Conflict resolution:
- src/config/load.rs: Merge HEAD's is_safe_include_path (path traversal guard)
with upstream/flow's LoadedConfig, normalize_config_path, hash_rendered_snapshot,
and the new 4-parameter preprocess_includes signature. Update two test call
sites that still used the old 3-arg signature.
- src/config/hot_reload.rs: Take upstream/flow's tokio::spawn-contained watcher
setup (inotify + poll via manifest_state). HEAD's pre-spawn block was broken:
it referenced notify_tx before the channel was created.
Copilot review fixes (already applied in working tree, now committed):
- src/transport/pool.rs: Handle EINTR in is_connection_alive with retry loop
(treating it as alive) instead of a false dead-connection verdict.
- src/transport/middle_proxy/wire.rs: On u32 overflow in extra-block length
encoding, truncate buffer back to the length-field position and write 0 so wire
representation stays self-consistent. Annotate 16 MiB boundary tests with
#[ignore] to avoid OOM on low-memory CI runners.
- src/stream/buffer_pool.rs: Restore fail-fast expect() in Deref/DerefMut (was
silently returning empty buffer after take(), masking use-after-take bugs).
Add MAX_POOL_BUFFER_OVERSIZE_MULT upper bound in return_buffer to prevent
memory amplification from excessively-grown buffers staying in the pool.
Fix contradictory test: oversized_buffer_is_returned_to_pool now grows within
the 4x bound; oversized_buffer_is_dropped_not_pooled (8x growth) now passes.
- src/api/mod.rs: Fix constant_time_eq to iterate over b.len() (expected token
length) rather than min(a.len(), b.len()), closing the timing oracle where an
attacker could influence iteration count by sending a shorter candidate
(OWASP ASVS V6.6.1). Revert ApiRuntimeState and ApiShared to pub(super).
- src/protocol/obfuscation.rs: Replace no-op test_obfuscation_params_is_not_clone
with static_assertions::assert_not_impl_any!(ObfuscationParams: Clone) which
is an actual compile-time enforcement.
- Remove unused imports across multiple modules
- Add #![allow(dead_code)] for public API items preserved for future use
- Add #![allow(deprecated)] for rand::Rng::gen_range usage
- Add #![allow(unused_assignments)] in main.rs
- Add #![allow(unreachable_code)] in network/stun.rs
- Prefix unused variables with underscore (_ip_tracker, _prefer_ipv6)
- Fix unused_must_use warning in tls_front/cache.rs
This ensures clean compilation without warnings while preserving
public API items that may be used in the future.
David Osipov