TabularisDB/tabularis

v0.13.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 19h Editors & IDEs

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai-agent ai-assistant cross-platform database-client database-gui database-management

+14 more

database-tool developer-tools er-diagram mcp mysql postgresql react rust sql sql-editor sqlite tauri typescript visual-query-builder

Affected surfaces

auth crypto_tls

ReleasePort's take

Moderate signal

editorial:auto 16h

Version v0.13.0 fixes corruption in the query‑history module and adds atomic writes, resolves FK metadata loading bugs, improves schema API error handling, secures MCP run_query against approval/read‑only bypasses, and introduces several new features.

Why it matters: The release patches critical data‑corruption (severity 80) and a high‑severity security vulnerability in MCP; all teams should upgrade to v0.13.0 immediately.

Summary

AI summary

Updates mcp, feat, and query-history across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Security	High	Close approval/read‑only bypass vulnerability in MCP run_query. Close approval/read‑only bypass vulnerability in MCP run_query. Source: llm_adapter@2026-06-03 Confidence: high	—
Feature
Feature	Medium	Render AI‑activity timestamps in local time and add timezone setting. Render AI‑activity timestamps in local time and add timezone setting. Source: llm_adapter@2026-06-03 Confidence: high	—
Feature	Medium	Add Kubernetes port‑forward tunnel support. Add Kubernetes port‑forward tunnel support. Source: llm_adapter@2026-06-03 Confidence: high	—
Feature	Medium	Integrate Codex MCP integration. Integrate Codex MCP integration. Source: llm_adapter@2026-06-03 Confidence: high	—
Feature	Medium	Integrate Quick Navigator search overlay. Integrate Quick Navigator search overlay. Source: llm_adapter@2026-06-03 Confidence: high	—
Feature	Medium	Introduce new tabs for DML (Data Manipulation Language). Introduce new tabs for DML (Data Manipulation Language). Source: llm_adapter@2026-06-03 Confidence: high	—
Feature	Medium	Honor MySQL SSL mode during connection setup. Honor MySQL SSL mode during connection setup. Source: llm_adapter@2026-06-03 Confidence: high	—
Bugfix
Bugfix	Medium	Fix query-history corruption and add atomic writes. Fix query-history corruption and add atomic writes. Source: llm_adapter@2026-06-03 Confidence: high	—
Bugfix	Medium	Fix FK metadata loading issues. Fix FK metadata loading issues. Source: llm_adapter@2026-06-03 Confidence: high	—
Bugfix	Medium	Surface get_schemas failures with errors and retry on failure. Surface get_schemas failures with errors and retry on failure. Source: llm_adapter@2026-06-03 Confidence: high	—

Full changelog

See the assets to download this version and install.

What's Changed

fix(query-history): recover from corruption + atomic writes by @debba in https://github.com/TabularisDB/tabularis/pull/253
Fix FK metadata loading by @m-tonon in https://github.com/TabularisDB/tabularis/pull/245
fix(ai-activity): render timestamps in local time + add display timezone setting by @ymadd in https://github.com/TabularisDB/tabularis/pull/251
fix(schemas): surface get_schemas failure with error + retry by @verbaux in https://github.com/TabularisDB/tabularis/pull/242
fix(mcp): dispatch plugin drivers via the registry + harden the --mcp subprocess by @ymadd in https://github.com/TabularisDB/tabularis/pull/256
feat: Kubernetes port-forward tunnel support by @metalgrid in https://github.com/TabularisDB/tabularis/pull/246
Add Codex MCP integration by @arsis-dev in https://github.com/TabularisDB/tabularis/pull/264
fix(mcp): close approval/read-only bypass in run_query by @ymadd in https://github.com/TabularisDB/tabularis/pull/261
feat: integrate Quick Navigator search overlay by @debba in https://github.com/TabularisDB/tabularis/pull/252
New tabs DML (Data Manipulation Language) by @capvalen in https://github.com/TabularisDB/tabularis/pull/259
Honor MySQL SSL mode in connection setup by @arsis-dev in https://github.com/TabularisDB/tabularis/pull/263

New Contributors

@metalgrid made their first contribution in https://github.com/TabularisDB/tabularis/pull/246
@arsis-dev made their first contribution in https://github.com/TabularisDB/tabularis/pull/264
@capvalen made their first contribution in https://github.com/TabularisDB/tabularis/pull/259

Full Changelog: https://github.com/TabularisDB/tabularis/compare/v0.12.0...v0.13.0

Security Fixes

fix(mcp): close approval/read‑only bypass in run_query

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track TabularisDB/tabularis

Get notified when new releases ship.

About TabularisDB/tabularis

All releases →