#27562 Update H2 database to 2.2.220

Enhancement

Major

#27629

Set initial password via environment variable

Detail

#27448

Tooltips for component templates

#27530

TLScript: all() mit dynamischem Typ

#27531

Löschoptimierung für Bulk-Löschen aus TL-Script verwenden

#27561

Update Apache XML Graphics Batik to 1.17

#27562

Update H2 database to 2.2.220

#27563

Update diagram.js to at least 3.3.1

#27574

Alternativen Port für App im Entwicklungsmodus festlegen

#27600

Instance editor: be able to edit hidden attributes

#27616

Generate translations for InApp classes

#27621

App-Archetype: Selection of OpenAPI modules

#27627

Update ACE to 1.31.0

#27631

Update plexus-archiver to 4.8.0

Bugfix

Critical

#27625

Items in dropdowns disappear when hovering

Major

#27590

Exporting documentation from the application to the workspace creates unnecessary changes

#27603

OpenAPI: Description of ResponsesObject unnecessarily mandatory

#27611

Enums: list elements with icon: Configuration cannot be read

Detail

#27374

Search evaluation: Dialog with result set shows wrong columns

#27391

Declarative forms throw exceptions for properties with dots in their names

#27453

DerivedTLTypePart.isDerived() sometimes throws an NPE

#27513

Ändern des Passwort-Repeat-Cycles hat keine Auswirkungen auf den Passwort-Check

#27548

Suche in Onlinehilfe findet für normale Nutzer keine Treffer

#27564

"Rollen prüfen" schlägt bei PostgreSQL fehl

#27578

Parameter "ProjectName" des Maven Archetype unnötig

#27583

Fehler in BuildParameters

#27597

TLClass can be set as its own superclass

#27598

Deletion of inheritance relationship only effective after restart

#27609

Crash due to inconsistent BLOB data

#27613

Tables Footer overlays DropDowns

#27619

Tooltip on table row is redundantly displayed in the upper left corner of the browser.

#27622

NPE from OpenApi Method Registry

#27633

Model Editor: Diagram disappears on "Update Layout

#27636

Tooltips on table cells sometimes stop

#27638

Dropdown-Liste ganz außen in der DOM platzieren

#27641

ClassCastException on "wrapper" during PDF export

#27644

Removal of CPU limitation in the Docker container

#27645

Make Docker Script initially executable

#27652

Fehlendes Quoting von Tabellennamen in MySQL

#27653

Falsche zu rendernde Zeilen bei ungeraden Tabellenseitengrößen

#27657

Fehlende Maven-Repository-Referenzen in tl-parent-all

Nice to have

#27579

Keine Fachobjekte in Exceptions aus IMAPMailFolder transportieren

Enhancement

Detail

#27562

Update H2 database to 2.2.220

SecurityIssue

There is the following attack scenario for H2 in version 2.1.214:

>The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."

Implementation

The dependency on the H2 database has been changed to version 2.2.224.

Existing H2 databases are automatically migrated if they throw an unsupported database file format exception when trying to connect to them.

Test

test-migrate-apps tests, among other things, the automatic migration of the database.