* render: add PDF renderer and tests
* render: update PDF renderer copyright header
* test: add PDF rendering tests including 204 No Content in context_test.go
- Update release announcement section to introduce Gin 1.12.0
- Provide a more detailed description of new features and improvements in version 1.12.0
Signed-off-by: appleboy <appleboy.tw@gmail.com>
* ci: update Go version support to 1.25+ across CI and docs
- Remove Go 1.24 from CI test matrix to only support 1.25 and 1.26
- Update documentation to require Go version 1.25 or above
Signed-off-by: appleboy <appleboy.tw@gmail.com>
* chore: increase required Go version for Gin to 1.25
- Update minimum required Go version for Gin from 1.24 to 1.25
- Revise related warning message and test expectations to match new version requirement
Signed-off-by: appleboy <appleboy.tw@gmail.com>
---------
Signed-off-by: appleboy <appleboy.tw@gmail.com>
* fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath enabled
When RedirectFixedPath is enabled and a request doesn't match any route,
findCaseInsensitivePathRec panics with "invalid node type". This happens
because it accesses children[0] to find the wildcard child, but addChild()
keeps the wildcard child at the end of the array (not the beginning).
When a node has both static and wildcard children, children[0] is a static
node, so the switch on nType falls through to the default panic case.
The fix mirrors what getValue() already does correctly (line 483):
use children[len(children)-1] to access the wildcard child.
Fixes#2959
* Address review feedback: improve test assertions and prefer static routes in case-insensitive lookup
- Assert found=false for non-matching paths instead of only checking for panics
- Fix expected casing for case-insensitive static route match (/PREFIX/XXX -> /prefix/xxx)
- Update findCaseInsensitivePathRec to try static children before falling back to
wildcard child, ensuring static routes win over param routes in case-insensitive matching
---------
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* refactor(context): use http.StatusContinue constant instead of magic number 100
Replace magic number 100 with http.StatusContinue constant for better
code clarity and maintainability in bodyAllowedForStatus function.
Also fix typo in logger_test.go: colorForLantency -> colorForLatency
Fixes#4489
* test: improve coverage to meet 99% threshold
- Add TestContextGetRawDataNilBody to cover nil body error case
- Add SameSiteDefaultMode test case in SetCookieData
- Add 400ms latency test case for LatencyColor
- Add TestMarshalXMLforHSuccess for successful XML marshaling
Coverage improved from 99.1% to 99.2%
* fix: use require for error assertions (testifylint)
* test(render): add comprehensive error handling tests
Add error case tests for XML, Data, BSON, and HTML renderers to improve test coverage and ensure proper error handling:
- TestRenderXMLError: validates XML marshal error handling for unsupported types
- TestRenderDataError: validates Data write error handling
- TestRenderBSONError: validates BSON marshal error handling for unsupported types
- TestRenderBSONWriteError: validates BSON write error handling
- TestRenderHTMLTemplateError: validates HTML template execution error with invalid field access
- TestRenderHTMLTemplateExecuteError: validates HTML template execution error with invalid nested field
All tests pass and maintain 100% coverage for the render package.
* test(render): improve robustness of error handling tests based on PR feedback
---------
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: AmirHossein Fallah <amirhossein.fallah@arvancloud.ir>
This is useful for APIs that might have sensitive information in the query string, such as API keys.
This patch does not change the default behavior of the code unless the new `SkipQueryString` config option is passed in.
The "skip" term is a bit of a misnomer here, as this doesn't actually skip that log, but modifies the output. I'm open to suggestions for a more appropriate name.
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update gin workflow to use v2.9 and add Go 1.26 to the matrix
- Upgrade Trivy action to v0.34.0 in the scan workflow
- Change all single quotes to double quotes in Trivy workflow configuration
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* test(render): add comprehensive tests for MsgPack render
* test(render): make msgpack tests deterministic
Decode the rendered msgpack output and assert values instead of comparing raw bytes (which can vary with map iteration order).
Enable MsgpackHandle.RawToString so msgpack strings decode as Go strings.
---------
Co-authored-by: AmirHossein Fallah <amirhossein.fallah@arvancloud.ir>
Use http.StatusContinue and http.StatusOK instead of hardcoded 100 and
199 for the 1xx informational status range check, consistent with the
pattern already used in logger.go.
Fixes#4489
* fix: correct typos and improve documentation clarity
- Fix typo "Oupps" to "Oops" in recovery test panic messages
- Fix confusing documentation in Bind() and ShouldBind() methods
that incorrectly stated "JSON or XML as a JSON input"
- Remove double period in StaticFileFS documentation comment
- Remove unused ErrorTypeNu constant that had duplicate comment
with ErrorTypeAny and was never used in the codebase
* tech: Fix the pull request routing link
- Implement TestRebuild404Handlers to verify 404 handler chain rebuilding
when global middleware is added via Use()
- Add waitForServerReady helper with exponential backoff to replace
unreliable time.Sleep() calls in integration tests
- Fix race conditions in TestRunEmpty, TestRunEmptyWithEnv, and
TestRunWithPort by using proper server readiness checks
- All tests now pass consistently with -race flag
This addresses the empty test function and eliminates flaky test failures
caused by insufficient wait times for server startup.
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Fix CVE-2025-59530 vulnerability (quic-go Crash Due to Premature HANDSHAKE_DONE Frame)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(ginS): add comprehensive test coverage for ginS package
Improve test coverage for ginS package by adding 18 test functions covering HTTP methods, routing, middleware, static files, and templates.
* use http.Method* constants instead of raw strings in gins_test.go
* copyright updated in gins_test.go
---------
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
