This release contains backwards incompatible changes:
- Dolt stored procedures which are administrative in nature or require remote authentication are no longer available to SQL users with only the Execute permission on the database. Users who could previously run
dolt_fetch(),dolt_pull(), anddolt_push()will need to have explicit grants to the procedures they need access to. See Documentation for more specifics.
Per Dolt’s versioning policy, this is a minor version bump because these changes may impact existing applications. Please reach out to us on GitHub or Discord if you have questions or need help with any of these changes.
Merged PRs
dolt
- 6917: Dolt admin procedures
Currently we encourage our users to grant execute permissions at the DB level, which gives users the ability to run somewhat privileged operations such asdolt_gcanddolt_push. This change marks sensitive procedures such that explicit grants are required for sensitive features.
Related: dolthub/go-mysql-server#2110 - 6916: dependabot squash
GRPC upgrades, from dependabot. - 6909: Remove schema overlap check for tables with same name
This change takes out the schema check for tables with the same name that get modified. Previously, only tables that get dropped and re-added with the same name and same schema would get labelled as modified. Now, tables that get dropped and re-added with the same name regardless of schema will get labelled as modified.
Fixes: #5738 - 6907: change CLI reference header
Updates the header generated bydump-docs
go-mysql-server
- 2116: Grant Options privs need the AdminOnly treatment too
This addresses a gap discovered while writing dolt tests - Grant Option on procedures is not currently validated correctly, resulting in only super users being able to set grants on procedures. This should address that. - 2113: Allow ScriptTestAssertion to specify when an assertion needs a new session
As part of testing Dolt's reflog feature, I need to calldolt_gc()and then check the reflog behavior. Becausedolt_gc()invalidates the session, I needed to add this hook that signals the test framework to create a new session for a ScriptTestAssertion. - 2110: Procedure privledges
Adds support for respecting procedure and function permissions. Also added AdminOnly flag for external procedures to indicate that they should not have their privileges evaluated in the standard MySQL hierarchical way. This will allow us to tighten dolt procedures access.
The ability to grant access is still blocked behind an environment variable. That will remain until dolt changes have been released. - 2109: adding join and subquery tests
Convert many of the sqllogictests into enginetests for visibility - 2108: Push not filters
De Morgan's laws and leaf filter inversions to get NOT expressions as low in filter trees as possible. This will make index costing NOT filters easier.