Changelog for Cassandra Sink Connector for Confluent Platform

Version 2.0.12

  • CC-35433 Pin commons-lang3 to 3.19.0 to fix CVE

Version 2.0.11

  • CC-33763: Removed usage of non public and deprecated APIs

Version 2.0.10

  • CC-32042: Bumped connect-plugins-parent to v0.8.49 to bring in netty v4.1.118.Final with fix for CVE-2025-24970

Version 2.0.9

  • CC-30246: Upgraded parent to latest to get netty-common 4.1.115.Final, pin org.json:json to 20240303 to fix CVEs

Version 2.0.8

  • CC-26805: Fixed CVE-2023-43642 & CVE-2023-34455 by bumping snappy-java to 1.1.10.5 from 1.1.7.3

Version 2.0.7

  • Fixed test failures in 2.0.x by downgrading cassandra driver back to 4.9.0, bumped parent POM to latest, disabled jenkins downstream validation to fix unstable build

  • Migration: Jenkins -> Semaphore

  • CC-23320, CC-22939 Fix netty-codec and jose4j CVEs

Version 2.0.6

  • Updated jackson and guava dependencies

Version 2.0.5

  • CCDB-5327: Updated pom parent and dependency versions to fix CVE-2022-24823

Version 2.0.4

  • CCDB-5231: Removed field name while logging exception

Version 2.0.3

  • CCDB-5099: Fixed jackson-databind CVEs

Version 2.0.2

  • CCDB-4801: Bumped connect-plugins-parent version to fix Gson CVE

Version 2.0.1

  • CCDB-4607: Fixed vulnerable dependency com.google.guava_guava:24.1.1-jre for Cassandra Sink connector

  • CCDB-4567: Fixed vulnerable dependency com.google.protobuf_protobuf-java:3.11.4 for Cassandra Sink connector

  • CCDB-4650: Fixed vulnerable dependency com.fasterxml.jackson.core_jackson-databind:2.10.5.1 for Cassandra Sink connector

  • CCDB-4757: Removed setMap call which causes NPE for schemaless maps

  • CCDB-4360: Fixed vulnerable dependency io.netty_netty-codec:4.1.48.Final for Cassandra Sink connector

  • Updated Jenkinsfile Nodelabel

  • MINOR: Excluded SSL test correctly

  • CCDB-1142: Enabled integration tests in Jenkins for Cassandra Sink connector

  • MINOR: Upgraded connect-plugins-parent to upgrade jackson-databind

  • Updated Docs URL path

Version 2.0.0

  • Added Kerberos Authentication which includes the following configuration changes:

    • cassandra.security.enabled (which was either true or false) was replaced with cassandra.security which can have one of the following values:

      • NONE

      • PASSWORD (plain text username or password)

      • KERBEROS

    • Introduced connect.cassandra.principal, connect.cassandra.keytab, which are the corresponding Kerberos principal and keytab (path to keytab) to be used by the connector.

    • Introduced cassandra.kerberos.sasl.protocol which is the protocol used to create the SASL client for kerberos and should match the service portion of the Cassandra service principal (for example, if set to cassandra, the Cassandra service principal must be someuser/cassandra@realm).

  • Introduced cassandra.local.datacenter which is a required configuration, with no default. See Upgrading to Version 2.0.x for details on how to configure this value.

  • cassandra.contact.points no longer has a default configuration–which used to be localhost.

  • cassandra.ssl.provider is no longer supported. This configuration property was used to define the underlying SSL implementation (JDK, OPENSSL, OPENSSL_REFCNT) for the connector. The connector now only supports the JDK SSL implementation.

  • Upgraded cassandra.table.create.caching to include an additional option N_ROWS, which you can combine with the new config cassandra.table.create.caching.rows.per.partition to define the number of rows to cache in a created table.