fix(wasm): clean up download, byte handling and hashing

[akacase]

What kind of change does this PR introduce?

#378

What is the current behavior?

#378

What is the new behavior?

The wasmtime errors were probably because:

• The file was incomplete (partial download)
• The file was corrupted during the save
• The file wasn't properly closed/flushed after writing

These issues might not have appeared until recently because:

• Those servers might have better-behaved HTTP responses
• The download paths might have been more thoroughly tested

The new code is more defensive about:

• Complete downloads
• Proper byte handling
• Atomic file operations
• Error propagation

Additional context

I have added bytes here for a specific reason:

The bytes crate is specifically designed for working with raw binary data
It ensures we don't accidentally corrupt binary data through string conversions or character encoding issues. This is crucial for WASM files, which must maintain exact byte-level integrity. Bytes itself is highly efficient (zero-copy).

Thanks!

[akacase]

fixed logs leaking, we should look into a log framework, where debug level logs can be used and then those paths are not valid in production.

[akacase]

another failure mode is cache permission, this would be more ideal:

   let mut path = std::env::var("PGDATA")
        .map(PathBuf::from)
        .map_err(|_| "PGDATA environment variable not set")?
        .join("extension_cache")
        .join("wasm_fdw");

Three issues I see with the current approach:

• dirs::cache_dir() uses the system's default cache directory
• Could lead to permission problems when Postgres is running as a different user
• Cache poisoning, because files are being stored in a user-writable location rather than a Postgres-controlled directory

[burmecia]

Thanks for the PR! All the improvements look good to me but I am not much in favour of using PGDATA as the cache dir. The PGDATA dir is mainly used by Postgres internally and stored the core files and folders. IMO Wrappers as an extension should not touch the internal Postgres storage, rather it is better to use cache dir outside Postgres core system.

dirs::cache_dir() is not the system's default cache directory, it is specific to current user which is the user running Postgres process. For its documentation,

Platform	Value	Example
Linux	$XDG_CACHE_HOME or $HOME/.cache	/home/alice/.cache
macOS	$HOME/Library/Caches	/Users/Alice/Library/Caches
Windows	{FOLDERID_LocalAppData}	C:\Users\Alice\AppData\Local

So the cache dir is still owned by Postgres, and normally it is not writable by other users.

[akacase]

Thanks for the PR! All the improvements look good to me but I am not much in favour of using PGDATA as the cache dir. The PGDATA dir is mainly used by Postgres internally and stored the core files and folders. IMO Wrappers as an extension should not touch the internal Postgres storage, rather it is better to use cache dir outside Postgres core system.

dirs::cache_dir() is not the system's default cache directory, it is specific to current user which is the user running Postgres process. For its documentation,

Platform Value Example
Linux $XDG_CACHE_HOME or $HOME/.cache /home/alice/.cache
macOS $HOME/Library/Caches /Users/Alice/Library/Caches
Windows {FOLDERID_LocalAppData} C:\Users\Alice\AppData\Local
So the cache dir is still owned by Postgres, and normally it is not writable by other users.

understood, thanks!

[akacase]

I'll hold back on the patch for cache path, but all the commits here I believe are good to go. Let me know if you need anything else.

[burmecia]

@akacase I've made some minor changes on top of your patch, please have a look at your repo and review it. If everything is fine, we will be ready to merge. Thanks.

[akacase]

merged, thanks!