Version 7


Security Update:

We advise all users to apply the recent update to their installations. This update addresses a security vulnerability that has the potential to allow an attacker to escalate their privileges.

To date, we are not aware of any instances where this vulnerability has been actively exploited in the wild. However, it is always best to remain proactive in maintaining the security of your systems.

It’s worth noting some limitations regarding the severity of this vulnerability:

  • An attacker must already be logged into the system to exploit this vulnerability.

  • Only members of the ‘dvb_user’ group have the capability to leverage this issue, meaning its only affecting users with already extensive permissions to do changes within the environment.

Given these constraints, while the risk is mitigated to a certain extent, it remains essential to update your systems to safeguard against potential threats.

Following part is only relevant for customers targeting snowflake: With the update script, a new user and role will be introduced which will be able to handle security sensitive tasks - and at the same time this permissions will be revoked from the current datavaultbuilder role. This role will maintain its own connection pool. Please have a look at the configuration options here:

  • Dimensional Model: Granularity satellite of an existing business object can now be changed in the edit dialogue.

  • Stability: Self healing connection pool in case of unexpected transaction crashes.

  • Stability: Self healing api in case of changed token.

  • Docker: Introducing health state check for services core, api, connection pool and webgui.

  • Deployment: Extended compatibilty with old version 5 exports.

  • Stability: Fixed an issue which could lead to a stackoverflow and starvation of connection pool service.

  • PIT: Fixed load potentially being initiated prior to all underlying loads being finished.

  • Staging: Fixed potentially duplicated columns for Big Query source.

  • Business Rules: Fixed filter not being applied when creating new business ruleset.

Hints for the Installation: Manual Update Scripts / Automatic Model Update
  • MS SQL: No / No

  • Oracle: No / No

  • Postgres: No / No

  • Exasol: No / No

  • Snowflake: Yes / No

  • Synapse: No / No


Internal Release


  • Deployment: Disabled sync of deployment packages to and from database to prevent potential stackoverflow for certain deployments. Deployment logs are still written, but won’t be available anymore in the deployment in case of a service recreation.

Hints for the Installation: Manual Update Scripts / Automatic Model Update
  • MS SQL: No / No

  • Oracle: No / No

  • Postgres: No / No

  • Exasol: No / No

  • Snowflake: No / No

  • Synapse: No / No


  • Business Rules: Fixed issue in selecting current business rule and updating publication status in list.

Hints for the Installation: Manual Update Scripts / Automatic Model Update
  • MS SQL: No / No

  • Oracle: No / No

  • Postgres: No / No

  • Exasol: No / No

  • Snowflake: No / No

  • Synapse: No / No


New Features:
  • Deployment:

    • Completely refactored.

    • Faster comparison of two states.

    • Faster deployment due to parallel processing of steps.

    • New APIs for generating packages and monitoring process.

    • New Log tables available for deployments on the database.

    • Object comment now visible in comparison view.

    • Added line-based diff for business ruleset code, customized source queries and post job sql queries.

  • General: More specific categorization of columns to corresponding column type (e.g. hash, bk, attribute, ..).

  • General: Improved column type categorization to reduce risks of naming collisions (e.g. columns ending to _h or _bk).

  • General: Reduced number of main containers to 4 (core, connection_pool, api, webgui) which allows deploying more easily and now supports ACI on Azure.

  • Deployment: New optimized export format.

    • Restructured folder / file paths.

    • Removed “Group”-Files - only one file per object.

    • Added multiline markup for business rules code, custom source query and post job query.

  • Deployment: Handle tracking satellites for which no load exists anymore to be still importable.

  • Deployment: Fixed issues with dependency selection and dependent step deployments.

  • Deployment: Fixed various deployment order issues.

  • Deployment: Fixed false positive change detections.

  • Deployment: Fixed object filters for CICD APIs.

Other Changes:
  • Architecture: Removed separate scheduler container.

  • Architecture: Removed separate cicd container.

Behavior/Breaking Changes:
  • Deployment: Deployment is now processed on the backend and not from within the UI anymore, meaning the deployment will continue even though the browser is closed.

  • Deployment: New optimized export format to check into git. Old format can still be read, but starting with Version 7 the export can not be retrieved in the old format anymore.

  • Deployment - APIs: Since the CICD container is removed, existing calls to previous CICD APIs are no longer possible. However, to easen the migration, corresponding APIs have been implemented in the core engine. For the migration:

    • Instead of calling url /cicd/ change the calls to /rpc/ (e.g. instead of /cicd/deployModel use /rpc/deployModel)

    • These APIs require a token based authentication and do not accept username + password in the payloads.

      • Therefore: In the script, add a step to call /rpc/login to retrieve a token

      • Set this token into the header of the rpc call for authentication

    • Even though the the compatibility APIs can then be used in the same way, they are based on new backend and will therefore produce a different result then previous CICD APIs. Especially:

      • exportModel: Will only return the model in the new export format (2.0) - in case you need the deprecated format, the export has to be done over the UI

      • APIs won’t return a junit response anymore

Hints for the Installation: Manual Update Scripts / Automatic Model Update
  • MS SQL: Yes / No

  • Oracle: Yes/ No

  • Postgres: Yes / No

  • Exasol: Yes / No

  • Snowflake: Yes / No

  • Synapse: Yes / No


Make sure to check the section for major upgrade steps for 6.X.X.X to 7.X.X.X and apply required changes!


Second release candidate


First release candidate

Beta releases