-
v0.4.0 - Security, Performance & Quality Release
ankit released this
2025-11-16 11:04:19 +00:00 | 4 commits to main since this releaseBREAKING CHANGES:
- StringAgg() and StringAggCast() now accept Field type instead of string for better type safety
Migration: StringAgg("column", ",") → StringAgg(Field("column"), ",")
SECURITY FIXES:
- Fixed nil pointer dereference in GetPool() - now panics with clear error message
- Fixed resource leaks in All() and AllTx() methods with proper rows.Close() handling
- Added config validation in InitPool() for MinConns, MaxConns, and negative values
- StringAgg functions now type-safe to prevent SQL injection
- Added Insert query validation to prevent empty INSERT statements
PERFORMANCE IMPROVEMENTS:
- INSERT queries: +22% faster (588.7→485.6 ns/op), -4 allocations, -128 B/op
- UPDATE queries: +12% faster (597.1→523.7 ns/op), -3 allocations, -96 B/op
- SELECT queries: +3% faster (15,696→15,299 ns/op)
- SetMap: +16% faster (779.9→654.9 ns/op), -4 allocations, -128 B/op
- Field.Name() now zero-allocation using LastIndexByte instead of Split
- DoUpdate() optimized to use pooled string builder
NEW FEATURES:
- Added ClosePool() for graceful shutdown
- Comprehensive godoc comments for all exported functions
- Added 30+ new tests (coverage now 46.8%)
DOCUMENTATION:
- Clarified mutable builder pattern and conditional building vs reuse
- Added thread-safety warnings and examples
- Enhanced query builder lifecycle documentation
- Added extensive inline code examples
BUG FIXES:
- BeginTx() now properly wraps errors with %w format verb
- Field.Name() handles fields without dots gracefully
- Improved structured logging in error messages
Full details: See commit history for comprehensive changes
Downloads
- StringAgg() and StringAggCast() now accept Field type instead of string for better type safety