* Leaving the loading of extensions enabled might be a security risk
Using sqlite3_enable_load_extension not only allows loading extensions
through the C-API but also through the SQL functioon load_extension().
That might be a security risk if the user is unaware that executing an
SQL file can lead to native code execution and not only to database file
modification.
See issue #1551
* Preference for allowing loading extensions from SQL code
New setting that authorizes the execution of load_extension() from SQL
code. Default value, false, following the design decision of SQLite, that
disables this function unless by default.
Added notice about the option in the calltips of the two function
variants.
The schema column of objects is pre-formatted with wrapped style. In this
way, if the "db.hideschemalinebreaks" setting is enabled, the printed
output is formatted in the same way, but with a wrapping style, so long
lines do not extend the Schema column too much.
Added tooltip to Preferences dialog, so it isn't a so hidden feature.
Translations updated accordingly for the release.
The header style is not applied in that same case.
Give hints to the user about the context where the different quoting
options would be useful.
Declare the Standard SQL option as the recommended setting.
"SQL editor font" and "SQL editor font size" are located at the same row
for saving vertical space in the Preferences dialog.
Accelerator keys for "Wrap lines" and "Quotes for identifiers" have been
added.
Some buddies have been fixed.
A new option is added to the SQL tab in Preferences for choosing which
quoting characters must be used by the application when it inserts an
identifier in SQL code. The three options supported by SQLite are
available.
Default quoting characters have been changed from `Grave accents` to
"Double quotes" (SQL standard).
This options also affect the highlighting of double quoted strings: when
the SQL standard is selected, double quoted expressions are highlighted as
identifiers, otherwise as literal strings.
A new setting is added to the 'SQL' tab of the Preferences dialog. It
enables the line wrapping in the editors with none/character/word/
whitespace boundaries.
See comments in issue #1173.
All the colour configurations have been reviewed under an operating-system theme
dark theme.
Some hard-coded colours in QScintilla editors and Data Browser have been
replaced by queries of the system palette or reuse of our settings.
New settings for foreground and background colours for QScintilla editors
defaulting to system colours. This is mainly needed because if the user
saves colour settings for a dark theme and then he changes the system theme
back to a light theme, then the foreground colours are preserved while the
background would fall back to the system theme leading to an incompatible
combination. This also gives more freedom to the user in defining his own
colour combinations.
Since only the default colour settings adapt to the system theme, and once
settings are saved this can no longer happen, a 'Restore Defaults' button
is added so the default adapted colour settings can be restored. This is
also useful for restoring default behaviour when wanted.
Other fixes and improvements: waiting cursor while saving; check boxes in
SQL tab for bold, italic and underline when applicable; avoid translation
of hidden colour setting names used in code.
See related issue #1324.
Added a new setting for completing the SQL keywords in upper case (default
being true).
Scintilla setAutoCompletionCaseSensitivity is set to false. Otherwise the
completion is only done in lowercase when both case versions are added,
or if only upper case version is added, writing lower case letters does
not use the upper case version of the word in the completion list. This
change doesn't have apparently any downside, since SQL is actually case
insensitive.
Consequently the list of keywords is only added in one of the two letter
case versions, depending on the new setting value.
The new preference check-box is only enabled when the auto-complete
check-box is checked.
See issues #1238 and #1287.
A new setting allows the user to set the text for BLOB data in the cell.
The existing line-edit for setting the NULL text and the new one for BLOB
are updated with the cell background and foreground colors, providing a
preview of the desired changes. An additional preview-only box is added for
the regular fields.
See issue #1263
Settings in Database tab are left-aligned for consistency to other tabs.
See comment in #1173.
Removed the related check box in the Preferences Dialog. A new checkable
tool-button with icon from the Silk collection. When checked, the
indent-on-loading and compact-on-saving feature is enabled. When widget
is destroyed, the setting value is saved from this button state.
Currently it is only usable in the JSON mode, but could be reused in XML
and any other future modes.
See issue #1173.
Some tooltips in the Edit Dialog have been corrected, since it is not only
used for text.
Two new application toolbars: Extra DB (attach, close database) and Project
(Open, Save). Can be disabled and moved as usual.
Icons for Close Database and Attach Database actions, which lacked ones.
Different icon for the dock configuration, so they are visually
distinguishable from the toolbar configurations.
New preference for the toolbar style, with default value: text besides icon
as before. But in order for the style to change, the value in UI must be
ToolButtonIconOnly.
Needed new icons from famfamfam.com's Silk collection.
See related issue #331
Improve the feedback to the user for invalid JSON data using error
indicators like the SQL editor.
Do not select all the text in the JSON mode, in order to see the
syntax highlighting while browsing.
Fix the logic in the case of not compacting/prettifying.
Change "Indent" to "Pretty print" in preferences for coherence to
JSON Export dialog (actually it is not only indentation).
Do not underline error style font, so it does not overlap with
error indicators.
See issue #1173
New setting for enabling the following feature:
when JSON data is loaded in the JSON cell editor, the text is
indented. Before JSON data written back into the cell, the text
is compacted.
See issue #1173
Minor adjustment in preference label: removed ":" for consistency.
results pane
Copy for multi-line text data surrounds the text with the
<pre> tag in the HTML version for avoiding line white-space
adjustments in the pasted text. See #1058
Do not use binary data in the "Use as Filter" option.
Indicate the existence of an error in the background of the
SQL results frame. The error-indicators is reused for
disabling this functionality.
When nothing is shown, a placeholder text hints the
objective of the results pane.
The preference label for the font size of this pane is
modified for consistency (SQL Log is another widget).
When fetching a remote database automatically generate a file name to
save the database as instead of asking the user for a path and name.
Also add a preferences option to set the directory for all cloned remote
databases.
This is obviously a trade-off: on the one hand this makes opening remote
databases simpler (it's just a double click), on the other hand it takes
control away from the users. The main reason for doing this, however, is
to indicate to the user that the cloned databases are going to be
controlled by DB4S. We have to keep track of the local databases in
order to update them from the right place, push them back to the right
place, etc. And because the local copies are under DB4S control we don't
want the user to move, rename, or delete them.
Add a list of all configured client certificates to the preferences
dialog and show some information on them.
Add two button to the preferences dialog to add and remove client
certificates.
Copy configured client certificates to some safe place where they aren't
deleted by accident.
Change the remote code to expect certificate and private key in one
file. The path to this file is still hardcoded, now to client.cert.pem.
Remove the example client certificate as it's not up-to-date anymore
anyway.
Still missing: Option to use a configured client certificate from the
preferences dialog to authenticate.
Change the layout of the preferences dialog a bit.
Remove the server selection combo box from the preferences dialog as it
will probably never be required. The way we do logins using certificates
kind of makes this obsolete, I think.
Restructure the whole remote code a little bit. Also add helper
functions here and there.
Show a list of our the CA certificates built into the application in the
preferences dialog. This list is read only of course but still
informative as it tells the user which sites are supported ny DB4S.
Introduce a new option in the Preferences dialog for setting the delay
time which the filter widgets are waiting for before applying the newly
set value.
Also reduce the default delay time from 300 to 200 ms.
See issue #490.
See issue #383.
Also delete the custom styling sheets for the Data Browser tab in the
Preferences Dialog - no need to have these group boxes look differently
from all the others.
Add a new option to the Preferences Dialog which activates horizontal
tiling between the SQL code editor and the result view in the Execute
SQL tab, i.e. the two widgets are shown side by side instead of one over
the other.
See issue #380.
Add an option to remember the location of the last opened or saved file
and use it as the default location for the next file dialog because
always going back to the default location set in the preferences dialog
can be a real hastle.
See issues #224, #276 and #281.
When not configured otherwise in the Preferences Dialog register a
SQLite function for performing the regular expression matching which
SQLite doesn't implement. This adds support for the REGEXP operator even
when no extension which implements this is loaded.
See issue #215.
Add a new checkbox to the Preferences Dialog which allows the user to
fully disable automatic check for new versions instead of just ignoring
the last shown update message. This also prevents DB4S from performing
any HTTP requests.
See issues #173 and #208.
