RustAPI
A Rust API framework designed for AI-first development
Start new thread
Tunay ENGΔ°N

RustAPI – Updates & Changelog (Official Thread)

byβ€’

This thread is the official update & changelog for RustAPI.

All notable changes, improvements, fixes, and new features will be posted here to keep users and contributors up to date.

What you'll find in this thread:

- πŸš€ New features & capabilities

- πŸ› οΈ Bug fixes & internal improvements

- βš™οΈ API / architecture changes

- πŸ§ͺ Experimental features

- πŸ“¦ Releases & version notes

Each update will be posted as a separate comment with:

- Date

- Version (if applicable)

- Short explanation of what changed and why

If you have feedback, questions, or suggestions related to an update, feel free to reply directly under that update.

Thanks for following the project and supporting RustAPI πŸ™Œ

14 views

Add a comment

Replies

Best
Tunay ENGΔ°N

Initial Launch

- Public release of RustAPI

- AI-first Rust API architecture

- Minimal boilerplate compared to Actix/Axum

- Built-in OpenAPI / Swagger support

- Optimized for SSE, MCP & LLM workflows

Tunay ENGΔ°N

0.0.6 - 2026-01-05

πŸŽ‰ Major Release - Three New Crates!

This is our biggest release yet, adding 10,674 lines across 65 files and introducing three complete new crates!

Added

πŸ”Œ WebSocket Support (rustapi-ws crate)

  • Full WebSocket implementation with tokio-tungstenite

  • WebSocket extractor for easy handler integration

  • Message enum (Text, Binary, Ping, Pong, Close)

  • WebSocketUpgrade for manual upgrade control

  • Broadcast system for room-based messaging

  • JSON message serialization/deserialization

  • Graceful error handling and connection management

Tunay ENGΔ°N
# RustAPI v0.1.13 Release Notes πŸš€

**Release Date:** January 19, 2026

---

## πŸ›‘οΈ New Feature: CSRF Protection

RustAPI now includes built-in **Cross-Site Request Forgery (CSRF) protection** using the industry-standard Double-Submit Cookie pattern.

### Quick Start

```rust
use rustapi_rs::prelude::*;
use rustapi_extras::csrf::{CsrfConfig, CsrfLayer, CsrfToken};

#[rustapi_rs::get("/form")]
async fn show_form(token: CsrfToken) -> Html<String> {
    Html(format!(r#"
        <form method="POST" action="/submit">
            <input type="hidden" name="_csrf" value="{}" />
            <button>Submit</button>
        </form>
    "#, token.as_str()))
}

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
    let csrf = CsrfConfig::new()
        .cookie_name("csrf_token")
        .header_name("X-CSRF-Token");

    RustApi::new()
        .layer(CsrfLayer::new(csrf))
        .mount(show_form)
        .run("0.0.0.0:8080")
        .await
}
```

### Features

- βœ… **Double-Submit Cookie Pattern** β€” Industry standard CSRF protection
- βœ… **CsrfToken Extractor** β€” Access tokens in handlers
- βœ… **Configurable** β€” Custom cookie/header names, SameSite policy, secure flags
- βœ… **Frontend Ready** β€” Works with JavaScript/AJAX and HTML forms
- βœ… **Zero Config Defaults** β€” Secure by default

---

## πŸ“š Documentation Updates

- New **CSRF Protection Recipe** in the Cookbook
- Updated **rustapi-extras** documentation with CSRF examples
- Added CSRF to README feature table

---

## πŸ”§ Bug Fixes

- Fixed clippy lint errors in `rustapi-macros`
- Fixed test imports in `rustapi-extras` CSRF module
- Corrected publish order in `smart_publish.ps1` script

---

## πŸ“¦ Installation

```toml
[dependencies]
rustapi-rs = { version = "0.1.13", features = ["csrf"] }
```

Or with all security features:

```toml
rustapi-rs = { version = "0.1.13", features = ["jwt", "cors", "csrf", "rate-limit"] }
```

---

## πŸ”— Links

- [Documentation](https://docs.rs/rustapi-rs)
- [GitHub](https://github.com/Tuntii/RustAPI)
- [Cookbook](https://tuntii.github.io/RustAPI...)

---

**Full Changelog:** [v0.1.12...v0.1.13](https://github.com/Tuntii/RustAP...)