PR# 19587 SQLITE please upgrade

I was just working with the CMS demo application and was looking at the SQLite implementation.

I see that the distribution in \Program Files\Eiffel Software\EiffelStudio 19.09 GPL\unstable\library\persistency\database\sqlite3 contains a fairly (out?)dated version 3.7.17 back from May 2013.

The current version is 3.30, just released these days.

Several security advisories have been listed in the mean time with various versions (https://www.cvedetails.com/vulnerability-list/vendor_id-9237/Sqlite.html) and have hopefully addressed.

Please schedule a review of the supporting Eiffel classes.

-------------------------------

Aside, I was wondering about the EiffelStore classes, why is there no connector to Sqlite available?
How current is this package in respect to the various rdbms versions?
______________________________
R.

re reply by J.F.
I sent direct email response, just to note here that I don't expect an immediate action, but it would be nice to have an update scheduled for the (overnext) 2020-05 release.

Forget my previous message 3.30 is indeed released.

So we will try to update, but it requires testing, and also check the changelogs to see if any function was deprecated, removed, or any new function required to be wrapped.
We will keep you informed.

However, if you already did the work on your side, we welcome any contribution via https://github.com/EiffelSoftware/EiffelStudio/ 
For instance, if there is a function not yet wrapped in the Eiffel code, and that you badly need, don't hesitate to provide a patch or pull request. Then we will review and commit to official source code if possible.

From what I can see 3.30 is not yet officially release.
So either we wait , or we consider updating to 3.29 (released in July)

Thank you for this reminder, and related information.
I has been a while indeed, since the sqlite Eiffel lib was updated.
We will check if the latest version does not bring issue, and if not, we will update the sqlite C code.

Feedback:

Out of curiosity I swapped out the distributed sqlite amalgamated source files against the current v3.30 download.

The small CMS demo application compiled without error. version was  the simple local mode. A few interactions worked as expected.

Disclaimer: of course not a comprehensive review ;)

Note: the header files have undergone mamy changes over the years. Have not inspected further. Noted that documentation comments have better quality.
__________________
R.

For the ReadMe file:

the listed Firefox add-on node exists no longer, two current similar add-ons located:
SQLite Manager at https://addons.mozilla.org/en-US/firefox/addon/sqlite-manager-webext/
SQLite Reader at https://addons.mozilla.org/en-US/firefox/addon/sql-reader/

SQLiteStudio still going strong as listed, v3.2.1 2018-07-27
extensible at GitHub https://github.com/pawelsalawa/sqlitestudio/wiki/Official_plugins

Github https://github.com/search?q=sqlite

Link to http://www.dbsoftlab.com/database-editors/database-browser/overview.html now redirects to website https://www.etl-tools.com/
and their free tool https://www.etl-tools.com/database-browser/overview.html

Additional note: the IRON package description and ReadMe mentions the source base even as the older v3.7.8 !