Documentation Source Text

Check-in [0fc93d49ce]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Reference the trusted_schema capability in the 3.31.0 change log.
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 0fc93d49ce516d266ccf908849d0c80871e75831b0bf22a00485643b873c19fa
User & Date: drh 2020-01-10 00:00:42
Context
2020-01-13
13:33
Typo fixes. check-in: 19599a7e1b user: drh tags: trunk
2020-01-10
00:00
Reference the trusted_schema capability in the 3.31.0 change log. check-in: 0fc93d49ce user: drh tags: trunk
2019-12-26
01:22
Push back the proposed release date for 3.31.0 by a month. check-in: 157fdd299b user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to pages/changes.in.

21
22
23
24
25
26
27




28
29
30
31
32








33
34
35
36
37
38
39
  incr nChng
}

chng {2020-01-31 (3.31.0)} {
<li>Add support for [generated columns].
<li>Add the [sqlite3_hard_heap_limit64()] interface and the corresponding
    [PRAGMA hard_heap_limit] command.




<li>Add the [DBSTAT aggregated mode|aggregated mode] feature to the
    [DBSTAT virtual table].
<li>Add the [SQLITE_OPEN_NOFOLLOW] option to [sqlite3_open_v2()] that
    prevents SQLite from opening symbolic links.
<li>Added the "#-N" array notation for [JSON function path arguments].








<li>Faster response to [sqlite3_interrupt()].
<li>Added the [https://sqlite.org/src/file/ext/misc/uuid.c|uuid.c] extension module
    implementing functions for processing RFC-4122 UUIDs.
<li>The [legacy_file_format pragma] is deactivated.  It is now a no-op.  In its place,
    the [SQLITE_DBCONFIG_LEGACY_FILE_FORMAT] option to [sqlite3_db_config()] is
    provided.  The legacy_file_format pragma is deactivated because (1) it is
    rarely useful and (2) it is incompatible with [VACUUM] in schemas that have







>
>
>
>





>
>
>
>
>
>
>
>







21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
  incr nChng
}

chng {2020-01-31 (3.31.0)} {
<li>Add support for [generated columns].
<li>Add the [sqlite3_hard_heap_limit64()] interface and the corresponding
    [PRAGMA hard_heap_limit] command.
<li>Enhance the [function_list pragma] to show the number of arguments on each
    function, the type of function (scalar, aggregate, window), and the function
    property flags [SQLITE_DETERMINISTIC], [SQLITE_DIRECTONLY],
    [SQLITE_INNOCUOUS], and/or [SQLITE_SUBTYPE].
<li>Add the [DBSTAT aggregated mode|aggregated mode] feature to the
    [DBSTAT virtual table].
<li>Add the [SQLITE_OPEN_NOFOLLOW] option to [sqlite3_open_v2()] that
    prevents SQLite from opening symbolic links.
<li>Added the "#-N" array notation for [JSON function path arguments].
<li>Added the [SQLITE_DBCONFIG_TRUSTED_SCHEMA] connection setting which is
    also controllable via the new [trusted_schema pragma] and at compile-time
    using the [-DSQLITE_TRUSTED_SCHEMA] compile-time option.
<li>Provide the ability to tag [application-defined SQL functions] with
    new properties [SQLITE_INNOCUOUS] or [SQLITE_DIRECTONLY].
<li>Add new verbs to [sqlite3_vtab_config()] so that the [xConnect] method
    of virtual tables can declare the virtual table as
    [SQLITE_VTAB_INNOCUOUS] or [SQLITE_VTAB_DIRECTONLY].
<li>Faster response to [sqlite3_interrupt()].
<li>Added the [https://sqlite.org/src/file/ext/misc/uuid.c|uuid.c] extension module
    implementing functions for processing RFC-4122 UUIDs.
<li>The [legacy_file_format pragma] is deactivated.  It is now a no-op.  In its place,
    the [SQLITE_DBCONFIG_LEGACY_FILE_FORMAT] option to [sqlite3_db_config()] is
    provided.  The legacy_file_format pragma is deactivated because (1) it is
    rarely useful and (2) it is incompatible with [VACUUM] in schemas that have

Changes to pages/compile.in.

766
767
768
769
770
771
772










773
774
775
776
777
778
779
}

COMPILE_OPTION {SQLITE_TRACE_SIZE_LIMIT=<i>N</i>} {
  If this macro is defined to a positive integer <i>N</i>, then the length of
  strings and BLOB that are expanded into parameters in the output of
  [sqlite3_trace()] is limited to <i>N</i> bytes.  
}











COMPILE_OPTION {SQLITE_USE_URI} {
  This option causes the [URI filename] process logic to be enabled by 
  default.  
}

</tcl>







>
>
>
>
>
>
>
>
>
>







766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
}

COMPILE_OPTION {SQLITE_TRACE_SIZE_LIMIT=<i>N</i>} {
  If this macro is defined to a positive integer <i>N</i>, then the length of
  strings and BLOB that are expanded into parameters in the output of
  [sqlite3_trace()] is limited to <i>N</i> bytes.  
}

COMPILE_OPTION {SQLITE_TRUSTED_SCHEMA=<i>&lt;0 or 1&gt;</i>} {
  This macro determines the default value for the
  [SQLITE_DBCONFIG_TRUSTED_SCHEMA] and [PRAGMA trusted_schema] setting.
  If no alternative is specified, the trusted-schema setting defaults
  to ON (a value of 1) for legacy compatibility.  However, for best
  security, systems that implement
  [application-defined SQL functions] and/or [virtual tables] should
  consider changing the default to OFF.
}

COMPILE_OPTION {SQLITE_USE_URI} {
  This option causes the [URI filename] process logic to be enabled by 
  default.  
}

</tcl>

Changes to pages/expridx.in.

1
2
3
4
5
6
7
8
9
10
<title>Indexes On Expressions</title>
<tcl>hd_keywords {indexes on expressions} {Indexes On Expressions} \
     {expression index}</tcl>

<fancy_format>

<p>
Normally, an SQL index references columns of a table.  But an index
can also be formed on expressions involving table columns.



|







1
2
3
4
5
6
7
8
9
10
<title>Indexes On Expressions</title>
<tcl>hd_keywords {indexes on expressions} {Indexes On Expressions} \
     {expression index} {expression indexes}</tcl>

<fancy_format>

<p>
Normally, an SQL index references columns of a table.  But an index
can also be formed on expressions involving table columns.

Changes to pages/lang.in.

1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
[generated column] syntax is supported since SQLite 3.31.0 ([dateof:3.31.0]).

<p>^Unlike most SQL databases, SQLite does not restrict the type of data that
may be inserted into a column based on the columns declared type. Instead,
SQLite uses [dynamic typing]. ^The declared type of a column is used to
determine the [affinity] of the column only.

<tcl>hd_fragment dfltval {default column value} {default value}</tcl>
<p>The DEFAULT clause specifies a default value to use for the column if no
value is explicitly provided by the user when doing an [INSERT]. ^If there
is no explicit DEFAULT clause attached to a column definition, then the 
default value of the column is NULL. ^(An explicit DEFAULT clause may specify
that the default value is NULL, a string constant, a blob constant, a
signed-number, or any constant expression enclosed in parentheses. A
default value may also be one of the special case-independent keywords







|







1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
[generated column] syntax is supported since SQLite 3.31.0 ([dateof:3.31.0]).

<p>^Unlike most SQL databases, SQLite does not restrict the type of data that
may be inserted into a column based on the columns declared type. Instead,
SQLite uses [dynamic typing]. ^The declared type of a column is used to
determine the [affinity] of the column only.

<tcl>hd_fragment dfltval {default column value} {default value} {DEFAULT clauses}</tcl>
<p>The DEFAULT clause specifies a default value to use for the column if no
value is explicitly provided by the user when doing an [INSERT]. ^If there
is no explicit DEFAULT clause attached to a column definition, then the 
default value of the column is NULL. ^(An explicit DEFAULT clause may specify
that the default value is NULL, a string constant, a blob constant, a
signed-number, or any constant expression enclosed in parentheses. A
default value may also be one of the special case-independent keywords

Changes to pages/pragma.in.

1413
1414
1415
1416
1417
1418
1419




















1420
1421
1422
1423
1424
1425
1426
....
1852
1853
1854
1855
1856
1857
1858
1859




1860
1861
1862
1863
1864
1865
1866
    compile-time option.  When the limit is zero, that means no
    auxiliary threads will be launched.</p>

    <p>This pragma is a thin wrapper around the
    [sqlite3_limit](db,[SQLITE_LIMIT_WORKER_THREADS],...) interface.
    </p>
}





















Pragma collation_list {
    <p>^(<b>PRAGMA collation_list;</b></p>
    <p>Return a list of the collating sequences defined for the current
    database connection.</p>)^
}

................................................................................
    misuse of this pragma can easily result in
    a [cfgerrors|corrupt database file].</warning>
}

Pragma function_list {
    <p>^(<b>PRAGMA function_list;</b>
    <p>This pragma returns a list of SQL functions
    known to the database connection.)^




}

Pragma pragma_list {
    <p>^(<b>PRAGMA pragma_list;</b>
    <p>This pragma returns a list of PRAGMA commands
    known to the database connection.)^
}







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







 







|
>
>
>
>







1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
....
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
    compile-time option.  When the limit is zero, that means no
    auxiliary threads will be launched.</p>

    <p>This pragma is a thin wrapper around the
    [sqlite3_limit](db,[SQLITE_LIMIT_WORKER_THREADS],...) interface.
    </p>
}

Pragma trusted_schema {
    <p><b>PRAGMA trusted_schema;
      <br>PRAGMA trusted_schema = </b><i>boolean</i><b>;</b></p>
    <p>The trusted_schema setting is a per-connection boolean that
    determines whether or not SQL functions and virtual tables that
    have not been security audited are allowed to be run by views,
    triggers, or in expressions of the schema such as [CHECK constraints],
    [DEFAULT clauses], [generated columns], [expression indexes], and/or
    [partial indexes].  This setting can also be controlled using
    the [sqlite3_db_config](db,[SQLITE_DBCONFIG_TRUSTED_SCHEMA],...)
    C-language interface.
    <p>In order to maintain backwards compatibility, this setting is
    ON by default.  There are advantages to turning it off, and most
    applications will be unaffected if it is turned off.  For that reason,
    all applications are encouraged to switch this setting off on every
    database connection as soon as that connection is opened.
    <p>The [-DSQLITE_TRUSTED_SCHEMA=0] compile-time option will cause
    this setting to default to OFF.
}

Pragma collation_list {
    <p>^(<b>PRAGMA collation_list;</b></p>
    <p>Return a list of the collating sequences defined for the current
    database connection.</p>)^
}

................................................................................
    misuse of this pragma can easily result in
    a [cfgerrors|corrupt database file].</warning>
}

Pragma function_list {
    <p>^(<b>PRAGMA function_list;</b>
    <p>This pragma returns a list of SQL functions
    known to the database connection.)^  Each row of the result
    describes a single calling signature for a single SQL function.
    Some SQL functions will have multiple rows in the result set
    if they can (for example) be invoked with a varying number of
    arguments or can accept text in various encodings.
}

Pragma pragma_list {
    <p>^(<b>PRAGMA pragma_list;</b>
    <p>This pragma returns a list of PRAGMA commands
    known to the database connection.)^
}