dependabot[bot] opened a new pull request, #2926: URL: https://github.com/apache/camel-kamelets/pull/2926
Bumps [com.databricks:databricks-jdbc](https://github.com/databricks/databricks-jdbc) from 3.4.1 to 3.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/databricks/databricks-jdbc/releases">com.databricks:databricks-jdbc's releases</a>.</em></p> <blockquote> <h2>v3.4.2</h2> <h3>Added</h3> <ul> <li>Added <code>UseBoundedSeaApi</code> connection property (default <code>0</code>/off). When enabled, the driver uses the bounded SEA API contract for CloudFetch: sends <code>row_offset</code> on GetResultData requests and uses <code>next_chunk_index</code> for chunk discovery instead of <code>total_chunk_count</code>. Requires server support.</li> <li>OAuth M2M (client credentials) connections can now supply the client secret via the JDBC <code>password</code>/<code>PWD</code> property and the client id via the JDBC <code>user</code>/<code>UID</code> property, instead of embedding <code>OAuth2Secret</code>/<code>OAuth2ClientId</code> in the connection URL. This lets BI tools (e.g. DBeaver) mask the OAuth secret in their password field rather than exposing it in the clear-text JDBC URL. Explicit <code>OAuth2ClientId</code>/<code>OAuth2Secret</code> still take precedence when present, so existing URLs are unaffected.</li> </ul> <h3>Updated</h3> <ul> <li>Bumped the Databricks SDK for Java dependency from <code>0.106.0</code> to <code>0.118.0</code>.</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed telemetry misattribution when multiple connections (e.g. Thrift and SEA) are used on the same thread. Per-statement telemetry events could be tagged with another connection's context (e.g. transport mode); each connection's telemetry now uses its own context instead of a shared thread-local value.</li> <li>Hardened the OAuth U2M token cache at rest (encryption key derivation and file permissions).</li> <li>Fixed <code>DatabaseMetaData.getURL()</code> exposing credentials embedded in the connection URL; secret parameters are now masked (the URL is otherwise unchanged).</li> <li>Fixed presigned URL credentials not being fully redacted in logs.</li> <li>Fixed access token exposure in DEBUG logs.</li> <li>Fixed <code>StackOverflowError</code> / hang when closing a <code>ResultSet</code> or <code>Statement</code> with <code>closeOnCompletion()</code> enabled.</li> <li>Fixed SQL injection vulnerability in binary parameter handling.</li> <li>Fixed <code>setCatalog()</code> and <code>setSchema()</code> producing invalid SQL (e.g. <code>SET CATALOG ``name``) when the catalog or schema name was passed already wrapped in backticks. Backticks are now stripped before wrapping, and </code>getCatalog()<code>/</code>getSchema()` return the bare identifier name.</li> <li>Fixed metadata SQL generation for catalog, schema, and table identifiers containing backticks.</li> <li>Fixed SEA result truncation when direct results are disabled. Large, highly-compressible results that span multiple chunks were delivered inline via the old hybrid path and truncated to the first chunk. The SQL Execution path now uses an async (<code>0s</code>) wait timeout when direct results are disabled, so results are returned via external links and fetched in full.</li> <li>Fixed <code>getColumns()</code> flooding the <code>DriverManager</code> log writer with caught-and-recovered <code>Invalid column index</code> stack traces.</li> <li>Fixed timezone-shifted TIMESTAMP values when retrieving nested complex types (STRUCT/ARRAY/MAP) with <code>EnableComplexDatatypeSupport=1</code>.</li> <li>Fixed <code>MAP</code> columns whose values are themselves complex types (e.g. <code>MAP<INT,ARRAY<BIGINT>></code>) rendering their values as empty (e.g. <code>SELECT MAP(0, ARRAY(34277,0))</code> returned <code>{0:}</code> instead of <code>{0:[34277,0]}</code>) when fetched via Arrow (<code>EnableArrow=1</code>) with <code>EnableComplexDatatypeSupport</code> disabled.</li> <li>Fixed <code>DatabricksDatabaseMetaData.supportsBatchUpdates()</code> always returning <code>false</code>, which caused batch-aware JDBC clients (e.g. Apache Hop) to skip <code>executeBatch()</code> and fall back to one INSERT per row. It now returns <code>true</code> when <code>EnableBatchedInserts=1</code>, so those clients use the optimized multi-row INSERT path.</li> <li>Fixed <code>Connection.setReadOnly(true)</code> throwing <code>DatabricksSQLFeatureNotSupportedException</code>, which broke clients (e.g. Trino/Starburst GenericJDBC, HikariCP, DBCP) that call it during connection initialization. Per the JDBC spec, <code>setReadOnly</code> is a hint the driver may ignore; it is now a no-op and <code>isReadOnly()</code> continues to return <code>false</code>.</li> <li>Fixed <code>ResultSetMetaData.getColumnTypeName()</code> returning <code>TIMESTAMP</code> for <code>TIMESTAMP_NTZ</code> columns (e.g. <code>SELECT MIN(ntz_col) ...</code>), a regression from 3.0.7. By default the driver now preserves the <code>TIMESTAMP_NTZ</code> type name across the SEA, Thrift, and describe-query metadata paths; <code>getColumnType()</code> continues to report <code>java.sql.Types.TIMESTAMP</code>. Set the new connection property <code>EnableTimestampNtzTypeName=0</code> to restore the previous behavior (report <code>TIMESTAMP</code>), which matches the legacy (v2.x.x) driver. (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1495">#1495</a>)</li> <li>Fixed <code>SQLException.getErrorCode()</code> being inconsistent between transports for statement-execution failures: the Thrift path returned <code>0</code> while the SEA path returned <code>1003</code> for the same server error. Thrift statement errors now report the <code>EXECUTE_STATEMENT_FAILED</code> (<code>1003</code>) vendor code, matching SEA. The <code>SQLState</code> and error message are unchanged.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/databricks/databricks-jdbc/blob/main/CHANGELOG.md">com.databricks:databricks-jdbc's changelog</a>.</em></p> <blockquote> <h2>[v3.4.2] - 2026-07-14</h2> <h3>Added</h3> <ul> <li>Added <code>UseBoundedSeaApi</code> connection property (default <code>0</code>/off). When enabled, the driver uses the bounded SEA API contract for CloudFetch: sends <code>row_offset</code> on GetResultData requests and uses <code>next_chunk_index</code> for chunk discovery instead of <code>total_chunk_count</code>. Requires server support.</li> <li>OAuth M2M (client credentials) connections can now supply the client secret via the JDBC <code>password</code>/<code>PWD</code> property and the client id via the JDBC <code>user</code>/<code>UID</code> property, instead of embedding <code>OAuth2Secret</code>/<code>OAuth2ClientId</code> in the connection URL. This lets BI tools (e.g. DBeaver) mask the OAuth secret in their password field rather than exposing it in the clear-text JDBC URL. Explicit <code>OAuth2ClientId</code>/<code>OAuth2Secret</code> still take precedence when present, so existing URLs are unaffected.</li> </ul> <h3>Updated</h3> <ul> <li>Bumped the Databricks SDK for Java dependency from <code>0.106.0</code> to <code>0.118.0</code>.</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed telemetry misattribution when multiple connections (e.g. Thrift and SEA) are used on the same thread. Per-statement telemetry events could be tagged with another connection's context (e.g. transport mode); each connection's telemetry now uses its own context instead of a shared thread-local value.</li> <li>Hardened the OAuth U2M token cache at rest (encryption key derivation and file permissions).</li> <li>Fixed <code>DatabaseMetaData.getURL()</code> exposing credentials embedded in the connection URL; secret parameters are now masked (the URL is otherwise unchanged).</li> <li>Fixed presigned URL credentials not being fully redacted in logs.</li> <li>Fixed access token exposure in DEBUG logs.</li> <li>Fixed <code>StackOverflowError</code> / hang when closing a <code>ResultSet</code> or <code>Statement</code> with <code>closeOnCompletion()</code> enabled.</li> <li>Fixed SQL injection vulnerability in binary parameter handling.</li> <li>Fixed <code>setCatalog()</code> and <code>setSchema()</code> producing invalid SQL (e.g. <code>SET CATALOG ``name``) when the catalog or schema name was passed already wrapped in backticks. Backticks are now stripped before wrapping, and </code>getCatalog()<code>/</code>getSchema()` return the bare identifier name.</li> <li>Fixed metadata SQL generation for catalog, schema, and table identifiers containing backticks.</li> <li>Fixed SEA result truncation when direct results are disabled. Large, highly-compressible results that span multiple chunks were delivered inline via the old hybrid path and truncated to the first chunk. The SQL Execution path now uses an async (<code>0s</code>) wait timeout when direct results are disabled, so results are returned via external links and fetched in full.</li> <li>Fixed <code>getColumns()</code> flooding the <code>DriverManager</code> log writer with caught-and-recovered <code>Invalid column index</code> stack traces.</li> <li>Fixed timezone-shifted TIMESTAMP values when retrieving nested complex types (STRUCT/ARRAY/MAP) with <code>EnableComplexDatatypeSupport=1</code>.</li> <li>Fixed <code>MAP</code> columns whose values are themselves complex types (e.g. <code>MAP<INT,ARRAY<BIGINT>></code>) rendering their values as empty (e.g. <code>SELECT MAP(0, ARRAY(34277,0))</code> returned <code>{0:}</code> instead of <code>{0:[34277,0]}</code>) when fetched via Arrow (<code>EnableArrow=1</code>) with <code>EnableComplexDatatypeSupport</code> disabled.</li> <li>Fixed <code>DatabricksDatabaseMetaData.supportsBatchUpdates()</code> always returning <code>false</code>, which caused batch-aware JDBC clients (e.g. Apache Hop) to skip <code>executeBatch()</code> and fall back to one INSERT per row. It now returns <code>true</code> when <code>EnableBatchedInserts=1</code>, so those clients use the optimized multi-row INSERT path.</li> <li>Fixed <code>Connection.setReadOnly(true)</code> throwing <code>DatabricksSQLFeatureNotSupportedException</code>, which broke clients (e.g. Trino/Starburst GenericJDBC, HikariCP, DBCP) that call it during connection initialization. Per the JDBC spec, <code>setReadOnly</code> is a hint the driver may ignore; it is now a no-op and <code>isReadOnly()</code> continues to return <code>false</code>.</li> <li>Fixed <code>ResultSetMetaData.getColumnTypeName()</code> returning <code>TIMESTAMP</code> for <code>TIMESTAMP_NTZ</code> columns (e.g. <code>SELECT MIN(ntz_col) ...</code>), a regression from 3.0.7. By default the driver now preserves the <code>TIMESTAMP_NTZ</code> type name across the SEA, Thrift, and describe-query metadata paths; <code>getColumnType()</code> continues to report <code>java.sql.Types.TIMESTAMP</code>. Set the new connection property <code>EnableTimestampNtzTypeName=0</code> to restore the previous behavior (report <code>TIMESTAMP</code>), which matches the legacy (v2.x.x) driver. (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1495">#1495</a>)</li> <li>Fixed <code>SQLException.getErrorCode()</code> being inconsistent between transports for statement-execution failures: the Thrift path returned <code>0</code> while the SEA path returned <code>1003</code> for the same server error. Thrift statement errors now report the <code>EXECUTE_STATEMENT_FAILED</code> (<code>1003</code>) vendor code, matching SEA. The <code>SQLState</code> and error message are unchanged.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/databricks/databricks-jdbc/commit/724c2176770eea3b96574622fe57695af14477fe"><code>724c217</code></a> Bump to version 3.4.2 (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1551">#1551</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/43ea6c49268e918a29d3a51f1e7adb02a315efc8"><code>43ea6c4</code></a> Align Thrift statement-error vendor code with SEA (EXECUTE_STATEMENT_FAILED) ...</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/ca1889b0813668545e614cd578b9891fa25942a0"><code>ca1889b</code></a> Fix MAP with complex value type rendering as empty via Arrow (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1505">#1505</a>) (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1546">#1546</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/e647399d83c5dcd3118af383d80905fea7ed542a"><code>e647399</code></a> Stream CloudFetch chunk decompression to bound memory and prevent OOM on larg...</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/276f6347b363eb3d6a7b18873f7cead3d48471e4"><code>276f634</code></a> Add bounded SEA API support for CloudFetch (UseBoundedSeaApi) (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1468">#1468</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/602faeab4935cdf5205561f51c4a02251d7f3266"><code>602faea</code></a> Preserve TIMESTAMP_NTZ type name in ResultSetMetaData (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1495">#1495</a>) (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1519">#1519</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/bcdb6c207cdae85b48bb963a7e384ae0d778c9a5"><code>bcdb6c2</code></a> Bump anthropics/claude-code-action from 1.0.79 to 1.0.166 (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1538">#1538</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/a9cc4c725bb8b2d2302a8d69e0637527ff0440f6"><code>a9cc4c7</code></a> Bump actions/setup-java from 4.8.0 to 5.4.0 (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1542">#1542</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/f51bfa3bed8452506ff336b6cfca1777e1083e16"><code>f51bfa3</code></a> Bump peter-evans/create-pull-request from 7.0.11 to 8.1.1 (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1541">#1541</a>)</li> <li><a href="https://github.com/databricks/databricks-jdbc/commit/471030502be22633de38a0211aeff00fcf3beed5"><code>4710305</code></a> Bump actions/cache/save from 4.3.0 to 6.1.0 (<a href="https://redirect.github.com/databricks/databricks-jdbc/issues/1540">#1540</a>)</li> <li>Additional commits viewable in <a href="https://github.com/databricks/databricks-jdbc/compare/v3.4.1...v3.4.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
