Skip to content

Releases: dataplat/dbatools

v2.5.0 - Major library updates

20 Jul 06:36
Compare
Choose a tag to compare

Overview

This release updates dbatools to use the new dbatools.library v2025.7.19 and includes significant improvements to CI/CD workflows and assembly management which will make quickly addressing library dependency vulnerabilities a whole lot easier.

This release should resolve a lot of the issues we have all run into with connecting to SQL Server 2022. Newer (but not too newer) .NET versions are now required. The dbatools.library will now be pretty big because I'm including complete packages (like dac) for each OS, without trimming it. The previous trims I did kept the library small but it also kept me from releasing library updates as regularly as I'd like because it made everything hard. So, we're now at about 250mb for all the assemblies from Microsoft that we need to cover as many platforms as possible.

Thanks a hell of a lot to @niphlod who helped get this version update in motion.

Major Changes

πŸ“š Library Update

  • Updated dbatools.library dependency to v2025.7.19-preview-freshold-20250719213145
  • Added centralized version management via .github/dbatools-library-version.json
  • Implemented dynamic library installation script for both stable and preview versions

πŸ”’ Security Improvements

By updating to dbatools.library v2025.7.19, this PR addresses significant security vulnerabilities:

Critical Vulnerabilities Resolved

  • CVE-2017-0160 (CVSS 10.0): .NET Framework remote code execution
  • CVE-2018-8284 (CVSS 9.8): .NET Framework remote code execution
  • CVE-2019-0613: .NET Framework XML parsing remote code execution
  • CVE-2020-0646: .NET Framework input validation remote code execution
  • CVE-2024-35264: Kestrel HTTP/3 data corruption remote code execution
  • CVE-2024-30045: .NET Double Parse buffer overrun remote code execution

High Severity Vulnerabilities Resolved

Medium Severity Vulnerabilities Resolved

Security Enhancements

  • Assembly loading improvements prevent DLL hijacking attacks
  • SQL connections now use encrypted connections by default (via DacFx)
  • Enhanced credential management with Azure token support
  • Improved certificate validation logic
  • Removed hardcoded paths that could be exploited

Security Impact: This update resolves 30+ CVEs across all dependencies, including 6 Critical, 12 High, and 12+ Medium severity vulnerabilities.

πŸ”„ CI/CD Improvements

  • Centralized Library Version Management: All workflows now read from dbatools-library-version.json
  • Preview Version Support: CI can now handle preview versions of dbatools.library
  • Dynamic Installation: New install-dbatools-library.ps1 script handles version detection and installation
  • Improved Test Scripts: Moved test scripts to .github/scripts/ for better organization

πŸ—οΈ Assembly & Platform Updates

  • Updated sqlpackage paths to use new dac folder structure:
    • Windows: lib/dac/windows/sqlpackage.exe
    • Linux: lib/dac/linux/sqlpackage
    • macOS: lib/dac/mac/sqlpackage
  • Enhanced Get-DbaManagementObject to better handle:
    • Loaded assemblies detection
    • SNI module tracking
    • Cross-platform assembly resolution
  • Added support for SQL Server 2025 instance detection

πŸ”§ Export-DbaDacPackage Improvements

  • Updated sqlpackage path resolution for new directory structure
  • Better cross-platform path handling
  • Distinction between Core and Desktop paths on Windows

πŸ“‹ Version Management Documentation

Added comprehensive version management guide (.github/DBATOOLS_LIBRARY_VERSION_MANAGEMENT.md) covering:

  • Version update procedures
  • Testing requirements
  • Rollback procedures
  • CI/CD pipeline usage

πŸ§ͺ Testing Enhancements

  • Added SQL Server engine installation to Windows tests (not just LocalDB)
  • Improved credential handling for SQL Server connections
  • Better error messages for assembly loading issues
  • Enhanced copyright compliance in web search functionality

Non-Breaking Changes

  • All changes maintain backwards compatibility
  • Existing scripts and modules will continue to work
  • Version management is transparent to end users

Testing Checklist

  • Verified module imports successfully on Windows PowerShell 5.1
  • Verified module imports successfully on PowerShell 7.4+
  • Integration tests pass on all platforms
  • Gallery installation tests pass
  • Replication tests pass (when fixed)
  • Assembly loading diagnostics show correct versions

Related PRs

Notes

  • Some replication tests are currently disabled pending fixes
  • The library version can be updated by modifying .github/dbatools-library-version.json

v2.1.32

10 Jul 22:54
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.1.31...v2.1.32

v2.1.31

09 May 08:58
Compare
Choose a tag to compare

What's Changed

  • New-DbaConnectionStringBuilder, param reorganization by @niphlod in #9613
  • Update dbatools-buildref-index.json SQL 2017 Azure Connect Pack by @MikeyBronowski in #9620
  • Update dbatools-buildref-index.json SQL 2022 CU18 by @MikeyBronowski in #9625
  • Set-DbaAgentOperator, better docs by @niphlod in #9617
  • New/Remove-DbaAgentOperator, better docs by @niphlod in #9621
  • New-DbaDbMaskingConfig, handle numeric by @niphlod in #9622
  • Get-DbaDbUser, faster enumeration when targeting single db by @niphlod in #9623
  • Start-DbccCheck, better extraction of errors by @niphlod in #9624
  • New-DbaDbMaskingConfig, account for lots of tables by @niphlod in #9642
  • buildref, "touch" LastUpdated even if no new CU have been shipped by @niphlod in #9661
  • Install-DbaDarlingData: Added new stored procedures, documented abbreviations, and gave every procedure an abbreviation by @ReeceGoding in #9652
  • Set-DbaAgentJobOutputFile: also report the current output file name by @ReeceGoding in #9646

Full Changelog: v2.1.30...v2.1.31

v2.1.30

04 Mar 22:59
Compare
Choose a tag to compare

What's Changed

  • Update dbatools-buildref-index.json SQL 2019 CU32 by @MikeyBronowski in #9611
  • Set-DbaDbQueryStoreOption, use correct postfix for STALE_CAPTURE_POLI… by @niphlod in #9605
  • Get-DbaBackupHistory, better docs for Since parameter by @niphlod in #9604
  • Set-DbaResourceGovernor - Pass Credentials to Get-DbaDbUdf by @darrenmaginnis in #9609

New Contributors

Full Changelog: v2.1.29...v2.1.30

v2.1.29

04 Mar 22:57
Compare
Choose a tag to compare

What's Changed

  • Update dbatools-buildref-index.json SQL2019 CU30 by @MikeyBronowski in #9560
  • Update-DbaInstance, fix documentation by @niphlod in #9559
  • Get-DbaExternalProcess - Test failing by @jpomfret in #9571
  • Install-DbaMaintenanceSolution - don't drop tables if not readding by @jpomfret in #9570
  • Update dbatools-buildref-index.json by @rwestMSFT in #9577
  • BuildRef, add 2019CU31 by @niphlod in #9587
  • Test-DbaWindowsLogin, add property for mismatch on samaccountname by @niphlod in #9589
  • Set-DbaLogin, report correct name for -WhatIf by @niphlod in #9582
  • Find-DbaAgentJob, work with multiple wildcards by @niphlod in #9583
  • New-DbaSqlParameter, check bound parameters correctly by @niphlod in #9584
  • Backup-DbaDbMasterKey, add FileBaseName by @niphlod in #9599
  • Backup-DbaServiceMasterKey, add FileBaseName parameter by @niphlod in #9598
  • Backup-DbaDbCertificate, new FileBaseName parameter by @niphlod in #9597
  • Invoke-DbaDbShrink, accept pipelined databases by @niphlod in #9596
  • Get-DbaNetworkCertificate, propagate credentials by @niphlod in #9595
  • Enable/Disable-DbaTraceFlag, support -WhatIf by @niphlod in #9588
  • Connect-DbaInstance, honor -Database parameter by @niphlod in #9585
  • Invoke-DbaQuery, re-wire connection with integrated as another user by @niphlod in #9592

Full Changelog: v2.1.28...v2.1.29

v2.1.28

04 Mar 22:57
Compare
Choose a tag to compare

What's Changed

  • Security updates for SQL 2022, 2019, 2017, 2016 by @MikeyBronowski in #9547
  • SQL Server 2022 CU 16 by @rwestMSFT in #9551
  • Include new version of SQL Server Maintenance Solution by Ola Hallengren by @andreasjordan in #9550
  • Fix for installation of SQL Server Maintenance Solution by Ola Hallengren: Changed name of branch from master to main by @andreasjordan in #9549

Full Changelog: v2.1.27...v2.1.28

v2.1.27

03 Nov 06:08
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.1.26...v2.1.27

v2.1.26

14 Oct 08:18
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.1.25...v2.1.26

v2.1.25

05 Oct 17:59
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.1.24...v2.1.25

v2.1.24

18 Sep 19:49
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.1.23...v2.1.24