Skip to content

CNDB-16021: CNDB-15280: Remove user data from AbstractReadQuery.toCQLString #2149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
michaelsembwever merged 1 commit into from
Dec 9, 2025
Merged

CNDB-16021: CNDB-15280: Remove user data from AbstractReadQuery.toCQLString #2149

michaelsembwever merged 1 commit into from
Dec 9, 2025

Conversation

@michaelsembwever
Copy link
Member

@michaelsembwever michaelsembwever commented Dec 3, 2025
edited
Loading

https://github.com/riptano/cndb/issues/16021

Port into main-5.0 commit 4517338

Will be merged to main-5.0 after mck-cndb-15760-main-5.0 is merged.

CNDB-16021: CNDB-15280: Remove user data from AbstractReadQuery.toCQLString

Replace column values by '?' when converting internal read queries to CQL's SELECT queries, so user data don't end up in logs or any other unprotected place.

CQL queries printed in tracing and user-facing errors still expose the unredacted data.

@github-actions
Copy link

github-actions bot commented Dec 3, 2025

Checklist before you submit for review

  • This PR adheres to the Definition of Done
  • Make sure there is a PR in the CNDB project updating the Converged Cassandra version
  • Use NoSpamLogger for log lines that may appear frequently in the logs
  • Verify test results on Butler
  • Test coverage for new/modified code is > 80%
  • Proper code formatting
  • Proper title for each commit staring with the project-issue number, like CNDB-1234
  • Each commit has a meaningful description
  • Each commit is not very long and contains related changes
  • Renames, moves and reformatting are in distinct commits
  • All new files should contain the DataStax copyright header instead of the Apache License one

@michaelsembwever michaelsembwever marked this pull request as ready for review December 3, 2025 20:58
@adelapena
Copy link

adelapena commented Dec 4, 2025

Overall looks good, but it seems the new SlowQueryLoggerTest is failing.

@michaelsembwever michaelsembwever force-pushed the mck-cndb-16021-main-5.0 branch 2 times, most recently from 7917017 to d544dba Compare December 5, 2025 18:23
Base automatically changed from mck-cndb-15760-main-5.0 to main-5.0 December 7, 2025 16:38
adelapena
adelapena approved these changes Dec 8, 2025
View reviewed changes
Copy link

@adelapena adelapena left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, +1.

@adelapena @michaelsembwever
CNDB-16021: CNDB-15280: Remove user data from AbstractReadQuery.toCQL…
8fe7a33 
…String (#2038)

Replace column values by '?' when converting internal read queries to CQL's SELECT queries,
so user data don't end up in logs or any other unprotected place.

CQL queries printed in tracing and user-facing errors still expose the unredacted data.
@michaelsembwever
Copy link
Member Author

michaelsembwever commented Dec 8, 2025

failed tests not reproduced locally. ninja fix squashed in for check failure on SAICodecUtils

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 8, 2025

Quality Gate Passed Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
87.4% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@cassci-bot
Copy link

cassci-bot commented Dec 8, 2025

❌ Build ds-cassandra-pr-gate/PR-2149 rejected by Butler

8 regressions found
See build details here

Found 8 new test failures

Test Explanation Runs Upstream
o.a.c.cql3.validation.operations.AggregationQueriesTest.testAggregationQueryShouldNotTimeoutWhenItExceedesReadTimeout (compression) NEW 🔴🔴 2 / 25
o.a.c.distributed.test.DropUDTWithRestartTest.loadCommitLogAndSSTablesWithDroppedColumnTestCC50 NEW 🔴🔴 22 / 25
o.a.c.distributed.test.DropUDTWithRestartTest.loadCommitLogAndSSTablesWithDroppedColumnTestCassandra41 NEW 🔴🔴 1 / 25
o.a.c.distributed.test.DropUDTWithRestartTest.loadCommitLogAndSSTablesWithDroppedColumnTestCassandra5 NEW 🔴🔴 1 / 25
o.a.c.index.SecondaryIndexManagerTest.testIndexRebuildWhenAddingSStableViaRemoteReload (compression) NEW 🔴🔴 20 / 25
o.a.c.metrics.TrieMemtableMetricsTest.testContentionMetrics (compression) NEW 🔵🔴 9 / 25
o.a.c.nodes.NodesPersistenceTest.testUpdateTokens (compression) NEW 🔵🔴 0 / 25
o.a.c.utils.binlog.BinLogTest.testTruncationReleasesLogSpace (compression) NEW 🔴🔵 1 / 25

No known test failures found

@michaelsembwever michaelsembwever merged commit 3df2541 into main-5.0 Dec 9, 2025
582 of 593 checks passed
@michaelsembwever michaelsembwever deleted the mck-cndb-16021-main-5.0 branch December 9, 2025 09:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adelapena adelapena adelapena approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@michaelsembwever @adelapena @cassci-bot