Merged PRs

dolt

• 10417: GitBlobstore: implement Put with CAS retries + configurable identity; add Put tests
  This PR adds the first GitBlobstore write path: GitBlobstore.Put, implemented on top of the existing internal/git.GitAPI plumbing. It also adds unit tests for Put, including a contention scenario to verify we don’t clobber concurrent writers.
• 10416: add HashObject + GitAPIImpl write-primitive tests
  This PR extends the unified internal/git plumbing API with a streaming blob-write primitive and adds targeted unit coverage for the write building blocks we’ll use to implement GitBlobstore write paths.
• 10414: add internal git ReadAPI/WriteAPI impl scaffolding + refactor GitBlobstore reads
  This PR advances the Git-backed blobstore.Blobstore prototype by adding a principled internal git write plumbing layer (still unused by GitBlobstore for now) and refactoring read plumbing into a ReadAPI interface + concrete impl to match the write side.
• 10413: /go/store/{blobstore,nbs,testutils}: add ref constants
• 10412: /.github/actions/ses-email-action: bump aws ses client
• 10409: Add read-only GitBlobstore
  This PR introduces an initial read-only GitBlobstore implementation to enable treating a git object database (bare repo / .git dir) as a Dolt blobstore, without a checkout.
• 10407: Correctly identify which secondary indexes need to be updated during a merge
  Some columns in a table have a different encoding when used in a secondary index key: mainly TEXT and BLOB types are an address encoding in the primary index, but when used in a secondary index (with a length prefix), the prefixes get stored in the secondary index as an inline encoding.
  We have a check during merge that determines whether or not we need to rebuild a secondary index from scratch instead of simply merging in changes from the other branch. This is necessary because in fringe situations, a row that did not change on the other branch's primary index did change on the other branch's secondary index. This happens when the other branch changed the secondary index's schema, such as dropping or adding columns, changing a length prefix, etc.
  In these situations, it is not safe to simply diff the primary indexes and update the changed rows in the secondary index.
  When I originally wrote this check, I compared the schema of the merged table's index with the original table's index to determine whether the other branch introduced a change. However, I deliberately ignored things like the TEXT special-treatment when doing this check. The motivation for doing it this way was to ensure that if the other branch changes a TEXT type to a VARCHAR type (or vice versa), we will still detect this change even though the encoding of the index doesn't change.
  In practice we don't need to worry about that, because such changes still get detected and handled correctly elsewhere in the merge process. And the check as written is incorrect, and leads to situations where if the merger erroneously concludes that an index will be dropped and rebuild, and thus doesn't update it during the merge.
  This PR fixes the logic of the check and adds additional tests to verify that the merge behavior is still correct.
• 10406: Add support for full binlog row metadata
  Adds support for sending additional table map metadata (e.g. column names) when operating as a binlog primary server. This mode is activated when @@binlog_row_metadata is set to FULL. Also adds integration tests for the Python mysql-replication library to test this feature.
• 10351: Bump lodash from 4.17.21 to 4.17.23 in /integration-tests/mysql-client-tests/node
  Bumps lodash from 4.17.21 to 4.17.23.
  Commits

  • dec55b7 Bump main to v4.17.23 (#6088)
  • 19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
  • b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
  • edadd45 Prevent prototype pollution on baseUnset function
  • 4879a7a doc: fix autoLink function, conversion of source links (#6056)
  • 9648f69 chore: remove yarn.lock file (#6053)
  • dfa407d ci: remove legacy configuration files (#6052)
  • 156e196 feat: add renovate setup (#6039)
  • 933e106 ci: add pipeline for Bun (#6023)
  • 072a807 docs: update links related to Open JS Foundation (#5968)
  • Additional commits viewable in compare view
  
  [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
  Dependabot commands and options

  
  You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dolthub/dolt/network/alerts).
• 9960: Bump com.mysql:mysql-connector-j from 8.0.33 to 8.2.0 in /integration-tests/mysql-client-tests/java
  Bumps com.mysql:mysql-connector-j from 8.0.33 to 8.2.0.
  Changelog

  Sourced from com.mysql:mysql-connector-j's changelog.

  Changelog

  https://dev.mysql.com/doc/relnotes/connector-j/en/

  Version 9.4.0

  • Fix for Bug#116120 (Bug#37079448), Inappropriate charset selected for connection when jdk.charsets not included.

  • Fix for Bug#98620 (Bug#31503893), Using DatabaseMetaData.getColumns() gives collation mix error.

  • Fix for Bug#118389 (Bug#38044940), OCI ephemeral keys not working after change in OCI CLI.

  • Fix for Bug#22473405, GETOBJECT(STRING , CLASS) METHOD RETURNS ERROR FOR POOLED CONNECTION.

  • WL#17009, Upgrade 3rd party libraries and tools.

  • Fix for Bug#118201 (Bug#37971552), A potential bug in Mysql Connector/J.

  • Fix for Bug#44791 (Bug#11753361), Setting/getting holdability on connection does not work properly.

  • Fix for Bug#21294134, DBMD.GETPROCEDURECOLUMNS() IS UNABLE TO DEAL WITH PROCEDURE COLUMNS WITH SPACES.

  • Fix for Bug#77658 (Bug#21946136), Incorrect java.sql.Statement.cancel() behavior.

  • Fix for Bug#118100 (Bug#37900711), You have an error in your SQL syntax exception thrown after mysql-connector-j 9.2.0 -> 9.3.0 upgrade.

  • Fix for Bug#118079 (Bug#37888527), An output message error.

  • Fix for Bug#117579 (Bug#37639722), Contribution: Return UUID from ResultSet#getObject(). Thanks to Iwao Abe for his contribution.

  • Fix for Bug#20279578, REGISTEROUTPARAMETER() FAILS WHEN PROCEDURE NAME CONTAINS SOME SPECIAL CHARACTER.

  • Fix for Bug#109339 (Bug#34898663), Failed to insert bignums due to overflow. Thanks to Yohei Ueki for his contribution.

  • Fix for Bug#77766 (Bug#21503942), CallableStatement.getObject have inconsistent behavior.

  • WL#16917, Remove IterateBlock class.

  • Fix for Bug#117873 (Bug#37785888), Time instances created from negative milliseconds are encoded without fractional seconds.

  • Fix for Bug#115845 (Bug#36954268), Contribution: Set correct OTel Span name for transaction commits. Thanks to Willem Fibbe for his contribution.

  • Fix for Bug#75615 (Bug#21181249), Incorrect implementation of Connection.setNetworkTimeout().

  • Fix for Bug#75441 (Bug#20344798), com.mysql.jdbc.CallableStatement.extractProcedureName fragile.

  • Fix for Bug#19948601, UNEXPECTED BEHAVIOUR NOTICED WITH FEW OF THE MYSQL C/JAVA CONNECTION PARAMETERS.

  ... (truncated)

  Commits

  • 06a1f72 Fix for Bug#35811592, Missing implementation for Connection.releaseSavepoint().
  • 9df3820 Update for GPL license book.
  • ff822cf Fix for tests failing due to expecting unsupported TLS versions.
  • 429db00 Fix for test SecureSessionTest.testXdevapiTlsVersionsAndCiphersuites() failur...
  • d52033a Fix for tests failing due to using unsupported cipher suites in MySQL 5.7.
  • e18e626 Fix for tests failing due to using deprecated cipher suites.
  • 4f70ec3 Fix for Bug#91351 (Bug#28225464), MysqlConnectionPoolDataSource - autocommit ...
  • 71e4c6b Fix for property description 'ConnectionProperties.treatMysqlDatetimeAsTimest...
  • bae6356 Fix for property description 'ConnectionProperties.authenticationPlugins'.
  • 5701086 GPL license book update.
  • Additional commits viewable in compare view
  
  [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
  Dependabot commands and options

  
  You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dolthub/dolt/network/alerts).

go-mysql-server

• 3415: Simplify Between expressions for GetField arguments
  fixes #10284
  part of #10340
  benchmarks
• 3410: Replace Time.Sub call in TIMESTAMPDIFF with microsecondsDiff
  fixes #10397
  Time.Sub doesn't work for times with a difference greater than 9,223,372,036,854,775,807 (2^63 - 1) nanoseconds, or ~292.47 years. This is because Time.Sub returns a Duration, which is really an int64 representing nanoseconds. MySQL only stores time precision to the microsecond so we actually don't care about the difference in nanoseconds.
  However, there's no easy way to directly expose the number of microseconds or seconds since epoch using the public functions for Time -- this is because seconds since epoch are encoded differently with different epochs depending on whether the time is monotonic or not (Jan 1, 1885 UTC or Jan 1, 0001 UTC).
  Time.Sub uses Time.sec to normalize Time objects to seconds since the Jan 1, 0001 UTC epoch. But Time.sec isn't public so we can't call it ourselves. And Time.Second and Time.Nanosecond only give the second and nanosecond portion of a wall time, not the seconds/nanoseconds since an epoch. However, Time.UnixMicro does give us the microseconds since Unix epoch (January 1, 1970 UTC)...by calling Time.sec and then converting that to Unix time.
  So microsecondsDiff calculates the difference in microseconds between two Time objects, getting their microsecond values by calling Time.UnixMicro on both of them. This isn't the most efficient but it's the best we can do with public functions.

Closed Issues

• 10369: handler caught panic: malformed tuple
• 10284: Avoid RangeHeapJoin when lower and upper bounds are the same field

Performance