fix: bug with parsing variables in roles_query

fix: bug with shared pointer in new jit mode
fix: remove upx install from dockerfile
2020-06-04 21:55:52 -04:00 · 2020-06-03 18:19:07 -04:00 · 2020-06-03 01:42:10 -04:00 · 2020-06-03 01:03:12 -04:00
27 changed files with 364 additions and 279 deletions
--- a/3
+++ b/3
@ -12,8 +12,7 @@ FROM golang:1.14-alpine as go-build
 RUN apk update && \
    apk add --no-cache make && \
    apk add --no-cache git && \
-    apk add --no-cache jq && \
-    apk add --no-cache upx=3.95-r2
+    apk add --no-cache jq

 RUN GO111MODULE=off go get -u github.com/rafaelsq/wtc

--- a/core/api.go
+++ b/core/api.go
@ -49,6 +49,7 @@ import (
 	"crypto/sha256"
 	"database/sql"
 	"encoding/json"
+	"hash/maphash"
 	_log "log"
 	"os"

@ -83,10 +84,11 @@ type SuperGraph struct {
 	schema      *psql.DBSchema
 	allowList   *allow.List
 	encKey      [32]byte
-	prepared    map[string]*preparedItem
+	hashSeed    maphash.Seed
+	queries     map[uint64]query
 	roles       map[string]*Role
 	getRole     *sql.Stmt
-	rmap        map[uint64]*resolvFn
+	rmap        map[uint64]resolvFn
 	abacEnabled bool
 	anonExists  bool
 	qc          *qcode.Compiler
@ -107,10 +109,11 @@ func newSuperGraph(conf *Config, db *sql.DB, dbinfo *psql.DBInfo) (*SuperGraph,
 	}

 	sg := &SuperGraph{
-		conf:   conf,
-		db:     db,
-		dbinfo: dbinfo,
-		log:    _log.New(os.Stdout, "", 0),
+		conf:     conf,
+		db:       db,
+		dbinfo:   dbinfo,
+		log:      _log.New(os.Stdout, "", 0),
+		hashSeed: maphash.MakeSeed(),
 	}

 	if err := sg.initConfig(); err != nil {
--- a/core/args.go
+++ b/core/args.go
@ -12,7 +12,8 @@ import (
 // to a prepared statement.

 func (c *scontext) argList(md psql.Metadata) ([]interface{}, error) {
-	vars := make([]interface{}, len(md.Params))
+	params := md.Params()
+	vars := make([]interface{}, len(params))

 	var fields map[string]json.RawMessage
 	var err error
@ -25,7 +26,7 @@ func (c *scontext) argList(md psql.Metadata) ([]interface{}, error) {
 		}
 	}

-	for i, p := range md.Params {
+	for i, p := range params {
 		switch p.Name {
 		case "user_id":
 			if v := c.Value(UserIDKey); v != nil {
--- a/core/bench.11
+++ b/core/bench.11
@ -0,0 +1,41 @@
+INF roles_query not defined: attribute based access control disabled
+all expectations were already fulfilled, call to Query 'SELECT jsonb_build_object('users', "__sj_0"."json", 'products', "__sj_1"."json") as "__root" FROM (SELECT coalesce(jsonb_agg("__sj_1"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_1".*) AS "json"FROM (SELECT "products_1"."id" AS "id", "products_1"."name" AS "name", "__sj_2"."json" AS "customers", "__sj_3"."json" AS "user" FROM (SELECT "products"."id", "products"."name", "products"."user_id" FROM "products" LIMIT ('20') :: integer) AS "products_1" LEFT OUTER JOIN LATERAL (SELECT to_jsonb("__sr_3".*) AS "json"FROM (SELECT "users_3"."full_name" AS "full_name", "users_3"."phone" AS "phone", "users_3"."email" AS "email" FROM (SELECT "users"."full_name", "users"."phone", "users"."email" FROM "users" WHERE ((("users"."id") = ("products_1"."user_id"))) LIMIT ('1') :: integer) AS "users_3") AS "__sr_3") AS "__sj_3" ON ('true') LEFT OUTER JOIN LATERAL (SELECT coalesce(jsonb_agg("__sj_2"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_2".*) AS "json"FROM (SELECT "customers_2"."id" AS "id", "customers_2"."email" AS "email" FROM (SELECT "customers"."id", "customers"."email" FROM "customers" LEFT OUTER JOIN "purchases" ON (("purchases"."product_id") = ("products_1"."id")) WHERE ((("customers"."id") = ("purchases"."customer_id"))) LIMIT ('20') :: integer) AS "customers_2") AS "__sr_2") AS "__sj_2") AS "__sj_2" ON ('true')) AS "__sr_1") AS "__sj_1") AS "__sj_1", (SELECT coalesce(jsonb_agg("__sj_0"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_0".*) AS "json"FROM (SELECT "users_0"."id" AS "id", "users_0"."name" AS "name" FROM (SELECT "users"."id" FROM "users" GROUP BY "users"."id" LIMIT ('20') :: integer) AS "users_0") AS "__sr_0") AS "__sj_0") AS "__sj_0"' with args [] was not expected
+goos: darwin
+goarch: amd64
+pkg: github.com/dosco/super-graph/core
+BenchmarkGraphQL-16    	INF roles_query not defined: attribute based access control disabled
+all expectations were already fulfilled, call to Query 'SELECT jsonb_build_object('users', "__sj_0"."json", 'products', "__sj_1"."json") as "__root" FROM (SELECT coalesce(jsonb_agg("__sj_1"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_1".*) AS "json"FROM (SELECT "products_1"."id" AS "id", "products_1"."name" AS "name", "__sj_2"."json" AS "customers", "__sj_3"."json" AS "user" FROM (SELECT "products"."id", "products"."name", "products"."user_id" FROM "products" LIMIT ('20') :: integer) AS "products_1" LEFT OUTER JOIN LATERAL (SELECT to_jsonb("__sr_3".*) AS "json"FROM (SELECT "users_3"."full_name" AS "full_name", "users_3"."phone" AS "phone", "users_3"."email" AS "email" FROM (SELECT "users"."full_name", "users"."phone", "users"."email" FROM "users" WHERE ((("users"."id") = ("products_1"."user_id"))) LIMIT ('1') :: integer) AS "users_3") AS "__sr_3") AS "__sj_3" ON ('true') LEFT OUTER JOIN LATERAL (SELECT coalesce(jsonb_agg("__sj_2"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_2".*) AS "json"FROM (SELECT "customers_2"."id" AS "id", "customers_2"."email" AS "email" FROM (SELECT "customers"."id", "customers"."email" FROM "customers" LEFT OUTER JOIN "purchases" ON (("purchases"."product_id") = ("products_1"."id")) WHERE ((("customers"."id") = ("purchases"."customer_id"))) LIMIT ('20') :: integer) AS "customers_2") AS "__sr_2") AS "__sj_2") AS "__sj_2" ON ('true')) AS "__sr_1") AS "__sj_1") AS "__sj_1", (SELECT coalesce(jsonb_agg("__sj_0"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_0".*) AS "json"FROM (SELECT "users_0"."id" AS "id", "users_0"."name" AS "name" FROM (SELECT "users"."id" FROM "users" GROUP BY "users"."id" LIMIT ('20') :: integer) AS "users_0") AS "__sr_0") AS "__sj_0") AS "__sj_0"' with args [] was not expected
+INF roles_query not defined: attribute based access control disabled
+all expectations were already fulfilled, call to Query 'SELECT jsonb_build_object('users', "__sj_0"."json", 'products', "__sj_1"."json") as "__root" FROM (SELECT coalesce(jsonb_agg("__sj_1"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_1".*) AS "json"FROM (SELECT "products_1"."id" AS "id", "products_1"."name" AS "name", "__sj_2"."json" AS "customers", "__sj_3"."json" AS "user" FROM (SELECT "products"."id", "products"."name", "products"."user_id" FROM "products" LIMIT ('20') :: integer) AS "products_1" LEFT OUTER JOIN LATERAL (SELECT to_jsonb("__sr_3".*) AS "json"FROM (SELECT "users_3"."full_name" AS "full_name", "users_3"."phone" AS "phone", "users_3"."email" AS "email" FROM (SELECT "users"."full_name", "users"."phone", "users"."email" FROM "users" WHERE ((("users"."id") = ("products_1"."user_id"))) LIMIT ('1') :: integer) AS "users_3") AS "__sr_3") AS "__sj_3" ON ('true') LEFT OUTER JOIN LATERAL (SELECT coalesce(jsonb_agg("__sj_2"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_2".*) AS "json"FROM (SELECT "customers_2"."id" AS "id", "customers_2"."email" AS "email" FROM (SELECT "customers"."id", "customers"."email" FROM "customers" LEFT OUTER JOIN "purchases" ON (("purchases"."product_id") = ("products_1"."id")) WHERE ((("customers"."id") = ("purchases"."customer_id"))) LIMIT ('20') :: integer) AS "customers_2") AS "__sr_2") AS "__sj_2") AS "__sj_2" ON ('true')) AS "__sr_1") AS "__sj_1") AS "__sj_1", (SELECT coalesce(jsonb_agg("__sj_0"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_0".*) AS "json"FROM (SELECT "users_0"."id" AS "id", "users_0"."name" AS "name" FROM (SELECT "users"."id" FROM "users" GROUP BY "users"."id" LIMIT ('20') :: integer) AS "users_0") AS "__sr_0") AS "__sj_0") AS "__sj_0"' with args [] was not expected
+INF roles_query not defined: attribute based access control disabled
+all expectations were already fulfilled, call to Query 'SELECT jsonb_build_object('users', "__sj_0"."json", 'products', "__sj_1"."json") as "__root" FROM (SELECT coalesce(jsonb_agg("__sj_1"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_1".*) AS "json"FROM (SELECT "products_1"."id" AS "id", "products_1"."name" AS "name", "__sj_2"."json" AS "customers", "__sj_3"."json" AS "user" FROM (SELECT "products"."id", "products"."name", "products"."user_id" FROM "products" LIMIT ('20') :: integer) AS "products_1" LEFT OUTER JOIN LATERAL (SELECT to_jsonb("__sr_3".*) AS "json"FROM (SELECT "users_3"."full_name" AS "full_name", "users_3"."phone" AS "phone", "users_3"."email" AS "email" FROM (SELECT "users"."full_name", "users"."phone", "users"."email" FROM "users" WHERE ((("users"."id") = ("products_1"."user_id"))) LIMIT ('1') :: integer) AS "users_3") AS "__sr_3") AS "__sj_3" ON ('true') LEFT OUTER JOIN LATERAL (SELECT coalesce(jsonb_agg("__sj_2"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_2".*) AS "json"FROM (SELECT "customers_2"."id" AS "id", "customers_2"."email" AS "email" FROM (SELECT "customers"."id", "customers"."email" FROM "customers" LEFT OUTER JOIN "purchases" ON (("purchases"."product_id") = ("products_1"."id")) WHERE ((("customers"."id") = ("purchases"."customer_id"))) LIMIT ('20') :: integer) AS "customers_2") AS "__sr_2") AS "__sj_2") AS "__sj_2" ON ('true')) AS "__sr_1") AS "__sj_1") AS "__sj_1", (SELECT coalesce(jsonb_agg("__sj_0"."json"), '[]') as "json" FROM (SELECT to_jsonb("__sr_0".*) AS "json"FROM (SELECT "users_0"."id" AS "id", "users_0"."name" AS "name" FROM (SELECT "users"."id" FROM "users" GROUP BY "users"."id" LIMIT ('20') :: integer) AS "users_0") AS "__sr_0") AS "__sj_0") AS "__sj_0"' with args [] was not expected
+  105048	     10398 ns/op	   18342 B/op	      55 allocs/op
+PASS
+ok  	github.com/dosco/super-graph/core	1.328s
+PASS
+ok  	github.com/dosco/super-graph/core/internal/allow	0.088s
+?   	github.com/dosco/super-graph/core/internal/crypto	[no test files]
+?   	github.com/dosco/super-graph/core/internal/integration_tests	[no test files]
+PASS
+ok  	github.com/dosco/super-graph/core/internal/integration_tests/cockroachdb	0.121s
+PASS
+ok  	github.com/dosco/super-graph/core/internal/integration_tests/postgresql	0.118s
+goos: darwin
+goarch: amd64
+pkg: github.com/dosco/super-graph/core/internal/psql
+BenchmarkCompile-16            	   79845	     14428 ns/op	    4584 B/op	      39 allocs/op
+BenchmarkCompileParallel-16    	  326205	      3918 ns/op	    4633 B/op	      39 allocs/op
+PASS
+ok  	github.com/dosco/super-graph/core/internal/psql	2.696s
+goos: darwin
+goarch: amd64
+pkg: github.com/dosco/super-graph/core/internal/qcode
+BenchmarkQCompile-16        	  146953	      8049 ns/op	    3756 B/op	      28 allocs/op
+BenchmarkQCompileP-16       	  475936	      2447 ns/op	    3790 B/op	      28 allocs/op
+BenchmarkParse-16           	  140811	      8163 ns/op	    3902 B/op	      18 allocs/op
+BenchmarkParseP-16          	  571345	      2041 ns/op	    3903 B/op	      18 allocs/op
+BenchmarkSchemaParse-16     	  230715	      5012 ns/op	    3968 B/op	      57 allocs/op
+BenchmarkSchemaParseP-16    	  802426	      1565 ns/op	    3968 B/op	      57 allocs/op
+PASS
+ok  	github.com/dosco/super-graph/core/internal/qcode	8.427s
+?   	github.com/dosco/super-graph/core/internal/util	[no test files]
--- a/core/build.go
+++ b/core/build.go
@ -88,6 +88,7 @@ func (sg *SuperGraph) buildMultiStmt(query, vars []byte) ([]stmt, error) {

 	stmts := make([]stmt, 0, len(sg.conf.Roles))
 	w := &bytes.Buffer{}
+	md := psql.Metadata{}

 	for i := 0; i < len(sg.conf.Roles); i++ {
 		role := &sg.conf.Roles[i]
@ -105,16 +106,18 @@ func (sg *SuperGraph) buildMultiStmt(query, vars []byte) ([]stmt, error) {
 		stmts = append(stmts, stmt{role: role, qc: qc})
 		s := &stmts[len(stmts)-1]

-		s.md, err = sg.pc.Compile(w, qc, psql.Variables(vm))
+		md, err = sg.pc.CompileWithMetadata(w, qc, psql.Variables(vm), md)
 		if err != nil {
 			return nil, err
 		}

 		s.sql = w.String()
+		s.md = md
+
 		w.Reset()
 	}

-	sql, err := sg.renderUserQuery(stmts)
+	sql, err := sg.renderUserQuery(md, stmts)
 	if err != nil {
 		return nil, err
 	}
@ -124,7 +127,7 @@ func (sg *SuperGraph) buildMultiStmt(query, vars []byte) ([]stmt, error) {
 }

 //nolint: errcheck
-func (sg *SuperGraph) renderUserQuery(stmts []stmt) (string, error) {
+func (sg *SuperGraph) renderUserQuery(md psql.Metadata, stmts []stmt) (string, error) {
 	w := &bytes.Buffer{}

 	io.WriteString(w, `SELECT "_sg_auth_info"."role", (CASE "_sg_auth_info"."role" `)
@ -142,7 +145,7 @@ func (sg *SuperGraph) renderUserQuery(stmts []stmt) (string, error) {
 	}

 	io.WriteString(w, `END) FROM (SELECT (CASE WHEN EXISTS (`)
-	io.WriteString(w, sg.conf.RolesQuery)
+	md.RenderVar(w, sg.conf.RolesQuery)
 	io.WriteString(w, `) THEN `)

 	io.WriteString(w, `(SELECT (CASE`)
@ -158,7 +161,7 @@ func (sg *SuperGraph) renderUserQuery(stmts []stmt) (string, error) {
 	}

 	io.WriteString(w, ` ELSE 'user' END) FROM (`)
-	io.WriteString(w, sg.conf.RolesQuery)
+	md.RenderVar(w, sg.conf.RolesQuery)
 	io.WriteString(w, `) AS "_sg_auth_roles_query" LIMIT 1) `)
 	io.WriteString(w, `ELSE 'anon' END) FROM (VALUES (1)) AS "_sg_auth_filler") AS "_sg_auth_info"(role) LIMIT 1; `)

--- a/core/core.go
+++ b/core/core.go
@ -5,6 +5,7 @@ import (
 	"database/sql"
 	"encoding/json"
 	"fmt"
+	"hash/maphash"
 	"time"

 	"github.com/dosco/super-graph/core/internal/psql"
@ -124,7 +125,7 @@ func (c *scontext) execQuery() ([]byte, error) {
 		return nil, err
 	}

-	if len(data) == 0 || st.md.Skipped == 0 {
+	if len(data) == 0 || st.md.Skipped() == 0 {
 		return data, nil
 	}

@ -165,32 +166,45 @@ func (c *scontext) resolvePreparedSQL() ([]byte, *stmt, error) {

 	} else {
 		role = c.role
-
 	}

 	c.res.role = role

-	ps, ok := c.sg.prepared[stmtHash(c.res.name, role)]
+	h := maphash.Hash{}
+	h.SetSeed(c.sg.hashSeed)
+
+	q, ok := c.sg.queries[queryID(&h, c.res.name, role)]
 	if !ok {
 		return nil, nil, errNotFound
 	}
-	c.res.sql = ps.st.sql
+
+	if q.sd == nil {
+		q.Do(func() { c.sg.prepare(&q, role) })
+
+		if q.err != nil {
+			return nil, nil, err
+		}
+	}
+
+	c.res.sql = q.st.sql

 	var root []byte
 	var row *sql.Row

-	varsList, err := c.argList(ps.st.md)
+	varsList, err := c.argList(q.st.md)
 	if err != nil {
 		return nil, nil, err
 	}

+	fmt.Println(">>", varsList)
+
 	if useTx {
-		row = tx.Stmt(ps.sd).QueryRow(varsList...)
+		row = tx.Stmt(q.sd).QueryRow(varsList...)
 	} else {
-		row = ps.sd.QueryRow(varsList...)
+		row = q.sd.QueryRow(varsList...)
 	}

-	if ps.roleArg {
+	if q.roleArg {
 		err = row.Scan(&role, &root)
 	} else {
 		err = row.Scan(&root)
@ -204,15 +218,15 @@ func (c *scontext) resolvePreparedSQL() ([]byte, *stmt, error) {

 	if useTx {
 		if err := tx.Commit(); err != nil {
-			return nil, nil, err
+			return nil, nil, q.err
 		}
 	}

-	if root, err = c.sg.encryptCursor(ps.st.qc, root); err != nil {
+	if root, err = c.sg.encryptCursor(q.st.qc, root); err != nil {
 		return nil, nil, err
 	}

-	return root, &ps.st, nil
+	return root, &q.st, nil
 }

 func (c *scontext) resolveSQL() ([]byte, *stmt, error) {
--- a/core/init.go
+++ b/core/init.go
@ -75,13 +75,22 @@ func (sg *SuperGraph) initConfig() error {

 	if c.RolesQuery == "" {
 		sg.log.Printf("INF roles_query not defined: attribute based access control disabled")
+	} else {
+		n := 0
+		for k, v := range sg.roles {
+			if k == "user" || k == "anon" {
+				n++
+			} else if v.Match != "" {
+				n++
+			}
+		}
+		sg.abacEnabled = (n > 2)
+
+		if !sg.abacEnabled {
+			sg.log.Printf("WRN attribute based access control disabled: no custom roles found (with 'match' defined)")
+		}
 	}

-	_, userExists := sg.roles["user"]
-	_, sg.anonExists = sg.roles["anon"]
-
-	sg.abacEnabled = userExists && c.RolesQuery != ""
-
 	return nil
 }

--- a/core/internal/psql/columns.go
+++ b/core/internal/psql/columns.go
@ -1,4 +1,3 @@
-//nolint:errcheck
 package psql

 import (
@ -112,15 +111,15 @@ func (c *compilerContext) renderColumnSearchRank(sel *qcode.Select, ti *DBTableI
 	c.renderComma(columnsRendered)
 	//fmt.Fprintf(w, `ts_rank("%s"."%s", websearch_to_tsquery('%s')) AS %s`,
 	//c.sel.Name, cn, arg.Val, col.Name)
-	io.WriteString(c.w, `ts_rank(`)
+	_, _ = io.WriteString(c.w, `ts_rank(`)
 	colWithTable(c.w, ti.Name, cn)
 	if c.schema.ver >= 110000 {
-		io.WriteString(c.w, `, websearch_to_tsquery(`)
+		_, _ = io.WriteString(c.w, `, websearch_to_tsquery(`)
 	} else {
-		io.WriteString(c.w, `, to_tsquery(`)
+		_, _ = io.WriteString(c.w, `, to_tsquery(`)
 	}
-	c.renderValueExp(Param{Name: arg.Val, Type: "string"})
-	io.WriteString(c.w, `))`)
+	c.md.renderValueExp(c.w, Param{Name: arg.Val, Type: "string"})
+	_, _ = io.WriteString(c.w, `))`)
 	alias(c.w, col.Name)

 	return nil
@ -137,15 +136,15 @@ func (c *compilerContext) renderColumnSearchHeadline(sel *qcode.Select, ti *DBTa
 	c.renderComma(columnsRendered)
 	//fmt.Fprintf(w, `ts_headline("%s"."%s", websearch_to_tsquery('%s')) AS %s`,
 	//c.sel.Name, cn, arg.Val, col.Name)
-	io.WriteString(c.w, `ts_headline(`)
+	_, _ = io.WriteString(c.w, `ts_headline(`)
 	colWithTable(c.w, ti.Name, cn)
 	if c.schema.ver >= 110000 {
-		io.WriteString(c.w, `, websearch_to_tsquery(`)
+		_, _ = io.WriteString(c.w, `, websearch_to_tsquery(`)
 	} else {
-		io.WriteString(c.w, `, to_tsquery(`)
+		_, _ = io.WriteString(c.w, `, to_tsquery(`)
 	}
-	c.renderValueExp(Param{Name: arg.Val, Type: "string"})
-	io.WriteString(c.w, `))`)
+	c.md.renderValueExp(c.w, Param{Name: arg.Val, Type: "string"})
+	_, _ = io.WriteString(c.w, `))`)
 	alias(c.w, col.Name)

 	return nil
@ -157,9 +156,9 @@ func (c *compilerContext) renderColumnTypename(sel *qcode.Select, ti *DBTableInf
 	}

 	c.renderComma(columnsRendered)
-	io.WriteString(c.w, `(`)
+	_, _ = io.WriteString(c.w, `(`)
 	squoted(c.w, ti.Name)
-	io.WriteString(c.w, ` :: text)`)
+	_, _ = io.WriteString(c.w, ` :: text)`)
 	alias(c.w, col.Name)

 	return nil
@ -169,9 +168,9 @@ func (c *compilerContext) renderColumnFunction(sel *qcode.Select, ti *DBTableInf
 	pl := funcPrefixLen(c.schema.fm, col.Name)
 	// if pl == 0 {
 	// 	//fmt.Fprintf(w, `'%s not defined' AS %s`, cn, col.Name)
-	// 	io.WriteString(c.w, `'`)
-	// 	io.WriteString(c.w, col.Name)
-	// 	io.WriteString(c.w, ` not defined'`)
+	// 	_, _ = io.WriteString(c.w, `'`)
+	// 	_, _ = io.WriteString(c.w, col.Name)
+	// 	_, _ = io.WriteString(c.w, ` not defined'`)
 	// 	alias(c.w, col.Name)
 	// }

@ -190,10 +189,10 @@ func (c *compilerContext) renderColumnFunction(sel *qcode.Select, ti *DBTableInf
 	c.renderComma(columnsRendered)

 	//fmt.Fprintf(w, `%s("%s"."%s") AS %s`, fn, c.sel.Name, cn, col.Name)
-	io.WriteString(c.w, fn)
-	io.WriteString(c.w, `(`)
+	_, _ = io.WriteString(c.w, fn)
+	_, _ = io.WriteString(c.w, `(`)
 	colWithTable(c.w, ti.Name, cn)
-	io.WriteString(c.w, `)`)
+	_, _ = io.WriteString(c.w, `)`)
 	alias(c.w, col.Name)

 	return nil
@ -201,7 +200,7 @@ func (c *compilerContext) renderColumnFunction(sel *qcode.Select, ti *DBTableInf

 func (c *compilerContext) renderComma(columnsRendered int) {
 	if columnsRendered != 0 {
-		io.WriteString(c.w, `, `)
+		_, _ = io.WriteString(c.w, `, `)
 	}
 }

--- a/core/internal/psql/insert.go
+++ b/core/internal/psql/insert.go
@ -25,7 +25,7 @@ func (c *compilerContext) renderInsert(
 	if insert[0] == '[' {
 		io.WriteString(c.w, `json_array_elements(`)
 	}
-	c.renderValueExp(Param{Name: qc.ActionVar, Type: "json"})
+	c.md.renderValueExp(c.w, Param{Name: qc.ActionVar, Type: "json"})
 	io.WriteString(c.w, ` :: json`)
 	if insert[0] == '[' {
 		io.WriteString(c.w, `)`)
--- a/core/internal/psql/metadata.go
+++ b/core/internal/psql/metadata.go
@ -0,0 +1,61 @@
+package psql
+
+import (
+	"io"
+)
+
+func (md *Metadata) RenderVar(w io.Writer, vv string) {
+	f, s := -1, 0
+
+	for i := range vv {
+		v := vv[i]
+		switch {
+		case (i > 0 && vv[i-1] != '\\' && v == '$') || v == '$':
+			if (i - s) > 0 {
+				_, _ = io.WriteString(w, vv[s:i])
+			}
+			f = i
+
+		case (v < 'a' && v > 'z') &&
+			(v < 'A' && v > 'Z') &&
+			(v < '0' && v > '9') &&
+			v != '_' &&
+			f != -1 &&
+			(i-f) > 1:
+			md.renderValueExp(w, Param{Name: vv[f+1 : i]})
+			s = i
+			f = -1
+		}
+	}
+
+	if f != -1 && (len(vv)-f) > 1 {
+		md.renderValueExp(w, Param{Name: vv[f+1:]})
+	} else {
+		_, _ = io.WriteString(w, vv[s:])
+	}
+}
+
+func (md *Metadata) renderValueExp(w io.Writer, p Param) {
+	_, _ = io.WriteString(w, `$`)
+	if v, ok := md.pindex[p.Name]; ok {
+		int32String(w, int32(v))
+
+	} else {
+		md.params = append(md.params, p)
+		n := len(md.params)
+
+		if md.pindex == nil {
+			md.pindex = make(map[string]int)
+		}
+		md.pindex[p.Name] = n
+		int32String(w, int32(n))
+	}
+}
+
+func (md Metadata) Skipped() uint32 {
+	return md.skipped
+}
+
+func (md Metadata) Params() []Param {
+	return md.params
+}
--- a/core/internal/psql/mutate.go
+++ b/core/internal/psql/mutate.go
@ -432,11 +432,11 @@ func (c *compilerContext) renderInsertUpdateColumns(
 			val := root.PresetMap[cn]
 			switch {
 			case ok && len(val) > 1 && val[0] == '$':
-				c.renderValueExp(Param{Name: val[1:], Type: col.Type})
+				c.md.renderValueExp(c.w, Param{Name: val[1:], Type: col.Type})

 			case ok && strings.HasPrefix(val, "sql:"):
 				io.WriteString(c.w, `(`)
-				c.renderVar(val[4:], c.renderValueExp)
+				c.md.RenderVar(c.w, val[4:])
 				io.WriteString(c.w, `)`)

 			case ok:
--- a/core/internal/psql/query.go
+++ b/core/internal/psql/query.go
@ -25,8 +25,8 @@ type Param struct {
 }

 type Metadata struct {
-	Skipped uint32
-	Params  []Param
+	skipped uint32
+	params  []Param
 	pindex  map[string]int
 }

@ -80,26 +80,30 @@ func (co *Compiler) CompileEx(qc *qcode.QCode, vars Variables) (Metadata, []byte
 }

 func (co *Compiler) Compile(w io.Writer, qc *qcode.QCode, vars Variables) (Metadata, error) {
+	return co.CompileWithMetadata(w, qc, vars, Metadata{})
+}
+
+func (co *Compiler) CompileWithMetadata(w io.Writer, qc *qcode.QCode, vars Variables, md Metadata) (Metadata, error) {
+	md.skipped = 0
+
 	if qc == nil {
-		return Metadata{}, fmt.Errorf("qcode is nil")
+		return md, fmt.Errorf("qcode is nil")
 	}

 	switch qc.Type {
 	case qcode.QTQuery:
-		return co.compileQuery(w, qc, vars)
+		return co.compileQueryWithMetadata(w, qc, vars, md)

 	case qcode.QTInsert,
 		qcode.QTUpdate,
 		qcode.QTDelete,
 		qcode.QTUpsert:
 		return co.compileMutation(w, qc, vars)
+
+	default:
+		return Metadata{}, fmt.Errorf("Unknown operation type %d", qc.Type)
 	}

-	return Metadata{}, fmt.Errorf("Unknown operation type %d", qc.Type)
-}
-
-func (co *Compiler) compileQuery(w io.Writer, qc *qcode.QCode, vars Variables) (Metadata, error) {
-	return co.compileQueryWithMetadata(w, qc, vars, Metadata{})
 }

 func (co *Compiler) compileQueryWithMetadata(
@ -176,7 +180,7 @@ func (co *Compiler) compileQueryWithMetadata(
 			}

 			for _, cid := range sel.Children {
-				if hasBit(c.md.Skipped, uint32(cid)) {
+				if hasBit(c.md.skipped, uint32(cid)) {
 					continue
 				}
 				child := &c.s[cid]
@ -354,7 +358,7 @@ func (c *compilerContext) initSelect(sel *qcode.Select, ti *DBTableInfo, vars Va
 			if _, ok := colmap[rel.Left.Col]; !ok {
 				cols = append(cols, &qcode.Column{Table: ti.Name, Name: rel.Left.Col, FieldName: rel.Right.Col})
 				colmap[rel.Left.Col] = struct{}{}
-				c.md.Skipped |= (1 << uint(id))
+				c.md.skipped |= (1 << uint(id))
 			}

 		default:
@ -622,7 +626,7 @@ func (c *compilerContext) renderJoinColumns(sel *qcode.Select, ti *DBTableInfo,
 	i := colsRendered

 	for _, id := range sel.Children {
-		if hasBit(c.md.Skipped, uint32(id)) {
+		if hasBit(c.md.skipped, uint32(id)) {
 			continue
 		}
 		childSel := &c.s[id]
@ -804,7 +808,7 @@ func (c *compilerContext) renderCursorCTE(sel *qcode.Select) error {
 		quoted(c.w, ob.Col)
 	}
 	io.WriteString(c.w, ` FROM string_to_array(`)
-	c.renderValueExp(Param{Name: "cursor", Type: "json"})
+	c.md.renderValueExp(c.w, Param{Name: "cursor", Type: "json"})
 	io.WriteString(c.w, `, ',') as a) `)
 	return nil
 }
@ -1102,7 +1106,7 @@ func (c *compilerContext) renderOp(ex *qcode.Exp, ti *DBTableInfo) error {
 		} else {
 			io.WriteString(c.w, `) @@ to_tsquery(`)
 		}
-		c.renderValueExp(Param{Name: ex.Val, Type: "string"})
+		c.md.renderValueExp(c.w, Param{Name: ex.Val, Type: "string"})
 		io.WriteString(c.w, `))`)

 		return nil
@ -1191,7 +1195,7 @@ func (c *compilerContext) renderVal(ex *qcode.Exp, vars map[string]string, col *
 		switch {
 		case ok && strings.HasPrefix(val, "sql:"):
 			io.WriteString(c.w, `(`)
-			c.renderVar(val[4:], c.renderValueExp)
+			c.md.RenderVar(c.w, val[4:])
 			io.WriteString(c.w, `)`)

 		case ok:
@ -1199,7 +1203,7 @@ func (c *compilerContext) renderVal(ex *qcode.Exp, vars map[string]string, col *

 		case ex.Op == qcode.OpIn || ex.Op == qcode.OpNotIn:
 			io.WriteString(c.w, `(ARRAY(SELECT json_array_elements_text(`)
-			c.renderValueExp(Param{Name: ex.Val, Type: col.Type, IsArray: true})
+			c.md.renderValueExp(c.w, Param{Name: ex.Val, Type: col.Type, IsArray: true})
 			io.WriteString(c.w, `))`)

 			io.WriteString(c.w, ` :: `)
@ -1208,7 +1212,7 @@ func (c *compilerContext) renderVal(ex *qcode.Exp, vars map[string]string, col *
 			return

 		default:
-			c.renderValueExp(Param{Name: ex.Val, Type: col.Type, IsArray: false})
+			c.md.renderValueExp(c.w, Param{Name: ex.Val, Type: col.Type, IsArray: false})
 		}

 	case qcode.ValRef:
@ -1222,54 +1226,6 @@ func (c *compilerContext) renderVal(ex *qcode.Exp, vars map[string]string, col *
 	io.WriteString(c.w, col.Type)
 }

-func (c *compilerContext) renderValueExp(p Param) {
-	io.WriteString(c.w, `$`)
-	if v, ok := c.md.pindex[p.Name]; ok {
-		int32String(c.w, int32(v))
-
-	} else {
-		c.md.Params = append(c.md.Params, p)
-		n := len(c.md.Params)
-
-		if c.md.pindex == nil {
-			c.md.pindex = make(map[string]int)
-		}
-		c.md.pindex[p.Name] = n
-		int32String(c.w, int32(n))
-	}
-}
-
-func (c *compilerContext) renderVar(vv string, fn func(Param)) {
-	f, s := -1, 0
-
-	for i := range vv {
-		v := vv[i]
-		switch {
-		case (i > 0 && vv[i-1] != '\\' && v == '$') || v == '$':
-			if (i - s) > 0 {
-				io.WriteString(c.w, vv[s:i])
-			}
-			f = i
-
-		case (v < 'a' && v > 'z') &&
-			(v < 'A' && v > 'Z') &&
-			(v < '0' && v > '9') &&
-			v != '_' &&
-			f != -1 &&
-			(i-f) > 1:
-			fn(Param{Name: vv[f+1 : i]})
-			s = i
-			f = -1
-		}
-	}
-
-	if f != -1 && (len(vv)-f) > 1 {
-		fn(Param{Name: vv[f+1:]})
-	} else {
-		io.WriteString(c.w, vv[s:])
-	}
-}
-
 func funcPrefixLen(fm map[string]*DBFunction, fn string) int {
 	switch {
 	case strings.HasPrefix(fn, "avg_"):
--- a/core/internal/psql/update.go
+++ b/core/internal/psql/update.go
@ -22,7 +22,7 @@ func (c *compilerContext) renderUpdate(
 	}

 	io.WriteString(c.w, `WITH "_sg_input" AS (SELECT `)
-	c.renderValueExp(Param{Name: qc.ActionVar, Type: "json"})
+	c.md.renderValueExp(c.w, Param{Name: qc.ActionVar, Type: "json"})
 	// io.WriteString(c.w, qc.ActionVar)
 	io.WriteString(c.w, ` :: json AS j)`)

--- a/core/internal/qcode/parse_test.go
+++ b/core/internal/qcode/parse_test.go
@ -2,8 +2,9 @@ package qcode

 import (
 	"errors"
-	"github.com/chirino/graphql/schema"
 	"testing"
+
+	"github.com/chirino/graphql/schema"
 )

 func TestCompile1(t *testing.T) {
@ -130,6 +131,22 @@ updateThread {

 }

+func TestFragmentsCompile(t *testing.T) {
+	gql := `
+fragment userFields on user {
+  name
+  email
+}
+	
+query { users { ...userFields } }`
+	qcompile, _ := NewCompiler(Config{})
+	_, err := qcompile.Compile([]byte(gql), "anon")
+
+	if err == nil {
+		t.Fatal(errors.New("expecting an error"))
+	}
+}
+
 var gql = []byte(`
 	{products(
 		# returns only 30 items
--- a/core/prepare.go
+++ b/core/prepare.go
@ -2,120 +2,94 @@ package core

 import (
 	"bytes"
-	"context"
-	"crypto/sha256"
 	"database/sql"
-	"encoding/hex"
 	"fmt"
+	"hash/maphash"
 	"io"
 	"strings"
+	"sync"

 	"github.com/dosco/super-graph/core/internal/allow"
 	"github.com/dosco/super-graph/core/internal/qcode"
 )

-type preparedItem struct {
+type query struct {
+	sync.Once
 	sd      *sql.Stmt
+	ai      allow.Item
+	qt      qcode.QType
+	err     error
 	st      stmt
 	roleArg bool
 }

-func (sg *SuperGraph) initPrepared() error {
-	ct := context.Background()
+func (sg *SuperGraph) prepare(q *query, role string) {
+	var stmts []stmt
+	var err error

+	qb := []byte(q.ai.Query)
+
+	switch q.qt {
+	case qcode.QTQuery:
+		if sg.abacEnabled {
+			stmts, err = sg.buildMultiStmt(qb, q.ai.Vars)
+		} else {
+			stmts, err = sg.buildRoleStmt(qb, q.ai.Vars, role)
+		}
+
+	case qcode.QTMutation:
+		stmts, err = sg.buildRoleStmt(qb, q.ai.Vars, role)
+	}
+
+	if err != nil {
+		sg.log.Printf("WRN %s %s: %v", q.qt, q.ai.Name, err)
+	}
+
+	q.st = stmts[0]
+	q.roleArg = len(stmts) > 1
+
+	q.sd, err = sg.db.Prepare(q.st.sql)
+	if err != nil {
+		q.err = fmt.Errorf("prepare failed: %v: %s", err, q.st.sql)
+	}
+}
+
+func (sg *SuperGraph) initPrepared() error {
 	if sg.allowList.IsPersist() {
 		return nil
 	}
-	sg.prepared = make(map[string]*preparedItem)

-	tx, err := sg.db.BeginTx(ct, nil)
-	if err != nil {
-		return err
-	}
-	defer tx.Rollback() //nolint: errcheck
-
-	if err = sg.prepareRoleStmt(tx); err != nil {
-		return fmt.Errorf("prepareRoleStmt: %w", err)
+	if err := sg.prepareRoleStmt(); err != nil {
+		return fmt.Errorf("role query: %w", err)
 	}

-	if err := tx.Commit(); err != nil {
-		return err
-	}
-
-	success := 0
+	sg.queries = make(map[uint64]query)

 	list, err := sg.allowList.Load()
 	if err != nil {
 		return err
 	}

+	h := maphash.Hash{}
+	h.SetSeed(sg.hashSeed)
+
 	for _, v := range list {
 		if len(v.Query) == 0 {
 			continue
 		}
+		qt := qcode.GetQType(v.Query)

-		err := sg.prepareStmt(v)
-		if err != nil {
-			return err
-		} else {
-			success++
-		}
-	}
+		switch qt {
+		case qcode.QTQuery:
+			sg.queries[queryID(&h, v.Name, "user")] = query{ai: v, qt: qt}

-	sg.log.Printf("INF allow list: prepared %d / %d queries", success, len(list))
-
-	return nil
-}
-
-func (sg *SuperGraph) prepareStmt(item allow.Item) error {
-	query := item.Query
-	qb := []byte(query)
-	vars := item.Vars
-
-	qt := qcode.GetQType(query)
-	ct := context.Background()
-
-	switch qt {
-	case qcode.QTQuery:
-		var stmts1 []stmt
-		var err error
-
-		if sg.abacEnabled {
-			stmts1, err = sg.buildMultiStmt(qb, vars)
-		} else {
-			stmts1, err = sg.buildRoleStmt(qb, vars, "user")
-		}
-
-		if err == nil {
-			if err = sg.prepare(ct, stmts1, stmtHash(item.Name, "user")); err != nil {
-				return err
+			if sg.anonExists {
+				sg.queries[queryID(&h, v.Name, "anon")] = query{ai: v, qt: qt}
 			}
-		} else {
-			sg.log.Printf("WRN query %s: %v", item.Name, err)
-		}

-		if sg.anonExists {
-			stmts2, err := sg.buildRoleStmt(qb, vars, "anon")
-
-			if err == nil {
-				if err = sg.prepare(ct, stmts2, stmtHash(item.Name, "anon")); err != nil {
-					return err
-				}
-			} else {
-				sg.log.Printf("WRN query %s: %v", item.Name, err)
-			}
-		}
-
-	case qcode.QTMutation:
-		for _, role := range sg.conf.Roles {
-			stmts, err := sg.buildRoleStmt(qb, vars, role.Name)
-
-			if err == nil {
-				if err = sg.prepare(ct, stmts, stmtHash(item.Name, role.Name)); err != nil {
-					return err
-				}
-			} else {
-				sg.log.Printf("WRN mutation %s: %v", item.Name, err)
+		case qcode.QTMutation:
+			for _, role := range sg.conf.Roles {
+				sg.queries[queryID(&h, v.Name, role.Name)] = query{ai: v, qt: qt}
 			}
 		}
 	}
@ -123,22 +97,8 @@ func (sg *SuperGraph) prepareStmt(item allow.Item) error {
 	return nil
 }

-func (sg *SuperGraph) prepare(ct context.Context, st []stmt, key string) error {
-	sd, err := sg.db.PrepareContext(ct, st[0].sql)
-	if err != nil {
-		return fmt.Errorf("prepare failed: %v: %s", err, st[0].sql)
-	}
-
-	sg.prepared[key] = &preparedItem{
-		sd:      sd,
-		st:      st[0],
-		roleArg: len(st) > 1,
-	}
-	return nil
-}
-
 // nolint: errcheck
-func (sg *SuperGraph) prepareRoleStmt(tx *sql.Tx) error {
+func (sg *SuperGraph) prepareRoleStmt() error {
 	var err error

 	if !sg.abacEnabled {
@ -165,11 +125,11 @@ func (sg *SuperGraph) prepareRoleStmt(tx *sql.Tx) error {
 	}

 	io.WriteString(w, ` ELSE $2 END) FROM (`)
-	io.WriteString(w, sg.conf.RolesQuery)
+	io.WriteString(w, rq)
 	io.WriteString(w, `) AS "_sg_auth_roles_query" LIMIT 1) `)
 	io.WriteString(w, `ELSE 'anon' END) FROM (VALUES (1)) AS "_sg_auth_filler" LIMIT 1; `)

-	sg.getRole, err = tx.Prepare(w.String())
+	sg.getRole, err = sg.db.Prepare(w.String())
 	if err != nil {
 		return err
 	}
@ -200,9 +160,11 @@ func (sg *SuperGraph) initAllowList() error {
 }

 // nolint: errcheck
-func stmtHash(name string, role string) string {
-	h := sha256.New()
-	io.WriteString(h, strings.ToLower(name))
-	io.WriteString(h, role)
-	return hex.EncodeToString(h.Sum(nil))
+func queryID(h *maphash.Hash, name string, role string) uint64 {
+	h.WriteString(name)
+	h.WriteString(role)
+	v := h.Sum64()
+	h.Reset()
+
+	return v
 }
--- a/core/remote.go
+++ b/core/remote.go
@ -4,10 +4,10 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
+	"hash/maphash"
 	"net/http"
 	"sync"

-	"github.com/cespare/xxhash/v2"
 	"github.com/dosco/super-graph/core/internal/qcode"
 	"github.com/dosco/super-graph/jsn"
 )
@ -16,12 +16,13 @@ func (sg *SuperGraph) execRemoteJoin(st *stmt, data []byte, hdr http.Header) ([]
 	var err error

 	sel := st.qc.Selects
-	h := xxhash.New()
+	h := maphash.Hash{}
+	h.SetSeed(sg.hashSeed)

 	// fetch the field name used within the db response json
 	// that are used to mark insertion points and the mapping between
 	// those field names and their select objects
-	fids, sfmap := sg.parentFieldIds(h, sel, st.md.Skipped)
+	fids, sfmap := sg.parentFieldIds(&h, sel, st.md.Skipped())

 	// fetch the field values of the marked insertion points
 	// these values contain the id to be used with fetching remote data
@ -30,10 +31,10 @@ func (sg *SuperGraph) execRemoteJoin(st *stmt, data []byte, hdr http.Header) ([]

 	switch {
 	case len(from) == 1:
-		to, err = sg.resolveRemote(hdr, h, from[0], sel, sfmap)
+		to, err = sg.resolveRemote(hdr, &h, from[0], sel, sfmap)

 	case len(from) > 1:
-		to, err = sg.resolveRemotes(hdr, h, from, sel, sfmap)
+		to, err = sg.resolveRemotes(hdr, &h, from, sel, sfmap)

 	default:
 		return nil, errors.New("something wrong no remote ids found in db response")
@ -55,7 +56,7 @@ func (sg *SuperGraph) execRemoteJoin(st *stmt, data []byte, hdr http.Header) ([]

 func (sg *SuperGraph) resolveRemote(
 	hdr http.Header,
-	h *xxhash.Digest,
+	h *maphash.Hash,
 	field jsn.Field,
 	sel []qcode.Select,
 	sfmap map[uint64]*qcode.Select) ([]jsn.Field, error) {
@ -66,7 +67,8 @@ func (sg *SuperGraph) resolveRemote(
 	to := toA[:1]

 	// use the json key to find the related Select object
-	k1 := xxhash.Sum64(field.Key)
+	_, _ = h.Write(field.Key)
+	k1 := h.Sum64()

 	s, ok := sfmap[k1]
 	if !ok {
@ -117,7 +119,7 @@ func (sg *SuperGraph) resolveRemote(

 func (sg *SuperGraph) resolveRemotes(
 	hdr http.Header,
-	h *xxhash.Digest,
+	h *maphash.Hash,
 	from []jsn.Field,
 	sel []qcode.Select,
 	sfmap map[uint64]*qcode.Select) ([]jsn.Field, error) {
@ -134,7 +136,8 @@ func (sg *SuperGraph) resolveRemotes(
 	for i, id := range from {

 		// use the json key to find the related Select object
-		k1 := xxhash.Sum64(id.Key)
+		_, _ = h.Write(id.Key)
+		k1 := h.Sum64()

 		s, ok := sfmap[k1]
 		if !ok {
@ -192,7 +195,7 @@ func (sg *SuperGraph) resolveRemotes(
 	return to, cerr
 }

-func (sg *SuperGraph) parentFieldIds(h *xxhash.Digest, sel []qcode.Select, skipped uint32) (
+func (sg *SuperGraph) parentFieldIds(h *maphash.Hash, sel []qcode.Select, skipped uint32) (
 	[][]byte,
 	map[uint64]*qcode.Select) {

@ -227,8 +230,8 @@ func (sg *SuperGraph) parentFieldIds(h *xxhash.Digest, sel []qcode.Select, skipp
 			fm[n] = r.IDField
 			n++

-			k := xxhash.Sum64(r.IDField)
-			sm[k] = s
+			_, _ = h.Write(r.IDField)
+			sm[h.Sum64()] = s
 		}
 	}

--- a/core/resolve.go
+++ b/core/resolve.go
@ -2,11 +2,11 @@ package core

 import (
 	"fmt"
+	"hash/maphash"
 	"io/ioutil"
 	"net/http"
 	"strings"

-	"github.com/cespare/xxhash/v2"
 	"github.com/dosco/super-graph/core/internal/psql"
 	"github.com/dosco/super-graph/jsn"
 )
@ -19,7 +19,7 @@ type resolvFn struct {

 func (sg *SuperGraph) initResolvers() error {
 	var err error
-	sg.rmap = make(map[uint64]*resolvFn)
+	sg.rmap = make(map[uint64]resolvFn)

 	for _, t := range sg.conf.Tables {
 		err = sg.initRemotes(t)
@ -36,7 +36,8 @@ func (sg *SuperGraph) initResolvers() error {
 }

 func (sg *SuperGraph) initRemotes(t Table) error {
-	h := xxhash.New()
+	h := maphash.Hash{}
+	h.SetSeed(sg.hashSeed)

 	for _, r := range t.Remotes {
 		// defines the table column to be used as an id in the
@ -75,17 +76,18 @@ func (sg *SuperGraph) initRemotes(t Table) error {
 			path = append(path, []byte(p))
 		}

-		rf := &resolvFn{
+		rf := resolvFn{
 			IDField: []byte(idk),
 			Path:    path,
 			Fn:      fn,
 		}

 		// index resolver obj by parent and child names
-		sg.rmap[mkkey(h, r.Name, t.Name)] = rf
+		sg.rmap[mkkey(&h, r.Name, t.Name)] = rf

 		// index resolver obj by IDField
-		sg.rmap[xxhash.Sum64(rf.IDField)] = rf
+		_, _ = h.Write(rf.IDField)
+		sg.rmap[h.Sum64()] = rf
 	}

 	return nil
--- a/core/utils.go
+++ b/core/utils.go
@ -1,11 +1,9 @@
 package core

-import (
-	"github.com/cespare/xxhash/v2"
-)
+import "hash/maphash"

 // nolint: errcheck
-func mkkey(h *xxhash.Digest, k1 string, k2 string) uint64 {
+func mkkey(h *maphash.Hash, k1 string, k2 string) uint64 {
 	h.WriteString(k1)
 	h.WriteString(k2)
 	v := h.Sum64()
--- a/docs/website/docusaurus.config.js
+++ b/docs/website/docusaurus.config.js
@ -36,8 +36,8 @@ module.exports = {
          position: "left",
        },
        {
-          label: "Art Compute",
-          href: "https://artcompute.com/s/super-graph",
+          label: "AbtCode",
+          href: "https://abtcode.com/s/super-graph",
          position: "left",
        },
      ],
--- a/go.mod
+++ b/go.mod
@ -12,13 +12,11 @@ require (
 	github.com/adjust/gorails v0.0.0-20171013043634-2786ed0c03d3
 	github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b
 	github.com/brianvoe/gofakeit/v5 v5.2.0
-	github.com/cespare/xxhash/v2 v2.1.1
 	github.com/chirino/graphql v0.0.0-20200430165312-293648399b1a
 	github.com/daaku/go.zipexe v1.0.1 // indirect
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/dlclark/regexp2 v1.2.0 // indirect
 	github.com/dop251/goja v0.0.0-20200424152103-d0b8fda54cd0
-	github.com/dvyukov/go-fuzz v0.0.0-20200318091601-be3528f3a813 // indirect
 	github.com/fsnotify/fsnotify v1.4.9
 	github.com/garyburd/redigo v1.6.0
 	github.com/go-sourcemap/sourcemap v2.1.3+incompatible // indirect
@ -30,7 +28,6 @@ require (
 	github.com/openzipkin/zipkin-go v0.2.2
 	github.com/pelletier/go-toml v1.7.0 // indirect
 	github.com/pkg/errors v0.9.1
-	github.com/prometheus/common v0.4.0
 	github.com/rs/cors v1.7.0
 	github.com/spf13/afero v1.2.2 // indirect
 	github.com/spf13/cast v1.3.1 // indirect
--- a/go.sum
+++ b/go.sum
@ -55,8 +55,6 @@ github.com/census-instrumentation/opencensus-proto v0.2.1 h1:glEXhBS5PSLLv4IXzLA
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
-github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
-github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chirino/graphql v0.0.0-20200430165312-293648399b1a h1:WVu7r2vwlrBVmunbSSU+9/3M3AgsQyhE49CKDjHiFq4=
 github.com/chirino/graphql v0.0.0-20200430165312-293648399b1a/go.mod h1:wQjjxFMFyMlsWh4Z3nMuHQtevD4Ul9UVQSnz1JOLuP8=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
@ -87,8 +85,6 @@ github.com/dlclark/regexp2 v1.2.0 h1:8sAhBGEM0dRWogWqWyQeIJnxjWO6oIjl8FKqREDsGfk
 github.com/dlclark/regexp2 v1.2.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
 github.com/dop251/goja v0.0.0-20200424152103-d0b8fda54cd0 h1:EfFAcaAwGai/wlDCWwIObHBm3T2C2CCPX/SaS0fpOJ4=
 github.com/dop251/goja v0.0.0-20200424152103-d0b8fda54cd0/go.mod h1:Mw6PkjjMXWbTj+nnj4s3QPXq1jaT0s5pC0iFD4+BOAA=
-github.com/dvyukov/go-fuzz v0.0.0-20200318091601-be3528f3a813 h1:NgO45/5mBLRVfiXerEFzH6ikcZ7DNRPS639xFg3ENzU=
-github.com/dvyukov/go-fuzz v0.0.0-20200318091601-be3528f3a813/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw=
 github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
 github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
 github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
--- a/internal/serv/cmd_seed.go
+++ b/internal/serv/cmd_seed.go
@ -82,8 +82,6 @@ func graphQLFunc(sg *core.SuperGraph, query string, data interface{}, opt map[st

 	if v, ok := opt["user_id"]; ok && len(v) != 0 {
 		ct = context.WithValue(ct, core.UserIDKey, v)
-	} else {
-		ct = context.WithValue(ct, core.UserIDKey, "-1")
 	}

 	// var role string
--- a/internal/serv/internal/migrate/migrate.go
+++ b/internal/serv/internal/migrate/migrate.go
@ -6,9 +6,11 @@ import (
 	"database/sql"
 	"fmt"
 	"io/ioutil"
+	"log"
 	"os"
 	"path/filepath"
 	"regexp"
+	"sort"
 	"strconv"
 	"strings"
 	"text/template"
@ -105,39 +107,40 @@ func (defaultMigratorFS) Glob(pattern string) ([]string, error) {
 func FindMigrationsEx(path string, fs MigratorFS) ([]string, error) {
 	path = strings.TrimRight(path, string(filepath.Separator))

-	fileInfos, err := fs.ReadDir(path)
+	files, err := ioutil.ReadDir(path)
 	if err != nil {
-		return nil, err
+		log.Fatal(err)
 	}

-	paths := make([]string, 0, len(fileInfos))
-	for _, fi := range fileInfos {
+	fm := make(map[int]string, len(files))
+	keys := make([]int, 0, len(files))
+
+	for _, fi := range files {
 		if fi.IsDir() {
 			continue
 		}

 		matches := migrationPattern.FindStringSubmatch(fi.Name())
+
 		if len(matches) != 2 {
 			continue
 		}

-		n, err := strconv.ParseInt(matches[1], 10, 32)
+		n, err := strconv.Atoi(matches[1])
 		if err != nil {
 			// The regexp already validated that the prefix is all digits so this *should* never fail
 			return nil, err
 		}

-		mcount := len(paths)
+		fm[n] = filepath.Join(path, fi.Name())
+		keys = append(keys, n)
+	}

-		if n < int64(mcount) {
-			return nil, fmt.Errorf("Duplicate migration %d", n)
-		}
+	sort.Ints(keys)

-		if int64(mcount) < n {
-			return nil, fmt.Errorf("Missing migration %d", mcount)
-		}
-
-		paths = append(paths, filepath.Join(path, fi.Name()))
+	paths := make([]string, 0, len(keys))
+	for _, k := range keys {
+		paths = append(paths, fm[k])
 	}

 	return paths, nil
--- a/jsn/bench.1
+++ b/jsn/bench.1
@ -0,0 +1,13 @@
+goos: darwin
+goarch: amd64
+pkg: github.com/dosco/super-graph/jsn
+BenchmarkGet
+BenchmarkGet-16        	   13898	     85293 ns/op	    3328 B/op	       2 allocs/op
+BenchmarkFilter
+BenchmarkFilter-16     	  189328	      6341 ns/op	     448 B/op	       1 allocs/op
+BenchmarkStrip
+BenchmarkStrip-16      	  219765	      5543 ns/op	     224 B/op	       1 allocs/op
+BenchmarkReplace
+BenchmarkReplace-16    	  100899	     12022 ns/op	     416 B/op	       1 allocs/op
+PASS
+ok  	github.com/dosco/super-graph/jsn	6.029s
--- a/jsn/filter.go
+++ b/jsn/filter.go
@ -2,17 +2,19 @@ package jsn

 import (
 	"bytes"
-
-	"github.com/cespare/xxhash/v2"
+	"hash/maphash"
 )

 // Filter function filters the JSON keeping only the provided keys and removing all others
 func Filter(w *bytes.Buffer, b []byte, keys []string) error {
 	var err error
 	kmap := make(map[uint64]struct{}, len(keys))
+	h := maphash.Hash{}

 	for i := range keys {
-		kmap[xxhash.Sum64String(keys[i])] = struct{}{}
+		_, _ = h.WriteString(keys[i])
+		kmap[h.Sum64()] = struct{}{}
+		h.Reset()
 	}

 	// is an list
@ -132,7 +134,11 @@ func Filter(w *bytes.Buffer, b []byte, keys []string) error {
 			cb := b[s:(e + 1)]
 			e = 0

-			if _, ok := kmap[xxhash.Sum64(k)]; !ok {
+			_, _ = h.Write(k)
+			_, ok := kmap[h.Sum64()]
+			h.Reset()
+
+			if !ok {
 				continue
 			}

--- a/jsn/get.go
+++ b/jsn/get.go
@ -1,7 +1,7 @@
 package jsn

 import (
-	"github.com/cespare/xxhash/v2"
+	"hash/maphash"
 )

 const (
@ -41,9 +41,12 @@ func Value(b []byte) []byte {
 // Keys function fetches values for the provided keys
 func Get(b []byte, keys [][]byte) []Field {
 	kmap := make(map[uint64]struct{}, len(keys))
+	h := maphash.Hash{}

 	for i := range keys {
-		kmap[xxhash.Sum64(keys[i])] = struct{}{}
+		_, _ = h.Write(keys[i])
+		kmap[h.Sum64()] = struct{}{}
+		h.Reset()
 	}

 	res := make([]Field, 0, 20)
@ -141,7 +144,9 @@ func Get(b []byte, keys [][]byte) []Field {
 		}

 		if e != 0 {
-			_, ok := kmap[xxhash.Sum64(k)]
+			_, _ = h.Write(k)
+			_, ok := kmap[h.Sum64()]
+			h.Reset()

 			if ok {
 				res = append(res, Field{k, b[s:(e + 1)]})
--- a/jsn/replace.go
+++ b/jsn/replace.go
@ -3,8 +3,7 @@ package jsn
 import (
 	"bytes"
 	"errors"
-
-	"github.com/cespare/xxhash/v2"
+	"hash/maphash"
 )

 // Replace function replaces key-value pairs provided in the `from` argument with those in the `to` argument
@ -18,7 +17,7 @@ func Replace(w *bytes.Buffer, b []byte, from, to []Field) error {
 		return err
 	}

-	h := xxhash.New()
+	h := maphash.Hash{}
 	tmap := make(map[uint64]int, len(from))

 	for i, f := range from {
Author	SHA1	Message	Date
Vikram Rangnekar	bd157290f6	fix: bug with parsing variables in roles_query	2020-06-04 21:55:52 -04:00
Vikram Rangnekar	82cc712a93	fix: bug with shared pointer in new jit mode	2020-06-03 18:19:07 -04:00
Vikram Rangnekar	0ce129de14	fix: remove upx install from dockerfile	2020-06-03 01:42:10 -04:00
Vikram Rangnekar	1a15e433ba	feat: make query preperation a JIT operation to improve startup time	2020-06-03 01:03:12 -04:00