3.0.6: JDBC Driver from Central Repository

Summary

In this release we removed the reference to the now decommissioned Exasol Artifactory. The driver is now taken from the Central Repository (aka. "Maven Central").

In that course we also updated the driver and other dependencies.

Features

• #126: Switched to JDBC Driver from Central Repository

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:db-fundamentals-java:0.1.2 to 0.1.3
• Updated com.exasol:error-reporting-java:0.4.1 to 1.0.0
• Updated com.exasol:exasol-jdbc:7.1.11 to 7.1.17
• Updated com.exasol:exasol-virtual-schema:6.0.3 to 7.0.2

Test Dependency Updates

• Updated com.exasol:exasol-testcontainers:6.1.2 to 6.5.0
• Updated com.exasol:hamcrest-resultset-matcher:1.5.1 to 1.5.2
• Updated com.exasol:test-db-builder-java:3.3.4 to 3.4.2
• Updated com.exasol:udf-debugging-java:0.6.4 to 0.6.6
• Updated nl.jqno.equalsverifier:equalsverifier:3.10.1 to 3.12.3
• Updated org.junit.jupiter:junit-jupiter-api:5.9.0 to 5.9.2
• Updated org.junit.jupiter:junit-jupiter:5.9.0 to 5.9.2
• Updated org.mockito:mockito-junit-jupiter:4.6.1 to 5.0.0
• Updated org.slf4j:slf4j-jdk14:1.7.36 to 2.0.6
• Updated org.testcontainers:junit-jupiter:1.17.3 to 1.17.6

Plugin Dependency Updates

• Updated com.exasol:artifact-reference-checker-maven-plugin:0.4.0 to 0.4.2
• Updated com.exasol:error-code-crawler-maven-plugin:1.1.2 to 1.2.1
• Updated com.exasol:project-keeper-maven-plugin:2.6.1 to 2.9.1
• Updated io.github.zlika:reproducible-build-maven-plugin:0.15 to 0.16
• Updated org.apache.maven.plugins:maven-assembly-plugin:3.3.0 to 3.4.2
• Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M5 to 3.0.0-M7
• Updated org.apache.maven.plugins:maven-jar-plugin:3.2.2 to 3.3.0
• Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5 to 3.0.0-M7
• Updated org.codehaus.mojo:build-helper-maven-plugin:3.2.0 to 3.3.0
• Updated org.codehaus.mojo:exec-maven-plugin:3.0.0 to 3.1.0
• Updated org.codehaus.mojo:flatten-maven-plugin:1.2.7 to 1.3.0
• Updated org.codehaus.mojo:versions-maven-plugin:2.10.0 to 2.13.0
• Updated org.itsallcode:openfasttrace-maven-plugin:1.5.0 to 1.6.1
• Removed org.projectlombok:lombok-maven-plugin:1.18.20.0

3.0.5: Administration SQL scripts

Summary

This release fixes uploading of the Administration SQL script to the GitHub release.

Features

• #122: Fixed uploading of SQL script

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:exasol-virtual-schema:6.0.2 to 6.0.3

Test Dependency Updates

• Updated com.exasol:test-db-builder-java:3.3.3 to 3.3.4
• Updated com.exasol:udf-debugging-java:0.6.2 to 0.6.4
• Updated nl.jqno.equalsverifier:equalsverifier:3.10 to 3.10.1
• Added org.junit.jupiter:junit-jupiter-api:5.9.0
• Updated org.junit.jupiter:junit-jupiter:5.8.2 to 5.9.0
• Updated org.testcontainers:junit-jupiter:1.17.2 to 1.17.3

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:1.1.1 to 1.1.2
• Updated com.exasol:project-keeper-maven-plugin:2.4.6 to 2.6.1
• Updated org.apache.maven.plugins:maven-compiler-plugin:3.8.1 to 3.10.1
• Updated org.apache.maven.plugins:maven-enforcer-plugin:3.0.0 to 3.1.0
• Added org.codehaus.mojo:build-helper-maven-plugin:3.2.0
• Added org.codehaus.mojo:exec-maven-plugin:3.0.0
• Added org.itsallcode:openfasttrace-maven-plugin:1.5.0

Dependency Updates

Summary

This release fixes the following vulnerabilities by updating dependencies: CVE-2022-24823, CVE-2016-5003, CVE-2016-5002, CVE-2021-43797, CVE-2016-5004, CVE-2021-37136, CVE-2021-37137, sonatype-2012-0050, sonatype-2020-0026, sonatype-2021-0789.

Bugfixes

• #120: Fixed vulnerabilities reported by ossindex

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:exasol-jdbc:7.1.4 to 7.1.11

Test Dependency Updates

• Updated com.exasol:exasol-testcontainers:6.0.0 to 6.1.2
• Updated com.exasol:test-db-builder-java:3.3.0 to 3.3.3
• Updated com.exasol:udf-debugging-java:0.4.1 to 0.6.2
• Updated nl.jqno.equalsverifier:equalsverifier:3.9 to 3.10
• Updated org.jacoco:org.jacoco.agent:0.8.7 to 0.8.8
• Updated org.mockito:mockito-junit-jupiter:4.3.1 to 4.6.1
• Updated org.testcontainers:junit-jupiter:1.16.3 to 1.17.2

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:0.7.1 to 1.1.1
• Updated com.exasol:project-keeper-maven-plugin:1.3.4 to 2.4.6
• Updated io.github.zlika:reproducible-build-maven-plugin:0.14 to 0.15
• Updated org.apache.maven.plugins:maven-dependency-plugin:3.2.0 to 3.3.0
• Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M4 to 3.0.0-M5
• Updated org.apache.maven.plugins:maven-jar-plugin:3.2.0 to 3.2.2
• Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M4 to 3.0.0-M5
• Removed org.codehaus.mojo:build-helper-maven-plugin:3.2.0
• Removed org.codehaus.mojo:exec-maven-plugin:3.0.0
• Added org.codehaus.mojo:flatten-maven-plugin:1.2.7
• Updated org.codehaus.mojo:versions-maven-plugin:2.8.1 to 2.10.0
• Removed org.itsallcode:openfasttrace-maven-plugin:1.2.0
• Updated org.jacoco:jacoco-maven-plugin:0.8.7 to 0.8.8
• Added org.projectlombok:lombok-maven-plugin:1.18.20.0
• Added org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184
• Updated org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0 to 3.2.0

3.0.3: Split an improved user guide

Summary

Release 3.0.3 brings an improved user guide that is split into separate pages. We also reworked the explanations to be clearer and more straight forward.

We removed the tests for Exasol 6.2 since that version is now discontinued. While RLS might still work with that version, we recommend switching to a newer, still supported version.

We also updated dependencies to the latest versions.

Documentation

• #80: Improved user guide

Refactoring

• #115: Updated dependencies and removed matrix build of 6.2

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:error-reporting-java:0.4.0 to 0.4.1
• Updated com.exasol:exasol-jdbc:7.1.2 to 7.1.4
• Updated com.exasol:exasol-virtual-schema:5.0.5 to 6.0.2

Test Dependency Updates

• Updated com.exasol:exasol-testcontainers:5.1.1 to 6.0.0
• Updated com.exasol:test-db-builder-java:3.2.1 to 3.3.0
• Updated nl.jqno.equalsverifier:equalsverifier:3.7.2 to 3.9
• Updated org.junit.jupiter:junit-jupiter:5.8.1 to 5.8.2
• Updated org.mockito:mockito-junit-jupiter:4.0.0 to 4.3.1
• Updated org.slf4j:slf4j-jdk14:1.7.32 to 1.7.36
• Updated org.testcontainers:junit-jupiter:1.16.2 to 1.16.3

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:0.6.0 to 0.7.1
• Updated com.exasol:project-keeper-maven-plugin:1.2.0 to 1.3.4
• Updated io.github.zlika:reproducible-build-maven-plugin:0.13 to 0.14

Fixed AggregationType parsing, new function CURRENT_CLUSTER

Summary

This release contains transient fixes and improvements from Virtual Schema common libraries update.

Refactoring

• #110: Updated dependencies, prepared for a release.

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:exasol-jdbc:7.1.1 to 7.1.2
• Updated com.exasol:exasol-virtual-schema:5.0.4 to 5.0.5

Test Dependency Updates

• Updated com.exasol:exasol-testcontainers:5.1.0 to 5.1.1
• Updated com.exasol:hamcrest-resultset-matcher:1.5.0 to 1.5.1
• Updated nl.jqno.equalsverifier:equalsverifier:3.7.1 to 3.7.2
• Updated org.junit.jupiter:junit-jupiter:5.7.2 to 5.8.1
• Updated org.mockito:mockito-junit-jupiter:3.12.4 to 4.0.0
• Updated org.testcontainers:junit-jupiter:1.16.0 to 1.16.2

Plugin Dependency Updates

• Updated org.itsallcode:openfasttrace-maven-plugin:1.0.0 to 1.2.0

Support TLS connections

Summary

This release updates the JDBC driver and thus supports TLS encrypted connections.

Bug Fixes

• #86: Added error for users without group.
• #87: Added error for role + group on the same table.
• #107: Added support for TLS.

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:exasol-jdbc:7.0.11 to 7.1.1
• Updated com.exasol:exasol-virtual-schema:5.0.3 to 5.0.4

Runtime Dependency Updates

• Removed org.jacoco:org.jacoco.agent:0.8.7

Test Dependency Updates

• Updated com.exasol:exasol-testcontainers:4.0.0 to 5.1.0
• Updated com.exasol:hamcrest-resultset-matcher:1.4.1 to 1.5.0
• Updated com.exasol:test-db-builder-java:3.2.0 to 3.2.1
• Updated com.exasol:udf-debugging-java:0.4.0 to 0.4.1
• Updated nl.jqno.equalsverifier:equalsverifier:3.7 to 3.7.1
• Added org.jacoco:org.jacoco.agent:0.8.7
• Updated org.mockito:mockito-junit-jupiter:3.11.2 to 3.12.4

Plugin Dependency Updates

• Updated com.exasol:artifact-reference-checker-maven-plugin:0.3.1 to 0.4.0
• Updated com.exasol:error-code-crawler-maven-plugin:0.5.1 to 0.6.0
• Updated com.exasol:project-keeper-maven-plugin:0.10.0 to 1.2.0
• Updated org.apache.maven.plugins:maven-dependency-plugin:3.1.2 to 3.2.0
• Updated org.apache.maven.plugins:maven-enforcer-plugin:3.0.0-M3 to 3.0.0
• Updated org.jacoco:jacoco-maven-plugin:0.8.6 to 0.8.7

Removed `SQL_DIALECT` property

Summary

The SQL_DIALECT property used when executing a CREATE VIRTUAL SCHEMA from the Exasol database is obsolete from this version. Please, do not provide this property anymore.

In this release we updated the dependencies. By that we fixed transitive CVE-2021-36090.

Refactoring

• #103: Added error codes.

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:db-fundamentals-java:0.1.1 to 0.1.2
• Added com.exasol:error-reporting-java:0.4.0
• Updated com.exasol:exasol-jdbc:7.0.7 to 7.0.11
• Updated com.exasol:exasol-virtual-schema:4.0.0 to 5.0.3

Runtime Dependency Updates

• Updated org.jacoco:org.jacoco.agent:0.8.6 to 0.8.7

Test Dependency Updates

• Updated com.exasol:exasol-testcontainers:3.5.1 to 4.0.0
• Updated com.exasol:hamcrest-resultset-matcher:1.4.0 to 1.4.1
• Updated com.exasol:test-db-builder-java:3.1.0 to 3.2.0
• Updated com.exasol:udf-debugging-java:0.3.0 to 0.4.0
• Updated nl.jqno.equalsverifier:equalsverifier:3.5.4 to 3.7
• Updated org.junit.jupiter:junit-jupiter:5.7.1 to 5.7.2
• Updated org.mockito:mockito-junit-jupiter:3.8.0 to 3.11.2
• Updated org.slf4j:slf4j-jdk14:1.7.30 to 1.7.32
• Updated org.testcontainers:junit-jupiter:1.15.2 to 1.16.0

Plugin Dependency Updates

• Added com.exasol:error-code-crawler-maven-plugin:0.5.1
• Updated com.exasol:project-keeper-maven-plugin:0.4.2 to 0.10.0
• Added io.github.zlika:reproducible-build-maven-plugin:0.13
• Updated org.apache.maven.plugins:maven-jar-plugin:2.4 to 3.2.0

Role-security administration scripts security improvements

Features

• #31: Added more administration scripts for managing roles

Refactoring

• #63: Extracted code coverage from docker-based tests
• #92: Added constraints to RLS tables

Bugfixes

• #95: Fixed vulnerability in administration script
• #85: Proper name for count column in LIST_ALL_GROUPS

Documentation

• #55: Fixed the example in the tutorial
• #73: Add missing Maven Dependency Plugin dependency in the README.
• #79: Improved documentation of public role.
• #81: Explained the effect of NULL or empty value in tenant or role column.
• #82: Added explanation about the difference between database roles and RLS roles.
• #83: Moved section about installing the administration scripts before the section for administering roles.
• #84: Corrected documentation about group creation.

Runtime Dependency Updates

• Updated com.exasol:exasol-jdbc:7.0.3 to 7.0.7

Test Dependency Updates

• Added com.exasol:udf-debugging-java:0.3.0
• Updated com.exasol:exasol-testcontainers:3.3.1 to 3.5.1
• Updated com.exasol:hamcrest-resultset-matcher:1.2.2 to 1.4.0
• Updated com.exasol:test-db-builder-java:2.0.0 to 3.1.0
• Updated nl.jqno.equalsverifier:equalsverifier:3.5 to 3.5.4
• Updated org.junit.jupiter:junit-jupiter:5.7.0 to 5.7.1
• Updated org.mockito:mockito-junit-jupiter:3,6,28 to 3.8.0
• Updated org.junit.jupiter:junit-jupiter:5.7.0 to 5.7.1
• Updated org.mockito:mockito-junit-jupiter:1.15.0 to 1.15.2

Plugin Updates

• Updated com.exasol:project-keeper-maven-plugin:0.4.0 to 0.4.2

Fixed credentials exposure in EXA connection

Summary

Row Level Security is based on the exasol-virtual-schema and thus
inherited a credential exposure that has been fixed in Exasol VS 4.0.0 and is now fixed in RLS too.

If you used IMPORT FROM EXA in a previous version, you need to remove the old EXA_CONNECTION_STRING property,
create a named connection definition of type EXA with CREATE CONNECTION and provide the name of that definition in the
new EXA_CONNECTION property.

The old variant is intentionally not supported anymore to tighten security.

Refactoring

• #6: Updated to the latest version of Exasol dialect containing a security update.

Runtime Dependency updates

• Updated com.exasol:exasol-virtual-schema:3.1.0 to 4.0.0

Test Dependency updates

• Added org.jacoco:org.jacoco.agent:0.8.6
• Updated com.exasol:hamcrest-resultset-matcher:1.2.1 to 1.2.2
• Updated org.mockito:mockito-junit-jupiter:3.6.0 to 3.6.28

Plugin Updates

• Added com.exasol:project-keeper-plugin:0.4.0
• Added org.apache.maven.plugins:maven-dependency-plugin:3.1.2

Security Update

Summary

Classification: High

Please update your adapters as soon as possible!

This release fixes several SQL injection vulnerabilities on the remote database of the virtual schema.
The local Exasol database defining the virtual schema is not affected.

Refactoring

• #67: Updated to the latest version of Exasol dialect containing a security update.

Dependency updates

• Added org.junit.jupiter:junit-jupiter:5.7.0
• Updated com.exasol:exasol-jdbc:6.2.5 to version 7.0.3
• Updated com.exasol:hamcrest-resultset-matcher:1.2.0 to version 1.2.1
• Updated org.mockito:mockito-junit-jupiter:3.3.3 to version 3.6.0
• Updated org.testcontainers:junit-jupiter:1.14.3 to version 1.15.0
• Updated com.exasol:exasol-virtual-schema:3.0.2 to version 3.1.0
• Updated com.exasol:exasol-testcontainers:2.0.3 to version 3.3.1
• Updated com.exasol:test-db-builder-java:1.0.1 to version 2.0.0
• Updated nl.jqno.equalsverifier:equalsverifier:3.4.1 to version 3.5
• Updated org.codehaus.mojo:versions-maven-plugin:2.7 to version 2.8.1
• Updated org.jacoco:jacoco-maven-plugin:0.8.5 to version 0.8.6
• Removed org.junit.jupiter:junit-jupiter-engine
• Removed org.junit.jupiter:junit-jupiter-params
• Removed org.junit.platform:junit-platform-runner