Next stable DBD::SQLite will be released at the end of December

DBD::SQLite 1.61_04 (with SQLite 3.26.0) is a release candidate of the next stable DBD::SQLite. This release has a security fix for FTS users who allow arbitrary SQL statements from users for some reasons (usually because of a SQL injection vulnerability). I'll only wait for a week this time to gather CPAN testers' reports. So please test this with your applications, especially if you use FTS feature.

This release also introduces "sqlite_defensive" option, to disallow dangerous SQLite features such as updating "sqlite_master" table.


  my $dbh = DB…

Next stable DBD::SQLite will be released at the end of November

DBD::SQLite 1.59_03 (with SQLite 3.25.2) is a release candidate of the next stable DBD::SQLite. Notable new features by the upstream are PostgreSQL-style UPSERT (3.24.0), ALTER TABLE table RENAME COLUMN oldname TO newname (3.25.0), and window functions (3.25.0), among others.

It also contains a fix that changes how to store values in a PerlData virtual table. If you use PerlData virtual table, this may affect your applications.

I'll wait for about a month as always, and release 1.60 at the end of November if there's no blocker nor request to wait more. Thank you for patience.…

Next stable DBD::SQLite will be released at the end of February

It's been a year since the last stable DBD::SQLite was released. Actually, it's been a year and a half since the SQLite library bundled in the last stable DBD::SQLite was released by the upstream. A lot have happened there, and some here. It's time for you to test them all against your applications/modules, at last.

DBD::SQLite 1.55_07 (with SQLite 3.22.0) is a release candidate of the next stable DBD::SQLite. It has various query planner improvements, optimizations, performance enhancements, and bug fixes, especially on LEFT JOIN queries, IN and OR operators, and WITHOUT ROWID tables…

Perl Toolchain Summit 2017 and PAUSE on Mojolicious in progress

At the last two Perl QA Hackathons, I worked on porting PAUSE on Plack, to drop old mod_perl and Apache dependencies and make it easier to set up PAUSE on your local environment. It was successful, but more could be done to fix various (visual/security/usability) issues on PAUSE UI. So, at the rebranded Perl Toolchain Summit of this year, I went a step (or a few steps) further and started to port PAUSE on Mojolicious, hoping to separate views from controllers and make it clearer for us which code belongs to which feature(s) and how.

You might wonder why I chose Mojolicious, instead of…

Next stable DBD::SQLite will be released in mid November

DBD::SQLite 1.51_06 (with SQLite 3.15.0) is a release candidate of the next stable DBD::SQLite. As always, please test it with your modules/applications and let me know if you find anything, especially if you're using FTS because DBD::SQLite has disabled two-arg fts3_tokenizer() for security concern from the upstream. If there's no blocker nor request to wait, I'll release 1.52 in the mid November.

See Changes file in the distribution for other fixes and improvements, and see also https://www.sqlite.org/changes.html for the changes in SQLite library.