Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency org.postgresql:postgresql to v42.7.3 #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency org.postgresql:postgresql to v42.7.3 #9

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 26, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.postgresql:postgresql (source) 42.2.6 -> 42.7.3 age adoption passing confidence

Release Notes

pgjdbc/pgjdbc (org.postgresql:postgresql)

v42.7.3

Changed
Fixed
  • fix: boolean types not handled in SimpleQuery mode PR #​3146
    • make sure we handle boolean types in simple query mode
    • support uuid as well
    • handle all well known types in text mode and change else if to switch
  • fix: released new versions of 42.2.29, 42.3.10, 42.4.5, 42.5.6, 42.6.2 to deal with NoSuchMethodError on ByteBuffer#position when running on Java 8

v42.7.2

Security
  • security: SQL Injection via line comment generation, it is possible in SimpleQuery mode to generate a line comment by having a placeholder for a numeric with a -
    such as -?. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment.
    This has been fixed in this version fixes CVE-2024-1597. Reported by Paul Gerste. See the security advisory for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds.
Changed
  • fix: Use simple query for isValid. Using Extended query sends two messages checkConnectionQuery was never ever set or used, removed PR #​3101
  • perf: Avoid autoboxing bind indexes by @​bokken in PR #​1244
  • refactor: Document that encodePassword will zero out the password array, and remove driver's default encodePassword by @​vlsi in PR #​3084
Added
  • feat: Add PasswordUtil for encrypting passwords client side PR #​3082

v42.7.1

Changed
  • perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing PR #​3044
Fixed

v42.7.0

Changed
  • fix: Deprecate for removal PGPoint.setLocation(java.awt.Point) to cut dependency to java.desktop module. PR #​2967
  • feat: return all catalogs for getCatalogs metadata query closes ISSUE #​2949 PR #​2953
  • feat: support SET statements combining with other queries with semicolon in PreparedStatement PR ##​2973
Fixed
  • chore: add styleCheck Gradle task to report style violations PR #​2980
  • fix: Include currentXid in "Error rolling back prepared transaction" exception message PR #​2978
  • fix: add varbit as a basic type inside the TypeInfoCache PR #​2960
  • fix: Fix failing tests for version 16. PR #​2962
  • fix: allow setting arrays with ANSI type name PR #​2952
  • feat: Use KeepAlive to confirm LSNs PR #​2941
  • fix: put double ' around log parameter PR #​2936 fixes ISSUE #​2935
  • fix: Fix Issue #​2928 number of ports not equal to number of servers in datasource PR #​2929
  • fix: Use canonical DateStyle name (#​2925) fixes pgbouncer issue
  • fix: Method getFastLong should be able to parse all longs PR #​2881
  • docs: Fix typos in info.html PR #​2860
  • fix: Return correct default from PgDatabaseMetaData.getDefaultTransactionIsolation PR #​2992 fixes Issue #​2991
  • test: fix assertion in RefCursorFetchTestultFetchSize rows
  • test: use try-with-resources in LogicalReplicationStatusTest

v42.6.0

Changed

  • fix: use PhantomReferences instead of Obejct.finalize() to track Connection leaks PR #​2847

    The change replaces all uses of Object.finalize with PhantomReferences.
    The leaked resources (Connections) are tracked in a helper thread that is active as long as
    there are connections in use. By default, the thread keeps running for 30 seconds after all
    the connections are released. The timeout is set with pgjdbc.config.cleanup.thread.ttl system property.

  • refactor:(loom) replace the usages of synchronized with ReentrantLock PR #​2635
    Fixes Issue #​1951

v42.5.4

Fixed

fix: fix testGetSQLTypeQueryCache by searching for xid type. We used to search for box type but it is now cached. xid is not cached, this nuance is required for the test.
fix OidValueCorrectnessTest BOX_ARRAY OID, by adding BOX_ARRAY to the oidTypeName map [PR #​2810](https://github.com/pgjdbc/pgjdbc/pull/28100).
fixes Issue #​2804.
fix: Make sure that github CI runs tests on all(https://togithub.com/pgjdbc/pgjdbc/pull/2809)dbc/pgjdbc/pull/2809\)).

v42.5.3

Fixed

fix: Add box to TypeInfoCache, fixes Issue #​2746 PR #​2747
fix: regression in PgResultSet LONG_MIN copy and paste error fixes Issue #​2748 PR#2749

v42.5.2

Changed

regression: This release has 2 known regressions which make it unusable see the notes above. We advise people to use 42.5.3 instead.
docs: specify that timeouts are in seconds and there is a maximum. Housekeeping on some tests fixes #Issue 2671 PR #​2686
docs: clarify binaryTransfer and add it to README PR# 2698
docs: Document the need to encode reserved characters in the connection URL PR #​2700
feat: Define binary transfer for custom types dynamically/automatically fixes Issue #​2554 PR #​2556

Added

fix: added gssResponseTimeout as part of PR #​2687 to make sure we don't wait forever on a GSS RESPONSE

Fixed

fix: Ensure case of XML tags in Maven snippet is correct PR #​2682
fix: Make sure socket is closed if an exception is thrown in createSocket fixes Issue #​2684 PR #​2685
fix: Apply patch from Issue #​2683 to fix hanging ssl connections PR #​2687
fix - binary conversion of (very) long numeric values (longer than 4 * 2^15 digits) PR #​2697 fixes Issue #​2695
minor: enhance readability connection of startup params PR #​2705

v42.5.1

Security
  • security: StreamWrapper spills to disk if setText, or setBytea sends very large Strings or arrays to the server. createTempFile creates a file which can be read by other users on unix like systems (Not macos).
    This has been fixed in this version fixes CVE-2022-41946 see the security advisory for more details. Reported by Jonathan Leitschuh This has been fixed in versions 42.5.1, 42.4.3 42.3.8, 42.2.27.jre7. Note there is no fix for 42.2.26.jre6. See the security advisory for work arounds.
Fixed
  • fix: make sure we select array_in from pg_catalog to avoid duplicate array_in functions fixes #Issue 2548 PR #​2552
  • fix: binary decoding of bool values PR #​2640
  • perf: improve performance of PgResultSet getByte/getShort/getInt/getLong for float-typed columns PR #​2634
  • chore: fix various spelling errors PR #​2592
  • chore: Feature/urlparser improve URLParser PR #​2641

v42.5.0

Changed

v42.4.2

Changed
Added
Fixed
  • fix: regression with GSS. Changes introduced to support building with Java 17 caused failures Issue #​2588
  • fix: set a timeout to get the return from requesting SSL upgrade. PR #​2572
  • feat: synchronize statement executions (e.g. avoid deadlock when Connection.isValid is executed from concurrent threads)

v42.4.1

Security
  • fix: CVE-2022-31197 Fixes SQL generated in PgResultSet.refresh() to escape column identifiers so as to prevent SQL injection.
    • Previously, the column names for both key and data columns in the table were copied as-is into the generated
      SQL. This allowed a malicious table with column names that include statement terminator to be parsed and
      executed as multiple separate commands.
    • Also adds a new test class ResultSetRefreshTest to verify this change.
    • Reported by Sho Kato
Changed
  • chore: skip publishing pgjdbc-osgi-test to Central
  • chore: bump Gradle to 7.5
  • test: update JUnit to 5.8.2
Added
  • chore: added Gradle Wrapper Validation for verifying gradle-wrapper.jar
  • chore: added "permissions: contents: read" for GitHub Actions to avoid unintentional modifications by the CI
  • chore: support building pgjdbc with Java 17
  • feat: synchronize statement executions (e.g. avoid deadlock when Connection.isValid is executed from concurrent threads)

v42.4.0

Changed
  • fix: added GROUP_STARTUP_PARAMETERS boolean property to determine whether or not to group
    startup parameters in a transaction (default=false like 42.2.x) fixes Issue #​2425
    pgbouncer cannot deal with transactions in statement pooling mode PR #​2425
Fixed
  • fix: queries with up to 65535 (inclusive) parameters are supported now (previous limit was 32767)
    PR #​2525, Issue #​1311
  • fix: workaround JarIndex parsing issue by using groupId/artifactId-version directory namings.
    Regression since 42.2.13. PR #​2531, issue #​2527
  • fix: use Locale.ROOT for toUpperCase() toLowerCase() calls
  • doc: add Vladimir Sitnikov's PGP key
  • fix: return correct base type for domain from getUDTs PR #​2520 Issue #​2522
  • perf: utcTz static and renamed to UTC_TIMEZONE PR #​2519
  • doc: fix release version for #​2377 (it should be 42.3.6, not 42.3.5)

v42.3.6

Changed
Added
Fixed
  • fix: close refcursors when underlying cursor==null instead of relying on defaultRowFetchSize PR #​2377

v42.3.5

Changed
  • test: polish TimestampUtilsTest
  • chore: use GitHub Action concurrency feature to terminate CI jobs on fast PR pushes
Added
  • Added KEYS file to allow for verifying artifacts PR 2499
Fixed
  • perf: enable tcpNoDelay by default PR 2495.
    This is a regression from 42.2.x versions where tcpNoDelay defaulted to true
  • docs: fix readme.md after PR 2495 PR 2496
  • feat: targetServerType=preferPrimary connection parameter PR 2483
  • fix: revert removal of toOffsetDateTime(String timestamp) fixes Issue #​2497 PR 2501

v42.3.4

Changed
  • fix: change name of build cache PR 2471
  • feat: add support for ResultSet#getObject(OffsetTime.class) and PreparedStatement#setObject(OffsetTime.class) PR 2467
  • fix: Use non-synchronized getTimeZone in TimestampUtils PR 2451
  • docs: Fix CHANGELOG.md misformatted markdown headings PR 2461
  • docs: remove loggerLevel and loggerFile from docs and issues PR 2489
  • feat: use direct wire format -> LocalDate conversion without resorting to java.util.Date, java.util.Calendar,
    and default timezones PR 2464 fixes Issue #​2221
Added
Fixed
  • docs: Update testing documentation PR 2446
  • fix: Throw an exception if the driver cannot parse the URL instead of returning NULL fixes Issue #​2421 PR 2441
  • fix: Use PGProperty instead of the property names directly PR 2444
  • docs: update changelog, missing links at bottom and formatting PR 2460
  • fix: Remove isDeprecated from PGProperty. It was originally intended to help produce automated docs. Fixes Issue #​2479 PR 2480
  • fix: change PGInterval parseISO8601Format to support fractional second PR 2457
  • fix: GSS login to use TGT from keytab fixes Issue #​2469 PR 2470
  • fix: More test and fix for issues discovered by PR #​2476 PR #​2488

v42.3.3

Changed
  • fix: Removed loggerFile and loggerLevel configuration. While the properties still exist.
    They can no longer be used to configure the driver logging. Instead use java.util.logging
    configuration mechanisms such as logging.properties.
Added
Fixed

v42.3.2

Security
  • CVE-2022-21724 pgjdbc instantiates plugin instances based on class names provided via authenticationPluginClassName,
    sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback connection properties.
    However, the driver did not verify if the class implements the expected interface before instantiating the class. This
    would allow a malicious class to be instantiated that could execute arbitrary code from the JVM. Fixed in commit
Changed
  • perf: read in_hot_standby GUC on connection PR #​2334
  • test: materialized view privileges PR #​2209 fixes Issue #​2060
  • docs: add info about convenience maven project PR #​2407
  • docs: Document timezone reversal from POSIX to ISO PR #​2413
  • fix: we will ask the server if it supports GSS Encryption if gssEncryption
    is prefer or require PR #​2396 remove the need to have a ticket in the cache before asking the server if gss encryptions are supported
  • docs: remove Java 6 and 7 references from contributing PR #​2385
  • style: remove Java 8 / JDBC 4.2 checks PR #​2383 Remove all remaining checks whether the source is lower than Java 8
    or JDBC 4.2.
  • fix: throw SQLException for #getBoolean BIT(>1) PR #​2386 Throw SQLException instead of ClassCastException when calling
    CallableStatement#getBoolean(int) on BIT(>1).
  • style: import java.time types in more classes PR #​2382 Use imports for java.time types in all remaining classes.
  • style: import java.time types in TimestampUtils PR #​2380 Use imports for java.time types in TimestampUtils.
  • refactor: Change internal constructors to pass only connection Properties
    Changes internal constructors for PgConnection and related classes to only accept the connection properties object and
    remove the user and password arguments. Any locations that required those fields can retrieve them from the properties map.
  • test: Fix DatabaseMetadataTest to perform mview tests only on 9.3+
  • perf: read in_hot_standby GUC on connection PR #​2334
  • doc: improv doc around binary decoding of numeric data #​2331
  • Add cert key type checking to chooseClientAlias PR #​2417
Added
  • feat: Add authenticationPluginClassName option to provide passwords at runtime
    Adds authenticationPluginClassName connection property that allows end users to specify a class
    that will provide the connection passwords at runtime. Users implementing that interface must
    ensure that each invocation of the method provides a new char[] array as the contents
    will be filled with zeroes by the driver after use.Call sites within the driver have been updated to use the char[] directly wherever possible.
    This includes direct usage in the GSS authentication code paths that internally were already converting the String password into a char[] for internal usage.
    This allows configuring a connection with a password that must be generated on the fly or periodically changes. PR #​2369 original issue Issue #​2102
  • feat: add tcpNoDelay option PR #​2341 fixes Issue #​2324
  • feat: pg_service.conf and .pgpass support (jdbc:postgresql://?service=my-service) PR #​2260 fixes Issue #​2278
Fixed
  • Use local TimestampUtil in PgStatement and PgResultset for thread safety PR #​2291
    fixes Issue #​921 synchronize modification of shared calendar
  • fix: PgObject isNull() was reporting the opposite fixes Issue #​2411 PR #​2414
  • fix: default file name is ".pg_service.conf" on Windows (not "pg_service.conf") PR #​2398 fixes Issue #​2278
  • test: Fix RefCursorFetchTest on older platforms
  • fix: do not close refcursor after reading if fetchsize has been set fixes Issue #​2227 PR #​2371
  • fix: rework gss authentication to use the principal name to get the credentials fixes Issue #​2235 PR #​2352
  • fix: return getIndexInfo metadata columns in UPPER CASE PR #​2368
  • fix: Connection leak in ConnectionFactoryImpl#tryConnect PR #​2350 Issue #​2351
  • fix: Fix For IS_AUTOGENERATED Flag PR #​2348
  • fix: parsing service file tests for windows PR #​2347
  • fix: The spec says that calling close() on a closed connection is a noop. PR #​2345 fixes Issue #​2300
  • fix: add microsecond precision to getTimestamp() called on sql TIME(6) Currently, "when fetching a value of type TIME(6) through
    resultSet.getTimestamp() only ms precision is retained, the microsecond fractional digits are lost." This change will retain the microsecond
    precision when .getTimestamp() is called on TIME(6). PR #​2181 Closes Issue #​1537
  • test: materialized view privileges PR #​2209 add and drop a materialized view
    Add to TestUtil and also to DatabaseMetaData setup and teardown fixes Issue #​2060
  • fix: typo in connect.md PR #​2338 OutOfMemoryException => OutOfMemoryError
  • fix: use local TimestampUtil in PgStatement and PgResultset for thread
    safety TimestampUtil is not thread safe. It raises exceptions when multiple threads use ResultSets of one connection. PR #​2291
    fixes Issue #​921
    If PgStatement and PgResultSet use their own TimestampUtil no synchronize is needed.
  • fix: typo in CONTRIBUTING.md PR #​2332 seccion => section

v42.3.1

Changed
  • improv: Arrays in Object[] PR 2330 when an Object[] contains other arrays, treat as though it were a
    multi-dimensional array the one exception is byte[], which is not supported.
  • improv: Use jre utf-8 decoding PR 2317 Remove use of custom utf-8 decoding.
  • perf: improve performance of bytea string decoding PR 2320
    improve the parsing of bytea hex encoded string by making a lookup table for each of the valid ascii code points to the 4 bit numeric value
  • feat: intern/canonicalize common strings PR 2234
Added
Fixed
  • numeric binary decode for even 10 thousands PR #​2327 fixes Issue 2326
    binary numeric values which represented integers multiples of 10,000 from 10,000-9,990,000 were not decoded correctly
  • [typo] typo in certdir/README.md PR #​2309 certificatess => certificates
  • [typo] typo in TimestampUtils.java PR #​2314 Change Greagorian to Gregorian.
  • remove check for negative pid in cancel request. Apparently pgbouncer can send one fixes Issue 2317 PR #​2319

v42.3.0

Changed
  • No longer build for Java 6 or Java 7
  • If assumeMinServerVersion is not defined and server is at least 9.0, group startup statements into a single transaction PR #​1977
Added
  • Support for pg_service.conf file and jdbc URL syntax: "jdbc:postgresql://?service=service1".
    Resource can be provided using 1) property "-Dorg.postgresql.pgservicefile=file1" 2) environment variable PGSERVICEFILE=file2 3) default location "$HOME/.pg_service.conf" 4) environment variable PGSYSCONFDIR=dir1 looks for file "dir1/pg_service.conf".
  • Support for .pgpass file. Resource can be provided using 1) property "-Dorg.postgresql.pgpassfile=file1" 2) environment variable PGPASSFILE=file2 3) default location "$HOME/.pgpass"
Fixed

v42.2.24

Fixed
  • Fix startup regressions caused by PR #​1949. Instead of checking all types by OID, we can return types for well known types PR #​2257
  • Backport PR #​2148
    Avoid leaking server error details through BatchUpdateException when logServerErrorDetail PR #​2254
  • Backpatch PR #​2247
    QueryExecutorImpl.receiveFastpathResult did not properly handle ParameterStatus messages.
    This in turn caused failures for some LargeObjectManager operations. Closes Issue #​2237
    Fixed by adding the missing code path, based on the existing handling in processResults. PR #​2253
  • Backpatch PR #​2242 PgDatabaseMetaData.getIndexInfo() cast operands to smallint PR#2253
    It is possible to break method PgDatabaseMetaData.getIndexInfo() by adding certain custom operators. This PR fixes it.
  • Backpatching PR #​2251 into 42.2 Clean up open connections to fix test failures on omni and appveyor
    use older syntax for COMMENT ON FUNCTION with explicit no-arg parameter parentheses as it is required on server versions before v10.
    Handle cleanup of connection creation in StatementTest, handle cleanup of privileged connection in DatabaseMetaDataTest
  • Backpatch PR #​2245 fixes case where duplicate tables are returned if there are duplicate descriptions oids are not guaranteed to be unique in the catalog PR #​2248
  • Change to updatable result set to use correctly primary or unique keys PR #​2228
    fixes issues introduced in PR #​2199 closes Issue #​2196
  • Fix NPE calling getTypeInfo when alias is null PR #​2220
  • Backpatch PR #​2217 to fix Issue #​2215. OIDs are unsigned integers and were not being handled correctly when they exceeded the size of signed integers

v42.2.23

Changed
  • Renewed the SSL keys for testing
Fixed
  • getColumnPrecision for Numeric when scale and precision not specified now returns 0 instead of 131089 fixes: Issue #​2188
  • Calling refreshRow on an updateable resultset made the row readOnly. Fixes Issue #​2193
  • results should be updateable if there is a unique index available PR#2199 Fixes Issue #​2196
  • Rework sql type gathering to use OID instead of typname.
    This does not have the issue of name shadowing / qual-names, and has the added benefit of fixing #​1948.

v42.2.22

Fixed
  • Regression caused by pgjdbc/pgjdbc@4fa2d5b. Unfortunately
    due to the blocking nature of the driver and issues with seeing if there is a byte available on a blocking stream when it is encrypted
    this introduces unacceptable delays in returning from peek(). At this time there is no simple solution to this.

v42.2.21

Changed
  • Update docs to reflect deprecated DataSource API setServerName backpatch PR#2057 PR #​2105
Fixed

v42.2.20

Fixed
  • Partitioned indexes were not found fixes #​2078 PR #​2087
  • isValid() timeout should not be blocked #​1943 Cherry-picked #​2076
    The usage of setQueryTimeout(); with the same value as the setNetworkTimeout(); is blocking the current transaction timeout.
    The timeouts are blocking each other with this approach.
  • DatabaseMetaData.getTables returns columns in UPPER case as per the spec PR #​2092 fixes Issue #​830

v42.2.19

Notable Changes

  • Now the driver uses SASLprep normalization for SCRAM authentication fixing some issues with spaces in passwords.
  • If closeOnCompletion is called on an existing statement and the statement is executed a second time it will fail.
Changed
  • Perf: avoid duplicate PGStream#changeSocket calls
  • Fix: Actually close unclosed results. Previously was not closing the first unclosed result fixes #​1903 (#​1905).
    There is a small behaviour change here as a result. If closeOnCompletion is called on an existing statement and the statement
    is executed a second time it will fail.
Added
  • Verify code via forbidden-apis (jdk-internal and jdk-non-portable signatures) PR #​2012
Fixed
  • Fix Binary transfer for numeric fixes #​1935
  • Fix Allow specifying binaryTransferEnable even for those types that are not enabled by default
  • Fix: properly set cancel socket timeout (#​2044)
  • Fix "Required class information missing" when old org.jboss:jandex parses pgjdbc classes [issue 2008]https://github.com/pgjdbc/pgjdbc/issues/200808]
  • Fix PGCopyInputStream returning the last row twice when reading with CopyOut API [issue 2016]https://github.com/pgjdbc/pgjdbc/issues/201616]
  • Fix Connection.isValid() to not wait longer than existing network timeout PR #​2040
  • Fix Passwords with spaces (ASCII and non-ASCII) now work with SCRAM authentication (driver now uses SASLprep normalization) PR #​2052
  • Fix DatabaseMetaData.getTablePrivileges() to include views, materialized views, and foreign tables PR #​2049
  • Fix Resolve ParseError in PGtokenizer fixes #​2050
  • Fix return metadata privileges for views and foreign tables

v42.2.18

Fixed
  • Unfortunately changing the default of gssEncMode to ALLOW was not enough. The GSSEncMode Enum was not changed as well
    fixed in #​1920

v42.2.17

Changed
  • Change default of gssEncMode to ALLOW. PostgreSQL can deal with PREFER but there are cloud providers that did not implement the protocol properly. Libpq gets around this by checking for a GSS credential cache before attempting the connection. This is possible in JDK 8 and up, but not JDK6, or JDK7 fixes Issue #​1868 PR #​1913
Added
Fixed
  • Avoid NullPointerException when receiving PGbox, PGcircle, PGline, PGlseg, PGpath, PGpoint, PGpolygon, and PGmoney [PR 1873] https://github.com/pgjdbc/pgjdbc/pull/18733).
  • The driver returns enum and jsonb arrays elements as String objects (like in 42.2.14 and earlier versions) PR 1879.
  • PgTokenizer was ignoring last empty token PR #​1882
  • Remove osgi from karaf fixes Issue #​1891 PR #​1902
  • Handle nulls when the following classes are used: PGbox, PGcircle, PGline, PGlseg, PGpath, PGpoint, PGpolygon, and PGmoney.

v42.2.16

Known issues
  • The driver returns enum and jsonb arrays elements are returned as PGobject instances (fixed in 42.2.17)
Fixed
  • Arrays sent in binary format are now sent as 1 based. This was a regression for multi-dimensional arrays as well as text/varchar, oid and bytea arrays.
    Since 42.2.0 single dimensional arrays were stored 0 based. They are now sent 1 based which is the SQL standard, and the default
    for Postgres when sent as strings such as '{1,2,3}'. Fixes issue 1860 in PR 1863.

v42.2.15

Known issues
  • The driver returns enum and jsonb arrays elements are returned as PGobject instances (fixed in 42.2.17)
Changed
  • Rename source distribution archive to postgresql-$version-jdbc-src.tar.gz, and add top-level archive folder ba017507
  • Add the ability to connect with a GSSAPI encrypted connection. As of PostgreSQL version 12 GSSAPI encrypted connections
    are possible. Now the driver will attempt to connect to the server with a GSSAPI encrypted connection. If that fails then
    attempt an SSL connection, finally falling back to a plain text connection. All of this is controlled using both the gssEncMode
    and sslMode parameters which, in concert with pg_hba.conf, determine if a particular mode is allowed and or required. PR 1821 ad921b9e
  • Source release archive shades dependencies (scram) by default. It affects only postgresql-version-src.tar.gz release artifact f0301eb9
  • Refactor decoding arrays PR 1194
Added
  • Verify nullness with CheckerFramework 6e524ae5
Fixed
  • Avoid preparedStatement leak when using updateable ResultSet via insert/update/refreshRow PR 1815 9a0d2b18
  • Change order of checks for oid vs primary keys. OID's have been deprecated. PR 1613
  • Close certificate file stream. PR 1837
  • Make sure socketTimeout is enforced PR 1831
  • Assume PKCS-8 SSL key format by default PR 1819
  • Preserve unquoted unicode whitespace in array literals PR 1266

v42.2.14

Changed
  • Reverted com.github.waffle:waffle-jna, org.osgi:org.osgi.core, org.osgi:org.osgi.enterprise dependencies to optional=true in Maven PR 1797.

v42.2.13

Notable Changes

  • Security: The primary reason to release this version and to continue the 42.2.x branch is for CVE-2020-13692.
    Reported by David Dworken, this is an XXE and more information can be found here.
    Sehrope Sarkuni reworked the XML parsing to provide a solution in commit 14b62aca4.
  • The build system has been changed to Gradle thanks to Vladimir PR 1627.
  • Regression: com.github.waffle:waffle-jna, org.osgi:org.osgi.core, org.osgi:org.osgi.enterprise dependencies are listed as non-optional issue 1975.
Changed
Added
  • jre-6 was added back to allow us to release fixes for all artifacts in the 42.2.x branch PR 1787
Fixed
  • I/O error ru translation PR 1756
  • Issue 1771 PgDatabaseMetaData.getFunctions() returns
    procedures fixed in PR 1774
  • getTypeMap() returning null PR 1781
  • Updated openssl example command PR 1763
  • fix documentation with ordered list to be displayed correctly PR 1783

v42.2.12

Notable changes

We have released 42.2.12 to correct regressions in this version: Specifically

  • PR 1729 was reverted as this is a breaking change
  • PR 1719 has been reverted as it introduced errors in the PgType Cache

We recommend that version 42.2.11 not be used.

Changed
  • reverted PR 1729 throw an error instead of silently rolling back a commit error.
    This change introduced a breaking change which will be moved to 42.3.0
  • reverted PR 1719 add support for full names of data types (#​1719)

v42.2.11

Notable changes
As mentioned above this version is broken and should not be used.

Changed
  • Reverted PR 1641. The driver will now wait for EOF when sending cancel signals.
  • DatabaseMetaData#getProcedures returns only procedures (not functions) for PostgreSQL 11+ PR 1723
  • Convert silent rollbacks into exception if application sends commit or xa.prepare command PR 1729
Added
  • feat: raiseExceptionOnSilentRollback connection option to configure if silent rollback should raise an exception PR 1729
  • feat: Expose ByteStreamWriter in CopyManager PR 1702
  • feat: add way to distinguish base and partitioned tables in PgDatabaseMetaData.getTables PR 1708
  • refactor: introduce tuple abstraction (rebased) PR 1701
  • refactor: make PSQLState enum consts for integrity constraint violations PR 1699
  • test: add makefile to create ssl certs PR 1706
Fixed
  • fix: Always use . as decimal separator in PGInterval PR 1705
  • fix: allow DatabaseMetaData.getColumns to describe an unset scale PR 1716
Changed
  • Build system update from Maven to Gradle PR 1627
Added
  • docker-compose image for creating test databases (see docker folder)

v42.2.10

Changed
  • (!) Regression: remove receiving EOF from backend after cancel PR 1641. The regression is that the subsequent query might receive the cancel signal.
Added
Fixed
  • Cleanup PGProperty, sort values, and add some missing to docs PR 1686
  • Fixing LocalTime rounding (losing precision) PR 1570
  • Network Performance of PgDatabaseMetaData.getTypeInfo() method PR 1668
  • Issue #​1680 updating a boolean field requires special handling to set it to t or f instead of true or false PR 1682
  • bug in pgstream for replication PR 1681
  • Issue #​1677 NumberFormatException when fetching PGInterval with small value PR 1678
  • Metadata queries improvements with large schemas. PR 1673
  • Utf 8 encoding optimizations PR 1444
  • interval overflow PR 1658
  • Issue #​1482 where the port was being added to the GSSAPI service name PR 1651
  • remove receiving EOF from backend after cancel since according to protocol the server closes the connection once cancel is sent (connection reset exception is always thrown) PR 1641
  • Unable to register out parameter Issue #​1646 PR 1648

v42.2.9

Changed
Added
  • read only transactions PR 1252
  • pkcs12 key functionality PR 1599
  • new "escapeSyntaxCallMode" connection property PR 1560
  • connection property to limit server error detail in exception exceptions PR 1579
  • cancelQuery() to PGConnection public interface PR 1157
  • support for large update counts (JDBC 4.2) PR 935
  • Add Binary Support for Oid.NUMERIC and Oid.NUMERIC_ARRAY PR 1636
Fixed
  • issue 716 getTypeInfo() may not return data in the order specified in Oracle documentation PR 1506
  • PgSQLXML setCharacterStream() results in null value PR 1608
  • get correct column length for simple domains PR 1605
  • NPE as a result of calling executeQuery twice on a statement fixes issue #​684 [PR 1610] https://github.com/pgjdbc/pgjdbc/pull/16100)
  • handle numeric domain types PR 1611
  • pginterval to take iso8601 strings PR 1612
  • remove currentTimeMillis from code, tests are OK PR 1617
  • NPE when calling setNull on a PreparedStatement with no parameters PR 1620
  • allow OUT parameter registration when using CallableStatement native CALL PR 1561
  • add release save point into execute with batch PR 1583
  • Prevent use of extended query protocol for BEGIN before COPY PR 1639

v42.2.8

Changed
Added
Fixed
  • fix: Revert inet default Java type to PGObject and handle values with net masks PR 1568

v42.2.7

Changed
Added
  • Expose parameter status messages (GUC_REPORT) to the user PR 1435
  • Add automatic module name to manifest for jdk9+ PR 1538
  • Log ignoring rollback when no transaction in progress PR 1549
  • Map inet type to InetAddress PR 1527 issue 1134
Fixed
  • fix issue 1547 As long as peek returns some bytes do not reset the timeout, this allows us to continue checking until any async notifies are consumed PR 1548
  • fix: issue 1466 In logical decoding the if the backend was requesting a reply we… PR 1467
  • fix: issue 1534 Proleptic java.time support PR 1539
  • fix Ensure isValid() will not last more than timeout seconds PR 1557

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants