Release 21.0 Patch Update from upstream

[andyedison]

Description

Related Issue(s)

Checklist

• "Backport to:" labels have been added if this change should be back-ported
• Tests were added or are not required
• Documentation was added or is not required

Deployment Notes

To mitigate this vulnerability robustly:

1. We must validate any user-controllable inputs (e.g., keyspace and shard) to ensure they do not contain path separators or .., and ideally, are a single path component.
2. The best location for this validation is in grpcvtctldserver/server.go within the GetBackups handler (lines 1459 onward; specifically, before using filepath.Join(req.Keyspace, req.Shard)) since all paths downstream rely on this. This prevents any invalid keyspace/shard value from being used in a path, regardless of backup engine or underlying storage.
3. Add a helper function (private to the file) to encapsulate this validation, checking for the presence of /, \, or .. in keyspace and shard. Return an error if the input is invalid.
4. Use this function before constructing the bucket path.

Files/Regions to change:

• go/vt/vtctl/grpcvtctldserver/server.go:
  • Add validation to GetBackups for both req.Keyspace and req.Shard before joining into a path.
  • Add a new validation helper if one is not already present.

Methods/Imports/Definitions needed:

• Add a validatePathComponent helper function.
• Import "strings" if not already present (already present).

---

[Copilot]

Pull Request Overview

This PR refactors GitHub Actions workflow execution by replacing manual skip logic with native GitHub Actions triggers. The changes include removing custom workflow skip steps, updating action versions, adding OS optimizations, upgrading MySQL APT repository package versions, fixing a bug in shard range generation, implementing connection pool close handling, adding security improvements for file path operations, and supporting tuple bind variables in SQL evaluation.

Key changes:

• Replaced manual workflow skip logic with declarative on triggers for branches/tags
• Updated actions/setup-go from v5.0.2 to v5.5.0 across all workflows
• Fixed off-by-one error in GenerateShardRanges function
• Enhanced connection pool closure to prevent deadlocks
• Added path traversal protection using SafePathJoin
• Implemented tuple bind variable support in evalengine

Reviewed Changes

Copilot reviewed 134 out of 134 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
Test templates (unit_test.tpl, cluster_*.tpl)	Replaced on: [push, pull_request] with explicit branch/tag triggers and removed skip-workflow steps
GitHub workflow files (.github/workflows/*.yml)	Applied template changes to generated workflows, updated setup-go action version
go/vt/key/key.go	Fixed loop condition in GenerateShardRanges to prevent off-by-one error
go/pools/smartconnpool/*.go	Refactored waitlist and pool closure to handle context cancellation properly
go/vt/mysqlctl/filebackupstorage/file.go	Added SafePathJoin for path traversal protection
go/fileutil/join.go	New utility for safe path joining
go/vt/vtgate/evalengine/*.go	Added support for tuple bind variables in IN expressions
Database schema files	Updated column types for better scalability
MAINTAINERS.md	Updated maintainer list

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The loop condition i < shards correctly fixes the off-by-one error that was present in the original code (i <= shards). The original bug would generate shards + 1 ranges instead of shards ranges. The fix ensures exactly shards ranges are generated by iterating from 1 to shards-1, then appending the final range after the loop.