• src/lib.rs (1 hunks)
• tests/response.rs (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (1)

tests/response.rs (2)

src/app.rs (1)

• new (72-72)

src/message.rs (1)

• from_bytes (49-54)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: build-test

🔇 Additional comments (3)

docs/roadmap.md (1)

65-67: Road-map checkbox tick looks good – no action needed

The completed item accurately reflects the newly-merged implementation; nothing further to flag.

docs/rust-binary-router-library-design.md (1)

721-724: Wording update is clear and technically correct

The added detail on how the SerializationFormat and FrameProcessor interact aligns with the code changes. No further edits required.

tests/response.rs (1)

14-19: Double-check send_response’s generic bounds

send_response is awaited yet is passed a plain &mut Vec<u8>.
Vec<u8> does not implement tokio::io::AsyncWrite, so the method must either:

1. Accept any &mut impl Extend<u8> / &mut Vec<u8> and be internally synchronous, or
2. Be generic over AsyncWrite but use tokio::io::AsyncWriteExt, in which case this test will not compile.

Please ensure the first case is true, or update the test to wrap the buffer in tokio::io::sink() / Cursor<Vec<u8>>.

[leynos]

@sourcery-ai resolve

[leynos]

@coderabbitai resolve

[leynos]

@sourcery-ai review

[coderabbitai]

✅ Actions performed

Comments resolved and changes approved.

[leynos]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[sourcery-ai]

Hey @leynos - I've reviewed your changes - here's some feedback:

• send_response currently requires &mut self because frame_processor.encode mutates internal state—consider making frame processors stateless or use interior mutability so send_response can take &self and support concurrent responses.
• Since FrameProcessor implementations only operate on memory buffers, you might simplify the API by making encode/decode synchronous functions to remove unnecessary async/await overhead for purely CPU-bound framing logic.
• Mapping serialization errors into a generic io::ErrorKind::InvalidData hides the underlying EncodeError context—consider wrapping or preserving the original error for better diagnostics.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- send_response currently requires &mut self because frame_processor.encode mutates internal state—consider making frame processors stateless or use interior mutability so send_response can take &self and support concurrent responses.
- Since FrameProcessor implementations only operate on memory buffers, you might simplify the API by making encode/decode synchronous functions to remove unnecessary async/await overhead for purely CPU-bound framing logic.
- Mapping serialization errors into a generic io::ErrorKind::InvalidData hides the underlying EncodeError context—consider wrapping or preserving the original error for better diagnostics.

## Individual Comments

### Comment 1
<location> `src/frame.rs:48` </location>
<code_context>
+        let mut len_bytes = [0u8; 4];
+        len_bytes.copy_from_slice(&src[..4]);
+        let len = u32::from_be_bytes(len_bytes);
+        let len_usize = usize::try_from(len).map_err(|_| io::Error::other("frame too large"))?;
+        if src.len() < 4 + len_usize {
+            return Ok(None);
</code_context>

<issue_to_address>
io::Error::other is not a stable API.

For broader compatibility, use io::Error::new(io::ErrorKind::InvalidData, ...) instead.
</issue_to_address>

### Comment 2
<location> `src/config.rs:11` </location>
<code_context>
+use crate::message::Message;
+
+/// Serialization formats supported by `wireframe`.
+#[non_exhaustive]
+#[derive(Clone, Copy, Debug)]
+pub enum SerializationFormat {
</code_context>

<issue_to_address>
Consider deriving PartialEq and Eq for SerializationFormat.

This will allow easier comparisons in user code and tests, which is standard for configuration enums.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
#[derive(Clone, Copy, Debug)]
=======
#[derive(Clone, Copy, Debug, PartialEq, Eq)]
>>>>>>> REPLACE

</suggested_fix>

### Comment 3
<location> `src/app.rs:112` </location>
<code_context>
         Ok(self)
     }

+    /// Set the frame processor used for encoding and decoding frames.
+    #[must_use]
+    pub fn frame_processor<P>(mut self, processor: P) -> Self
</code_context>

<issue_to_address>
The #[must_use] attribute is placed before the function doc comment; it should be after the doc comment.

Rust convention and the review instruction require that attributes like #[must_use] are placed after the function's doc comment, not before. Please move the attribute below the doc comment for consistency and clarity.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (2)

src/frame.rs (1)

60-62: Use the explicit big-endian helper for clarity

bytes::BufMut::put_u32 is big-endian today, but that’s an implementation detail. put_u32_be makes the intent unambiguous and future-proof.

This was mentioned in a previous review; surfacing again for completeness.

tests/response.rs (1)

22-24: Redundant processor re-creation and extra allocation (same feedback as earlier)

Re-using the existing LengthPrefixedProcessor and decoding directly from out avoids one heap allocation and shortens the test.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 92e4b49 and cf23fc5.

📒 Files selected for processing (6)

• README.md (1 hunks)
• src/app.rs (3 hunks)
• src/config.rs (1 hunks)
• src/frame.rs (2 hunks)
• src/lib.rs (1 hunks)
• tests/response.rs (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

src/frame.rs (2)

Learnt from: leynos
PR: leynos/wireframe#68
File: src/frame.rs:55-60
Timestamp: 2025-06-17T08:01:20.069Z
Learning: The wireframe project targets Rust 2024 edition and does not need to support older toolchains, so modern Rust APIs like `io::Error::other` can be used without compatibility concerns.

Learnt from: leynos
PR: leynos/mxd#137
File: postgres_setup_unpriv/Cargo.toml:4-4
Timestamp: 2025-06-16T23:32:38.317Z
Learning: Rust Edition 2024 is a valid and finalized edition that was officially released as part of Rust 1.85.0 on February 20, 2025. It can be used in Cargo.toml files with `edition = "2024"`.

🔇 Additional comments (3)

src/lib.rs (1)

8-9: Convenient re-export looks good

SerializationFormat is now accessible directly from the crate root, matching the earlier recommendation. This will spare users an extra module hop.

src/config.rs (1)

10-16: Enum is correctly marked #[non_exhaustive] and debuggable

Forward-compatibility and logging concerns are addressed. 👍

tests/response.rs (1)

50-55: std::io::Error::other bumps MSRV – use Error::new instead

std::io::Error::other is only available from Rust 1.71. If your crate’s MSRV is lower (the default Wireframe CI currently asserts 1.65), this will fail to compile. Construct the error via std::io::Error::new to stay MSRV-agnostic.

-        std::task::Poll::Ready(Err(std::io::Error::other("fail")))
+        std::task::Poll::Ready(Err(std::io::Error::new(
+            std::io::ErrorKind::Other,
+            "fail",
+        )))

⛔ Skipped due to learnings

Learnt from: leynos
PR: leynos/wireframe#68
File: src/frame.rs:55-60
Timestamp: 2025-06-17T08:01:20.069Z
Learning: The wireframe project targets Rust 2024 edition and does not need to support older toolchains, so modern Rust APIs like `io::Error::other` can be used without compatibility concerns.

[coderabbitai]

🧹 Nitpick (assertive)

Tiny doc nit: link to the concrete types for quick navigation

Readers will likely want to jump straight to LengthPrefixedProcessor and SerializationFormat definitions. Adding inline markdown links (e.g. [`LengthPrefixedProcessor`]) would improve discoverability without cluttering the text.

🤖 Prompt for AI Agents

In README.md around lines 81 to 88, the references to `LengthPrefixedProcessor`
and `SerializationFormat` are plain text and not clickable links. Update these
mentions to use inline markdown links by enclosing the type names in backticks
and square brackets, like [`LengthPrefixedProcessor`] and
[`SerializationFormat`], to enable quick navigation to their definitions.

[coderabbitai]

🛠️ Refactor suggestion

No upper bound on frame length – potential OOM risk

usize::try_from(len) guards against 32-bit overflow but still allows a peer to request allocation of ~4 GiB. A malicious client could exhaust memory or trigger DoS.

Consider enforcing a sane application-level limit (e.g. MAX_FRAME = 8 * 1024 * 1024) before allocating:

 let len_usize = usize::try_from(len).map_err(|_| io::Error::other("frame too large"))?;
+const MAX_FRAME: usize = 8 * 1024 * 1024; // 8 MiB – tune as appropriate
+if len_usize > MAX_FRAME {
+    return Err(io::Error::new(io::ErrorKind::InvalidData, "frame length too large"));
+}

🤖 Prompt for AI Agents

In src/frame.rs around lines 48 to 51, the code converts the frame length to
usize without an upper bound, risking excessive memory allocation. Introduce a
constant MAX_FRAME (e.g., 8 * 1024 * 1024) and check if len_usize exceeds this
limit before proceeding. If it does, return an appropriate error to prevent
potential OOM or DoS attacks by rejecting frames that are too large.

[coderabbitai]

🧹 Nitpick (assertive)

Consider bubbling the original EncodeError instead of wrapping

io::Error::new(io::ErrorKind::InvalidData, e) preserves the source error via e.into(), but callers must still down-cast to inspect it. A bespoke error enum (AppError { Io(io::Error), Encode(EncodeError) }) or thiserror-based approach would let upstream code match on the precise failure without type erasure.

Not critical for functionality, yet improves diagnosability when serialization fails.

🤖 Prompt for AI Agents

In src/app.rs around lines 139 to 147, instead of wrapping the EncodeError
inside an io::Error, refactor the error handling to define a custom error enum
(e.g., AppError) that includes variants for both io::Error and EncodeError.
Modify the function signature to return this custom error type and propagate the
original EncodeError directly without type erasure. This allows upstream code to
match on specific error variants for better diagnosability.

[sourcery-ai]

Hey @leynos - I've reviewed your changes and found some issues that need to be addressed.

Blocking issues:

• Potential for denial-of-service if len_usize is very large. (link)

General comments:

• Refactor FrameProcessor to use synchronous encode/decode methods (or offer a sync API) since your implementations perform no real async work and an async trait adds unneeded state-machine overhead.
• Change send_response to take &self instead of &mut self by making the frame processor stateless or internally mutable, so you don’t need a mutable borrow just to send a response.
• Consider replacing the SerializationFormat enum with a trait-based serializer (or trait object) so users can plug in custom formats (JSON, CBOR, etc.) without modifying the core enum.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- Refactor FrameProcessor to use synchronous encode/decode methods (or offer a sync API) since your implementations perform no real async work and an async trait adds unneeded state-machine overhead.
- Change send_response to take &self instead of &mut self by making the frame processor stateless or internally mutable, so you don’t need a mutable borrow just to send a response.
- Consider replacing the SerializationFormat enum with a trait-based serializer (or trait object) so users can plug in custom formats (JSON, CBOR, etc.) without modifying the core enum.

## Individual Comments

### Comment 1
<location> `src/frame.rs:48` </location>
<code_context>
+        let mut len_bytes = [0u8; 4];
+        len_bytes.copy_from_slice(&src[..4]);
+        let len = u32::from_be_bytes(len_bytes);
+        let len_usize = usize::try_from(len).map_err(|_| io::Error::other("frame too large"))?;
+        if src.len() < 4 + len_usize {
+            return Ok(None);
</code_context>

<issue_to_address>
io::Error::other is not a stable API.

Use io::Error::new(io::ErrorKind::InvalidData, ...) instead for stable Rust compatibility.
</issue_to_address>

### Comment 2
<location> `src/frame.rs:49` </location>
<code_context>
+        len_bytes.copy_from_slice(&src[..4]);
+        let len = u32::from_be_bytes(len_bytes);
+        let len_usize = usize::try_from(len).map_err(|_| io::Error::other("frame too large"))?;
+        if src.len() < 4 + len_usize {
+            return Ok(None);
+        }
</code_context>

<issue_to_address>
Potential for denial-of-service if len_usize is very large.

A large length prefix could trigger excessive memory allocation. Add a maximum frame size to prevent memory exhaustion.
</issue_to_address>

### Comment 3
<location> `src/app.rs:113` </location>
<code_context>
     }

+    /// Set the frame processor used for encoding and decoding frames.
+    #[must_use]
+    pub fn frame_processor<P>(mut self, processor: P) -> Self
+    where
</code_context>

<issue_to_address>
Function attribute #[must_use] is placed before the doc comment; attributes must come after the doc comment.

Please move the #[must_use] attribute so that it appears after the function's doc comment, as per the review instruction.
</issue_to_address>

### Comment 4
<location> `src/app.rs:113` </location>
<code_context>
     }

+    /// Set the frame processor used for encoding and decoding frames.
+    #[must_use]
+    pub fn frame_processor<P>(mut self, processor: P) -> Self
+    where
</code_context>

<issue_to_address>
Function attribute #[must_use] is placed before the doc comment; attributes must come after the doc comment.

Please move the #[must_use] attribute so that it appears after the function's doc comment, as per the review instruction.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

Hey @leynos - I've reviewed your changes and found some issues that need to be addressed.

Prompt for AI Agents

Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `src/app.rs:143` </location>
<code_context>
+            .serializer
+            .serialize(msg)
+            .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?;
+        let mut framed = BytesMut::with_capacity(4 + bytes.len());
+        self.frame_processor.encode(&bytes, &mut framed).await?;
+        stream.write_all(&framed).await?;
</code_context>

<issue_to_address>
Potential inefficiency in allocating BytesMut for each response.

Repeatedly allocating new buffers can impact performance. Buffer reuse or pooling may help reduce overhead in high-throughput scenarios.
</issue_to_address>

### Comment 2
<location> `src/frame.rs:48` </location>
<code_context>
+        let mut len_bytes = [0u8; 4];
+        len_bytes.copy_from_slice(&src[..4]);
+        let len = u32::from_be_bytes(len_bytes);
+        let len_usize = usize::try_from(len).map_err(|_| io::Error::other("frame too large"))?;
+        if src.len() < 4 + len_usize {
+            return Ok(None);
</code_context>

<issue_to_address>
io::Error::other is not a stable API.

Please use io::Error::new with a stable ErrorKind, such as InvalidData, instead of io::Error::other.
</issue_to_address>

### Comment 3
<location> `src/app.rs:112` </location>
<code_context>
         Ok(self)
     }

+    /// Set the frame processor used for encoding and decoding frames.
+    #[must_use]
+    pub fn frame_processor<P>(mut self, processor: P) -> Self
</code_context>

<issue_to_address>
The #[must_use] attribute is placed before the function doc comment; it should be after.

Rust convention and the review instruction require that function attributes (like #[must_use]) are placed after the function's doc comment, not before. Please move the attribute below the doc comment for consistency.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[leynos]

@sourcery-ai resolve

[leynos]

@sourcery-ai review

[sourcery-ai]

Hey @leynos - I've reviewed your changes and they look great!

Prompt for AI Agents

Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `src/frame.rs:41` </location>
<code_context>
+    fn encode(&self, frame: &Self::Frame, dst: &mut BytesMut) -> Result<(), Self::Error>;
+}
+
+/// Simple length-prefixed framing using big-endian u32 lengths.
+pub struct LengthPrefixedProcessor;
+
</code_context>

<issue_to_address>
Missing module-level item comment (`//!`) for the new module.

Please add a module-level item comment at the top of this file using the `//!` syntax to describe the purpose of the module, as required by the review instructions.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

Hey @leynos - I've reviewed your changes - here's some feedback:

• You have duplicate WireframeApp::new implementations in both the generic impl<S> and the impl WireframeApp<BincodeSerializer> blocks—consolidate them to avoid duplication and potential conflicts.
• The old config::SerializationFormat module is no longer used—consider deprecating or removing it now that the .serializer() API replaces it.
• Several code snippets in the design docs and README have mismatched backticks and extra fences—clean up the Markdown so the examples render correctly.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- You have duplicate `WireframeApp::new` implementations in both the generic `impl<S>` and the `impl WireframeApp<BincodeSerializer>` blocks—consolidate them to avoid duplication and potential conflicts.
- The old `config::SerializationFormat` module is no longer used—consider deprecating or removing it now that the `.serializer()` API replaces it.
- Several code snippets in the design docs and README have mismatched backticks and extra fences—clean up the Markdown so the examples render correctly.

## Individual Comments

### Comment 1
<location> `src/frame.rs:41` </location>
<code_context>
+    fn encode(&self, frame: &Self::Frame, dst: &mut BytesMut) -> Result<(), Self::Error>;
+}
+
+/// Simple length-prefixed framing using big-endian u32 lengths.
+pub struct LengthPrefixedProcessor;
+
</code_context>

<issue_to_address>
Missing module-level item comment (`//!`) at the top of the file.

Please add a `//!` comment at the top of `src/frame.rs` to describe the module, as required by the review instructions.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue (review_instructions): Missing module-level item comment (//!) at the top of the file.

Please add a //! comment at the top of src/frame.rs to describe the module, as required by the review instructions.

Review instructions:

Path patterns: **/*.rs

Instructions:
All modules MUST have a containing item comment (//!)

[sourcery-ai]

Hey @leynos - I've reviewed your changes and found some issues that need to be addressed.

Prompt for AI Agents

Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `src/frame.rs:55` </location>
<code_context>
+        let mut len_bytes = [0u8; 4];
+        len_bytes.copy_from_slice(&src[..4]);
+        let len = u32::from_be_bytes(len_bytes);
+        let len_usize = usize::try_from(len).map_err(|_| io::Error::other("frame too large"))?;
+        if src.len() < 4 + len_usize {
+            return Ok(None);
</code_context>

<issue_to_address>
io::Error::other is not a stable API.

Use io::Error::new(io::ErrorKind::InvalidData, ...) for stable Rust compatibility.
</issue_to_address>

### Comment 2
<location> `src/frame.rs:41` </location>
<code_context>
+    fn encode(&self, frame: &Self::Frame, dst: &mut BytesMut) -> Result<(), Self::Error>;
+}
+
+/// Simple length-prefixed framing using big-endian u32 lengths.
+pub struct LengthPrefixedProcessor;
+
</code_context>

<issue_to_address>
Missing module-level item comment (`//!`) for the new module.

Please add a module-level item comment at the top of this file using the `//!` syntax to describe the purpose of the module, as required by the review instructions.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue: io::Error::other is not a stable API.

Use io::Error::new(io::ErrorKind::InvalidData, ...) for stable Rust compatibility.

[sourcery-ai]

issue (review_instructions): Missing module-level item comment (//!) for the new module.

Please add a module-level item comment at the top of this file using the //! syntax to describe the purpose of the module, as required by the review instructions.

Review instructions:

Path patterns: **/*.rs

Instructions:
All modules MUST have a containing item comment (//!)

[leynos]

@coderabbitai generate docstrings

[coderabbitai]

✅ Actions performed

Docstrings generation started.

[coderabbitai]

Caution

An unexpected error occurred while opening a pull request: Not Found - https://docs.github.com/rest/git/refs#get-a-reference