Security Fixes:
- Add SQL injection protection in dialect.go using proper identifier quoting
- Implement quoteIdentifier() method to escape SQL identifiers safely
- Fix resource leak in dbVersion() by adding deferred rows.Close()
- Fix incorrect error handling in dbVersion() to properly propagate errors
Code Quality Improvements:
- Replace custom Error struct with idiomatic fmt.Errorf with %w verb
- Simplify error handling by replacing nested if-err-nil with early returns
- Remove named return values with implicit returns for clarity
- Update interface{} to any (Go 1.18+ style)
- Fix variable shadowing in Apply loop (use m.Description instead of migrations[i])
Test Improvements:
- Fix variable shadowing bug in createTestDB() that caused nil pointer panics
- Update SQL driver from github.com/mattn/go-sqlite3 to modernc.org/sqlite
- Fix driver name from "sqlite3" to "sqlite" for modernc.org/sqlite
- Add missing error check for r.Scan() in TestApply
- Make test error handling consistent by using t.Fatal() throughout
- Simplify test helper functions with early returns
Documentation Fixes:
- Fix README example to use 'Apply' field instead of incorrect 'F' field
- Update README example to match actual test code (sex instead of gender)
- Fix typos: "datbase" → "database", "datbases" → "databases"
- Improve README clarity with proper punctuation and formatting
- Update doc.go with correct spelling
Dependencies:
- Update go.mod to Go 1.25
- Switch to modernc.org/sqlite v1.44.0 (pure Go SQLite driver)
- Add all required indirect dependencies
All changes maintain backward compatibility and pass existing tests.
