Materialize v0.48
v0.48.0
SQL
-
Introduce object owners, who can manage privileges for other roles on each object in the system by adding or revoking grants. In this release, object owners have limited functionality and are assigned as follows:
- All objects that exist at the time of a new Materialize deployment
(including all system objects) are owned by the
mz_system
role. - All objects that predate the release are owned by the new
default_owner
role. - Any new object is owned by the user who created it.
This is part of the work to enable Role-based access control (RBAC) in a future release (#11579).
- All objects that exist at the time of a new Materialize deployment
(including all system objects) are owned by the
-
Support specifying multiple roles in the
GRANT ROLE
andREVOKE ROLE
commands.-- Grant role GRANT data_scientist TO joe, mike; -- Revoke role REVOKE data_scientist FROM joe, mike;
This is part of the work to enable Role-based access control (RBAC) in a future release (#11579).
-
Add
mz_internal.mz_sessions
to the system catalog. This table describes all active sessions in the system.
Bug fixes and other improvements
- Fix a bug where subsources were created in the
public
schema instead of being correctly created in the same schema as the source (#17868). This resulted in confusing name resolution for users of the PostgreSQL and load generator sources.
-
Improve the error messages reported in
mz_internal.mz_{source|sink}_status_history
andmz_internal.mz_{source|sink}_statuses
with more helpful pointers to troubleshoot Kafka sources and sinks (#17805). From this release, theerror
column reports the full error message, and other helpful suggestions are added underdetails
. -
Stop silently ignoring
NULL
keys in sources usingENVELOPE UPSERT
(#6350). The new behavior is to throw an error when trying to query the source. To recover an errored source, you must produce a record with aNULL
value and aNULL
key to the topic, to force a retraction. As an example, you can usekcat
to produce an empty message:echo ":" | kcat -b $BROKER -t $TOPIC -Z -K: \ -X security.protocol=SASL_SSL \ -X sasl.mechanisms=SCRAM-SHA-256 \ -X sasl.username=$KAFKA_USERNAME \ -X sasl.password=$KAFKA_PASSWORD
-
Fix a bug that prevented the correct parsing of connection settings specified using the
-c
option (#18239). -
Respect session settings even in the case where the first statement executed errors (#18317). Previously, such errors led to these settings being ignored.