All notable changes to laravel-query-builder
will be documented in this file
- Removed explicit escaping for
pgsql
driver inFiltersPartial
- Fixes #941 by @Talpx1 in spatie#968
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/6.2.0...6.2.1
- [FEAT] add filter by operator by @AbdelrahmanBl in spatie#940
- Add documentation for the operator filter by @AlexVanderbist in spatie#974
- @AbdelrahmanBl made their first contribution in spatie#940
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/6.1.0...6.2.0
- Bump ramsey/composer-install from 2 to 3 by @dependabot in spatie#939
- Add issue #175 link in selecting-fields.md by @alipadron in spatie#951
- Update filtering.md by @justinkekeocha in spatie#954
- Bump dependabot/fetch-metadata from 2.1.0 to 2.2.0 by @dependabot in spatie#955
- [DOCS] Update Frontend implementation with a new one by @cgarciagarcia in spatie#961
- Update Documentation for php markdown by @chengkangzai in spatie#969
- AllowedFilter should return static rather than self by @kosarinin in spatie#964
- @alipadron made their first contribution in spatie#951
- @cgarciagarcia made their first contribution in spatie#961
- @chengkangzai made their first contribution in spatie#969
- @kosarinin made their first contribution in spatie#964
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/6.0.1...6.1.0
- Fix ability to filter models by an array as filter value by @inmula in spatie#943
- @inmula made their first contribution in spatie#943
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/6.0.0...6.0.1
- Add additional types & Phpstan by @Nielsvanpach in spatie#910
- @Nielsvanpach made their first contribution in spatie#910
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.8.1...6.0.0
- Fix typo by @justinkekeocha in spatie#926
- List query-builder-ts front-end implementation package by @rogervila in spatie#925
- Fix incorrect escape character in SQL for LIKE query in partial filter by @Talpx1 in spatie#927
- @justinkekeocha made their first contribution in spatie#926
- @rogervila made their first contribution in spatie#925
- @Talpx1 made their first contribution in spatie#927
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.8.0...5.8.1
- [Docs] Update config file content by @shdehnavi in spatie#918
- Bump: Deprecating Laravel 9 and PHP 8.1, adding Laravel 11 support by @JustSteveKing in spatie#922
- @shdehnavi made their first contribution in spatie#918
- @JustSteveKing made their first contribution in spatie#922
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.7.0...5.8.0
- Start testing against PHP 8.3 by @sergiy-petrov in spatie#899
- Add the possibility to use the literal relation names in the
allowedFields
. by @carvemerson in spatie#917 - Add
unsetDefault
as a replacement fordefault(null)
which was removed in 5.6.0 by @patrickrobrecht in spatie#902 - Allow passing an array to the
defaultSort
function as documented by @MajidMohammadian in spatie#904 - Add
disable_invalid_includes_query_exception
config option by @dimzeta in spatie#906 - Update
AllowedFilter.php
to includegetFilterClass
function by @justasSendrauskas in spatie#909
- @sergiy-petrov made their first contribution in spatie#899
- @carvemerson made their first contribution in spatie#917
- @patrickrobrecht made their first contribution in spatie#902
- @MajidMohammadian made their first contribution in spatie#904
- @dimzeta made their first contribution in spatie#906
- @justasSendrauskas made their first contribution in spatie#909
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.6.0...5.7.0
- Add support for defining includes by callback by @enricodelazzari in spatie#894
- Add nullable filters by @enricodelazzari in spatie#895
- Fix escaping control characters in partial filters by @GrahamCampbell in spatie#898
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.5.0...5.6.0
- Add support for
withExists
viaIncludedExists
by @enricodelazzari in spatie#891 - Use default values for all config keys (avoids issues when
QueryBuilder
is used as a dependency in a package)
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.4.0...5.5.0
- Deprecate
request_data_source
config. TheQueryBuilder
will always look at both the query string and the request body when available now - Fix having
null
as the query parameter name for filters (see #889) - Bump actions/checkout from 3 to 4 by @dependabot in spatie#890
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.3.0...5.4.0
- Accepts string value for the
fields
query parameter by @ezra-obiwale in spatie#872 - Add
FiltersEndsWithStrict
filter by @utsavsomaiya in spatie#885 - Make sure the
allowedSorts
are always set (even when none are requested) @luilliarcec in spatie#865
- @ezra-obiwale made their first contribution in spatie#872
- @utsavsomaiya made their first contribution in spatie#885
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.2.0...5.3.0
- Bump dependabot/fetch-metadata from 1.3.5 to 1.3.6 by @dependabot in spatie#843
- Update sorting.md by @shukriYusof in spatie#846
- Update custom sorts link in documentation by @turpoint in spatie#844
- Add config to disable InvalidSortQuery exception by @bohemima in spatie#830
- @shukriYusof made their first contribution in spatie#846
- @turpoint made their first contribution in spatie#844
- @bohemima made their first contribution in spatie#830
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.1.2...5.2.0
- Update including-relationships.md by @designvoid in spatie#837
- Fix workflow badges in README by @nelson6e65 in spatie#841
- Laravel 10.x Compatibility by @laravel-shift in spatie#842
- @designvoid made their first contribution in spatie#837
- @nelson6e65 made their first contribution in spatie#841
- @laravel-shift made their first contribution in spatie#842
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.1.1...5.1.2
- Fix
array_diff_assoc
BC break in v5.1.0 by @stevebauman in spatie#827
- @stevebauman made their first contribution in spatie#827
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.1.0...5.1.1
- bugfix: appending to
pluck
ed values (that are not aModel
) is not possible - Add version number to installation command in V4 by @jamesbhatta in spatie#786
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/4.0.3...4.0.4
- Feature: Update Generics in IncludeInterface by @sidigi in spatie#810
- Feature: Add PHP 8.2 Support by @patinthehat in spatie#825
- Feature: Add
beginsWithStrict
filter by @danilopinotti in spatie#821 - Bugfix: ignore allowed filters by @davidjr82 in spatie#818
- Bugfix: Change self to static when creating query builder by @olliescase in spatie#819
- Docs: Update filtering.md by @Dion213 in spatie#801
- Misc: Add Dependabot Automation by @patinthehat in spatie#823
- Misc: Bump actions/checkout from 2 to 3 by @dependabot in spatie#824
- @Dion213 made their first contribution in spatie#801
- @sidigi made their first contribution in spatie#810
- @patinthehat made their first contribution in spatie#823
- @dependabot made their first contribution in spatie#824
- @davidjr82 made their first contribution in spatie#818
- @olliescase made their first contribution in spatie#819
- @danilopinotti made their first contribution in spatie#821
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.0.3...5.1.0
- Fixed: Some links in the documentation for v5 pointing to v2 pages by @hameedraha in spatie#757
- static return type when returning $this by @lorenzolosa in spatie#775
- [PHP 8.2] Fix
${var}
string interpolation deprecation by @Ayesh in spatie#779 - Fix grammar by @clouder in spatie#784
- Add Inertia.js Tables for Laravel Query Builder by @fabianpnke in spatie#790
- Fix Laravel 9 PHPStan generic check for
__invoke()
method of Filter by @kayw-geek in spatie#781 - Fix for Warning by @shaunluedeke in spatie#791
- @hameedraha made their first contribution in spatie#757
- @lorenzolosa made their first contribution in spatie#775
- @Ayesh made their first contribution in spatie#779
- @clouder made their first contribution in spatie#784
- @fabianpnke made their first contribution in spatie#790
- @shaunluedeke made their first contribution in spatie#791
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.0.2...5.0.3
- Fix Laravel 9 PHPStan generic check by @kayw-geek in spatie#749
- @kayw-geek made their first contribution in spatie#749
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.0.1...5.0.2
- V4 - Add support for laravel > 7.30.4 by @luilliarcec in spatie#744
- @luilliarcec made their first contribution in spatie#744
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/4.0.2...4.0.3
- Update README.md by @wayz9 in spatie#713
- Fix release order in CHANGELOG by @medvinator in spatie#717
- Fix include casing docs by @canvural in spatie#733
- Adapt documentation for publishing package config by @dominikb in spatie#734
- Fix warning from passing null to explode for includeParts by @steven-fox in spatie#742
- @wayz9 made their first contribution in spatie#713
- @medvinator made their first contribution in spatie#717
- @canvural made their first contribution in spatie#733
- @steven-fox made their first contribution in spatie#742
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/5.0.0...5.0.1
- add support for Laravel 9
- drop support for older versions
- DOC: New sample with multiple default sorts by @williamxsp in spatie#694
- PHP 8.1 Support by @Medalink in spatie#702
- @williamxsp made their first contribution in spatie#694
- @Medalink made their first contribution in spatie#702
Full Changelog: https://github.com/spatie/laravel-query-builder/compare/4.0.1...4.0.2
- revert deferred service provider (#677)
- nested filters will no longer be automatically camel-cased to match a relationship name
- includes will no longer be automatically camel-cased to match a relationship name
- fields will no longer be automatically snake-cased to match table or column names
- switch to deferred service provider
Take a look at the upgrade guide for a more detailed explanation.
- add callback sorts (#654)
- add support for cursor pagination
- fix unexpected lowercase appends (#637)
- no changes
- fix simple paginator append not working (#633)
- add support for custom includes (#623)
- add support for getting request data from the request body (#589)
- fix issues when cloning
QueryBuilder
(#621)
- prepend table name to
WHERE
clause for ambiguous partial filters (#567) - add PHP 8 support
- prepend table name to
WHERE
clause for ambiguous exact filters (#467)
- fix config key to disable
InvalidFilterQuery
exception
- make nested scope compatible with older Laravel (#542)
- add ability to filter by nested relationship scopes (#519)
- add config key to disable
InvalidFilterQuery
exception (#525)
- update what defines an ignored filter value (#533)
- add LengthAwarePaginator to QueryBuilder (#532)
- Revert changes from v3.2.1 to
AllowedFilter::filter()
- Fix filtering associative arrays (#488)
- AllowedFilter::filter() takes a
Illuminate\Database\Eloquent\Builder
instead of a QueryBuilder instance
- add support for Laravel 8
- add individual array delimiters for includes, filters, appends and sorts
- ensure relations queried using the exact filter are actual relations on the model
New major version. Please read the UPGRADING guide before upgrading.
Spatie\QueryBuilder\QueryBuilder
class no longer extends Laravel'sIlluminate\Database\Eloquent\Builder
- fix scope filters that are added via macros (e.g.
onlyTrashed
) (#469)
- make service provider deferrable (#381)
- add support for Laravel 7
- small fix for lumen (#436)
- small fix for lumen in service provider
- add support for model binding in scope filter parameters (#415)
- fix alias for multiple allowed includes (#414)
- add
FiltersTrashed
for filtering soft-deleted models - add
FiltersCallback
for filtering using a callback
- fix dealing with empty or
null
includes (#395) - fix passing an associative array of scope filter values (#387)
- add
defaultDirection
- add support for a custom filter delimiter (#369)
- resolve
QueryBuilderRequest
from service container
- fix issue when passing camel-cased includes (#336)
- add option to disable parsing relationship constraints when filtering related model properties in the exact and partial filters (#262)
- fix selecting fields from included relationships that are multiple levels deep (#317)
- add support for Laravel 6
- update doc block for
QueryBuilder::for()
- add missing typehint in
SortsField
- removed request macros
- sorts and field selects are not allowed by default and need to be explicitly allowed
- requesting an include suffixed with
Count
will add the related models' count using$query->withCount()
- custom sorts and filters now need to be passed as instances
- renamed
Spatie\QueryBuilder\Sort
toSpatie\QueryBuilder\AllowedSort
- renamed
Spatie\QueryBuilder\Included
toSpatie\QueryBuilder\AllowedInclude
- renamed
Spatie\QueryBuilder\Filter
toSpatie\QueryBuilder\AllowedFilter
Filter
,Include
andSort
interfaces no longer need to return theBuilder
instanceallowedFields
should be called beforeallowedIncludes
- filters can now have default values
- includes will be converted to camelcase before being parsed
- bugfix: correctly parse sorts in
chunk
ed query (#299) - bugfix: don't parse empty values in arrays for partial filters (#285)
- bugfix:
orderByRaw
is no longer being rejected as a sorting option (#258) - bugfix:
addSelect
is no longer being replaced by the?fields
parameter (#260) - bugfix: take leading dash into account when remembering generated sort columns (#272)
- bugfix:
allowedIncludes
no longer adds duplicate includes for nested includes (#251)
- bugfix: remove duplicate parsing of (default) sort clauses
- bugfix: replace missing
sort()
method onQueryBuilderRequest
- bugfix: don't escape
allowedSort
s and their aliases - bugfix: don't escape
allowedField
s
- security fixes
- security fixes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- moved features to traits
- started using
QueryBuilderRequest
to read data from the current request - deprecated request macros (
Request::filters()
,Request::includes()
, etc...) - raised minimum supported Laravel version to 5.6.34
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for multiple default sorts (#214)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.5 and up (again)
- add support for PHP 7.1 and up (again)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix default sort not parsing correctly (#178)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- drop support for Laravel 5.7 and lower
- drop support for PHP 7.1 and lower
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add aliased sorts (#164)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.8
- use Str:: and Arr:: instead of helper methods
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix detection of false-positives for ignored values (#154)
- fix broken morphTo includes (#130)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow ignoring specific filter values using
$filter->ignore()
- allow filtering related model attributes
allowedFilters('related-model.name')
- fix for filtering by relation model properties
- add custom sort classes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow differently named columns
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix exception when using filters with nested arrays (#117)
- fix overwritten fields when using
allowedIncludes
with many-to-many relationships (#118)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix exception when using
allowedFields()
but selecting none
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add
allowedFields
method - fix & cleanup
Request::fields()
macro - fix fields option (
SELECT * FROM table
instead ofSELECT table.* FROM table
)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix parsing empty filters from url
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- improve compatibility with Lumen
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.7
- add framework/laravel as a dependency
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- improve compatibility with Lumen by only publishing the config file in console mode
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for instantiated custom filter classes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix for using reserved SQL words as attributes in Postgres
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- make sure filtering on string with special characters just works
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix for using reserved SQL words as attributes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- resolved #14
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- prevent double sorting statments
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- improvements around field selection
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add
Filter::scope()
for querying scopes - explicitly defining parent includes in nested queries is no longer required
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add
allowedAppends()
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add ability to customize query parameter names
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for selecting specific columns using
?fields[table]=field_name
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow arrays in filters
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for Laravel 5.6
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- fix: initializing scopes, macro's, the onDelete callback and eager loads from base query on QueryBuilder
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- use specific exceptions for every invalid query
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow multiple sorts
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- allow
allowedIncludes
,allowedFilters
andallowedSorts
to accept arrays
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- remove auto registering facade from composer.json
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add support for global scopes and soft deletes
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- bugfix: revert #11 (escaping
_
and%
in LIKE queries)
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- escape
_
and%
in LIKE queries
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- add ability to set a default sort attribute
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- bugfix: using
allowedSorts
together with an empty sort query parameter no longer throws an exception
DO NOT USE: THIS VERSION ALLOWS SQL INJECTION ATTACKS
- initial release! 🎉