Copilot commented on code in PR #4606: URL: https://github.com/apache/polaris/pull/4606#discussion_r3346360258
########## CHANGELOG.md: ########## @@ -30,8 +30,15 @@ request adding CHANGELOG notes for breaking (!) changes and possibly other secti ### Highlights ### Upgrade notes +- Newly created tables and views now use a unique, unpredictable location by default: Polaris appends a random UUID to + the generated location (controlled by the `DEFAULT_TABLE_LOCATION_USE_UUID` feature flag, on by default). Caller-specified + locations are now rejected by default (controlled by `ALLOW_CLIENT_SPECIFIED_TABLE_LOCATION`, off by default): this covers the + `location` field as well as the `write.data.path` / `write.metadata.path` properties, on create-table/create-view, + update-table/replace-view, and commit-transaction requests. Review Comment: The Upgrade notes mention that location rejection applies to create-table/create-view, update-table/replace-view, and commit-transaction, but it doesn’t call out that create-table *stage-create* requests are also gated (see `IcebergCatalogHandler.stageTableCreateHelper` calling `rejectClientSpecifiedLocationIfDisallowed`). Please clarify to avoid surprises for clients using stage-create. ########## CHANGELOG.md: ########## @@ -30,8 +30,15 @@ request adding CHANGELOG notes for breaking (!) changes and possibly other secti ### Highlights ### Upgrade notes +- Newly created tables and views now use a unique, unpredictable location by default: Polaris appends a random UUID to + the generated location (controlled by the `DEFAULT_TABLE_LOCATION_USE_UUID` feature flag, on by default). Caller-specified + locations are now rejected by default (controlled by `ALLOW_CLIENT_SPECIFIED_TABLE_LOCATION`, off by default): this covers the + `location` field as well as the `write.data.path` / `write.metadata.path` properties, on create-table/create-view, + update-table/replace-view, and commit-transaction requests. + Existing tables and views are unaffected. To restore the previous behavior, set `polaris.config.default-table-location.use-uuid=false` and `polaris.config.allow.client-specified.table.location=true` (per realm or per catalog). ### Breaking changes +- Create-table, create-view, update-table, replace-view, and commit-transaction requests that specify a location (the `location` field, a `SetLocation` update, or the `write.data.path` / `write.metadata.path` properties) are now rejected by default. Set `ALLOW_CLIENT_SPECIFIED_TABLE_LOCATION` (`polaris.config.allow.client-specified.table.location`) to `true` to allow caller-specified locations. Federated catalogs, staged-create commits, and `register table` / `register view` (which supply a metadata location) are unaffected. Review Comment: The Breaking changes note says “staged-create commits … are unaffected”, but this PR also enforces the caller-location gate on stage-create *requests* (`createTableStaged` via `stageTableCreateHelper`). Consider making the exception more precise (e.g., name the specific staged-create commit endpoint) and/or explicitly stating that stage-create requests are still subject to the location gate. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
