Skip to content

v1.49.1 — Jishui: Reserved-Word Column Names

Choose a tag to compare

View all tags
@MichaelSowah MichaelSowah released this 01 Jun 21:52
· 156 commits to main since this release
v1.49.1
d84c8d8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

A focused, framework-only bug fix. No API breaks, no new env vars, no migrations.

Fixed

QueryValidator now accepts SQL reserved words as column names. Columns like
from, order, group, key, and values were rejected in strict mode with
Column name '<x>' is a reserved SQL keyword — even though the query builders
always quote column identifiers via the driver's wrapIdentifier() (`from` /
"from"), making them valid SQL. The keyword check is dropped for column names;
the SQL-injection character guard and the table/schema/alias keyword checks are
unchanged. Also fixes a latent inconsistency where to slipped through only because
TO was missing from the keyword list.

Upgrade

composer update glueful/framework
Nothing else required. The api-skeleton's existing ^1.49.0 constraint already
permits 1.49.1.

Full changelog: https://github.com/glueful/framework/blob/main/CHANGELOG.md
Assets 2
Loading