1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
//! Speculative TCP+TLS handshake before the first real request.
//!
//! Cold installs pay one full handshake per distinct origin (~50-150 ms
//! on a 50 ms-RTT path). Issuing a HEAD against each known origin in
//! parallel during manifest parsing overlaps the handshake with the
//! resolver's first packument decision. The HEAD response itself is
//! discarded; the win is the warm pool entry the next real request
//! reuses.
//!
//! `AUBE_DISABLE_SPECULATIVE_TLS=1` skips the prewarm entirely. Wrong
//! registry, network failure, or auth rejection are silently dropped:
//! subsequent real requests take the standard path and surface their
//! own errors.
use Duration;
const PREWARM_TIMEOUT: Duration = from_secs;
/// Returns true when the speculative TLS prewarm is disabled.
/// Spawn a fire-and-forget HEAD against each `(client, url)` pair on
/// the current tokio runtime. Errors trace at debug — handshake
/// failures here predict the real-request failure that follows.
///
/// Each pair carries its own `reqwest::Client` because aube tracks one
/// pool per auth-uri (`http_by_uri`); a single shared client would
/// merge pools for registries with different auth headers.
///
/// No-op when called outside a tokio runtime context. The function
/// lives in `aube-util` and may be reached from sync bootstrap before
/// the runtime is entered; rather than panic in `tokio::spawn` it
/// silently skips so callers don't have to defensively guard.