merge master

CHANGELOG.md

@@ -959,12 +959,12 @@ Enable hash partition by default; and enable range columns partition when there
     - Control whether to open the `general log`
     - Support modifying the log level online
     - Check the TiDB cluster information
-* [Add the `auto_analyze_ratio` system variables to contorl the ratio of Analyze](https://pingcap.com/docs/FAQ/#whats-the-trigger-strategy-for-auto-analyze-in-tidb)
-* [Add the `tidb_retry_limit` system variable to control the automatic retry times of transactions](https://pingcap.com/docs/sql/tidb-specific/#tidb-retry-limit)
-* [Add the `tidb_disable_txn_auto_retry` system variable to control whether the transaction retries automatically](https://pingcap.com/docs/sql/tidb-specific/#tidb-disable-txn-auto-retry)
-* [Support using `admin show slow` statement to obtain the slow queries ](https://pingcap.com/docs/sql/slow-query/#admin-show-slow-command)
-* [Add the `tidb_slow_log_threshold` environment variable to set the threshold of slow log automatically](https://pingcap.com/docs/sql/tidb-specific/#tidb_slow_log_threshold) 
-* [Add the `tidb_query_log_max_len` environment variable to set the length of the SQL statement to be truncated in the log dynamically](https://pingcap.com/docs/sql/tidb-specific/#tidb_query_log_max_len)
+* [Add the `auto_analyze_ratio` system variables to contorl the ratio of Analyze](https://docs.pingcap.com/tidb/stable/sql-faq#whats-the-trigger-strategy-for-auto-analyze-in-tidb)
+* [Add the `tidb_retry_limit` system variable to control the automatic retry times of transactions](https://docs.pingcap.com/tidb/stable/system-variables#tidb_retry_limit)
+* [Add the `tidb_disable_txn_auto_retry` system variable to control whether the transaction retries automatically](https://docs.pingcap.com/tidb/stable/system-variables/#tidb_disable_txn_auto_retry)
+* [Support using `admin show slow` statement to obtain the slow queries ](https://docs.pingcap.com/tidb/stable/identify-slow-queries/#admin-show-slow-command)
+* [Add the `tidb_slow_log_threshold` environment variable to set the threshold of slow log automatically](https://docs.pingcap.com/tidb/stable/system-variables#tidb_slow_log_threshold) 
+* [Add the `tidb_query_log_max_len` environment variable to set the length of the SQL statement to be truncated in the log dynamically](https://docs.pingcap.com/tidb/stable/system-variables#tidb_query_log_max_len)
 
 ### DDL
 * Support the parallel execution of the add index statement and other statements to avoid the time consuming add index operation blocking other operations

SECURITY.md

@@ -0,0 +1,33 @@
+# Security Vulnerability Disclosure and Response Process
+
+TiDB is a fast-growing open source database. To ensure its security, a security vulnerability disclosure and response process is adopted.
+
+The primary goal of this process is to reduce the total exposure time of users to publicly known vulnerabilities. To quickly fix vulnerabilities of TiDB products, the security team is responsible for the entire vulnerability management process, including internal communication and external disclosure.
+
+If you find a vulnerability or encounter a security incident involving vulnerabilities of TiDB products, please report it as soon as possible to the TiDB security team ([email protected]).
+
+Please kindly help provide as much vulnerability information as possible in the following format:
+
+- Issue title*:
+
+- Overview*:
+
+- Affected components and version number*:
+
+- CVE number (if any):
+
+- Vulnerability verification process*:
+
+- Contact information*:
+
+The asterisk (*) indicates the required field.
+
+# Response Time
+
+The TiDB security team will confirm the vulnerabilities and contact you within 2 working days after your submission.
+
+We will publicly thank you after fixing the security vulnerability. To avoid negative impact, please keep the vulnerability confidential until we fix it. We would appreciate it if you could obey the following code of conduct:
+
+The vulnerability will not be disclosed until TiDB releases a patch for it.
+
+The details of the vulnerability, for example, exploits code, will not be disclosed.

cmd/explaintest/r/explain_generate_column_substitute.result

@@ -442,13 +442,13 @@ StreamAgg	4.80	root		group by:EMPTY_NAME, funcs:max(EMPTY_NAME)->Column#7
   └─IndexFullScan	6.00	cop[tikv]	table:t, index:expression_index_2(upper(`b`))	keep order:true
 desc format = 'brief' select count(upper(b)) from t use index() group by upper(b);
 id	estRows	task	access object	operator info
-HashAgg	4.80	root		group by:EMPTY_NAME, funcs:count(EMPTY_NAME)->Column#7
-└─Projection	6.00	root		EMPTY_NAME
+HashAgg	6.00	root		group by:Column#9, funcs:count(Column#8)->Column#7
+└─Projection	6.00	root		upper(test.t.b)->Column#8, upper(test.t.b)->Column#9
   └─TableReader	6.00	root		data:TableFullScan
     └─TableFullScan	6.00	cop[tikv]	table:t	keep order:false
 desc format = 'brief' select max(upper(b)) from t use index() group by upper(b);
 id	estRows	task	access object	operator info
-HashAgg	4.80	root		group by:EMPTY_NAME, funcs:max(EMPTY_NAME)->Column#7
-└─Projection	6.00	root		EMPTY_NAME
+HashAgg	6.00	root		group by:Column#9, funcs:max(Column#8)->Column#7
+└─Projection	6.00	root		upper(test.t.b)->Column#8, upper(test.t.b)->Column#9
   └─TableReader	6.00	root		data:TableFullScan
     └─TableFullScan	6.00	cop[tikv]	table:t	keep order:false

ddl/placement/bundle.go

@@ -19,6 +19,7 @@ import (
 	"errors"
 	"fmt"
 	"strconv"
+	"strings"
 
 	"github.com/pingcap/failpoint"
 	"github.com/pingcap/parser/ast"
@@ -201,3 +202,40 @@ func (b *Bundle) Clone() *Bundle {
 func (b *Bundle) IsEmpty() bool {
 	return len(b.Rules) == 0 && b.Index == 0 && !b.Override
 }
+
+// ObjectID extracts the db/table/partition ID from the group ID
+func (b *Bundle) ObjectID() (int64, error) {
+	// If the rule doesn't come from TiDB, skip it.
+	if !strings.HasPrefix(b.ID, BundleIDPrefix) {
+		return 0, ErrInvalidBundleIDFormat
+	}
+	id, err := strconv.ParseInt(b.ID[len(BundleIDPrefix):], 10, 64)
+	if err != nil {
+		return 0, fmt.Errorf("%w: %s", ErrInvalidBundleID, err)
+	}
+	if id <= 0 {
+		return 0, fmt.Errorf("%w: %s doesn't include an id", ErrInvalidBundleID, b.ID)
+	}
+	return id, nil
+}
+
+func isValidLeaderRule(rule *Rule, dcLabelKey string) bool {
+	if rule.Role == Leader && rule.Count == 1 {
+		for _, con := range rule.Constraints {
+			if con.Op == In && con.Key == dcLabelKey && len(con.Values) == 1 {
+				return true
+			}
+		}
+	}
+	return false
+}
+
+// GetLeaderDC returns the leader's DC by Bundle if found.
+func (b *Bundle) GetLeaderDC(dcLabelKey string) (string, bool) {
+	for _, rule := range b.Rules {
+		if isValidLeaderRule(rule, dcLabelKey) {
+			return rule.Constraints[0].Values[0], true
+		}
+	}
+	return "", false
+}