Releases: exasol/exasol-virtual-schema-lua
0.5.4: Fix CVE-2024-25710, CVE-2024-26308 in test dependencies
Summary
In this security release we fixed CVE-2024-25710 and CVE-2024-26308 by updating test dependencies that contained the vulnerable org.apache.commons:commons-compress
1.24.0.
Features
- 50: Fixed CVE-2024-25710 in test dependency
- 51: Fixed CVE-2024-26308 in test dependency
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.6.3
to7.0.1
- Updated
com.exasol:hamcrest-resultset-matcher:1.6.2
to1.6.5
- Updated
com.exasol:test-db-builder-java:3.5.2
to3.5.4
- Updated
org.junit.jupiter:junit-jupiter-api:5.10.1
to5.10.2
- Updated
org.junit.jupiter:junit-jupiter-params:5.10.1
to5.10.2
- Updated
org.slf4j:slf4j-jdk14:2.0.9
to2.0.12
- Updated
org.testcontainers:junit-jupiter:1.19.2
to1.19.7
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:2.9.16
to4.1.0
- Updated
org.apache.maven.plugins:maven-compiler-plugin:3.11.0
to3.12.1
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.2.2
to3.2.5
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.2.2
to3.2.5
- Added
org.apache.maven.plugins:maven-toolchains-plugin:3.1.0
- Updated
org.codehaus.mojo:flatten-maven-plugin:1.5.0
to1.6.0
- Updated
org.codehaus.mojo:versions-maven-plugin:2.16.1
to2.16.2
- Updated
org.itsallcode:openfasttrace-maven-plugin:1.6.2
to1.8.0
0.5.3: Fix CVE-2023-4043 in test dependency `org.eclipse.parsson:parsson`
Summary
This release fixes vulnerability CVE-2023-4043 in test dependency org.eclipse.parsson:parsson
.
Security
- #48: Fixed CVE-2023-4043 in test dependency
org.eclipse.parsson:parsson
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.6.2
to6.6.3
- Updated
com.exasol:hamcrest-resultset-matcher:1.6.1
to1.6.2
- Updated
com.exasol:test-db-builder-java:3.5.1
to3.5.2
- Updated
org.junit.jupiter:junit-jupiter-api:5.10.0
to5.10.1
- Updated
org.junit.jupiter:junit-jupiter-params:5.10.0
to5.10.1
- Updated
org.testcontainers:junit-jupiter:1.19.1
to1.19.2
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:2.9.12
to2.9.16
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.4.0
to3.4.1
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.1.2
to3.2.2
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.1.2
to3.2.2
- Updated
org.codehaus.mojo:versions-maven-plugin:2.16.0
to2.16.1
- Updated
org.jacoco:jacoco-maven-plugin:0.8.10
to0.8.11
- Updated
org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184
to3.10.0.2594
0.5.2: Fix CVE-2023-42503 in test dependency
In this release we replaced a testing dependency that was vulnerable to CVE-2023-42503. Production code was not affected.
We also changed the namespace for the virtual schema adapter in the code from exasolvs
to exasol.evsl
for uniformity across projects. This has no impact on the function of the virtual schema.
Features
- #38: Changed namespace
exasolvs
toexasol.evsl
- #45: Fixed CVE-2023-42503 in test dependency
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.6.1
to6.6.2
- Updated
com.exasol:hamcrest-resultset-matcher:1.6.0
to1.6.1
- Updated
com.exasol:test-db-builder-java:3.4.2
to3.5.1
- Updated
org.junit.jupiter:junit-jupiter-api:5.9.3
to5.10.0
- Updated
org.junit.jupiter:junit-jupiter-params:5.9.3
to5.10.0
- Updated
org.slf4j:slf4j-jdk14:2.0.7
to2.0.9
- Updated
org.testcontainers:junit-jupiter:1.18.3
to1.19.1
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:2.9.9
to2.9.12
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.3.0
to3.4.0
0.5.1: Fix Issue With Integer Constants in `GROUP BY`
Summary
This release fixes an issue with queries using DISTINCT
with integer constants. The Exasol SQL processor turns DISTINCT <integer>
into GROUP BY <integer>
before push-down as an optimization. The adapter must not feed this back as Exasol interprets integers in GROUP BY
clauses as column numbers which could lead to invalid results or the following error:
42000:Wrong column number. Too small value 0 as select list column reference in GROUP BY (smallest possible value is 1)
To fix this, Exasol VS now replaces integer constants in GROUP BY
clauses with a constant string.
Please that you can still safely use GROUP BY <column-number>
in your original query, since Exasol internally converts this to GROUP BY "<column-name>"
, so that the virtual schema adapter can tell both situations apart.
The release also adds integration tests using Exasol v8 to the CI build.
We also extracted the common parts of EVSL and RLSL to base libraries for a unified code base.
Bugfixes
- #42: Fixed issue with integer constants in
GROUP BY
Refactoring
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-jdbc:7.1.19
to7.1.20
- Updated
com.exasol:exasol-testcontainers:6.5.2
to6.6.1
- Updated
org.junit.jupiter:junit-jupiter-api:5.9.2
to5.9.3
- Updated
org.junit.jupiter:junit-jupiter-params:5.9.2
to5.9.3
- Updated
org.testcontainers:junit-jupiter:1.18.0
to1.18.3
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.2.2
to1.3.0
- Updated
com.exasol:project-keeper-maven-plugin:2.9.7
to2.9.9
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.0.0
to3.1.2
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.0.0
to3.1.2
- Updated
org.basepom.maven:duplicate-finder-maven-plugin:1.5.1
to2.0.1
- Updated
org.codehaus.mojo:build-helper-maven-plugin:3.3.0
to3.4.0
- Updated
org.codehaus.mojo:flatten-maven-plugin:1.4.1
to1.5.0
- Updated
org.codehaus.mojo:versions-maven-plugin:2.15.0
to2.16.0
- Updated
org.itsallcode:openfasttrace-maven-plugin:1.6.1
to1.6.2
- Updated
org.jacoco:jacoco-maven-plugin:0.8.9
to0.8.10
0.5.0: Partial TLS Support (without certificate validation)
Summary
With version 0.5.0 the connection between the Virtual Schema Adapter and the remote Exasol uses TLS for encrypting the communication.
Note however, that this feature is not complete yet. It lacks validation of the peer certificate. The reason is that Lua does not yet have access to the certificate store, so the feature requires a change in the Exasol database. Once certificate validation is available, the EVSL will reach version 1.0.0.
What does this mean for users? They can test connecting the Exasol Virtual Schema to a remote Exasol server with an encrypted connection. The connection cannot be treated as secure though, because validating the peer certificate is a required step in establishing trust between the VS and the remote server. Without this attackers can pretend to be an Exasol server or run a man-in-the-middle attack.
If you need an actually secure connection you will unfortunately have to wait until version 1.0.0.
Features
- #23: Added TLS Support
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-jdbc:7.1.17
to7.1.19
- Updated
com.exasol:exasol-testcontainers:6.5.1
to6.5.2
- Updated
com.exasol:hamcrest-resultset-matcher:1.5.2
to1.6.0
- Updated
org.slf4j:slf4j-jdk14:2.0.6
to2.0.7
- Updated
org.testcontainers:junit-jupiter:1.17.6
to1.18.0
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:2.9.3
to2.9.7
- Updated
org.apache.maven.plugins:maven-compiler-plugin:3.10.1
to3.11.0
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.1.0
to3.3.0
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M8
to3.0.0
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M8
to3.0.0
- Added
org.basepom.maven:duplicate-finder-maven-plugin:1.5.1
- Updated
org.codehaus.mojo:flatten-maven-plugin:1.3.0
to1.4.1
- Updated
org.codehaus.mojo:versions-maven-plugin:2.14.2
to2.15.0
- Updated
org.jacoco:jacoco-maven-plugin:0.8.8
to0.8.9
0.4.0: Remote EVSL (without TLS)
Summary
In this release we added support for connecting to a remote Exasol database. Note that you cannot use remote Exasol VS yet, since the libraries required are not yet available in production release of the Exasol database. That means while the feature is generally available, it only works with very recent development builds of Exasol. We will update the EVSL release once an Exasol version with the required libraries becomes available.
Features
- #20: Added remote metadata reading
Dependency Updates
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.2.0
to1.2.2
0.3.0: `IS [NOT] JSON` and `LISTAGG` support
Summary
We added support for the IS [NOT] JSON
predicate and the LISTAGG
aggregate function.
We also added a test that evaluates the performance overhead of running queries directly against Exasol and via the Virtual Schema.
Additionally, we improved tests that ensure the package, module and rockspec all have the correct version numbers.
Bufixes
- #8: Added missing test for performance overhead
- #18: Added
IS [NOT] JSON
predicate - #24: Added
LISTAGG
aggregate function
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-jdbc:7.1.11
to7.1.17
- Updated
com.exasol:exasol-testcontainers:6.2.0
to6.5.1
- Updated
com.exasol:test-db-builder-java:3.3.4
to3.4.2
- Updated
org.junit.jupiter:junit-jupiter-api:5.9.1
to5.9.2
- Updated
org.junit.jupiter:junit-jupiter-params:5.9.1
to5.9.2
- Updated
org.slf4j:slf4j-jdk14:2.0.3
to2.0.6
- Updated
org.testcontainers:junit-jupiter:1.17.3
to1.17.6
Plugin Dependency Updates
- Updated
com.exasol:project-keeper-maven-plugin:2.8.0
to2.9.3
- Updated
io.github.zlika:reproducible-build-maven-plugin:0.15
to0.16
- Updated
org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M5
to3.0.0-M8
- Updated
org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5
to3.0.0-M8
- Updated
org.codehaus.mojo:flatten-maven-plugin:1.2.7
to1.3.0
- Updated
org.codehaus.mojo:versions-maven-plugin:2.10.0
to2.14.2
0.2.0: Join support
Summary
In version 0.2.0 of the Exasol Virtual Schema for Lua we activated support for JOINs.
We also updated the dependencies.
Features
Dependency Updates
Test Dependency Updates
- Updated
com.exasol:exasol-testcontainers:6.1.2
to6.2.0
- Updated
com.exasol:hamcrest-resultset-matcher:1.5.1
to1.5.2
- Updated
com.exasol:maven-project-version-getter:1.1.0
to1.2.0
- Updated
com.exasol:test-db-builder-java:3.3.3
to3.3.4
- Added
org.junit.jupiter:junit-jupiter-api:5.9.1
- Removed
org.junit.jupiter:junit-jupiter-engine:5.8.2
- Updated
org.junit.jupiter:junit-jupiter-params:5.8.2
to5.9.1
- Updated
org.slf4j:slf4j-jdk14:1.7.36
to2.0.3
Plugin Dependency Updates
- Updated
com.exasol:error-code-crawler-maven-plugin:1.1.1
to1.2.0
- Updated
com.exasol:project-keeper-maven-plugin:2.4.6
to2.8.0
- Updated
org.apache.maven.plugins:maven-enforcer-plugin:3.0.0
to3.1.0
- Updated
org.apache.maven.plugins:maven-jar-plugin:3.2.2
to3.3.0
- Updated
org.codehaus.mojo:exec-maven-plugin:3.0.0
to3.1.0
- Updated
org.itsallcode:openfasttrace-maven-plugin:1.5.0
to1.6.1
0.1.1: Documentation complete
Summary
Version 0.1.1 brings updated (and now complete) user requirements, design and requirement tracing.
We also fixed an issue in the "set properties" request. The VS API does not behave like it was described in the API documentation, causing property changes to be ignored. The API documentation was fixed in virtual-schema-common-java #247 after which we fixed the Lua implementation.
Features
- #1: Completed system requirements, design and requirement tracing.
Dependency Updates
Test Dependency Updates
- Added
com.exasol:exasol-jdbc:7.1.11
- Added
com.exasol:exasol-testcontainers:6.1.2
- Added
com.exasol:hamcrest-resultset-matcher:1.5.1
- Added
com.exasol:maven-project-version-getter:1.1.0
- Added
com.exasol:test-db-builder-java:3.3.3
- Added
org.hamcrest:hamcrest:2.2
- Added
org.junit.jupiter:junit-jupiter-engine:5.8.2
- Added
org.junit.jupiter:junit-jupiter-params:5.8.2
- Added
org.slf4j:slf4j-jdk14:1.7.36
- Added
org.testcontainers:junit-jupiter:1.17.3
Plugin Dependency Updates
- Added
com.exasol:error-code-crawler-maven-plugin:1.1.1
- Added
com.exasol:project-keeper-maven-plugin:2.4.6
- Added
com.github.funthomas424242:plantuml-maven-plugin:1.5.2
- Added
io.github.zlika:reproducible-build-maven-plugin:0.15
- Added
org.apache.maven.plugins:maven-clean-plugin:2.5
- Added
org.apache.maven.plugins:maven-compiler-plugin:3.10.1
- Added
org.apache.maven.plugins:maven-deploy-plugin:2.7
- Added
org.apache.maven.plugins:maven-enforcer-plugin:3.0.0
- Added
org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M5
- Added
org.apache.maven.plugins:maven-install-plugin:2.4
- Added
org.apache.maven.plugins:maven-jar-plugin:3.2.2
- Added
org.apache.maven.plugins:maven-resources-plugin:2.6
- Added
org.apache.maven.plugins:maven-site-plugin:3.3
- Added
org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5
- Added
org.codehaus.mojo:build-helper-maven-plugin:3.3.0
- Added
org.codehaus.mojo:exec-maven-plugin:3.0.0
- Added
org.codehaus.mojo:flatten-maven-plugin:1.2.7
- Added
org.codehaus.mojo:versions-maven-plugin:2.10.0
- Added
org.itsallcode:openfasttrace-maven-plugin:1.5.0
- Added
org.jacoco:jacoco-maven-plugin:0.8.8
- Added
org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184
- Added
org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0