2.1.0 Configure column names for automatic mapping inference

This release allows configuring the mapping of column names for the automatic mapping inference in Parquet and CSV files. Before, the virtual schema always converted source column names to UPPER_SNAKE_CASE to create the Exasol column names. This is now configurable with EDML property autoInferenceColumnNames. This property supports the following values:

• CONVERT_TO_UPPER_SNAKE_CASE: Convert column names to UPPER_SNAKE_CASE (default).
• KEEP_ORIGINAL_NAME: Do not convert column names, use column name from source.

See the EDML user guide for details.

Features

• #58: Added option to keep original column name for auto inference

Dependency Updates

Compile Dependency Updates

• Updated com.azure:azure-storage-blob:12.25.3 to 12.26.1
• Updated com.exasol:virtual-schema-common-document-files:8.0.4 to 8.1.0
• Updated org.slf4j:slf4j-jdk14:2.0.12 to 2.0.13

Runtime Dependency Updates

• Removed com.azure:azure-core-http-netty:1.14.2

Test Dependency Updates

• Updated com.exasol:exasol-test-setup-abstraction-java:2.1.2 to 2.1.4
• Updated com.exasol:virtual-schema-common-document-files:8.0.4 to 8.1.0
• Updated org.mockito:mockito-core:5.11.0 to 5.12.0
• Updated org.testcontainers:junit-jupiter:1.19.7 to 1.19.8

Plugin Dependency Updates

• Updated com.exasol:project-keeper-maven-plugin:4.3.2 to 4.3.3

2.0.5 Security update - fix for CVE-2024-36114

Fixed CVE-2024-36114 GHSA-973x-65j7-xcf4.

Security

• #56: CVE-2024-36114: io.airlift:aircompressor:jar:0.21:compile

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:virtual-schema-common-document-files:8.0.3 to 8.0.4

Test Dependency Updates

• Updated com.exasol:virtual-schema-common-document-files:8.0.3 to 8.0.4
• Updated org.jacoco:org.jacoco.agent:0.8.11 to 0.8.12

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:2.0.2 to 2.0.3
• Updated com.exasol:project-keeper-maven-plugin:4.3.0 to 4.3.2
• Updated org.apache.maven.plugins:maven-enforcer-plugin:3.4.1 to 3.5.0
• Updated org.apache.maven.plugins:maven-jar-plugin:3.3.0 to 3.4.1
• Updated org.apache.maven.plugins:maven-toolchains-plugin:3.1.0 to 3.2.0
• Updated org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922 to 4.0.0.4121

2.0.4 Verify storage generation in integration tests

This release adds an integration test that verifies, that "Data Lake Gen2 upgrade" is not enabled for the Azure storage account.

Dependency Updates

Test Dependency Updates

• Updated com.exasol:udf-debugging-java:0.6.12 to 0.6.13

2.0.3 Fix CVE-2024-29025, CVE-2024-29133 & CVE-2024-29131 in dependencies

This release fixed vulnerabilities CVE-2024-29025, CVE-2024-29133 & CVE-2024-29131 in dependencies.

Security

• #52: Fixed CVE-2024-29025 in io.netty:netty-codec-http:jar:4.1.101.Final:test
• #51: Fixed CVE-2024-29133 in org.apache.commons:commons-configuration2:jar:2.8.0:compile
• #50: Fixed CVE-2024-29131 in org.apache.commons:commons-configuration2:jar:2.8.0:compile

Dependency Updates

Compile Dependency Updates

• Updated com.azure:azure-storage-blob:12.25.2 to 12.25.3
• Updated com.exasol:virtual-schema-common-document-files:8.0.2 to 8.0.3

Runtime Dependency Updates

• Added com.azure:azure-core-http-netty:1.14.2

Test Dependency Updates

• Updated com.exasol:exasol-test-setup-abstraction-java:2.1.1 to 2.1.2
• Updated com.exasol:virtual-schema-common-document-files:8.0.2 to 8.0.3

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:2.0.1 to 2.0.2
• Updated com.exasol:project-keeper-maven-plugin:4.2.0 to 4.3.0
• Updated org.apache.maven.plugins:maven-assembly-plugin:3.6.0 to 3.7.1
• Updated org.apache.maven.plugins:maven-compiler-plugin:3.12.1 to 3.13.0
• Updated org.jacoco:jacoco-maven-plugin:0.8.11 to 0.8.12
• Updated org.sonarsource.scanner.maven:sonar-maven-plugin:3.10.0.2594 to 3.11.0.3922

2.0.2: Fix performance tests

This release fixes running the performance regression tests.

2.0.1: Fix vulnerabilities CVE-2023-52428, CVE-2024-26308 and CVE-2024-25710 in compile dependencies

This release vulnerabilities in the following compile dependencies:

• com.nimbusds:nimbus-jose-jwt:jar:9.8.1:compile:
  • CVE-2023-52428
• org.apache.commons:commons-compress:jar:1.24.0:compile:
  • CVE-2024-26308
  • CVE-2024-25710

Excluded Vulnerability We accept vulnerability CVE-2017-10355 (CWE-833: Deadlock) in test dependency xerces:xercesImpl:jar:2.12.2 as we assume that we only connect to the known endpoint ExaOperations.

Security

• #45: Fixed CVE-2023-52428 in com.nimbusds:nimbus-jose-jwt:jar:9.8.1:compile
• #46: Fixed CVE-2024-25710 in org.apache.commons:commons-compress:jar:1.24.0:compile
• #47: Fixed CVE-2024-26308 in org.apache.commons:commons-compress:jar:1.24.0:compile

Dependency Updates

Compile Dependency Updates

• Updated com.azure:azure-storage-blob:12.25.1 to 12.25.2
• Updated com.exasol:virtual-schema-common-document-files:8.0.0 to 8.0.2
• Updated org.slf4j:slf4j-jdk14:2.0.9 to 2.0.12

Test Dependency Updates

• Updated com.exasol:exasol-test-setup-abstraction-java:2.1.0 to 2.1.1
• Updated com.exasol:hamcrest-resultset-matcher:1.6.3 to 1.6.5
• Updated com.exasol:test-db-builder-java:3.5.3 to 3.5.4
• Updated com.exasol:udf-debugging-java:0.6.11 to 0.6.12
• Updated com.exasol:virtual-schema-common-document-files:8.0.0 to 8.0.2
• Updated org.junit.jupiter:junit-jupiter-params:5.10.1 to 5.10.2
• Updated org.mockito:mockito-core:5.8.0 to 5.11.0
• Updated org.testcontainers:junit-jupiter:1.19.3 to 1.19.7

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:1.3.1 to 2.0.1
• Updated com.exasol:project-keeper-maven-plugin:2.9.17 to 4.2.0
• Updated org.apache.maven.plugins:maven-compiler-plugin:3.11.0 to 3.12.1
• Updated org.apache.maven.plugins:maven-failsafe-plugin:3.2.2 to 3.2.5
• Updated org.apache.maven.plugins:maven-surefire-plugin:3.2.2 to 3.2.5
• Added org.apache.maven.plugins:maven-toolchains-plugin:3.1.0
• Updated org.codehaus.mojo:flatten-maven-plugin:1.5.0 to 1.6.0

2.0.0: Support Exasol 8

Summary

This release adds support for Exasol 8. This brings the following changes:

Remove support for TIMESTAMP WITH LOCAL TIME ZONE

This release removes support for data type TIMESTAMP WITH LOCAL TIME ZONE. This type caused problems with the stricter type checks enabled by default in Exasol 8, causing pushdown queries for document based virtual schemas to fail with the following error:

Data type mismatch in column number 5 (1-indexed).Expected TIMESTAMP(3) WITH LOCAL TIME ZONE, but got TIMESTAMP(3).

We fixed this error by removing support TIMESTAMP WITH LOCAL TIME ZONE completely.

Support ALTER VIRTUAL SCHEMA SET

This release adds support for ALTER VIRTUAL SCHEMA SET. This will allow changing properties like MAPPING of a virtual schema without dropping and re-creating it:

-- Update EDML mapping of the virtual schema
ALTER VIRTUAL SCHEMA MY_VIRTUAL_SCHEMA SET MAPPING = '...';

-- Enable remote logging or change the log level
ALTER VIRTUAL SCHEMA MY_VIRTUAL_SCHEMA SET DEBUG_ADDRESS = 'host:3000' LOG_LEVEL = 'FINEST';
ALTER VIRTUAL SCHEMA MY_VIRTUAL_SCHEMA SET LOG_LEVEL = 'INFO';

See the documentation for ALTER SCHEMA for details.

Features

• #40: Added support for Exasol 8

Dependency Updates

Compile Dependency Updates

• Updated com.azure:azure-storage-blob:12.25.0 to 12.25.1
• Updated com.exasol:virtual-schema-common-document-files:7.3.6 to 8.0.0
• Removed io.projectreactor.netty:reactor-netty-http:1.0.39

Test Dependency Updates

• Updated com.exasol:test-db-builder-java:3.5.2 to 3.5.3
• Updated com.exasol:virtual-schema-common-document-files:7.3.6 to 8.0.0
• Updated org.mockito:mockito-core:5.7.0 to 5.8.0

Plugin Dependency Updates

• Updated com.exasol:project-keeper-maven-plugin:2.9.16 to 2.9.17
• Updated org.codehaus.mojo:versions-maven-plugin:2.16.1 to 2.16.2

1.3.5: Fix CVE-2023-34062 in `io.projectreactor.netty:reactor-netty-http`

Summary

This release fixes CVE-2023-34062 (CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (7.5)) in compile dependency io.projectreactor.netty:reactor-netty-http.

Security

• #42: Fix CVE-2023-34062 in io.projectreactor.netty:reactor-netty-http

Dependency Updates

Compile Dependency Updates

• Updated com.azure:azure-storage-blob:12.24.0 to 12.25.0
• Updated com.exasol:virtual-schema-common-document-files:7.3.5 to 7.3.6
• Added io.projectreactor.netty:reactor-netty-http:1.0.39

Test Dependency Updates

• Updated com.exasol:exasol-test-setup-abstraction-java:2.0.4 to 2.1.0
• Updated com.exasol:hamcrest-resultset-matcher:1.6.1 to 1.6.3
• Updated com.exasol:test-db-builder-java:3.5.1 to 3.5.2
• Updated com.exasol:virtual-schema-common-document-files:7.3.5 to 7.3.6
• Updated org.junit.jupiter:junit-jupiter-params:5.10.0 to 5.10.1
• Updated org.mockito:mockito-core:5.6.0 to 5.7.0
• Updated org.testcontainers:junit-jupiter:1.19.1 to 1.19.3

Plugin Dependency Updates

• Updated com.exasol:project-keeper-maven-plugin:2.9.14 to 2.9.16
• Updated org.apache.maven.plugins:maven-dependency-plugin:3.6.0 to 3.6.1
• Updated org.apache.maven.plugins:maven-failsafe-plugin:3.1.2 to 3.2.2
• Updated org.apache.maven.plugins:maven-surefire-plugin:3.1.2 to 3.2.2

1.3.4: Fix CVE-2023-39410 in `org.apache.avro:avro`

Summary

This release fixes CVE-2023-39410 in compile dependency org.apache.avro:avro.

The release also upgrades to virtual-schema-common-document-files 7.3.6. This new version validates that the given EDML mapping uses unique values for each destinationTable entry as duplicate values led to unexpected behavior.

Security

• #38: Fixed CVE-2023-39410 in org.apache.avro:avro

Dependency Updates

Compile Dependency Updates

• Updated com.exasol:virtual-schema-common-document-files:7.3.4 to 7.3.5

Test Dependency Updates

• Updated com.exasol:virtual-schema-common-document-files:7.3.4 to 7.3.5
• Updated org.jacoco:org.jacoco.agent:0.8.10 to 0.8.11
• Updated org.mockito:mockito-core:5.5.0 to 5.6.0
• Updated org.testcontainers:junit-jupiter:1.19.0 to 1.19.1

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:1.3.0 to 1.3.1
• Updated com.exasol:project-keeper-maven-plugin:2.9.12 to 2.9.14
• Updated org.apache.maven.plugins:maven-enforcer-plugin:3.4.0 to 3.4.1
• Updated org.codehaus.mojo:versions-maven-plugin:2.16.0 to 2.16.1
• Updated org.jacoco:jacoco-maven-plugin:0.8.10 to 0.8.11
• Updated org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184 to 3.10.0.2594

1.3.3: Fix vulnerabilities in dependencies

Summary

This release fixes the following vulnerabilities in dependencies:

• org.apache.commons:commons-compress:compile: CVE-2023-42503 CWE-20: Improper Input Validation (5.5)
• org.xerial.snappy:snappy-java:compile: CVE-2023-43642 CWE-770: Allocation of Resources Without Limits or Throttling (7.5)
• org.eclipse.jgit:org.eclipse.jgit:test: CVE-2023-4759: CWE-178: Improper Handling of Case Sensitivity (8.8)

Known issue: Transitive dependency io.netty:netty-handler of com.azure:azure-storage-blob contains vulnerability CVE-2023-4586 (CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle') (6.5)). We assume that the Azure client's usage of netty-handler is not affected by the vulnerability.

Security

• #36: Fix vulnerabilities in dependencies

Dependency Updates

Compile Dependency Updates

• Updated com.azure:azure-storage-blob:12.22.3 to 12.24.0
• Updated com.exasol:virtual-schema-common-document-files:7.3.3 to 7.3.4
• Updated org.slf4j:slf4j-jdk14:2.0.7 to 2.0.9

Test Dependency Updates

• Updated com.exasol:exasol-test-setup-abstraction-java:2.0.2 to 2.0.4
• Updated com.exasol:hamcrest-resultset-matcher:1.6.0 to 1.6.1
• Updated com.exasol:performance-test-recorder-java:0.1.2 to 0.1.3
• Updated com.exasol:test-db-builder-java:3.4.2 to 3.5.1
• Updated com.exasol:udf-debugging-java:0.6.8 to 0.6.11
• Updated com.exasol:virtual-schema-common-document-files:7.3.3 to 7.3.4
• Updated org.jacoco:org.jacoco.agent:0.8.9 to 0.8.10
• Updated org.junit.jupiter:junit-jupiter-params:5.9.3 to 5.10.0
• Updated org.mockito:mockito-core:5.4.0 to 5.5.0
• Updated org.testcontainers:junit-jupiter:1.18.3 to 1.19.0

Plugin Dependency Updates

• Updated com.exasol:error-code-crawler-maven-plugin:1.2.3 to 1.3.0
• Updated com.exasol:project-keeper-maven-plugin:2.9.7 to 2.9.12
• Updated org.apache.maven.plugins:maven-assembly-plugin:3.5.0 to 3.6.0
• Updated org.apache.maven.plugins:maven-dependency-plugin:3.5.0 to 3.6.0
• Updated org.apache.maven.plugins:maven-enforcer-plugin:3.3.0 to 3.4.0
• Updated org.apache.maven.plugins:maven-failsafe-plugin:3.0.0 to 3.1.2
• Updated org.apache.maven.plugins:maven-surefire-plugin:3.0.0 to 3.1.2
• Updated org.basepom.maven:duplicate-finder-maven-plugin:1.5.1 to 2.0.1
• Updated org.codehaus.mojo:flatten-maven-plugin:1.4.1 to 1.5.0
• Updated org.codehaus.mojo:versions-maven-plugin:2.15.0 to 2.16.0
• Updated org.jacoco:jacoco-maven-plugin:0.8.9 to 0.8.10