You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@calcite.apache.org by as...@apache.org on 2022/09/10 08:06:02 UTC
[calcite-site] branch main updated: Website deployed from calcite@6d96e91d5f428a443a2552b4aa4d03bdd5f8a0bf

This is an automated email from the ASF dual-hosted git repository.

asf-ci-deploy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/calcite-site.git


The following commit(s) were added to refs/heads/main by this push:
     new af5d446c Website deployed from calcite@6d96e91d5f428a443a2552b4aa4d03bdd5f8a0bf
af5d446c is described below

commit af5d446c0d32b8cfb0b658ad63222a5cae730ae5
Author: asfgit <as...@users.noreply.github.com>
AuthorDate: Sat Sep 10 08:05:58 2022 +0000

    Website deployed from calcite@6d96e91d5f428a443a2552b4aa4d03bdd5f8a0bf
---
 docs/history.html | 42 +++++++++++++++++++++++++++++++++---------
 docs/howto.html   |  7 ++-----
 2 files changed, 35 insertions(+), 14 deletions(-)

diff --git a/docs/history.html b/docs/history.html
index 3783d0df..048248a8 100644
--- a/docs/history.html
+++ b/docs/history.html
@@ -83,11 +83,30 @@
 Downloads are available on the
 <a href="/downloads/">downloads page</a>.</p>
 
-<h2 id="v1-32-0">
-<a href="https://github.com/apache/calcite/releases/tag/calcite-1.32.0">1.32.0</a> / 2022-09-12</h2>
+<!--
+
+-->
 
-<p>This release comes 1 month after <a href="#v1-31-0">1.31.0</a>,
-contains contributions from 15 contributors, and resolves x issues.</p>
+<h2 id="v1-32-0">
+<a href="https://github.com/apache/calcite/releases/tag/calcite-1.32.0">1.32.0</a> / 2022-09-10</h2>
+
+<p>Coming 1 month after <a href="#v1-31-0">1.31.0</a> with 19 issues fixed by 16
+contributors, this release fixes
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-39135">CVE-2022-39135</a>,
+an XML External Entity (XEE) vulnerability that allows a SQL query to
+read the contents of files via the SQL functions <code class="language-plaintext highlighter-rouge">EXISTS_NODE</code>,
+<code class="language-plaintext highlighter-rouge">EXTRACT_XML</code>, <code class="language-plaintext highlighter-rouge">XML_TRANSFORM</code> or <code class="language-plaintext highlighter-rouge">EXTRACT_VALUE</code>.</p>
+
+<p>With contributions from 16 contributors, this release
+<a href="https://issues.apache.org/jira/browse/CALCITE-4294">replaces
+the ESRI spatial engine with JTS and proj4j</a>, adds
+<a href="https://issues.apache.org/jira/browse/CALCITE-5262">65
+spatial SQL functions</a> including <code class="language-plaintext highlighter-rouge">ST_Centroid</code>, <code class="language-plaintext highlighter-rouge">ST_Covers</code> and
+<code class="language-plaintext highlighter-rouge">ST_GeomFromGeoJSON</code>, adds the
+<a href="https://issues.apache.org/jira/browse/CALCITE-5241">CHAR</a>
+SQL function, and improves the return type of the
+<a href="https://issues.apache.org/jira/browse/CALCITE-4999">ARRAY and
+MULTISET</a> functions.</p>
 
 <p>Contributors to this release:
 Alessandro Solimando,
@@ -100,9 +119,11 @@ Dmitry Sysolyatin,
 Jiajun Bernoulli,
 Jing Zhang,
 Julian Hyde (release manager),
+Lincoln Lee,
 Mou Wu,
 Ruben Quesada Lopez,
 Stamatis Zampetakis,
+TJ Banghart,
 Zhengqiang Duan.</p>
 
 <p id="breaking-1-32-0">Compatibility: This release is tested on Linux, macOS, Microsoft Windows;
@@ -150,8 +171,10 @@ JDBC adapter should not generate <code class="language-plaintext highlighter-rou
 Increase <code class="language-plaintext highlighter-rouge">BINDABLE_CACHE</code> hit rate by making the order of
 <code class="language-plaintext highlighter-rouge">EnumerableRelImplementor.stashedParameters</code> deterministic</li>
   <li>[<a href="https://issues.apache.org/jira/browse/CALCITE-5263">CALCITE-5263</a>]
-Improve <code class="language-plaintext highlighter-rouge">XmlFunctions</code> by using an XML <code class="language-plaintext highlighter-rouge">DocumentBuilder</code>
-</li>
+SQL functions <code class="language-plaintext highlighter-rouge">EXISTS_NODE</code>, <code class="language-plaintext highlighter-rouge">EXTRACT_XML</code>, <code class="language-plaintext highlighter-rouge">XML_TRANSFORM</code> and <code class="language-plaintext highlighter-rouge">EXTRACT_VALUE</code>
+allow user files to be read via XML External Entity (XEE) vulnerability
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-39135">CVE-2022-39135</a>
+(fixed by using a secure implementation of XML <code class="language-plaintext highlighter-rouge">DocumentBuilder</code>)</li>
   <li>[<a href="https://issues.apache.org/jira/browse/CALCITE-4294">CALCITE-4294</a>]
 Use JTS and proj4j rather than ESRI as the underlying library for geospatial
 (<code class="language-plaintext highlighter-rouge">ST_</code>) functions</li>
@@ -192,9 +215,7 @@ Release notes for Calcite 1.32.0</li>
   <li>Cosmetic changes to release notes</li>
   <li>Remove redundant ‘the’ in javadoc</li>
   <li>Change sereda’s role from Committer to PMC</li>
-  <li>[<a href="https://issues.apache.org/jira/browse/CALCITE-5092">CALCITE-5092</a>]
-Update site/README.md about how to release the site</li>
-  <li>Fix 1.31.0 release date to 2022-08-22 (was 2022-08-22)</li>
+  <li>Fix 1.31.0 release date to 2022-08-02 (was 2022-08-01)</li>
   <li>Fix checkstyle violation for Calcite 1.31 release note</li>
 </ul>
 
@@ -447,6 +468,9 @@ other software versions as specified in gradle.properties.</p>
 <h4 id="site-1-31-0">Web site and documentation</h4>
 
 <ul>
+  <li>[<a href="https://issues.apache.org/jira/browse/CALCITE-5092">CALCITE-5092</a>]
+Update <a href="https://github.com/apache/calcite/blob/main/site/README.md">site/README.md</a>
+about how to release the site</li>
   <li>Site: Add Jing Zhang as committer</li>
   <li>Site: Add Benchao Li as committer</li>
   <li>Site: Add Chunwei Lei and Vladimir Ozerov as PMC members</li>
diff --git a/docs/howto.html b/docs/howto.html
index 03a91ca1..f36301ec 100644
--- a/docs/howto.html
+++ b/docs/howto.html
@@ -879,7 +879,7 @@ date literal to the date of the previous release):</p>
 so there’s no harm if it fails. It might leave <code class="language-plaintext highlighter-rouge">-rc</code> tag behind
 which can be removed if required.</p>
 
-<p>You can perform a dry-run release with a help of
+<p>If you wish, you can perform a dry-run release with a help of
 <a href="https://github.com/vlsi/asflike-release-environment">asflike-release-environment</a>;
 it would perform the same steps, but it would push changes to the mock Nexus, Git, and SVN servers.</p>
 
@@ -959,12 +959,9 @@ that the <code class="language-plaintext highlighter-rouge">META-INF</code> dire
   <li>Under <code class="language-plaintext highlighter-rouge">Build Promotion</code>, click <code class="language-plaintext highlighter-rouge">Staging Repositories</code>
 </li>
   <li>In the <code class="language-plaintext highlighter-rouge">Staging Repositories</code> tab there should be a line with profile <code class="language-plaintext highlighter-rouge">org.apache.calcite</code>
+and status <code class="language-plaintext highlighter-rouge">closed</code>
 </li>
   <li>Navigate through the artifact tree and make sure the .jar, .pom, .asc files are present</li>
-  <li>Check the box on in the first column of the row,
-and press the ‘Close’ button to publish the repository at
-https://repository.apache.org/content/repositories/orgapachecalcite-1000
-(or a similar URL)</li>
 </ul>
 
 <h2 id="cleaning-up-after-a-failed-release-attempt">Cleaning up after a failed release attempt</h2>