Re: Apache Ignite H2 Vulnerabilities

Thanks for the update Maxim. Looks like July-ish then, going by how the last few releases came out. On Fri, May 6, 2022 at 8:02 PM Maxim Muzafarov wrote: > Lokesh, > > Talking about the Ignite Calcite integration module the dependency > over the H2 will be removed in the next release 2.14. > >

Re: Apache Ignite H2 Vulnerabilities

Lokesh, Talking about the Ignite Calcite integration module the dependency over the H2 will be removed in the next release 2.14. On Tue, 3 May 2022 at 15:17, Lokesh Bandaru wrote: > > Thanks Stephen. > Not sure if this is the right forum but wanted to check if there is a plan > already to come

Re: Apache Ignite H2 Vulnerabilities

Thanks Stephen. Not sure if this is the right forum but wanted to check if there is a plan already to come up with a vulnerability free way of using Ignite? Or if there is a way to request one? On Tue, May 3, 2022 at 2:36 PM Stephen Darlington < stephen.darling...@gridgain.com> wrote: > That is

Re: Apache Ignite H2 Vulnerabilities

That is my understanding, yes. > On 2 May 2022, at 09:28, Lokesh Bandaru wrote: > > Thank you Stephen/Nikita. > Looks like version 2.13 still depends on the older H2 versions - those with > vulnerabilities. > And as the dependencies are all hard, there doesn't seem to be a way to > bypass

Re: Apache Ignite H2 Vulnerabilities

Thank you Stephen/Nikita. Looks like version 2.13 still depends on the older H2 versions - those with vulnerabilities. And as the dependencies are all hard, there doesn't seem to be a way to bypass them and get Ignite running. Can you please confirm? On Fri, Apr 29, 2022 at 7:44 PM Nikita

Re: Apache Ignite H2 Vulnerabilities

Hey guys, I wanted to know if window functions are supported in ignite 2.13. Calcite supports it so wanted to check. On Fri, 29 Apr 2022, 19:44 Nikita Amelchev, wrote: > Hello, guys. > > Thanks for pointing it out. > > The calcite module was properly published to the maven. [1] The sync > with

Re: Apache Ignite H2 Vulnerabilities

Hello, guys. Thanks for pointing it out. The calcite module was properly published to the maven. [1] The sync with mirrors can take some time. The calcite documentation was updated on the site. [2] [1] https://repo.maven.apache.org/maven2/org/apache/ignite/ignite-calcite/2.13.0/ [2]

Re: Apache Ignite H2 Vulnerabilities

It’ll be added to Maven soon — I’m not exactly sure what happened. It is included in the source and binary downloads (download.cgi ) if you want to get a copy now. > On 29 Apr 2022, at 02:19, Lokesh Bandaru wrote: > > Hello Stephen, the document(ReadMe)

Re: Re[2]: Apache Ignite H2 Vulnerabilities

Hello Stephen, the document(ReadMe) you shared earlier, has mentioned that ignite-calcite must be declared as a dependency. In this case, it would be, org.apache.ignite:ignite-calcite:2.13.0 right!. But, which, at the moment, is not available. Can you please advise? On Thu, Apr 28, 2022 at 5:21

Re[2]: Apache Ignite H2 Vulnerabilities

Seems it would be published with new documentation, Nikita Amelchev isn`t it ? check [1]   [1]  https://issues.apache.org/jira/browse/IGNITE-15189   >Thank you Stephen.  >Is there also a writeup summarizing what is/isn't supported with this >'experimental' feature?   >On Thu, Apr 28, 2022 at

Re: Apache Ignite H2 Vulnerabilities

Thank you Stephen. Is there also a writeup summarizing what is/isn't supported with this 'experimental' feature? On Thu, Apr 28, 2022 at 4:30 PM Stephen Darlington < stephen.darling...@gridgain.com> wrote: > https://github.com/apache/ignite/blob/2.13.0/modules/calcite/README.txt > > On 28 Apr

Re: Apache Ignite H2 Vulnerabilities

https://github.com/apache/ignite/blob/2.13.0/modules/calcite/README.txt > On 28 Apr 2022, at 11:46, Lokesh Bandaru wrote: > > Thanks Ilya. > > Version 2.13 has come out but still seems to be shipping with the same > vulnerability-ridden version of h2 database. > The documentation doesn't

Re: Re: Apache Ignite H2 Vulnerabilities

Thanks Ilya. Version 2.13 has come out but still seems to be shipping with the same vulnerability-ridden version of h2 database. The documentation doesn't mention if/how Calcite is turned on. Can you advise on how it can be enabled? On Wed, Apr 13, 2022 at 7:29 AM Ilya Korol wrote: > Hi

RE: Re: Apache Ignite H2 Vulnerabilities

Hi Lokesh, Updates for running Ignite over Java 17 is already in master. Please take a look: https://github.com/apache/ignite/blob/master/bin/include/jvmdefaults.sh On 2022/04/12 10:11:57 Lokesh Bandaru wrote: > You are fast. :) Was just typing a reply on top of the last one and yours > is

Re: Apache Ignite H2 Vulnerabilities

You are fast. :) Was just typing a reply on top of the last one and yours is already here. Ignore the last question, found this, https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.13 . *Looking forward to this release. * *One slightly unrelated question, feel free to ignore. * *I

Re: Apache Ignite H2 Vulnerabilities

Code freeze was yesterday. The target release date is 22 April. More here: Apache+Ignite+2.13 > On 12 Apr 2022, at 11:03, Lokesh Bandaru wrote: > > Thanks for getting back, Stephen. > I am aware that Calcite is in the

Re: Apache Ignite H2 Vulnerabilities

Thanks for getting back, Stephen. I am aware that Calcite is in the plans. Any tentative timeline as to when 2.13(beta/ga) is going to be made available? Regards. On Tue, Apr 12, 2022 at 2:15 PM Stephen Darlington < stephen.darling...@gridgain.com> wrote: > The H2 project removed support for

Re: Apache Ignite H2 Vulnerabilities

The H2 project removed support for Ignite some time ago (https://github.com/h2database/h2database/pull/2227) which makes it difficult to move to newer versions. The next version of Ignite (2.13) has an alternative SQL engine (Apache Calcite) so over time there will be no need for H2. > On 11

Re: Apache Ignite H2 Vulnerabilities

Resending. On Mon, Apr 11, 2022 at 6:42 PM Lokesh Bandaru wrote: > Hello there, hi > > Writing to you with regards to the security vulnerabilities(particularly > the most recent ones, CVE-2022-xxx and CVE-2021-xxx) in the H2 database and > the Apache Ignite's dependency on the flagged versions