Reference
Release 1.0.6
Nidus 1.0.6 release notes and performance evidence.
Release 1.0.6
Nidus 1.0.6 is a performance and reliability patch release. Every optimization was landed as an isolated commit with either a Criterion A/B measurement or a structural proof plus test coverage, and the request/response behavior of every touched surface is unchanged.
Dependency Injection
- Constructed singletons now resolve through a lock-free cache instead of
- The container provider map and per-request instance map hash
TypeIdkeys - Measured locally: singleton dependency resolution 11.78 ns -> 3.96 ns.
re-acquiring the provider mutex on every resolution. Failed or panicking factories keep their retry semantics.
with an identity hasher (the same approach http::Extensions uses), removing redundant SipHash work from every resolution.
Request Middleware
- The validated request ID middleware validates inbound IDs against the
- The request context layer returns the inner service future directly instead
- The error envelope layer captures only the request ID instead of cloning the
- Measured locally: production default stack 2.109 us -> 1.962 us (with
borrowed header value, reuses the inbound HeaderValue instead of re-parsing it, and moves the final ID into the request context instead of cloning it.
of boxing it, and trace IDs are extracted from traceparent without an intermediate allocation.
full request context on every request.
metrics: 2.576 us -> 2.400 us).
Metrics
- The in-process Prometheus collector stores requests, errors, and duration
- Rendering writes directly into the output string, borrows clean label values,
- Matched route patterns are carried as shared references instead of being
- Measured locally: record response 126.7 ns -> 81.3 ns, record error 153.5 ns
histograms in one series map keyed by method, route, and status, recording observations with zero label clones. Text exposition output is unchanged and remains covered by byte-level tests.
and uses precomputed histogram bucket labels kept in sync by test.
copied per request.
-> 81.6 ns, render text 30.1 us -> 7.2 us.
Rate Limiting
- The in-memory store prunes expired identity windows at most once per window
- Rate limit response headers are built with infallible integer conversions.
- Measured locally: store check with 10,000 tracked identities 27.54 us ->
duration instead of sweeping every identity on every request. Rate-limit decisions never depended on that sweep; expired windows now linger at most one extra window, which affects only memory and len().
32.4 ns; the single-identity request path is unchanged within noise.
Reliability
- The guard service now moves the inner service that was driven to readiness
- Rate limit header construction no longer has
expectpaths.
into its response future, per the Tower readiness contract, instead of calling a fresh un-polled clone.
Benchmark Coverage
New Criterion rows: nidus middleware rate limit request and nidus rate limit store check with 10k identities. All figures above are single-machine local measurements (aarch64-apple-darwin) captured with the commands in docs/performance.md; rerun them on release hardware before quoting numbers.
Release Boundary
After publishing, verify the public package and documentation state:
bash scripts/verify-published-release.sh 1.0.6