launchbadge
diff --git a/‎Cargo.lock‎
Lines changed: 4 additions & 13 deletions b/‎Cargo.lock‎
Lines changed: 4 additions & 13 deletions
diff --git a/‎Cargo.toml‎
Lines changed: 2 additions & 2 deletions b/‎Cargo.toml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎sqlx-core/Cargo.toml‎
Lines changed: 1 addition & 1 deletion b/‎sqlx-core/Cargo.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎sqlx-core/src/any/connection/backend.rs‎
Lines changed: 6 additions & 3 deletions b/‎sqlx-core/src/any/connection/backend.rs‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎sqlx-core/src/any/connection/executor.rs‎
Lines changed: 5 additions & 2 deletions b/‎sqlx-core/src/any/connection/executor.rs‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎sqlx-core/src/executor.rs‎
Lines changed: 5 additions & 2 deletions b/‎sqlx-core/src/executor.rs‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎sqlx-core/src/pool/executor.rs‎
Lines changed: 6 additions & 2 deletions b/‎sqlx-core/src/pool/executor.rs‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎sqlx-core/src/sql_str.rs‎
Lines changed: 9 additions & 0 deletions b/‎sqlx-core/src/sql_str.rs‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎sqlx-core/src/transaction.rs‎
Lines changed: 1 addition & 0 deletions b/‎sqlx-core/src/transaction.rs‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎sqlx-mysql/Cargo.toml‎
Lines changed: 2 additions & 2 deletions b/‎sqlx-mysql/Cargo.toml‎
Lines changed: 2 additions & 2 deletions
@@ -63,7 +63,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 default = ["any", "macros", "migrate", "json"]
 
 derive = ["sqlx-macros/derive"]
-macros = ["derive", "sqlx-macros/macros"]
+macros = ["derive", "sqlx-macros/macros", "sqlx-core/offline", "sqlx-mysql?/offline", "sqlx-postgres?/offline", "sqlx-sqlite?/offline"]
 migrate = ["sqlx-core/migrate", "sqlx-macros?/migrate", "sqlx-mysql?/migrate", "sqlx-postgres?/migrate", "sqlx-sqlite?/migrate"]
 
 # Enable parsing of `sqlx.toml` for configuring macros and migrations.
@@ -211,7 +211,7 @@ features = ["time", "net", "sync", "fs", "io-util", "rt"]
 default-features = false
 
 [dependencies]
-sqlx-core = { workspace = true, features = ["offline", "migrate"] }
+sqlx-core = { workspace = true, features = ["migrate"] }
 sqlx-macros = { workspace = true, optional = true }
 
 sqlx-mysql = { workspace = true, optional = true }
 
@@ -56,7 +56,7 @@ tokio = { workspace = true, optional = true }
 native-tls = { version = "0.2.10", optional = true }
 
 rustls = { version = "0.23.24", default-features = false, features = ["std", "tls12"], optional = true }
-webpki-roots = { version = "0.26", optional = true }
+webpki-roots = { version = "1", optional = true }
 rustls-native-certs = { version = "0.8.0", optional = true }
 
 # Type Integrations
 
@@ -1,5 +1,4 @@
-use crate::any::{Any, AnyArguments, AnyQueryResult, AnyRow, AnyStatement, AnyTypeInfo};
-use crate::describe::Describe;
+use crate::any::{AnyArguments, AnyQueryResult, AnyRow, AnyStatement, AnyTypeInfo};
 use crate::sql_str::SqlStr;
 use either::Either;
 use futures_core::future::BoxFuture;
@@ -114,5 +113,9 @@ pub trait AnyConnectionBackend: std::any::Any + Debug + Send + 'static {
         parameters: &[AnyTypeInfo],
     ) -> BoxFuture<'c, crate::Result<AnyStatement>>;
 
-    fn describe(&mut self, sql: SqlStr) -> BoxFuture<'_, crate::Result<Describe<Any>>>;
+    #[cfg(feature = "offline")]
+    fn describe(
+        &mut self,
+        sql: SqlStr,
+    ) -> BoxFuture<'_, crate::Result<crate::describe::Describe<crate::any::Any>>>;
 }
@@ -1,5 +1,4 @@
 use crate::any::{Any, AnyConnection, AnyQueryResult, AnyRow, AnyStatement, AnyTypeInfo};
-use crate::describe::Describe;
 use crate::error::Error;
 use crate::executor::{Execute, Executor};
 use crate::sql_str::SqlStr;
@@ -56,7 +55,11 @@ impl<'c> Executor<'c> for &'c mut AnyConnection {
         self.backend.prepare_with(sql, parameters)
     }
 
-    fn describe<'e>(self, sql: SqlStr) -> BoxFuture<'e, Result<Describe<Self::Database>, Error>>
+    #[cfg(feature = "offline")]
+    fn describe<'e>(
+        self,
+        sql: SqlStr,
+    ) -> BoxFuture<'e, Result<crate::describe::Describe<Self::Database>, Error>>
     where
         'c: 'e,
     {
 
@@ -1,5 +1,4 @@
 use crate::database::Database;
-use crate::describe::Describe;
 use crate::error::{BoxDynError, Error};
 use crate::sql_str::{SqlSafeStr, SqlStr};
 
@@ -178,7 +177,11 @@ pub trait Executor<'c>: Send + Debug + Sized {
     /// This is used by compile-time verification in the query macros to
     /// power their type inference.
     #[doc(hidden)]
-    fn describe<'e>(self, sql: SqlStr) -> BoxFuture<'e, Result<Describe<Self::Database>, Error>>
+    #[cfg(feature = "offline")]
+    fn describe<'e>(
+        self,
+        sql: SqlStr,
+    ) -> BoxFuture<'e, Result<crate::describe::Describe<Self::Database>, Error>>
     where
         'c: 'e;
 }
 
@@ -4,7 +4,6 @@ use futures_core::stream::BoxStream;
 use futures_util::TryStreamExt;
 
 use crate::database::Database;
-use crate::describe::Describe;
 use crate::error::Error;
 use crate::executor::{Execute, Executor};
 use crate::pool::Pool;
@@ -63,7 +62,11 @@ where
     }
 
     #[doc(hidden)]
-    fn describe<'e>(self, sql: SqlStr) -> BoxFuture<'e, Result<Describe<Self::Database>, Error>> {
+    #[cfg(feature = "offline")]
+    fn describe<'e>(
+        self,
+        sql: SqlStr,
+    ) -> BoxFuture<'e, Result<crate::describe::Describe<Self::Database>, Error>> {
         let pool = self.clone();
 
         Box::pin(async move { pool.acquire().await?.describe(sql).await })
@@ -127,6 +130,7 @@ where
 //     }
 //
 //     #[doc(hidden)]
+//     #[cfg(feature = "offline")]
 //     #[inline]
 //     fn describe<'e, 'q: 'e>(
 //         self,
 
@@ -35,6 +35,15 @@ use std::sync::Arc;
 /// [injection]: https://en.wikipedia.org/wiki/SQL_injection
 /// [`query()`]: crate::query::query
 /// [`raw_sql()`]: crate::raw_sql::raw_sql
+#[diagnostic::on_unimplemented(
+    label = "dynamic SQL string",
+    message = "dynamic SQL strings should be audited for possible injections",
+    note = "prefer literal SQL strings with bind parameters or `QueryBuilder` to add dynamic data to a query.
+
+To bypass this error, manually audit for potential injection vulnerabilities and wrap with `AssertSqlSafe()`.
+For details, see the docs for `SqlSafeStr`.\n",
+    note = "this trait is only implemented for `&'static str`, not all `&str` like the compiler error may suggest"
+)]
 pub trait SqlSafeStr {
     /// Convert `self` to a [`SqlStr`].
     fn into_sql_str(self) -> SqlStr;
 
@@ -189,6 +189,7 @@ where
 //     }
 //
 //     #[doc(hidden)]
+//     #[cfg(feature = "offline")]
 //     fn describe<'e, 'q: 'e>(
 //         self,
 //         query: &'q str,
 
@@ -12,7 +12,7 @@ rust-version.workspace = true
 [features]
 json = ["sqlx-core/json", "serde"]
 any = ["sqlx-core/any"]
-offline = ["sqlx-core/offline", "serde/derive"]
+offline = ["sqlx-core/offline", "serde/derive", "bitflags/serde"]
 migrate = ["sqlx-core/migrate"]
 
 # Type Integration features
@@ -52,7 +52,7 @@ uuid = { workspace = true, optional = true }
 # Misc
 atoi = "2.0"
 base64 = { version = "0.22.0", default-features = false, features = ["std"] }
-bitflags = { version = "2", default-features = false, features = ["serde"] }
+bitflags = { version = "2", default-features = false }
 byteorder = { version = "1.4.3", default-features = false, features = ["std"] }
 bytes = "1.1.0"
 either = "1.6.1"