Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

We don't handle or verify the order of the columns #2

Closed
sgrif opened this issue Oct 1, 2015 · 2 comments
Closed

We don't handle or verify the order of the columns #2

sgrif opened this issue Oct 1, 2015 · 2 comments

Comments

@sgrif
Copy link
Member

sgrif commented Oct 1, 2015

We need to test for this. For example, if we have

table! {
  users {
    id -> Serial,
    name -> VarChar,
    email -> VarChar,
  }
}

There's nothing to prevent

let source = users.select((id, email, name));
connection.query_all::<User>(&source)

which would read the fields into the wrong pieces of the struct. The obvious solution is to access by the name of the fields, but then we have to figure out more concrete aliasing behavior and couple to it which I don't want. Needs further investigation.

@sgrif
Copy link
Member Author

sgrif commented Oct 1, 2015

This can also potentially lead to memory unsafety if the table is declared with the right columns, but in a different order than they exist in the schema, causing the wrong types to be applied and potentially breaking some invariant of the output.

@sgrif
Copy link
Member Author

sgrif commented Nov 21, 2015

Fixed by 4ebd0c1

@sgrif sgrif closed this as completed Nov 21, 2015
sgrif added a commit that referenced this issue Apr 7, 2018
Team changes
==

With this release, we'd like to welcome Georg Semmler (known on GitHub
as @weiznich). Georg is the #2 all time contributor to Diesel, and has
helped shape what the framework is today. Welcome to the team!

New Features
==

This release contains several long awaited features.

We've re-introduced the ability to use bind params with the `sql`
function, in a way which is harder to mis-use. This functionality was
present prior to 1.0, but was removed when `sql_function` was added over
concerns about its use with the rest of the query builder. Recent
developments have proved those concerns to be valid, but this new API
fills that niche. Thanks to @notryanb for taking the lead on this
feature.

We've also added the ability to insert from a select statement (e.g.
queries in the form of `INSERT INTO table (...) SELECT ...`. This is a
feature request that has come up repeatedly since release, and we're
happy to finally bring it to you. We've also added alternate forms of
our insert API which feel better when used with select statements. You
can find the full details in the changelog.

Finally, we've rewritten our custom dervies from scratch to take
advantage of new diagnostic tools in recent versions of nightly Rust. If
you turn on the `unstable` feature of Diesel on a nightly compiler,
you'll find that you get dramatically improved error messages from our
derives. For the best error messages, you should also set
`RUSTFLAGS="--cfg procmacro2_semver_exempt"`.

Additionally, as of this release, Diesel is now powered by the
blockchain. Because it's 2018 and that's how it works now I guess. See
the changelog for full details.

In addition to the headline features, there were a ton of features that
we don't have time to mention here. As always, for a full list of
changes you can find a full list in the changelog.

Thanks
==

Thank you to everyone who helped make this release happen through bug
reports, and discussion on Gitter. While we don't have a way to collect
stats on that form of contribution...

In addition to the Diesel core team, 14 people contributed code to this
release. A huge thank you to:

- Alex Kitchens
- Andrew Weiss
- Arun Kulshreshtha
- Brandur
- EloD10
- Jacob Chae
- Jordan Petridis
- Josh Leeb-du Toit
- Kerollmops
- Mathias Svensson
- Ryan Blecher
- Sander Maijers
- Seth Larson
- YetAnotherMinion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant