Tags: goware/pgkit
Tags
fix(deps): bump jackc/pgx/v5 to v5.9.0 (CVE-2026-33816) (#48) Memory-safety vulnerability in pgproto3 (Backend.Receive() and FunctionCall.Decode()), exploitable via malformed protocol messages. CVSS 9.8 (Critical) — network-exploitable, no auth required. Fixed in v5.9.0. pgx v5.9.0's go.mod declares `go 1.25.0`, so the go directive bumps in turn (1.24.0 -> 1.25.0). The toolchain go1.24.3 line drops because the go directive now matches a stable release. Refs https://nvd.nist.gov/vuln/detail/CVE-2026-33816, https://pkg.go.dev/vuln/GO-2026-4772
Implement generic Table for basic CRUD operations & concurrent safe d… …equeuing (#30) * Implement generic Table for basic CRUD operations Co-authored-by: David Sedlacek <david.sedlacek@golang.cz> * Remove automatic 'deleted_at NULL' condition * Implement .LockForUpdate() using PostgreSQL's FOR UPDATE SKIP LOCKED pattern * Fix generic ID * Fix naming of generic types * Add tests for simple CRUD, complex transactions and LockForUpdate() * Fix TestRecordsWithJSONStruct test, since schema changed * Fix LockForUpdate test * Don't rely on wg.Go(), a feature from Go 1.25 * LockForUpdate that can pass transaction to update fn * Refactor LockForUpdate() to reuse tx if possible * Simplify data models further .Save() - variadic arg instead of .Save() and .SaveAll() .List() - renamed from .GetAll() .Get() - renamed from .GetOne() .LockForUpdates() - renamed from .LockForUpdate() .LockForUpdate() - renamed from .LockOneForUpdate() * Improve tests for async processing * Tests: Implement in-memory worker pattern via simple WaitGroup * A better "dequeue" abstraction defined on reviews table * Rename GetByIDs() to ListByIDs() * Fix updated_at field, thanks @shunkakinoki * PR feedback: Improve error annotations * Fix tests * Save multiple (#33) * save multiple * pr comments * return error instead of nil on nil record * Add iterator method for accounts and update tests * Rename types for clarity * add back truncateAllTables * Add IDColumn to table context and enhance WithTx tests * Add pagination support to Table with ListPaged and WithPaginator methods * feat: add Insert and Update methods in Table * feat: add RestoreByID and export timestamp interfaces - Add RestoreByID method that clears DeletedAt by passing zero time - Export HasSetCreatedAt, HasSetUpdatedAt, HasSetDeletedAt interfaces with godoc explaining the contract for each lifecycle hook - Update SetDeletedAt implementations to treat zero time as restore (nil) * fix: LockForUpdates missing return, saveAll hardcoded ID column, Iter missing rows.Err, saveOne missing SetCreatedAt - LockForUpdates: add missing return after existing-tx branch to prevent double execution of updateFn via a second transaction - saveAll: use t.IDColumn instead of hardcoded "id" for update WHERE clause - Iter: check rows.Err() after iteration loop to surface driver errors - saveOne: call SetCreatedAt on insert path (consistent with saveAll) - Use min() builtin for chunk bounds * fix(tests): race conditions in TestLockForUpdates and wrong ListByIDs slice - Move wg.Add(1) before goroutine dispatch in ProcessReview to prevent worker.Wait() returning early before all goroutines register - Replace shared ids[][]uint64 slice (data race across goroutines) with per-worker local slices merged under mutex - Fix articleIDs slice: make([]uint64, len) + append produced leading zeros, changed to make([]uint64, 0, len) * fix: ListPaged nil page panic Normalize nil page before passing to PrepareQuery/PrepareResult. PrepareQuery creates a local &Page{} but the caller's pointer stays nil, causing PrepareResult to panic on page.More assignment. * fix: LockForUpdates validate/timestamp, zero-value Paginator, ListPaged ordering - lockForUpdatesWithTx: call Validate() and SetUpdatedAt() on records after updateFn, matching Insert/Update/Save behavior - Page.SetDefaults: fall back to DefaultPageSize/MaxPageSize when PaginatorSettings has zero values (fixes zero-value Paginator capping page size to 0) - ListPaged: add IDColumn fallback ordering when no sort is configured, ensuring deterministic pagination - TestLockForUpdates: use assert instead of require in goroutine (require.FailNow is unsafe off the test goroutine) * fix: PrepareRaw empty ORDER BY and unbound limit/offset params - Skip ORDER BY clause when no sort columns are configured - Always inject pgx.NamedArgs for limit/offset even when args is empty * feat: Update, DeleteByID, HardDeleteByID return (bool, error) Return true when at least one row was affected, false when zero rows matched. Callers can now distinguish "success" from "not found" without reimplementing methods with RowsAffected checks. Breaking change: signatures go from error to (bool, error). * NOTICE: Experimental. Table and its methods are subject to change. --------- Co-authored-by: David Sedlacek <david.sedlacek@golang.cz> Co-authored-by: David Sedláček <david.littlefarmer@gmail.com> Co-authored-by: Alex Guerrieri <ag@sequence.xyz> Co-authored-by: Alex Guerrieri <klaidliadon@gmail.com>
fix: page respects paginator max size (#37) * fix: page respects paginator max size * refactor: simplify paginator options handling and improve pagination tests * fix: ensure default size does not exceed max size in paginator options * fix: handle default and max sizes in paginator options and improve pagination edge case tests * fix: streamline paginator initialization in pagination edge cases test * fix: ensure max size is not less than default size in paginator options * linter pass * fix: replace assert.True with assert.Equal and assert.NotZero for clarity in tests * fix: update paginator options to clarify default and max size behavior * fix: simplify filter checks in UpdateRecordColumns and TraversalsByName methods * linter pass * fix: implement default settings for PaginatorOptions and Page * fix: refactor pagination methods to remove PaginatorOptions dependency * fix test * fix: replace manual assertions with testify assertions in reflect tests * fix: refactor paginator to use PaginatorSettings and update related tests * fix: update paginator option functions for clarity and consistency * fix: refactor pagination test to use constants for size and sort options * fix: simplify length assertions in pagination test
PreviousNext