> If sqlx is an important crate, and not stable yet, upgrading it without reading the changelog is honestly a flaw in your team process

It’s not in the changelog though, this is an update of a transitive dependency that inadvertently changed the default behavior. sqlx didn’t document this because they didn’t even know it changed.

Even if it was a documented change, our process caught it because it was caught by CI. The issue itself was only a result of how our CI was configured (we had a database url with a domain socket path that didn’t explicitly specify a username, and we inadvertently relied on the default of “the current user”, which the whoami crate now defaults to “anonymous”.) I don’t see an issue in our “team process” (whatever that means) at all.