github ArcadeData/arcadedb 26.6.1
on GitHub

10 hours ago

ArcadeDB 26.6.1 Release Notes

Overview

ArcadeDB 26.6.1 is a stability, durability and security hardening release with over 280 commits and 66 resolved issues. The headline news is end-to-end TLS/SSL for the HA cluster, a deep wave of durability and crash-recovery hardening across the WAL, page and serialization layers, and a broad security hardening pass (schema authorization, IMPORT DATABASE source validation, injection fixes and a full CodeQL cleanup). On top of that comes a long list of High Availability / Raft, OpenCypher, SQL, vector index and wire-protocol fixes, plus Studio and operational improvements.

Major Highlights

TLS/SSL Across the HA Cluster

The Raft-based HA cluster can now run fully encrypted. Inter-node replication traffic supports SSL/TLS, and the snapshot installer was fixed so a follower can download a leader snapshot over the HTTPS listener instead of crashing with Unsupported or unrecognized SSL message. (#4470)

Durability & Crash-Recovery Hardening

A large batch of fixes closes data-integrity gaps in the storage, WAL and serialization layers so committed transactions survive crashes and power loss, and recovery never silently drops data:

  • WAL is now fsynced on commit by default, and data files are fsynced before WAL files are deleted on clean close. (#4330, #4332)
  • Crash recovery now aborts on a WAL version gap and preserves the WAL files instead of silently skipping the gap. (#4331, #4320)
  • MutablePage.move no longer mis-tracks the modified range on backward shifts, so defrag bytes are no longer omitted from the WAL. (#4319)
  • Binary serialization fixes: property count now matches the bytes written, and partial reads are handled via readFully. (#4328, #4329)
  • Short-write / short-read returns are now respected in PaginatedComponentFile. (#4321)
  • LZ4 compression no longer corrupts data when Binary.position() > 0. (#4317)
  • Simple-8b codec validation no longer silently truncates Long.MAX_VALUE / Long.MIN_VALUE. (#4336)
  • migratedFileIds is now persisted in schema.json, so compaction no longer silently drops in-flight transactions across restart. (#4333)
  • java.lang.NegativeArraySizeException on transaction commit fixed. (#4420)

Security Hardening

  • All LocalDocumentType / LocalProperty schema mutators now require the UPDATE_SCHEMA permission (previously only createProperty was gated). (#4423)
  • IMPORT DATABASE now validates its source and requires admin privilege, closing SSRF / LFI vectors. (#4422)
  • SQL injection fixed in RemoteVertex.newEdge by switching to parameter binding (also fixes breakage on apostrophes). (#4327)
  • JavaScript injection in the polyglot engine closed by replacing the "looks-like-JSON" source-concatenation heuristic with Value.execute(). (#4326)
  • Full CodeQL cleanup: open Java and JavaScript code-scanning alerts resolved at their true sources (workflow permissions, ReDoS, path-injection). (#4383, #4386, #4388)

Major Fixes

High Availability & Clustering

  • TimeSeries data now replicates correctly across an HA cluster, and a compaction/append deadlock that caused a WAL version gap on Raft followers was eliminated. (#4414, #4458)
  • Concurrent single-row time-series INSERTs no longer silently lose samples (sealed-slot lost update). (#4453)
  • Bolt writes to a follower no longer fail with "no authenticated user in the current security context"; the authenticated user is now bound on DatabaseContext in the Bolt executor. (#4456)
  • PeerAddressAllowlistFilter no longer rejects legitimate peers during a Kubernetes DNS-resolution race (incomplete allowlist on startup/restart). (#4471)
  • Stale-follower recovery is fixed when a snapshot download fails on a quiet cluster.
  • New configurable paths: arcadedb.ha.raftStorageDirectory for the Raft storage directory (#4446), configurable server log directory for read-only root filesystems (#4451), and arcadedb.ha.clusterTokenPath to read the cluster shared secret from a file (#4431).
  • RemoteDatabase no longer reuses a session id across servers on HA failover during an open transaction; a TransactionException is now raised on server switch. (#4373)
  • RemoteHttpComponent no longer mutates leaderServer / currentServer non-atomically during retries. (#4372)
  • New STICKY strategy pins HTTP transactions to a concrete cluster member. (#4273)
  • getReplicaAddresses now excludes the local peer instead of the leader. (#4274)
  • /api/v1/server?mode=cluster returns the ha section again after the Raft migration. (#4261)
  • New "Force Resync" button in Studio to recover a diverged follower from the leader.
  • HA bootstrap-fingerprint replay race fixed, and HA node aliases corrected. (#4259)
  • Massive-insertion cluster configuration issues resolved, plus assorted HA log improvements.

Concurrency & Async

  • FileManager no longer mutates its ArrayList<ComponentFile> from multiple threads without synchronization (fixes CME / AIOOBE). (#4371)
  • LockManager.tryLock now re-attempts putIfAbsent after a wait timeout and tracks the remaining timeout per await. (#4367)
  • DatabaseAsyncTransaction now rolls back before retrying after a ConcurrentModificationException, invokes the per-task onErrorCallback, and no longer swallows final-retry failures or contaminates the shared transaction. (#4368, #4369, #4370)
  • PageManager.putPageInReadCache no longer leaks RAM accounting when replacing an existing CachedPage. (#4390)

OpenCypher

  • CREATE INDEX now implicitly creates the referenced property (Neo4j-style lazy schema). (#4354)
  • nodes(), relationships() and length() on variable-length path patterns (e.g. [*1..3]) are now implemented. (#4353)
  • Records written via SQL are now visible to subsequent Cypher queries (and vice versa) within the same connection/transaction. (#4355)
  • EXPLAIN no longer fails with an idempotency error on a multi-statement query containing CREATE. (#4366)
  • Label disjunction (n:A|B) no longer returns 0 rows. (#4221)
  • allShortestPaths() now returns all co-shortest paths instead of just one.
  • MERGE now uses a bound anchor as the traversal start instead of a full edge-type scan (performance), and no longer crashes on a single-quote property value with UNWIND or rebinds the variable from an OPTIONAL MATCH null endpoint. (#4213, #4210)
  • DATETIME property comparison with datetime() no longer returns 0 rows. (#4231)
  • Redundant AND true / OR false branches are now simplified in WHERE clauses. (#4405)
  • MATCH ... WHERE ID(n) IN $ids now accepts a long[] parameter array.
  • Query results are now consistent between parameterized and hard-coded values.

SQL

  • IN :param with a collection parameter now returns rows when an index is used. (#4468)
  • MOVE VERTEX no longer generates an internal error. (#4461, #4347)
  • expand() projection now honors its AS alias instead of always being named value. (#4389)
  • IN (SELECT …) no longer always returns empty (InCondition now unwraps single-property results). (#4337)
  • MERGE on a UNIQUE-indexed property no longer throws DuplicatedKeyException when the same key appears twice in a batch (Neo4j matches the second occurrence). (#4351)
  • node.* and rel.* functions no longer silently return null/0 from SQL. (#4216)
  • TimeSeries timestamps are now returned in queries. (#4418)
  • New cypherRID(<cypher-rid>) SQL function and asCypherRID() method for interoperating with Cypher numeric ids.
  • ResultInternal.getProperty no longer re-surfaces removed properties via element fall-through. (#4398)
  • EdgeLinkedList.removeVertex / removeEdge now iterate all segments to remove every matching entry. (#4395)
  • MultiIterator.countEntries no longer discards the count for non-resettable iterables. (#4396)
  • MATCHES now keys its regex Pattern cache by the regex string rather than hashCode() (collision no longer returns the wrong pattern). (#4397)
  • Case conversions across the function library now use Locale.ROOT. (#4393)
  • RangeFunction and the math functions are now guarded against long-range overflow / infinite loops. (#4391, #4392)
  • CREATE INDEX ON ... (...) without an index type now raises a clear parsing error instead of an NPE.
  • Inserting edges between existing nodes with mandatory properties now works. (#4413)
  • Multiple-inheritance handling fixed, and point() over a latitude property surfaced as a string no longer throws a ClassCastException.
  • SEARCH_INDEX() negative Lucene clauses now return correct results. (#4220)

Vector & Index

  • TRUNCATE TYPE no longer resets an LSM_VECTOR index dimension to 0, nor leaves UNIQUE indexes in an inconsistent state requiring DROP TYPE. (#4359, #4352)
  • LSMVectorIndex now converts JVector's EUCLIDEAN return to L2² distance in all search paths, so K-NN no longer returns the worst matches first. (#4334)
  • LSMVectorIndexCompactor now handles the old-format tombstone rewind correctly. (#4335)
  • NPE in discoverAndLoadCompactedSubIndex that prevented loading compacted vector sub-indexes at startup fixed.
  • LSM_VECTOR inactivity rebuild timer is now re-armed after a skip. (#4272)
  • REBUILD INDEX now works for BY ITEM indexes. (#4448)
  • vector.fuse() is now recognised as a SQL function (no more "Unknown method name: fuse").

Wire Protocols

  • Bolt: parameterized Cypher MATCH queries via the JavaScript neo4j-driver now work (#4452); integer property values are no longer coerced to strings after CREATE INDEX, and index-backed lookups return rows.
  • PostgreSQL: scalar columns are now advertised with native OIDs. (#4202)
  • gRPC: correct exceptions are now thrown (NOT_FOUND for RecordNotFoundException on lookupByRid) (#4364); LocalDateTime / LocalDate and ISO-string fallback handled in ProtoUtils (#4358); InsertStream with CONFLICT_IGNORE + PER_STREAM no longer rolls back the whole stream on a commit-time duplicate (#4214); null values are no longer returned as the string "null"; count(*) field type is now consistent between RemoteDatabase and RemoteGrpcDatabase; reloading a not-yet-committed record no longer errors.
  • HTTP: PostCommandHandler "Cannot execute command" fixed (#4432); the redundant decode of command/query in the HTTP layer was removed; DuplicatedKeyException now returns HTTP 409 Conflict instead of 503 Service Unavailable. (#4350)

Studio & Operations

  • Optional production-mode Studio: a new global setting enables Studio in production on request. (#4417)
  • New show/hide toggle for the Appearance section in the graph side panel. (#4394)
  • AI assistant flow, database selection and layout improvements; query profiler "Analyze with AI"; refreshed server and profiler metrics.
  • MessageFormat placeholders are now substituted in JUL log records. (#4275)
  • New offline build mode for the distribution builder, and Python bindings build-script / vector-handling refactor.

Dependencies

Notable upgrades in this release include:

  • Netty 4.2.14.Final
  • Undertow 2.4.1.Final
  • Protobuf 4.35.0
  • JLine 4.1.3
  • JUnit Jupiter 6.1.0
  • Jackson Databind 2.21.4
  • Apache Commons Configuration 2.15.1
  • Swagger 2.2.50 / Swagger Parser 2.1.43
  • SLF4J 2.0.18
  • Logback 1.5.33
  • Jedis 7.5.2

Plus the usual round of Studio frontend updates (ApexCharts, SweetAlert2, SwaggerUI, Marked, PDFMake, PostCSS, Terser and the webpack/build toolchain), e2e test-harness bumps (Playwright, TestContainers, protobufjs), CI / GitHub Actions updates and pre-commit hook refreshes.

Check out latest releases or
releases around ArcadeData/arcadedb 26.6.1

Don't miss a new arcadedb release

NewReleases is sending notifications on new releases.

Get notifications