0.10.0

Merged PRs

doltgresql

• 468: Add pg_constraint table, fix index names
• 463: Workaround for current_database and current_schema
• 462: Unskip pg_database order by tests
• 460: Add OIDs to the rest of the partially implemented pg_catalog tables
• 459: Generate OIDs for pg_namespace and pg_class
• 454: add pg_views table to pg_catalog and views displayed on \d psql cmd
  Depends on dolthub/dolt#8086
• 452: Fixed secondary indexing
  • Companion PR: dolthub/dolt#8081
    The companion PR fixes two issues regarding the creation of the secondary index map, which resulted in the now-unskipped tests either panicking or returning incorrect results. With the merger of the aforementioned PR, both of these issues will be fixed.
• 450: Fixed panic during handling of another panic
  Also improved the error output when attempting to use geometry types
• 449: Update get-postgres-doltgres-job-json.sh
• 447: add current_schemas(bool) function
• 445: Implement part of pg_tables
• 441: add pg_namespace names
• 438: pg_attribute and pg_class should only show data for current database
• 436: Fixed some index issues and IN comparisons
  Companion PR: dolthub/dolt#8073
  Created indexes in Doltgres were not actually added to the table, which was fixed in the above PR. In addition, IN was corrected to use comparison functions (IN predates their creation) and SUM was excluded from the list of cast functions since GMS does not search children when looking for certain aggregate functions.
  In addition, IN was overhauled so that comparison functions are resolved once. More details may be found in the accompanying comments.
• 434: Add some pg_index and pg_indexes columns
• 432: Implement some pg_class and pg_attribute columns
• 426: use table_schema from information_schema.tables for schema name
  of \d and \dt commands. This allows these commands not to display pg_catalog tables
  Depends on dolthub/go-mysql-server#2569 and dolthub/dolt#8062
• 424: Ignore new performance_schema database
  Updating doltgresql from changes to GMS in dolthub/go-mysql-server#2568
• 422: Add the rest of the pg_catalog table schemas
• 419: Enable partial index support
  Companion PR: dolthub/go-mysql-server#2566
  This enables partial index support for a constrained set of comparisons.
• 414: Enginetest stubs
  All the dolt enginetests, all skipped for now. The harness works, but no single test method passes entirely, so they're all skipped.
  Next steps:
  • Document categories of test failures for things that should work on Postgres but don't, prioritize work to fix
  • Document categories of test failures for things that don't work on Postgres, translate tests
• 411: add all pg_catalog views as tables
• 410: Even even more pg_catalog table schemas with empty row iters
• 408: Even more pg_catalog table schemas with empty row iters
• 407: add partially populated pg_catalog.pg_type table
• 406: More pg_catalog table schemas with empty row iters
• 405: Add more pg_catalog schemas
• 404: Add schemas with empty row iters for some pg_catalog tables
  Moves over already defined schemas from this PR.
  Includes pg_am, pg_attribute, pg_class, pg_constraint, pg_event_trigger, pg_index, pg_namespace, pg_proc, pg_trigger, and pg_type
• 403: : update doltgres/postgres harness to support context methods
• 400: Implement partial pg_database
  Adds the full pg_catalog.pg_database schema with a few populated columns
• 399: Implement current_schema, current_catalog and current_database functions
  Will follow up with the corresponding table functions in another PR
• 398: add null checks in type cast methods
• 395: Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.2
  Bumps github.com/jackc/pgx/v4 from 4.18.1 to 4.18.2.
  Changelog

  Sourced from github.com/jackc/pgx/v4's changelog.

  4.18.2 (March 4, 2024)

  Fix CVE-2024-27289

  SQL injection can occur when all of the following conditions are met:

  1. The non-default simple protocol is used.
  2. A placeholder for a numeric value must be immediately preceded by a minus.
  3. There must be a second placeholder for a string value after the first placeholder; both must be on the same line.
  4. Both parameter values must be user-controlled.

  Thanks to Paul Gerste for reporting this issue.

  Fix CVE-2024-27304

  SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control.

  Thanks to Paul Gerste for reporting this issue.

  • Fix *dbTx.Exec not checking if it is already closed

  Commits

  • 14690df Update changelog
  • 779548e Update required Go version to 1.17
  • 80e9662 Update github.com/jackc/pgconn to v1.14.3
  • 0bf9ac3 Fix erroneous test case
  • f94eb0e Always wrap arguments in parentheses in the SQL sanitizer
  • 826a892 Fix SQL injection via line comment creation in simple protocol
  • 7d882f9 Fix *dbTx.Exec not checking if it is already closed
  • 1d07b8b go mod tidy
  • See full diff in compare view
  
  [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
  Dependabot commands and options

  
  You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dolthub/doltgresql/network/alerts).
• 390: Added comparison operators
  This adds all of the comparison operators for our currently supported types.
• 381: Add system tables as virtual tables
  • Companion PR: dolthub/dolt#7963
    This adds an interface for exposing system tables as virtual tables.
• 379: Hacky fix for info schema table queries
• 371: add postgres c connector client test
• 369: Release v0.9.0
  Created by the Release workflow to update DoltgreSQL's version
• 367: Reworked PSQL statements
  This changes the hardcoded PSQL statements that were no longer working so that they now work. In addition, I'm including the pprof additions here, as I added this for sysbench testing. I more-or-less copied the implementation from Dolt. I think we used to have it in Doltgres, but removed it when we removed the sql-server command.
• 334: /testing/logictest/harness/doltgres_server_harness.go: wip, debugging busted harness

Closed Issues

• 456: Creating a view should add the view to the current schema instead of current database
• 341: SQL Correctness harness broken