github dolthub/dolt v2.0.4
2.0.4
on GitHub

6 hours ago

Merged PRs

dolt

  • 11073: dolt revert to more closely match git

    Related: dolthub/doltlite#961

  • 11067: proto,go/serial: Bump some bazel version, some module versions.

  • 11059: Fix SchemaTable.Updater panic on direct UPDATE dolt_schemas
    A direct UPDATE dolt_schemas reached SchemaTable.Updater, which panicked with "should never be called" — an unprivileged user could crash the SQL server with it. dolt_schemas is not directly modifiable via SQL, so this returns a clean error unconditionally instead of panicking; adds a regression test.

  • 11058: go: sqle: Fix a dolt_branch_control bypass involving the session table cache.
    On a new connection, a SELECT against information_schema.tables or information_schema.columns would populate the session's table cache is a Table value that embedded a revision-less Database value. An incoming write request against the cached table would run its permissions check against the revision-less database, instead of the revisioned database which correctly encoded the branch the write was running against. This allowed connections to bypass dolt_branch_control, elevating to write permissions on all branches.

  • 11057: Branch_control regression tests for more user-table write shapes
    Adds branch_control regression tests for the user-table write shapes that TestBranchControlBlocks wasn't already pinning; all were already correctly gated, so this is pure regression coverage with no behavior change.

  • 11050: Gate branch_control on writable dolt system tables
    Most writable dolt system tables had no branch_control check, so a read- or merge-permission user could write to them; this gates the user-space tables (dolt_docs/ignore/query_catalog/nonlocal/tests via the shared createWriteableSystemTable helper), dolt_constraint_violations_, dolt_workspace_, and ConflictRootObjectTable with Permissions_Write. dolt_branches/dolt_remotes (already read-only), dolt_branch_control/namespace (own admin gating), and dolt_conflicts_ (already gated) are left as-is; tests cover every writer factory and pin the read-only behavior.

  • 11049: Audit and test branch control coverage for dolt procedures
    Survey of dprocedures/dolt_*.go turned up four procedures with no branch_control check that mutate branch or working-set state. Three of them belong under Permissions_Write:

    • dolt_rebase — mutates the active rebase plan and the working set
    • dolt_stash — push/pop/apply/drop/clear all write through to working state
    • dolt_update_column_tag — schema change committed to the working root
      Gate added at the procedure entry in each.
      dolt_undrop was the fourth — leaving it alone. It restores a dropped database, not a table on the current branch, so the branch-control entry for the current branch isn't a sensible gate. MySQL SUPER already covers it.
      Test side: every other dolt_* procedure now has at least one branch_control assertion.

  • 11047: Gate DOLT_CHECKOUT('<table>') with branch_control Write permission
    dolt_checkout(<table>) was previously ungated, so a user with a read or merge permission on a branch could clear working set changes. This gates dolt_checkout(<table>) while leaving dolt_checkout(<branch>) ungated

go-mysql-server

  • 3551: star expression used in function
  • 3546: Cache context to use for String() methods
    This is a replacement for:
    • dolthub/go-mysql-server#3525
      This accomplishes the same effective goal of passing context in the areas that we previously were not (primarily the String() function, which is load-bearing). The above PR changed the interfaces such that nodes and expressions no longer respected the fmt.Stringer interface. This PR instead caches the context inside of all nodes that need a context in their String() function by providing that context at node creation time. This was a tactic that we were already using before my original context threading PR:
    • dolthub/go-mysql-server#3513
      ...and should therefore be no worse than we were before I embarked on this journey.
      It's worth noting that the information_schema tables do not have a proper context inside of their String() function, as those tables are created when the engine is created, and SQL contexts only exist inside of connections/sessions. For now this doesn't impact anything as the Schema(ctx) methods (which use the context from String()) return a precomputed schema, however there are comments in place that warn about the nil context if those methods are ever modified.
  • 3532: replace all decimal.Decimal with *apd.Decimal

Closed Issues

  • 11066: Connection Close hangs indefinitely when attempting to usthe implicit sql transaction commit of aCALL DOLT_COMMIT`
  • 11046: Overflowing TEXT type does not error and silently truncates, and mysql session variables do not work to make it error.
Check out latest releases or
releases around dolthub/dolt v2.0.4

Don't miss a new dolt release

NewReleases is sending notifications on new releases.

Get notifications