dolt 1.81.3

[BrewTestBot]

Created by brew bump

---

Created with brew bump-formula-pr.

Details

release notes

# Merged PRs
dolt

10383: Fix SQL engine panic when database is locked

• Prevent NewSqlEngine from panicking when a repo fails to open due to lock contention.

• Load-check the underlying DoltDB in engine DB collection and return the recorded load error (e.g.

nbs.ErrDatabaseLocked) instead of nil-dereferencing.

• Enables embedded/driver callers to detect “database locked” and safely retry engine initialization.
10376: /go/libraries/doltcore/sqle/dsess/autoincrement_tracker.go: remove print statement
10375: Fix embedded DB lock contention by closing nocache DoltDBs and plumbing DBLoadParams through CREATE DATABASE / clone / stats

Summary

This change fixes an embedded / driver reopen failure where a two-phase flow (CREATE DATABASE then later Ping) could still

hit the database is locked by another dolt process even with disable_singleton_cache + fail-fast lock behavior enabled.

Key updates:

• Close underlying DoltDBs in nocache mode: sqle.DoltDatabaseProvider.Close() now closes all underlying *doltdb.DoltDB

instances when DisableSingletonCacheParam is in effect, ensuring .dolt/noms/LOCK is released on engine shutdown.

• Plumb DBLoadParams into provider-managed DB creation paths:

• CREATE DATABASE / UNDROP DATABASE now use env.LoadWithoutDB so DBLoadParams can be applied before any DB is opened.

• dolt_clone applies provider DBLoadParams to the clone env before registration.

• registerNewDatabase defensively applies provider DBLoadParams to the env.

• Propagate DBLoadParams into stats backing store: statspro now uses LoadWithoutDB for new stats storage and copies

DBLoadParams from the host env so embedded-mode settings apply consistently.

• Regression coverage: adds a test that creates a DB via the SQL engine, closes the engine, and asserts the LOCK is

released.

Why

Embedded callers rely on deterministic reopen semantics under contention. Previously, the SQL provider close path didn’t

close the underlying *doltdb.DoltDB for newly created DBs in nocache mode, leaving the journal manifest LOCK held and

causing retries / reopens to fail.
10374: cache strictLookupIter
10371: go.mod,.github: Bump Go version to 1.25.6.

Fixes potential impact in some configurations from CVE-2025-61729.
10366: Bug fix: don't set branch control admin privs when rebasing

Fixes permission escalation with dolt_rebase dolthub/dolt#10352
10363: Add embedded-mode options to bypass DB cache and fail fast on journal lock contention

This PR adds opt-in controls for embedded/driver use-cases that need deterministic reopen semantics under contention:

• Disable local singleton DB caching for file-backed databases via a new dbfactory param, so each open constructs a fresh store.

• Fail fast on journal manifest lock timeout via a new dbfactory param, returning a sentinel error instead of falling back to read-only.

• Plumb DB load parameters through the SQL engine / env so an embedded driver can thread these options into Dolt database creation.

Key changes

• dbfactory:

• Adds DisableSingletonCacheParam (disable_singleton_cache)

• Adds FailOnJournalLockTimeoutParam (fail_on_journal_lock_timeout)

• Bypasses the singleton cache in FileFactory.CreateDB when disable_singleton_cache is set.

• nbs:

• Adds ErrDatabaseLocked

• Adds JournalingStoreOptions + NewLocalJournalingStoreWithOptions

• Updates newJournalManifest(..., failOnTimeout) to return ErrDatabaseLocked on lock timeout when enabled.

• SQL engine / env plumbing:

• Adds DBLoadParams to engine.SqlEngineConfig and threads them into env.DoltEnv prior to DB loading.

• Adds DBLoadParams to env.DoltEnv and merges them into both DB load paths (LoadDoltDB and LoadDoltDBWithParams).

• Updates env.MultiEnvForDirectory to respect a caller-provided *DoltEnv to avoid preloading before params are set.
10314: Minimize binlog deletions in branch control

I didn't find a way to trigger multiple deletions through SQL on non-existent rows, but just in case we're somehow able to get to that point through some other bug, we put it in the binlog everytime. This way, we only add to the binlog if we actually had something to delete.

9748: Bump gopkg.in/yaml.v3 from 3.0.0 to 3.0.1 in /integration-tests/transactions

Bumps gopkg.in/yaml.v3 from 3.0.0 to 3.0.1.



You can trigger a rebase of this PR by commenting @dependabot rebase.

[//]: # (dependabot-automerge-start)

[//]: # (dependabot-automerge-end)

Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dolthub/dolt/network/alerts).

> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.


go-mysql-server

3406: Set table names to lower when creating table map

fixes dolthub/dolt#10385

3404: Bump google.golang.org/protobuf from 1.28.1 to 1.33.0

Bumps google.golang.org/protobuf from 1.28.1 to 1.33.0.



Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

[//]: # (dependabot-automerge-start)

[//]: # (dependabot-automerge-end)

Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dolthub/go-mysql-server/network/alerts).


3403: /go.{mod,sum}: bump go version
3399: GMS warning on functional indices

Makes it so create index queries with expression argument will produce a warning instead of an error.
3396: avoid converting float64 to float64

We save on conversion costs by avoiding a call to convert float64 to float64.

Unfortunately this has little to no impact on any of our benchmarks because groupbyIter uses concurrency.

benchmarks: group by sum test dolthub/dolt#10359 (comment)
3395: fewer strings.ToLower calls in gatherTableAlias

benchmarks: tolower bump dolthub/dolt#10355 (comment)
3388: Apply filter simplifications to Join condition

part of dolthub/dolt#10284

part of dolthub/dolt#10335
3387: Simplify Between expression to Equals if lower and upper bounds refer to the same field
3386: Push filters that contain references to outer/lateral scopes.

We attempt to push filter expressions deeper into the tree so that they can reduce the size of intermediate iterators. Ideally, we want to push filters to directly above the data source that they reference.

Previously, we only pushed filters if they only referenced a single table, since pushing a filter that referenced multiple tables could potentially move the filter to a location where one of the referenced tables is no longer in scope. However, if the extra table references refer to a table in an outer scope or lateral scope, pushing the filter is completely safe. GetFields that reference an outer or lateral scope can be effectively treated as literals for the purpose of this optimization.

This PR changes getFiltersByTable, a function that maps tables onto the filters that reference those tables. Previously it would ignore filters that reference multiple tables. Now, it allows those filters provided that the extra references are to outer/lateral scopes.

This improves many of the plan tests:

The changed test in tpch_plans.go pushes a filter into the leftmost table lookup
The second changed test in query_plans.go replaces a naive InnerJoin with a CrossHashjoin
integration_plans.go shows many queries that now have an IndexedTableAccess instead of a table scan, or where we push a filter deeper into a join.

A small number of neutral / slightly negative changes:
One of the changes in integration_plans.go introduces a redundant filter that was previously being removed. In practice this is pretty benign because filters rarely impact the runtime unless they require type conversions.
The first changed test in query_plans.go replaces a LookupJoin with a LateralCrossJoin on an IndexedTableAccess. These two plans are effectively equivalent, but the LateralCrossJoin is harder to analyze, has a larger estimated cost and larger row estimate, and could in theory inhibit subsequent optimizations. I imagine we could create a new analysis pass that converts this kind of LateralCrossJoin into a LookupJoin.


3379: Create scope mapping for views

This is a partial fix for dolthub/dolt/issues/10297

When parsing a subquery alias, we create a new column id for each column in the SQA schema. The scope mapping is a dictionary on the SQA node that maps those column ids onto the expressions within the subquery that determine their values, and is used in some optimizations. For example, in order to push a filter into a subquery, we need to use the scope mapping to replace any GetFields that were pointing to the SQA with the expressions those fields map to. If for whatever reason the SQA doesn't have a scope mapping, we can't perform that optimization.

We parse views by recursively calling the parser on the view definition. This works but it means that the original parser doesn't have any references to the expressions inside the view, which prevents us from creating the scope mapping.

This PR attempts to fix this. Instead of defining the SQA columns in the original parser (where we no longer have access to the view's scope), we now create the columns while parsing the view, and attach them to the scope object for the view definition. Then we store that scope in a field on the Builder, so that the original parser can copy them into its own scope.

This feels hacky, but was the best way I could think of to generate the scope mappings and ensure they're visible outside the view.
2103: Bump google.golang.org/grpc from 1.53.0 to 1.56.3

Bumps google.golang.org/grpc from 1.53.0 to 1.56.3.

Release notes
Sourced from google.golang.org/grpc's releases.

Release 1.56.3
Security


server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)
In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.


Release 1.56.2

status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0
New Features

client: support channel idleness using WithIdleTimeout dial option (#6263)

This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.


client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
xds: Add support for Custom LB Policies (gRFC A52) (#6224)
xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
client: add support for pickfirst address shuffling (gRFC A62) (#6311)
xds: Add support for String Matcher Header Matcher in RDS (#6313)
xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)

Special Thanks: @​s-matyukevich


xds: enable RLS in xDS by default (#6343)
orca: add support for application_utilization field and missing range checks on several metrics setters
balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
authz: add conversion of json to RBAC Audit Logging config (#6192)
authz: add support for stdout logger (#6230 and #6298)
authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0
Behavior Changes

xds: enable federation support by default (#6151)
status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)



... (truncated)


Commits

1055b48 Update version.go to 1.56.3 (#6713)
5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
faab873 Update version.go to v1.56.2 (#6432)
6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
cd6a794 Update version.go to v1.56.2-dev (#6387)
5b67e5e Update version.go to v1.56.1 (#6386)
d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
997c1ea Change version to 1.56.1-dev (#6345)
Additional commits viewable in compare view




[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.53.0&new-version=1.56.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---

Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dolthub/go-mysql-server/network/alerts).

> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.


vitess

452: Bump google.golang.org/grpc from 1.24.0 to 1.56.3

Bumps google.golang.org/grpc from 1.24.0 to 1.56.3.

Release notes
Sourced from google.golang.org/grpc's releases.

Release 1.56.3
Security


server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)
In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.


Release 1.56.2

status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0
New Features

client: support channel idleness using WithIdleTimeout dial option (#6263)

This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.


client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
xds: Add support for Custom LB Policies (gRFC A52) (#6224)
xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
client: add support for pickfirst address shuffling (gRFC A62) (#6311)
xds: Add support for String Matcher Header Matcher in RDS (#6313)
xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)

Special Thanks: @​s-matyukevich


xds: enable RLS in xDS by default (#6343)
orca: add support for application_utilization field and missing range checks on several metrics setters
balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
authz: add conversion of json to RBAC Audit Logging config (#6192)
authz: add support for stdout logger (#6230 and #6298)
authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0
Behavior Changes

xds: enable federation support by default (#6151)
status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)



... (truncated)


Commits

1055b48 Update version.go to 1.56.3 (#6713)
5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
faab873 Update version.go to v1.56.2 (#6432)
6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
ed56401 [PSM interop] Don't fail target if sub-target ...

View the full release notes at https://github.com/dolthub/dolt/releases/tag/v1.81.3.

---

[github-actions]

🤖 An automated task has requested bottles to be published to this PR.

Caution

Please do not push to this PR branch before the bottle commits have been pushed, as this results in a state that is difficult to recover from. If you need to resolve a merge conflict, please use a merge commit. Do not force-push to this PR branch.