Go Snowflake Driver release notes for 2026¶

Added the QueryResultFormatProvider interface, which exposes the server-reported query result format (Arrow or JSON) from QueryArrowStream. This interface enables callers to distinguish Arrow IPC from JSON responses before interpreting batch streams.

Fixed an issue where the Account field was empty when connecting with programmatic Config and database/sql.Connector. The driver now derives Account from the first DNS label of Host when it matches the Snowflake hostname pattern.

Fixed the PAT (Programmatic Access Token) authenticator to properly require the Token or TokenFilePath field. Previously, the authenticator would silently accept the Password field but never forward it to the authentication service.

Fixed the logger reporting incorrect source locations when called without WithContext.

Fixed GCP workload identity federation (WIF) attestation to use hostname metadata.google.internal instead of the IPv4 link-local address, enabling support for IPv6-only GCP VMs.

Fixed query failures on large inline results (such as 64 MB LOBs) caused by truncated HTTP response bodies. The driver now retries the query when json.Decoder returns io.ErrUnexpectedEOF, reusing the same request ID to retrieve the cached result from Snowflake.

Reduced the default CrlDownloadMaxSize setting from 200 MB to 20 MB to prevent potential out-of-memory errors.

Fixed an issue where parameter values could change across connections in the same connection pool.

Fixed Azure multi-part file uploads to properly populate the blob content-MD5 property.

Fixed 403 errors from Google Cloud Storage PUT queries on versioned stages.

Fixed the query context cache not being updated for failed queries, which could result in stale session data.

Improved connection handling performance by optimizing parameter synchronization.

Moved configuration to a dedicated internal package.

Modernized Go syntax idioms throughout the codebase.

Added libc family, version, and dynamic linking marker to client environment telemetry.

Updated dependencies to address security vulnerabilities:

• golang.org/x/crypto from v0.41.0 to v0.46.0

• golang.org/x/net from v0.43.0 to v0.48.0

• golang.org/x/oauth2 from v0.30.0 to v0.34.0

• golang.org/x/sys from v0.35.0 to v0.40.0

• golang.org/x/mod from v0.27.0 to v0.30.0

• golang.org/x/sync from v0.16.0 to v0.19.0

• golang.org/x/term from v0.34.0 to v0.38.0

• golang.org/x/text from v0.28.0 to v0.32.0

• golang.org/x/tools from v0.36.0 to v0.39.0

• google.golang.org/grpc from v1.73.0 to v1.79.3

• google.golang.org/protobuf from v1.36.6 to v1.36.10

• OpenTelemetry packages from v1.37.0 to v1.40.0

Removed pointer indirection from query context cache in snowflakeConn.

Added support for Go 1.26 and dropped support for Go 1.23.

Fixed minicore crashes (SIGFPE) on fully statically linked Linux binaries by detecting static linking via ELF PT_INTERP inspection and skipping dlopen gracefully.

Added libc family, version, and dynamic linking marker to client environment telemetry.

Removed RaisePutGetError from SnowflakeFileTransferOptions to ensure errors are raised for PUT/GET operations.

Removed GetFileToStream from SnowflakeFileTransferOptions. Use WithFileGetStream to automatically enable file streaming for GET operations.

Removed WithOriginalTimestamp. Use WithArrowBatchesTimestampOption(UseOriginalTimestamp) instead.

Removed the ClientIP field from the Config struct. This field was never used and is not needed for any functionality.

Removed the InsecureMode field from Config struct. Use DisableOCSPChecks instead.

Removed the DisableTelemetry field from the Config struct. Use the CLIENT_TELEMETRY_ENABLED session parameter instead.

Removed the stream chunk downloader. Use the default downloader instead.

Removed SnowflakeTransport. Use Config.Transporter, or simply register your own TLS configuration with RegisterTLSConfig if you just need a custom root certificates set.

Renamed WithFileStream to WithFilePutStream for consistency.

Renamed the KeepSessionAlive field in the Config struct to ServerSessionKeepAlive for consistency with other drivers.

The Array function now returns an error for unsupported types.

WithMultiStatement no longer returns an error.

Combined WithMapValuesNullable and WithArrayValuesNullable into the single WithEmbeddedValuesNullable option.

Hid the streaming chunk downloader. It will be removed completely in a future release.

The maximum number of chunk download goroutines is now configured with the CLIENT_PREFETCH_THREADS session parameter.

Fixed a typo in the GOSNOWFLAKE_SKIP_REGISTRATION environment variable.

Unexported MfaToken and IdToken.

Arrow batches changes:

• Arrow batches have been extracted to a separate package, which should significantly reduce the compilation size for those who don’t need arrow batches (~34MB -> ~18MB).

• Removed GetArrowBatches from SnowflakeRows and SnowflakeResult. Use arrowbatches.GetArrowBatches(rows.(SnowflakeRows)) instead.

• Migrated the following functions:

  • sf.WithArrowBatchesTimestampOption to arrowbatches.WithTimestampOption

  • sf.WithArrowBatchesUtf8Validation to arrowbatches.WithUtf8Validation

  • sf.ArrowSnowflakeTimestampToTime to arrowbatches.ArrowSnowflakeTimestampToTime

Logging changes:

• Removed the Logrus logger and migrated to slog.

• Simplified the SFLogger interface.

• Added the SFSlogLogger interface for setting a custom slog handler.

Added support for Go 1.26, and dropped support for Go 1.23.

Added support for FIPS-only mode.

Added a panic recovery block for stage file upload and download operations.

Fixed a WIF metadata request from an Azure container that manifested as an HTTP 400 error.

Fixed a SAML authentication port validation bypass in isPrefixEqual where the second URL’s port was never checked.

Fixed a race condition in the OCSP cache clearer.

The context.Context query is now propagated to cloud storage operations for PUT and GET queries, allowing for better cancellation handling.

Fixed minicore crashes (SIGFPE) on fully statically linked Linux binaries by detecting static linking via ELF PT_INTERP inspection and skipping dlopen gracefully.

Exposed tokenFilePath in the Config struct, in addition to the existing DSN option.

tokenFilePath is now read for every new connection, not only once at driver startup.

Added support for identity impersonation when using workload identity federation.

Added the ability to disable minicore from loading at compile time using the -tags minicore_disabled parameter.

Fixed an issue with getting files from an unencrypted stage.

Fixed the minicore file name gathering in client environment.

Fixed path escaping for GCS URLs that manifested in 403 responses from GCS when a file or directory contained spaces.

Fixed leaking file descriptors when uploading files to stages (especially in GCS).