Changelog

Features

• 6ca8ddb: feat(binding): add BindPlain (#3904) (@guonaihong)
• 4ccfa7c: feat(binding): add support for unixMilli and unixMicro (#4190) (@takanuva15)
• 9d7c0e9: feat(context): GetXxx added support for more go native types (#3633) (@CC11001100)
• fb09c82: feat(context): add SetCookieData (#4240) (@Narita-1095305)
• f05f966: feat(form): Support default values for collections in form binding (#4048) (@takanuva15)
• 3cb3067: feat(form): add array collection format in form binding (#3986) (@slowhigh)
• 24d6764: feat(form): add custom string slice for form tag unmarshal (#3970) (#3971) (@bruceNu1l)
• 8791c96: feat(fs): Export, test and document OnlyFilesFS (#3939) (@joeig)
• 71496ab: feat(fs): Implement loading HTML from http.FileSystem (#4053) (@sunshineplan)
• 3ac729d: feat(gin): support http3 using quic-go/quic-go (#3210) (@thinkerou)
• 4621b7a: feat(router): add literal colon support (#1432) (#2857) (@wssccc)
• dbd8a25: feat: added AbortWithStatusPureJSON() in Context (#4290) (@ddevsr)
• 688a429: feat: support custom json codec at runtime (#3391) (@timandy)

Bug fixes

• 8fb3136: Revert "fix(time): binding time with empty value (#4103)" (#4245) (@appleboy)
• e737e3e: fix(binding): prevent duplicate decoding and add validation in decodeToml (#4193) (@revevide)
• 4f339e6: fix(context): YAML judgment logic in Negotiate (#3966) (@RedCrazyGhost)
• 36b0ded: fix(context): check handler is nil (#3413) (@hktalent)
• e0d46de: fix(context): verify URL is Non-nil in initQueryCache() (#3969) (@adrianosela)
• dd33ff7: fix(docs): missing go markdown codeblock (#4266) (@vdusart)
• b38c59d: fix(errors): change Unwrap method receiver to value type (#4232) (@OrkhanAlikhanov)
• 28e57f5: fix(form): Set default value for form fields (#4047) (@ahmadSaeedGoda)
• 626d55b: fix(gin): Do not panic when handling method not allowed on empty tree (#4003) (@phsym)
• 7d14792: fix(gin): data race warning for gin mode (#1580) (@kplachkov)
• c677ccc: fix(go): invalid Go toolchain version (#3961) (@thinkerou)
• 3319038: fix(readme): fix broken link to English documentation (#4222) (@eduardo-ax)
• 674522d: fix(time): binding time with empty value (#4103) (@ksw2000)
• ea53388: fix(tree): Keep panic infos consistent when wildcard type build faild (#4077) (@kingcanfish)
• 8763f33: fix: prevent middleware re-entry issue in HandleContext (#3987) (@bound2)
• 7a1b655: fix: sonic on arm64 (#4234) (@yashgorana)
• 5826722: fix: version number discrepancy (#4299) (@suwakei)

Enhancements

• 40725d8: chore(bind): return 413 status code when error is http.MaxBytesError (#4227) (@ItalyPaleAle)
• f875d87: chore(context): test context initialization and handler logic (#4087) (@appleboy)
• e7693e6: chore(deps): bump actions/setup-go from 5 to 6 (#4351) (@dependabot[bot])
• afa0c31: chore(deps): bump github.com/gin-contrib/sse from 0.1.0 to 1.1.0 (#4216) (@dependabot[bot])
• 255af88: chore(deps): bump github.com/go-playground/validator/v10 (#4208) (@dependabot[bot])
• 545fd74: chore(deps): bump github.com/go-playground/validator/v10 (#4289) (@dependabot[bot])
• c3c8620: chore(deps): bump github.com/go-playground/validator/v10 from 10.20.0 to 10.22.1 (#4052) (@dependabot[bot])
• cf32d2d: chore(deps): bump github.com/pelletier/go-toml/v2 from 2.2.2 to 2.2.4 (#4212) (@dependabot[bot])
• bb82473: chore(deps): bump github.com/quic-go/quic-go from 0.48.2 to 0.50.1 (#4197) (@dependabot[bot])
• 61c2b1c: chore(deps): bump github.com/quic-go/quic-go from 0.51.0 to 0.52.0 (#4250) (@dependabot[bot])
• b7d6308: chore(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.53.0 (#4281) (@dependabot[bot])
• 077a2f3: chore(deps): bump github.com/quic-go/quic-go from 0.53.0 to 0.54.0 (#4328) (@dependabot[bot])
• 4615025: chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#4347) (@dependabot[bot])
• a628782: chore(deps): bump github.com/ugorji/go/codec from 1.2.12 to 1.3.0 (#4268) (@dependabot[bot])
• cc4e114: chore(deps): bump golang.org/x/net from 0.25.0 to 0.27.0 (#4013) (@dependabot[bot])
• 733ee09: chore(deps): bump golang.org/x/net from 0.33.0 to 0.37.0 (#4178) (@dependabot[bot])
• 56fccc3: chore(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#4221) (@dependabot[bot])
• ef68fa0: chore(deps): bump golang.org/x/net from 0.38.0 to 0.40.0 (#4229) (@dependabot[bot])
• 0a86488: chore(deps): bump golang.org/x/net from 0.40.0 to 0.41.0 (#4262) (@dependabot[bot])
• ae5be7f: chore(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 (#4297) (@dependabot[bot])
• 4714c2a: chore(deps): bump google.golang.org/protobuf from 1.34.1 to 1.36.6 (#4198) (@dependabot[bot])
• 28172fa: chore(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.8 (#4346) (@dependabot[bot])
• cca98d2: chore(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9 (#4356) (@dependabot[bot])
• 57ec9e6: chore(mode): remove impossible case (empty value for mode) (#4303) (@mask-pp)
• 17d0b55: chore(render): do not export tomlContentType anymore (#4319) (@VarusHsu)
• 32065bb: chore(response): prevention of Hijack() runtime panics (#4295) (@suwakei)
• e2e80f3: chore(security): update vendor to fix CVE (#4121) (@xlgao-zju)
• 3f818c3: chore(security): upgrade quic-go version to 0.48.2 (#4127) (@appleboy)
• 334160b: chore(tree): replace the self-defined 'min' to official one (#3975) (@EndlessParadox1)
• d00e6a5: chore: fix some function names in comment (#4131) (@yangquanshi)
• 90cf460: chore: update Go versions and dependencies for improved compatibility (#4187) (@appleboy)

Refactor

• 8dd0889: refactor(binding): use strings.Cut to replace strings.Index (#3522) (@lgbgbl)
• e46bd52: refactor(context): add an optional permission parameter to the SaveUploadedFile method (#4068) (#4088) (@haesuo566)
• 41d8591: refactor(context): refactor Keys type to map[any]any (#3963) (@flc1125)
• 647311a: refactor(context): refactor context handling and improve test robustness (#4066) (@kingcanfish)
• e4c2a27: refactor(context): remove unused Context dependency in get method (#4304) (@1911860538)
• c8a3adc: refactor(context): simplify "GetType()" functions (#4080) (@KaymeKaydex)
• a4baac6: refactor(context):Avoid using filepath.Dir twice in SaveUploadedFile (#4181) (@nezhafan)
• e30123a: refactor(recovery): extract Authorization header masking into maskAuthorization func (#4143) (@zeek0x)
• e198f6e: refactor(render): remove headers parameter from writeHeader (#4353) (@1911860538)
• 3f5b0af: refactor(slice): simplify SliceValidationError Error method (#3910) (@1911860538)
• 9b1e353: refactor(tree): replace string(/) with "/" in node.insertChild (#4354) (@1911860538)
• 848e1cd: refactor: replace interface{} with any in type declarations (#4249) (@flc1125)
• 67c9d4e: refactor: replace magic number 128 with unicode.MaxASCII in AsciiJSON Render (#4224) (@1911860538)

Build process updates

• da372fc: build(deps): upgrade github.com/bytedance/sonic from v1.13.2 to v1.14.0 (#4342) (@flc1125)
• b987b62: build: make automatically update package in golang (#4311) (@ddevsr)
• 7e29806: build: update Gin minimum Go version to 1.21 (#3960) (@appleboy)
• 40131af: ci(Makefile): added help and descriptions to targets (#3964) (@tr1sm0s1n)
• c4287b1: ci(golangci-lint): update configuration and fix lint issues (#4247) (@flc1125)
• 02c1144: ci(lint): enable perfsprint linter (#4090) (@mmorel-35)
• 5f...

Changelog

Refactor

• b5af779: refactor: strengthen HTTPS security and improve code organization (@appleboy)

Changelog

Features

• 5f458dd: feat(auth): add proxy-server authentication (#3877) (@EndlessParadox1)
• 7a865dc: feat(bind): ShouldBindBodyWith shortcut and change doc (#3871) (@RedCrazyGhost)
• a182195: feat(binding): Support custom BindUnmarshaler for binding. (#3933) (@dkkb)
• fd1faad: feat(binding): support override default binding implement (#3514) (@ssfyn)
• ac5e84d: feat(engine): Added OptionFunc and With (#3572) (@flc1125)
• c6ae2e6: feat(logger): ability to skip logs based on user-defined logic (#3593) (@palvaneh)

Bug fixes

• d4e4136: Revert "fix(uri): query binding bug (#3236)" (#3899) (@appleboy)
• 3dc1cd6: fix(binding): binding error while not upload file (#3819) (#3820) (@clearcodecn)
• 82bcd6d: fix(binding): dereference pointer to struct (#3199) (@echovl)
• 2b1da2b: fix(context): make context Value method adhere to Go standards (#3897) (@FarmerChillax)
• f70dd00: fix(engine): fix unit test (#3878) (@flc1125)
• 86ff4a6: fix(header): Allow header according to RFC 7231 (HTTP 405) (#3759) (@Crocmagnon)
• 09f8224: fix(route): Add fullPath in context copy (#3784) (@KarthikReddyPuli)
• 9f598a3: fix(router): catch-all conflicting wildcard (#3812) (@FirePing32)
• 4a40f8f: fix(sec): upgrade golang.org/x/crypto to 0.17.0 (#3832) (@chncaption)
• 386d244: fix(tree): correctly expand the capacity of params (#3502) (@georgijd-form3)
• 8790d08: fix(uri): query binding bug (#3236) (@illiafox)
• 44d0dd7: fix: Add pointer support for url query params (#3659) (#3666) (@omkar-foss)
• 646312a: fix: protect Context.Keys map when call Copy method (#3873) (@kingcanfish)

Enhancements

• d4a6426: chore(CI): update release args (#3595) (@qloog)
• bb3519d: chore(IP): add TrustedPlatform constant for Fly.io. (#3839) (@ab)
• 1b3c085: chore(debug): add ability to override the debugPrint statement (#2337) (@josegonzalez)
• a64286a: chore(deps): update dependencies to latest versions (#3835) (@appleboy)
• 9c61295: chore(header): Add support for RFC 9512: application/yaml (#3851) (@vincentbernat)
• a481ee2: chore(http): use white color for HTTP 1XX (#3741) (@viralparmarme)
• c964ad3: chore(optimize): the ShouldBindUri method of the Context struct (#3911) (@1911860538)
• 739d2d9: chore(perf): Optimize the Copy method of the Context struct (#3859) (@1911860538)
• 3ea8bd9: chore(refactor): modify interface check way (#3855) (@demoManito)
• ab8042e: chore(request): check reader if it's nil before reading (#3419) (@noahyao1024)
• 0d9dbbb: chore(security): upgrade Protobuf for CVE-2024-24786 (#3893) (@Fotkurz)
• ecdbbbe: chore: refactor CI and update dependencies (#3848) (@appleboy)
• 39089af: chore: refactor configuration files for better readability (#3951) (@appleboy)
• 160c173: chore: update GitHub Actions configuration (#3792) (@appleboy)
• 0397e5e: chore: update changelog categories and improve documentation (#3917) (@appleboy)
• 62b50cf: chore: update dependencies to latest versions (#3694) (@appleboy)
• 638aa19: chore: update external dependencies to latest versions (#3950) (@appleboy)
• c6f90df: chore: update various Go dependencies to latest versions (#3901) (@appleboy)

Build process updates

• 78f4687: build(codecov): Added a codecov configuration (#3891) (@flc1125)
• 56dc72c: ci(Makefile): vet command add .PHONY (#3915) (@imalasong)
• 8ab47c6: ci(lint): update tooling and workflows for consistency (#3834) (@appleboy)
• 8acbe65: ci(release): refactor changelog regex patterns and exclusions (#3914) (@appleboy)
• 000fdb3: ci(testing): add go1.22 version (#3842) (@appleboy)

Documentation updates

• 990c44a: docs(context): Added deprecation comments to BindWith (#3880) (@flc1125)
• 861ffb9: docs(middleware): comments to function BasicAuthForProxy (#3881) (@EndlessParadox1)
• ee70b30: docs: Add document to constant AuthProxyUserKey and BasicAuthForProxy. (#3887) (@EndlessParadox1)
• f75144a: docs: fix typo in comment (#3868) (@testwill)
• 83fc767: docs: fix typo in function documentation (#3872) (@TotomiEcio)
• 49f45a5: docs: remove redundant comments (#3765) (@WeiTheShinobi)
• 75ccf94: feat: update version constant to v1.10.0 (#3952) (@appleboy)

Others

• 02e754b: Upgrade golang.org/x/net -> v0.13.0 (#3684) (@cpcf)
• 97eab7d: test(git): gitignore add develop tools (#3370) (@demoManito)
• ae15646: test(http): use constant instead of numeric literal (#3863) (@testwill)
• fd60a24: test(path): Optimize unit test execution results (#3883) (@flc1125)
• bb2d8cf: test(render): increased unit tests coverage (#3691) (@araujo88)

Changelog

BUG FIXES

• fix Request.Context() checks #3512

SECURITY

• fix lack of escaping of filename in Content-Disposition #3556

ENHANCEMENTS

• refactor: use bytes.ReplaceAll directly #3455
• convert strings and slices using the officially recommended way #3344
• improve render code coverage #3525

DOCS

• docs: changed documentation link for trusted proxies #3575
• chore: improve linting, testing, and GitHub Actions setup #3583

Changelog

BREAK CHANGES

• Stop useless panicking in context and render #2150

BUG FIXES

• fix(router): tree bug where loop index is not decremented. #3460
• fix(context): panic on NegotiateFormat - index out of range #3397
• Add escape logic for header #3500 and #3503

SECURITY

• Fix the GO-2022-0969 and GO-2022-0288 vulnerabilities #3333
• fix(security): vulnerability GO-2023-1571 #3505

ENHANCEMENTS

• feat: add sonic json support #3184
• chore(file): Creates a directory named path #3316
• fix: modify interface check way #3327
• remove deprecated of package io/ioutil #3395
• refactor: avoid calling strings.ToLower twice #3343
• console logger HTTP status code bug fixed #3453
• chore(yaml): upgrade dependency to v3 version #3456
• chore(router): match method added to routergroup for multiple HTTP methods supporting #3464
• chore(http): add support for go1.20 http.rwUnwrapper to gin.responseWriter #3489

DOCS

• docs: update markdown format #3260
• docs(readme): Add the TOML rendering example #3400
• docs(readme): move more example to docs/doc.md #3449
• docs: update markdown format #3446

Changelog

Bug fixes

• 0c2a691 fix(engine): missing route params for CreateTestContext (#2778) (#2803)
• e305e21 fix(route): redirectSlash bug (#3227)

Others

• 6a2a260 Fix the GO-2022-1144 vulnerability (#3432)

Changelog

Features

• f197a8b feat(context): add ContextWithFallback feature flag (#3166) (#3172)

Changelog

Break Changes

• TrustedProxies: Add default IPv6 support and refactor #2967. Please replace RemoteIP() (net.IP, bool) with RemoteIP() net.IP
• gin.Context with fallback value from gin.Context.Request.Context() #2751

BUGFIXES

• Fixed SetOutput() panics on go 1.17 #2861
• Fix: wrong when wildcard follows named param #2983
• Fix: missing sameSite when do context.reset() #3123

ENHANCEMENTS

• Use Header() instead of deprecated HeaderMap #2694
• RouterGroup.Handle regular match optimization of http method #2685
• Add support go-json, another drop-in json replacement #2680
• Use errors.New to replace fmt.Errorf will much better #2707
• Use Duration.Truncate for truncating precision #2711
• Get client IP when using Cloudflare #2723
• Optimize code adjust #2700
• Optimize code and reduce code cyclomatic complexity #2737
• gin.Context with fallback value from gin.Context.Request.Context() #2751
• Improve sliceValidateError.Error performance #2765
• Support custom struct tag #2720
• Improve router group tests #2787
• Fallback Context.Deadline() Context.Done() Context.Err() to Context.Request.Context() #2769
• Some codes optimize #2830 #2834 #2838 #2837 #2788 #2848 #2851 #2701
• Test(route): expose performRequest func #3012
• Support h2c with prior knowledge #1398
• Feat attachment filename support utf8 #3071
• Feat: add StaticFileFS #2749
• Feat(context): return GIN Context from Value method #2825
• Feat: automatically SetMode to TestMode when run go test #3139
• Add TOML bining for gin #3081
• IPv6 add default trusted proxies #3033

DOCS

• Add note about nomsgpack tag to the readme #2703

BUGFIXES

• Fixed X-Forwarded-For unsafe handling of CVE-2020-28483 #2844, closed issue #2862
• Tree: updated the code logic for latestNode #2897, closed issue #2894 #2878
• Tree: fixed the misplacement of adding slashes #2847, closed issue #2843
• Tree: fixed tsr with mixed static and wildcard paths #2924, closed issue #2918

ENHANCEMENTS

• TrustedProxies: make it backward-compatible #2887, closed issue #2819
• TrustedPlatform: provide custom options for another CDN services #2906

DOCS

• NoMethod: added usage annotation (#2832)

Handle pre release v1.7.5 error, so release v1.7.6 but still use v1.7.4 codes.