Spice v1.10.0 (Dec 9, 2025)
Announcing the release of Spice v1.10.0! ⚡
Spice v1.10.0 introduces a new Caching Acceleration Mode with stale-while-revalidate (SWR) semantics for disk-persisted, low-latency queries with background refresh. This release also adds the TinyLFU eviction policy for the SQL results cache, a preview of the DynamoDB Streams connector for real-time CDC, S3 location predicate pruning for faster partitioned queries, improved distributed query execution, and multiple security hardening improvements.
What's New in v1.10.0
Caching Acceleration Mode
Low-Latency Queries with Background Refresh: This release introduces a new caching acceleration mode that implements the stale-while-revalidate (SWR) pattern. Queries return cached results immediately while data refreshes asynchronously in the background, eliminating query latency spikes during refresh cycles. Cached data persists to disk using DuckDB, SQLite, or Cayenne file modes.
Key Features:
- Stale-While-Revalidate (SWR): Returns cached data immediately while refreshing in the background, reducing query latency
- Disk Persistence: Cached results persist across restarts using DuckDB, SQLite, or Cayenne file modes
- Configurable Refresh: Control refresh intervals with
refresh_check_intervalto balance freshness and source load
Recommendation: Use retention configuration with caching acceleration to ensure stale data is cleaned up over time.
Example spicepod.yaml configuration:
datasets:
- from: http://localhost:7400
name: cached_data
time_column: fetched_at
acceleration:
enabled: true
engine: duckdb
mode: file # Persist cache to disk
refresh_mode: caching
refresh_check_interval: 10m
retention_check_enabled: true
retention_period: 24h
retention_check_interval: 1h
For more details, refer to the Data Acceleration Documentation.
TinyLFU Cache Eviction Policy
Higher Cache Hit Rates for SQL Results Cache: A new TinyLFU cache eviction policy is now available for the SQL results cache. TinyLFU is a probabilistic cache admission policy that maintains higher hit rates than LRU while keeping memory usage predictable, making it ideal for workloads with varying query frequency patterns.
Example spicepod.yaml configuration:
runtime:
caching:
sql_results:
enabled: true
eviction_policy: tiny_lfu # default: lru
For more details, refer to the Caching Documentation and the Moka TinyLFU Documentation for details of the algorithm.
DynamoDB Streams Data Connector (Preview)
Real-Time Change Data Capture for DynamoDB: The DynamoDB connector now integrates with DynamoDB Streams for real-time change data capture (CDC). This enables continuous synchronization of DynamoDB table changes into Spice for real-time query, search, and LLM-inference.
Key Features:
- Real-Time CDC: Automatically captures inserts, updates, and deletes from DynamoDB tables as they occur
- Table Bootstrapping: Performs an initial full table scan before streaming changes, ensuring complete data consistency
- Acceleration Integration: Works with
refresh_mode: changesto incrementally update accelerated datasets
Note: DynamoDB Streams must be enabled on your DynamoDB table. This feature is in preview.
Example spicepod.yaml configuration:
datasets:
- from: dynamodb:my_table
name: orders_stream
acceleration:
enabled: true
refresh_mode: changes # Enable Streams capture
For more details, refer to the DynamoDB Connector Documentation.
OpenTelemetry Metrics Exporter
Spice can now push metrics to an OpenTelemetry collector, enabling integration with platforms such as Jaeger, New Relic, Honeycomb, and other OpenTelemetry-compatible backends.
Key Features:
- Protocol Support: Supports the gRPC (default port 4317) protocol
- Configurable Push Interval: Control how frequently metrics are pushed to the collector
Example spicepod.yaml configuration for gRPC:
runtime:
telemetry:
enabled: true
otel_exporter:
endpoint: 'localhost:4317'
push_interval: '30s'
For more details, refer to the Observability & Monitoring Documentation.
S3 Connector Improvements
S3 Location Predicate Pruning: The S3 data connector now supports location-based predicate pruning, dramatically reducing data scanned by pushing down location filter predicates to S3 listing operations. For partitioned datasets (e.g., year=2025/month=12/), Spice now skips listing irrelevant partitions entirely, significantly reducing query latency and S3 API costs.
AWS S3 Tables Write Support: Full read/write capability for AWS S3 Tables, enabling direct integration with AWS's managed table format for S3. Use standard SQL INSERT INTO to write data.
For more details, refer to the S3 Data Connector Documentation and Glue Data Connector Documentation.
Faster Distributed Query Execution
Distributed query planning and execution have been significantly improved:
- Fixed executor registration in cluster mode for more reliable distributed deployments
- Improved hostname resolution for Flight server binding, enabling better executor discovery
- Distributed accelerator registration: Data accelerators now properly register in distributed mode
- Optimized query planning:
DistributeFileScanOptimizerimprovements for faster planning with large datasets
For more details, refer to the Distributed Query Documentation.
Search Improvements
Search capabilities have been improved with several performance and reliability enhancements:
- Fixed FTS query blocking: Full-text search queries no longer block unnecessarily, improving query responsiveness
- Optimized vector index operations: Eliminated unnecessary
list_vectorscalls for better performance - Improved limit pushdown:
IndexerExecnow properly handles limit pushdown for more efficient searches
For more details, refer to the Search Documentation.
Security Hardening
Multiple security improvements have been implemented:
- SQL Identifier Quoting: Hardened SQL identifier quoting across all database connectors (PostgreSQL, MySQL, DuckDB, etc.) to prevent SQL injection attacks through table or column names
- Token Redaction: Sensitive authentication tokens are now fully redacted in debug and error output, preventing accidental credential exposure in logs
- Path Traversal Prevention: Fixed tar extraction operations to prevent directory traversal vulnerabilities when processing archived files
- Input Sanitization: Added strict validation for
top_n_sampleorder_by clause parsing to prevent injection attacks - Glue Credential Handling: Prevented automatic loading of AWS credentials from environment in Glue connector, ensuring explicit credential configuration
Developer Experience Improvements
- Health probe metrics: Added health probe latency metrics for better observability
- CLI improvements: Fixed
.clear historycommand in the REPL to fully clear persisted history
Contributors
Breaking Changes
No breaking changes.
Cookbook Updates
No major cookbook updates.
The Spice Cookbook includes 82 recipes to help you get started with Spice quickly and easily.
Upgrading
To upgrade to v1.10.0, use one of the following methods:
CLI:
spice upgrade
Homebrew:
brew upgrade spiceai/spiceai/spice
Docker:
Pull the spiceai/spiceai:1.10.0 image:
docker pull spiceai/spiceai:1.10.0
For available tags, see DockerHub.
Helm:
helm repo update
helm upgrade spiceai spiceai/spiceai
AWS Marketplace:
🎉 Spice is now available in the AWS Marketplace!
What's Changed
Changelog
- Test-operator: Add tpcds_q8 to the default row-count validation skip list by @sgrebnov in #8185
- fix: Remove unwrap_used from test by @peasee in #8212
- Run glue_iceberg_integration_test_catalog as part of main integration tests by @sgrebnov in #8222
- Add TPCH sf100 testoperator spicepods with dispatch by @Jeadie in #8192
- Build with CPU native flags by @lukekim in #8224
- fix: Apply assertion clippy in CI/Makefile only by @peasee in #8229
- feat: Support running queries only in testoperator by @peasee in #8211
- DuckDB query planning: aggregate pushdown by @mach-kernel in #8174
- install.sh improvements by @lukekim in #8252
- Fix
.clear historyby @lukekim in #8254 - Improve the output of dataset loading by @lukekim in #8256
- Refactor view validation by @lukekim in #8258
- Upgrade AWS crates by @lukekim in #8259
- fix: Pushdown dynamic filters to partition scans by @peasee in #8240
- Harden SQL identifier quoting in connectors by @phillipleblanc in #8276
- Cayenne
sort_columnson insert by @lukekim in #8091 - Redact token debug output by @phillipleblanc in #8280
- fix: Cayenne configuration options by @lukekim in #8281
- Prevent path traversal in untar by @phillipleblanc in #8284
- Fix cluster mode executor registration by @mach-kernel in #8292
- Unignore s3_vectors_kafka_stream test by @Jeadie in #8289
- Post-release house keeping by @krinart in #8293
- Improve generate_changelog script by @krinart in #8273
- Acceleration mode
cachingby @lukekim in #8237 - Sanitization and security checks by @lukekim in #7854
- Add health probe latency metric by @phillipleblanc in #8300
- Add distributed registration for data accelerators by @phillipleblanc in #8299
- Pass IndexedTableProvider down in 'changes_stream' and 'append_stream' by @Jeadie in #8295
- Add
dynamodb-streamscrate by @krinart in #8283 - Distributed query: resolve executor hostname when determining Flight server binding by @mach-kernel in #8304
- Return computed embeddings from index for partitioned S3Vectors by @Jeadie in #8306
- [DDB Streams] Skeleton for DynamoDB Streams by @krinart in #8296
- DistributeFileScanOptimizer: Improve planning performance by @mach-kernel in #8305
- feat: Add an ExactLeftAccumulator implementation by @peasee in #8302
- deps: Upgrade Vortex to 0.56 by @peasee in #8311
- DynamoDB table bootstrapping + streaming by @krinart in #8312
- Avoid calling S3Vector
list_vectors(or equivalent) when indexing intoVectorIndexs by @Jeadie in #8282 - Add on_conflict testing support to append benchmark by @sgrebnov in #8314
- docker: Add valid home directory to fix duckdb extension loading issue by @phillipleblanc in #8318
- Add GH Workflow to run Append benchmark test by @sgrebnov in #8321
- Exclude MySQL SF100 from test-operator dispatch by @sgrebnov in #8320
- feat: Update clippy lints by @peasee in #8317
- Add S3 location predicate pruning to listing connector by @phillipleblanc in #8319
- Review feedback for caching mode accelerator by @phillipleblanc in #8326
- Also include Dockerfile home changes for release build by @phillipleblanc in #8327
- Change communication channel from Discord to Slack by @Jeadie in #8330
- Replace Discord link with Slack link in README by @Jeadie in #8331
- fix(glue): Prevent OpenDAL from automatic loading of AWS credentials from environment by @sgrebnov in #8337
- Block on index read for FTS queries by @Jeadie in #8339
- Fix search query provider by @Jeadie in #8343
- Support for writing into AWS S3 Tables by @sgrebnov in #8344
- Acceleration file_create mode by @lukekim in #8347
- Don't block on lock in FTS query path by @Jeadie in #8348
- feat: Add an optimizer rule to replace join accumulator for Cayenne by @peasee in #8316
- S3 Vectors limit updates by @lukekim in #8352
- Sanitize top_n_sample order_by parsing by @phillipleblanc in #8356
- Add distributed registration for data connectors by @phillipleblanc in #8354
- Improve
IndexerExecto properly handle limit pushdown by @sgrebnov in #8366 - Fix Cayenne partition_by metadata flaky integration test by @phillipleblanc in #8367
- Rework caching accelerator to use the
stale-while-revalidatepattern. by @phillipleblanc in #8365 - Add TinyLFU caching policy by @lukekim in #8370
- Make Arrow acceleration
on_conflictverification more robust by @sgrebnov in #8375 - Add additional test for verify_on_conflict_matches_primary_key (Arrow acceleration) by @sgrebnov in #8376
- Add v1.10.0-rc1 release notes by @mach-kernel in #8373
- docs: Remove DuckDB agg pushdown from release notes by @peasee in #8383
- Testoperator dispatch: add Append support and test configurations by @sgrebnov in #8360
- fix: Increase TPCDS DuckDB connection pool size by @peasee in #8386
- fix: Update benchmark snapshots by @app/github-actions in #8385
- fix: Update benchmark snapshots by @app/github-actions in #8389
- Fix Windows build by @phillipleblanc in #8391
- DuckDB aggregate pushdown: fix partitioning and schema rewrite bugs by @mach-kernel in #8397
- Delta table: Store current snapshot ref with table instance by @mach-kernel in #8358
- GetAppDefinition: Check if executor is part of cluster by @mach-kernel in #8396
- 1.10.0-rc1 housekeeping by @mach-kernel in #8394
- Change debug log to warning for vector engine config by @Jeadie in #8378
- Clarify /v1/nsql datasets sampling hint by @phillipleblanc in #8395
- Use bmi1 target feature for x86_64 by @phillipleblanc in #8401
- benchmarks: Default to update snapshots when run on a non-release branch by @phillipleblanc in #8402
- Update threat model for v1.9.2 by @phillipleblanc in #8400
- Fix iceberg tables metadata - assign ids to all fields, including nested by @ewgenius in #8351
- Fix databricks_spark_connect_m2m_integration_test_catalog snapshot by @ewgenius in #8403
- Move all GitHub Actions workflows to use exact commit sha by @phillipleblanc in #8409
- Upgrade datafusion-tableproviders (df v50) by @lukekim in #8261
- Batching for CDC by @krinart in #8359
- fix: make DuckDB attachments logic more robust by @sgrebnov in #8411
- Persistent checkpoints for DynamoDB Streams by @krinart in #8345
- Distributed query: Support AsyncFuncExec and Spice UDFs in Ballista by @mach-kernel in #8414
- Pin GitHub Actions to fix Testoperator build action by @sgrebnov in #8416
- Watermarks support for DynamoDB by @krinart in #8417
- Fix typo in
.vscode/launch.jsonby @sgrebnov in #8415 - DuckSqlExec: Update equivalence properties when rewriting schema by @phillipleblanc in #8420
- Validate that the commit for datafusion-table-providers exists on the spiceai branch by @phillipleblanc in #8421
- Append Tests: add support for retention testing by @sgrebnov in #8419
- New crate
google-genaiby @Jeadie in #8390 - federation: Improve error message and add debug logging for cast failures by @phillipleblanc in #8422
- DynamoDB Streams Error Handling by @krinart in #8418
- Append tests: add support for
with_retention_datato dispatch by @sgrebnov in #8430 - Append tests: add support for test metrics reporting by @sgrebnov in #8432
- test-operator: fix metrics reporting by @sgrebnov in #8435
- Follow-up improvements and bug fixes by @krinart in #8433
- Periodic snapshots for append/changes streams by @krinart in #8407
- Add support for
caching_stale_if_errorto caching accelerator; fix multiple upstream requests during SWR; fix Arrow accelerator by @phillipleblanc in #8425 - Disable dataset health monitor for dynamic HTTP connector by @phillipleblanc in #8441
- Metrics +
snapshots_trigger_thresholdfor DynamoDB Streams by @krinart in #8437 - Clear the in-flight revalidations cache after a revalidation has completed. by @phillipleblanc in #8443
- dont build 'spicepod-validator' on 'make install' by @Jeadie in #8426
- fix: Update benchmark snapshots by @app/github-actions in #8436
- fix: Disable Cayenne HashJoin rewriter optimizer by @peasee in #8439
- Testoperator: add
duckdb-partitionedquery override by @sgrebnov in #8446 - Add a check to validate that results cache SWR and caching accelerator SWR are not both set. by @phillipleblanc in #8445
- OTel exporter for push metrics by @lukekim in #8442
- fix: Update benchmark snapshots by @app/github-actions in #8448
- Add snapshot creation logging by @krinart in #8469
- Fix PeriodicReader panic by @krinart in #8471
- fix: Pin CUDA build actions to commits by @peasee in #8477
- DuckDB agg pushdown: gate behind accelerator parameter by @mach-kernel in #8474
- Rename
aggregate_pushdown_optimization->optimizer_duckdb_aggregate_pushdownby @ewgenius in #8485 - Handle throttling exception for DynamoDB streams by @phillipleblanc in #8492
