ScalarDB 3.8 Release Notes
This page includes a list of release notes for ScalarDB 3.8.
v3.8.7
Release date: June 28, 2024
Summary
This release includes several improvements, bug fixes, and vulnerability fixes.
Improvements
- Changed the hard-coded password for the Oracle user to a more secure one in the JDBC adapter. (#1765)
- Update base image of container image. This update fixes an OOM issue on a Kubernetes with cgroup v2 environment. In the previous versions, if you use a Kubernetes cluster with cgroup v2, you might face an OOM-killed issue. (#1826)
Bug fixes
- Fixed a bug where
NullPointerExceptionoccurs during theEXTRA_READvalidation when scanning records in a transaction, but some of them are deleted by other transactions. (#1624) - Upgraded
grpc_health_probeto fix security issues. CVE-2024-24790, CVE-2023-45283, and CVE-2023-45288 (#1980)
v3.8.6
Release date: April 1, 2024
Summary
This release includes several improvements.
v3.8.5
Release date: February 26, 2024
Summary
This release has several vulnerability fixes.
Bug fixes
- Upgraded the base image to fix security issues. CVE-2023-47038 (#1522 #1521)
- Upgraded the PostgresSQL lib to fix security issues. CVE-2024-1597 (#1547)
v3.8.4
Release date: December 25, 2023
Summary
This release has several bug fixes, vulnerability fixes, and document improvements.
Change logs
Bug fixes
- Upgraded the base image to fix security issues. CVE-2023-4911 CVE-2023-29491 (#1143 #1144)
- Upgraded the jetty library to 9.4.53.v20231009 to fix security issue. CVE-2023-36478 (#1142)
- Upgraded grpc-health-probe to fix security issues. CVE-2023-39325 GHSA-m425-mq94-257g (#1297)
- Upgraded the Cosmos DB client lib to fix security issues. CVE-2023-34062 (#1348)
v3.8.3
Release date: August 7, 2023
Summary
This release has several bug fixes and vulnerability fixes.
Change logs
Bug fixes
- Avoid decrementing outstanding requests counter duplicately (#935)
- Fix CVE-2023-1428 and CVE-2023-32731 (#943)
- Fix CVE-2023-2976 (#954)
v3.8.2
Release date: July 3, 2023
Summary
This release has several small improvements and vulnerability fixes.
Change logs
Improvements
- Bump com.scalar-labs:scalar-admin from 2.1.0 to 2.1.1 (#910)
- Improve some
toStringexpressions of Selection Operators (#920)
Bug fixes
- Bump scalar-labs/jre8 from 1.1.12 to 1.1.13 in /server (#881)
- Bump scalar-labs/jre8 from 1.1.12 to 1.1.13 in /schema-loader (#882)
- Bump scalar-labs/jre8 from 1.1.13 to 1.1.14 in /schema-loader (#903)
- Bump scalar-labs/jre8 from 1.1.13 to 1.1.14 in /server (#902)
- Should call abort() when aborting transaction in transaction wrapper classes (#919)
Documentation
- Change HTML syntax to Markdown for images (3.8) (#878)
v3.8.1
Release date: April 28, 2023
Summary
This release has several vulnerability fixes.
Change logs
Bug fixes
- Fix CVE-2023-0361 and CVE-2022-41723 (#834)
- Fix CVE-2022-41721 (#808)
- Fix CVE-2023-0286 (#821)
v3.8.0
Release date: January 17, 2023
Summary
This release has a lot of enhancements, improvements, bug fixes, vulnerability fixes, and document improvements. Please see Change logs for the details.
Change logs
Enhancements
- Remove suspend() from TwoPhaseCommitTransactionManager (#715)
- Update release workflow to push container to ECR of Marketplace (#699)
- Add resume() to DistributedTransactionManager (#717)
- Add several methods to ActiveExpiringMap (#722)
- Allow to use placeholders in configuration values (#770)
- Add configurations for gRPC (#776)
Improvements
- Refactor server integration tests (#663)
- Use toUpperCase() for valueOf() of enum type (#666)
- Use ServiceLoader to load storage and transaction modules (#661)
- Improve error messages in OperationChecker (#667)
- Add logging for UnknownTransactionStatusException in Scalar DB Server (#669)
- Refactor JdbcAdminTest (#670)
- Refactor CosmosAdminTest (#671)
- Rename endpoint override config in Dynamo (#672)
- Enable EI_EXPOSE_REP and EI_EXPOSE_REP2 in SpotBugs (#668)
- Enable parallel/async commit by default (#676)
- Add more checks for conditions for Dynamo and Cosmos (#675)
- Refactor schema loader integration tests (#673)
- Delete setDriver() for BasicDataSource in JDBC (#682)
- Use DistributedTransactionAdmin for transaction tables in SchemaOperator (#684)
- Delete licenses (#686)
- Suppress exception thrown when deleting scalable target and scaling policy when using DynamoDB local. (#683)
- Upgrade Spotless Gradle Plugin (#694)
- Fix typo in admin integration test classes (#695)
- Move integration test base code to subproject (#697)
- Refactor ServiceLoader related classes (#698)
- Make the ConsensusCommitAdmin only return transaction table (#702)
- Add external Scalar DB property file support to getting-started application (#701)
- Refactor ConsensusCommitAdmin unit test (#704)
- In the Cosmos DB job of the CI, add a step to clean up gradle daemon logs file (#705)
- Disable include metadata tests if external server used in server integration tests (#711)
- Refactor consensus commit specific integration tests (#713)
- Refactor two-phase commit transaction integration tests (#712)
- Small integration test modifications for the resume feature (#724)
- Should throw IllegalStateException when transaction is not found and already exists (#718)
- Add transaction state management (#719)
- Separate active transaction management from AbstractDistributedTransactionManager and AbstractTwoPhaseCommitTransactionManager (#723)
- Fix dependency and spotbugs issues for >JDK 8 (#728)
- Fix two unit tests of OperationChecker (#731)
- Throw an exception when putting an empty value to a secondary index column in Dynamo DB (#729)
- Make JDK11+ use the same google java format version as JDK8 uses (#734)
- Make ParallelExecutor workers daemon thread (#733)
- Move vuln check to a separate daily workflow (#737)
- Conduct daily vulnerability checks on releases not only on
mainbranch (#741) - Should drop namespace only when no tables are in the namespace in Schema Loader (#740)
- Move common classes (#744)
- Throw TransactionNotFoundException when resuming a transaction but it's not found (#746)
- Post the vulnerability check result to Slack channel (#745)
- Deprecate getPartitionKey() and getClusteringKey() of Result (#750)
- Remove usages of getPartitionKey() and getClusteringKey() of Result from integration tests (#751)
- Validate contact points size in XxxxConfig to avoid "java.lang.ArrayIndexOutOfBoundsException: 0" (#752)
- Make integration test bases for transaction extendable (#754)
- Refactor server integration tests (#755)
- Small modifications for Javadoc and comments (#756)
- Should close admin in afterEach() in the repair integration tests (#767)
- build(fix): bump-up protobufVersion to 3.21.12 (latest) (#760)
- Refactor prepare logic (#771)
- Update Scheduled Vulnerability Check workflow (#749)
- Refactor validation logic (#775)
- Add transaction decorator (#781)
- Revisit commit and abort state logic (#783)
- Should synchronize in active transaction management (#785)
- Allow commit() and rollback() to be called in parallel in all coordinator/participant processes in 2PC transactions (#786)
- Load admins lazily in Schema Loader (#792)
- Rename Scalar DB to ScalarDB (#795)
- DynamoDB supports up to 100 actions per transaction (#796)
- Revert async commit default value (#797)
Bug fixes
- Should support
--config=and-c=styles for configuration file option in Schema Loader (#690) - Fix CVE-2021-3999, CVE-2022-1586 and CVE-2022-1587 (#700)
- Commit/rollback records should always be done for all records even on error (#680)
- Should use partition key and clustering key from result in recovery (#681)
- Fix typo in integration-test/archive.gradle (#706)
- Fix CVE-2022-27664 (#716)
- Should check the value range of BigIntColumn (#720)
- Fix CVE-2022-32149 (#727)
- Fix CVE-2022-42003 and CVE-2022-42004 (#726)
- Fix dependency errors for Maven projects (#735)
- Fix typos in exception messages (#714)
- Update protobuf and grpc to fix CVE-2022-3171 (#738)
- Fix CVE-2022-40151 and CVE-2022-40152 (#743)
- Upgrade docker image version to fix CVE-2021-46848 (#766)
- Fix CVE-2022-21363 and CVE-2021-2471 (#773)
- Fix CVE-2022-41946 (#774)
- fix: DynamoAdmin.namespaceExists to check full namespace (not prefix) (#782)
- Should care about ScanWithIndex in ScalarDbUtils.copyAndSetTargetToIfNot() (#793)
- Fix CVE-2022-42898 (#794)
Documentation
- Remove readthedocs (#664)
- Move Schema Loader document to docs directory (#665)
- Fix Javadoc warnings (#685)
- Update the Scalar DB supported database matrix with Scalar DB 3.7 (#703)
- Add description of limitations of data types (#721)
- Fix the broken link in the backup document (#725)
- Remove unnecessary key definition from API guide (#742)
- Add note for Put/Delete operation in the API guide (#747)
- Add ScalarDB Server's license description in the README (#753)
- docs: Clearer description on when to use online backups (#761)
- Add description how to build docker image of ScalarDB Server (#779)
- Update slides links (#789)