Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Lock down search_path in SPI calls #5259

Merged
merged 1 commit into from Feb 1, 2023

Conversation

svenklemm
Copy link
Member

No description provided.

@github-actions
Copy link

@fabriziomello, @lkshminarayanan: please review this pull request.

Powered by pull-review

@svenklemm svenklemm force-pushed the telemetry_searchpath branch 3 times, most recently from 14b3378 to 1969dd5 Compare January 31, 2023 17:20
@codecov
Copy link

codecov bot commented Jan 31, 2023

Codecov Report

Merging #5259 (eb03a09) into main (f75a51d) will decrease coverage by 26.20%.
The diff coverage is 25.00%.

Current head eb03a09 differs from pull request most recent head 014b40f. Consider uploading reports for the commit 014b40f to get more accurate results

Impacted file tree graph

@@             Coverage Diff             @@
##             main    #5259       +/-   ##
===========================================
- Coverage   89.03%   62.84%   -26.20%     
===========================================
  Files         225      225               
  Lines       51822    45658     -6164     
===========================================
- Hits        46142    28694    -17448     
- Misses       5680    16964    +11284     
Impacted Files Coverage Δ
src/hypertable.c 44.33% <ø> (-42.94%) ⬇️
src/telemetry/telemetry.c 3.87% <0.00%> (-81.81%) ⬇️
tsl/src/continuous_aggs/materialize.c 58.55% <0.00%> (-11.45%) ⬇️
src/telemetry/replication.c 85.00% <66.66%> (-5.00%) ⬇️
src/chunk.h 0.00% <0.00%> (-100.00%) ⬇️
src/chunk_index.h 0.00% <0.00%> (-100.00%) ⬇️
tsl/src/remote/data_fetcher.h 0.00% <0.00%> (-100.00%) ⬇️
tsl/src/compression/dictionary_hash.h 0.00% <0.00%> (-100.00%) ⬇️
tsl/src/compression/simple8b_rle.h 0.00% <0.00%> (-96.57%) ⬇️
src/scanner.c 0.00% <0.00%> (-94.10%) ⬇️
... and 205 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f75a51d...014b40f. Read the comment docs.

@svenklemm svenklemm changed the title Lock down search_path in telemetry SPI calls Lock down search_path in SPI calls Jan 31, 2023
@svenklemm svenklemm force-pushed the telemetry_searchpath branch 5 times, most recently from 3759a24 to 054982b Compare January 31, 2023 20:47
@svenklemm svenklemm merged commit 789bb26 into timescale:main Feb 1, 2023
52 of 53 checks passed
@akuzm akuzm added the bug label Feb 1, 2023
@akuzm
Copy link
Member

akuzm commented Feb 1, 2023

Automated backport to 2.9.x not done: cherry-pick failed.

(that's my robot self talking)

@akuzm akuzm added auto-backport-not-done Automated backport of this PR has failed non-retriably (e.g. conflicts) and removed auto-backport-not-done Automated backport of this PR has failed non-retriably (e.g. conflicts) labels Feb 1, 2023
@timescale-automation
Copy link

Automated backport to 2.9.x not done: cherry-pick failed.

Job log

@akuzm akuzm added auto-backport-not-done Automated backport of this PR has failed non-retriably (e.g. conflicts) and removed auto-backport-not-done Automated backport of this PR has failed non-retriably (e.g. conflicts) labels Feb 1, 2023
@timescale-automation
Copy link

Automated backport to 2.9.x not done: cherry-pick failed.

Git status

HEAD detached at origin/2.9.x
You are currently cherry-picking commit 789bb26.
(fix conflicts and run "git cherry-pick --continue")
(use "git cherry-pick --skip" to skip this patch)
(use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
modified: src/hypertable.c
modified: src/telemetry/replication.c
modified: src/telemetry/telemetry.c
modified: tsl/src/continuous_aggs/materialize.c
modified: tsl/src/continuous_aggs/refresh.c
modified: tsl/src/reorder.c

Unmerged paths:
(use "git add ..." to mark resolution)
both modified: CHANGELOG.md

Job log

@timescale-automation timescale-automation added the auto-backport-not-done Automated backport of this PR has failed non-retriably (e.g. conflicts) label Feb 1, 2023
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains bug fixes since the 2.9.2 release.
We recommend that you upgrade at the next available opportunity.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not multiple of day/month in nested CAgg
* timescale#5259 Lock down search_path in SPI calls
@lkshminarayanan lkshminarayanan mentioned this pull request Feb 3, 2023
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains bug fixes since the 2.9.2 release.
We recommend that you upgrade at the next available opportunity.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not multiple of day/month in nested CAgg
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains a critical securtiy fix(timescale#5259) and other bug fixes since
the 2.9.2 release.

This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not multiple of day/month in nested CAgg
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains a critical securtiy fix(timescale#5259) and other bug fixes since
the 2.9.2 release.

This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not multiple of day/month in nested CAgg
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains a critical securtiy fix(timescale#5259) and other bug fixes
since the 2.9.2 release.

This release is high priority for upgrade. We strongly recommend that
you upgrade as soon as possible.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not multiple of day/month in nested CAgg
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains bug fixes since the 2.9.2 release.
This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index not following the order of a multi-column segment by definition
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not being considered as a multiple of day/month in hierarchical continuous aggregates
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit that referenced this pull request Feb 3, 2023
This release contains bug fixes since the 2.9.2 release.
This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* #4804 Skip bucketing when start or end of refresh job is null
* #5108 Fix column ordering in compressed table index not following the order of a multi-column segment by definition
* #5187 Don't enable clang-tidy by default
* #5255 Fix year not being considered as a multiple of day/month in hierarchical continuous aggregates
* #5259 Lock down search_path in SPI calls
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 3, 2023
This release contains bug fixes since the 2.9.2 release.
This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index not following the order of a multi-column segment by definition
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not being considered as a multiple of day/month in hierarchical continuous aggregates
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit to lkshminarayanan/timescaledb that referenced this pull request Feb 6, 2023
This release contains bug fixes since the 2.9.2 release.
This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* timescale#4804 Skip bucketing when start or end of refresh job is null
* timescale#5108 Fix column ordering in compressed table index not following the order of a multi-column segment by definition
* timescale#5187 Don't enable clang-tidy by default
* timescale#5255 Fix year not being considered as a multiple of day/month in hierarchical continuous aggregates
* timescale#5259 Lock down search_path in SPI calls
lkshminarayanan added a commit that referenced this pull request Feb 6, 2023
This release contains bug fixes since the 2.9.2 release.
This release is high priority for upgrade. We strongly recommend that you
upgrade as soon as possible.

**Bugfixes**
* #4804 Skip bucketing when start or end of refresh job is null
* #5108 Fix column ordering in compressed table index not following the order of a multi-column segment by definition
* #5187 Don't enable clang-tidy by default
* #5255 Fix year not being considered as a multiple of day/month in hierarchical continuous aggregates
* #5259 Lock down search_path in SPI calls
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-backport-not-done Automated backport of this PR has failed non-retriably (e.g. conflicts) bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants