Skip to content

[BACKLOG-47897] Table input step UI is displaying an incorrect db con…#10328

Open
pdesai16 wants to merge 1 commit intopentaho:masterfrom
pdesai16:backlog-47897
Open

[BACKLOG-47897] Table input step UI is displaying an incorrect db con…#10328
pdesai16 wants to merge 1 commit intopentaho:masterfrom
pdesai16:backlog-47897

Conversation

@pdesai16
Copy link
Contributor

@pdesai16 pdesai16 commented Dec 4, 2025

…nection name, if the connection it uses is deleted

  • Updated the TableInputDialog to not select the first DB connection in dropdown if the connection being used was deleted

@pdesai16
[BACKLOG-47897] Table input step UI is displaying an incorrect db con…
92b55f5 
…nection name, if the connection it uses is deleted

- Updated the TableInputDialog to not select the first DB connection in
  dropdown if the connection being used was deleted
@pdesai16 pdesai16 requested a review from a team as a code owner December 4, 2025 14:42
@abryant-hv
Copy link
Contributor

abryant-hv commented Dec 4, 2025

Describing the bug in the commit message is not great. Better to describe the change in this commit.

abryant-hv
abryant-hv reviewed Dec 4, 2025
View reviewed changes
ui/src/main/java/org/pentaho/di/ui/trans/steps/tableinput/TableInputDialog.java

// Connection line
wConnection = addConnectionLine( shell, wStepname, middle, margin );
if ( input.getDatabaseMeta() == null && transMeta.nrDatabases() == 1 ) {
Copy link
Contributor

@abryant-hv abryant-hv Dec 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are a number of other dialogs that have this exact same logic. Are we going to fix those as well? or make the behavior inconsistent?

@buildguy

This comment has been minimized.

Sign in to view
@hitachivantarasonarqube
Copy link

hitachivantarasonarqube bot commented Feb 3, 2026

Passed Quality Gate passed

Issues

Measures

Project ID: org.pentaho.di:pdi

View in SonarQube

@buildguy
Copy link
Collaborator

buildguy commented Feb 3, 2026

🚨 Frogbot scanned this pull request and found the below:

📦 Vulnerable Dependencies

✍️ Summary

SEVERITY DIRECT DEPENDENCIES IMPACTED DEPENDENCY FIXED VERSIONS CVES

Medium		 org.apache.poi:poi-ooxml:5.2.5
org.pentaho.di.plugins:excel-plugins-core:11.1.0.0-SNAPSHOT		 org.apache.poi:poi-ooxml 5.2.5 [5.4.0] CVE-2025-31672

🔬 Research Details

Description:
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names (including the path) in the zip. In this case, products reading the affected file could read different data because 1 of the zip entries with the duplicate name is selected over another but different products may choose a different zip entry.
This issue affects Apache POI poi-ooxml before 5.4.0. poi-ooxml 5.4.0 has a check that throws an exception if zip entries with duplicate file names are found in the input file.
Users are recommended to upgrade to version poi-ooxml 5.4.0, which fixes the issue. Please read https://poi.apache.org/security.html for recommendations about how to use the POI libraries securely.

Note:

Frogbot also supports Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning. This features are included as part of the JFrog Advanced Security package, which isn't enabled on your system.

@buildguy
Copy link
Collaborator

buildguy commented Feb 3, 2026

❌ Build failed in 58m

Build command:

mvn clean verify -B -e -Daudit -Djs.no.sandbox -pl ui

👌 All tests passed!

Tests run: 366, Failures: 0, Skipped: 0    Test Results

ℹ️ This is an automatic message

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abryant-hv abryant-hv abryant-hv left review comments

@tgf tgf tgf approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pdesai16 @abryant-hv @buildguy @tgf