• Cleanup
  • Removed unused structure in the auth package
  • Updated some documentation in the fsutil package
• Reworked the auth package
  • Authenticators depend on a UserService instead of executing DB query themselves
  • Encourage using user DTO instead of models
  • This all results in removing a dependency between presentation and data layer
  • Removed FindColumns. The "username" and "password" fields are not marked with struct tags anymore: they are handled by a repository.
  • Reduced (but not eliminated) uses of reflection. Now only the password field from the DTO returned by the user service is retrieved using reflection.
  • Take advantage of generics even more
  • The request's context is now properly propagated by JWT and basic authenticators

• Slog: the dev mode handler now uses a pointer for its mutex and shares the same mutex among all his clones.
• Server.Stop() won't attempt to close sigChannel again if the server has already been stopped. This method can this be called several times safely now.
• Router
  • Changed the subrouter matching so it doesn't work with prefix only. This will remove conflicts between two subrouters having a prefix starting with the same characters (e.g.: /test and /test-2 won't conflict anymore)
  • The router won't turn back and explore other branches if the subrouter matches but none of its routes do. This will fix some false matches.
  • Fixed / route defined at the main router being matched if a subrouter matches but none of its routes do and a trailing slash is present in the request URI.
• Cleanup: removed some unused resources, outdated comments and updated incorrect documentation
• Validation
  • Fixed a reflect error in ArrayValidator if the first element of the array is invalid (e.g.: nil)
  • Use error wrapping in Unique/Exists validators for better error stacktraces
  • Add a timeout on the SQL query executed by the ExistsArray validator.
  • Remove suffix [] from n-dimensional array elements field name in error messages.

• Improved docs
• server.Stop() doesn't attempt to stop the server a second time if it was already stopped
• Validation: added validation.Context accessors for current element path and array element errors
• Validation: added validation.Context methods AddValidationError and AddValidationErrors so validators can merge additional errors that may be coming from nested validation
• validation.Context's Extra field is never nil
• Fixed OPTIONS method not added to routes if their router inherited their CORS settings from parent router
• Updated dependencies
• Improved language files unmarshal error messages

• Updated dependencies
• Improved thread-safety of server status
• Updated contribution resources (issue templates, etc) and license

• slog: custom errors implementing slog.LogValuer are now handled correctly and will be added as reason attribute.
• Added parameter name hints on goyave.Handler so IDEs automatically name request and response properly when auto-completing.
• testutil: when using TestMiddleware, the cloned request sent to the middleware now uses the same context.Context as the original request.
• Updated dependencies and CI

• Added a name to special routes (the notFound and methodNotAllowed routes) so it is possible to know if there was no matched route from inside a global middleware.
• testutil.TestMiddleware now also copies the request.Route.
• ⚠️ The auth middleware is now only executed if the matched route (or one of its parents) have the meta auth.MetaAuth set to true. This means the auth.Middleware is now meant to be used as a global middleware. Routers and routes can be individually marked as requiring auth or not.

• Improvements to the session package to make manual transaction (begin, commit, rollback) easier and to improve support on nested transaction (that can possibly involve multiple different services).
  • The Session interface now has a Context() context.Context method.
  • Begin() now also injects the transaction DB in the new session's context.
  • Begin() and Transaction() now use the DB retrieved from the given context if available. This makes nested transactions possible even if the service is using the root session.

-database.Paginator now uses a cloned statement for the count query to avoid modifying the original statement.

• Wrap errors using errors.New() in many places that were not already doing it.
• Added errors.Errorf, which is a shortcut for errors.New(fmt.Errorf()).
• ⚠️ errors.New() and errors.NewSkip() now return nil if given nil as argument. nil values in []error and []any reasons are now ignored.
• ⚠️ errors.New(), errors.NewSkip() and errors.Errorf() now return error interface instead of *errors.Error to improve ability to compare to nil.
• Added a safeguard on Response.error() against nil errors.
• Added a safeguard on slog.Logger.logError() against nil errors.
• Updated internal uses of the util errors package according to the new changes described above.

• Removed the directory argument in router.Static. The static handler now uses the FS relative root directory as a base. Use a sub FS if you want to serve a sub directory.
• Updated dependencies.

• Added new server options
  • Added config entry server.readHeaderTimeout which represents the amount of time allowed to read request headers.
  • Added Options.BaseContext, allowing to define the base context for the server.
  • Added Options.ConnContext, allowing to modify the context used for new client connections.
  • Added Options.ConnState, allowing to get notified when the client connection state changes.
  • Added Options.MaxHeaderBytes, which controls the maximum number of bytes the server will read parsing the request header's keys and values, including the request line.
• Improvements on the embedded resources support:
  • Added a fsutil.Embed.Sub method, allowing to get sub filesystems for embed.FS.
  • fsutil.Embed now accepts fs.ReadDirFS instead of embed.FS
  • The lang package loads from root FS directory instead of forcing resources/lang, unless the FS implements fsutil.WorkingDirDS