1
0
mirror of https://github.com/labstack/echo.git synced 2026-06-20 01:18:42 +02:00

1817 Commits

Author SHA1 Message Date
toim d74dd5601a Changelog for v5.0.0 release 2026-01-18 17:50:48 +02:00
toim 45c8c14c21 fix failing tests under Windows 2026-01-18 17:34:15 +02:00
toim 2b8f3817ef Bump dependencies and update migration guide for Echo v5 support. Add notes about supported Echo versions to README.md. 2026-01-18 13:07:02 +02:00
toim 6f1ae101a4 Serve does not return http.ErrServerClosed anymore, handle graceful shutdown properly 2026-01-14 00:02:59 +02:00
toim ff6eb048ab Echo logger defaults to slog.NewJSONHandler 2026-01-13 21:55:30 +02:00
toim d6cb58b5c2 Response should implement http.Flusher and http.Hijacker to work with older libraries that do not use http.NewResponseController() 2026-01-06 11:12:52 +02:00
toimtoimtoim ec9232814e V5 changes 2026-01-01 15:54:21 +02:00
toimtoimtoim 482bb46fe5 v4.15.0 changelog v4.15.0 2026-01-01 12:57:24 +02:00
toimtoimtoim d0f9d1e735 CRSF with Sec-Fetch-Site=same-site falls back to legacy token 2025-12-29 23:39:24 +02:00
toimtoimtoim f3fc61848f CRSF with Sec-Fetch-Site checks 2025-12-29 23:39:24 +02:00
toimtoimtoim 4dcb9b44f0 licence headers 2025-12-28 23:21:31 +02:00
toimtoimtoim cbc0ac1dbc Add PathParam(Or)/QueryParam(Or)/FormParam(Or) generic functions 2025-12-28 23:21:31 +02:00
toimtoimtoim 6b14f4ef3f Add Context.Get generic functions 2025-12-28 23:21:31 +02:00
toimtoimtoim 321530d2c2 disable test - returns different error under Windows 2025-12-12 13:10:53 +02:00
toimtoimtoim c8abd9f7db disable flaky test 2025-12-12 13:10:53 +02:00
toimtoimtoim 9fe43f78b8 fix Rate limiter disallows fractional rates 2025-12-12 13:10:53 +02:00
toimtoimtoim 1b5122aaed document things to reduce false positives 2025-12-12 13:10:53 +02:00
toimtoimtoim b70ec6a084 add checks for invalid casts 2025-12-12 13:10:53 +02:00
toimtoimtoim cdcf16d3cf deprecate timeout middleware 2025-12-12 13:10:53 +02:00
toimtoimtoim c9b8b36c9a fix Time-of-Check-Time-of-Use bug in rate limiter 2025-12-12 13:10:53 +02:00
toimtoimtoim 1d63c1c242 licence to test file 2025-12-12 13:10:53 +02:00
toimtoimtoim f7dc94df14 handle errors in body dump middleware 2025-12-12 13:10:53 +02:00
toimtoimtoim 0232b57927 improve logger middleware error value logging 2025-12-12 13:10:53 +02:00
toimtoimtoim e2133320c7 fix goroutine leak in proxy raw mode 2025-12-12 13:10:53 +02:00
toimtoimtoim 88a60e4bac fix data race with errors in proxy raw 2025-12-12 13:10:53 +02:00
toimtoimtoim 6392cb4598 Changelog for 4.14.0 v4.14.0 2025-12-11 22:49:38 +02:00
Martti T. c9bd2cd8e3 Update golang.org/x/* deps (#2850) 2025-12-11 15:38:04 +02:00
Martti T. c12cb08a86 Logger middleware json string escaping and deprecation (#2849)
* Logger middleware should escape string values when outputting JSON
* Add Go license to logger_strings.go
* Deprecate middleware.Logger
2025-12-11 14:39:59 +02:00
toimtoimtoim 612967a9fe Update deps 2025-11-22 16:33:22 +02:00
kumapower17 53b692c4d4 Ensure proxy connection is closed in proxyRaw function
(#2837)
2025-10-26 19:26:29 +02:00
kumapower17 e644ff8f7b Replace custom private IP range check with built-in net.IP.IsPrivate() method 2025-10-15 21:46:24 +03:00
yuya-morimoto 40e2e8faf9 Fix typo "+" 2025-10-07 22:31:32 +03:00
Vishal Rana 55cb3b625d Optimize realm quoting to happen once during middleware creation
Move strconv.Quote(config.Realm) from per-request execution
to middleware initialization for better performance.

- Pre-compute quoted realm at middleware creation time
- Avoids repeated string operations on every auth failure
- Maintains same behavior with better efficiency

Performance improvement suggested during code review.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-26 11:48:13 +03:00
Vishal Rana dbd583fa4d Add comprehensive tests for realm quoting behavior
Tests cover:
- Default realm quoting
- Custom realm with spaces
- Special characters (quotes, backslashes)
- Empty realm fallback to default
- Unicode realm support

Addresses review feedback about testing strconv.Quote behavior
in WWW-Authenticate header per RFC 7617 compliance.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-26 11:48:13 +03:00
Vishal Rana 432a2adf46 Improve BasicAuth middleware: use strings.Cut and RFC compliance
- Replace manual for loop with strings.Cut for credential parsing
- Simplify realm handling to always quote according to RFC 7617
- Improve code readability and maintainability

Fixes #2794

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-26 11:48:13 +03:00
Vishal Rana 212bfe0071 Fix typo in ContextTimeout middleware comment
Change 'aries' to 'arises' in ErrorHandler comment.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-26 11:23:09 +03:00
Vishal Rana b4ea924836 Fix typo in SetParamValues comment
Change 'brake' to 'break' in Router#Find code comment.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-26 11:22:52 +03:00
Vishal Rana 52d2bff1b9 Modernize context.go by replacing interface{} with any (#2822)
Modernizes the Context interface by replacing all instances of interface{}
with the more readable 'any' type alias introduced in Go 1.18.

**Changes:**
- Replaced interface{} with any in all Context interface method signatures
- Affects Get(), Set(), Bind(), Validate(), Render(), JSON(), JSONP(), XML(),
  Blob(), Stream(), File(), Attachment(), Inline(), and NoContent() methods
- Total of 23 interface{} → any replacements

**Benefits:**
- Improves code readability and modernizes to Go 1.18+ standards
- No functional changes - 'any' is just an alias for interface{}
- Follows current Go best practices for new code
- Makes the API more approachable for developers familiar with modern Go

**Compatibility:**
- Zero breaking changes - 'any' and interface{} are identical
- Maintains full backward compatibility
- All existing code continues to work unchanged

This modernization aligns Echo with current Go conventions while maintaining
100% compatibility with existing applications.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Claude <noreply@anthropic.com>
2025-09-15 22:08:28 -07:00
Vishal Rana f1ebc67c56 Enhance Logger Middleware Documentation with Detailed Configuration Examples
Addresses issue #2665 by providing comprehensive documentation for the Logger
middleware including:

**Configuration Examples:**
- Basic usage with default settings
- Custom simple and JSON formats
- Custom time formatting
- Header, query, form, and cookie logging
- File output configuration
- Custom tag functions
- Conditional logging with Skipper
- External logging service integration

**Detailed Tag Reference:**
- Complete list of all available tags (time, request, response, dynamic)
- Clear explanations of each tag's purpose and format
- Examples showing proper usage

**Enhanced Field Documentation:**
- Detailed descriptions for all LoggerConfig fields
- Examples for each configuration option
- Default values and behavior

**Troubleshooting Section:**
- Common issues and solutions
- Performance optimization tips
- Best practices for high-traffic applications

**Function Documentation:**
- Enhanced Logger() and LoggerWithConfig() documentation
- Example outputs and usage patterns

This makes the Logger middleware much more accessible to new users while
providing advanced configuration guidance for experienced developers.

Fixes #2665

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-15 19:27:34 -07:00
Vishal Rana b7a781ce5d Add comprehensive tests for IP extraction improvements
Adds tests for issue #2757 IP extraction edge cases where RemoteAddr
may not include a port. The enhanced extractIP function now properly
handles IPv4/IPv6 addresses without ports using net.ParseIP validation.

Test cases cover:
- IPv4 without port
- IPv6 without port
- IPv6 with port brackets
- Invalid IP format handling

Existing tests for issue #2789 response flush error handling are already
comprehensive and validate the improved error messages with ResponseWriter types.

Fixes #2757

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-15 19:21:57 -07:00
Vishal Rana d0137c3e80 Revert Issue #2813 fix based on maintainer feedback
Revert the DefaultBinder empty body handling changes following
@aldas's concerns about:
- Body replacement potentially interfering with custom readers
- Lack of proper reproduction case for the original issue
- Potential over-engineering for an edge case

The "read one byte and reconstruct body" approach could interfere
with users who add custom readers with specific behavior.

Waiting for better reproduction case and less invasive solution.

Refs: https://github.com/labstack/echo/issues/2813#issuecomment-3294563361

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-15 19:08:27 -07:00
Vishal Rana 2fb84197e9 Fix DefaultBinder empty body handling for unknown ContentLength
Fix issue where POST requests with empty bodies and ContentLength=-1
(unknown/chunked encoding) incorrectly fail with 415 Unsupported Media Type.

The DefaultBinder.BindBody method now properly detects truly empty bodies
when ContentLength=-1 by peeking at the first byte. If no content is found,
it returns early without error. If content exists, it reconstructs the body
to preserve the original data.

Fixes #2813

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-15 18:47:57 -07:00
Vishal Rana 61da50fefc Update test to expect improved Response.Flush error message
The test TestResponse_FlushPanics was expecting the old generic error
message but should now expect the improved message that includes the
specific ResponseWriter type information.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-15 17:54:49 -07:00
Vishal Rana a92f4209c6 Fix IP extraction fallback and improve Response.Flush error messages
Fixes two issues:

1. extractIP now handles RemoteAddr without port (#2757)
   - Previously returned empty string for addresses like "192.168.1.1"
   - Now validates with net.ParseIP and returns the IP directly
   - Maintains full backwards compatibility for existing behavior

2. Response.Flush uses modern error handling (#2789)
   - Replaces type assertion with http.NewResponseController
   - Provides descriptive panic message with ResponseWriter type info
   - Improves debugging experience when flushing is not supported

Both changes maintain full backwards compatibility while fixing edge cases.

Closes #2757
Closes #2789

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-15 17:52:30 -07:00
Martti T. 5ac2f11f21 Use Go 1.25 in CI (#2810)
* Use Go 1.25 in CI

* Disable test: in Go 1.24 and earlier http.NoBody would result ContentLength=-1 but as of Go 1.25 http.NoBody would result ContentLength=0 I am too lazy to bother documenting this as 2 version specific tests.
2025-08-29 17:53:06 +03:00
cui 9acf534182 refactor to use reflect.TypeFor (#2812) 2025-08-25 22:32:58 +03:00
Martti T. 8493c61ede Update deps (#2807)
* Update golang.org/x/ dependencies
2025-08-12 11:57:52 +03:00
Martti T. 98ca08e7dd Improve changelog for 4.13.4 (#2783) v4.13.4 2025-05-22 14:18:29 +03:00
Martti T. f24aaff49b Revert "CORS: reject requests with 401 for non-preflight request with not mat…" (#2782)
This reverts commit ee3e129778.
2025-05-22 14:11:54 +03:00
Martti T. 9f50a659e9 Changelog for 4.13.4 (#2781) 2025-05-22 14:04:26 +03:00