Apache Calcite Avatica

Avatica 1.25.0 is a routine release featuring support for JDK 21, Gradle 8.5 and several bug fixes.

Breaking Change: Due to [CALCITE-6282] and [CALCITE-6248], illegal dates are no longer accepted by casts and time precision will not be ignored when returning TIME results, respectively. If you are relying on this behavior, your applications may break.

See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.24.0 features mostly dependency upgrades with some minor bug fixes and features.

Breaking Change: Due to CALCITE-5678, date literals not satisfying the Gregorian calendar will be rejected.

See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.23.0 fixes bugs in Statement.getUpdateCount(), ResultSet.getObject; and supports HTTP_BAD_REQUEST and configuring fetch size and SSL key-store type. Also, there are various improvements to DateTimeUtils and ByteString.

See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.22.0 is a maintenance release to resolve CVE-2022-36364: Apache Calcite Avatica JDBC driver httpclient_impl connection property can be used as an RCE vector. Users of previous versions of Avatica MUST upgrade to mitigate this vulnerability. For more info please see the entry in the CVE database: CVE-2022-36364.

See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.21.0 is a maintenance release with dependency upgrades and added support for Oracle JDK 16 to 18. Of particular note is Log4j2 being upgrade to 2.16.0 and subsequently 2.17.0 and 2.17.1 to address CVE-2021-44228, CVE-2021-45105 and CVE-2021-44832. See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.20.0 upgrades Log4j2 to version 2.15.0 to address CVE-2021-44228, and makes the SPNEGO protocol much more efficient. See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.19.0 adds support for BIT and NULL data types, fixes issues with values of type ARRAY, and includes a few dependency updates. See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.18.0 includes a few dependency updates, bug fixes and a breaking change. In addition, the Gradle wrapper has been removed from the source distribution in order to comply with ASF policy. See the list of bug fixes and new features for more information.

Breaking change (CALCITE-4503): Order of fields in records should follow that of the SQL types

Meta#deduce(List<ColumnMetaData> columns, Class resultClazz) now only derives the order of the fields from the list of provided column metadata columns when generating a record from the given Java class resultClazz, instead of relying on the field order provided by Object#getFields(), which is a JVM-dependent feature.

Before, the field names where not checked against the field names of the provided class. Now, if resultClazz is not null, the provided field names are expected to match existing fields in that class. If a column metadata has name column, and no public field in resultClazz with that name exists, the following exception is thrown: java.lang.RuntimeException: java.lang.NoSuchFieldException: C.

See the release notes; download the release.

Apache Calcite Avatica 1.17.0 is a small routine release that includes a few dependency updates and bug fixes. Of particular note is a fix to resolve a multilingual decoding issue that parses Chinese characters as gibberish. This release has also been tested with JDK 14 and Guava 29. See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.16.0 replaces the maven with gradle. This release adds support for Kerberos authentication using SPNEGO over HTTPS. In addition, there were also a few dependency updates and bug fixes. Github Actions was also enabled in the repository for running tests. See the list of bug fixes and new features for more information.

See the release notes; download the release.

Apache Calcite Avatica 1.15.0 is a small release that fixes a regression causing error messages to not be propagated to clients. There is also a minor update to the docker release script to automate the upload of release artifacts and build promotion. See the list of bug fixes and new features for more information.

Consumers of Avatica are encouraged to skip the 1.14.0 release and upgrade directly to 1.15.0 due to the aforementioned regression.

See the release notes; download the release.

Apache Calcite Avatica 1.14.0 includes around 13 bug fixes and new features.

A number of dependencies were upgraded for this release, with Jetty being a noteworthy upgrade due to the old version having a medium severity vulnerability. Avatica users are encouraged to upgrade to 1.14.0 where practical.

See the release notes; download the release.

Apache Calcite Avatica 1.13.0 includes more than 30 bug fixes and new features.

See the release notes; download the release.

Apache Calcite Avatica 1.12.0 includes more than 20 bug fixes and new features. ZIP archives will no longer be produced from this release onwards.

See the release notes; download the release.

Apache Calcite Avatica 1.11.0 adds support for JDK 10 and drops support for JDK 7. There are more than 20 bug fixes and new features.

See the release notes; download the release.

Apache Calcite Avatica 1.10.0 adds support for JDBC Array data, Docker, and JDK 9.

From this release onwards, Docker images for Avatica Server are published to Docker Hub. These make Avatica easier than ever to run.

As the Calcite and Avatica projects become more separate, it is the first release since Avatica’s git repository separated from Calcite’s repository.

Avatica now runs on JDK 9 (and continues to run on JDK 7 and 8).

Clients may now send and receive Array data via the JDBC API. There are improvements to date/time support in DateTimeUtils, and over 20 other new features and bug fixes.

See the release notes; download the release.

Apache Calcite Avatica 1.9.0 includes various improvements to make it more robust and secure, while maintaining API and protocol compatibility with previous versions.

We now include non-shaded and shaded artifacts, to make it easier to embed Avatica in your application.

There are improvements to the JDBC API, adding support for canceling statements, and improving type conversions and metadata.

The transport is upgraded to use protobuf-3.1.0 (previously 3.0 beta); we have also upgraded Jetty.

See the release notes; download the release.

Apache Calcite Avatica 1.8.0 continues the focus on compatibility with previous versions while also adding support for authentication between Avatica client and server. Performance, notably on the write-path, is also major area of improvement in this release, increasing as much as two to three times over previous versions with the addition of new API support. The documentation for both users and developers continues to receive improvements.

Authentication is a major theme of this release, providing multiple layers of additional authentication mechanisms over previous versions. In these earlier versions, the only authentication provided by Avatica was achieved via the JDBC URL’s standard user and password options. These have always been passed directly into the backend database’s authentication system, but not all databases provide username and password based authentication systems. CALCITE-1173 adds Avatica-level authentication over HTTP Basic and HTTP Digest authentication mechanisms. These are provided specifically for the case when Avatica is used with a database that does not already provide its own authentication implementation.

Some systems rely on Kerberos for strong, centrally- managed authentication. CALCITE-1159 introduces Kerberos-based authentication for clients via SPNEGO. The Avatica server can be configured to only allow clients with a valid Kerberos ticket, optionally, also passing this information to the backend database to implement basic “impersonation” (where the Avatica server issues requests on behalf of the end user).

Building on top of the work done in Avatica-1.7.0 in CALCITE-1091, this release also contains CALCITE-1128 which implements the batch-oriented JDBC APIs on Statement. Through careful inspection, it was observed that the overall performance of Avatica clients in 100% write workloads was dominated by the cost of the HTTP calls. By leveraging the Statement#addBatch() and Statement#executeBatch() API calls, clients can efficiently batch multiple updates in a single HTTP call. In testing this over the previous single HTTP call per update with Apache Phoenix, it was observed that performance increased by two to three times, bringing Avatica’s performance on par with the Phoenix “native” driver.

Returning back to compatibility, a new component appears in this release which is designed to test versions of Avatica against each other. CALCITE-1190 introduces a “Technology Compatibility Kit” (TCK) which automates the testing of one version of Avatica against other versions. To further ease this testing, a runnable JAR to launch an HSQLDB instance and an Avatica server also makes it debut with these changes. This TCK makes it much easier to run tests of newer clients against older servers and vice versa. Validating the backwards compatibility that is being built is extremely important to be confident in the guarantees being provided to users.

Finally, a number of bugs are also fixed in the Protocol Buffer wire API. Some of these include CALCITE-1113 and CALCITE-1103 which fix how certain numbers are serialized, CALITE-1243 which corrects some fields in Protocol Buffer messages which were incorrectly marked as unsigned integers instead of signed integers, and CALCITE-1209 which removes incorrect parsing of binary fields as Base64-encoded strings. All of these issues are fixed in a backwards-compatible manner and should have no additional negative impact on older clients (older clients will not break, but they may continue to return incorrect data for certain numbers).

For users of the Avatica driver, a new client reference page is added which details the options that are available in the Avatica JDBC Driver’s URL. The wire API documentation for Protocol Buffers continues to receive updates as the API continues to evolve.

See the release notes; download the release.

Apache Calcite’s PMC has just released Avatica 1.7.1, the first release of Avatica as an independent project. We’re excited because it makes Avatica easier to use, and allows us to be more agile in our release schedule.

(Avatica was previously released as part of Calcite. Avatica is still governed by Apache Calcite’s PMC, and stored in the same git repository as Calcite, but releases are no longer synchronized, and Avatica does not depend on any Calcite modules.)

A significant portion of the work of this release was “Maven work” to separate the build and release processes, but there were several important bug fixes, including a security fix for Jetty (see below).

Performance, specifically on the write path, was a big focus in this release. [CALCITE-1091] contained a number of important changes. Some of these changes (e.g. [CALCITE-1092] and [CALCITE-1093]) were related to heap usage in the Avatica server, while [CALCITE-1094] and [CALCITE-1117] were strictly performance-related.

The latter improved performance the most. Switching to the Apache Commons HttpComponents Client library instead of using the Java platform’s built-in HttpURLConnection, we noticed a 15% improvement in pure write workloads.

Three dependent library upgrades:

• We completely removed Commons Logging in favor of SLF4J in [CALCITE-669]. This logging framework update will allow downstream integrators to use the logging implementation of their choice instead of being forced to inherit Commons Logging.
• We upgraded Jackson from 2.1.1 to 2.6.3 in [CALCITE-1021].
• We upgraded Jetty from 9.2.7.v20150116 to 9.2.15.v20160210 in [CALCITE-1156] to fix a security issue.

Note that Avatica’s Maven coordinates have changed. The groupId is now “org.apache.calcite.avatica” (previously “org.apache.calcite”), and artifactIds are “avatica”, “avatica-metrics”, “avatica-metrics-dropwizardmetrics3”, “avatica-noop-driver”, “avatica-server” (previously “calcite-avatica”, etc.). Make sure to update these when upgrading to this version.

See the release notes; download the release.