feat: some optimize

[devhaozi]

📑 Description

Closes goravel/goravel/issues/480
Closes goravel/goravel/issues/481
Closes goravel/goravel/issues/325

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Introduced a benchmarking workflow for Go applications to monitor performance during CI/CD processes.
  • Added a vulnerability check workflow for Go modules to enhance security.
  • Improved session management with a new session pool for efficient reuse of session objects.

• Chores

  • Updated Go module version from 1.21 to 1.22 for improved compatibility and features.

✅ Checks

• Added test cases for my code

[coderabbitai]

Walkthrough

The changes introduce new GitHub Actions workflows for automated vulnerability checks and benchmarking of Go applications. The Go version is updated to 1.22, and significant enhancements are made to the session management in the application. These modifications aim to improve performance monitoring, security checks, and session handling within the CI/CD pipeline.

Changes

Files	Change Summary
.github/workflows/govulncheck.yml	New workflow for automated vulnerability checks on Go modules, scheduled to run every six hours, with steps for fetching code, installing Go, and executing govulncheck.
.github/workflows/benchmark.yml	New workflow for benchmarking Go applications, triggered on master branch pushes and pull requests, with steps for fetching code, running benchmarks, and managing results.
go.mod	Updated Go version from 1.21 to 1.22.
session/manager.go	Major refactor of the Manager struct to include a session pool for efficient session management, updated methods for session handling, and improved error management.

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant GitHub Actions
    participant Go Environment
    participant Vulnerability Check
    participant Benchmark Results
    participant Session Manager

    Developer->>GitHub Actions: Push changes
    GitHub Actions->>Go Environment: Setup Go version
    GitHub Actions->>Vulnerability Check: Run govulncheck
    Vulnerability Check->>GitHub Actions: Return vulnerability results
    GitHub Actions->>Go Environment: Run benchmarks
    Go Environment->>Benchmark Results: Capture benchmark data
    Benchmark Results->>GitHub Actions: Return results
    GitHub Actions->>Session Manager: Manage sessions
    Session Manager->>GitHub Actions: Return session management results
    GitHub Actions->>Developer: Notify results

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Add govulncheck actions to framework workflow (#480)	✅
Bump to go1.23 and deprecate go1.21 (#481)	❌	Updated to Go 1.22 instead of 1.23.
Use nilaway to find out nil error (#325)	❓	No evidence of nilaway integration.

---

Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 4eb0170 and c506389.

Files selected for processing (1)

• session/manager.go (2 hunks)

Files skipped from review as they are similar to previous changes (1)

• session/manager.go

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[codecov]

Codecov Report

Attention: Patch coverage is 72.85714% with 38 lines in your changes missing coverage. Please review.

Project coverage is 69.94%. Comparing base (97abc6b) to head (c506389).
Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
session/manager.go	58.69%	12 Missing and 7 partials ⚠️
session/session.go	40.00%	6 Missing ⚠️
support/docker/postgres.go	20.00%	4 Missing ⚠️
database/console/migrate_creator.go	0.00%	3 Missing ⚠️
database/console/migrate.go	60.00%	1 Missing and 1 partial ⚠️
database/gorm/test_utils.go	95.83%	2 Missing ⚠️
database/gorm/dialector.go	80.00%	1 Missing ⚠️
session/middleware/start_session.go	50.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #622      +/-   ##
==========================================
- Coverage   69.95%   69.94%   -0.02%     
==========================================
  Files         184      184              
  Lines       11267    11296      +29     
==========================================
+ Hits         7882     7901      +19     
- Misses       2815     2818       +3     
- Partials      570      577       +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Actionable comments posted: 1

Outside diff range, codebase verification and nitpick comments (5)

session/middleware/start_session.go (1)

57-59: LGTM!

The code changes are approved.

Consider using a defer statement to release the session.

Instead of explicitly releasing the session at the end of the middleware function, you can use a defer statement to ensure that the session is released even if an error occurs or the function returns early.

Here's an example of how you can use defer:

func StartSession() http.Middleware {
	return func(ctx http.Context) {
		// ...

		// Build session
		s := session.SessionFacade.BuildSession(driver)
		defer session.SessionFacade.(*session.Manager).ReleaseSession(s.(*session.Session))

		// ...
	}
}

This way, you don't need to worry about manually releasing the session at the end of the function.

crypt/aes_test.go (2)

61-73: LGTM! Consider using a larger or variable-sized input.

The benchmark setup and loop look correct. The code changes are approved.

To measure performance more realistically, consider using a larger or variable-sized input string instead of the fixed "Goravel" string.

---

75-91: LGTM! Consider using a larger input and moving payload generation inside the loop.

The benchmark setup and loop look correct. The code changes are approved.

Here are a few suggestions to enhance the benchmark:

1. To measure performance more realistically, consider using a larger or variable-sized input string instead of the fixed "Goravel" string.
2. Move the payload generation inside the loop to measure the performance of both encryption and decryption in each iteration. This will provide a more accurate representation of the real-world usage scenario.

.github/workflows/benchmark.yml (1)

83-97: Consider enabling auto-push for publishing benchmark results.

The workflow publishes benchmark results to GitHub Pages, which is a good practice for tracking performance over time. However, the auto-push option is set to false, which means the results will not be automatically updated on the GitHub Pages site.

To ensure that the published benchmark data remains up-to-date, consider setting auto-push to true:

- auto-push: false
+ auto-push: true

This change will enable the action to automatically push the updated benchmark results to the repository, keeping the GitHub Pages site in sync with the latest data.

hash/application_test.go (1)

150-150: Discrepancy in default configuration value for hashing.bcrypt.rounds.

The test configuration in hash/application_test.go uses a default value of 10 for hashing.bcrypt.rounds, while the actual implementation in hash/bcrypt.go still uses 12. Please verify if the default value in hash/bcrypt.go should be updated to 10 to maintain consistency across the codebase.

• hash/bcrypt.go: Default value is 12.
• hash/application_test.go: Mock configuration returns 10.

Analysis chain

Verify the impact of the configuration change on the rest of the codebase.

The change to the default value of the hashing.bcrypt.rounds configuration from 12 to 10 is a valid change that aligns with the test suite's requirements. However, it's important to ensure that this change is consistent with the rest of the codebase and does not have any unintended consequences.

Run the following script to verify the usage of the hashing.bcrypt.rounds configuration in the codebase:

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the usage of the `hashing.bcrypt.rounds` configuration in the codebase.

# Test: Search for the usage of the `hashing.bcrypt.rounds` configuration. Expect: Only occurrences of the new default value (10).
rg --type go -A 5 $'hashing.bcrypt.rounds'

Length of output: 507

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 961d2a5 and 7dfe6db.

Files ignored due to path filters (2)

• mocks/auth/Auth.go is excluded by !mocks/**
• mocks/session/Manager.go is excluded by !mocks/**

Files selected for processing (19)

• .github/workflows/benchmark.yml (1 hunks)
• .github/workflows/mockery.yml (1 hunks)
• contracts/session/manager.go (1 hunks)
• crypt/aes_test.go (1 hunks)
• go.mod (1 hunks)
• hash/application_test.go (3 hunks)
• hash/bcrypt.go (1 hunks)
• http/middleware/throttle_test.go (1 hunks)
• log/logger/daily.go (2 hunks)
• log/logrus_writer_test.go (2 hunks)
• session/driver/file_test.go (2 hunks)
• session/manager.go (2 hunks)
• session/manager_test.go (3 hunks)
• session/middleware/start_session.go (1 hunks)
• session/middleware/start_session_test.go (1 hunks)
• session/service_provider.go (2 hunks)
• session/session.go (1 hunks)
• translation/file_loader_test.go (2 hunks)
• translation/translator_test.go (1 hunks)

Files skipped from review due to trivial changes (1)

• go.mod

Additional context used

actionlint

.github/workflows/benchmark.yml

41-41: shellcheck reported issue in this script: SC2086:info:2:20: Double quote to prevent globbing and word splitting

(shellcheck)

Additional comments not posted (45)

contracts/session/manager.go (1)

9-9: LGTM!

The change to the Extend method signature is approved for the following reasons:

• It introduces error handling into the method's functionality, allowing it to signal potential issues during the extension of the session manager with a custom driver.
• The adjustment enhances the robustness of the interface by enabling callers to handle errors that may arise when attempting to extend the session manager.
• The change is consistent with the AI-generated summary.

session/service_provider.go (1)

27-30: Verify the impact of removing the GC timer setup on session management and resource cleanup.

The changes streamline the Boot method by eliminating the GC timer setup, which may impact session management and resource cleanup within the application. The removal of the startGcTimer function indicates a shift in how session lifecycle management is handled, potentially leading to uncollected sessions if the GC process is no longer initiated.

Run the following script to verify the impact of the changes:

hash/bcrypt.go (1)

16-16: Approve the change to increase the default number of hashing rounds.

The change to increase the default number of hashing rounds from 10 to 12 is approved.

Increasing the number of hashing rounds enhances security against brute-force attacks by making the hashing function more computationally expensive. This change aligns with the goal of implementing optimizations and improving security within the Goravel framework.

However, it's important to note that increasing the number of hashing rounds may have performance implications due to the increased computational cost. It is recommended to monitor the impact of this change on the overall performance of the system, especially in scenarios with high volumes of password hashing operations.

Consider conducting performance tests and benchmarks to assess the trade-off between security and performance. If the performance impact is significant and unacceptable, you may need to find a balance by adjusting the number of rounds or exploring alternative hashing algorithms that provide a better balance between security and performance.

session/middleware/start_session.go (1)

53-53: LGTM!

The code changes are approved.

log/logger/daily.go (2)

17-17: LGTM!

The code changes are approved.

---

47-47: LGTM!

The code changes are approved.

session/driver/file_test.go (1)

111-128: LGTM!

The benchmarking function is correctly implemented and follows the standard benchmarking practices in Go. It accurately measures the performance of file read and write operations in a controlled benchmark environment. The cleanup operation is also correctly executed after the benchmark operations to ensure a clean state for subsequent tests or benchmarks.

The code changes are approved.

session/manager.go (6)

19-32: LGTM!

The addition of the sessionPool field and its initialization in the NewManager function looks good. Utilizing sync.Pool for efficient session management is a great optimization.

---

39-48: LGTM!

The refactoring of the BuildSession method looks good. Utilizing the AcquireSession method and explicitly setting the session properties improves code clarity. The simplified session ID handling is also a nice touch.

---

71-78: LGTM!

The modifications to the Extend method look good. Returning an error when a driver with the same name already exists is a nice addition for better error handling. Starting the garbage collection timer for the session driver is also a good practice.

---

80-83: LGTM!

The introduction of the AcquireSession method is a great addition. It provides a clean and efficient way to retrieve a session from the pool.

---

85-87: LGTM!

The introduction of the ReleaseSession method is a great addition. It provides a clean way to release a session back to the pool. Resetting the session before releasing it is a good practice.

---

105-122: LGTM!

The introduction of the startGcTimer method is a great addition for resource management. The method is well-structured and handles the case when the interval is zero or negative. Periodically invoking the garbage collection process for the session driver is a good practice.

translation/file_loader_test.go (4)

22-23: LGTM!

The code changes are approved. Refactoring the test suite to use the suite package is a good practice for organizing test code.

---

25-34: LGTM!

The code changes are approved. The SetupSuite method is a good place to set up the test environment and the method is creating test files and setting up the test environment correctly.

---

36-38: LGTM!

The code changes are approved. The TearDownSuite method is a good place to clean up the test environment and the method is removing the test files correctly.

---

105-122: LGTM!

The code changes are approved. The Benchmark_Load function is a good way to measure the performance of the Load method and the function is setting up the test suite, running the benchmark, and then tearing down the suite correctly.

.github/workflows/benchmark.yml (1)

11-15: Appropriate permissions requested.

The workflow requests write permissions for repository contents and pull requests, which aligns with its purpose of updating benchmark data and posting comments.

hash/application_test.go (7)

14-14: LGTM!

The addition of the config field to the ApplicationTestSuite struct is a valid change that allows for better management of configuration settings during tests.

---

19-19: LGTM!

The changes to the TestApplicationTestSuite function are valid. Moving the setup of hashers to the SetupTest method is a better approach as it centralizes the configuration setup, ensuring that it is done consistently before each test.

---

23-28: LGTM!

The changes to the SetupTest method are valid. Initializing s.config and populating the hashers with the appropriate instances of argon2id and bcrypt using the new config field centralizes the configuration setup, ensuring that it is done consistently before each test.

---

30-32: LGTM!

The addition of the TearDownSuite method is a valid change that ensures all expected interactions with the mock configuration are validated after the test suite has run.

---

80-97: LGTM!

The addition of the BenchmarkMakeHash function is a valid change that enhances the test suite by providing performance metrics for the Make function of each hasher.

---

99-119: LGTM!

The addition of the BenchmarkCheckHash function is a valid change that enhances the test suite by providing performance metrics for the Check function of each hasher.

---

121-140: LGTM!

The addition of the BenchmarkNeedsRehash function is a valid change that enhances the test suite by providing performance metrics for the NeedsRehash function of each hasher.

session/manager_test.go (8)

28-35: LGTM!

The changes are approved:

• The receiver name change from m to s improves consistency in naming conventions.
• Retrieving the session.gc_interval configuration ensures that garbage collection intervals are accounted for during tests.

---

37-38: LGTM!

The changes are approved:

• Asserting expectations on the mock configuration in the TearDownSuite method ensures that all expected calls were made.
• This addition strengthens the reliability of the tests by confirming that the mock interactions are as intended.

---

41-78: LGTM!

The changes are approved:

• The receiver name change from m to s improves consistency in naming conventions.
• Retrieving the session.gc_interval configuration ensures that this value is consistently used in the tests.
• The logic remains largely the same, and there are no issues.

---

81-89: LGTM!

The changes are approved:

• The receiver name change from m to s improves consistency in naming conventions.
• Retrieving the session.gc_interval configuration ensures that this value is consistently used in the tests.
• The logic for extending the session manager with a custom driver remains intact, and there are no issues.

---

92-96: LGTM!

The changes are approved:

• The receiver name change from m to s improves consistency in naming conventions.
• The logic remains the same, and there are no issues.

---

99-101: LGTM!

The changes are approved:

• The receiver name change from m to s improves consistency in naming conventions.
• The logic remains the same, and there are no issues.

---

104-106: LGTM!

The changes are approved:

• The receiver name change from m to s improves consistency in naming conventions.
• The logic remains the same, and there are no issues.

---

108-140: LGTM!

The changes are approved:

• The new BenchmarkSession_ReadWrite benchmark provides a standardized approach to performance testing.
• The benchmark setup is correct, and the read/write operations are being tested properly.
• The benchmark teardown is also correct, destroying the session and removing the storage directory.

session/session.go (1)

275-281: LGTM!

The reset method is a useful addition to the Session struct. It correctly resets the state of a Session instance by clearing its fields and reinitializing the attributes map. The method name clearly conveys its purpose and it can be beneficial for scenarios where a session needs to be reinitialized without creating a new instance.

The code changes are approved.

session/middleware/start_session_test.go (1)

46-46: LGTM!

The code change is approved. It enhances the test's coverage by explicitly defining the garbage collection interval for sessions during the test execution.

translation/translator_test.go (3)

450-469: LGTM!

The benchmark function Benchmark_Choice is correctly implemented and follows the standard benchmarking pattern in Go. It measures the performance of the Choice method of the Translator by initializing a new TranslatorTestSuite, setting up the test context, preparing a mock loader to return a specific translation structure, and running the Choice method in a loop for b.N iterations.

---

471-490: LGTM!

The benchmark function Benchmark_Get is correctly implemented and follows the standard benchmarking pattern in Go. It measures the performance of the Get method of the Translator by initializing a new TranslatorTestSuite, setting up the test context, preparing a mock loader to return a specific translation string, and running the Get method in a loop for b.N iterations.

---

492-511: LGTM!

The benchmark function Benchmark_Has is correctly implemented and follows the standard benchmarking pattern in Go. It measures the performance of the Has method of the Translator by initializing a new TranslatorTestSuite, setting up the test context, preparing a mock loader to return a specific translation structure, and running the Has method in a loop for b.N iterations.

http/middleware/throttle_test.go (1)

279-359: LGTM!

The new benchmarking function Benchmark_Throttle is well-structured and covers multiple scenarios to test the performance of the Throttle function. The use of mock objects and expectations helps ensure the correctness of the interactions during the benchmarks.

log/logrus_writer_test.go (6)

433-443: LGTM!

The code changes are approved.

---

445-455: LGTM!

The code changes are approved.

---

457-467: LGTM!

The code changes are approved.

---

469-479: LGTM!

The code changes are approved.

---

481-483: LGTM!

The code changes are approved. The comment provides a valid reason for not implementing the benchmarking function.

---

485-498: LGTM!

The code changes are approved. The defer statement is used correctly to recover from the panic caused by the Panic method.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7dfe6db and a82d4ac.

Files selected for processing (6)

• .github/workflows/benchmark.yml (1 hunks)
• .github/workflows/mockery.yml (1 hunks)
• session/manager.go (2 hunks)
• session/manager_test.go (2 hunks)
• support/file/file_test.go (1 hunks)
• validation/errors_test.go (1 hunks)

Files skipped from review due to trivial changes (2)

• support/file/file_test.go
• validation/errors_test.go

Files skipped from review as they are similar to previous changes (3)

• .github/workflows/mockery.yml
• session/manager.go
• session/manager_test.go

Additional context used

actionlint

.github/workflows/benchmark.yml

39-39: shellcheck reported issue in this script: SC2086:info:2:20: Double quote to prevent globbing and word splitting

(shellcheck)

Additional comments not posted (5)

.github/workflows/benchmark.yml (5)

18-21: LGTM!

The "Fetch Repository" step is correctly configured to fetch the repository with the last commit.

---

23-27: LGTM!

The "Install Go" step is correctly configured to install Go 1.22.x.

---

29-30: LGTM!

The "Run Benchmark" step is correctly configured to run benchmarks and capture the output.

---

37-41: LGTM!

The "Get Main branch SHA" step is correctly retrieving the SHA of the main branch.

The static analysis hint about quoting the SHA variable can be ignored because the SHA does not contain spaces or glob characters that require quoting.

Tools

actionlint

39-39: shellcheck reported issue in this script: SC2086:info:2:20: Double quote to prevent globbing and word splitting

(shellcheck)

---

43-102: LGTM!

The remaining steps are correctly configured to:

• Compare benchmark results with the main branch
• Store benchmark results for the main branch
• Publish benchmark results to GitHub Pages
• Update the benchmark results cache

The steps use appropriate conditions to execute based on the branch and cache hit.

[hwbrzzl]

Many optimizations, Great PR 👍 But it's a bit hard to review, please split it into some small PRs next time.

[devhaozi]

This is a bug fix.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 629010c and cce4247.

Files ignored due to path filters (1)

• mocks/session/Manager.go is excluded by !mocks/**

Files selected for processing (9)

• contracts/session/manager.go (1 hunks)
• go.mod (1 hunks)
• session/manager.go (2 hunks)
• session/manager_test.go (2 hunks)
• session/middleware/start_session.go (1 hunks)
• session/session.go (1 hunks)
• support/docker/postgres.go (2 hunks)
• support/docker/postgres_test.go (2 hunks)
• translation/file_loader_test.go (2 hunks)

Files skipped from review due to trivial changes (2)

• support/docker/postgres.go
• support/docker/postgres_test.go

Files skipped from review as they are similar to previous changes (6)

• go.mod
• session/manager.go
• session/manager_test.go
• session/middleware/start_session.go
• session/session.go
• translation/file_loader_test.go

Additional comments not posted (2)

contracts/session/manager.go (2)

9-9: Approved change to method signature in Extend.

The change from returning a Manager to an error in the Extend method is a good practice in error handling. It simplifies the interface and makes the error states clear to the users of this method.

---

11-11: Good addition with ReleaseSession.

Adding the ReleaseSession method to the Manager interface is a beneficial enhancement for managing session lifecycles and resource cleanup. This method will help in properly releasing sessions back to the pool, which is crucial for effective resource management.

[hwbrzzl]

And we can remove this line:

We also need to change the driver name for goravel/goravel.

[hwbrzzl]

FYI, please pin me when this PR is ready.

[devhaozi]

FYI, please pin me when this PR is ready.

Already prepared.

[hwbrzzl]

Great, almost complete, only two questions.

[hwbrzzl]

Em, if we can‘t check the result, what's the meaning of it?

[devhaozi]

Em, if we can‘t check the result, what's the meaning of it?

Move the test cases previously used for concurrency testing to the benchmark.
And although the results cannot be viewed directly, CI will automatically compare them with previous results.

[hwbrzzl]

CI will automatically compare them with previous results.

Do you mean this?

[devhaozi]

CI will automatically compare them with previous results.

Do you mean this?

Yes, currently no data.

[hwbrzzl]

Perfect 👍 Please remember to create a PR for goravel/goravel.