From 32614f898e8aa5d73486e64f7ee57a951428d300 Mon Sep 17 00:00:00 2001 From: brendanjryan <1572504+brendanjryan@users.noreply.github.com> Date: Mon, 4 May 2026 01:22:44 +0000 Subject: [PATCH] chore: release `tidx@0.5.5` --- .changelog/pr-179-sql-validator-hardening.md | 5 ----- .changelog/pr-180-clickhouse-query-safety.md | 5 ----- .changelog/pr-181-query-result-bounds.md | 5 ----- .changelog/pr-182-admin-access-control.md | 5 ----- CHANGELOG.md | 9 +++++++++ Cargo.toml | 2 +- 6 files changed, 10 insertions(+), 21 deletions(-) delete mode 100644 .changelog/pr-179-sql-validator-hardening.md delete mode 100644 .changelog/pr-180-clickhouse-query-safety.md delete mode 100644 .changelog/pr-181-query-result-bounds.md delete mode 100644 .changelog/pr-182-admin-access-control.md diff --git a/.changelog/pr-179-sql-validator-hardening.md b/.changelog/pr-179-sql-validator-hardening.md deleted file mode 100644 index 6825f513..00000000 --- a/.changelog/pr-179-sql-validator-hardening.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -tidx: patch ---- - -Harden PostgreSQL SQL validation by fixing CTE scope handling, schema-qualified table checks, recursive depth accounting, LIMIT ALL rejection, and traversal of previously unchecked AST clauses. diff --git a/.changelog/pr-180-clickhouse-query-safety.md b/.changelog/pr-180-clickhouse-query-safety.md deleted file mode 100644 index 54089b2e..00000000 --- a/.changelog/pr-180-clickhouse-query-safety.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -tidx: patch ---- - -Validate public ClickHouse queries, block system catalogs and dangerous table functions, enforce ClickHouse request timeouts, and validate view SELECT SQL before execution. diff --git a/.changelog/pr-181-query-result-bounds.md b/.changelog/pr-181-query-result-bounds.md deleted file mode 100644 index 0e5a1bf9..00000000 --- a/.changelog/pr-181-query-result-bounds.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -tidx: patch ---- - -Bound PostgreSQL query result processing by streaming rows with a hard request limit and appending automatic LIMIT clauses on a separate line. diff --git a/.changelog/pr-182-admin-access-control.md b/.changelog/pr-182-admin-access-control.md deleted file mode 100644 index 50b30236..00000000 --- a/.changelog/pr-182-admin-access-control.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -tidx: patch ---- - -Hardened view administration by failing closed for trusted CIDR checks, rejecting malformed CIDR configuration, hot-reloading active trusted CIDRs, and requiring an explicit admin mutation header. diff --git a/CHANGELOG.md b/CHANGELOG.md index 4fa37086..4cfe8ed9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog +## `tidx@0.5.5` + +### Patch Changes + +- Harden PostgreSQL SQL validation by fixing CTE scope handling, schema-qualified table checks, recursive depth accounting, LIMIT ALL rejection, and traversal of previously unchecked AST clauses. (by @BrendanRyan, [#179](https://github.com/tempoxyz/tidx/pull/179)) +- Validate public ClickHouse queries, block system catalogs and dangerous table functions, enforce ClickHouse request timeouts, and validate view SELECT SQL before execution. (by @BrendanRyan, [#180](https://github.com/tempoxyz/tidx/pull/180)) +- Bound PostgreSQL query result processing by streaming rows with a hard request limit and appending automatic LIMIT clauses on a separate line. (by @BrendanRyan, [#181](https://github.com/tempoxyz/tidx/pull/181)) +- Hardened view administration by failing closed for trusted CIDR checks, rejecting malformed CIDR configuration, hot-reloading active trusted CIDRs, and requiring an explicit admin mutation header. (by @BrendanRyan, [#182](https://github.com/tempoxyz/tidx/pull/182)) + ## `tidx@0.5.4` ### Patch Changes diff --git a/Cargo.toml b/Cargo.toml index 0f138ea4..47e3b254 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "tidx" -version = "0.5.4" +version = "0.5.5" edition = "2024" license = "MIT" repository = "https://github.com/tempoxyz/tidx"