dependabot[bot] opened a new pull request, #2926:
URL: https://github.com/apache/camel-kamelets/pull/2926

   Bumps 
[com.databricks:databricks-jdbc](https://github.com/databricks/databricks-jdbc) 
from 3.4.1 to 3.4.2.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a 
href="https://github.com/databricks/databricks-jdbc/releases";>com.databricks:databricks-jdbc's
 releases</a>.</em></p>
   <blockquote>
   <h2>v3.4.2</h2>
   <h3>Added</h3>
   <ul>
   <li>Added <code>UseBoundedSeaApi</code> connection property (default 
<code>0</code>/off). When enabled, the driver uses the bounded SEA API contract 
for CloudFetch: sends <code>row_offset</code> on GetResultData requests and 
uses <code>next_chunk_index</code> for chunk discovery instead of 
<code>total_chunk_count</code>. Requires server support.</li>
   <li>OAuth M2M (client credentials) connections can now supply the client 
secret via the JDBC <code>password</code>/<code>PWD</code> property and the 
client id via the JDBC <code>user</code>/<code>UID</code> property, instead of 
embedding <code>OAuth2Secret</code>/<code>OAuth2ClientId</code> in the 
connection URL. This lets BI tools (e.g. DBeaver) mask the OAuth secret in 
their password field rather than exposing it in the clear-text JDBC URL. 
Explicit <code>OAuth2ClientId</code>/<code>OAuth2Secret</code> still take 
precedence when present, so existing URLs are unaffected.</li>
   </ul>
   <h3>Updated</h3>
   <ul>
   <li>Bumped the Databricks SDK for Java dependency from <code>0.106.0</code> 
to <code>0.118.0</code>.</li>
   </ul>
   <h3>Fixed</h3>
   <ul>
   <li>Fixed telemetry misattribution when multiple connections (e.g. Thrift 
and SEA) are used on the same thread. Per-statement telemetry events could be 
tagged with another connection's context (e.g. transport mode); each 
connection's telemetry now uses its own context instead of a shared 
thread-local value.</li>
   <li>Hardened the OAuth U2M token cache at rest (encryption key derivation 
and file permissions).</li>
   <li>Fixed <code>DatabaseMetaData.getURL()</code> exposing credentials 
embedded in the connection URL; secret parameters are now masked (the URL is 
otherwise unchanged).</li>
   <li>Fixed presigned URL credentials not being fully redacted in logs.</li>
   <li>Fixed access token exposure in DEBUG logs.</li>
   <li>Fixed <code>StackOverflowError</code> / hang when closing a 
<code>ResultSet</code> or <code>Statement</code> with 
<code>closeOnCompletion()</code> enabled.</li>
   <li>Fixed SQL injection vulnerability in binary parameter handling.</li>
   <li>Fixed <code>setCatalog()</code> and <code>setSchema()</code> producing 
invalid SQL (e.g. <code>SET CATALOG ``name``) when the catalog or schema name 
was passed already wrapped in backticks. Backticks are now stripped before 
wrapping, and </code>getCatalog()<code>/</code>getSchema()` return the bare 
identifier name.</li>
   <li>Fixed metadata SQL generation for catalog, schema, and table identifiers 
containing backticks.</li>
   <li>Fixed SEA result truncation when direct results are disabled. Large, 
highly-compressible results that span multiple chunks were delivered inline via 
the old hybrid path and truncated to the first chunk. The SQL Execution path 
now uses an async (<code>0s</code>) wait timeout when direct results are 
disabled, so results are returned via external links and fetched in full.</li>
   <li>Fixed <code>getColumns()</code> flooding the <code>DriverManager</code> 
log writer with caught-and-recovered <code>Invalid column index</code> stack 
traces.</li>
   <li>Fixed timezone-shifted TIMESTAMP values when retrieving nested complex 
types (STRUCT/ARRAY/MAP) with <code>EnableComplexDatatypeSupport=1</code>.</li>
   <li>Fixed <code>MAP</code> columns whose values are themselves complex types 
(e.g. <code>MAP&lt;INT,ARRAY&lt;BIGINT&gt;&gt;</code>) rendering their values 
as empty (e.g. <code>SELECT MAP(0, ARRAY(34277,0))</code> returned 
<code>{0:}</code> instead of <code>{0:[34277,0]}</code>) when fetched via Arrow 
(<code>EnableArrow=1</code>) with <code>EnableComplexDatatypeSupport</code> 
disabled.</li>
   <li>Fixed <code>DatabricksDatabaseMetaData.supportsBatchUpdates()</code> 
always returning <code>false</code>, which caused batch-aware JDBC clients 
(e.g. Apache Hop) to skip <code>executeBatch()</code> and fall back to one 
INSERT per row. It now returns <code>true</code> when 
<code>EnableBatchedInserts=1</code>, so those clients use the optimized 
multi-row INSERT path.</li>
   <li>Fixed <code>Connection.setReadOnly(true)</code> throwing 
<code>DatabricksSQLFeatureNotSupportedException</code>, which broke clients 
(e.g. Trino/Starburst GenericJDBC, HikariCP, DBCP) that call it during 
connection initialization. Per the JDBC spec, <code>setReadOnly</code> is a 
hint the driver may ignore; it is now a no-op and <code>isReadOnly()</code> 
continues to return <code>false</code>.</li>
   <li>Fixed <code>ResultSetMetaData.getColumnTypeName()</code> returning 
<code>TIMESTAMP</code> for <code>TIMESTAMP_NTZ</code> columns (e.g. 
<code>SELECT MIN(ntz_col) ...</code>), a regression from 3.0.7. By default the 
driver now preserves the <code>TIMESTAMP_NTZ</code> type name across the SEA, 
Thrift, and describe-query metadata paths; <code>getColumnType()</code> 
continues to report <code>java.sql.Types.TIMESTAMP</code>. Set the new 
connection property <code>EnableTimestampNtzTypeName=0</code> to restore the 
previous behavior (report <code>TIMESTAMP</code>), which matches the legacy 
(v2.x.x) driver. (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1495";>#1495</a>)</li>
   <li>Fixed <code>SQLException.getErrorCode()</code> being inconsistent 
between transports for statement-execution failures: the Thrift path returned 
<code>0</code> while the SEA path returned <code>1003</code> for the same 
server error. Thrift statement errors now report the 
<code>EXECUTE_STATEMENT_FAILED</code> (<code>1003</code>) vendor code, matching 
SEA. The <code>SQLState</code> and error message are unchanged.</li>
   </ul>
   </blockquote>
   </details>
   <details>
   <summary>Changelog</summary>
   <p><em>Sourced from <a 
href="https://github.com/databricks/databricks-jdbc/blob/main/CHANGELOG.md";>com.databricks:databricks-jdbc's
 changelog</a>.</em></p>
   <blockquote>
   <h2>[v3.4.2] - 2026-07-14</h2>
   <h3>Added</h3>
   <ul>
   <li>Added <code>UseBoundedSeaApi</code> connection property (default 
<code>0</code>/off). When enabled, the driver uses the bounded SEA API contract 
for CloudFetch: sends <code>row_offset</code> on GetResultData requests and 
uses <code>next_chunk_index</code> for chunk discovery instead of 
<code>total_chunk_count</code>. Requires server support.</li>
   <li>OAuth M2M (client credentials) connections can now supply the client 
secret via the JDBC <code>password</code>/<code>PWD</code> property and the 
client id via the JDBC <code>user</code>/<code>UID</code> property, instead of 
embedding <code>OAuth2Secret</code>/<code>OAuth2ClientId</code> in the 
connection URL. This lets BI tools (e.g. DBeaver) mask the OAuth secret in 
their password field rather than exposing it in the clear-text JDBC URL. 
Explicit <code>OAuth2ClientId</code>/<code>OAuth2Secret</code> still take 
precedence when present, so existing URLs are unaffected.</li>
   </ul>
   <h3>Updated</h3>
   <ul>
   <li>Bumped the Databricks SDK for Java dependency from <code>0.106.0</code> 
to <code>0.118.0</code>.</li>
   </ul>
   <h3>Fixed</h3>
   <ul>
   <li>Fixed telemetry misattribution when multiple connections (e.g. Thrift 
and SEA) are used on the same thread. Per-statement telemetry events could be 
tagged with another connection's context (e.g. transport mode); each 
connection's telemetry now uses its own context instead of a shared 
thread-local value.</li>
   <li>Hardened the OAuth U2M token cache at rest (encryption key derivation 
and file permissions).</li>
   <li>Fixed <code>DatabaseMetaData.getURL()</code> exposing credentials 
embedded in the connection URL; secret parameters are now masked (the URL is 
otherwise unchanged).</li>
   <li>Fixed presigned URL credentials not being fully redacted in logs.</li>
   <li>Fixed access token exposure in DEBUG logs.</li>
   <li>Fixed <code>StackOverflowError</code> / hang when closing a 
<code>ResultSet</code> or <code>Statement</code> with 
<code>closeOnCompletion()</code> enabled.</li>
   <li>Fixed SQL injection vulnerability in binary parameter handling.</li>
   <li>Fixed <code>setCatalog()</code> and <code>setSchema()</code> producing 
invalid SQL (e.g. <code>SET CATALOG ``name``) when the catalog or schema name 
was passed already wrapped in backticks. Backticks are now stripped before 
wrapping, and </code>getCatalog()<code>/</code>getSchema()` return the bare 
identifier name.</li>
   <li>Fixed metadata SQL generation for catalog, schema, and table identifiers 
containing backticks.</li>
   <li>Fixed SEA result truncation when direct results are disabled. Large, 
highly-compressible results that span multiple chunks were delivered inline via 
the old hybrid path and truncated to the first chunk. The SQL Execution path 
now uses an async (<code>0s</code>) wait timeout when direct results are 
disabled, so results are returned via external links and fetched in full.</li>
   <li>Fixed <code>getColumns()</code> flooding the <code>DriverManager</code> 
log writer with caught-and-recovered <code>Invalid column index</code> stack 
traces.</li>
   <li>Fixed timezone-shifted TIMESTAMP values when retrieving nested complex 
types (STRUCT/ARRAY/MAP) with <code>EnableComplexDatatypeSupport=1</code>.</li>
   <li>Fixed <code>MAP</code> columns whose values are themselves complex types 
(e.g. <code>MAP&lt;INT,ARRAY&lt;BIGINT&gt;&gt;</code>) rendering their values 
as empty (e.g. <code>SELECT MAP(0, ARRAY(34277,0))</code> returned 
<code>{0:}</code> instead of <code>{0:[34277,0]}</code>) when fetched via Arrow 
(<code>EnableArrow=1</code>) with <code>EnableComplexDatatypeSupport</code> 
disabled.</li>
   <li>Fixed <code>DatabricksDatabaseMetaData.supportsBatchUpdates()</code> 
always returning <code>false</code>, which caused batch-aware JDBC clients 
(e.g. Apache Hop) to skip <code>executeBatch()</code> and fall back to one 
INSERT per row. It now returns <code>true</code> when 
<code>EnableBatchedInserts=1</code>, so those clients use the optimized 
multi-row INSERT path.</li>
   <li>Fixed <code>Connection.setReadOnly(true)</code> throwing 
<code>DatabricksSQLFeatureNotSupportedException</code>, which broke clients 
(e.g. Trino/Starburst GenericJDBC, HikariCP, DBCP) that call it during 
connection initialization. Per the JDBC spec, <code>setReadOnly</code> is a 
hint the driver may ignore; it is now a no-op and <code>isReadOnly()</code> 
continues to return <code>false</code>.</li>
   <li>Fixed <code>ResultSetMetaData.getColumnTypeName()</code> returning 
<code>TIMESTAMP</code> for <code>TIMESTAMP_NTZ</code> columns (e.g. 
<code>SELECT MIN(ntz_col) ...</code>), a regression from 3.0.7. By default the 
driver now preserves the <code>TIMESTAMP_NTZ</code> type name across the SEA, 
Thrift, and describe-query metadata paths; <code>getColumnType()</code> 
continues to report <code>java.sql.Types.TIMESTAMP</code>. Set the new 
connection property <code>EnableTimestampNtzTypeName=0</code> to restore the 
previous behavior (report <code>TIMESTAMP</code>), which matches the legacy 
(v2.x.x) driver. (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1495";>#1495</a>)</li>
   <li>Fixed <code>SQLException.getErrorCode()</code> being inconsistent 
between transports for statement-execution failures: the Thrift path returned 
<code>0</code> while the SEA path returned <code>1003</code> for the same 
server error. Thrift statement errors now report the 
<code>EXECUTE_STATEMENT_FAILED</code> (<code>1003</code>) vendor code, matching 
SEA. The <code>SQLState</code> and error message are unchanged.</li>
   </ul>
   </blockquote>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/724c2176770eea3b96574622fe57695af14477fe";><code>724c217</code></a>
 Bump to version 3.4.2 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1551";>#1551</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/43ea6c49268e918a29d3a51f1e7adb02a315efc8";><code>43ea6c4</code></a>
 Align Thrift statement-error vendor code with SEA (EXECUTE_STATEMENT_FAILED) 
...</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/ca1889b0813668545e614cd578b9891fa25942a0";><code>ca1889b</code></a>
 Fix MAP with complex value type rendering as empty via Arrow (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1505";>#1505</a>)
 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1546";>#1546</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/e647399d83c5dcd3118af383d80905fea7ed542a";><code>e647399</code></a>
 Stream CloudFetch chunk decompression to bound memory and prevent OOM on 
larg...</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/276f6347b363eb3d6a7b18873f7cead3d48471e4";><code>276f634</code></a>
 Add bounded SEA API support for CloudFetch (UseBoundedSeaApi) (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1468";>#1468</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/602faeab4935cdf5205561f51c4a02251d7f3266";><code>602faea</code></a>
 Preserve TIMESTAMP_NTZ type name in ResultSetMetaData (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1495";>#1495</a>)
 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1519";>#1519</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/bcdb6c207cdae85b48bb963a7e384ae0d778c9a5";><code>bcdb6c2</code></a>
 Bump anthropics/claude-code-action from 1.0.79 to 1.0.166 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1538";>#1538</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/a9cc4c725bb8b2d2302a8d69e0637527ff0440f6";><code>a9cc4c7</code></a>
 Bump actions/setup-java from 4.8.0 to 5.4.0 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1542";>#1542</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/f51bfa3bed8452506ff336b6cfca1777e1083e16";><code>f51bfa3</code></a>
 Bump peter-evans/create-pull-request from 7.0.11 to 8.1.1 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1541";>#1541</a>)</li>
   <li><a 
href="https://github.com/databricks/databricks-jdbc/commit/471030502be22633de38a0211aeff00fcf3beed5";><code>4710305</code></a>
 Bump actions/cache/save from 4.3.0 to 6.1.0 (<a 
href="https://redirect.github.com/databricks/databricks-jdbc/issues/1540";>#1540</a>)</li>
   <li>Additional commits viewable in <a 
href="https://github.com/databricks/databricks-jdbc/compare/v3.4.1...v3.4.2";>compare
 view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.databricks:databricks-jdbc&package-manager=maven&previous-version=3.4.1&new-version=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to