2021-07-12 20:14:39 +00:00
[ package ]
2022-09-30 19:50:55 +00:00
authors = [ "Nathan Sobo <nathan@zed.dev>" ]
2022-04-09 14:30:42 +00:00
default-run = "collab"
2022-01-26 20:50:31 +00:00
edition = "2021"
2022-04-09 14:30:42 +00:00
name = "collab"
2024-02-01 02:10:19 +00:00
version = "0.44.0"
2023-01-18 20:28:02 +00:00
publish = false
2024-01-27 12:51:16 +00:00
license = "AGPL-3.0-or-later"
2024-01-23 16:40:30 +00:00
2024-03-05 17:01:17 +00:00
[ lints ]
workspace = true
2021-09-16 14:23:20 +00:00
[ [ bin ] ]
2022-04-09 14:30:42 +00:00
name = "collab"
2021-09-16 14:23:20 +00:00
2024-03-21 03:00:02 +00:00
[ features ]
sqlite = [ "sea-orm/sqlx-sqlite" , "sqlx/sqlite" ]
test-support = [ "sqlite" ]
2021-09-02 14:05:34 +00:00
2021-07-12 20:14:39 +00:00
[ dependencies ]
2024-03-31 21:57:57 +00:00
anthropic . workspace = true
2023-04-25 00:41:55 +00:00
anyhow . workspace = true
2024-07-29 21:31:36 +00:00
async-stripe . workspace = true
2024-07-23 22:01:05 +00:00
async-tungstenite . workspace = true
2024-02-15 20:53:57 +00:00
aws-config = { version = "1.1.5" }
aws-sdk-s3 = { version = "1.15.0" }
2024-11-15 19:58:00 +00:00
aws-sdk-kinesis = "1.51.0"
2024-03-05 22:11:33 +00:00
axum = { version = "0.6" , features = [ "json" , "headers" , "ws" ] }
axum-extra = { version = "0.4" , features = [ "erased-json" ] }
2024-03-07 03:51:43 +00:00
base64 . workspace = true
2024-01-22 21:11:24 +00:00
chrono . workspace = true
2024-10-02 20:26:48 +00:00
clock . workspace = true
2024-02-06 19:41:36 +00:00
collections . workspace = true
2024-07-26 21:58:37 +00:00
dashmap . workspace = true
2024-10-09 18:22:32 +00:00
derive_more . workspace = true
2021-07-12 20:14:39 +00:00
envy = "0.4.2"
2025-01-10 22:40:54 +00:00
fireworks . workspace = true
2023-04-25 00:41:55 +00:00
futures . workspace = true
2024-03-19 18:22:26 +00:00
google_ai . workspace = true
2024-02-23 16:13:28 +00:00
hex . workspace = true
2024-07-23 22:01:05 +00:00
http_client . workspace = true
2024-08-06 00:26:21 +00:00
jsonwebtoken . workspace = true
2024-12-05 23:06:17 +00:00
livekit_server . workspace = true
2023-04-25 00:41:55 +00:00
log . workspace = true
2024-04-26 02:37:40 +00:00
nanoid . workspace = true
2024-03-19 18:22:26 +00:00
open_ai . workspace = true
2023-04-25 00:41:55 +00:00
parking_lot . workspace = true
2022-06-10 20:32:56 +00:00
prometheus = "0.13"
2023-08-21 19:00:43 +00:00
prost . workspace = true
2023-04-25 00:41:55 +00:00
rand . workspace = true
2024-03-01 20:23:44 +00:00
reqwest = { version = "0.11" , features = [ "json" ] }
2024-10-11 21:58:58 +00:00
reqwest_client . workspace = true
2024-02-06 19:41:36 +00:00
rpc . workspace = true
2024-10-02 20:26:48 +00:00
rustc-demangle . workspace = true
2024-07-25 21:45:24 +00:00
scrypt = "0.11"
Update Rust crate sqlx to 0.8 [SECURITY] (#16791)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [sqlx](https://togithub.com/launchbadge/sqlx) | dev-dependencies |
minor | `0.7` -> `0.8` |
| [sqlx](https://togithub.com/launchbadge/sqlx) | dependencies | minor |
`0.7` -> `0.8` |
### GitHub Vulnerability Alerts
####
[GHSA-xmrp-424f-vfpx](https://togithub.com/launchbadge/sqlx/issues/3440)
The following presentation at this year's DEF CON was brought to our
attention on the SQLx Discord:
> SQL Injection isn't Dead: Smuggling Queries at the Protocol Level
>
<http://web.archive.org/web/20240812130923/https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn't%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf>
> (Archive link for posterity.)
Essentially, encoding a value larger than 4GiB can cause the length
prefix in the protocol to overflow,
causing the server to interpret the rest of the string as binary
protocol commands or other data.
It appears SQLx _does_ perform truncating casts in a way that could be
problematic,
for example:
<https://github.com/launchbadge/sqlx/blob/6f2905695b9606b5f51b40ce10af63ac9e696bb8/sqlx-postgres/src/arguments.rs#L163>
This code has existed essentially since the beginning,
so it is reasonable to assume that all published versions `<= 0.8.0` are
affected.
## Mitigation
As always, you should make sure your application is validating
untrustworthy user input.
Reject any input over 4 GiB, or any input that could _encode_ to a
string longer than 4 GiB.
Dynamically built queries are also potentially problematic if it pushes
the message size over this 4 GiB bound.
[`Encode::size_hint()`](https://docs.rs/sqlx/latest/sqlx/trait.Encode.html#method.size_hint)
can be used for sanity checks, but do not assume that the size returned
is accurate.
For example, the `Json<T>` and `Text<T>` adapters have no reasonable way
to predict or estimate the final encoded size,
so they just return `size_of::<T>()` instead.
For web application backends, consider adding some middleware that
limits the size of request bodies by default.
## Resolution
Work has started on a branch to add `#[deny]` directives for the
following Clippy lints:
*
[`cast_possible_truncation`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_truncation)
*
[`cast_possible_wrap`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_wrap)
*
[`cast_sign_loss`](https://rust-lang.github.io/rust-clippy/master/#/cast_sign_loss)
and to manually audit the code that they flag.
A fix is expected to be included in the `0.8.1` release (still WIP as of
writing).
---
### Release Notes
<details>
<summary>launchbadge/sqlx (sqlx)</summary>
###
[`v0.8.1`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#081---2024-08-23)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.8.0...v0.8.1)
16 pull requests were merged this release cycle.
This release contains a fix for [RUSTSEC-2024-0363].
Postgres users are advised to upgrade ASAP as a possible exploit has
been demonstrated:
[#​3440
(comment)](https://togithub.com/launchbadge/sqlx/issues/3440#issuecomment-2307956901)
MySQL and SQLite do not *appear* to be exploitable, but upgrading is
recommended nonetheless.
##### Added
- \[[#​3421]]: correct spelling of
`MySqlConnectOptions::no_engine_substitution()`
\[\[[@​kolinfluence](https://togithub.com/kolinfluence)]]
- Deprecates `MySqlConnectOptions::no_engine_subsitution()` (oops) in
favor of the correctly spelled version.
##### Changed
- \[[#​3376]]: doc: hide `spec_error` module
\[\[[@​abonander](https://togithub.com/abonander)]]
- This is a helper module for the macros and was not meant to be
exposed.
- It is not expected to receive any breaking changes for the 0.8.x
release, but is not designed as a public API.
Use at your own risk.
- \[[#​3382]]: feat: bumped to `libsqlite3-sys=0.30.1` to support
sqlite 3.46
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3385]]: chore(examples):Migrated the pg-chat example to
ratatui
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3399]]: Upgrade to rustls 0.23
\[\[[@​djc](https://togithub.com/djc)]]
- RusTLS now has pluggable cryptography providers: `ring` (the existing
implementation),
and `aws-lc-rs` which has optional FIPS certification.
- The existing features activating RusTLS (`runtime-tokio-rustls`,
`runtime-async-std-rustls`, `tls-rustls`)
enable the `ring` provider of RusTLS to match the existing behavior so
this *should not* be a breaking change.
- Switch to the `tls-rustls-aws-lc-rs` feature to use the `aws-lc-rs`
provider.
- If using `runtime-tokio-rustls` or `runtime-async-std-rustls`,
this will necessitate switching to the appropriate non-legacy runtime
feature:
`runtime-tokio` or `runtime-async-std`
- See the RusTLS README for more details:
<https://github.com/rustls/rustls?tab=readme-ov-file#cryptography-providers>
##### Fixed
- \[[#​2786]]: fix(sqlx-cli): do not clean sqlx during prepare
\[\[[@​cycraig](https://togithub.com/cycraig)]]
- \[[#​3354]]: sqlite: fix inconsistent read-after-write
\[\[[@​ckampfe](https://togithub.com/ckampfe)]]
- \[[#​3371]]: Fix encoding and decoding of MySQL enums in
`sqlx::Type` \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​3374]]: fix: usage of `node12` in `SQLx` action
\[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3380]]: chore: replace structopt with clap in examples
\[\[[@​tottoto](https://togithub.com/tottoto)]]
- \[[#​3381]]: Fix CI after Rust 1.80, remove dead feature
references \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3384]]: chore(tests): fixed deprecation warnings
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3386]]: fix(dependencys):bumped cargo_metadata to `v0.18.1`
to avoid yanked `v0.14.3`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3389]]: fix(cli): typo in error for required DB URL
\[\[[@​ods](https://togithub.com/ods)]]
- \[[#​3417]]: Update version to 0.8 in README
\[\[[@​soucosmo](https://togithub.com/soucosmo)]]
- \[[#​3441]]: fix: audit protocol handling
\[\[[@​abonander](https://togithub.com/abonander)]]
- This addresses [RUSTSEC-2024-0363] and includes regression tests for
MySQL, Postgres and SQLite.
[#​2786]: https://togithub.com/launchbadge/sqlx/pull/2786
[#​3354]: https://togithub.com/launchbadge/sqlx/pull/3354
[#​3371]: https://togithub.com/launchbadge/sqlx/pull/3371
[#​3374]: https://togithub.com/launchbadge/sqlx/pull/3374
[#​3376]: https://togithub.com/launchbadge/sqlx/pull/3376
[#​3380]: https://togithub.com/launchbadge/sqlx/pull/3380
[#​3381]: https://togithub.com/launchbadge/sqlx/pull/3381
[#​3382]: https://togithub.com/launchbadge/sqlx/pull/3382
[#​3384]: https://togithub.com/launchbadge/sqlx/pull/3384
[#​3385]: https://togithub.com/launchbadge/sqlx/pull/3385
[#​3386]: https://togithub.com/launchbadge/sqlx/pull/3386
[#​3389]: https://togithub.com/launchbadge/sqlx/pull/3389
[#​3399]: https://togithub.com/launchbadge/sqlx/pull/3399
[#​3417]: https://togithub.com/launchbadge/sqlx/pull/3417
[#​3421]: https://togithub.com/launchbadge/sqlx/pull/3421
[#​3441]: https://togithub.com/launchbadge/sqlx/pull/3441
[RUSTSEC-2024-0363]:
https://rustsec.org/advisories/RUSTSEC-2024-0363.html
###
[`v0.8.0`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#080---2024-07-22)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.4...v0.8.0)
70 pull requests were merged this release cycle.
[#​2697] was merged the same day as release 0.7.4 and so was
missed by the automatic CHANGELOG generation.
##### Breaking
- \[[#​2697]]: fix(macros): only enable chrono when time is
disabled
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2973]]: Generic Associated Types in Database, replacing
HasValueRef, HasArguments, HasStatement
\[\[[@​nitn3lav](https://togithub.com/nitn3lav)]]
- \[[#​2482]]: chore: bump syn to 2.0
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- Deprecated type ascription syntax in the query macros was removed.
- \[[#​2736]]: Fix describe on PostgreSQL views with rules
\[\[[@​tsing](https://togithub.com/tsing)]]
- Potentially breaking: nullability inference changes for Postgres.
- \[[#​2869]]: Implement PgHasArrayType for all references
\[\[[@​tylerhawkes](https://togithub.com/tylerhawkes)]]
- Conflicts with existing manual implementations.
- \[[#​2940]]: fix: Decode and Encode derives
([#​1031](https://togithub.com/launchbadge/sqlx/issues/1031))
\[\[[@​benluelo](https://togithub.com/benluelo)]]
- Changes lifetime obligations for field types.
- \[[#​3064]]: Sqlite explain graph
\[\[[@​tyrelr](https://togithub.com/tyrelr)]]
- Potentially breaking: nullability inference changes for SQLite.
- \[[#​3123]]: Reorder attrs in sqlx::test macro
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- Potentially breaking: attributes on `#[sqlx::test]` usages are applied
in the correct order now.
- \[[#​3126]]: Make Encode return a result
\[\[[@​FSMaxB](https://togithub.com/FSMaxB)]]
- \[[#​3130]]: Add version information for failed cli migration
([#​3129](https://togithub.com/launchbadge/sqlx/issues/3129))
\[\[[@​FlakM](https://togithub.com/FlakM)]]
- Breaking changes to `MigrateError`.
- \[[#​3181]]: feat: no tx migration
\[\[[@​cleverjam](https://togithub.com/cleverjam)]]
- (Postgres only) migrations that should not run in a transaction can be
flagged by adding `-- no-transaction` to the beginning.
- Breaking change: added field to `Migration`
- \[[#​3184]]: \[BREAKING} fix(sqlite): always use `i64` as
intermediate when decoding
\[\[[@​abonander](https://togithub.com/abonander)]]
- integer decoding will now loudly error on overflow instead of silently
truncating.
- some usages of the query!() macros might change an i32 to an i64.
- \[[#​3252]]: fix `#[derive(sqlx::Type)]` in Postgres
\[\[[@​abonander](https://togithub.com/abonander)]]
- Manual implementations of PgHasArrayType for enums will conflict with
the generated one. Delete the manual impl or add `#[sqlx(no_pg_array)]`
where conflicts occur.
- Type equality for PgTypeInfo is now schema-aware.
- \[[#​3329]]: fix: correct handling of arrays of custom types in
Postgres \[\[[@​abonander](https://togithub.com/abonander)]]
- Potential breaking change: `PgTypeInfo::with_name()` infers types that
start with `_` to be arrays of the un-prefixed type. Wrap type names in
quotes to bypass this behavior.
- \[[#​3356]]: breaking: fix name collision in `FromRow`, return
`Error::ColumnDecode` for `TryFrom` errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- Breaking behavior change: errors with `#[sqlx(try_from = "T")]` now
return `Error::ColumnDecode` instead of `Error::ColumnNotFound`.
- Breaking because `#[sqlx(default)]` on an individual field or the
struct itself would have previously suppressed the error.
This doesn't seem like good behavior as it could result in some
potentially very difficult bugs.
- Instead, create a wrapper implementing `From` and apply the default
explicitly.
- \[[#​3337]]: allow rename with rename_all (close
[#​2896](https://togithub.com/launchbadge/sqlx/issues/2896))
\[\[[@​DirectorX](https://togithub.com/DirectorX)]]
- Changes the precedence of `#[sqlx(rename)]` and `#[sqlx(rename_all)]`
to match the expected behavior (`rename` wins).
- \[[#​3285]]: fix: use correct names for sslmode options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- Changes the output of `ConnectOptions::to_url_lossy()` to match what
parsing expects.
##### Added
- \[[#​2917]]: Add Debug impl for PgRow
\[\[[@​g-bartoszek](https://togithub.com/g-bartoszek)]]
- \[[#​3113]]: feat: new derive feature flag
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​3154]]: feat: add `MySqlTime`, audit `mysql::types` for
panics \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3188]]: feat(cube): support postgres cube
\[\[[@​jayy-lmao](https://togithub.com/jayy-lmao)]]
- \[[#​3244]]: feat: support `NonZero*` scalar types
\[\[[@​AlphaKeks](https://togithub.com/AlphaKeks)]]
- \[[#​3260]]: feat: Add set_update_hook on SqliteConnection
\[\[[@​gridbox](https://togithub.com/gridbox)]]
- \[[#​3291]]: feat: support the Postgres Bool type for the Any
driver \[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3293]]: Add LICENSE-\* files to crates
\[\[[@​LecrisUT](https://togithub.com/LecrisUT)]]
- \[[#​3303]]: add array support for NonZeroI\* in postgres
\[\[[@​JohannesIBK](https://togithub.com/JohannesIBK)]]
- \[[#​3311]]: Add example on how to use Transaction as Executor
\[\[[@​Lachstec](https://togithub.com/Lachstec)]]
- \[[#​3343]]: Add support for PostgreSQL HSTORE data type
\[\[[@​KobusEllis](https://togithub.com/KobusEllis)]]
##### Changed
- \[[#​2652]]: MySQL: Remove collation compatibility check for
strings \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​2960]]: Removed `Send` trait bound from argument binding
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- \[[#​2970]]: refactor: lift type mappings into driver crates
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3148]]: Bump libsqlite3-sys to v0.28
\[\[[@​NfNitLoop](https://togithub.com/NfNitLoop)]]
- Note: version bumps to `libsqlite3-sys` are not considered breaking
changes as per our semver guarantees.
- \[[#​3265]]: perf: box `MySqlConnection` to reduce sizes of
futures
\[\[[@​stepantubanov](https://togithub.com/stepantubanov)]]
- \[[#​3352]]: chore:added a testcase for `sqlx migrate add ...`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3340]]: ci: Add job to check that sqlx builds with its
declared minimum dependencies
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
##### Fixed
- \[[#​2702]]: Constrain cyclic associated types to themselves
\[\[[@​BadBastion](https://togithub.com/BadBastion)]]
- \[[#​2954]]: Fix several inter doc links
\[\[[@​ralpha](https://togithub.com/ralpha)]]
- \[[#​3073]]: feat(logging): Log slow acquires from connection
pool \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3137]]: SqliteConnectOptions::filename() memory fix
([#​3136](https://togithub.com/launchbadge/sqlx/issues/3136))
\[\[[@​hoxxep](https://togithub.com/hoxxep)]]
- \[[#​3138]]: PostgreSQL Bugfix: Ensure connection is usable
after failed COPY inside a transaction
\[\[[@​feikesteenbergen](https://togithub.com/feikesteenbergen)]]
- \[[#​3146]]: fix(sqlite): delete unused `ConnectionHandleRaw`
type \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3162]]: Drop urlencoding dependency
\[\[[@​paolobarbolini](https://togithub.com/paolobarbolini)]]
- \[[#​3165]]: Bump deps that do not need code changes
\[\[[@​GnomedDev](https://togithub.com/GnomedDev)]]
- \[[#​3167]]: fix(ci): use `docker compose` instead of
`docker-compose`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3172]]: fix: Option decoding in any driver
\[\[[@​pxp9](https://togithub.com/pxp9)]]
- \[[#​3173]]: fix(postgres) : int type conversion while decoding
\[\[[@​RaghavRox](https://togithub.com/RaghavRox)]]
- \[[#​3190]]: Update time to 0.3.36
\[\[[@​BlackSoulHub](https://togithub.com/BlackSoulHub)]]
- \[[#​3191]]: Fix unclean TLS shutdown
\[\[[@​levkk](https://togithub.com/levkk)]]
- \[[#​3194]]: Fix leaking connections in fetch_optional
([#​2647](https://togithub.com/launchbadge/sqlx/issues/2647))
\[\[[@​danjpgriffin](https://togithub.com/danjpgriffin)]]
- \[[#​3216]]: security: bump rustls to 0.21.11
\[\[[@​toxeus](https://togithub.com/toxeus)]]
- \[[#​3230]]: fix: sqlite pragma order for auto_vacuum
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3233]]: fix: get_filename should not consume self
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3234]]: fix(ci): pin Rust version, ditch unmaintained
actions \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3236]]: fix: resolve `path` ownership problems when using
`sqlx_macros_unstable`
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​3254]]: fix: hide `sqlx_postgres::any`
\[\[[@​Zarathustra2](https://togithub.com/Zarathustra2)]]
- \[[#​3266]]: ci: MariaDB - add back 11.4 and add 11.5
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3267]]: ci: syntax fix
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3271]]: docs(sqlite): fix typo - unixtime() -> unixepoch()
\[\[[@​joelkoen](https://togithub.com/joelkoen)]]
- \[[#​3276]]: Invert boolean for `migrate` error message.
([#​3275](https://togithub.com/launchbadge/sqlx/issues/3275))
\[\[[@​nk9](https://togithub.com/nk9)]]
- \[[#​3279]]: fix Clippy errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3288]]: fix: sqlite update_hook char types
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3297]]: Pass the `persistent` query setting when preparing
queries with the `Any` driver
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3298]]: Track null arguments in order to provide the
appropriate type when converting them.
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3312]]: doc: Minor rust docs fixes
\[\[[@​SrGesus](https://togithub.com/SrGesus)]]
- \[[#​3327]]: chore: fixed one usage of `select_input_type!()`
being unhygenic
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3328]]: fix(ci): comment not separated from other
characters \[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3341]]: refactor: Resolve cargo check warnings in postgres
examples \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3346]]: fix(postgres): don't panic if `M` or `C` Notice
fields are not UTF-8
\[\[[@​YgorSouza](https://togithub.com/YgorSouza)]]
- \[[#​3350]]: fix:the `json`-feature should activate
`sqlx-postgres?/json` as well
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3353]]: fix: build script new line at eof
\[\[[@​Zarthus](https://togithub.com/Zarthus)]]
- (no PR): activate `clock` and `std` features of
`workspace.dependencies.chrono`.
[#​2482]: https://togithub.com/launchbadge/sqlx/pull/2482
[#​2652]: https://togithub.com/launchbadge/sqlx/pull/2652
[#​2697]: https://togithub.com/launchbadge/sqlx/pull/2697
[#​2702]: https://togithub.com/launchbadge/sqlx/pull/2702
[#​2736]: https://togithub.com/launchbadge/sqlx/pull/2736
[#​2869]: https://togithub.com/launchbadge/sqlx/pull/2869
[#​2917]: https://togithub.com/launchbadge/sqlx/pull/2917
[#​2940]: https://togithub.com/launchbadge/sqlx/pull/2940
[#​2954]: https://togithub.com/launchbadge/sqlx/pull/2954
[#​2960]: https://togithub.com/launchbadge/sqlx/pull/2960
[#​2970]: https://togithub.com/launchbadge/sqlx/pull/2970
[#​2973]: https://togithub.com/launchbadge/sqlx/pull/2973
[#​3064]: https://togithub.com/launchbadge/sqlx/pull/3064
[#​3073]: https://togithub.com/launchbadge/sqlx/pull/3073
[#​3113]: https://togithub.com/launchbadge/sqlx/pull/3113
[#​3123]: https://togithub.com/launchbadge/sqlx/pull/3123
[#​3126]: https://togithub.com/launchbadge/sqlx/pull/3126
[#​3130]: https://togithub.com/launchbadge/sqlx/pull/3130
[#​3137]: https://togithub.com/launchbadge/sqlx/pull/3137
[#​3138]: https://togithub.com/launchbadge/sqlx/pull/3138
[#​3146]: https://togithub.com/launchbadge/sqlx/pull/3146
[#​3148]: https://togithub.com/launchbadge/sqlx/pull/3148
[#​3154]: https://togithub.com/launchbadge/sqlx/pull/3154
[#​3162]: https://togithub.com/launchbadge/sqlx/pull/3162
[#​3165]: https://togithub.com/launchbadge/sqlx/pull/3165
[#​3167]: https://togithub.com/launchbadge/sqlx/pull/3167
[#​3172]: https://togithub.com/launchbadge/sqlx/pull/3172
[#​3173]: https://togithub.com/launchbadge/sqlx/pull/3173
[#​3181]: https://togithub.com/launchbadge/sqlx/pull/3181
[#​3184]: https://togithub.com/launchbadge/sqlx/pull/3184
[#​3188]: https://togithub.com/launchbadge/sqlx/pull/3188
[#​3190]: https://togithub.com/launchbadge/sqlx/pull/3190
[#​3191]: https://togithub.com/launchbadge/sqlx/pull/3191
[#​3194]: https://togithub.com/launchbadge/sqlx/pull/3194
[#​3216]: https://togithub.com/launchbadge/sqlx/pull/3216
[#​3230]: https://togithub.com/launchbadge/sqlx/pull/3230
[#​3233]: https://togithub.com/launchbadge/sqlx/pull/3233
[#​3234]: https://togithub.com/launchbadge/sqlx/pull/3234
[#​3236]: https://togithub.com/launchbadge/sqlx/pull/3236
[#​3244]: https://togithub.com/launchbadge/sqlx/pull/3244
[#​3252]: https://togithub.com/launchbadge/sqlx/pull/3252
[#​3254]: https://togithub.com/launchbadge/sqlx/pull/3254
[#​3260]: https://togithub.com/launchbadge/sqlx/pull/3260
[#​3265]: https://togithub.com/launchbadge/sqlx/pull/3265
[#​3266]: https://togithub.com/launchbadge/sqlx/pull/3266
[#​3267]: https://togithub.com/launchbadge/sqlx/pull/3267
[#​3271]: https://togithub.com/launchbadge/sqlx/pull/3271
[#​3276]: https://togithub.com/launchbadge/sqlx/pull/3276
[#​3279]: https://togithub.com/launchbadge/sqlx/pull/3279
[#​3285]: https://togithub.com/launchbadge/sqlx/pull/3285
[#​3288]: https://togithub.com/launchbadge/sqlx/pull/3288
[#​3291]: https://togithub.com/launchbadge/sqlx/pull/3291
[#​3293]: https://togithub.com/launchbadge/sqlx/pull/3293
[#​3297]: https://togithub.com/launchbadge/sqlx/pull/3297
[#​3298]: https://togithub.com/launchbadge/sqlx/pull/3298
[#​3303]: https://togithub.com/launchbadge/sqlx/pull/3303
[#​3311]: https://togithub.com/launchbadge/sqlx/pull/3311
[#​3312]: https://togithub.com/launchbadge/sqlx/pull/3312
[#​3327]: https://togithub.com/launchbadge/sqlx/pull/3327
[#​3328]: https://togithub.com/launchbadge/sqlx/pull/3328
[#​3329]: https://togithub.com/launchbadge/sqlx/pull/3329
[#​3337]: https://togithub.com/launchbadge/sqlx/pull/3337
[#​3340]: https://togithub.com/launchbadge/sqlx/pull/3340
[#​3341]: https://togithub.com/launchbadge/sqlx/pull/3341
[#​3343]: https://togithub.com/launchbadge/sqlx/pull/3343
[#​3346]: https://togithub.com/launchbadge/sqlx/pull/3346
[#​3350]: https://togithub.com/launchbadge/sqlx/pull/3350
[#​3352]: https://togithub.com/launchbadge/sqlx/pull/3352
[#​3353]: https://togithub.com/launchbadge/sqlx/pull/3353
[#​3356]: https://togithub.com/launchbadge/sqlx/pull/3356
###
[`v0.7.4`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#074---2024-03-11)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.3...v0.7.4)
38 pull requests were merged this release cycle.
This is officially the **last** release of the 0.7.x release cycle.
As of this release, development of 0.8.0 has begun on `main` and only
high-priority bugfixes may be backported.
##### Added
- \[[#​2891]]: feat: expose getters for connect options fields
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2902]]: feat: add `to_url_lossy` to connect options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​2927]]: Support `query!` for cargo-free systems
\[\[[@​kshramt](https://togithub.com/kshramt)]]
- \[[#​2997]]: doc(FAQ): add entry explaining prepared statements
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3001]]: Update README to clarify MariaDB support
\[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3004]]: feat(logging): Add numeric elapsed time field
elapsed_secs \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3007]]: feat: add `raw_sql` API
\[\[[@​abonander](https://togithub.com/abonander)]]
- This hopefully makes it easier to find how to execute statements which
are not supported by the default
prepared statement interfaces `query*()` and `query!()`.
- Improved documentation across the board for the `query*()` functions.
- Deprecated: `execute_many()` and `fetch_many()` on interfaces that use
prepared statements.
- Multiple SQL statements in one query string were only supported by
SQLite because its prepared statement
interface is the *only* way to execute SQL. All other database flavors
forbid multiple statements in
one prepared statement string as an extra defense against SQL injection.
- The new `raw_sql` API retains this functionality because it explicitly
does *not* use prepared statements.
Raw or text-mode query interfaces generally allow multiple statements in
one query string, and this is
supported by all current databases. Due to their nature, however, one
cannot use bind parameters with them.
- If this change affects you, an issue is open for discussion:
[https://github.com/launchbadge/sqlx/issues/3108](https://togithub.com/launchbadge/sqlx/issues/3108)
- \[[#​3011]]: Added support to IpAddr with MySQL/MariaDB.
\[\[[@​Icerath](https://togithub.com/Icerath)]]
- \[[#​3013]]: Add default implementation for PgInterval
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3018]]: Add default implementation for PgMoney
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3026]]: Update docs to reflect support for MariaDB data
types \[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3037]]: feat(mysql): allow to connect with mysql driver
without default behavor
\[\[[@​darkecho731](https://togithub.com/darkecho731)]]
##### Changed
- \[[#​2900]]: Show latest url to docs for macro.migrate
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2914]]: Use `create_new` instead of `atomic-file-write`
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2926]]: docs: update example for `PgConnectOptions`
\[\[[@​Fyko](https://togithub.com/Fyko)]]
- \[[#​2989]]: sqlx-core: Remove dotenvy dependency
\[\[[@​joshtriplett](https://togithub.com/joshtriplett)]]
- \[[#​2996]]: chore: Update ahash to 0.8.7
\[\[[@​takenoko-gohan](https://togithub.com/takenoko-gohan)]]
- \[[#​3006]]: chore(deps): Replace unmaintained tempdir crate
with tempfile \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3008]]: chore: Ignore .sqlx folder created by running ci
steps locally \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3009]]: chore(dev-deps): Upgrade env_logger from 0.9 to
0.11 \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3010]]: chore(deps): Upgrade criterion to 0.5.1
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3050]]: Optimize SASL auth in sqlx-postgres
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3055]]: Set TCP_NODELAY option on TCP sockets
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3065]]: Improve max_lifetime handling
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3072]]: Change the name of "inner" function generated by
`#[sqlx::test]` \[\[[@​ciffelia](https://togithub.com/ciffelia)]]
- \[[#​3083]]: Remove sha1 because it's not being used in postgres
\[\[[@​rafaelGuerreiro](https://togithub.com/rafaelGuerreiro)]]
##### Fixed
- \[[#​2898]]: Fixed docs
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2905]]: fix(mysql): Close prepared statement if persistence
is disabled
\[\[[@​larsschumacher](https://togithub.com/larsschumacher)]]
- \[[#​2913]]: Fix handling of deferred constraints
\[\[[@​Thomasdezeeuw](https://togithub.com/Thomasdezeeuw)]]
- \[[#​2919]]: fix duplicate "\`" in FromRow "default" attribute
doc comment \[\[[@​shengsheng](https://togithub.com/shengsheng)]]
- \[[#​2932]]: fix(postgres): avoid unnecessary flush in
PgCopyIn::read_from \[\[[@​tsing](https://togithub.com/tsing)]]
- \[[#​2955]]: Minor fixes
\[\[[@​Dawsoncodes](https://togithub.com/Dawsoncodes)]]
- \[[#​2963]]: Fixed ReadMe badge styling
\[\[[@​tadghh](https://togithub.com/tadghh)]]
- \[[#​2976]]: fix: AnyRow not support PgType::Varchar
\[\[[@​holicc](https://togithub.com/holicc)]]
- \[[#​3053]]: fix: do not panic when binding a large BigDecimal
\[\[[@​Ekleog](https://togithub.com/Ekleog)]]
- \[[#​3056]]: fix: spans in sqlite tracing
([#​2876](https://togithub.com/launchbadge/sqlx/issues/2876))
\[\[[@​zoomiti](https://togithub.com/zoomiti)]]
- \[[#​3089]]: fix(migrate): improve error message when parsing
version from filename
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3098]]: Migrations fixes
\[\[[@​abonander](https://togithub.com/abonander)]]
- Unhides `sqlx::migrate::Migrator`.
- Improves I/O error message when failing to read a file in
`migrate!()`.
[#​2891]: https://togithub.com/launchbadge/sqlx/pull/2891
[#​2898]: https://togithub.com/launchbadge/sqlx/pull/2898
[#​2900]: https://togithub.com/launchbadge/sqlx/pull/2900
[#​2902]: https://togithub.com/launchbadge/sqlx/pull/2902
[#​2905]: https://togithub.com/launchbadge/sqlx/pull/2905
[#​2913]: https://togithub.com/launchbadge/sqlx/pull/2913
[#​2914]: https://togithub.com/launchbadge/sqlx/pull/2914
[#​2919]: https://togithub.com/launchbadge/sqlx/pull/2919
[#​2926]: https://togithub.com/launchbadge/sqlx/pull/2926
[#​2927]: https://togithub.com/launchbadge/sqlx/pull/2927
[#​2932]: https://togithub.com/launchbadge/sqlx/pull/2932
[#​2955]: https://togithub.com/launchbadge/sqlx/pull/2955
[#​2963]: https://togithub.com/launchbadge/sqlx/pull/2963
[#​2976]: https://togithub.com/launchbadge/sqlx/pull/2976
[#​2989]: https://togithub.com/launchbadge/sqlx/pull/2989
[#​2996]: https://togithub.com/launchbadge/sqlx/pull/2996
[#​2997]: https://togithub.com/launchbadge/sqlx/pull/2997
[#​3001]: https://togithub.com/launchbadge/sqlx/pull/3001
[#​3004]: https://togithub.com/launchbadge/sqlx/pull/3004
[#​3006]: https://togithub.com/launchbadge/sqlx/pull/3006
[#​3007]: https://togithub.com/launchbadge/sqlx/pull/3007
[#​3008]: https://togithub.com/launchbadge/sqlx/pull/3008
[#​3009]: https://togithub.com/launchbadge/sqlx/pull/3009
[#​3010]: https://togithub.com/launchbadge/sqlx/pull/3010
[#​3011]: https://togithub.com/launchbadge/sqlx/pull/3011
[#​3013]: https://togithub.com/launchbadge/sqlx/pull/3013
[#​3018]: https://togithub.com/launchbadge/sqlx/pull/3018
[#​3026]: https://togithub.com/launchbadge/sqlx/pull/3026
[#​3037]: https://togithub.com/launchbadge/sqlx/pull/3037
[#​3050]: https://togithub.com/launchbadge/sqlx/pull/3050
[#​3053]: https://togithub.com/launchbadge/sqlx/pull/3053
[#​3055]: https://togithub.com/launchbadge/sqlx/pull/3055
[#​3056]: https://togithub.com/launchbadge/sqlx/pull/3056
[#​3065]: https://togithub.com/launchbadge/sqlx/pull/3065
[#​3072]: https://togithub.com/launchbadge/sqlx/pull/3072
[#​3083]: https://togithub.com/launchbadge/sqlx/pull/3083
[#​3089]: https://togithub.com/launchbadge/sqlx/pull/3089
[#​3098]: https://togithub.com/launchbadge/sqlx/pull/3098
###
[`v0.7.3`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#073---2023-11-22)
38 pull requests were merged this release cycle.
##### Added
- \[[#​2478]]: feat(citext): support postgres citext
\[\[[@​hgranthorner](https://togithub.com/hgranthorner)]]
- \[[#​2545]]: Add `fixtures_path` in sqlx::test args
\[\[[@​ripa1995](https://togithub.com/ripa1995)]]
- \[[#​2665]]: feat(mysql): support packet splitting
\[\[[@​tk2217](https://togithub.com/tk2217)]]
- \[[#​2752]]: Enhancement
[#​2747](https://togithub.com/launchbadge/sqlx/issues/2747)
Provide `fn PgConnectOptions::get_host(&self)`
\[\[[@​boris-lok](https://togithub.com/boris-lok)]]
- \[[#​2769]]: Customize the macro error message based on the
metadata \[\[[@​Nemo157](https://togithub.com/Nemo157)]]
- \[[#​2793]]: derived Hash trait for PgInterval
\[\[[@​yasamoka](https://togithub.com/yasamoka)]]
- \[[#​2801]]: derive FromRow: sqlx(default) for all fields
\[\[[@​grgi](https://togithub.com/grgi)]]
- \[[#​2827]]: Add impl `FromRow` for the unit type
\[\[[@​nanoqsh](https://togithub.com/nanoqsh)]]
- \[[#​2871]]: Add `MySqlConnectOptions::get_database()`
\[\[[@​shiftrightonce](https://togithub.com/shiftrightonce)]]
- \[[#​2873]]: Sqlx Cli: Added force flag to drop database for
postgres \[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2894]]: feat: `Text` adapter
\[\[[@​abonander](https://togithub.com/abonander)]]
##### Changed
- \[[#​2701]]: Remove documentation on offline feature
\[\[[@​Baptistemontan](https://togithub.com/Baptistemontan)]]
- \[[#​2713]]: Add additional info regarding using Transaction and
PoolConnection as…
\[\[[@​satwanjyu](https://togithub.com/satwanjyu)]]
- \[[#​2770]]: Update README.md
\[\[[@​snspinn](https://togithub.com/snspinn)]]
- \[[#​2797]]: doc(mysql): document behavior regarding `BOOLEAN`
and the query macros
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2803]]: Don't use separate temp dir for query jsons (2)
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2819]]: postgres begin cancel safe
\[\[[@​conradludgate](https://togithub.com/conradludgate)]]
- \[[#​2832]]: Update extra_float_digits default to 2 instead of 3
\[\[[@​brianheineman](https://togithub.com/brianheineman)]]
- \[[#​2865]]: Update Faq - Bulk upsert with optional fields
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2880]]: feat: use specific message for slow query logs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2882]]: Do not require db url for prepare
\[\[[@​tamasfe](https://togithub.com/tamasfe)]]
- \[[#​2890]]: doc(sqlite): cover lack of `NUMERIC` support
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[No PR]: Upgraded `libsqlite3-sys` to 0.27.0
- Note: linkage to `libsqlite3-sys` is considered semver-exempt;
see the release notes for 0.7.0 below for details.
##### Fixed
- \[[#​2640]]: fix: sqlx::macro db cleanup race condition by
adding a margin to current timestamp
\[\[[@​fhsgoncalves](https://togithub.com/fhsgoncalves)]]
- \[[#​2655]]: \[fix] Urlencode when passing filenames to sqlite3
\[\[[@​uttarayan21](https://togithub.com/uttarayan21)]]
- \[[#​2684]]: Make PgListener recover from UnexpectedEof
\[\[[@​hamiltop](https://togithub.com/hamiltop)]]
- \[[#​2688]]: fix: Make rust_decimal and bigdecimal decoding more
lenient \[\[[@​cameronbraid](https://togithub.com/cameronbraid)]]
- \[[#​2754]]: Is tests/x.py maintained? And I tried fix it.
\[\[[@​qwerty2501](https://togithub.com/qwerty2501)]]
- \[[#​2784]]: fix: decode postgres time without subsecond
\[\[[@​granddaifuku](https://togithub.com/granddaifuku)]]
- \[[#​2806]]: Depend on version of async-std with non-private
spawn-blocking \[\[[@​A248](https://togithub.com/A248)]]
- \[[#​2820]]: fix: correct decoding of `rust_decimal::Decimal`
for high-precision values
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2822]]: issue
[#​2821](https://togithub.com/launchbadge/sqlx/issues/2821) Update
error handling logic when opening a TCP connection
\[\[[@​anupj](https://togithub.com/anupj)]]
- \[[#​2826]]: chore: bump some sqlx-core dependencies
\[\[[@​djc](https://togithub.com/djc)]]
- \[[#​2838]]: Fixes rust_decimal scale for Postgres
\[\[[@​jkleinknox](https://togithub.com/jkleinknox)]]
- \[[#​2847]]: Fix comment in `sqlx migrate add` help text
\[\[[@​cryeprecision](https://togithub.com/cryeprecision)]]
- \[[#​2850]]: fix(core): avoid unncessary wakeups in
`try_stream!()`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2856]]: Prevent warnings running `cargo build`
\[\[[@​nyurik](https://togithub.com/nyurik)]]
- \[[#​2864]]: fix(sqlite): use `AtomicUsize` for thread IDs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2892]]: Fixed force dropping bug
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
[#​2478]: https://togithub.com/launchbadge/sqlx/pull/2478
[#​2545]: https://togithub.com/launchbadge/sqlx/pull/2545
[#​2640]: https://togithub.com/launchbadge/sqlx/pull/2640
[#​2655]: https://togithub.com/launchbadge/sqlx/pull/2655
[#​2665]: https://togithub.com/launchbadge/sqlx/pull/2665
[#​2684]: https://togithub.com/launchbadge/sqlx/pull/2684
[#​2688]: https://togithub.com/launchbadge/sqlx/pull/2688
[#​2701]: https://togithub.com/launchbadge/sqlx/pull/2701
[#​2713]: https://togithub.com/launchbadge/sqlx/pull/2713
[#​2752]: https://togithub.com/launchbadge/sqlx/pull/2752
[#​2754]: https://togithub.com/launchbadge/sqlx/pull/2754
[#​2769]: https://togithub.com/launchbadge/sqlx/pull/2769
[#​2770]: https://togithub.com/launchbadge/sqlx/pull/2770
[#​2782]: https://togithub.com/launchbadge/sqlx/pull/2782
[#​2784]: https://togithub.com/launchbadge/sqlx/pull/2784
[#​2793]: https://togithub.com/launchbadge/sqlx/pull/2793
[#​2797]: https://togithub.com/launchbadge/sqlx/pull/2797
[#​2801]: https://togithub.com/launchbadge/sqlx/pull/2801
[#​2803]: https://togithub.com/launchbadge/sqlx/pull/2803
[#​2806]: https://togithub.com/launchbadge/sqlx/pull/2806
[#​2819]: https://togithub.com/launchbadge/sqlx/pull/2819
[#​2820]: https://togithub.com/launchbadge/sqlx/pull/2820
[#​2822]: https://togithub.com/launchbadge/sqlx/pull/2822
[#​2826]: https://togithub.com/launchbadge/sqlx/pull/2826
[#​2827]: https://togithub.com/launchbadge/sqlx/pull/2827
[#​2832]: https://togithub.com/launchbadge/sqlx/pull/2832
[#​2838]: https://togithub.com/launchbadge/sqlx/pull/2838
[#​2847]: https://togithub.com/launchbadge/sqlx/pull/2847
[#​2850]: https://togithub.com/launchbadge/sqlx/pull/2850
[#​2856]: https://togithub.com/launchbadge/sqlx/pull/2856
[#​2864]: https://togithub.com/launchbadge/sqlx/pull/2864
[#​2865]: https://togithub.com/launchbadge/sqlx/pull/2865
[#​2871]: https://togithub.com/launchbadge/sqlx/pull/2871
[#​2873]: https://togithub.com/launchbadge/sqlx/pull/2873
[#​2880]: https://togithub.com/launchbadge/sqlx/pull/2880
[#​2882]: https://togithub.com/launchbadge/sqlx/pull/2882
[#​2890]: https://togithub.com/launchbadge/sqlx/pull/2890
[#​2892]: https://togithub.com/launchbadge/sqlx/pull/2892
[#​2894]: https://togithub.com/launchbadge/sqlx/pull/2894
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Mikayla <mikayla@zed.dev>
2024-08-29 04:08:15 +00:00
sea-orm = { version = "1.1.0-rc.1" , features = [ "sqlx-postgres" , "postgres-array" , "runtime-tokio-rustls" , "with-uuid" ] }
2024-03-29 16:11:57 +00:00
semantic_version . workspace = true
2024-02-15 20:53:57 +00:00
semver . workspace = true
2023-04-25 00:41:55 +00:00
serde . workspace = true
serde_derive . workspace = true
serde_json . workspace = true
2024-02-23 16:13:28 +00:00
sha2 . workspace = true
Update Rust crate sqlx to 0.8 [SECURITY] (#16791)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [sqlx](https://togithub.com/launchbadge/sqlx) | dev-dependencies |
minor | `0.7` -> `0.8` |
| [sqlx](https://togithub.com/launchbadge/sqlx) | dependencies | minor |
`0.7` -> `0.8` |
### GitHub Vulnerability Alerts
####
[GHSA-xmrp-424f-vfpx](https://togithub.com/launchbadge/sqlx/issues/3440)
The following presentation at this year's DEF CON was brought to our
attention on the SQLx Discord:
> SQL Injection isn't Dead: Smuggling Queries at the Protocol Level
>
<http://web.archive.org/web/20240812130923/https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn't%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf>
> (Archive link for posterity.)
Essentially, encoding a value larger than 4GiB can cause the length
prefix in the protocol to overflow,
causing the server to interpret the rest of the string as binary
protocol commands or other data.
It appears SQLx _does_ perform truncating casts in a way that could be
problematic,
for example:
<https://github.com/launchbadge/sqlx/blob/6f2905695b9606b5f51b40ce10af63ac9e696bb8/sqlx-postgres/src/arguments.rs#L163>
This code has existed essentially since the beginning,
so it is reasonable to assume that all published versions `<= 0.8.0` are
affected.
## Mitigation
As always, you should make sure your application is validating
untrustworthy user input.
Reject any input over 4 GiB, or any input that could _encode_ to a
string longer than 4 GiB.
Dynamically built queries are also potentially problematic if it pushes
the message size over this 4 GiB bound.
[`Encode::size_hint()`](https://docs.rs/sqlx/latest/sqlx/trait.Encode.html#method.size_hint)
can be used for sanity checks, but do not assume that the size returned
is accurate.
For example, the `Json<T>` and `Text<T>` adapters have no reasonable way
to predict or estimate the final encoded size,
so they just return `size_of::<T>()` instead.
For web application backends, consider adding some middleware that
limits the size of request bodies by default.
## Resolution
Work has started on a branch to add `#[deny]` directives for the
following Clippy lints:
*
[`cast_possible_truncation`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_truncation)
*
[`cast_possible_wrap`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_wrap)
*
[`cast_sign_loss`](https://rust-lang.github.io/rust-clippy/master/#/cast_sign_loss)
and to manually audit the code that they flag.
A fix is expected to be included in the `0.8.1` release (still WIP as of
writing).
---
### Release Notes
<details>
<summary>launchbadge/sqlx (sqlx)</summary>
###
[`v0.8.1`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#081---2024-08-23)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.8.0...v0.8.1)
16 pull requests were merged this release cycle.
This release contains a fix for [RUSTSEC-2024-0363].
Postgres users are advised to upgrade ASAP as a possible exploit has
been demonstrated:
[#​3440
(comment)](https://togithub.com/launchbadge/sqlx/issues/3440#issuecomment-2307956901)
MySQL and SQLite do not *appear* to be exploitable, but upgrading is
recommended nonetheless.
##### Added
- \[[#​3421]]: correct spelling of
`MySqlConnectOptions::no_engine_substitution()`
\[\[[@​kolinfluence](https://togithub.com/kolinfluence)]]
- Deprecates `MySqlConnectOptions::no_engine_subsitution()` (oops) in
favor of the correctly spelled version.
##### Changed
- \[[#​3376]]: doc: hide `spec_error` module
\[\[[@​abonander](https://togithub.com/abonander)]]
- This is a helper module for the macros and was not meant to be
exposed.
- It is not expected to receive any breaking changes for the 0.8.x
release, but is not designed as a public API.
Use at your own risk.
- \[[#​3382]]: feat: bumped to `libsqlite3-sys=0.30.1` to support
sqlite 3.46
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3385]]: chore(examples):Migrated the pg-chat example to
ratatui
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3399]]: Upgrade to rustls 0.23
\[\[[@​djc](https://togithub.com/djc)]]
- RusTLS now has pluggable cryptography providers: `ring` (the existing
implementation),
and `aws-lc-rs` which has optional FIPS certification.
- The existing features activating RusTLS (`runtime-tokio-rustls`,
`runtime-async-std-rustls`, `tls-rustls`)
enable the `ring` provider of RusTLS to match the existing behavior so
this *should not* be a breaking change.
- Switch to the `tls-rustls-aws-lc-rs` feature to use the `aws-lc-rs`
provider.
- If using `runtime-tokio-rustls` or `runtime-async-std-rustls`,
this will necessitate switching to the appropriate non-legacy runtime
feature:
`runtime-tokio` or `runtime-async-std`
- See the RusTLS README for more details:
<https://github.com/rustls/rustls?tab=readme-ov-file#cryptography-providers>
##### Fixed
- \[[#​2786]]: fix(sqlx-cli): do not clean sqlx during prepare
\[\[[@​cycraig](https://togithub.com/cycraig)]]
- \[[#​3354]]: sqlite: fix inconsistent read-after-write
\[\[[@​ckampfe](https://togithub.com/ckampfe)]]
- \[[#​3371]]: Fix encoding and decoding of MySQL enums in
`sqlx::Type` \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​3374]]: fix: usage of `node12` in `SQLx` action
\[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3380]]: chore: replace structopt with clap in examples
\[\[[@​tottoto](https://togithub.com/tottoto)]]
- \[[#​3381]]: Fix CI after Rust 1.80, remove dead feature
references \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3384]]: chore(tests): fixed deprecation warnings
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3386]]: fix(dependencys):bumped cargo_metadata to `v0.18.1`
to avoid yanked `v0.14.3`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3389]]: fix(cli): typo in error for required DB URL
\[\[[@​ods](https://togithub.com/ods)]]
- \[[#​3417]]: Update version to 0.8 in README
\[\[[@​soucosmo](https://togithub.com/soucosmo)]]
- \[[#​3441]]: fix: audit protocol handling
\[\[[@​abonander](https://togithub.com/abonander)]]
- This addresses [RUSTSEC-2024-0363] and includes regression tests for
MySQL, Postgres and SQLite.
[#​2786]: https://togithub.com/launchbadge/sqlx/pull/2786
[#​3354]: https://togithub.com/launchbadge/sqlx/pull/3354
[#​3371]: https://togithub.com/launchbadge/sqlx/pull/3371
[#​3374]: https://togithub.com/launchbadge/sqlx/pull/3374
[#​3376]: https://togithub.com/launchbadge/sqlx/pull/3376
[#​3380]: https://togithub.com/launchbadge/sqlx/pull/3380
[#​3381]: https://togithub.com/launchbadge/sqlx/pull/3381
[#​3382]: https://togithub.com/launchbadge/sqlx/pull/3382
[#​3384]: https://togithub.com/launchbadge/sqlx/pull/3384
[#​3385]: https://togithub.com/launchbadge/sqlx/pull/3385
[#​3386]: https://togithub.com/launchbadge/sqlx/pull/3386
[#​3389]: https://togithub.com/launchbadge/sqlx/pull/3389
[#​3399]: https://togithub.com/launchbadge/sqlx/pull/3399
[#​3417]: https://togithub.com/launchbadge/sqlx/pull/3417
[#​3421]: https://togithub.com/launchbadge/sqlx/pull/3421
[#​3441]: https://togithub.com/launchbadge/sqlx/pull/3441
[RUSTSEC-2024-0363]:
https://rustsec.org/advisories/RUSTSEC-2024-0363.html
###
[`v0.8.0`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#080---2024-07-22)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.4...v0.8.0)
70 pull requests were merged this release cycle.
[#​2697] was merged the same day as release 0.7.4 and so was
missed by the automatic CHANGELOG generation.
##### Breaking
- \[[#​2697]]: fix(macros): only enable chrono when time is
disabled
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2973]]: Generic Associated Types in Database, replacing
HasValueRef, HasArguments, HasStatement
\[\[[@​nitn3lav](https://togithub.com/nitn3lav)]]
- \[[#​2482]]: chore: bump syn to 2.0
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- Deprecated type ascription syntax in the query macros was removed.
- \[[#​2736]]: Fix describe on PostgreSQL views with rules
\[\[[@​tsing](https://togithub.com/tsing)]]
- Potentially breaking: nullability inference changes for Postgres.
- \[[#​2869]]: Implement PgHasArrayType for all references
\[\[[@​tylerhawkes](https://togithub.com/tylerhawkes)]]
- Conflicts with existing manual implementations.
- \[[#​2940]]: fix: Decode and Encode derives
([#​1031](https://togithub.com/launchbadge/sqlx/issues/1031))
\[\[[@​benluelo](https://togithub.com/benluelo)]]
- Changes lifetime obligations for field types.
- \[[#​3064]]: Sqlite explain graph
\[\[[@​tyrelr](https://togithub.com/tyrelr)]]
- Potentially breaking: nullability inference changes for SQLite.
- \[[#​3123]]: Reorder attrs in sqlx::test macro
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- Potentially breaking: attributes on `#[sqlx::test]` usages are applied
in the correct order now.
- \[[#​3126]]: Make Encode return a result
\[\[[@​FSMaxB](https://togithub.com/FSMaxB)]]
- \[[#​3130]]: Add version information for failed cli migration
([#​3129](https://togithub.com/launchbadge/sqlx/issues/3129))
\[\[[@​FlakM](https://togithub.com/FlakM)]]
- Breaking changes to `MigrateError`.
- \[[#​3181]]: feat: no tx migration
\[\[[@​cleverjam](https://togithub.com/cleverjam)]]
- (Postgres only) migrations that should not run in a transaction can be
flagged by adding `-- no-transaction` to the beginning.
- Breaking change: added field to `Migration`
- \[[#​3184]]: \[BREAKING} fix(sqlite): always use `i64` as
intermediate when decoding
\[\[[@​abonander](https://togithub.com/abonander)]]
- integer decoding will now loudly error on overflow instead of silently
truncating.
- some usages of the query!() macros might change an i32 to an i64.
- \[[#​3252]]: fix `#[derive(sqlx::Type)]` in Postgres
\[\[[@​abonander](https://togithub.com/abonander)]]
- Manual implementations of PgHasArrayType for enums will conflict with
the generated one. Delete the manual impl or add `#[sqlx(no_pg_array)]`
where conflicts occur.
- Type equality for PgTypeInfo is now schema-aware.
- \[[#​3329]]: fix: correct handling of arrays of custom types in
Postgres \[\[[@​abonander](https://togithub.com/abonander)]]
- Potential breaking change: `PgTypeInfo::with_name()` infers types that
start with `_` to be arrays of the un-prefixed type. Wrap type names in
quotes to bypass this behavior.
- \[[#​3356]]: breaking: fix name collision in `FromRow`, return
`Error::ColumnDecode` for `TryFrom` errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- Breaking behavior change: errors with `#[sqlx(try_from = "T")]` now
return `Error::ColumnDecode` instead of `Error::ColumnNotFound`.
- Breaking because `#[sqlx(default)]` on an individual field or the
struct itself would have previously suppressed the error.
This doesn't seem like good behavior as it could result in some
potentially very difficult bugs.
- Instead, create a wrapper implementing `From` and apply the default
explicitly.
- \[[#​3337]]: allow rename with rename_all (close
[#​2896](https://togithub.com/launchbadge/sqlx/issues/2896))
\[\[[@​DirectorX](https://togithub.com/DirectorX)]]
- Changes the precedence of `#[sqlx(rename)]` and `#[sqlx(rename_all)]`
to match the expected behavior (`rename` wins).
- \[[#​3285]]: fix: use correct names for sslmode options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- Changes the output of `ConnectOptions::to_url_lossy()` to match what
parsing expects.
##### Added
- \[[#​2917]]: Add Debug impl for PgRow
\[\[[@​g-bartoszek](https://togithub.com/g-bartoszek)]]
- \[[#​3113]]: feat: new derive feature flag
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​3154]]: feat: add `MySqlTime`, audit `mysql::types` for
panics \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3188]]: feat(cube): support postgres cube
\[\[[@​jayy-lmao](https://togithub.com/jayy-lmao)]]
- \[[#​3244]]: feat: support `NonZero*` scalar types
\[\[[@​AlphaKeks](https://togithub.com/AlphaKeks)]]
- \[[#​3260]]: feat: Add set_update_hook on SqliteConnection
\[\[[@​gridbox](https://togithub.com/gridbox)]]
- \[[#​3291]]: feat: support the Postgres Bool type for the Any
driver \[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3293]]: Add LICENSE-\* files to crates
\[\[[@​LecrisUT](https://togithub.com/LecrisUT)]]
- \[[#​3303]]: add array support for NonZeroI\* in postgres
\[\[[@​JohannesIBK](https://togithub.com/JohannesIBK)]]
- \[[#​3311]]: Add example on how to use Transaction as Executor
\[\[[@​Lachstec](https://togithub.com/Lachstec)]]
- \[[#​3343]]: Add support for PostgreSQL HSTORE data type
\[\[[@​KobusEllis](https://togithub.com/KobusEllis)]]
##### Changed
- \[[#​2652]]: MySQL: Remove collation compatibility check for
strings \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​2960]]: Removed `Send` trait bound from argument binding
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- \[[#​2970]]: refactor: lift type mappings into driver crates
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3148]]: Bump libsqlite3-sys to v0.28
\[\[[@​NfNitLoop](https://togithub.com/NfNitLoop)]]
- Note: version bumps to `libsqlite3-sys` are not considered breaking
changes as per our semver guarantees.
- \[[#​3265]]: perf: box `MySqlConnection` to reduce sizes of
futures
\[\[[@​stepantubanov](https://togithub.com/stepantubanov)]]
- \[[#​3352]]: chore:added a testcase for `sqlx migrate add ...`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3340]]: ci: Add job to check that sqlx builds with its
declared minimum dependencies
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
##### Fixed
- \[[#​2702]]: Constrain cyclic associated types to themselves
\[\[[@​BadBastion](https://togithub.com/BadBastion)]]
- \[[#​2954]]: Fix several inter doc links
\[\[[@​ralpha](https://togithub.com/ralpha)]]
- \[[#​3073]]: feat(logging): Log slow acquires from connection
pool \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3137]]: SqliteConnectOptions::filename() memory fix
([#​3136](https://togithub.com/launchbadge/sqlx/issues/3136))
\[\[[@​hoxxep](https://togithub.com/hoxxep)]]
- \[[#​3138]]: PostgreSQL Bugfix: Ensure connection is usable
after failed COPY inside a transaction
\[\[[@​feikesteenbergen](https://togithub.com/feikesteenbergen)]]
- \[[#​3146]]: fix(sqlite): delete unused `ConnectionHandleRaw`
type \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3162]]: Drop urlencoding dependency
\[\[[@​paolobarbolini](https://togithub.com/paolobarbolini)]]
- \[[#​3165]]: Bump deps that do not need code changes
\[\[[@​GnomedDev](https://togithub.com/GnomedDev)]]
- \[[#​3167]]: fix(ci): use `docker compose` instead of
`docker-compose`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3172]]: fix: Option decoding in any driver
\[\[[@​pxp9](https://togithub.com/pxp9)]]
- \[[#​3173]]: fix(postgres) : int type conversion while decoding
\[\[[@​RaghavRox](https://togithub.com/RaghavRox)]]
- \[[#​3190]]: Update time to 0.3.36
\[\[[@​BlackSoulHub](https://togithub.com/BlackSoulHub)]]
- \[[#​3191]]: Fix unclean TLS shutdown
\[\[[@​levkk](https://togithub.com/levkk)]]
- \[[#​3194]]: Fix leaking connections in fetch_optional
([#​2647](https://togithub.com/launchbadge/sqlx/issues/2647))
\[\[[@​danjpgriffin](https://togithub.com/danjpgriffin)]]
- \[[#​3216]]: security: bump rustls to 0.21.11
\[\[[@​toxeus](https://togithub.com/toxeus)]]
- \[[#​3230]]: fix: sqlite pragma order for auto_vacuum
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3233]]: fix: get_filename should not consume self
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3234]]: fix(ci): pin Rust version, ditch unmaintained
actions \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3236]]: fix: resolve `path` ownership problems when using
`sqlx_macros_unstable`
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​3254]]: fix: hide `sqlx_postgres::any`
\[\[[@​Zarathustra2](https://togithub.com/Zarathustra2)]]
- \[[#​3266]]: ci: MariaDB - add back 11.4 and add 11.5
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3267]]: ci: syntax fix
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3271]]: docs(sqlite): fix typo - unixtime() -> unixepoch()
\[\[[@​joelkoen](https://togithub.com/joelkoen)]]
- \[[#​3276]]: Invert boolean for `migrate` error message.
([#​3275](https://togithub.com/launchbadge/sqlx/issues/3275))
\[\[[@​nk9](https://togithub.com/nk9)]]
- \[[#​3279]]: fix Clippy errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3288]]: fix: sqlite update_hook char types
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3297]]: Pass the `persistent` query setting when preparing
queries with the `Any` driver
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3298]]: Track null arguments in order to provide the
appropriate type when converting them.
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3312]]: doc: Minor rust docs fixes
\[\[[@​SrGesus](https://togithub.com/SrGesus)]]
- \[[#​3327]]: chore: fixed one usage of `select_input_type!()`
being unhygenic
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3328]]: fix(ci): comment not separated from other
characters \[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3341]]: refactor: Resolve cargo check warnings in postgres
examples \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3346]]: fix(postgres): don't panic if `M` or `C` Notice
fields are not UTF-8
\[\[[@​YgorSouza](https://togithub.com/YgorSouza)]]
- \[[#​3350]]: fix:the `json`-feature should activate
`sqlx-postgres?/json` as well
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3353]]: fix: build script new line at eof
\[\[[@​Zarthus](https://togithub.com/Zarthus)]]
- (no PR): activate `clock` and `std` features of
`workspace.dependencies.chrono`.
[#​2482]: https://togithub.com/launchbadge/sqlx/pull/2482
[#​2652]: https://togithub.com/launchbadge/sqlx/pull/2652
[#​2697]: https://togithub.com/launchbadge/sqlx/pull/2697
[#​2702]: https://togithub.com/launchbadge/sqlx/pull/2702
[#​2736]: https://togithub.com/launchbadge/sqlx/pull/2736
[#​2869]: https://togithub.com/launchbadge/sqlx/pull/2869
[#​2917]: https://togithub.com/launchbadge/sqlx/pull/2917
[#​2940]: https://togithub.com/launchbadge/sqlx/pull/2940
[#​2954]: https://togithub.com/launchbadge/sqlx/pull/2954
[#​2960]: https://togithub.com/launchbadge/sqlx/pull/2960
[#​2970]: https://togithub.com/launchbadge/sqlx/pull/2970
[#​2973]: https://togithub.com/launchbadge/sqlx/pull/2973
[#​3064]: https://togithub.com/launchbadge/sqlx/pull/3064
[#​3073]: https://togithub.com/launchbadge/sqlx/pull/3073
[#​3113]: https://togithub.com/launchbadge/sqlx/pull/3113
[#​3123]: https://togithub.com/launchbadge/sqlx/pull/3123
[#​3126]: https://togithub.com/launchbadge/sqlx/pull/3126
[#​3130]: https://togithub.com/launchbadge/sqlx/pull/3130
[#​3137]: https://togithub.com/launchbadge/sqlx/pull/3137
[#​3138]: https://togithub.com/launchbadge/sqlx/pull/3138
[#​3146]: https://togithub.com/launchbadge/sqlx/pull/3146
[#​3148]: https://togithub.com/launchbadge/sqlx/pull/3148
[#​3154]: https://togithub.com/launchbadge/sqlx/pull/3154
[#​3162]: https://togithub.com/launchbadge/sqlx/pull/3162
[#​3165]: https://togithub.com/launchbadge/sqlx/pull/3165
[#​3167]: https://togithub.com/launchbadge/sqlx/pull/3167
[#​3172]: https://togithub.com/launchbadge/sqlx/pull/3172
[#​3173]: https://togithub.com/launchbadge/sqlx/pull/3173
[#​3181]: https://togithub.com/launchbadge/sqlx/pull/3181
[#​3184]: https://togithub.com/launchbadge/sqlx/pull/3184
[#​3188]: https://togithub.com/launchbadge/sqlx/pull/3188
[#​3190]: https://togithub.com/launchbadge/sqlx/pull/3190
[#​3191]: https://togithub.com/launchbadge/sqlx/pull/3191
[#​3194]: https://togithub.com/launchbadge/sqlx/pull/3194
[#​3216]: https://togithub.com/launchbadge/sqlx/pull/3216
[#​3230]: https://togithub.com/launchbadge/sqlx/pull/3230
[#​3233]: https://togithub.com/launchbadge/sqlx/pull/3233
[#​3234]: https://togithub.com/launchbadge/sqlx/pull/3234
[#​3236]: https://togithub.com/launchbadge/sqlx/pull/3236
[#​3244]: https://togithub.com/launchbadge/sqlx/pull/3244
[#​3252]: https://togithub.com/launchbadge/sqlx/pull/3252
[#​3254]: https://togithub.com/launchbadge/sqlx/pull/3254
[#​3260]: https://togithub.com/launchbadge/sqlx/pull/3260
[#​3265]: https://togithub.com/launchbadge/sqlx/pull/3265
[#​3266]: https://togithub.com/launchbadge/sqlx/pull/3266
[#​3267]: https://togithub.com/launchbadge/sqlx/pull/3267
[#​3271]: https://togithub.com/launchbadge/sqlx/pull/3271
[#​3276]: https://togithub.com/launchbadge/sqlx/pull/3276
[#​3279]: https://togithub.com/launchbadge/sqlx/pull/3279
[#​3285]: https://togithub.com/launchbadge/sqlx/pull/3285
[#​3288]: https://togithub.com/launchbadge/sqlx/pull/3288
[#​3291]: https://togithub.com/launchbadge/sqlx/pull/3291
[#​3293]: https://togithub.com/launchbadge/sqlx/pull/3293
[#​3297]: https://togithub.com/launchbadge/sqlx/pull/3297
[#​3298]: https://togithub.com/launchbadge/sqlx/pull/3298
[#​3303]: https://togithub.com/launchbadge/sqlx/pull/3303
[#​3311]: https://togithub.com/launchbadge/sqlx/pull/3311
[#​3312]: https://togithub.com/launchbadge/sqlx/pull/3312
[#​3327]: https://togithub.com/launchbadge/sqlx/pull/3327
[#​3328]: https://togithub.com/launchbadge/sqlx/pull/3328
[#​3329]: https://togithub.com/launchbadge/sqlx/pull/3329
[#​3337]: https://togithub.com/launchbadge/sqlx/pull/3337
[#​3340]: https://togithub.com/launchbadge/sqlx/pull/3340
[#​3341]: https://togithub.com/launchbadge/sqlx/pull/3341
[#​3343]: https://togithub.com/launchbadge/sqlx/pull/3343
[#​3346]: https://togithub.com/launchbadge/sqlx/pull/3346
[#​3350]: https://togithub.com/launchbadge/sqlx/pull/3350
[#​3352]: https://togithub.com/launchbadge/sqlx/pull/3352
[#​3353]: https://togithub.com/launchbadge/sqlx/pull/3353
[#​3356]: https://togithub.com/launchbadge/sqlx/pull/3356
###
[`v0.7.4`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#074---2024-03-11)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.3...v0.7.4)
38 pull requests were merged this release cycle.
This is officially the **last** release of the 0.7.x release cycle.
As of this release, development of 0.8.0 has begun on `main` and only
high-priority bugfixes may be backported.
##### Added
- \[[#​2891]]: feat: expose getters for connect options fields
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2902]]: feat: add `to_url_lossy` to connect options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​2927]]: Support `query!` for cargo-free systems
\[\[[@​kshramt](https://togithub.com/kshramt)]]
- \[[#​2997]]: doc(FAQ): add entry explaining prepared statements
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3001]]: Update README to clarify MariaDB support
\[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3004]]: feat(logging): Add numeric elapsed time field
elapsed_secs \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3007]]: feat: add `raw_sql` API
\[\[[@​abonander](https://togithub.com/abonander)]]
- This hopefully makes it easier to find how to execute statements which
are not supported by the default
prepared statement interfaces `query*()` and `query!()`.
- Improved documentation across the board for the `query*()` functions.
- Deprecated: `execute_many()` and `fetch_many()` on interfaces that use
prepared statements.
- Multiple SQL statements in one query string were only supported by
SQLite because its prepared statement
interface is the *only* way to execute SQL. All other database flavors
forbid multiple statements in
one prepared statement string as an extra defense against SQL injection.
- The new `raw_sql` API retains this functionality because it explicitly
does *not* use prepared statements.
Raw or text-mode query interfaces generally allow multiple statements in
one query string, and this is
supported by all current databases. Due to their nature, however, one
cannot use bind parameters with them.
- If this change affects you, an issue is open for discussion:
[https://github.com/launchbadge/sqlx/issues/3108](https://togithub.com/launchbadge/sqlx/issues/3108)
- \[[#​3011]]: Added support to IpAddr with MySQL/MariaDB.
\[\[[@​Icerath](https://togithub.com/Icerath)]]
- \[[#​3013]]: Add default implementation for PgInterval
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3018]]: Add default implementation for PgMoney
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3026]]: Update docs to reflect support for MariaDB data
types \[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3037]]: feat(mysql): allow to connect with mysql driver
without default behavor
\[\[[@​darkecho731](https://togithub.com/darkecho731)]]
##### Changed
- \[[#​2900]]: Show latest url to docs for macro.migrate
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2914]]: Use `create_new` instead of `atomic-file-write`
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2926]]: docs: update example for `PgConnectOptions`
\[\[[@​Fyko](https://togithub.com/Fyko)]]
- \[[#​2989]]: sqlx-core: Remove dotenvy dependency
\[\[[@​joshtriplett](https://togithub.com/joshtriplett)]]
- \[[#​2996]]: chore: Update ahash to 0.8.7
\[\[[@​takenoko-gohan](https://togithub.com/takenoko-gohan)]]
- \[[#​3006]]: chore(deps): Replace unmaintained tempdir crate
with tempfile \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3008]]: chore: Ignore .sqlx folder created by running ci
steps locally \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3009]]: chore(dev-deps): Upgrade env_logger from 0.9 to
0.11 \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3010]]: chore(deps): Upgrade criterion to 0.5.1
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3050]]: Optimize SASL auth in sqlx-postgres
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3055]]: Set TCP_NODELAY option on TCP sockets
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3065]]: Improve max_lifetime handling
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3072]]: Change the name of "inner" function generated by
`#[sqlx::test]` \[\[[@​ciffelia](https://togithub.com/ciffelia)]]
- \[[#​3083]]: Remove sha1 because it's not being used in postgres
\[\[[@​rafaelGuerreiro](https://togithub.com/rafaelGuerreiro)]]
##### Fixed
- \[[#​2898]]: Fixed docs
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2905]]: fix(mysql): Close prepared statement if persistence
is disabled
\[\[[@​larsschumacher](https://togithub.com/larsschumacher)]]
- \[[#​2913]]: Fix handling of deferred constraints
\[\[[@​Thomasdezeeuw](https://togithub.com/Thomasdezeeuw)]]
- \[[#​2919]]: fix duplicate "\`" in FromRow "default" attribute
doc comment \[\[[@​shengsheng](https://togithub.com/shengsheng)]]
- \[[#​2932]]: fix(postgres): avoid unnecessary flush in
PgCopyIn::read_from \[\[[@​tsing](https://togithub.com/tsing)]]
- \[[#​2955]]: Minor fixes
\[\[[@​Dawsoncodes](https://togithub.com/Dawsoncodes)]]
- \[[#​2963]]: Fixed ReadMe badge styling
\[\[[@​tadghh](https://togithub.com/tadghh)]]
- \[[#​2976]]: fix: AnyRow not support PgType::Varchar
\[\[[@​holicc](https://togithub.com/holicc)]]
- \[[#​3053]]: fix: do not panic when binding a large BigDecimal
\[\[[@​Ekleog](https://togithub.com/Ekleog)]]
- \[[#​3056]]: fix: spans in sqlite tracing
([#​2876](https://togithub.com/launchbadge/sqlx/issues/2876))
\[\[[@​zoomiti](https://togithub.com/zoomiti)]]
- \[[#​3089]]: fix(migrate): improve error message when parsing
version from filename
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3098]]: Migrations fixes
\[\[[@​abonander](https://togithub.com/abonander)]]
- Unhides `sqlx::migrate::Migrator`.
- Improves I/O error message when failing to read a file in
`migrate!()`.
[#​2891]: https://togithub.com/launchbadge/sqlx/pull/2891
[#​2898]: https://togithub.com/launchbadge/sqlx/pull/2898
[#​2900]: https://togithub.com/launchbadge/sqlx/pull/2900
[#​2902]: https://togithub.com/launchbadge/sqlx/pull/2902
[#​2905]: https://togithub.com/launchbadge/sqlx/pull/2905
[#​2913]: https://togithub.com/launchbadge/sqlx/pull/2913
[#​2914]: https://togithub.com/launchbadge/sqlx/pull/2914
[#​2919]: https://togithub.com/launchbadge/sqlx/pull/2919
[#​2926]: https://togithub.com/launchbadge/sqlx/pull/2926
[#​2927]: https://togithub.com/launchbadge/sqlx/pull/2927
[#​2932]: https://togithub.com/launchbadge/sqlx/pull/2932
[#​2955]: https://togithub.com/launchbadge/sqlx/pull/2955
[#​2963]: https://togithub.com/launchbadge/sqlx/pull/2963
[#​2976]: https://togithub.com/launchbadge/sqlx/pull/2976
[#​2989]: https://togithub.com/launchbadge/sqlx/pull/2989
[#​2996]: https://togithub.com/launchbadge/sqlx/pull/2996
[#​2997]: https://togithub.com/launchbadge/sqlx/pull/2997
[#​3001]: https://togithub.com/launchbadge/sqlx/pull/3001
[#​3004]: https://togithub.com/launchbadge/sqlx/pull/3004
[#​3006]: https://togithub.com/launchbadge/sqlx/pull/3006
[#​3007]: https://togithub.com/launchbadge/sqlx/pull/3007
[#​3008]: https://togithub.com/launchbadge/sqlx/pull/3008
[#​3009]: https://togithub.com/launchbadge/sqlx/pull/3009
[#​3010]: https://togithub.com/launchbadge/sqlx/pull/3010
[#​3011]: https://togithub.com/launchbadge/sqlx/pull/3011
[#​3013]: https://togithub.com/launchbadge/sqlx/pull/3013
[#​3018]: https://togithub.com/launchbadge/sqlx/pull/3018
[#​3026]: https://togithub.com/launchbadge/sqlx/pull/3026
[#​3037]: https://togithub.com/launchbadge/sqlx/pull/3037
[#​3050]: https://togithub.com/launchbadge/sqlx/pull/3050
[#​3053]: https://togithub.com/launchbadge/sqlx/pull/3053
[#​3055]: https://togithub.com/launchbadge/sqlx/pull/3055
[#​3056]: https://togithub.com/launchbadge/sqlx/pull/3056
[#​3065]: https://togithub.com/launchbadge/sqlx/pull/3065
[#​3072]: https://togithub.com/launchbadge/sqlx/pull/3072
[#​3083]: https://togithub.com/launchbadge/sqlx/pull/3083
[#​3089]: https://togithub.com/launchbadge/sqlx/pull/3089
[#​3098]: https://togithub.com/launchbadge/sqlx/pull/3098
###
[`v0.7.3`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#073---2023-11-22)
38 pull requests were merged this release cycle.
##### Added
- \[[#​2478]]: feat(citext): support postgres citext
\[\[[@​hgranthorner](https://togithub.com/hgranthorner)]]
- \[[#​2545]]: Add `fixtures_path` in sqlx::test args
\[\[[@​ripa1995](https://togithub.com/ripa1995)]]
- \[[#​2665]]: feat(mysql): support packet splitting
\[\[[@​tk2217](https://togithub.com/tk2217)]]
- \[[#​2752]]: Enhancement
[#​2747](https://togithub.com/launchbadge/sqlx/issues/2747)
Provide `fn PgConnectOptions::get_host(&self)`
\[\[[@​boris-lok](https://togithub.com/boris-lok)]]
- \[[#​2769]]: Customize the macro error message based on the
metadata \[\[[@​Nemo157](https://togithub.com/Nemo157)]]
- \[[#​2793]]: derived Hash trait for PgInterval
\[\[[@​yasamoka](https://togithub.com/yasamoka)]]
- \[[#​2801]]: derive FromRow: sqlx(default) for all fields
\[\[[@​grgi](https://togithub.com/grgi)]]
- \[[#​2827]]: Add impl `FromRow` for the unit type
\[\[[@​nanoqsh](https://togithub.com/nanoqsh)]]
- \[[#​2871]]: Add `MySqlConnectOptions::get_database()`
\[\[[@​shiftrightonce](https://togithub.com/shiftrightonce)]]
- \[[#​2873]]: Sqlx Cli: Added force flag to drop database for
postgres \[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2894]]: feat: `Text` adapter
\[\[[@​abonander](https://togithub.com/abonander)]]
##### Changed
- \[[#​2701]]: Remove documentation on offline feature
\[\[[@​Baptistemontan](https://togithub.com/Baptistemontan)]]
- \[[#​2713]]: Add additional info regarding using Transaction and
PoolConnection as…
\[\[[@​satwanjyu](https://togithub.com/satwanjyu)]]
- \[[#​2770]]: Update README.md
\[\[[@​snspinn](https://togithub.com/snspinn)]]
- \[[#​2797]]: doc(mysql): document behavior regarding `BOOLEAN`
and the query macros
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2803]]: Don't use separate temp dir for query jsons (2)
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2819]]: postgres begin cancel safe
\[\[[@​conradludgate](https://togithub.com/conradludgate)]]
- \[[#​2832]]: Update extra_float_digits default to 2 instead of 3
\[\[[@​brianheineman](https://togithub.com/brianheineman)]]
- \[[#​2865]]: Update Faq - Bulk upsert with optional fields
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2880]]: feat: use specific message for slow query logs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2882]]: Do not require db url for prepare
\[\[[@​tamasfe](https://togithub.com/tamasfe)]]
- \[[#​2890]]: doc(sqlite): cover lack of `NUMERIC` support
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[No PR]: Upgraded `libsqlite3-sys` to 0.27.0
- Note: linkage to `libsqlite3-sys` is considered semver-exempt;
see the release notes for 0.7.0 below for details.
##### Fixed
- \[[#​2640]]: fix: sqlx::macro db cleanup race condition by
adding a margin to current timestamp
\[\[[@​fhsgoncalves](https://togithub.com/fhsgoncalves)]]
- \[[#​2655]]: \[fix] Urlencode when passing filenames to sqlite3
\[\[[@​uttarayan21](https://togithub.com/uttarayan21)]]
- \[[#​2684]]: Make PgListener recover from UnexpectedEof
\[\[[@​hamiltop](https://togithub.com/hamiltop)]]
- \[[#​2688]]: fix: Make rust_decimal and bigdecimal decoding more
lenient \[\[[@​cameronbraid](https://togithub.com/cameronbraid)]]
- \[[#​2754]]: Is tests/x.py maintained? And I tried fix it.
\[\[[@​qwerty2501](https://togithub.com/qwerty2501)]]
- \[[#​2784]]: fix: decode postgres time without subsecond
\[\[[@​granddaifuku](https://togithub.com/granddaifuku)]]
- \[[#​2806]]: Depend on version of async-std with non-private
spawn-blocking \[\[[@​A248](https://togithub.com/A248)]]
- \[[#​2820]]: fix: correct decoding of `rust_decimal::Decimal`
for high-precision values
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2822]]: issue
[#​2821](https://togithub.com/launchbadge/sqlx/issues/2821) Update
error handling logic when opening a TCP connection
\[\[[@​anupj](https://togithub.com/anupj)]]
- \[[#​2826]]: chore: bump some sqlx-core dependencies
\[\[[@​djc](https://togithub.com/djc)]]
- \[[#​2838]]: Fixes rust_decimal scale for Postgres
\[\[[@​jkleinknox](https://togithub.com/jkleinknox)]]
- \[[#​2847]]: Fix comment in `sqlx migrate add` help text
\[\[[@​cryeprecision](https://togithub.com/cryeprecision)]]
- \[[#​2850]]: fix(core): avoid unncessary wakeups in
`try_stream!()`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2856]]: Prevent warnings running `cargo build`
\[\[[@​nyurik](https://togithub.com/nyurik)]]
- \[[#​2864]]: fix(sqlite): use `AtomicUsize` for thread IDs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2892]]: Fixed force dropping bug
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
[#​2478]: https://togithub.com/launchbadge/sqlx/pull/2478
[#​2545]: https://togithub.com/launchbadge/sqlx/pull/2545
[#​2640]: https://togithub.com/launchbadge/sqlx/pull/2640
[#​2655]: https://togithub.com/launchbadge/sqlx/pull/2655
[#​2665]: https://togithub.com/launchbadge/sqlx/pull/2665
[#​2684]: https://togithub.com/launchbadge/sqlx/pull/2684
[#​2688]: https://togithub.com/launchbadge/sqlx/pull/2688
[#​2701]: https://togithub.com/launchbadge/sqlx/pull/2701
[#​2713]: https://togithub.com/launchbadge/sqlx/pull/2713
[#​2752]: https://togithub.com/launchbadge/sqlx/pull/2752
[#​2754]: https://togithub.com/launchbadge/sqlx/pull/2754
[#​2769]: https://togithub.com/launchbadge/sqlx/pull/2769
[#​2770]: https://togithub.com/launchbadge/sqlx/pull/2770
[#​2782]: https://togithub.com/launchbadge/sqlx/pull/2782
[#​2784]: https://togithub.com/launchbadge/sqlx/pull/2784
[#​2793]: https://togithub.com/launchbadge/sqlx/pull/2793
[#​2797]: https://togithub.com/launchbadge/sqlx/pull/2797
[#​2801]: https://togithub.com/launchbadge/sqlx/pull/2801
[#​2803]: https://togithub.com/launchbadge/sqlx/pull/2803
[#​2806]: https://togithub.com/launchbadge/sqlx/pull/2806
[#​2819]: https://togithub.com/launchbadge/sqlx/pull/2819
[#​2820]: https://togithub.com/launchbadge/sqlx/pull/2820
[#​2822]: https://togithub.com/launchbadge/sqlx/pull/2822
[#​2826]: https://togithub.com/launchbadge/sqlx/pull/2826
[#​2827]: https://togithub.com/launchbadge/sqlx/pull/2827
[#​2832]: https://togithub.com/launchbadge/sqlx/pull/2832
[#​2838]: https://togithub.com/launchbadge/sqlx/pull/2838
[#​2847]: https://togithub.com/launchbadge/sqlx/pull/2847
[#​2850]: https://togithub.com/launchbadge/sqlx/pull/2850
[#​2856]: https://togithub.com/launchbadge/sqlx/pull/2856
[#​2864]: https://togithub.com/launchbadge/sqlx/pull/2864
[#​2865]: https://togithub.com/launchbadge/sqlx/pull/2865
[#​2871]: https://togithub.com/launchbadge/sqlx/pull/2871
[#​2873]: https://togithub.com/launchbadge/sqlx/pull/2873
[#​2880]: https://togithub.com/launchbadge/sqlx/pull/2880
[#​2882]: https://togithub.com/launchbadge/sqlx/pull/2882
[#​2890]: https://togithub.com/launchbadge/sqlx/pull/2890
[#​2892]: https://togithub.com/launchbadge/sqlx/pull/2892
[#​2894]: https://togithub.com/launchbadge/sqlx/pull/2894
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Mikayla <mikayla@zed.dev>
2024-08-29 04:08:15 +00:00
sqlx = { version = "0.8" , features = [ "runtime-tokio-rustls" , "postgres" , "json" , "time" , "uuid" , "any" ] }
2024-08-07 16:09:43 +00:00
strum . workspace = true
2024-03-07 03:51:43 +00:00
subtle . workspace = true
2024-10-02 20:26:48 +00:00
supermaven_api . workspace = true
2024-02-23 16:13:28 +00:00
telemetry_events . workspace = true
2024-02-06 19:41:36 +00:00
text . workspace = true
2024-08-06 00:26:21 +00:00
thiserror . workspace = true
2023-04-25 00:41:55 +00:00
time . workspace = true
2024-10-11 21:58:58 +00:00
tokio = { workspace = true , features = [ "full" ] }
2024-01-31 02:41:29 +00:00
toml . workspace = true
2022-04-25 00:02:14 +00:00
tower = "0.4"
2024-02-23 19:50:06 +00:00
tower-http = { workspace = true , features = [ "trace" ] }
2024-04-11 21:36:35 +00:00
tracing = "0.1.40"
2024-04-15 20:00:56 +00:00
tracing-subscriber = { version = "0.3.18" , features = [ "env-filter" , "json" , "registry" , "tracing-log" ] } # workaround for https://github.com/tokio-rs/tracing/issues/2927
2024-02-06 19:41:36 +00:00
util . workspace = true
2023-10-04 00:39:24 +00:00
uuid . workspace = true
2021-07-12 20:14:39 +00:00
[ dev-dependencies ]
2024-07-10 15:36:22 +00:00
assistant = { workspace = true , features = [ "test-support" ] }
2024-11-25 23:26:34 +00:00
assistant_tool . workspace = true
context_server . workspace = true
2024-01-31 02:41:29 +00:00
async-trait . workspace = true
2024-02-06 19:41:36 +00:00
audio . workspace = true
call = { workspace = true , features = [ "test-support" ] }
channel . workspace = true
client = { workspace = true , features = [ "test-support" ] }
collab_ui = { workspace = true , features = [ "test-support" ] }
collections = { workspace = true , features = [ "test-support" ] }
2024-01-31 02:41:29 +00:00
ctor . workspace = true
2024-02-06 19:41:36 +00:00
editor = { workspace = true , features = [ "test-support" ] }
2024-01-31 02:41:29 +00:00
env_logger . workspace = true
2024-11-23 00:02:32 +00:00
extension . workspace = true
2024-02-06 19:41:36 +00:00
file_finder . workspace = true
fs = { workspace = true , features = [ "test-support" ] }
git = { workspace = true , features = [ "test-support" ] }
2024-05-07 01:24:48 +00:00
git_hosting_providers . workspace = true
2024-02-06 19:41:36 +00:00
gpui = { workspace = true , features = [ "test-support" ] }
2024-08-06 15:49:04 +00:00
hyper . workspace = true
2024-01-31 02:41:29 +00:00
indoc . workspace = true
2024-02-06 19:41:36 +00:00
language = { workspace = true , features = [ "test-support" ] }
2024-07-23 17:48:41 +00:00
language_model = { workspace = true , features = [ "test-support" ] }
2024-02-06 19:41:36 +00:00
lsp = { workspace = true , features = [ "test-support" ] }
menu . workspace = true
2024-05-10 21:06:51 +00:00
multi_buffer = { workspace = true , features = [ "test-support" ] }
2024-02-06 19:41:36 +00:00
node_runtime . workspace = true
notifications = { workspace = true , features = [ "test-support" ] }
2024-01-31 02:41:29 +00:00
pretty_assertions . workspace = true
2024-02-06 19:41:36 +00:00
project = { workspace = true , features = [ "test-support" ] }
2024-06-11 00:09:47 +00:00
recent_projects = { workspace = true }
2024-02-16 02:54:43 +00:00
release_channel . workspace = true
2024-07-19 17:27:26 +00:00
remote = { workspace = true , features = [ "test-support" ] }
remote_server . workspace = true
2024-02-06 19:41:36 +00:00
rpc = { workspace = true , features = [ "test-support" ] }
Update Rust crate sqlx to 0.8 [SECURITY] (#16791)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [sqlx](https://togithub.com/launchbadge/sqlx) | dev-dependencies |
minor | `0.7` -> `0.8` |
| [sqlx](https://togithub.com/launchbadge/sqlx) | dependencies | minor |
`0.7` -> `0.8` |
### GitHub Vulnerability Alerts
####
[GHSA-xmrp-424f-vfpx](https://togithub.com/launchbadge/sqlx/issues/3440)
The following presentation at this year's DEF CON was brought to our
attention on the SQLx Discord:
> SQL Injection isn't Dead: Smuggling Queries at the Protocol Level
>
<http://web.archive.org/web/20240812130923/https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn't%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf>
> (Archive link for posterity.)
Essentially, encoding a value larger than 4GiB can cause the length
prefix in the protocol to overflow,
causing the server to interpret the rest of the string as binary
protocol commands or other data.
It appears SQLx _does_ perform truncating casts in a way that could be
problematic,
for example:
<https://github.com/launchbadge/sqlx/blob/6f2905695b9606b5f51b40ce10af63ac9e696bb8/sqlx-postgres/src/arguments.rs#L163>
This code has existed essentially since the beginning,
so it is reasonable to assume that all published versions `<= 0.8.0` are
affected.
## Mitigation
As always, you should make sure your application is validating
untrustworthy user input.
Reject any input over 4 GiB, or any input that could _encode_ to a
string longer than 4 GiB.
Dynamically built queries are also potentially problematic if it pushes
the message size over this 4 GiB bound.
[`Encode::size_hint()`](https://docs.rs/sqlx/latest/sqlx/trait.Encode.html#method.size_hint)
can be used for sanity checks, but do not assume that the size returned
is accurate.
For example, the `Json<T>` and `Text<T>` adapters have no reasonable way
to predict or estimate the final encoded size,
so they just return `size_of::<T>()` instead.
For web application backends, consider adding some middleware that
limits the size of request bodies by default.
## Resolution
Work has started on a branch to add `#[deny]` directives for the
following Clippy lints:
*
[`cast_possible_truncation`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_truncation)
*
[`cast_possible_wrap`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_wrap)
*
[`cast_sign_loss`](https://rust-lang.github.io/rust-clippy/master/#/cast_sign_loss)
and to manually audit the code that they flag.
A fix is expected to be included in the `0.8.1` release (still WIP as of
writing).
---
### Release Notes
<details>
<summary>launchbadge/sqlx (sqlx)</summary>
###
[`v0.8.1`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#081---2024-08-23)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.8.0...v0.8.1)
16 pull requests were merged this release cycle.
This release contains a fix for [RUSTSEC-2024-0363].
Postgres users are advised to upgrade ASAP as a possible exploit has
been demonstrated:
[#​3440
(comment)](https://togithub.com/launchbadge/sqlx/issues/3440#issuecomment-2307956901)
MySQL and SQLite do not *appear* to be exploitable, but upgrading is
recommended nonetheless.
##### Added
- \[[#​3421]]: correct spelling of
`MySqlConnectOptions::no_engine_substitution()`
\[\[[@​kolinfluence](https://togithub.com/kolinfluence)]]
- Deprecates `MySqlConnectOptions::no_engine_subsitution()` (oops) in
favor of the correctly spelled version.
##### Changed
- \[[#​3376]]: doc: hide `spec_error` module
\[\[[@​abonander](https://togithub.com/abonander)]]
- This is a helper module for the macros and was not meant to be
exposed.
- It is not expected to receive any breaking changes for the 0.8.x
release, but is not designed as a public API.
Use at your own risk.
- \[[#​3382]]: feat: bumped to `libsqlite3-sys=0.30.1` to support
sqlite 3.46
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3385]]: chore(examples):Migrated the pg-chat example to
ratatui
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3399]]: Upgrade to rustls 0.23
\[\[[@​djc](https://togithub.com/djc)]]
- RusTLS now has pluggable cryptography providers: `ring` (the existing
implementation),
and `aws-lc-rs` which has optional FIPS certification.
- The existing features activating RusTLS (`runtime-tokio-rustls`,
`runtime-async-std-rustls`, `tls-rustls`)
enable the `ring` provider of RusTLS to match the existing behavior so
this *should not* be a breaking change.
- Switch to the `tls-rustls-aws-lc-rs` feature to use the `aws-lc-rs`
provider.
- If using `runtime-tokio-rustls` or `runtime-async-std-rustls`,
this will necessitate switching to the appropriate non-legacy runtime
feature:
`runtime-tokio` or `runtime-async-std`
- See the RusTLS README for more details:
<https://github.com/rustls/rustls?tab=readme-ov-file#cryptography-providers>
##### Fixed
- \[[#​2786]]: fix(sqlx-cli): do not clean sqlx during prepare
\[\[[@​cycraig](https://togithub.com/cycraig)]]
- \[[#​3354]]: sqlite: fix inconsistent read-after-write
\[\[[@​ckampfe](https://togithub.com/ckampfe)]]
- \[[#​3371]]: Fix encoding and decoding of MySQL enums in
`sqlx::Type` \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​3374]]: fix: usage of `node12` in `SQLx` action
\[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3380]]: chore: replace structopt with clap in examples
\[\[[@​tottoto](https://togithub.com/tottoto)]]
- \[[#​3381]]: Fix CI after Rust 1.80, remove dead feature
references \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3384]]: chore(tests): fixed deprecation warnings
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3386]]: fix(dependencys):bumped cargo_metadata to `v0.18.1`
to avoid yanked `v0.14.3`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3389]]: fix(cli): typo in error for required DB URL
\[\[[@​ods](https://togithub.com/ods)]]
- \[[#​3417]]: Update version to 0.8 in README
\[\[[@​soucosmo](https://togithub.com/soucosmo)]]
- \[[#​3441]]: fix: audit protocol handling
\[\[[@​abonander](https://togithub.com/abonander)]]
- This addresses [RUSTSEC-2024-0363] and includes regression tests for
MySQL, Postgres and SQLite.
[#​2786]: https://togithub.com/launchbadge/sqlx/pull/2786
[#​3354]: https://togithub.com/launchbadge/sqlx/pull/3354
[#​3371]: https://togithub.com/launchbadge/sqlx/pull/3371
[#​3374]: https://togithub.com/launchbadge/sqlx/pull/3374
[#​3376]: https://togithub.com/launchbadge/sqlx/pull/3376
[#​3380]: https://togithub.com/launchbadge/sqlx/pull/3380
[#​3381]: https://togithub.com/launchbadge/sqlx/pull/3381
[#​3382]: https://togithub.com/launchbadge/sqlx/pull/3382
[#​3384]: https://togithub.com/launchbadge/sqlx/pull/3384
[#​3385]: https://togithub.com/launchbadge/sqlx/pull/3385
[#​3386]: https://togithub.com/launchbadge/sqlx/pull/3386
[#​3389]: https://togithub.com/launchbadge/sqlx/pull/3389
[#​3399]: https://togithub.com/launchbadge/sqlx/pull/3399
[#​3417]: https://togithub.com/launchbadge/sqlx/pull/3417
[#​3421]: https://togithub.com/launchbadge/sqlx/pull/3421
[#​3441]: https://togithub.com/launchbadge/sqlx/pull/3441
[RUSTSEC-2024-0363]:
https://rustsec.org/advisories/RUSTSEC-2024-0363.html
###
[`v0.8.0`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#080---2024-07-22)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.4...v0.8.0)
70 pull requests were merged this release cycle.
[#​2697] was merged the same day as release 0.7.4 and so was
missed by the automatic CHANGELOG generation.
##### Breaking
- \[[#​2697]]: fix(macros): only enable chrono when time is
disabled
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2973]]: Generic Associated Types in Database, replacing
HasValueRef, HasArguments, HasStatement
\[\[[@​nitn3lav](https://togithub.com/nitn3lav)]]
- \[[#​2482]]: chore: bump syn to 2.0
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- Deprecated type ascription syntax in the query macros was removed.
- \[[#​2736]]: Fix describe on PostgreSQL views with rules
\[\[[@​tsing](https://togithub.com/tsing)]]
- Potentially breaking: nullability inference changes for Postgres.
- \[[#​2869]]: Implement PgHasArrayType for all references
\[\[[@​tylerhawkes](https://togithub.com/tylerhawkes)]]
- Conflicts with existing manual implementations.
- \[[#​2940]]: fix: Decode and Encode derives
([#​1031](https://togithub.com/launchbadge/sqlx/issues/1031))
\[\[[@​benluelo](https://togithub.com/benluelo)]]
- Changes lifetime obligations for field types.
- \[[#​3064]]: Sqlite explain graph
\[\[[@​tyrelr](https://togithub.com/tyrelr)]]
- Potentially breaking: nullability inference changes for SQLite.
- \[[#​3123]]: Reorder attrs in sqlx::test macro
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- Potentially breaking: attributes on `#[sqlx::test]` usages are applied
in the correct order now.
- \[[#​3126]]: Make Encode return a result
\[\[[@​FSMaxB](https://togithub.com/FSMaxB)]]
- \[[#​3130]]: Add version information for failed cli migration
([#​3129](https://togithub.com/launchbadge/sqlx/issues/3129))
\[\[[@​FlakM](https://togithub.com/FlakM)]]
- Breaking changes to `MigrateError`.
- \[[#​3181]]: feat: no tx migration
\[\[[@​cleverjam](https://togithub.com/cleverjam)]]
- (Postgres only) migrations that should not run in a transaction can be
flagged by adding `-- no-transaction` to the beginning.
- Breaking change: added field to `Migration`
- \[[#​3184]]: \[BREAKING} fix(sqlite): always use `i64` as
intermediate when decoding
\[\[[@​abonander](https://togithub.com/abonander)]]
- integer decoding will now loudly error on overflow instead of silently
truncating.
- some usages of the query!() macros might change an i32 to an i64.
- \[[#​3252]]: fix `#[derive(sqlx::Type)]` in Postgres
\[\[[@​abonander](https://togithub.com/abonander)]]
- Manual implementations of PgHasArrayType for enums will conflict with
the generated one. Delete the manual impl or add `#[sqlx(no_pg_array)]`
where conflicts occur.
- Type equality for PgTypeInfo is now schema-aware.
- \[[#​3329]]: fix: correct handling of arrays of custom types in
Postgres \[\[[@​abonander](https://togithub.com/abonander)]]
- Potential breaking change: `PgTypeInfo::with_name()` infers types that
start with `_` to be arrays of the un-prefixed type. Wrap type names in
quotes to bypass this behavior.
- \[[#​3356]]: breaking: fix name collision in `FromRow`, return
`Error::ColumnDecode` for `TryFrom` errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- Breaking behavior change: errors with `#[sqlx(try_from = "T")]` now
return `Error::ColumnDecode` instead of `Error::ColumnNotFound`.
- Breaking because `#[sqlx(default)]` on an individual field or the
struct itself would have previously suppressed the error.
This doesn't seem like good behavior as it could result in some
potentially very difficult bugs.
- Instead, create a wrapper implementing `From` and apply the default
explicitly.
- \[[#​3337]]: allow rename with rename_all (close
[#​2896](https://togithub.com/launchbadge/sqlx/issues/2896))
\[\[[@​DirectorX](https://togithub.com/DirectorX)]]
- Changes the precedence of `#[sqlx(rename)]` and `#[sqlx(rename_all)]`
to match the expected behavior (`rename` wins).
- \[[#​3285]]: fix: use correct names for sslmode options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- Changes the output of `ConnectOptions::to_url_lossy()` to match what
parsing expects.
##### Added
- \[[#​2917]]: Add Debug impl for PgRow
\[\[[@​g-bartoszek](https://togithub.com/g-bartoszek)]]
- \[[#​3113]]: feat: new derive feature flag
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​3154]]: feat: add `MySqlTime`, audit `mysql::types` for
panics \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3188]]: feat(cube): support postgres cube
\[\[[@​jayy-lmao](https://togithub.com/jayy-lmao)]]
- \[[#​3244]]: feat: support `NonZero*` scalar types
\[\[[@​AlphaKeks](https://togithub.com/AlphaKeks)]]
- \[[#​3260]]: feat: Add set_update_hook on SqliteConnection
\[\[[@​gridbox](https://togithub.com/gridbox)]]
- \[[#​3291]]: feat: support the Postgres Bool type for the Any
driver \[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3293]]: Add LICENSE-\* files to crates
\[\[[@​LecrisUT](https://togithub.com/LecrisUT)]]
- \[[#​3303]]: add array support for NonZeroI\* in postgres
\[\[[@​JohannesIBK](https://togithub.com/JohannesIBK)]]
- \[[#​3311]]: Add example on how to use Transaction as Executor
\[\[[@​Lachstec](https://togithub.com/Lachstec)]]
- \[[#​3343]]: Add support for PostgreSQL HSTORE data type
\[\[[@​KobusEllis](https://togithub.com/KobusEllis)]]
##### Changed
- \[[#​2652]]: MySQL: Remove collation compatibility check for
strings \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​2960]]: Removed `Send` trait bound from argument binding
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- \[[#​2970]]: refactor: lift type mappings into driver crates
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3148]]: Bump libsqlite3-sys to v0.28
\[\[[@​NfNitLoop](https://togithub.com/NfNitLoop)]]
- Note: version bumps to `libsqlite3-sys` are not considered breaking
changes as per our semver guarantees.
- \[[#​3265]]: perf: box `MySqlConnection` to reduce sizes of
futures
\[\[[@​stepantubanov](https://togithub.com/stepantubanov)]]
- \[[#​3352]]: chore:added a testcase for `sqlx migrate add ...`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3340]]: ci: Add job to check that sqlx builds with its
declared minimum dependencies
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
##### Fixed
- \[[#​2702]]: Constrain cyclic associated types to themselves
\[\[[@​BadBastion](https://togithub.com/BadBastion)]]
- \[[#​2954]]: Fix several inter doc links
\[\[[@​ralpha](https://togithub.com/ralpha)]]
- \[[#​3073]]: feat(logging): Log slow acquires from connection
pool \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3137]]: SqliteConnectOptions::filename() memory fix
([#​3136](https://togithub.com/launchbadge/sqlx/issues/3136))
\[\[[@​hoxxep](https://togithub.com/hoxxep)]]
- \[[#​3138]]: PostgreSQL Bugfix: Ensure connection is usable
after failed COPY inside a transaction
\[\[[@​feikesteenbergen](https://togithub.com/feikesteenbergen)]]
- \[[#​3146]]: fix(sqlite): delete unused `ConnectionHandleRaw`
type \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3162]]: Drop urlencoding dependency
\[\[[@​paolobarbolini](https://togithub.com/paolobarbolini)]]
- \[[#​3165]]: Bump deps that do not need code changes
\[\[[@​GnomedDev](https://togithub.com/GnomedDev)]]
- \[[#​3167]]: fix(ci): use `docker compose` instead of
`docker-compose`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3172]]: fix: Option decoding in any driver
\[\[[@​pxp9](https://togithub.com/pxp9)]]
- \[[#​3173]]: fix(postgres) : int type conversion while decoding
\[\[[@​RaghavRox](https://togithub.com/RaghavRox)]]
- \[[#​3190]]: Update time to 0.3.36
\[\[[@​BlackSoulHub](https://togithub.com/BlackSoulHub)]]
- \[[#​3191]]: Fix unclean TLS shutdown
\[\[[@​levkk](https://togithub.com/levkk)]]
- \[[#​3194]]: Fix leaking connections in fetch_optional
([#​2647](https://togithub.com/launchbadge/sqlx/issues/2647))
\[\[[@​danjpgriffin](https://togithub.com/danjpgriffin)]]
- \[[#​3216]]: security: bump rustls to 0.21.11
\[\[[@​toxeus](https://togithub.com/toxeus)]]
- \[[#​3230]]: fix: sqlite pragma order for auto_vacuum
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3233]]: fix: get_filename should not consume self
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3234]]: fix(ci): pin Rust version, ditch unmaintained
actions \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3236]]: fix: resolve `path` ownership problems when using
`sqlx_macros_unstable`
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​3254]]: fix: hide `sqlx_postgres::any`
\[\[[@​Zarathustra2](https://togithub.com/Zarathustra2)]]
- \[[#​3266]]: ci: MariaDB - add back 11.4 and add 11.5
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3267]]: ci: syntax fix
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3271]]: docs(sqlite): fix typo - unixtime() -> unixepoch()
\[\[[@​joelkoen](https://togithub.com/joelkoen)]]
- \[[#​3276]]: Invert boolean for `migrate` error message.
([#​3275](https://togithub.com/launchbadge/sqlx/issues/3275))
\[\[[@​nk9](https://togithub.com/nk9)]]
- \[[#​3279]]: fix Clippy errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3288]]: fix: sqlite update_hook char types
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3297]]: Pass the `persistent` query setting when preparing
queries with the `Any` driver
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3298]]: Track null arguments in order to provide the
appropriate type when converting them.
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3312]]: doc: Minor rust docs fixes
\[\[[@​SrGesus](https://togithub.com/SrGesus)]]
- \[[#​3327]]: chore: fixed one usage of `select_input_type!()`
being unhygenic
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3328]]: fix(ci): comment not separated from other
characters \[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3341]]: refactor: Resolve cargo check warnings in postgres
examples \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3346]]: fix(postgres): don't panic if `M` or `C` Notice
fields are not UTF-8
\[\[[@​YgorSouza](https://togithub.com/YgorSouza)]]
- \[[#​3350]]: fix:the `json`-feature should activate
`sqlx-postgres?/json` as well
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3353]]: fix: build script new line at eof
\[\[[@​Zarthus](https://togithub.com/Zarthus)]]
- (no PR): activate `clock` and `std` features of
`workspace.dependencies.chrono`.
[#​2482]: https://togithub.com/launchbadge/sqlx/pull/2482
[#​2652]: https://togithub.com/launchbadge/sqlx/pull/2652
[#​2697]: https://togithub.com/launchbadge/sqlx/pull/2697
[#​2702]: https://togithub.com/launchbadge/sqlx/pull/2702
[#​2736]: https://togithub.com/launchbadge/sqlx/pull/2736
[#​2869]: https://togithub.com/launchbadge/sqlx/pull/2869
[#​2917]: https://togithub.com/launchbadge/sqlx/pull/2917
[#​2940]: https://togithub.com/launchbadge/sqlx/pull/2940
[#​2954]: https://togithub.com/launchbadge/sqlx/pull/2954
[#​2960]: https://togithub.com/launchbadge/sqlx/pull/2960
[#​2970]: https://togithub.com/launchbadge/sqlx/pull/2970
[#​2973]: https://togithub.com/launchbadge/sqlx/pull/2973
[#​3064]: https://togithub.com/launchbadge/sqlx/pull/3064
[#​3073]: https://togithub.com/launchbadge/sqlx/pull/3073
[#​3113]: https://togithub.com/launchbadge/sqlx/pull/3113
[#​3123]: https://togithub.com/launchbadge/sqlx/pull/3123
[#​3126]: https://togithub.com/launchbadge/sqlx/pull/3126
[#​3130]: https://togithub.com/launchbadge/sqlx/pull/3130
[#​3137]: https://togithub.com/launchbadge/sqlx/pull/3137
[#​3138]: https://togithub.com/launchbadge/sqlx/pull/3138
[#​3146]: https://togithub.com/launchbadge/sqlx/pull/3146
[#​3148]: https://togithub.com/launchbadge/sqlx/pull/3148
[#​3154]: https://togithub.com/launchbadge/sqlx/pull/3154
[#​3162]: https://togithub.com/launchbadge/sqlx/pull/3162
[#​3165]: https://togithub.com/launchbadge/sqlx/pull/3165
[#​3167]: https://togithub.com/launchbadge/sqlx/pull/3167
[#​3172]: https://togithub.com/launchbadge/sqlx/pull/3172
[#​3173]: https://togithub.com/launchbadge/sqlx/pull/3173
[#​3181]: https://togithub.com/launchbadge/sqlx/pull/3181
[#​3184]: https://togithub.com/launchbadge/sqlx/pull/3184
[#​3188]: https://togithub.com/launchbadge/sqlx/pull/3188
[#​3190]: https://togithub.com/launchbadge/sqlx/pull/3190
[#​3191]: https://togithub.com/launchbadge/sqlx/pull/3191
[#​3194]: https://togithub.com/launchbadge/sqlx/pull/3194
[#​3216]: https://togithub.com/launchbadge/sqlx/pull/3216
[#​3230]: https://togithub.com/launchbadge/sqlx/pull/3230
[#​3233]: https://togithub.com/launchbadge/sqlx/pull/3233
[#​3234]: https://togithub.com/launchbadge/sqlx/pull/3234
[#​3236]: https://togithub.com/launchbadge/sqlx/pull/3236
[#​3244]: https://togithub.com/launchbadge/sqlx/pull/3244
[#​3252]: https://togithub.com/launchbadge/sqlx/pull/3252
[#​3254]: https://togithub.com/launchbadge/sqlx/pull/3254
[#​3260]: https://togithub.com/launchbadge/sqlx/pull/3260
[#​3265]: https://togithub.com/launchbadge/sqlx/pull/3265
[#​3266]: https://togithub.com/launchbadge/sqlx/pull/3266
[#​3267]: https://togithub.com/launchbadge/sqlx/pull/3267
[#​3271]: https://togithub.com/launchbadge/sqlx/pull/3271
[#​3276]: https://togithub.com/launchbadge/sqlx/pull/3276
[#​3279]: https://togithub.com/launchbadge/sqlx/pull/3279
[#​3285]: https://togithub.com/launchbadge/sqlx/pull/3285
[#​3288]: https://togithub.com/launchbadge/sqlx/pull/3288
[#​3291]: https://togithub.com/launchbadge/sqlx/pull/3291
[#​3293]: https://togithub.com/launchbadge/sqlx/pull/3293
[#​3297]: https://togithub.com/launchbadge/sqlx/pull/3297
[#​3298]: https://togithub.com/launchbadge/sqlx/pull/3298
[#​3303]: https://togithub.com/launchbadge/sqlx/pull/3303
[#​3311]: https://togithub.com/launchbadge/sqlx/pull/3311
[#​3312]: https://togithub.com/launchbadge/sqlx/pull/3312
[#​3327]: https://togithub.com/launchbadge/sqlx/pull/3327
[#​3328]: https://togithub.com/launchbadge/sqlx/pull/3328
[#​3329]: https://togithub.com/launchbadge/sqlx/pull/3329
[#​3337]: https://togithub.com/launchbadge/sqlx/pull/3337
[#​3340]: https://togithub.com/launchbadge/sqlx/pull/3340
[#​3341]: https://togithub.com/launchbadge/sqlx/pull/3341
[#​3343]: https://togithub.com/launchbadge/sqlx/pull/3343
[#​3346]: https://togithub.com/launchbadge/sqlx/pull/3346
[#​3350]: https://togithub.com/launchbadge/sqlx/pull/3350
[#​3352]: https://togithub.com/launchbadge/sqlx/pull/3352
[#​3353]: https://togithub.com/launchbadge/sqlx/pull/3353
[#​3356]: https://togithub.com/launchbadge/sqlx/pull/3356
###
[`v0.7.4`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#074---2024-03-11)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.3...v0.7.4)
38 pull requests were merged this release cycle.
This is officially the **last** release of the 0.7.x release cycle.
As of this release, development of 0.8.0 has begun on `main` and only
high-priority bugfixes may be backported.
##### Added
- \[[#​2891]]: feat: expose getters for connect options fields
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2902]]: feat: add `to_url_lossy` to connect options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​2927]]: Support `query!` for cargo-free systems
\[\[[@​kshramt](https://togithub.com/kshramt)]]
- \[[#​2997]]: doc(FAQ): add entry explaining prepared statements
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3001]]: Update README to clarify MariaDB support
\[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3004]]: feat(logging): Add numeric elapsed time field
elapsed_secs \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3007]]: feat: add `raw_sql` API
\[\[[@​abonander](https://togithub.com/abonander)]]
- This hopefully makes it easier to find how to execute statements which
are not supported by the default
prepared statement interfaces `query*()` and `query!()`.
- Improved documentation across the board for the `query*()` functions.
- Deprecated: `execute_many()` and `fetch_many()` on interfaces that use
prepared statements.
- Multiple SQL statements in one query string were only supported by
SQLite because its prepared statement
interface is the *only* way to execute SQL. All other database flavors
forbid multiple statements in
one prepared statement string as an extra defense against SQL injection.
- The new `raw_sql` API retains this functionality because it explicitly
does *not* use prepared statements.
Raw or text-mode query interfaces generally allow multiple statements in
one query string, and this is
supported by all current databases. Due to their nature, however, one
cannot use bind parameters with them.
- If this change affects you, an issue is open for discussion:
[https://github.com/launchbadge/sqlx/issues/3108](https://togithub.com/launchbadge/sqlx/issues/3108)
- \[[#​3011]]: Added support to IpAddr with MySQL/MariaDB.
\[\[[@​Icerath](https://togithub.com/Icerath)]]
- \[[#​3013]]: Add default implementation for PgInterval
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3018]]: Add default implementation for PgMoney
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3026]]: Update docs to reflect support for MariaDB data
types \[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3037]]: feat(mysql): allow to connect with mysql driver
without default behavor
\[\[[@​darkecho731](https://togithub.com/darkecho731)]]
##### Changed
- \[[#​2900]]: Show latest url to docs for macro.migrate
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2914]]: Use `create_new` instead of `atomic-file-write`
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2926]]: docs: update example for `PgConnectOptions`
\[\[[@​Fyko](https://togithub.com/Fyko)]]
- \[[#​2989]]: sqlx-core: Remove dotenvy dependency
\[\[[@​joshtriplett](https://togithub.com/joshtriplett)]]
- \[[#​2996]]: chore: Update ahash to 0.8.7
\[\[[@​takenoko-gohan](https://togithub.com/takenoko-gohan)]]
- \[[#​3006]]: chore(deps): Replace unmaintained tempdir crate
with tempfile \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3008]]: chore: Ignore .sqlx folder created by running ci
steps locally \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3009]]: chore(dev-deps): Upgrade env_logger from 0.9 to
0.11 \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3010]]: chore(deps): Upgrade criterion to 0.5.1
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3050]]: Optimize SASL auth in sqlx-postgres
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3055]]: Set TCP_NODELAY option on TCP sockets
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3065]]: Improve max_lifetime handling
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3072]]: Change the name of "inner" function generated by
`#[sqlx::test]` \[\[[@​ciffelia](https://togithub.com/ciffelia)]]
- \[[#​3083]]: Remove sha1 because it's not being used in postgres
\[\[[@​rafaelGuerreiro](https://togithub.com/rafaelGuerreiro)]]
##### Fixed
- \[[#​2898]]: Fixed docs
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2905]]: fix(mysql): Close prepared statement if persistence
is disabled
\[\[[@​larsschumacher](https://togithub.com/larsschumacher)]]
- \[[#​2913]]: Fix handling of deferred constraints
\[\[[@​Thomasdezeeuw](https://togithub.com/Thomasdezeeuw)]]
- \[[#​2919]]: fix duplicate "\`" in FromRow "default" attribute
doc comment \[\[[@​shengsheng](https://togithub.com/shengsheng)]]
- \[[#​2932]]: fix(postgres): avoid unnecessary flush in
PgCopyIn::read_from \[\[[@​tsing](https://togithub.com/tsing)]]
- \[[#​2955]]: Minor fixes
\[\[[@​Dawsoncodes](https://togithub.com/Dawsoncodes)]]
- \[[#​2963]]: Fixed ReadMe badge styling
\[\[[@​tadghh](https://togithub.com/tadghh)]]
- \[[#​2976]]: fix: AnyRow not support PgType::Varchar
\[\[[@​holicc](https://togithub.com/holicc)]]
- \[[#​3053]]: fix: do not panic when binding a large BigDecimal
\[\[[@​Ekleog](https://togithub.com/Ekleog)]]
- \[[#​3056]]: fix: spans in sqlite tracing
([#​2876](https://togithub.com/launchbadge/sqlx/issues/2876))
\[\[[@​zoomiti](https://togithub.com/zoomiti)]]
- \[[#​3089]]: fix(migrate): improve error message when parsing
version from filename
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3098]]: Migrations fixes
\[\[[@​abonander](https://togithub.com/abonander)]]
- Unhides `sqlx::migrate::Migrator`.
- Improves I/O error message when failing to read a file in
`migrate!()`.
[#​2891]: https://togithub.com/launchbadge/sqlx/pull/2891
[#​2898]: https://togithub.com/launchbadge/sqlx/pull/2898
[#​2900]: https://togithub.com/launchbadge/sqlx/pull/2900
[#​2902]: https://togithub.com/launchbadge/sqlx/pull/2902
[#​2905]: https://togithub.com/launchbadge/sqlx/pull/2905
[#​2913]: https://togithub.com/launchbadge/sqlx/pull/2913
[#​2914]: https://togithub.com/launchbadge/sqlx/pull/2914
[#​2919]: https://togithub.com/launchbadge/sqlx/pull/2919
[#​2926]: https://togithub.com/launchbadge/sqlx/pull/2926
[#​2927]: https://togithub.com/launchbadge/sqlx/pull/2927
[#​2932]: https://togithub.com/launchbadge/sqlx/pull/2932
[#​2955]: https://togithub.com/launchbadge/sqlx/pull/2955
[#​2963]: https://togithub.com/launchbadge/sqlx/pull/2963
[#​2976]: https://togithub.com/launchbadge/sqlx/pull/2976
[#​2989]: https://togithub.com/launchbadge/sqlx/pull/2989
[#​2996]: https://togithub.com/launchbadge/sqlx/pull/2996
[#​2997]: https://togithub.com/launchbadge/sqlx/pull/2997
[#​3001]: https://togithub.com/launchbadge/sqlx/pull/3001
[#​3004]: https://togithub.com/launchbadge/sqlx/pull/3004
[#​3006]: https://togithub.com/launchbadge/sqlx/pull/3006
[#​3007]: https://togithub.com/launchbadge/sqlx/pull/3007
[#​3008]: https://togithub.com/launchbadge/sqlx/pull/3008
[#​3009]: https://togithub.com/launchbadge/sqlx/pull/3009
[#​3010]: https://togithub.com/launchbadge/sqlx/pull/3010
[#​3011]: https://togithub.com/launchbadge/sqlx/pull/3011
[#​3013]: https://togithub.com/launchbadge/sqlx/pull/3013
[#​3018]: https://togithub.com/launchbadge/sqlx/pull/3018
[#​3026]: https://togithub.com/launchbadge/sqlx/pull/3026
[#​3037]: https://togithub.com/launchbadge/sqlx/pull/3037
[#​3050]: https://togithub.com/launchbadge/sqlx/pull/3050
[#​3053]: https://togithub.com/launchbadge/sqlx/pull/3053
[#​3055]: https://togithub.com/launchbadge/sqlx/pull/3055
[#​3056]: https://togithub.com/launchbadge/sqlx/pull/3056
[#​3065]: https://togithub.com/launchbadge/sqlx/pull/3065
[#​3072]: https://togithub.com/launchbadge/sqlx/pull/3072
[#​3083]: https://togithub.com/launchbadge/sqlx/pull/3083
[#​3089]: https://togithub.com/launchbadge/sqlx/pull/3089
[#​3098]: https://togithub.com/launchbadge/sqlx/pull/3098
###
[`v0.7.3`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#073---2023-11-22)
38 pull requests were merged this release cycle.
##### Added
- \[[#​2478]]: feat(citext): support postgres citext
\[\[[@​hgranthorner](https://togithub.com/hgranthorner)]]
- \[[#​2545]]: Add `fixtures_path` in sqlx::test args
\[\[[@​ripa1995](https://togithub.com/ripa1995)]]
- \[[#​2665]]: feat(mysql): support packet splitting
\[\[[@​tk2217](https://togithub.com/tk2217)]]
- \[[#​2752]]: Enhancement
[#​2747](https://togithub.com/launchbadge/sqlx/issues/2747)
Provide `fn PgConnectOptions::get_host(&self)`
\[\[[@​boris-lok](https://togithub.com/boris-lok)]]
- \[[#​2769]]: Customize the macro error message based on the
metadata \[\[[@​Nemo157](https://togithub.com/Nemo157)]]
- \[[#​2793]]: derived Hash trait for PgInterval
\[\[[@​yasamoka](https://togithub.com/yasamoka)]]
- \[[#​2801]]: derive FromRow: sqlx(default) for all fields
\[\[[@​grgi](https://togithub.com/grgi)]]
- \[[#​2827]]: Add impl `FromRow` for the unit type
\[\[[@​nanoqsh](https://togithub.com/nanoqsh)]]
- \[[#​2871]]: Add `MySqlConnectOptions::get_database()`
\[\[[@​shiftrightonce](https://togithub.com/shiftrightonce)]]
- \[[#​2873]]: Sqlx Cli: Added force flag to drop database for
postgres \[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2894]]: feat: `Text` adapter
\[\[[@​abonander](https://togithub.com/abonander)]]
##### Changed
- \[[#​2701]]: Remove documentation on offline feature
\[\[[@​Baptistemontan](https://togithub.com/Baptistemontan)]]
- \[[#​2713]]: Add additional info regarding using Transaction and
PoolConnection as…
\[\[[@​satwanjyu](https://togithub.com/satwanjyu)]]
- \[[#​2770]]: Update README.md
\[\[[@​snspinn](https://togithub.com/snspinn)]]
- \[[#​2797]]: doc(mysql): document behavior regarding `BOOLEAN`
and the query macros
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2803]]: Don't use separate temp dir for query jsons (2)
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2819]]: postgres begin cancel safe
\[\[[@​conradludgate](https://togithub.com/conradludgate)]]
- \[[#​2832]]: Update extra_float_digits default to 2 instead of 3
\[\[[@​brianheineman](https://togithub.com/brianheineman)]]
- \[[#​2865]]: Update Faq - Bulk upsert with optional fields
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2880]]: feat: use specific message for slow query logs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2882]]: Do not require db url for prepare
\[\[[@​tamasfe](https://togithub.com/tamasfe)]]
- \[[#​2890]]: doc(sqlite): cover lack of `NUMERIC` support
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[No PR]: Upgraded `libsqlite3-sys` to 0.27.0
- Note: linkage to `libsqlite3-sys` is considered semver-exempt;
see the release notes for 0.7.0 below for details.
##### Fixed
- \[[#​2640]]: fix: sqlx::macro db cleanup race condition by
adding a margin to current timestamp
\[\[[@​fhsgoncalves](https://togithub.com/fhsgoncalves)]]
- \[[#​2655]]: \[fix] Urlencode when passing filenames to sqlite3
\[\[[@​uttarayan21](https://togithub.com/uttarayan21)]]
- \[[#​2684]]: Make PgListener recover from UnexpectedEof
\[\[[@​hamiltop](https://togithub.com/hamiltop)]]
- \[[#​2688]]: fix: Make rust_decimal and bigdecimal decoding more
lenient \[\[[@​cameronbraid](https://togithub.com/cameronbraid)]]
- \[[#​2754]]: Is tests/x.py maintained? And I tried fix it.
\[\[[@​qwerty2501](https://togithub.com/qwerty2501)]]
- \[[#​2784]]: fix: decode postgres time without subsecond
\[\[[@​granddaifuku](https://togithub.com/granddaifuku)]]
- \[[#​2806]]: Depend on version of async-std with non-private
spawn-blocking \[\[[@​A248](https://togithub.com/A248)]]
- \[[#​2820]]: fix: correct decoding of `rust_decimal::Decimal`
for high-precision values
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2822]]: issue
[#​2821](https://togithub.com/launchbadge/sqlx/issues/2821) Update
error handling logic when opening a TCP connection
\[\[[@​anupj](https://togithub.com/anupj)]]
- \[[#​2826]]: chore: bump some sqlx-core dependencies
\[\[[@​djc](https://togithub.com/djc)]]
- \[[#​2838]]: Fixes rust_decimal scale for Postgres
\[\[[@​jkleinknox](https://togithub.com/jkleinknox)]]
- \[[#​2847]]: Fix comment in `sqlx migrate add` help text
\[\[[@​cryeprecision](https://togithub.com/cryeprecision)]]
- \[[#​2850]]: fix(core): avoid unncessary wakeups in
`try_stream!()`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2856]]: Prevent warnings running `cargo build`
\[\[[@​nyurik](https://togithub.com/nyurik)]]
- \[[#​2864]]: fix(sqlite): use `AtomicUsize` for thread IDs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2892]]: Fixed force dropping bug
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
[#​2478]: https://togithub.com/launchbadge/sqlx/pull/2478
[#​2545]: https://togithub.com/launchbadge/sqlx/pull/2545
[#​2640]: https://togithub.com/launchbadge/sqlx/pull/2640
[#​2655]: https://togithub.com/launchbadge/sqlx/pull/2655
[#​2665]: https://togithub.com/launchbadge/sqlx/pull/2665
[#​2684]: https://togithub.com/launchbadge/sqlx/pull/2684
[#​2688]: https://togithub.com/launchbadge/sqlx/pull/2688
[#​2701]: https://togithub.com/launchbadge/sqlx/pull/2701
[#​2713]: https://togithub.com/launchbadge/sqlx/pull/2713
[#​2752]: https://togithub.com/launchbadge/sqlx/pull/2752
[#​2754]: https://togithub.com/launchbadge/sqlx/pull/2754
[#​2769]: https://togithub.com/launchbadge/sqlx/pull/2769
[#​2770]: https://togithub.com/launchbadge/sqlx/pull/2770
[#​2782]: https://togithub.com/launchbadge/sqlx/pull/2782
[#​2784]: https://togithub.com/launchbadge/sqlx/pull/2784
[#​2793]: https://togithub.com/launchbadge/sqlx/pull/2793
[#​2797]: https://togithub.com/launchbadge/sqlx/pull/2797
[#​2801]: https://togithub.com/launchbadge/sqlx/pull/2801
[#​2803]: https://togithub.com/launchbadge/sqlx/pull/2803
[#​2806]: https://togithub.com/launchbadge/sqlx/pull/2806
[#​2819]: https://togithub.com/launchbadge/sqlx/pull/2819
[#​2820]: https://togithub.com/launchbadge/sqlx/pull/2820
[#​2822]: https://togithub.com/launchbadge/sqlx/pull/2822
[#​2826]: https://togithub.com/launchbadge/sqlx/pull/2826
[#​2827]: https://togithub.com/launchbadge/sqlx/pull/2827
[#​2832]: https://togithub.com/launchbadge/sqlx/pull/2832
[#​2838]: https://togithub.com/launchbadge/sqlx/pull/2838
[#​2847]: https://togithub.com/launchbadge/sqlx/pull/2847
[#​2850]: https://togithub.com/launchbadge/sqlx/pull/2850
[#​2856]: https://togithub.com/launchbadge/sqlx/pull/2856
[#​2864]: https://togithub.com/launchbadge/sqlx/pull/2864
[#​2865]: https://togithub.com/launchbadge/sqlx/pull/2865
[#​2871]: https://togithub.com/launchbadge/sqlx/pull/2871
[#​2873]: https://togithub.com/launchbadge/sqlx/pull/2873
[#​2880]: https://togithub.com/launchbadge/sqlx/pull/2880
[#​2882]: https://togithub.com/launchbadge/sqlx/pull/2882
[#​2890]: https://togithub.com/launchbadge/sqlx/pull/2890
[#​2892]: https://togithub.com/launchbadge/sqlx/pull/2892
[#​2894]: https://togithub.com/launchbadge/sqlx/pull/2894
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Mikayla <mikayla@zed.dev>
2024-08-29 04:08:15 +00:00
sea-orm = { version = "1.1.0-rc.1" , features = [ "sqlx-sqlite" ] }
2023-04-25 00:41:55 +00:00
serde_json . workspace = true
2024-07-23 17:44:02 +00:00
session = { workspace = true , features = [ "test-support" ] }
2024-02-06 19:41:36 +00:00
settings = { workspace = true , features = [ "test-support" ] }
Update Rust crate sqlx to 0.8 [SECURITY] (#16791)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [sqlx](https://togithub.com/launchbadge/sqlx) | dev-dependencies |
minor | `0.7` -> `0.8` |
| [sqlx](https://togithub.com/launchbadge/sqlx) | dependencies | minor |
`0.7` -> `0.8` |
### GitHub Vulnerability Alerts
####
[GHSA-xmrp-424f-vfpx](https://togithub.com/launchbadge/sqlx/issues/3440)
The following presentation at this year's DEF CON was brought to our
attention on the SQLx Discord:
> SQL Injection isn't Dead: Smuggling Queries at the Protocol Level
>
<http://web.archive.org/web/20240812130923/https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn't%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf>
> (Archive link for posterity.)
Essentially, encoding a value larger than 4GiB can cause the length
prefix in the protocol to overflow,
causing the server to interpret the rest of the string as binary
protocol commands or other data.
It appears SQLx _does_ perform truncating casts in a way that could be
problematic,
for example:
<https://github.com/launchbadge/sqlx/blob/6f2905695b9606b5f51b40ce10af63ac9e696bb8/sqlx-postgres/src/arguments.rs#L163>
This code has existed essentially since the beginning,
so it is reasonable to assume that all published versions `<= 0.8.0` are
affected.
## Mitigation
As always, you should make sure your application is validating
untrustworthy user input.
Reject any input over 4 GiB, or any input that could _encode_ to a
string longer than 4 GiB.
Dynamically built queries are also potentially problematic if it pushes
the message size over this 4 GiB bound.
[`Encode::size_hint()`](https://docs.rs/sqlx/latest/sqlx/trait.Encode.html#method.size_hint)
can be used for sanity checks, but do not assume that the size returned
is accurate.
For example, the `Json<T>` and `Text<T>` adapters have no reasonable way
to predict or estimate the final encoded size,
so they just return `size_of::<T>()` instead.
For web application backends, consider adding some middleware that
limits the size of request bodies by default.
## Resolution
Work has started on a branch to add `#[deny]` directives for the
following Clippy lints:
*
[`cast_possible_truncation`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_truncation)
*
[`cast_possible_wrap`](https://rust-lang.github.io/rust-clippy/master/#/cast_possible_wrap)
*
[`cast_sign_loss`](https://rust-lang.github.io/rust-clippy/master/#/cast_sign_loss)
and to manually audit the code that they flag.
A fix is expected to be included in the `0.8.1` release (still WIP as of
writing).
---
### Release Notes
<details>
<summary>launchbadge/sqlx (sqlx)</summary>
###
[`v0.8.1`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#081---2024-08-23)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.8.0...v0.8.1)
16 pull requests were merged this release cycle.
This release contains a fix for [RUSTSEC-2024-0363].
Postgres users are advised to upgrade ASAP as a possible exploit has
been demonstrated:
[#​3440
(comment)](https://togithub.com/launchbadge/sqlx/issues/3440#issuecomment-2307956901)
MySQL and SQLite do not *appear* to be exploitable, but upgrading is
recommended nonetheless.
##### Added
- \[[#​3421]]: correct spelling of
`MySqlConnectOptions::no_engine_substitution()`
\[\[[@​kolinfluence](https://togithub.com/kolinfluence)]]
- Deprecates `MySqlConnectOptions::no_engine_subsitution()` (oops) in
favor of the correctly spelled version.
##### Changed
- \[[#​3376]]: doc: hide `spec_error` module
\[\[[@​abonander](https://togithub.com/abonander)]]
- This is a helper module for the macros and was not meant to be
exposed.
- It is not expected to receive any breaking changes for the 0.8.x
release, but is not designed as a public API.
Use at your own risk.
- \[[#​3382]]: feat: bumped to `libsqlite3-sys=0.30.1` to support
sqlite 3.46
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3385]]: chore(examples):Migrated the pg-chat example to
ratatui
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3399]]: Upgrade to rustls 0.23
\[\[[@​djc](https://togithub.com/djc)]]
- RusTLS now has pluggable cryptography providers: `ring` (the existing
implementation),
and `aws-lc-rs` which has optional FIPS certification.
- The existing features activating RusTLS (`runtime-tokio-rustls`,
`runtime-async-std-rustls`, `tls-rustls`)
enable the `ring` provider of RusTLS to match the existing behavior so
this *should not* be a breaking change.
- Switch to the `tls-rustls-aws-lc-rs` feature to use the `aws-lc-rs`
provider.
- If using `runtime-tokio-rustls` or `runtime-async-std-rustls`,
this will necessitate switching to the appropriate non-legacy runtime
feature:
`runtime-tokio` or `runtime-async-std`
- See the RusTLS README for more details:
<https://github.com/rustls/rustls?tab=readme-ov-file#cryptography-providers>
##### Fixed
- \[[#​2786]]: fix(sqlx-cli): do not clean sqlx during prepare
\[\[[@​cycraig](https://togithub.com/cycraig)]]
- \[[#​3354]]: sqlite: fix inconsistent read-after-write
\[\[[@​ckampfe](https://togithub.com/ckampfe)]]
- \[[#​3371]]: Fix encoding and decoding of MySQL enums in
`sqlx::Type` \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​3374]]: fix: usage of `node12` in `SQLx` action
\[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3380]]: chore: replace structopt with clap in examples
\[\[[@​tottoto](https://togithub.com/tottoto)]]
- \[[#​3381]]: Fix CI after Rust 1.80, remove dead feature
references \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3384]]: chore(tests): fixed deprecation warnings
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3386]]: fix(dependencys):bumped cargo_metadata to `v0.18.1`
to avoid yanked `v0.14.3`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3389]]: fix(cli): typo in error for required DB URL
\[\[[@​ods](https://togithub.com/ods)]]
- \[[#​3417]]: Update version to 0.8 in README
\[\[[@​soucosmo](https://togithub.com/soucosmo)]]
- \[[#​3441]]: fix: audit protocol handling
\[\[[@​abonander](https://togithub.com/abonander)]]
- This addresses [RUSTSEC-2024-0363] and includes regression tests for
MySQL, Postgres and SQLite.
[#​2786]: https://togithub.com/launchbadge/sqlx/pull/2786
[#​3354]: https://togithub.com/launchbadge/sqlx/pull/3354
[#​3371]: https://togithub.com/launchbadge/sqlx/pull/3371
[#​3374]: https://togithub.com/launchbadge/sqlx/pull/3374
[#​3376]: https://togithub.com/launchbadge/sqlx/pull/3376
[#​3380]: https://togithub.com/launchbadge/sqlx/pull/3380
[#​3381]: https://togithub.com/launchbadge/sqlx/pull/3381
[#​3382]: https://togithub.com/launchbadge/sqlx/pull/3382
[#​3384]: https://togithub.com/launchbadge/sqlx/pull/3384
[#​3385]: https://togithub.com/launchbadge/sqlx/pull/3385
[#​3386]: https://togithub.com/launchbadge/sqlx/pull/3386
[#​3389]: https://togithub.com/launchbadge/sqlx/pull/3389
[#​3399]: https://togithub.com/launchbadge/sqlx/pull/3399
[#​3417]: https://togithub.com/launchbadge/sqlx/pull/3417
[#​3421]: https://togithub.com/launchbadge/sqlx/pull/3421
[#​3441]: https://togithub.com/launchbadge/sqlx/pull/3441
[RUSTSEC-2024-0363]:
https://rustsec.org/advisories/RUSTSEC-2024-0363.html
###
[`v0.8.0`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#080---2024-07-22)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.4...v0.8.0)
70 pull requests were merged this release cycle.
[#​2697] was merged the same day as release 0.7.4 and so was
missed by the automatic CHANGELOG generation.
##### Breaking
- \[[#​2697]]: fix(macros): only enable chrono when time is
disabled
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2973]]: Generic Associated Types in Database, replacing
HasValueRef, HasArguments, HasStatement
\[\[[@​nitn3lav](https://togithub.com/nitn3lav)]]
- \[[#​2482]]: chore: bump syn to 2.0
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- Deprecated type ascription syntax in the query macros was removed.
- \[[#​2736]]: Fix describe on PostgreSQL views with rules
\[\[[@​tsing](https://togithub.com/tsing)]]
- Potentially breaking: nullability inference changes for Postgres.
- \[[#​2869]]: Implement PgHasArrayType for all references
\[\[[@​tylerhawkes](https://togithub.com/tylerhawkes)]]
- Conflicts with existing manual implementations.
- \[[#​2940]]: fix: Decode and Encode derives
([#​1031](https://togithub.com/launchbadge/sqlx/issues/1031))
\[\[[@​benluelo](https://togithub.com/benluelo)]]
- Changes lifetime obligations for field types.
- \[[#​3064]]: Sqlite explain graph
\[\[[@​tyrelr](https://togithub.com/tyrelr)]]
- Potentially breaking: nullability inference changes for SQLite.
- \[[#​3123]]: Reorder attrs in sqlx::test macro
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- Potentially breaking: attributes on `#[sqlx::test]` usages are applied
in the correct order now.
- \[[#​3126]]: Make Encode return a result
\[\[[@​FSMaxB](https://togithub.com/FSMaxB)]]
- \[[#​3130]]: Add version information for failed cli migration
([#​3129](https://togithub.com/launchbadge/sqlx/issues/3129))
\[\[[@​FlakM](https://togithub.com/FlakM)]]
- Breaking changes to `MigrateError`.
- \[[#​3181]]: feat: no tx migration
\[\[[@​cleverjam](https://togithub.com/cleverjam)]]
- (Postgres only) migrations that should not run in a transaction can be
flagged by adding `-- no-transaction` to the beginning.
- Breaking change: added field to `Migration`
- \[[#​3184]]: \[BREAKING} fix(sqlite): always use `i64` as
intermediate when decoding
\[\[[@​abonander](https://togithub.com/abonander)]]
- integer decoding will now loudly error on overflow instead of silently
truncating.
- some usages of the query!() macros might change an i32 to an i64.
- \[[#​3252]]: fix `#[derive(sqlx::Type)]` in Postgres
\[\[[@​abonander](https://togithub.com/abonander)]]
- Manual implementations of PgHasArrayType for enums will conflict with
the generated one. Delete the manual impl or add `#[sqlx(no_pg_array)]`
where conflicts occur.
- Type equality for PgTypeInfo is now schema-aware.
- \[[#​3329]]: fix: correct handling of arrays of custom types in
Postgres \[\[[@​abonander](https://togithub.com/abonander)]]
- Potential breaking change: `PgTypeInfo::with_name()` infers types that
start with `_` to be arrays of the un-prefixed type. Wrap type names in
quotes to bypass this behavior.
- \[[#​3356]]: breaking: fix name collision in `FromRow`, return
`Error::ColumnDecode` for `TryFrom` errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- Breaking behavior change: errors with `#[sqlx(try_from = "T")]` now
return `Error::ColumnDecode` instead of `Error::ColumnNotFound`.
- Breaking because `#[sqlx(default)]` on an individual field or the
struct itself would have previously suppressed the error.
This doesn't seem like good behavior as it could result in some
potentially very difficult bugs.
- Instead, create a wrapper implementing `From` and apply the default
explicitly.
- \[[#​3337]]: allow rename with rename_all (close
[#​2896](https://togithub.com/launchbadge/sqlx/issues/2896))
\[\[[@​DirectorX](https://togithub.com/DirectorX)]]
- Changes the precedence of `#[sqlx(rename)]` and `#[sqlx(rename_all)]`
to match the expected behavior (`rename` wins).
- \[[#​3285]]: fix: use correct names for sslmode options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- Changes the output of `ConnectOptions::to_url_lossy()` to match what
parsing expects.
##### Added
- \[[#​2917]]: Add Debug impl for PgRow
\[\[[@​g-bartoszek](https://togithub.com/g-bartoszek)]]
- \[[#​3113]]: feat: new derive feature flag
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​3154]]: feat: add `MySqlTime`, audit `mysql::types` for
panics \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3188]]: feat(cube): support postgres cube
\[\[[@​jayy-lmao](https://togithub.com/jayy-lmao)]]
- \[[#​3244]]: feat: support `NonZero*` scalar types
\[\[[@​AlphaKeks](https://togithub.com/AlphaKeks)]]
- \[[#​3260]]: feat: Add set_update_hook on SqliteConnection
\[\[[@​gridbox](https://togithub.com/gridbox)]]
- \[[#​3291]]: feat: support the Postgres Bool type for the Any
driver \[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3293]]: Add LICENSE-\* files to crates
\[\[[@​LecrisUT](https://togithub.com/LecrisUT)]]
- \[[#​3303]]: add array support for NonZeroI\* in postgres
\[\[[@​JohannesIBK](https://togithub.com/JohannesIBK)]]
- \[[#​3311]]: Add example on how to use Transaction as Executor
\[\[[@​Lachstec](https://togithub.com/Lachstec)]]
- \[[#​3343]]: Add support for PostgreSQL HSTORE data type
\[\[[@​KobusEllis](https://togithub.com/KobusEllis)]]
##### Changed
- \[[#​2652]]: MySQL: Remove collation compatibility check for
strings \[\[[@​alu](https://togithub.com/alu)]]
- \[[#​2960]]: Removed `Send` trait bound from argument binding
\[\[[@​bobozaur](https://togithub.com/bobozaur)]]
- \[[#​2970]]: refactor: lift type mappings into driver crates
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3148]]: Bump libsqlite3-sys to v0.28
\[\[[@​NfNitLoop](https://togithub.com/NfNitLoop)]]
- Note: version bumps to `libsqlite3-sys` are not considered breaking
changes as per our semver guarantees.
- \[[#​3265]]: perf: box `MySqlConnection` to reduce sizes of
futures
\[\[[@​stepantubanov](https://togithub.com/stepantubanov)]]
- \[[#​3352]]: chore:added a testcase for `sqlx migrate add ...`
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3340]]: ci: Add job to check that sqlx builds with its
declared minimum dependencies
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
##### Fixed
- \[[#​2702]]: Constrain cyclic associated types to themselves
\[\[[@​BadBastion](https://togithub.com/BadBastion)]]
- \[[#​2954]]: Fix several inter doc links
\[\[[@​ralpha](https://togithub.com/ralpha)]]
- \[[#​3073]]: feat(logging): Log slow acquires from connection
pool \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3137]]: SqliteConnectOptions::filename() memory fix
([#​3136](https://togithub.com/launchbadge/sqlx/issues/3136))
\[\[[@​hoxxep](https://togithub.com/hoxxep)]]
- \[[#​3138]]: PostgreSQL Bugfix: Ensure connection is usable
after failed COPY inside a transaction
\[\[[@​feikesteenbergen](https://togithub.com/feikesteenbergen)]]
- \[[#​3146]]: fix(sqlite): delete unused `ConnectionHandleRaw`
type \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3162]]: Drop urlencoding dependency
\[\[[@​paolobarbolini](https://togithub.com/paolobarbolini)]]
- \[[#​3165]]: Bump deps that do not need code changes
\[\[[@​GnomedDev](https://togithub.com/GnomedDev)]]
- \[[#​3167]]: fix(ci): use `docker compose` instead of
`docker-compose`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3172]]: fix: Option decoding in any driver
\[\[[@​pxp9](https://togithub.com/pxp9)]]
- \[[#​3173]]: fix(postgres) : int type conversion while decoding
\[\[[@​RaghavRox](https://togithub.com/RaghavRox)]]
- \[[#​3190]]: Update time to 0.3.36
\[\[[@​BlackSoulHub](https://togithub.com/BlackSoulHub)]]
- \[[#​3191]]: Fix unclean TLS shutdown
\[\[[@​levkk](https://togithub.com/levkk)]]
- \[[#​3194]]: Fix leaking connections in fetch_optional
([#​2647](https://togithub.com/launchbadge/sqlx/issues/2647))
\[\[[@​danjpgriffin](https://togithub.com/danjpgriffin)]]
- \[[#​3216]]: security: bump rustls to 0.21.11
\[\[[@​toxeus](https://togithub.com/toxeus)]]
- \[[#​3230]]: fix: sqlite pragma order for auto_vacuum
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3233]]: fix: get_filename should not consume self
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3234]]: fix(ci): pin Rust version, ditch unmaintained
actions \[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3236]]: fix: resolve `path` ownership problems when using
`sqlx_macros_unstable`
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​3254]]: fix: hide `sqlx_postgres::any`
\[\[[@​Zarathustra2](https://togithub.com/Zarathustra2)]]
- \[[#​3266]]: ci: MariaDB - add back 11.4 and add 11.5
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3267]]: ci: syntax fix
\[\[[@​grooverdan](https://togithub.com/grooverdan)]]
- \[[#​3271]]: docs(sqlite): fix typo - unixtime() -> unixepoch()
\[\[[@​joelkoen](https://togithub.com/joelkoen)]]
- \[[#​3276]]: Invert boolean for `migrate` error message.
([#​3275](https://togithub.com/launchbadge/sqlx/issues/3275))
\[\[[@​nk9](https://togithub.com/nk9)]]
- \[[#​3279]]: fix Clippy errors
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3288]]: fix: sqlite update_hook char types
\[\[[@​jasonish](https://togithub.com/jasonish)]]
- \[[#​3297]]: Pass the `persistent` query setting when preparing
queries with the `Any` driver
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3298]]: Track null arguments in order to provide the
appropriate type when converting them.
\[\[[@​etorreborre](https://togithub.com/etorreborre)]]
- \[[#​3312]]: doc: Minor rust docs fixes
\[\[[@​SrGesus](https://togithub.com/SrGesus)]]
- \[[#​3327]]: chore: fixed one usage of `select_input_type!()`
being unhygenic
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3328]]: fix(ci): comment not separated from other
characters \[\[[@​hamirmahal](https://togithub.com/hamirmahal)]]
- \[[#​3341]]: refactor: Resolve cargo check warnings in postgres
examples \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3346]]: fix(postgres): don't panic if `M` or `C` Notice
fields are not UTF-8
\[\[[@​YgorSouza](https://togithub.com/YgorSouza)]]
- \[[#​3350]]: fix:the `json`-feature should activate
`sqlx-postgres?/json` as well
\[\[[@​CommanderStorm](https://togithub.com/CommanderStorm)]]
- \[[#​3353]]: fix: build script new line at eof
\[\[[@​Zarthus](https://togithub.com/Zarthus)]]
- (no PR): activate `clock` and `std` features of
`workspace.dependencies.chrono`.
[#​2482]: https://togithub.com/launchbadge/sqlx/pull/2482
[#​2652]: https://togithub.com/launchbadge/sqlx/pull/2652
[#​2697]: https://togithub.com/launchbadge/sqlx/pull/2697
[#​2702]: https://togithub.com/launchbadge/sqlx/pull/2702
[#​2736]: https://togithub.com/launchbadge/sqlx/pull/2736
[#​2869]: https://togithub.com/launchbadge/sqlx/pull/2869
[#​2917]: https://togithub.com/launchbadge/sqlx/pull/2917
[#​2940]: https://togithub.com/launchbadge/sqlx/pull/2940
[#​2954]: https://togithub.com/launchbadge/sqlx/pull/2954
[#​2960]: https://togithub.com/launchbadge/sqlx/pull/2960
[#​2970]: https://togithub.com/launchbadge/sqlx/pull/2970
[#​2973]: https://togithub.com/launchbadge/sqlx/pull/2973
[#​3064]: https://togithub.com/launchbadge/sqlx/pull/3064
[#​3073]: https://togithub.com/launchbadge/sqlx/pull/3073
[#​3113]: https://togithub.com/launchbadge/sqlx/pull/3113
[#​3123]: https://togithub.com/launchbadge/sqlx/pull/3123
[#​3126]: https://togithub.com/launchbadge/sqlx/pull/3126
[#​3130]: https://togithub.com/launchbadge/sqlx/pull/3130
[#​3137]: https://togithub.com/launchbadge/sqlx/pull/3137
[#​3138]: https://togithub.com/launchbadge/sqlx/pull/3138
[#​3146]: https://togithub.com/launchbadge/sqlx/pull/3146
[#​3148]: https://togithub.com/launchbadge/sqlx/pull/3148
[#​3154]: https://togithub.com/launchbadge/sqlx/pull/3154
[#​3162]: https://togithub.com/launchbadge/sqlx/pull/3162
[#​3165]: https://togithub.com/launchbadge/sqlx/pull/3165
[#​3167]: https://togithub.com/launchbadge/sqlx/pull/3167
[#​3172]: https://togithub.com/launchbadge/sqlx/pull/3172
[#​3173]: https://togithub.com/launchbadge/sqlx/pull/3173
[#​3181]: https://togithub.com/launchbadge/sqlx/pull/3181
[#​3184]: https://togithub.com/launchbadge/sqlx/pull/3184
[#​3188]: https://togithub.com/launchbadge/sqlx/pull/3188
[#​3190]: https://togithub.com/launchbadge/sqlx/pull/3190
[#​3191]: https://togithub.com/launchbadge/sqlx/pull/3191
[#​3194]: https://togithub.com/launchbadge/sqlx/pull/3194
[#​3216]: https://togithub.com/launchbadge/sqlx/pull/3216
[#​3230]: https://togithub.com/launchbadge/sqlx/pull/3230
[#​3233]: https://togithub.com/launchbadge/sqlx/pull/3233
[#​3234]: https://togithub.com/launchbadge/sqlx/pull/3234
[#​3236]: https://togithub.com/launchbadge/sqlx/pull/3236
[#​3244]: https://togithub.com/launchbadge/sqlx/pull/3244
[#​3252]: https://togithub.com/launchbadge/sqlx/pull/3252
[#​3254]: https://togithub.com/launchbadge/sqlx/pull/3254
[#​3260]: https://togithub.com/launchbadge/sqlx/pull/3260
[#​3265]: https://togithub.com/launchbadge/sqlx/pull/3265
[#​3266]: https://togithub.com/launchbadge/sqlx/pull/3266
[#​3267]: https://togithub.com/launchbadge/sqlx/pull/3267
[#​3271]: https://togithub.com/launchbadge/sqlx/pull/3271
[#​3276]: https://togithub.com/launchbadge/sqlx/pull/3276
[#​3279]: https://togithub.com/launchbadge/sqlx/pull/3279
[#​3285]: https://togithub.com/launchbadge/sqlx/pull/3285
[#​3288]: https://togithub.com/launchbadge/sqlx/pull/3288
[#​3291]: https://togithub.com/launchbadge/sqlx/pull/3291
[#​3293]: https://togithub.com/launchbadge/sqlx/pull/3293
[#​3297]: https://togithub.com/launchbadge/sqlx/pull/3297
[#​3298]: https://togithub.com/launchbadge/sqlx/pull/3298
[#​3303]: https://togithub.com/launchbadge/sqlx/pull/3303
[#​3311]: https://togithub.com/launchbadge/sqlx/pull/3311
[#​3312]: https://togithub.com/launchbadge/sqlx/pull/3312
[#​3327]: https://togithub.com/launchbadge/sqlx/pull/3327
[#​3328]: https://togithub.com/launchbadge/sqlx/pull/3328
[#​3329]: https://togithub.com/launchbadge/sqlx/pull/3329
[#​3337]: https://togithub.com/launchbadge/sqlx/pull/3337
[#​3340]: https://togithub.com/launchbadge/sqlx/pull/3340
[#​3341]: https://togithub.com/launchbadge/sqlx/pull/3341
[#​3343]: https://togithub.com/launchbadge/sqlx/pull/3343
[#​3346]: https://togithub.com/launchbadge/sqlx/pull/3346
[#​3350]: https://togithub.com/launchbadge/sqlx/pull/3350
[#​3352]: https://togithub.com/launchbadge/sqlx/pull/3352
[#​3353]: https://togithub.com/launchbadge/sqlx/pull/3353
[#​3356]: https://togithub.com/launchbadge/sqlx/pull/3356
###
[`v0.7.4`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#074---2024-03-11)
[Compare
Source](https://togithub.com/launchbadge/sqlx/compare/v0.7.3...v0.7.4)
38 pull requests were merged this release cycle.
This is officially the **last** release of the 0.7.x release cycle.
As of this release, development of 0.8.0 has begun on `main` and only
high-priority bugfixes may be backported.
##### Added
- \[[#​2891]]: feat: expose getters for connect options fields
\[\[[@​saiintbrisson](https://togithub.com/saiintbrisson)]]
- \[[#​2902]]: feat: add `to_url_lossy` to connect options
\[\[[@​lily-mosquitoes](https://togithub.com/lily-mosquitoes)]]
- \[[#​2927]]: Support `query!` for cargo-free systems
\[\[[@​kshramt](https://togithub.com/kshramt)]]
- \[[#​2997]]: doc(FAQ): add entry explaining prepared statements
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3001]]: Update README to clarify MariaDB support
\[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3004]]: feat(logging): Add numeric elapsed time field
elapsed_secs \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3007]]: feat: add `raw_sql` API
\[\[[@​abonander](https://togithub.com/abonander)]]
- This hopefully makes it easier to find how to execute statements which
are not supported by the default
prepared statement interfaces `query*()` and `query!()`.
- Improved documentation across the board for the `query*()` functions.
- Deprecated: `execute_many()` and `fetch_many()` on interfaces that use
prepared statements.
- Multiple SQL statements in one query string were only supported by
SQLite because its prepared statement
interface is the *only* way to execute SQL. All other database flavors
forbid multiple statements in
one prepared statement string as an extra defense against SQL injection.
- The new `raw_sql` API retains this functionality because it explicitly
does *not* use prepared statements.
Raw or text-mode query interfaces generally allow multiple statements in
one query string, and this is
supported by all current databases. Due to their nature, however, one
cannot use bind parameters with them.
- If this change affects you, an issue is open for discussion:
[https://github.com/launchbadge/sqlx/issues/3108](https://togithub.com/launchbadge/sqlx/issues/3108)
- \[[#​3011]]: Added support to IpAddr with MySQL/MariaDB.
\[\[[@​Icerath](https://togithub.com/Icerath)]]
- \[[#​3013]]: Add default implementation for PgInterval
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3018]]: Add default implementation for PgMoney
\[\[[@​pawurb](https://togithub.com/pawurb)]]
- \[[#​3026]]: Update docs to reflect support for MariaDB data
types \[\[[@​iangilfillan](https://togithub.com/iangilfillan)]]
- \[[#​3037]]: feat(mysql): allow to connect with mysql driver
without default behavor
\[\[[@​darkecho731](https://togithub.com/darkecho731)]]
##### Changed
- \[[#​2900]]: Show latest url to docs for macro.migrate
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2914]]: Use `create_new` instead of `atomic-file-write`
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2926]]: docs: update example for `PgConnectOptions`
\[\[[@​Fyko](https://togithub.com/Fyko)]]
- \[[#​2989]]: sqlx-core: Remove dotenvy dependency
\[\[[@​joshtriplett](https://togithub.com/joshtriplett)]]
- \[[#​2996]]: chore: Update ahash to 0.8.7
\[\[[@​takenoko-gohan](https://togithub.com/takenoko-gohan)]]
- \[[#​3006]]: chore(deps): Replace unmaintained tempdir crate
with tempfile \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3008]]: chore: Ignore .sqlx folder created by running ci
steps locally \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3009]]: chore(dev-deps): Upgrade env_logger from 0.9 to
0.11 \[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3010]]: chore(deps): Upgrade criterion to 0.5.1
\[\[[@​iamjpotts](https://togithub.com/iamjpotts)]]
- \[[#​3050]]: Optimize SASL auth in sqlx-postgres
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3055]]: Set TCP_NODELAY option on TCP sockets
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3065]]: Improve max_lifetime handling
\[\[[@​mirek26](https://togithub.com/mirek26)]]
- \[[#​3072]]: Change the name of "inner" function generated by
`#[sqlx::test]` \[\[[@​ciffelia](https://togithub.com/ciffelia)]]
- \[[#​3083]]: Remove sha1 because it's not being used in postgres
\[\[[@​rafaelGuerreiro](https://togithub.com/rafaelGuerreiro)]]
##### Fixed
- \[[#​2898]]: Fixed docs
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2905]]: fix(mysql): Close prepared statement if persistence
is disabled
\[\[[@​larsschumacher](https://togithub.com/larsschumacher)]]
- \[[#​2913]]: Fix handling of deferred constraints
\[\[[@​Thomasdezeeuw](https://togithub.com/Thomasdezeeuw)]]
- \[[#​2919]]: fix duplicate "\`" in FromRow "default" attribute
doc comment \[\[[@​shengsheng](https://togithub.com/shengsheng)]]
- \[[#​2932]]: fix(postgres): avoid unnecessary flush in
PgCopyIn::read_from \[\[[@​tsing](https://togithub.com/tsing)]]
- \[[#​2955]]: Minor fixes
\[\[[@​Dawsoncodes](https://togithub.com/Dawsoncodes)]]
- \[[#​2963]]: Fixed ReadMe badge styling
\[\[[@​tadghh](https://togithub.com/tadghh)]]
- \[[#​2976]]: fix: AnyRow not support PgType::Varchar
\[\[[@​holicc](https://togithub.com/holicc)]]
- \[[#​3053]]: fix: do not panic when binding a large BigDecimal
\[\[[@​Ekleog](https://togithub.com/Ekleog)]]
- \[[#​3056]]: fix: spans in sqlite tracing
([#​2876](https://togithub.com/launchbadge/sqlx/issues/2876))
\[\[[@​zoomiti](https://togithub.com/zoomiti)]]
- \[[#​3089]]: fix(migrate): improve error message when parsing
version from filename
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​3098]]: Migrations fixes
\[\[[@​abonander](https://togithub.com/abonander)]]
- Unhides `sqlx::migrate::Migrator`.
- Improves I/O error message when failing to read a file in
`migrate!()`.
[#​2891]: https://togithub.com/launchbadge/sqlx/pull/2891
[#​2898]: https://togithub.com/launchbadge/sqlx/pull/2898
[#​2900]: https://togithub.com/launchbadge/sqlx/pull/2900
[#​2902]: https://togithub.com/launchbadge/sqlx/pull/2902
[#​2905]: https://togithub.com/launchbadge/sqlx/pull/2905
[#​2913]: https://togithub.com/launchbadge/sqlx/pull/2913
[#​2914]: https://togithub.com/launchbadge/sqlx/pull/2914
[#​2919]: https://togithub.com/launchbadge/sqlx/pull/2919
[#​2926]: https://togithub.com/launchbadge/sqlx/pull/2926
[#​2927]: https://togithub.com/launchbadge/sqlx/pull/2927
[#​2932]: https://togithub.com/launchbadge/sqlx/pull/2932
[#​2955]: https://togithub.com/launchbadge/sqlx/pull/2955
[#​2963]: https://togithub.com/launchbadge/sqlx/pull/2963
[#​2976]: https://togithub.com/launchbadge/sqlx/pull/2976
[#​2989]: https://togithub.com/launchbadge/sqlx/pull/2989
[#​2996]: https://togithub.com/launchbadge/sqlx/pull/2996
[#​2997]: https://togithub.com/launchbadge/sqlx/pull/2997
[#​3001]: https://togithub.com/launchbadge/sqlx/pull/3001
[#​3004]: https://togithub.com/launchbadge/sqlx/pull/3004
[#​3006]: https://togithub.com/launchbadge/sqlx/pull/3006
[#​3007]: https://togithub.com/launchbadge/sqlx/pull/3007
[#​3008]: https://togithub.com/launchbadge/sqlx/pull/3008
[#​3009]: https://togithub.com/launchbadge/sqlx/pull/3009
[#​3010]: https://togithub.com/launchbadge/sqlx/pull/3010
[#​3011]: https://togithub.com/launchbadge/sqlx/pull/3011
[#​3013]: https://togithub.com/launchbadge/sqlx/pull/3013
[#​3018]: https://togithub.com/launchbadge/sqlx/pull/3018
[#​3026]: https://togithub.com/launchbadge/sqlx/pull/3026
[#​3037]: https://togithub.com/launchbadge/sqlx/pull/3037
[#​3050]: https://togithub.com/launchbadge/sqlx/pull/3050
[#​3053]: https://togithub.com/launchbadge/sqlx/pull/3053
[#​3055]: https://togithub.com/launchbadge/sqlx/pull/3055
[#​3056]: https://togithub.com/launchbadge/sqlx/pull/3056
[#​3065]: https://togithub.com/launchbadge/sqlx/pull/3065
[#​3072]: https://togithub.com/launchbadge/sqlx/pull/3072
[#​3083]: https://togithub.com/launchbadge/sqlx/pull/3083
[#​3089]: https://togithub.com/launchbadge/sqlx/pull/3089
[#​3098]: https://togithub.com/launchbadge/sqlx/pull/3098
###
[`v0.7.3`](https://togithub.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#073---2023-11-22)
38 pull requests were merged this release cycle.
##### Added
- \[[#​2478]]: feat(citext): support postgres citext
\[\[[@​hgranthorner](https://togithub.com/hgranthorner)]]
- \[[#​2545]]: Add `fixtures_path` in sqlx::test args
\[\[[@​ripa1995](https://togithub.com/ripa1995)]]
- \[[#​2665]]: feat(mysql): support packet splitting
\[\[[@​tk2217](https://togithub.com/tk2217)]]
- \[[#​2752]]: Enhancement
[#​2747](https://togithub.com/launchbadge/sqlx/issues/2747)
Provide `fn PgConnectOptions::get_host(&self)`
\[\[[@​boris-lok](https://togithub.com/boris-lok)]]
- \[[#​2769]]: Customize the macro error message based on the
metadata \[\[[@​Nemo157](https://togithub.com/Nemo157)]]
- \[[#​2793]]: derived Hash trait for PgInterval
\[\[[@​yasamoka](https://togithub.com/yasamoka)]]
- \[[#​2801]]: derive FromRow: sqlx(default) for all fields
\[\[[@​grgi](https://togithub.com/grgi)]]
- \[[#​2827]]: Add impl `FromRow` for the unit type
\[\[[@​nanoqsh](https://togithub.com/nanoqsh)]]
- \[[#​2871]]: Add `MySqlConnectOptions::get_database()`
\[\[[@​shiftrightonce](https://togithub.com/shiftrightonce)]]
- \[[#​2873]]: Sqlx Cli: Added force flag to drop database for
postgres \[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2894]]: feat: `Text` adapter
\[\[[@​abonander](https://togithub.com/abonander)]]
##### Changed
- \[[#​2701]]: Remove documentation on offline feature
\[\[[@​Baptistemontan](https://togithub.com/Baptistemontan)]]
- \[[#​2713]]: Add additional info regarding using Transaction and
PoolConnection as…
\[\[[@​satwanjyu](https://togithub.com/satwanjyu)]]
- \[[#​2770]]: Update README.md
\[\[[@​snspinn](https://togithub.com/snspinn)]]
- \[[#​2797]]: doc(mysql): document behavior regarding `BOOLEAN`
and the query macros
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2803]]: Don't use separate temp dir for query jsons (2)
\[\[[@​mattfbacon](https://togithub.com/mattfbacon)]]
- \[[#​2819]]: postgres begin cancel safe
\[\[[@​conradludgate](https://togithub.com/conradludgate)]]
- \[[#​2832]]: Update extra_float_digits default to 2 instead of 3
\[\[[@​brianheineman](https://togithub.com/brianheineman)]]
- \[[#​2865]]: Update Faq - Bulk upsert with optional fields
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
- \[[#​2880]]: feat: use specific message for slow query logs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2882]]: Do not require db url for prepare
\[\[[@​tamasfe](https://togithub.com/tamasfe)]]
- \[[#​2890]]: doc(sqlite): cover lack of `NUMERIC` support
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[No PR]: Upgraded `libsqlite3-sys` to 0.27.0
- Note: linkage to `libsqlite3-sys` is considered semver-exempt;
see the release notes for 0.7.0 below for details.
##### Fixed
- \[[#​2640]]: fix: sqlx::macro db cleanup race condition by
adding a margin to current timestamp
\[\[[@​fhsgoncalves](https://togithub.com/fhsgoncalves)]]
- \[[#​2655]]: \[fix] Urlencode when passing filenames to sqlite3
\[\[[@​uttarayan21](https://togithub.com/uttarayan21)]]
- \[[#​2684]]: Make PgListener recover from UnexpectedEof
\[\[[@​hamiltop](https://togithub.com/hamiltop)]]
- \[[#​2688]]: fix: Make rust_decimal and bigdecimal decoding more
lenient \[\[[@​cameronbraid](https://togithub.com/cameronbraid)]]
- \[[#​2754]]: Is tests/x.py maintained? And I tried fix it.
\[\[[@​qwerty2501](https://togithub.com/qwerty2501)]]
- \[[#​2784]]: fix: decode postgres time without subsecond
\[\[[@​granddaifuku](https://togithub.com/granddaifuku)]]
- \[[#​2806]]: Depend on version of async-std with non-private
spawn-blocking \[\[[@​A248](https://togithub.com/A248)]]
- \[[#​2820]]: fix: correct decoding of `rust_decimal::Decimal`
for high-precision values
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2822]]: issue
[#​2821](https://togithub.com/launchbadge/sqlx/issues/2821) Update
error handling logic when opening a TCP connection
\[\[[@​anupj](https://togithub.com/anupj)]]
- \[[#​2826]]: chore: bump some sqlx-core dependencies
\[\[[@​djc](https://togithub.com/djc)]]
- \[[#​2838]]: Fixes rust_decimal scale for Postgres
\[\[[@​jkleinknox](https://togithub.com/jkleinknox)]]
- \[[#​2847]]: Fix comment in `sqlx migrate add` help text
\[\[[@​cryeprecision](https://togithub.com/cryeprecision)]]
- \[[#​2850]]: fix(core): avoid unncessary wakeups in
`try_stream!()`
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2856]]: Prevent warnings running `cargo build`
\[\[[@​nyurik](https://togithub.com/nyurik)]]
- \[[#​2864]]: fix(sqlite): use `AtomicUsize` for thread IDs
\[\[[@​abonander](https://togithub.com/abonander)]]
- \[[#​2892]]: Fixed force dropping bug
\[\[[@​Vrajs16](https://togithub.com/Vrajs16)]]
[#​2478]: https://togithub.com/launchbadge/sqlx/pull/2478
[#​2545]: https://togithub.com/launchbadge/sqlx/pull/2545
[#​2640]: https://togithub.com/launchbadge/sqlx/pull/2640
[#​2655]: https://togithub.com/launchbadge/sqlx/pull/2655
[#​2665]: https://togithub.com/launchbadge/sqlx/pull/2665
[#​2684]: https://togithub.com/launchbadge/sqlx/pull/2684
[#​2688]: https://togithub.com/launchbadge/sqlx/pull/2688
[#​2701]: https://togithub.com/launchbadge/sqlx/pull/2701
[#​2713]: https://togithub.com/launchbadge/sqlx/pull/2713
[#​2752]: https://togithub.com/launchbadge/sqlx/pull/2752
[#​2754]: https://togithub.com/launchbadge/sqlx/pull/2754
[#​2769]: https://togithub.com/launchbadge/sqlx/pull/2769
[#​2770]: https://togithub.com/launchbadge/sqlx/pull/2770
[#​2782]: https://togithub.com/launchbadge/sqlx/pull/2782
[#​2784]: https://togithub.com/launchbadge/sqlx/pull/2784
[#​2793]: https://togithub.com/launchbadge/sqlx/pull/2793
[#​2797]: https://togithub.com/launchbadge/sqlx/pull/2797
[#​2801]: https://togithub.com/launchbadge/sqlx/pull/2801
[#​2803]: https://togithub.com/launchbadge/sqlx/pull/2803
[#​2806]: https://togithub.com/launchbadge/sqlx/pull/2806
[#​2819]: https://togithub.com/launchbadge/sqlx/pull/2819
[#​2820]: https://togithub.com/launchbadge/sqlx/pull/2820
[#​2822]: https://togithub.com/launchbadge/sqlx/pull/2822
[#​2826]: https://togithub.com/launchbadge/sqlx/pull/2826
[#​2827]: https://togithub.com/launchbadge/sqlx/pull/2827
[#​2832]: https://togithub.com/launchbadge/sqlx/pull/2832
[#​2838]: https://togithub.com/launchbadge/sqlx/pull/2838
[#​2847]: https://togithub.com/launchbadge/sqlx/pull/2847
[#​2850]: https://togithub.com/launchbadge/sqlx/pull/2850
[#​2856]: https://togithub.com/launchbadge/sqlx/pull/2856
[#​2864]: https://togithub.com/launchbadge/sqlx/pull/2864
[#​2865]: https://togithub.com/launchbadge/sqlx/pull/2865
[#​2871]: https://togithub.com/launchbadge/sqlx/pull/2871
[#​2873]: https://togithub.com/launchbadge/sqlx/pull/2873
[#​2880]: https://togithub.com/launchbadge/sqlx/pull/2880
[#​2882]: https://togithub.com/launchbadge/sqlx/pull/2882
[#​2890]: https://togithub.com/launchbadge/sqlx/pull/2890
[#​2892]: https://togithub.com/launchbadge/sqlx/pull/2892
[#​2894]: https://togithub.com/launchbadge/sqlx/pull/2894
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" in timezone America/New_York,
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
Release Notes:
- N/A
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Mikayla <mikayla@zed.dev>
2024-08-29 04:08:15 +00:00
sqlx = { version = "0.8" , features = [ "sqlite" ] }
2024-02-06 19:41:36 +00:00
theme . workspace = true
2023-04-25 00:41:55 +00:00
unindent . workspace = true
2024-02-06 19:41:36 +00:00
util . workspace = true
workspace = { workspace = true , features = [ "test-support" ] }
2024-06-04 07:31:43 +00:00
worktree = { workspace = true , features = [ "test-support" ] }
2024-07-29 21:31:36 +00:00
2024-12-05 23:06:17 +00:00
[ target . 'cfg(target_os = "macos")' . dev-dependencies ]
livekit_client_macos = { workspace = true , features = [ "test-support" ] }
[ target . 'cfg(not(target_os = "macos"))' . dev-dependencies ]
livekit_client = { workspace = true , features = [ "test-support" ] }
2024-07-29 21:31:36 +00:00
[ package . metadata . cargo-machete ]
ignored = [ "async-stripe" ]