Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Oct 3, 2011
Commits on Sep 26, 2011
Commits on Sep 18, 2011
Commits on Sep 14, 2011
Commits on Aug 11, 2011
Commits on Aug 4, 2011
Commits on Jul 10, 2011
Commits on Jul 1, 2011
Commits on Jun 17, 2011
  1. @mig-hub
Commits on May 26, 2011
  1. Add prepared_statements_association plugin, for using prepared statem…

    …ents by default for regular association loading
    This is similar to the prepared_statements_with_pk plugin, as it
    also uses Dataset#unbind, but it should be more safe as it skips
    using a prepared statement completely if it detects that there
    are association options that it does not handle.
Commits on May 25, 2011
  1. Add prepared_statements_safe plugin, for making prepared statement us…

    …e with models more safe
    This new plugin doesn't use prepared statements at all, but it's
    designed to be used with (and requires) the prepared_statements
    The basic security issue with using prepared statements implicitly
    with Sequel is that Sequel by default only uses uses the currently
    present columns when insert (some subset of the table's columns),
    and by default when updating only saves the changed columns.
    For prepared statements to be used, each set of columns in the
    insert and update statements needs to have its own prepared
    statement.  If you have a table with 1 primary key column and
    4 other columns, you can have up to 2^4 = 16 prepared statements
    created, one for each subset of the 4 columns.  If you have 1
    primary key column and 20 other columns, there are over a million
    subsets, and you would assuredly hit your database limit for
    prepared statements (a denial of service attack).
    The fix for this is to use every column possible when inserting
    and updating.  For updating, this is simple, as you just save
    all columns.  For inserting, this isn't always possible, as
    you can't necessarily insert a correct default value, as it
    could depend on a database function.  So for NULL defaults and
    defaults that Sequel can parse, Sequel will add those columns
    to the insert statement.
  2. Add prepared_statements plugin for using prepared statements for upda…

    …tes, inserts, deletes, and lookups by primary key
    This allows easy use of Sequel's prepared statement support by
    models without any manual effort by the user (other than loading
    the plugin).
    Some internal changes:
    Prepared statements now support an :insert_select prepared type
    that will prepare the SQL using insert_sql, but execute it with
    first to retrieve the row value.  You should only use this if
    the dataset supports insert_select.
    To implement the insert_select support for prepared statements
    a :returning=>nil option is added to the dataset, which the
    relevent adapters have been modified to support.
    In order to get Sequel to use the insert_select method when
    inserting, the supports_insert_select? method must return true.
    Quite a few private model instance methods were added to eliminate
    the code duplication that this would have otherwise required.
Commits on May 24, 2011
  1. Add defaults_setter plugin, for setting default values when initializ…

    …ing models
    This allows similar behavior to ActiveRecord, where instantiating a new model
    will have the database default values set.  It improves on this idea by not
    setting nil/NULL defaults or defaults that cannot be parsed by Sequel.  It also
    allows users to easily modify the default vaues used.
Commits on May 20, 2011
Commits on May 1, 2011
Commits on Apr 29, 2011
  1. Merge the filter_by_associations plugin into Sequel's default associa…

    …tion support
    This breaks backwards compatibility for people who added an
    sql_literal method to Sequel::Model so that Sequel::Model
    instances could be used in filters.
    While here, add an integration test for filtering by associations.
Commits on Apr 28, 2011
  1. Add filter_by_associations plugin that allows model datasets to filte…

    …r using associations
    See the plugin RDoc for a description of how to use this.
Commits on Apr 13, 2011
  1. Add a columns_introspection extension that attempts to skip database …

    …queries by introspecting selected columns
    Sequel's previous behavior has been to do a database query to
    retrieve the columns for a dataset unless the dataset has already
    cached the columns.  This commit adds an extension that makes
    Sequel attempt to introspect the selected columns to guess at
    the columns that would be returned.  This should work in most
    cases, but as there is no guarantee that Sequel will guess
    correctly, this is not being done by default.
    To use this, after loading the extension, you can extend any
    dataset with Sequel::ColumnIntrospection.  If you want to use
    this for all datasets, run:
    This adds some hooks to the specs so that all of Sequel's specs
    can be run with this extension.  To do so, define the
    SEQUEL_COLUMNS_INTROSPECTION environment variable when running
    the specs.
Commits on Apr 3, 2011
Commits on Feb 11, 2011
Commits on Dec 2, 2010
Commits on Nov 17, 2010
  1. Add to_dot extension

    This adds a Sequel::Dataset#to_dot method.  The to_dot
    method returns a string that can be processed by graphviz's dot
    program in order to get a visualization of the dataset.  Basically,
    it shows a version of the dataset's abstract syntax tree.
    Idea stolen from Aaron Patterson's similar method in ARel 2.
Commits on Oct 12, 2010
Commits on Sep 30, 2010
Commits on Sep 29, 2010
Commits on Sep 21, 2010
Commits on Sep 16, 2010
Commits on Sep 9, 2010
Commits on Aug 31, 2010
Commits on Aug 29, 2010
Commits on Aug 26, 2010
Commits on Aug 21, 2010
  1. Switch to hosting presentations on heroku

    Most of the presentations were stored on the
    site, but were not added to the repository.  However, the MWRC 2009
    presentation was added to the repository, and this commit removes
Commits on Aug 6, 2010
Something went wrong with that request. Please try again.