Added Cost attribution / telemetry - every plugin-issued query is tagged with a QUERY_TAG describing the operation and target layer, so usage is filterable in QUERY_HISTORY. Temporal animation - Snowflake layers auto-detect a timestamp column, enable temporal properties, and seed the controller with the column's real MIN/MAX range. Cooperative query cancellation - long-running queries can be interrupted instead of blocking. Non-geometry tables in the browser - plain tables now appear under a "Tables (no geometry)" group, with clear feedback for empty schemas. Fixed Plugin fails to load - resolved the QgsSqlExpressionCompiler import crash by reimplementing the filter/subset compiler as a pure-Python expression walker. Layer load/render crash (ModuleNotFoundError in SFFeatureSource) - removed a stray sys.path entry that loaded the plugin's modules under two names. Auth-config leak - connections now reuse the existing stored QGIS auth config instead of creating a new one on every layer load. Field/type crashes - QgsField construction is now QGIS-version-compatible (works on 3.34 through 3.44); fixed a bad default for unknown Snowflake type codes. Feature iterator - expression state is always initialized (no more unset-attribute errors), server-side cursors are released on close, and errors are logged instead of printed/swallowed. Spatial filter pushdown - skipped when the map extent is outside valid lon/lat range, avoiding Snowflake "Invalid Lng/Lat pair" errors. Provider cache - reloads reset feature/count/extent caches while preserving column order, and edits refresh the attribute table without reopening the layer. Security SQL injection hardening - all identifiers, literals, and table names route through centralized quoting; malicious quoted identifiers are neutralized; backslash/quote breakouts in literals are escaped; JSON payloads use safe $$ quoting. Predicate / expression safety - free-text WHERE clauses are rejected when they contain comments, statement terminators, or set operators; QGIS filter/subset expressions are compiled (fail-closed to none) rather than passed through raw. Untrusted project files - values restored from .qgs/.qgz are re-validated; edit capabilities are withheld for unordered/row-capped result sets and re-check primary-key uniqueness before allowing edits. Credential protection - cleartext passwords are never written (and stale ones removed) when using encrypted auth; connection aliases are hidden behind redacted authcfg= tokens in persisted URIs. Content-injection hardening - server-controlled table names render as plain text (no SMB/UNC leak), and ad-hoc SQL execution requires explicit confirmation.
yes
snow
2026-07-06T17:04:23.642588+00:00
3.34.1
4.99.0
None
no
Plugin Tags