(cassandra) branch trunk updated: Document COPY TO limitation for control characters in text columns

Tue, 02 Jun 2026 15:05:37 -0700 

This is an automated email from the ASF dual-hosted git repository.

smiklosovic pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 36b23cba1f Document COPY TO limitation for control characters in text 
columns
36b23cba1f is described below

commit 36b23cba1f4882f137bdd5dcf77a124b7cdc4b9e
Author: Arvind Kandpal <[email protected]>
AuthorDate: Mon Jun 1 12:53:44 2026 +0530

    Document COPY TO limitation for control characters in text columns
    
    COPY TO does not support control characters in text column values per
    RFC 4180. This patch documents the limitation in the cqlsh reference,
    including the security risks and alternative tools for data migration.
    
    patch by Arvind Kandpal; reviewed by Brad Schoening, Stefan Miklosovic for 
CASSANDRA-21415
    
    Co-authored-by: Copilot Autofix powered by AI 
<[email protected]>
---
 doc/modules/cassandra/pages/managing/tools/cqlsh.adoc | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/doc/modules/cassandra/pages/managing/tools/cqlsh.adoc 
b/doc/modules/cassandra/pages/managing/tools/cqlsh.adoc
index e6f23d3683..6e5921e124 100644
--- a/doc/modules/cassandra/pages/managing/tools/cqlsh.adoc
+++ b/doc/modules/cassandra/pages/managing/tools/cqlsh.adoc
@@ -461,6 +461,19 @@ value `STDOUT` (without single quotes) to print the CSV to 
stdout.
 See `shared-copy-options` for options that apply to both `COPY TO` and
 `COPY FROM`.
 
+[NOTE]
+====
+`COPY TO` exports CSV using a restricted RFC 4180-compatible format and does 
not
+preserve control characters in text column values. Text columns containing 
control characters
+such as newlines (`\n`), carriage returns (`\r`), null bytes (`\x00`),
+or other non-printable characters cannot be reliably exported — values
+will be corrupted on re-import via `COPY FROM`. Beyond data integrity,
+non-printable characters in CSV output can pose security risks, including
+CSV injection and other forms of malicious data embedding. If your data
+contains such characters, consider using DSBulk, Spark, or
+`sstableloader` for data migration instead.
+====
+
 ==== Options for `COPY TO`
 
 `MAXREQUESTS`::


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to