Announcing the release of Spice v1.11.0-rc.3! ⭐

v1.11.0-rc.3 is a patch release that includes improvements to Hash Indexing for Arrow Acceleration and fixes for TLS connections with Flight SQL endpoints.

What's New in v1.11.0-rc.3​

Hash Indexing for Arrow Acceleration (experimental)​

Arrow-based accelerations now support hash indexing for faster point lookups on equality predicates. Hash indexes provide O(1) average-case lookup performance for columns with high cardinality.

Features:

• Primary key hash index support
• Secondary index support for non-primary key columns
• Composite key support with proper null value handling

Example configuration:

datasets:
  - from: postgres:users
    name: users
    acceleration:
      enabled: true
      engine: arrow
      primary_key: user_id
      indexes:
        '(tenant_id, user_id)': unique  # Composite hash index

For more details, refer to the Hash Index Documentation.

Flight SQL TLS Connection Fixes​

TLS Connection Support: Fixed TLS connection issues when using grpc+tls:// scheme with Flight SQL endpoints. Added support for custom CA certificate files via the new flightsql_tls_ca_certificate_file parameter.

Contributors​

• @lukekim
• @phillipleblanc

Breaking Changes​

No breaking changes.

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 86 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.11.0-rc.3, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:v1.11.0-rc.3 image:

docker pull spiceai/spiceai:v1.11.0-rc.3

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai --version 1.11.0-rc.3

AWS Marketplace:

Spice is available in the AWS Marketplace.

What's Changed​

Changelog​

• Hash indexing for Arrow Acceleration by @lukekim in #8924
• Improve validation and logging for hash indexes @lukekim in #9047
• Fix TLS connection for grpc+tls:// Flight SQL endpoints and add custom CA certificate support @phillipleblanc in #9073

Announcing the release of Spice v1.11.0-rc.2! ⭐

v1.11.0-rc.2 is the second release candidate for advanced test of v1.11. It brings Spice Cayenne to Beta status with acceleration snapshots support, a new ScyllaDB Data Connector, upgrades to DataFusion v51, Arrow 57.2, and iceberg-rust v0.8.0. It includes significant improvements to distributed query, caching, and observability.

What's New in v1.11.0-rc.2​

Spice Cayenne Accelerator Reaches Beta​

Spice Cayenne has been promoted to Beta status with acceleration snapshots support and numerous stability improvements.

Improved Reliability:

• Fixed timezone database issues in Docker images that caused acceleration panics
• Resolved FuturesUnordered reentrant drop crashes
• Fixed memory growth issues related to Vortex metrics allocation
• Metadata catalog now properly respects cayenne_file_path location
• Added warnings for unparseable configuration values

Example configuration with snapshots:

datasets:
  - from: s3://my-bucket/data.parquet
    name: my_dataset
    acceleration:
      enabled: true
      engine: cayenne
      mode: file

DataFusion v51 Upgrade​

Apache DataFusion has been upgraded to v51, bringing significant performance improvements, new SQL features, and enhanced observability.

Performance Improvements:

• Faster CASE Expression Evaluation: Expressions now short-circuit earlier, reuse partial results, and avoid unnecessary scattering, speeding up common ETL patterns
• Better Defaults for Remote Parquet Reads: DataFusion now fetches the last 512KB of Parquet files by default, typically avoiding 2 I/O requests per file
• Faster Parquet Metadata Parsing: Leverages Arrow 57's new thrift metadata parser for up to 4x faster metadata parsing

New SQL Features:

• SQL Pipe Operators: Support for |> syntax for inline transforms
• DESCRIBE <query>: Returns the schema of any query without executing it
• Named Arguments in SQL Functions: PostgreSQL-style param => value syntax for scalar, aggregate, and window functions
• Decimal32/Decimal64 Support: New Arrow types supported including aggregations like SUM, AVG, and MIN/MAX

Example pipe operator:

SELECT * FROM t
|> WHERE a > 10
|> ORDER BY b
|> LIMIT 5;

Improved Observability:

• Improved EXPLAIN ANALYZE Metrics: New metrics including output_bytes, selectivity for filters, reduction_factor for aggregates, and detailed timing breakdowns

Arrow 57.2 Upgrade​

Spice has been upgraded to Apache Arrow Rust 57.2.0, bringing major performance improvements and new capabilities.

Key Features:

• 4x Faster Parquet Metadata Parsing: A rewritten thrift metadata parser delivers up to 4x faster metadata parsing, especially beneficial for low-latency use cases and files with large amounts of metadata
• Parquet Variant Support: Experimental support for reading and writing the new Parquet Variant type for semi-structured data, including shredded variant values
• Parquet Geometry Support: Read and write support for Parquet Geometry types (GEOMETRY and GEOGRAPHY) with GeospatialStatistics
• New arrow-avro Crate: Efficient conversion between Apache Avro and Arrow RecordBatches with projection pushdown and vectorized execution support

iceberg-rust v0.8.0 Upgrade​

Spice has been upgraded to iceberg-rust v0.8.0, bringing improved Iceberg table support.

Key Features:

• V3 Metadata Support: Full support for Iceberg V3 table metadata format
• INSERT INTO Partitioned Tables: DataFusion integration now supports inserting data into partitioned Iceberg tables
• Improved Delete File Handling: Better support for position and equality delete files, including shared delete file loading and caching
• SQL Catalog Updates: Implement update_table and register_table for SQL catalog
• S3 Tables Catalog: Implement update_table for S3 Tables catalog
• Enhanced Arrow Integration: Convert Arrow schema to Iceberg schema with auto-assigned field IDs, _file column support, and Date32 type support

Acceleration Snapshots​

Acceleration snapshots enable point-in-time recovery and data versioning for accelerated datasets. Snapshots capture the state of accelerated data at specific points, allowing for fast bootstrap recovery and rollback capabilities.

Key Feature Improvements in v1.11:

• Flexible Triggers: Configure when snapshots are created based on time intervals or stream batch counts
• Automatic Compaction: Reduce storage overhead by compacting older snapshots (DuckDB only)
• Bootstrap Integration: Snapshots can reset cache expiry on load for seamless recovery (DuckDB with Caching refresh mode)
• Smart Creation Policies: Only create snapshots when data has actually changed

Example configuration:

datasets:
  - from: s3://my-bucket/data.parquet
    name: my_dataset
    acceleration:
      enabled: true
      engine: cayenne
      mode: file
      snapshots: enabled
      snapshots_trigger: time_interval
      snapshots_trigger_threshold: 1h
      snapshots_creation_policy: on_changed

Snapshots API and CLI: New API endpoints and CLI commands for managing snapshots programmatically. List, create, and restore snapshots directly from the command line or via HTTP.

For more details, refer to the Acceleration Snapshots Documentation.

ScyllaDB Data Connector​

A new data connector for ScyllaDB, the high-performance NoSQL database compatible with Apache Cassandra. Query ScyllaDB tables directly or accelerate them for faster analytics.

Example configuration:

datasets:
  - from: scylladb:my_keyspace.my_table
    name: scylla_data
    acceleration:
      enabled: true
      engine: duckdb

For more details, refer to the ScyllaDB Data Connector Documentation.

Distributed Query Improvements​

mTLS Verification: Cluster communication between scheduler and executors now supports mutual TLS verification for enhanced security.

Credential Propagation: Azure and GCS credentials are now automatically propagated to executors in cluster mode, enabling access to cloud storage across the distributed query cluster.

Improved Resilience:

• Exponential backoff for scheduler disconnection recovery
• Increased gRPC message size limit from 16MB to 100MB for large query plans
• HTTP health endpoint for cluster executors
• Automatic executor role inference when --scheduler-address is provided

For more details, refer to the Distributed Query Documentation.

Caching Acceleration Mode Improvements​

The Caching Acceleration Mode introduced in v1.10.0 has received significant performance optimizations and reliability fixes in this release.

Performance Optimizations:

• Non-blocking Cache Writes: Cache misses no longer block query responses. Data is written to the cache asynchronously after the query returns, reducing query latency for cache miss scenarios.
• Batch Cache Writes: Multiple cache entries are now written in batches rather than individually, significantly improving write throughput for high-volume cache operations.

Reliability Fixes:

• Correct SWR Refresh Behavior: The stale-while-revalidate (SWR) pattern now correctly refreshes only the specific entries that were accessed instead of refreshing all stale rows in the dataset. This prevents unnecessary source queries and reduces load on upstream data sources.
• Deduplicated Refresh Requests: Fixed an issue where JSON array responses could trigger multiple redundant refresh operations. Refresh requests are now properly deduplicated.
• Fixed Cache Hit Detection: Resolved an issue where queries that didn't include fetched_at in their projection would always result in cache misses, even when cached data was available.
• Unfiltered Query Optimization: SELECT * queries without filters now return cached data directly without unnecessary filtering overhead.

For more details, refer to the Caching Acceleration Mode Documentation.

DynamoDB Connector Enhancements​

• Added JSON nesting for DynamoDB Streams
• Proper batch deletion handling

URL Tables​

Query data sources directly via URL in SQL without prior dataset registration. Supports S3, Azure Blob Storage, and HTTP/HTTPS URLs with automatic format detection and partition inference.

Supported Patterns:

• Single files: SELECT * FROM 's3://bucket/data.parquet'
• Directories/prefixes: SELECT * FROM 's3://bucket/data/'
• Glob patterns: SELECT * FROM 's3://bucket/year=*/month=*/data.parquet'

Key Features:

• Automatic file format detection (Parquet, CSV, JSON, etc.)
• Hive-style partition inference with filter pushdown
• Schema inference from files
• Works with both SQL and DataFrame APIs

Example with hive partitioning:

-- Partitions are automatically inferred from paths
SELECT * FROM 's3://bucket/data/' WHERE year = '2024' AND month = '01'

Enable via spicepod.yml:

runtime:
  params:
    url_tables: enabled

Cluster Mode Async Query APIs (experimental)​

New asynchronous query APIs for long-running queries in cluster mode:

• /v1/queries endpoint: Submit queries and retrieve results asynchronously
• Arrow Flight async support: Non-blocking query execution via Arrow Flight protocol

Observability Improvements​

Enhanced Dashboards: Updated Grafana and Datadog example dashboards with:

• Snapshot monitoring widgets
• Improved accelerated datasets section
• Renamed ingestion lag charts for clarity

Additional Histogram Buckets: Added more buckets to histogram metrics for better latency distribution visibility.

For more details, refer to the Monitoring Documentation.

Additional Improvements​

• Model Listing: New functionality to list available models across multiple AI providers
• DuckDB Partitioned Tables: Primary key constraints now supported in partitioned DuckDB table mode
• Post-refresh Sorting: New on_refresh_sort_columns parameter for DuckDB enables data ordering after writes
• Improved Install Scripts: Removed jq dependency and improved cross-platform compatibility
• Better Error Messages: Improved error messaging for bucket UDF arguments and deprecated OpenAI parameters

Contributors​

• @ewgenius
• @Jeadie
• @krinart
• @lukekim
• @peasee
• @phillipleblanc
• @sgrebnov

Breaking Changes​

No breaking changes.

Cookbook Updates​

New ScyllaDB Data Connector Recipe: New recipe demonstrating how to use ScyllaDB Data Connector. See ScyllaDB Data Connector Recipe for details.

New SMB Data Connector Recipe: New recipe demonstrating how to use ScyllaDB Data Connector. See SMB Data Connector Recipe for details.

The Spice Cookbook includes 86 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.11.0-rc.2, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:v1.11.0-rc.2 image:

docker pull spiceai/spiceai:v1.11.0-rc.2

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

Spice is available in the AWS Marketplace.

Dependencies​

• DataFusion: Upgraded to v51 (release notes)
• Arrow: Upgraded to v57 (release notes)
• iceberg-rust: Upgraded to v0.8.0 (release notes)

Changelog​

• Add timezone database to Docker image to fix Cayenne acceleration panic by @sgrebnov in #8799
• Upgrade dependencies by @phillipleblanc in #8801
• Fix table_allowlist for table sampling and NSQL by @Jeadie in #8789
• Cayenne primary key on-conflict handling by @lukekim in #8788
• fix: Update benchmark snapshots by @app/github-actions in #8773
• fix: correctly identify deprecated openai_* parameters by @phillipleblanc in #8809
• fix: Update benchmark snapshots by @app/github-actions in #8812
• Use workspace version for cayenne crate by @phillipleblanc in #8811
• Don't CAST strings which breaks push down optimizer by @lukekim in #8810
• fix: Update benchmark snapshots by @app/github-actions in #8815
• Update async-openai to latest revision 4dcd633aad6f - brings fix for openai compatible model providers by @ewgenius in #8816
• Add auth/iam_role_source to DynamoDB connector by @krinart in #8808
• DynamoDB fixes: JSON nesting for Streams, proper batch deletions by @krinart in #8821
• Rough roadmap for 2026-2027 by @lukekim in #8805
• Release notes for v1.11.0-rc1 by @ewgenius in #8786
• Make S3V integration tests prepare_for_aws_tests more robust by @sgrebnov in #8820
• Bump rsa from 0.9.9 to 0.9.10 in the cargo group across 1 directory by @app/dependabot in #8819
• Add timezone database to Release and CUDA Docker images to fix Cayene panic by @sgrebnov in #8832
• fix: UnionProjectionPushdownOptimizer - Schema change during transform_down breaks parent nodes by @phillipleblanc in #8831
• Update grafana/datadog example dashboards by @krinart in #8833
• Add Dev bird bench as text-to-sql queryset in CI. by @Jeadie in #8753
• Update testoperator scheduler to use release/1.11 branch by @ewgenius in #8829
• Spice Cayenne fixes and test spicepods for Beta & RC by @lukekim in #8787
• testoperator dispatch all bird-bench database variants by @Jeadie in #8835
• feat: Improve column statistics handling with safe access and defaults by @phillipleblanc in #8836
• cluster: mTLS verification by @phillipleblanc in #8837
• fix: 8770: Unsupported ScalarFunctionExpr in ORDER BY by @lukekim in #8838
• Workflow tweaks by @lukekim in #8845
• Cayenne: metadata catalog should respect cayenne_file_path location by @sgrebnov in #8844
• Expand Cayenne feature coverage by @lukekim in #8848
• docs: HA distributed query decisions by @phillipleblanc in #8817
• fix(optimizer): Fix correctness issues in UnionProjectionPushdownOptimizer by @phillipleblanc in #8851
• Pin reqwest to 0.12.24 to fix HuggingFace embedding model download by @ewgenius in #8853
• Fix builds and pin to Ubuntu 22.04 by @lukekim in #8856
• Revert "Fix builds and pin to Ubuntu 22.04" by @lukekim in #8861
• Ensure setup Rust is run by @lukekim in #8862
• fix: Ubuntu 24.04+ renamed libaio1 to libaio1t64 by @lukekim in #8865
• Upgrade to Pulls with Spice v2 by @lukekim in #8866
• Add limit and configuration name to 'testoperator run text-to-sql' by @Jeadie in #8839
• PR check and test optimization by @lukekim in #8868
• Upgrade S3 Vectors SDK and improve test robustness by @lukekim in #8867
• [Testoperator] Query level and improved aggregate level for NSQL by @Jeadie in #8840
• Add docker build for private branches for ghcr.io/spiceai/spiceai-dev by @phillipleblanc in #8873
• Expand the data acceleration round-trip test coverage by @lukekim in #8855
• fix: Provide a better error for improper bucket UDF arguments by @peasee in #8849
• ScyllaDB Data Connector by @lukekim in #8827
• Use tokio-rusqlite for Spice Cayenne SQLite by @lukekim in #8857
• Cayenne: fix FuturesUnordered reentrant drop crash by @sgrebnov in #8863
• Bump github/codeql-action from 4.31.9 to 4.31.10 by @app/dependabot in #8884
• Bump golang.org/x/sys from 0.39.0 to 0.40.0 by @app/dependabot in #8881
• Bump github.com/spiceai/gospice/v8 from 8.0.0 to 8.0.1 by @app/dependabot in #8883
• Bump roaring from 0.11.2 to 0.11.3 by @app/dependabot in #8885
• Bump golang.org/x/mod from 0.31.0 to 0.32.0 by @app/dependabot in #8882
• Bump aws-sdk-s3 from 1.115.0 to 1.119.0 by @app/dependabot in #8887
• Bump libc from 0.2.177 to 0.2.180 by @app/dependabot in #8886
• Bump tokio-util from 0.7.17 to 0.7.18 by @app/dependabot in #8889
• Bump governor from 0.10.2 to 0.10.4 by @app/dependabot in #8888
• fix: flaky test test_concurrent_partition_creation by @phillipleblanc in #8898
• Update Cayenne snapshots for TPC-DS by @lukekim in #8890
• Add more buckets to histogram metrics by @krinart in #8850
• feat: Add HTTP health endpoint for cluster executors by @phillipleblanc in #8899
• feat: Implement model listing functionality for multiple providers by @lukekim in #8901
• feat: Initial HA schedulers distributed query implementation by @phillipleblanc in #8852
• fix: infer executor role from --scheduler-address when --role is omitted by @phillipleblanc in #8903
• Improve install scripts and remove jq dependency by @lukekim in #8847
• Benchmarks: sort PartitionedUnionExec children for deterministic snapshot comparison by @sgrebnov in #8877
• Cayenne: share VortexFileCache across partitions via CayenneContext by @sgrebnov in #8880
• Update ballista to add exponential backoff for scheduler disconnection by @phillipleblanc in #8905
• Configurably add BirdBench evidence to testoperator text-to-SQL. by @Jeadie in #8904
• Helm: Allow command override via values.yaml by @sgrebnov in #8906
• Fix distributed query gRPC message size limit (16MB -> 100MB) by @phillipleblanc in #8900
• OS specific setup actions by @lukekim in #8909
• Cayenne should warn if unable to parse configuration value by @sgrebnov in #8907
• Add snapshots widgets to example dashboard by @krinart in #8910
• Add quality criteria for the features by @krinart in #8897
• Improve Accelerated Datasets section for Grafana/Datadog dashboards by @krinart in #8915
• Use HTTP traceparent in NSQL to support concurrency in 'testoperator run text-to-SQL' by @Jeadie in #8912
• Remove setup for cc from integration_models.yml by @Jeadie in #8917
• Propagate Azure and GCS credentials to executors in cluster mode by @phillipleblanc in #8918
• Cayenne: fix memory growth due to vortex metrics allocation by @sgrebnov in #8908
• fix(caching): Deduplicate refresh requests for JSON array responses by @sgrebnov in #8921
• fix(caching): Return cached data directly for unfiltered queries (SELECT *) by @sgrebnov in #8919
• Correct MinIO path syntax for spiced download by @Jeadie in #8916
• Acceleration snapshots compaction + Improved Snapshots UX by @krinart in #8858
• Change base image from bookworm-slim to trixie-slim by @Jeadie in #8923
• Add testoperator run text-to-sql metrics from LogicalPlan by @Jeadie in #8895
• Fix spicepod dependencies in testoperator by @Jeadie in #8875
• Update copilot instructions for data correctness by @lukekim in #8922
• Add BootstrapStatus + Snapshot bootstrapping parallelization by @krinart in #8926
• fix: add missing feature-gate for AWS Secrets Manager error variant by @phillipleblanc in #8928
• refactor: make ConnectorParams fields public for external connectors by @phillipleblanc in #8929
• fix(caching): SWR refreshes only accessed entry instead of all stale rows by @sgrebnov in #8931
• Cayenne: include cayenne_metadata_dir to known params by @sgrebnov in #8933
• Rename Ingestion Lag chart in example dashboards by @krinart in #8932
• fix(caching): Fix HTTP caching always MISS when projection excludes fetched_at by @sgrebnov in #8930
• Reset expiry after snapshot bootstraping for Caching by @krinart in #8925
• Set use_ssl=false for sccache by @lukekim in #8945
• Hash indexing for Arrow Acceleration by @lukekim in #8924
• [Cayenne] Acceleration snapshots support by @lukekim in #7973
• perf(caching): Non-blocking cache writes on cache miss by @sgrebnov in #8948
• Update NSQL models by @lukekim in #8951
• Hash Index Key verification by @lukekim in #8949
• Add snapshots_creation_policy param by @krinart in #8954
• Remove candle & cudarc from non-models build by @lukekim in #8955
• Acceleration Snapshots API and CLI by @lukekim in #8934
• Ignore test for data_components arrow::indexed::test_primary_key_value_matches_batch by @Jeadie in #8962
• fix: Update benchmark snapshots by @app/github-actions in #8965
• Hash Index secondary index support by @lukekim in #8958
• fix: Support primary key constraints in partitioned DuckDB tables mode by @sgrebnov in #8966
• perf(caching): Batch cache writes by @sgrebnov in #8959
• CI perf optimizations by @lukekim in #8968
• Fix Makefile linting by @Jeadie in #8970
• Fixes in testoperator run text-to-sql. by @Jeadie in #8927
• implement Chat::as_sql for xAI anthropic by @Jeadie in #8957
• Fix duckdb_file_path in search integration test by @Jeadie in #8972
• fix: Update benchmark snapshots by @app/github-actions in #8971
• Maintenance updates to Anthropic API by @Jeadie in #8956
• Add CacheBackend Trait, implement pingora-lru, and add throughput tests by @lukekim in #8080
• fix: Update benchmark snapshots by @app/github-actions in #8974
• fix: Update benchmark snapshots by @app/github-actions in #8975
• Make accelerator shutdown more robust by @lukekim in #8969
• feat(duckdb): Add on_refresh_sort_columns for post-write data ordering (initial version) by @sgrebnov in #8964
• Proper handling for initial snapshot by @krinart in #8911
• fix: Remove --no-default-features from cargo-hack command in features workflow by @phillipleblanc in #8977
• build(deps): bump actions/cache from 5.0.1 to 5.0.2 by @app/dependabot in #8983
• build(deps): bump actions/checkout from 4 to 6 by @app/dependabot in #8982
• build(deps): bump actions/setup-go from 6.1.0 to 6.2.0 by @app/dependabot in #8984
• build(deps): bump github.com/olekukonko/tablewriter from 1.1.2 to 1.1.3 by @app/dependabot in #8979
• build(deps): bump github.com/klauspost/compress from 1.18.2 to 1.18.3 by @app/dependabot in #8980
• Add /v1/queries and Arrow Flight async APIs by @lukekim in #8946
• build(deps): bump Vampire/setup-wsl from 5 to 6 by @app/dependabot in #8981
• fix: Update Search integration test snapshots by @app/github-actions in #8973
• build(deps): bump insta from 1.46.0 to 1.46.1 by @app/dependabot in #8988
• build(deps): bump schemars from 1.1.0 to 1.2.0 by @app/dependabot in #8985
• fix: Update benchmark snapshots by @app/github-actions in #8978
• fix: Data correctness edge cases by @lukekim in #8953
• Correct MinIO path syntax for spiced download (Part 2) by @Jeadie in #8995
• Make .spice/data in search integration tests by @Jeadie in #8992
• fix: Hash index composite keys null values by @lukekim in #9001
• Update Cayenne status to Beta by @lukekim in #9002
• fix: Disable TPC-DS result validation (not yet supported) by @sgrebnov in #9004
• feat: Upgrade to DataFusion v51 and dependencies by @lukekim in #8864
• Improvements for snapshots_creation_policy by @krinart in #9003
• fix(ci): restore cached spicepod-validator binary instead of lookup-only by @phillipleblanc in #9007
• Update version by @krinart in #9010

Announcing the release of Spice v1.11.0-rc.1! ⭐

v1.11.0-rc.1 is the first release candidate for early testing of v1.11 features including Distributed Query with mTLS for enterprise-grade secure cluster communication, new SMB and NFS Data Connectors for direct network-attached storage access, Prepared Statements for improved query performance and security, Cayenne Accelerator Enhancements with Key-based deletion vectors and Amazon S3 Express One Zone support, Google LLM Support for expanded AI inference capabilities, and Spice Java SDK v0.5.0 with parameterized query support.

What's New in v1.11.0-rc.1​

Distributed Query with mTLS​

Enterprise-Grade Secure Cluster Communication: Distributed query cluster mode now enables mutual TLS (mTLS) by default for secure communication between schedulers and executors. Internal cluster communication includes highly privileged RPC calls like fetching Spicepod configuration and expanding secrets. mTLS ensures only authenticated nodes can join the cluster and access sensitive data.

Key Features:

• Mutual TLS Authentication: All executor-to-scheduler and executor-to-executor gRPC connections on the internal cluster port (50052) are secured with mTLS, securing communication, and preventing unauthorized nodes from joining the cluster
• Certificate Management CLI: New developer spice cluster tls init and spice cluster tls add commands for generating CA certificates and node certificates with proper SANs (Subject Alternative Names)
• Simplified CLI Arguments: Renamed cluster arguments for clarity (--role, --scheduler-address, --node-mtls-*) with --scheduler-address implying --role executor
• Port Separation: Public services (Flight queries, HTTP API, Prometheus metrics) remain on ports 50051, 8090, and 9090 respectively, while internal cluster services (SchedulerGrpcServer, ClusterService) are isolated on port 50052 with mTLS enforced
• Development Mode: Use --allow-insecure-connections flag to disable mTLS requirement for local development and testing

Quick Start:

# Generate certificates for development
spice cluster tls init
spice cluster tls add scheduler1
spice cluster tls add executor1

# Start scheduler
spiced --role scheduler \
  --node-mtls-ca-certificate-file ca.crt \
  --node-mtls-certificate-file scheduler1.crt \
  --node-mtls-key-file scheduler1.key

# Start executor
spiced --role executor \
  --scheduler-address https://scheduler1:50052 \
  --node-mtls-ca-certificate-file ca.crt \
  --node-mtls-certificate-file executor1.crt \
  --node-mtls-key-file executor1.key

For more details, refer to the Distributed Query Documentation.

SMB and NFS Data Connectors​

Network-Attached Storage Connectors: New data connectors for SMB (Server Message Block) and NFS (Network File System) protocols enable direct federated queries against network-attached storage without requiring data movement to cloud object stores.

Key Features:

• SMB Protocol Support: Connect to Windows file shares and Samba servers with authentication support
• NFS Protocol Support: Connect to Unix/Linux NFS exports for direct data access
• Federated Queries: Query Parquet, CSV, JSON, and other file formats directly from network storage with full SQL support
• Acceleration Support: Accelerate data from SMB/NFS sources using DuckDB, Spice Cayenne, or other accelerators

Example spicepod.yaml configuration:

datasets:
  # SMB share
  - from: smb://fileserver/share/data.parquet
    name: smb_data
    params:
      smb_username: ${secrets:SMB_USER}
      smb_password: ${secrets:SMB_PASS}

  # NFS export
  - from: nfs://nfsserver/export/data.parquet
    name: nfs_data

For more details, refer to the Data Connectors Documentation.

Prepared Statements​

Improved Query Performance and Security: Spice now supports prepared statements, enabling parameterized queries that improve both performance through query plan caching and security by preventing SQL injection attacks.

Key Features:

• Query Plan Caching: Prepared statements cache query plans, reducing planning overhead for repeated queries
• SQL Injection Prevention: Parameters are safely bound, preventing SQL injection vulnerabilities
• Arrow Flight SQL Support: Full prepared statement support via Arrow Flight SQL protocol

SDK Support:

Example (Go):

import "github.com/spiceai/gospice/v8"

client, _ := spice.NewClient()
defer client.Close()

// Parameterized query with typed parameters
results, _ := client.SqlWithParams(ctx,
    "SELECT * FROM products WHERE price > $1 AND category = $2",
    spice.Float64Param(10.0),
    spice.StringParam("electronics"),
)

Example (Java):

import ai.spice.SpiceClient;
import ai.spice.Param;
import org.apache.arrow.adbc.core.ArrowReader;

try (SpiceClient client = new SpiceClient()) {
    // With automatic type inference
    ArrowReader reader = client.queryWithParams(
        "SELECT * FROM products WHERE price > $1 AND category = $2",
        10.0, "electronics");

    // With explicit typed parameters
    ArrowReader reader = client.queryWithParams(
        "SELECT * FROM products WHERE price > $1 AND category = $2",
        Param.float64(10.0),
        Param.string("electronics"));
}

For more details, refer to the Parameterized Queries Documentation.

Spice Cayenne Accelerator Enhancements​

The Spice Cayenne data accelerator has been improved with several key enhancements:

• KeyBased Deletion Vectors: Improved deletion vector support using key-based lookups for more efficient data management and faster delete operations. KeyBased deletion vectors are more memory-efficient than positional vectors for sparse deletions.
• S3 Express One Zone Support: Store Cayenne data files in S3 Express One Zone for single-digit millisecond latency, ideal for latency-sensitive query workloads that require persistence.

Example spicepod.yaml configuration:

datasets:
  - from: s3://my-bucket/data.parquet
    name: fast_data
    acceleration:
      enabled: true
      engine: cayenne
      mode: file
      params:
        # Use S3 Express One Zone for data files
        cayenne_s3express_bucket: my-express-bucket--usw2-az1--x-s3

For more details, refer to the Cayenne Documentation.

Google LLM Support​

Expanded AI Provider Support: Spice now supports Google embedding and chat models via the Google AI provider, expanding the available LLM options for AI inference workloads alongside existing providers like OpenAI, Anthropic, and AWS Bedrock.

Key Features:

• Google Chat Models: Access Google's Gemini models for chat completions
• Google Embeddings: Generate embeddings using Google's text embedding models
• Unified API: Use the same OpenAI-compatible API endpoints for all LLM providers

Example spicepod.yaml configuration:

models:
  - from: google:gemini-2.0-flash
    name: gemini
    params:
      google_api_key: ${secrets:GOOGLE_API_KEY}

embeddings:
  - from: google:text-embedding-004
    name: google_embeddings
    params:
      google_api_key: ${secrets:GOOGLE_API_KEY}

For more details, refer to the Google LLM Documentation (see docs PR #1286).

Spice Java SDK v0.5.0​

Parameterized Query Support for Java: The Spice Java SDK v0.5.0 introduces parameterized queries using ADBC (Arrow Database Connectivity), providing a safer and more efficient way to execute queries with dynamic parameters.

Key Features:

• SQL Injection Prevention: Parameters are safely bound, preventing SQL injection vulnerabilities
• Automatic Type Inference: Java types are automatically mapped to Arrow types (e.g., double → Float64, String → Utf8)
• Explicit Type Control: Use the new Param class with typed factory methods (Param.int64(), Param.string(), Param.decimal128(), etc.) for precise control over Arrow types
• Updated Dependencies: Apache Arrow Flight SQL upgraded to 18.3.0, plus new ADBC driver support

Example:

import ai.spice.SpiceClient;
import ai.spice.Param;

try (SpiceClient client = new SpiceClient()) {
    // With automatic type inference
    ArrowReader reader = client.queryWithParams(
        "SELECT * FROM taxi_trips WHERE trip_distance > $1 LIMIT 10",
        5.0);

    // With explicit typed parameters for precise control
    ArrowReader reader = client.queryWithParams(
        "SELECT * FROM orders WHERE order_id = $1 AND amount >= $2",
        Param.int64(12345),
        Param.decimal128(new BigDecimal("99.99"), 10, 2));
}

Maven:

<dependency>
  <groupId>ai.spice</groupId>
  <artifactId>spiceai</artifactId>
  <version>0.5.0</version>
</dependency>

For more details, refer to the Spice Java SDK Repository.

OpenTelemetry Improvements​

Unified Telemetry Endpoint: OTel metrics ingestion has been consolidated to the Flight port (50051), simplifying deployment by removing the separate OTel port (50052). The push-based metrics exporter continues to support integration with OpenTelemetry collectors.

Note: This is a breaking change. Update your configurations if you were using the dedicated OTel port 50052. Internal cluster communication now uses port 50052 exclusively.

Developer Experience Improvements​

• Turso v0.3.2 Upgrade: Upgraded Turso accelerator for improved performance and reliability
• Rust 1.91 Upgrade: Updated to Rust 1.91 for latest language features and performance improvements
• Spice Cloud CLI: Added spice cloud CLI commands for cloud deployment management
• Improved Spicepod Schema: Enhanced JSON schema generation for better IDE support and validation
• Acceleration Snapshots: Added configurable snapshots_create_interval for periodic acceleration snapshots independent of refresh cycles
• Tiered Caching with Localpod: The Localpod connector now supports caching refresh mode, enabling multi-layer acceleration where a persistent cache feeds a fast in-memory cache
• GitHub Data Connector: Added workflows and workflow runs support for GitHub repositories
• NDJSON/LDJSON Support: Added support for Newline Delimited JSON and Line Delimited JSON file formats

Additional Improvements & Bug Fixes​

• Reliability: Fixed DynamoDB IAM role authentication with new dynamodb_auth: iam_role parameter
• Reliability: Fixed cluster executors to use scheduler's temp_directory parameter for shuffle files
• Reliability: Initialize secrets before object stores in cluster executor mode
• Reliability: Added page-level retry with backoff for transient GitHub GraphQL errors
• Performance: Improved statistics for rewritten DistributeFileScanOptimizer plans
• Developer Experience: Added max_message_size configuration for Flight service

Contributors​

• @lukekim
• @sgrebnov
• @peasee
• @krinart
• @Jeadie
• @mach-kernel
• @phillipleblanc
• @ewgenius

Breaking Changes​

OTel Ingestion Port Change​

OTel ingestion has been moved to the Flight port (50051), removing the separate OTel port 50052. Port 50052 is now used exclusively for internal cluster communication. Update your configurations if you were using the dedicated OTel port.

Distributed Query Cluster Mode Requires mTLS​

Distributed query cluster mode now requires mTLS for secure communication between cluster nodes. This is a security enhancement to prevent unauthorized nodes from joining the cluster and accessing secrets.

Migration Steps:

1. Generate certificates using spice cluster tls init and spice cluster tls add
2. Update scheduler and executor startup commands with --node-mtls-* arguments
3. For development/testing, use --allow-insecure-connections to opt out of mTLS

Renamed CLI Arguments:

Removed CLI Arguments:

• --cluster-api-key: Replaced by mTLS authentication

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 84 recipes to help you get started with Spice quickly and easily.

Upgrading​

To try v1.11.0-rc.1, use one of the following methods:

CLI:

spice upgrade --version 1.11.0-rc.1

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.11.0-rc.1 image:

docker pull spiceai/spiceai:1.11.0-rc.1

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai --version 1.11.0-rc.1

AWS Marketplace:

🎉 Spice is available in the AWS Marketplace!

What's Changed​

Changelog​

• OTel exporter for push metrics by @lukekim in #8442
• fix: Update benchmark snapshots by @app/github-actions in #8448
• Add TPCH append tests to scheduled dispatch workflow by @sgrebnov in #8451
• Add snapshot creation logging by @krinart in #8469
• Fix PeriodicReader panic by @krinart in #8471
• Benchmarks: increase readiness timeout for turso acceleration (TPC-H) by @sgrebnov in #8470
• fix: Pin CUDA build actions to commits by @peasee in #8477
• Add Criterion benchmarking to chunking crate. by @Jeadie in #8431
• DuckDB agg pushdown: gate behind accelerator parameter by @mach-kernel in #8474
• Rename aggregate_pushdown_optimization -> optimizer_duckdb_aggregate_pushdown by @ewgenius in #8485
• Handle throttling exception for DynamoDB streams by @phillipleblanc in #8492
• docs: Add release notes by @peasee in #8478
• Update spicepod.schema.json by @app/github-actions in #8496
• Move 'test_projection_pushdown' to runtime-datafusion by @Jeadie in #8490
• Fix OTEL metrics HTTP exporter client setup by @phillipleblanc in #8489
• Update endgame to include new caching accelerator cookbook by @phillipleblanc in #8487
• DynamoDB tests and fixes by @lukekim in #8491
• Align make lint-rust-fix with make lint-rust by @Jeadie in #8499
• fix: Remove unused Cayenne parameters by @peasee in #8500
• Force task history captured_plan outputs to be captured even if they would be filtered out otherwise by @phillipleblanc in #8501
• release: post-release updates by @peasee in #8503
• CI: Fix E2E models dispatch by @mach-kernel in #8505
• Use an isolated Tokio runtime for refresh tasks that is separate from the main query API by @phillipleblanc in #8504
• Update openapi.json by @app/github-actions in #8512
• Update dependencies by @phillipleblanc in #8513
• fix: Avoid double hashing cache key by @peasee in #8511
• fix: Eagerly drop cached records for results larger than max by @peasee in #8516
• Revert "fix: Move enforce-pulls to hosted runner (#8686)" by @phillipleblanc in #8709
• Initial 'testoperator run text-to-sql' by @Jeadie in #8618
• Add support for abfss by @krinart in #8706
• Add testoperator TPCH dispatch for ABFS with hierarchical namespace disabled + versioning enabled by @phillipleblanc in #8711
• Update openapi.json by @app/github-actions in #8692
• cluster: validate --role argument by @phillipleblanc in #8717
• Upgrade to Turso v0.3.2 by @lukekim in #8716
• Rename --insecure to --allow-insecure-connections to be consistent with existing naming by @lukekim in #8720
• Remove 'testoperator run http-consistency/http-overhead' by @Jeadie in #8708
• refactor: Remove cluster feature flag by @phillipleblanc in #8718
• Docs: Distributed query ADR by @mach-kernel in #8608
• Use model.datasets to allowlist on tools by @Jeadie in #8714
• cluster: quality of life improvements to starting cluster mode locally by @phillipleblanc in #8719
• Docs: Ballista extension ADR by @mach-kernel in #8616
• Improve deprecation messages when going from prefixed -> non-prefixed. by @Jeadie in #8724
• Remove tools from auto-defaults by @Jeadie in #8725
• Make distinct providers for vector spilling, vector partitioning. by @Jeadie in #8546
• cluster: default scheduler address port by @phillipleblanc in #8728
• Add Makefile targets for testoperator by @Jeadie in #8729
• text-to-sql dispatch in testoperator by @Jeadie in #8705
• DR-006: High Availability Distributed Query with Stateless Schedulers by @lukekim in #8721
• DR-007: mTLS for Distributed Query Cluster Communication by @lukekim in #8722
• SMB and NFS improvements by @lukekim in #8710
• fix: Cluster executors use scheduler's temp_directory for shuffle files by @phillipleblanc in #8733
• use 'max_message_size' in flight service too by @Jeadie in #8730
• Add page-level retry for transient GraphQL errors with backoff and increase GitHub rate limit buffer up to 100 by @ewgenius in #8726
• Make testoperator Dockerfile; CI to build docker image to ghcr.io. by @Jeadie in #8732
• cluster: UnionProjectionPushdownOptimizer: Add projection pushdown diagnostics for union children by @phillipleblanc in #8734
• Fix column projection order mismatch with location metadata columns by @phillipleblanc in #8738
• Fixes for testoperator. by @Jeadie in #8737
• Improve Cayenne Deletion Vectors with KeyBased support by @lukekim in #8713
• Fix testoperator_dispatch.yaml by @Jeadie in #8740
• Add spice cloud CLI commands by @lukekim in #8528
• Add FTP, NFS, & SMB TPCH SF1 spicepods by @lukekim in #8739
• Prepared Statements by @lukekim in #7588
• Schedule dispatch of testoperator run text-to-sql. by @Jeadie in #8745
• Fix minio for ai benchmark CI by @Jeadie in #8743
• Upgrade to Rust 1.91 by @phillipleblanc in #8749
• fix: Update benchmark snapshots by @app/github-actions in #8763
• Benchmarks: make row count validation skip logic configurable by scale factor, query set, and overrides by @sgrebnov in #8756
• Make benchmark tests more robust by @sgrebnov in #8766
• Add parameter to force using iam_role for DynamoDB by @krinart in #8767
• fix: Update Search integration test snapshots by @app/github-actions in #8735
• v1.10.4 release notes by @phillipleblanc in #8790
• Trace metrics export errors by @sgrebnov in #8791
• fix: correctly identify deprecated openai_* parameters by @phillipleblanc in #8809
• Don't CAST strings which breaks push down optimizer by @lukekim in #8810
• Add timezone database to Docker image to fix Cayenne acceleration panic by @sgrebnov in #8799
• Update async-openai to latest revision 4dcd633aad6f - brings fix for openai compatible model providers by @ewgenius in #8816
• Add auth/iam_role_source to DynamoDB connector by @krinart in #8808
• DynamoDB fixes: JSON nesting for Streams, proper batch deletions by @krinart in #8821

Announcing the release of Spice v1.10.4! 🛠️

v1.10.4 is a patch release with fixes for Kafka/Debezium batch commits, ABFSS URL support for Azure Data Lake Storage Gen2, and improved column projection handling for location metadata columns.

What's New in v1.10.4​

Additional Improvements & Bug Fixes​

• Reliability: Fixed Kafka and Debezium batch commit handling to properly commit offsets across all partitions. Previously, only the last message's offset was committed, which could cause message loss when batches contained messages from multiple partitions.
• Reliability: Added support for abfss:// URL prefix for Azure Data Lake Storage Gen2, in addition to the existing abfs:// prefix. The abfss scheme indicates secure (TLS) connections to ADLS Gen2.
• Reliability: Fixed column projection order mismatch when querying datasets with location metadata columns (e.g., SELECT location, day, size FROM dataset). Queries that specified columns in a different order than the schema would fail with "column types must match schema types" errors.
• Developer Experience: Added detailed diagnostic logging for union projection pushdown optimization failures in cluster mode. When projection pushdown cannot be applied, debug-level logs now provide additional context to help identify the root cause.

Contributors​

• @krinart
• @phillipleblanc

Breaking Changes​

No breaking changes.

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 84 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.10.4, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.10.4 image:

docker pull spiceai/spiceai:1.10.4

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

🎉 Spice is now available in the AWS Marketplace!

What's Changed​

Changelog​

• Update acknowledgements by @app/github-actions in #8695
• Proper batch commit for kafka/debezium by @krinart in #8671
• Add support for abfss by @krinart in #8706
• cluster: UnionProjectionPushdownOptimizer: Add projection pushdown diagnostics for union children by @phillipleblanc in #8734
• Fix column projection order mismatch with location metadata columns by @phillipleblanc in #8738

Announcing the release of Spice v1.10.3! 🚀

v1.10.3 is a patch release with improved startup reliability, fixes for Azure BlobFS versioned containers, S3 custom endpoint query resolution, and a fix for the OpenAI Responses API.

What's New in v1.10.3​

Additional Improvements & Bug Fixes​

• Reliability: Telemetry exporter initialization now runs asynchronously, preventing blocked startup in environments with network restrictions (e.g., Kubernetes with restrictive network policies).
• Reliability: Fixed an issue where queries on Azure Blob containers with versioning enabled would fail with "Azure does not support suffix range requests" error in distributed query mode.
• Reliability: Fixed S3 location-based queries against custom S3 endpoints (e.g., MinIO, LocalStack). Queries with location predicates on datasets using s3_endpoint and s3_region parameters now correctly route to the configured endpoint instead of defaulting to AWS S3.
• Reliability: Fixed "project index out of bounds" errors in the query optimizer when union children have mismatched schemas. The optimizer now validates schema compatibility before applying projection pushdown.
• Reliability: Fixed an issue where the OpenAI Responses API (/v1/responses) was not working correctly.

Contributors​

• @lukekim
• @phillipleblanc

Breaking Changes​

No breaking changes.

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 84 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.10.3, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.10.3 image:

docker pull spiceai/spiceai:1.10.3

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

🎉 Spice is now available in the AWS Marketplace!

What's Changed​

Changelog​

• Upgrade to openai-async v0.32 by @lukekim in #8635
• Fix issue with location predicate for custom S3 endpoints + regression integration test by @phillipleblanc in #8668
• fix: Validate schema match before projection pushdown in UnionProjectionPushdownOptimizer by @phillipleblanc in #8669
• Start the anonymous telemetry exporter asynchronously by @phillipleblanc in #8679
• fix: Azure does not support suffix range requests by @phillipleblanc in #8685

Announcing the release of Spice v1.10.2! 🔥

v1.10.2 introduces Tiered Caching Acceleration with Localpod for multi-layer acceleration architectures, Periodic Acceleration Snapshots with configurable intervals, DynamoDB JSON Nesting for column consolidation, and Kafka/Debezium Batching for faster data ingestion. This release also includes fixes for SQLite accelerator decimal/date handling and real-time status reporting for the /v1/datasets and /v1/models API endpoints.

What's New in v1.10.2​

Tiered Caching with Localpod​

Multi-Layer Acceleration Architecture: The Localpod connector now supports caching refresh mode, enabling tiered acceleration where a persistent cache (e.g., file-mode DuckDB) feeds a fast in-memory cache (e.g., Arrow, memory-mode DuckDB).

Key Features:

• Automatic Cache Propagation: New cache entries automatically propagate from parent to child accelerators
• Warm Startup: Child accelerators initialize from existing parent data on startup, eliminating cold-start latency
• Flexible Tiering: Combine any accelerator engines (DuckDB, SQLite, Cayenne) across tiers

Example spicepod.yaml configuration:

datasets:
  # Parent: persistent file-mode cache
  - from: https://api.example.com
    name: api_cache
    acceleration:
      enabled: true
      refresh_mode: caching
      engine: duckdb
      mode: file

  # Child: fast in-memory cache fed by parent
  - from: localpod:api_cache
    name: api_cache_memory
    acceleration:
      enabled: true
      refresh_mode: caching
      engine: arrow
      mode: memory

For more details, refer to the Localpod Data Connector Documentation.

Periodic Acceleration Snapshots​

Configurable Snapshot Intervals: A new snapshots_create_interval parameter enables periodic snapshot creation for accelerated datasets across all refresh modes. This provides better control over snapshot frequency and ensures consistent recovery points for accelerated data.

Example spicepod.yaml configuration:

datasets:
  - from: s3://my-bucket/data.parquet
    name: my_data
    acceleration:
      enabled: true
      engine: duckdb
      mode: file
      refresh_mode: caching
      snapshots: enabled
      params:
        snapshots_create_interval: 60s # Write a snapshot every 60 seconds

For more details, refer to the Data Acceleration Documentation.

DynamoDB JSON Nesting​

Consolidate Columns into JSON: The DynamoDB Data Connector now supports consolidating columns into a single JSON column using the json_object: "*" metadata option. This is useful when only a few columns are needed as discrete fields while the rest can be accessed as nested JSON.

Example spicepod.yaml configuration:

datasets:
  - from: dynamodb:my_table
    name: my_table
    columns:
      - name: PK
      - name: SK
      - name: data_json
        metadata:
          json_object: '*' # Captures all other columns as JSON

Example Output: Given a DynamoDB table with columns PK, SK, name, email, and status, the resulting table schema consolidates all non-specified columns into the data_json column:

For more details, refer to the DynamoDB JSON Nesting Documentation.

Kafka/Debezium Batching​

Faster Data Ingestion: Configure message batching for Kafka and Debezium connectors to improve data ingestion throughput. Batching reduces processing overhead by grouping multiple messages together before insertion.

Key Features:

• Configurable Batch Size: Control the maximum number of records per batch (default: 10,000)
• Configurable Batch Duration: Set the maximum wait time before flushing a partial batch (default: 1s)

Example spicepod.yaml configuration:

datasets:
  - from: debezium:kafka-server.public.my_table
    name: my_table
    params:
      batch_max_size: 10000 # Max records per batch (default: 10000)
      batch_max_duration: 1s # Max wait time per batch (default: 1s)

For more details, refer to the Kafka Data Connector Documentation and Debezium Data Connector Documentation.

Additional Improvements & Bug Fixes​

• Reliability: Fixed SQLite accelerator decimal and date type handling for improved data type accuracy.
• Reliability: Fixed real-time status reporting for /v1/datasets and /v1/models API endpoints.
• Reliability: Fixed Kafka warning when security.protocol is set to PLAINTEXT.

Contributors​

• @phillipleblanc
• @lukekim
• @krinart

Breaking Changes​

No breaking changes.

Cookbook Updates​

New Cayenne Data Accelerator Recipe: New recipe demonstrating how to accelerate a local copy of the taxi trips dataset using Cayenne as the data accelerator engine. See Cayenne Data Accelerator Recipe for details.

New Dataset Partitioning Recipe: New recipe demonstrating how to partition accelerated datasets to improve query performance. See Dataset Partitioning for details.

The Spice Cookbook includes 84 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.10.2, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.10.2 image:

docker pull spiceai/spiceai:1.10.2

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

🎉 Spice is now available in the AWS Marketplace!

What's Changed​

Changelog​

• Fix kafka warning when security.protocol is set to PLAINTEXT by @krinart in #8587
• fix: SQLite accelerator decimal/date handling by @phillipleblanc in #8606
• feat: Enable localpod with caching mode accelerator for tiered caching by @phillipleblanc in #8621
• Remove the clippy::too_many_lines lint by @phillipleblanc in #8549
• Add snapshot interval for acceleration snapshots by @phillipleblanc in #8627
• Json Nesting for DynamoDB by @krinart in #8623
• Implement batching for Kafka/Debezium + null Decimal handling by @krinart in #8622
• fix: Status field in /v1/datasets & /v1/models by @lukekim in #8633

Announcing the release of Spice v1.10.1! 🚀

v1.10.1 is a patch release with Cayenne accelerator improvements including configurable compression strategies and improved partition ID handling, isolated refresh runtime for better query API responsiveness, and security hardening. In addition, the GO SDK, gospice v8 has been released.

What's New in v1.10.1​

Cayenne Accelerator Improvements​

Several improvements and bug fixes for the Cayenne data accelerator:

• Compression Strategies: The new cayenne_compression_strategy parameter enables choosing between zstd for compact storage or btrblocks for encoding-efficient compression.
• Improved Vortex Defaults: Aligned Cayenne to Vortex footer configuration for better compatibility.
• Partition ID Handling: Improved partition ID generation to avoid potential locking race conditions.

Example spicepod.yaml configuration:

datasets:
  - from: s3://my-bucket/data.parquet
    name: my_dataset
    acceleration:
      enabled: true
      engine: cayenne
      mode: file
      params:
        cayenne_compression_strategy: zstd # or btrblocks (default)

For more details, refer to the Cayenne Data Accelerator Documentation.

Isolated Refresh Runtime​

Refresh tasks now run on a separate Tokio runtime isolated from the main query API. This prevents long-running or resource-intensive refresh operations from impacting query latency and ensures the /health endpoint remains responsive during heavy refresh workloads.

Security Hardening​

Multiple security improvements have been implemented:

• Recursion Depth Limits: Added limits to DynamoDB and S3 Vectors integrations to prevent stack overflow from deeply nested structures, mitigating potential DoS attacks.
• Spicepod Summary API: The GET /v1/spicepods endpoint now returns summarized information instead of full spicepod.yaml representations, preventing potential sensitive information leakage.

Additional Improvements & Bug Fixes​

• Performance: Fixed double hashing of user supplied cache keys, improving cache lookup efficiency.
• Reliability: Fixed idle DynamoDB Stream handling for more stable CDC operations.
• Reliability: Added warnings when multiple partitions are defined for the same table.
• Performance: Eagerly drop cached records for results larger than max cache size.

Spice Go SDK v8​

The Spice Go SDK has been upgraded to v8 with a cleaner API, parameterized queries, and health check methods: gospice v8.0.0.

Key Features:

• Cleaner API: New Sql() and SqlWithParams() methods with more intuitive naming.
• Parameterized Queries: Safe, SQL-injection-resistant queries with automatic Go-to-Arrow type inference.
• Typed Parameters: Explicit type control with constructors like Decimal128Param, TimestampParam, and more.
• Health Check Methods: New IsSpiceHealthy() and IsSpiceReady() methods for instance monitoring.
• Upgraded Dependencies: Apache Arrow v18 and ADBC Go driver v1.3.0.

Example usage with a local Spice runtime:

import "github.com/spiceai/gospice/v8"

// Initialize client for local runtime
spice := gospice.NewSpiceClient()
defer spice.Close()

if err := spice.Init(
    gospice.WithFlightAddress("grpc://localhost:50051"),
); err != nil {
    panic(err)
}

// Parameterized query (safe from SQL injection)
reader, err := spice.SqlWithParams(
    ctx,
    "SELECT * FROM users WHERE id = $1 AND created_at > $2",
    userId,
    startTime,
)

Upgrade:

go get github.com/spiceai/gospice/[email protected]

For more details, refer to the Go SDK Documentation.

Contributors​

• @phillipleblanc
• @lukekim
• @peasee
• @krinart
• @jeadie
• @sgrebnov
• @mach-kernel

Breaking Changes​

• GET /v1/spicepods no longer returns the full spicepod.yaml JSON representation. A summary is returned instead. See #8404.

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 82+ recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.10.1, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.10.1 image:

docker pull spiceai/spiceai:1.10.1

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

🎉 Spice is now available in the AWS Marketplace!

What's Changed​

Changelog​

• Return summarized spicepods from /v1/spicepods by @phillipleblanc in #8404
• DynamoDB tests and fixes by @lukekim in #8491
• Use an isolated Tokio runtime for refresh tasks that is separate from the main query API by @phillipleblanc in #8504
• fix: Avoid double hashing cache key by @peasee in #8511
• fix: Remove unused Cayenne parameters by @peasee in #8500
• feat: Support vortex zstd compressor by @peasee in #8515
• Fix for idle DynamoDB Stream by @krinart in #8506
• fix: Improve Cayenne errors, ID selection for table/partition creation by @peasee in #8523
• Update dependencies by @phillipleblanc in #8513
• Upgrade to gospice v8 by @lukekim in #8524
• fix: Add recursion depth limits to prevent DoS via deeply nested data (DynamoDB + S3 Vectors) by @phillipleblanc in #8544
• fix: Add warning when multiple partitions are defined for the same table by @peasee in #8540
• fix: Eagerly drop cached records for results larger than max by @peasee in #8516
• DDB Streams Integration Test + Memory Acceleration + Improved Warning by @krinart in #8520
• fix(cluster): initialize secrets before object stores in executor by @sgrebnov in #8532
• Show user-friendly error on empty DDB table by @krinart in #8586
• Move 'test_projection_pushdown' to runtime-datafusion by @Jeadie in #8490
• Fix stats for rewritten DistributeFileScanOptimizer plans by @mach-kernel in #8581

Announcing the release of Spice v1.10.0! ⚡

Spice v1.10.0 introduces a new Caching Acceleration Mode with stale-while-revalidate (SWR) semantics for disk-persisted, low-latency queries with background refresh. This release also adds the TinyLFU eviction policy for the SQL results cache, a preview of the DynamoDB Streams connector for real-time CDC, S3 location predicate pruning for faster partitioned queries, improved distributed query execution, and multiple security hardening improvements.

What's New in v1.10.0​

Caching Acceleration Mode​

Low-Latency Queries with Background Refresh: This release introduces a new caching acceleration mode that implements the stale-while-revalidate (SWR) pattern. Queries return cached results immediately while data refreshes asynchronously in the background, eliminating query latency spikes during refresh cycles. Cached data persists to disk using DuckDB, SQLite, or Cayenne file modes.

Key Features:

• Stale-While-Revalidate (SWR): Returns cached data immediately while refreshing in the background, reducing query latency
• Disk Persistence: Cached results persist across restarts using DuckDB, SQLite, or Cayenne file modes
• Configurable Refresh: Control refresh intervals with refresh_check_interval to balance freshness and source load

Recommendation: Use retention configuration with caching acceleration to ensure stale data is cleaned up over time.

Example spicepod.yaml configuration:

datasets:
  - from: http://localhost:7400
    name: cached_data
    time_column: fetched_at
    acceleration:
      enabled: true
      engine: duckdb
      mode: file # Persist cache to disk
      refresh_mode: caching
      refresh_check_interval: 10m
      retention_check_enabled: true
      retention_period: 24h
      retention_check_interval: 1h

For more details, refer to the Data Acceleration Documentation.

TinyLFU Cache Eviction Policy​

Higher Cache Hit Rates for SQL Results Cache: A new TinyLFU cache eviction policy is now available for the SQL results cache. TinyLFU is a probabilistic cache admission policy that maintains higher hit rates than LRU while keeping memory usage predictable, making it ideal for workloads with varying query frequency patterns.

Example spicepod.yaml configuration:

runtime:
  caching:
    sql_results:
      enabled: true
      eviction_policy: tiny_lfu # default: lru

For more details, refer to the Caching Documentation and the Moka TinyLFU Documentation for details of the algorithm.

DynamoDB Streams Data Connector (Preview)​

Real-Time Change Data Capture for DynamoDB: The DynamoDB connector now integrates with DynamoDB Streams for real-time change data capture (CDC). This enables continuous synchronization of DynamoDB table changes into Spice for real-time query, search, and LLM-inference.

Key Features:

• Real-Time CDC: Automatically captures inserts, updates, and deletes from DynamoDB tables as they occur
• Table Bootstrapping: Performs an initial full table scan before streaming changes, ensuring complete data consistency
• Acceleration Integration: Works with refresh_mode: changes to incrementally update accelerated datasets

Note: DynamoDB Streams must be enabled on your DynamoDB table. This feature is in preview.

Example spicepod.yaml configuration:

datasets:
  - from: dynamodb:my_table
    name: orders_stream
    acceleration:
      enabled: true
      refresh_mode: changes # Enable Streams capture

For more details, refer to the DynamoDB Connector Documentation.

OpenTelemetry Metrics Exporter​

Spice can now push metrics to an OpenTelemetry collector, enabling integration with platforms such as Jaeger, New Relic, Honeycomb, and other OpenTelemetry-compatible backends.

Key Features:

• Protocol Support: Supports the gRPC (default port 4317) protocol
• Configurable Push Interval: Control how frequently metrics are pushed to the collector

Example spicepod.yaml configuration for gRPC:

runtime:
  telemetry:
    enabled: true
    otel_exporter:
      endpoint: 'localhost:4317'
      push_interval: '30s'

For more details, refer to the Observability & Monitoring Documentation.

S3 Connector Improvements​

S3 Location Predicate Pruning: The S3 data connector now supports location-based predicate pruning, dramatically reducing data scanned by pushing down location filter predicates to S3 listing operations. For partitioned datasets (e.g., year=2025/month=12/), Spice now skips listing irrelevant partitions entirely, significantly reducing query latency and S3 API costs.

AWS S3 Tables Write Support: Full read/write capability for AWS S3 Tables, enabling direct integration with AWS's managed table format for S3. Use standard SQL INSERT INTO to write data.

For more details, refer to the S3 Data Connector Documentation and Glue Data Connector Documentation.

Faster Distributed Query Execution​

Distributed query planning and execution have been significantly improved:

• Fixed executor registration in cluster mode for more reliable distributed deployments
• Improved hostname resolution for Flight server binding, enabling better executor discovery
• Distributed accelerator registration: Data accelerators now properly register in distributed mode
• Optimized query planning: DistributeFileScanOptimizer improvements for faster planning with large datasets

For more details, refer to the Distributed Query Documentation.

Search Improvements​

Search capabilities have been improved with several performance and reliability enhancements:

• Fixed FTS query blocking: Full-text search queries no longer block unnecessarily, improving query responsiveness
• Optimized vector index operations: Eliminated unnecessary list_vectors calls for better performance
• Improved limit pushdown: IndexerExec now properly handles limit pushdown for more efficient searches

For more details, refer to the Search Documentation.

Security Hardening​

Multiple security improvements have been implemented:

• SQL Identifier Quoting: Hardened SQL identifier quoting across all database connectors (PostgreSQL, MySQL, DuckDB, etc.) to prevent SQL injection attacks through table or column names
• Token Redaction: Sensitive authentication tokens are now fully redacted in debug and error output, preventing accidental credential exposure in logs
• Path Traversal Prevention: Fixed tar extraction operations to prevent directory traversal vulnerabilities when processing archived files
• Input Sanitization: Added strict validation for top_n_sample order_by clause parsing to prevent injection attacks
• Glue Credential Handling: Prevented automatic loading of AWS credentials from environment in Glue connector, ensuring explicit credential configuration

Developer Experience Improvements​

• Health probe metrics: Added health probe latency metrics for better observability
• CLI improvements: Fixed .clear history command in the REPL to fully clear persisted history

Contributors​

• @lukekim
• @sgrebnov
• @peasee
• @krinart
• @Jeadie
• @mach-kernel
• @phillipleblanc
• @ewgenius

Breaking Changes​

No breaking changes.

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 82 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.10.0, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.10.0 image:

docker pull spiceai/spiceai:1.10.0

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

🎉 Spice is now available in the AWS Marketplace!

What's Changed​

Changelog​

• Test-operator: Add tpcds_q8 to the default row-count validation skip list by @sgrebnov in #8185
• fix: Remove unwrap_used from test by @peasee in #8212
• Run glue_iceberg_integration_test_catalog as part of main integration tests by @sgrebnov in #8222
• Add TPCH sf100 testoperator spicepods with dispatch by @Jeadie in #8192
• Build with CPU native flags by @lukekim in #8224
• fix: Apply assertion clippy in CI/Makefile only by @peasee in #8229
• feat: Support running queries only in testoperator by @peasee in #8211
• DuckDB query planning: aggregate pushdown by @mach-kernel in #8174
• install.sh improvements by @lukekim in #8252
• Fix .clear history by @lukekim in #8254
• Improve the output of dataset loading by @lukekim in #8256
• Refactor view validation by @lukekim in #8258
• Upgrade AWS crates by @lukekim in #8259
• fix: Pushdown dynamic filters to partition scans by @peasee in #8240
• Harden SQL identifier quoting in connectors by @phillipleblanc in #8276
• Cayenne sort_columns on insert by @lukekim in #8091
• Redact token debug output by @phillipleblanc in #8280
• fix: Cayenne configuration options by @lukekim in #8281
• Prevent path traversal in untar by @phillipleblanc in #8284
• Fix cluster mode executor registration by @mach-kernel in #8292
• Unignore s3_vectors_kafka_stream test by @Jeadie in #8289
• Post-release house keeping by @krinart in #8293
• Improve generate_changelog script by @krinart in #8273
• Acceleration mode caching by @lukekim in #8237
• Sanitization and security checks by @lukekim in #7854
• Add health probe latency metric by @phillipleblanc in #8300
• Add distributed registration for data accelerators by @phillipleblanc in #8299
• Pass IndexedTableProvider down in 'changes_stream' and 'append_stream' by @Jeadie in #8295
• Add dynamodb-streams crate by @krinart in #8283
• Distributed query: resolve executor hostname when determining Flight server binding by @mach-kernel in #8304
• Return computed embeddings from index for partitioned S3Vectors by @Jeadie in #8306
• [DDB Streams] Skeleton for DynamoDB Streams by @krinart in #8296
• DistributeFileScanOptimizer: Improve planning performance by @mach-kernel in #8305
• feat: Add an ExactLeftAccumulator implementation by @peasee in #8302
• deps: Upgrade Vortex to 0.56 by @peasee in #8311
• DynamoDB table bootstrapping + streaming by @krinart in #8312
• Avoid calling S3Vector list_vectors (or equivalent) when indexing into VectorIndexs by @Jeadie in #8282
• Add on_conflict testing support to append benchmark by @sgrebnov in #8314
• docker: Add valid home directory to fix duckdb extension loading issue by @phillipleblanc in #8318
• Add GH Workflow to run Append benchmark test by @sgrebnov in #8321
• Exclude MySQL SF100 from test-operator dispatch by @sgrebnov in #8320
• feat: Update clippy lints by @peasee in #8317
• Add S3 location predicate pruning to listing connector by @phillipleblanc in #8319
• Review feedback for caching mode accelerator by @phillipleblanc in #8326
• Also include Dockerfile home changes for release build by @phillipleblanc in #8327
• Change communication channel from Discord to Slack by @Jeadie in #8330
• Replace Discord link with Slack link in README by @Jeadie in #8331
• fix(glue): Prevent OpenDAL from automatic loading of AWS credentials from environment by @sgrebnov in #8337
• Block on index read for FTS queries by @Jeadie in #8339
• Fix search query provider by @Jeadie in #8343
• Support for writing into AWS S3 Tables by @sgrebnov in #8344
• Acceleration file_create mode by @lukekim in #8347
• Don't block on lock in FTS query path by @Jeadie in #8348
• feat: Add an optimizer rule to replace join accumulator for Cayenne by @peasee in #8316
• S3 Vectors limit updates by @lukekim in #8352
• Sanitize top_n_sample order_by parsing by @phillipleblanc in #8356
• Add distributed registration for data connectors by @phillipleblanc in #8354
• Improve IndexerExec to properly handle limit pushdown by @sgrebnov in #8366
• Fix Cayenne partition_by metadata flaky integration test by @phillipleblanc in #8367
• Rework caching accelerator to use the stale-while-revalidate pattern. by @phillipleblanc in #8365
• Add TinyLFU caching policy by @lukekim in #8370
• Make Arrow acceleration on_conflict verification more robust by @sgrebnov in #8375
• Add additional test for verify_on_conflict_matches_primary_key (Arrow acceleration) by @sgrebnov in #8376
• Add v1.10.0-rc1 release notes by @mach-kernel in #8373
• docs: Remove DuckDB agg pushdown from release notes by @peasee in #8383
• Testoperator dispatch: add Append support and test configurations by @sgrebnov in #8360
• fix: Increase TPCDS DuckDB connection pool size by @peasee in #8386
• fix: Update benchmark snapshots by @app/github-actions in #8385
• fix: Update benchmark snapshots by @app/github-actions in #8389
• Fix Windows build by @phillipleblanc in #8391
• DuckDB aggregate pushdown: fix partitioning and schema rewrite bugs by @mach-kernel in #8397
• Delta table: Store current snapshot ref with table instance by @mach-kernel in #8358
• GetAppDefinition: Check if executor is part of cluster by @mach-kernel in #8396
• 1.10.0-rc1 housekeeping by @mach-kernel in #8394
• Change debug log to warning for vector engine config by @Jeadie in #8378
• Clarify /v1/nsql datasets sampling hint by @phillipleblanc in #8395
• Use bmi1 target feature for x86_64 by @phillipleblanc in #8401
• benchmarks: Default to update snapshots when run on a non-release branch by @phillipleblanc in #8402
• Update threat model for v1.9.2 by @phillipleblanc in #8400
• Fix iceberg tables metadata - assign ids to all fields, including nested by @ewgenius in #8351
• Fix databricks_spark_connect_m2m_integration_test_catalog snapshot by @ewgenius in #8403
• Move all GitHub Actions workflows to use exact commit sha by @phillipleblanc in #8409
• Upgrade datafusion-tableproviders (df v50) by @lukekim in #8261
• Batching for CDC by @krinart in #8359
• fix: make DuckDB attachments logic more robust by @sgrebnov in #8411
• Persistent checkpoints for DynamoDB Streams by @krinart in #8345
• Distributed query: Support AsyncFuncExec and Spice UDFs in Ballista by @mach-kernel in #8414
• Pin GitHub Actions to fix Testoperator build action by @sgrebnov in #8416
• Watermarks support for DynamoDB by @krinart in #8417
• Fix typo in .vscode/launch.json by @sgrebnov in #8415
• DuckSqlExec: Update equivalence properties when rewriting schema by @phillipleblanc in #8420
• Validate that the commit for datafusion-table-providers exists on the spiceai branch by @phillipleblanc in #8421
• Append Tests: add support for retention testing by @sgrebnov in #8419
• New crate google-genai by @Jeadie in #8390
• federation: Improve error message and add debug logging for cast failures by @phillipleblanc in #8422
• DynamoDB Streams Error Handling by @krinart in #8418
• Append tests: add support for with_retention_data to dispatch by @sgrebnov in #8430
• Append tests: add support for test metrics reporting by @sgrebnov in #8432
• test-operator: fix metrics reporting by @sgrebnov in #8435
• Follow-up improvements and bug fixes by @krinart in #8433
• Periodic snapshots for append/changes streams by @krinart in #8407
• Add support for caching_stale_if_error to caching accelerator; fix multiple upstream requests during SWR; fix Arrow accelerator by @phillipleblanc in #8425
• Disable dataset health monitor for dynamic HTTP connector by @phillipleblanc in #8441
• Metrics + snapshots_trigger_threshold for DynamoDB Streams by @krinart in #8437
• Clear the in-flight revalidations cache after a revalidation has completed. by @phillipleblanc in #8443
• dont build 'spicepod-validator' on 'make install' by @Jeadie in #8426
• fix: Update benchmark snapshots by @app/github-actions in #8436
• fix: Disable Cayenne HashJoin rewriter optimizer by @peasee in #8439
• Testoperator: add duckdb-partitioned query override by @sgrebnov in #8446
• Add a check to validate that results cache SWR and caching accelerator SWR are not both set. by @phillipleblanc in #8445
• OTel exporter for push metrics by @lukekim in #8442
• fix: Update benchmark snapshots by @app/github-actions in #8448
• Add snapshot creation logging by @krinart in #8469
• Fix PeriodicReader panic by @krinart in #8471
• fix: Pin CUDA build actions to commits by @peasee in #8477
• DuckDB agg pushdown: gate behind accelerator parameter by @mach-kernel in #8474
• Rename aggregate_pushdown_optimization -> optimizer_duckdb_aggregate_pushdown by @ewgenius in #8485
• Handle throttling exception for DynamoDB streams by @phillipleblanc in #8492

Announcing the release of Spice v1.10.0-rc.1! ⚡

v1.10.0-rc1 is a release candidate for early testing of v1.10 features including an all new caching acceleration mode, tiny_lfu caching policy, a new DynamoDB Streams connector (Preview), improvements to the DynamoDB connector, faster distributed query execution, S3 connector improvements, and security hardening for v1.10.0-stable.

What's New in v1.10.0-rc1​

Caching Acceleration Mode with SWR and TinyLFU​

This release introduces a new caching acceleration mode that implements the stale-while-revalidate (SWR) pattern using Data Accelerators such as DuckDB or Cayenne, enabling queries to return file-persisted cached results immediately while asynchronously refreshing data in the background. Combined with the new TinyLFU cache eviction policy, Spice can now maintain higher cache hit rates while keeping memory usage predictable.

Key Features:

• Stale-While-Revalidate (SWR): Returns cached data immediately while refreshing in the background
• Data Accelerator Support: Cached accelerators can persist data to disk using DuckDB, SQLite, or Cayenne file modes.
• TinyLFU Cache Policy: Probabilistic cache admission policy that maintains high hit rates with minimal overhead
• Predictable Memory Usage: Configurable memory limits with automatic eviction of less frequently used entries

Example Spicepod.yml configuration:

runtime:
  caching:
    sql_results:
      enabled: true
      eviction_policy: tiny_lfu # default lru

datasets:
  - from: s3://my-bucket/data.parquet
    name: cached_data
    acceleration:
      enabled: true
      engine: duckdb
      mode: file # Persist cache to disk
      refresh_mode: caching
      refresh_check_interval: 10m

For more details, refer to the Data Acceleration Documentation and Caching Documentation.

DynamoDB Streams Data Connector in Preview​

DynamoDB Connector now integrates with DynamoDB Streams which enables real-time streaming with support for both table bootstrapping and continuous change data capture (CDC). This connector automatically detects changes in DynamoDB tables and streams them into Spice for real-time query, search, and LLM-inference.

Key Features:

• Real-Time CDC: Automatically captures inserts, updates, and deletes from DynamoDB tables
• Table Bootstrapping: Initial full table load before streaming changes

Example Spicepod.yml configuration:

datasets:
  - from: dynamodb:my_table
    name: orders_stream
    acceleration:
      enabled: true
      refresh_mode: changes

For more details, refer to the DynamoDB Connector Documentation.

Cayenne Accelerator Enhancements​

The Cayenne data accelerator now supports:

• Sort Columns Configuration: Optimize inserts by pre-sorting data on specified columns for improved query performance

Example Spicepod.yml configuration:

datasets:
  - from: s3://my-bucket/data.parquet
    name: sorted_data
    acceleration:
      enabled: true
      engine: cayenne
      mode: file_create
      params:
        sort_columns: timestamp,region

For more details, refer to the Cayenne Documentation.

S3 Connector Improvements​

S3 Location Predicate Pruning: The S3 data connector now supports location-based predicate pruning, dramatically reducing data scanned by pushing down predicates to S3 listing operations. This optimization is especially effective for partitioned datasets stored in S3.

AWS S3 Tables Write Support: Full read/write capability for AWS S3 Tables, enabling fast integration with AWS's table format for S3.

For more details, refer to the S3 Tables Data Connector Documentation and Glue Data Connection Documentation.

Faster Distributed Query Execution​

Distributed query planning and execution have been significantly improved:

• Fixed executor registration in cluster mode for more reliable distributed deployments
• Improved hostname resolution for Flight server binding, enabling better executor discovery
• Distributed accelerator registration: Data accelerators now properly register in distributed mode
• Optimized query planning: DistributeFileScanOptimizer improvements for faster planning with large datasets

For more details, refer to the Distributed Query Documentation.

Search Improvements​

Search capabilities have been improved with several performance and reliability enhancements:

• Fixed FTS query blocking: Full-text search queries no longer block unnecessarily, improving query responsiveness
• Optimized vector index operations: Eliminated unnecessary list_vectors calls for better performance
• Improved limit pushdown: IndexerExec now properly handles limit pushdown for more efficient searches

For more details, refer to the Search Documentation.

Security Hardening​

Multiple security improvements have been implemented:

• SQL identifier quoting: Hardened SQL identifier quoting across all connectors to prevent injection attacks
• Token redaction: Sensitive tokens are now fully redacted in debug output to prevent credential leakage
• Path traversal prevention: Fixed tar extraction to prevent path traversal vulnerabilities
• Input sanitization: Added validation for top_n_sample order_by parsing
• Improved credential handling: Improved credential management in Glue connector

Developer Experience Improvements​

• Health probe metrics: Added health probe latency metrics for better observability
• CLI improvements: Fixed .clear history command in the REPL to fully clear persisted history

Contributors​

• @lukekim
• @sgrebnov
• @peasee
• @krinart
• @Jeadie
• @mach-kernel
• @phillipleblanc
• @ewgenius

Breaking Changes​

No breaking changes.

Cookbook Updates​

No major cookbook updates. The Spice Cookbook still offers 82+ recipes to help you prototype quickly.

Upgrading​

To try v1.10.0-rc1, use one of the following methods:

CLI:

spice upgrade --version 1.10.0-rc1

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.10.0-rc1 image:

docker pull spiceai/spiceai:1.10.0-rc1

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai --version 1.10.0-rc1

AWS Marketplace:

🎉 Spice is available in the AWS Marketplace.

What's Changed​

Changelog​

• Test-operator: Add tpcds_q8 to the default row-count validation skip list by @sgrebnov in #8185
• fix: Remove unwrap_used from test by @peasee in #8212
• Run glue_iceberg_integration_test_catalog as part of main integration tests by @sgrebnov in #8222
• Add TPCH sf100 testoperator spicepods with dispatch by @Jeadie in #8192
• Build with CPU native flags by @lukekim in #8224
• Make copilot check for empty copyright header by @krinart in #8245
• fix: Apply assertion clippy in CI/Makefile only by @peasee in #8229
• feat: Support running queries only in testoperator by @peasee in #8211
• DuckDB query planning: aggregate pushdown by @mach-kernel in #8174
• install.sh improvements by @lukekim in #8252
• Fix .clear history by @lukekim in #8254
• fix: Pushdown dynamic filters to partition scans by @peasee in #8240
• Harden SQL identifier quoting in connectors by @phillipleblanc in #8276
• Cayenne sort_columns on insert by @lukekim in #8091
• Redact token debug output by @phillipleblanc in #8280
• fix: Cayenne configuration options by @lukekim in #8281
• Prevent path traversal in untar by @phillipleblanc in #8284
• Fix cluster mode executor registration by @mach-kernel in #8292
• Unignore s3_vectors_kafka_stream test by @Jeadie in #8289
• Post-release house keeping by @krinart in #8293
• Improve generate_changelog script by @krinart in #8273
• Acceleration mode caching by @lukekim in #8237
• Sanitization and security checks by @lukekim in #7854
• Add health probe latency metric by @phillipleblanc in #8300
• Add distributed registration for data accelerators by @phillipleblanc in #8299
• Pass IndexedTableProvider down in 'changes_stream' and 'append_stream' by @Jeadie in #8295
• Add dynamodb-streams crate by @krinart in #8283
• Distributed query: resolve executor hostname when determining Flight server binding by @mach-kernel in #8304
• Return computed embeddings from index for partitioned S3Vectors by @Jeadie in #8306
• [DDB Streams] Skeleton for DynamoDB Streams by @krinart in #8296
• DistributeFileScanOptimizer: Improve planning performance by @mach-kernel in #8305
• feat: Add an ExactLeftAccumulator implementation by @peasee in #8302
• deps: Upgrade Vortex to 0.56 by @peasee in #8311
• DynamoDB table bootstrapping + streaming by @krinart in #8312
• Avoid calling S3Vector list_vectors (or equivalent) when indexing into VectorIndexs by @Jeadie in #8282
• Add on_conflict testing support to append benchmark by @sgrebnov in #8314
• docker: Add valid home directory to fix duckdb extension loading issue by @phillipleblanc in #8318
• Add GH Workflow to run Append benchmark test by @sgrebnov in #8321
• Exclude MySQL SF100 from test-operator dispatch by @sgrebnov in #8320
• feat: Update clippy lints by @peasee in #8317
• Add S3 location predicate pruning to listing connector by @phillipleblanc
• Review feedback for caching mode accelerator by @phillipleblanc in #8326
• Also include Dockerfile home changes for release build by @phillipleblanc in #8327
• Change communication channel from Discord to Slack by @Jeadie in #8330
• Replace Discord link with Slack link in README by @Jeadie in #8331
• fix(glue): Prevent OpenDAL from automatic loading of AWS credentials from environment by @sgrebnov in #8337
• Block on index read for FTS queries by @Jeadie in #8339
• Fix search query provider by @Jeadie in #8343
• Support for writing into AWS S3 Tables by @sgrebnov in #8344
• Acceleration file_create mode by @lukekim in #8347
• Don't block on lock in FTS query path by @Jeadie in #8348
• feat: Add an optimizer rule to replace join accumulator for Cayenne by @peasee in #8316
• S3 Vectors limit updates by @lukekim in #8352
• Sanitize top_n_sample order_by parsing by @phillipleblanc in #8356
• Update version to v1.10.0-rc.1 by @ewgenius in #8362
• Improve IndexerExec to properly handle limit pushdown by @sgrebnov in #8366
• Fix Cayenne partition_by metadata flaky integration test by @phillipleblanc in #8367
• Rework caching accelerator to use the stale-while-revalidate pattern. by @phillipleblanc in #8365
• Add TinyLFU caching policy by @lukekim in #8370

Announcing the release of Spice v1.9.1!🔥

v1.9.1 introduces Amazon Bedrock Nova 2 Multimodal embeddings support with high-dimensional vectors up to 3,072 dimensions and purpose-optimized embeddings for semantic search and retrieval operations, DynamoDB timestamp filter pushdown for more efficient append-mode acceleration with configurable time formatting, HTTP Data Connector health probe configuration for improved endpoint validation reliability, and Spice .NET SDK v0.2 with expanded .NET version support and updated gRPC libraries. This release focuses on bug fixes, stability, and performance improvements.

Amazon Bedrock Nova 2 Multimodal embeddings​

Spice now supports the Amazon Nova 2 Multimodal embeddings models via the Bedrock models provider, enabling high-quality text embeddings for semantic search and vector similarity operations. The Nova embeddings model offers configurable dimensions and advanced features like truncation modes and embedding purpose optimization.

Key Features:

• High-Dimensional Embeddings: Support for up to 3,072 dimensions for rich semantic representations
• Configurable Truncation: Control how input text is truncated when exceeding token limits (START, END, or NONE)
• Purpose Optimization: Optimize embeddings for specific use cases (GENERIC_INDEX, GENERIC_RETRIEVAL, or CLASSIFICATION)
• Multimodal Model: Leverages Amazon's Nova 2 multimodal architecture for consistent embeddings across different content types

Example spicepod.yml configuration:

embeddings:
  - from: bedrock:amazon.nova-2-multimodal-embeddings-v1:0
    name: nova_embeddings
    params:
      dimensions: '3072' # Required: Output dimensions
      truncation_mode: START # Optional: START, END, or NONE (default: NONE)
      embedding_purpose: GENERIC_RETRIEVAL # Optional. GENERIC_INDEX is default

For more details on the embedding parameters and configuration options, refer to the Amazon Nova Embeddings Documentation and the Spice Embeddings Documentation.

DynamoDB Timestamp Filter Pushdown​

The DynamoDB Data Connector now supports timestamp filter pushdown, enabling more efficient append-mode acceleration refreshes by pushing timestamp filters directly to DynamoDB queries. Since DynamoDB stores timestamps as strings rather than native datetime types, this feature includes configurable timestamp formatting to ensure correct parsing and filtering.

Key Features:

• Filters on timestamp columns are now pushed down to DynamoDB, reducing data transfer and improving query performance
• Support for Go-style datetime formatting patterns to handle various timestamp string formats
• Uses ISO 8601 format by default when no custom format is specified

Example spicepod.yml configuration:

datasets:
  - from: dynamodb:sales
    name: sales
    time_column: created_at
    time_format: timestamptz
    params:
      time_format: 2006-01-02T15:04:05.000Z07:00
    acceleration:
      enabled: true
      engine: duckdb
      refresh_mode: append

For more details, refer to the DynamoDB Data Connector Documentation.

HTTP Data Connector Health Probe Configuration​

The HTTP Data Connector now supports configurable health probe paths for endpoint validation. Instead of using a random non-existent path, the system can now validate endpoints using a user-specified path, improving flexibility and reliability for health checks.

Example spicepod.yml configuration:

datasets:
  - from: https://api.tvmaze.com
    name: tvmaze
    params:
      file_format: json
      health_probe: /health-check

For more details, refer to the HTTP Data Connector Documentation.

Spice .NET SDK v0.2​

The Spice .NET SDK has been upgraded with expanded .NET version support, custom User-Agent configuration, and updated gRPC libraries: spice-dotnet v0.2.0. The SDK is available on NuGet.

Key Features:

• Expanded .NET Support: Now supports .NET Standard 2.0, .NET Core 8.0, 9.0, and 10.0.
• Custom User-Agent: Configure custom User-Agent headers for client identification and telemetry.
• Updated gRPC Libraries: Upgraded gRPC dependencies and netstandard for improved performance and reliability

Upgrade Example:

dotnet add package SpiceAI --version 0.2.0

For more details, refer to the .NET SDK Documentation.

Additional Improvements & Bug Fixes​

• Reliability: Fixed view loading to respect topological order, preventing dependency resolution errors.
• Reliability: Migrated from deprecated trust_dns_resolver to hickory_resolver for improved DNS resolution reliability.
• Security: Fixed arbitrary file access vulnerability during archive extraction ("Zip Slip") to prevent potential security exploits.
• Distributed Query: Fixed object store initialization across scheduler/executor gap, improving reliability for distributed query execution.
• Distributed Query: Optimized query routing by preventing runtime.* schema queries from being sent to the scheduler, improving performance for metadata queries.
• Performance: Added Blake3 and xxHash support with xxh3_64 as the default caching hashing algorithm for improved cache and query performance.
• Performance: Optimized default Zstd compression level to 6 for better balance between compression ratio and speed.
• UX: Improved dataset loading output with clearer progress indicators and status messages.

Contributors​

• @Jeadie
• @lukekim
• @peasee
• @phillipleblanc
• @sgrebnov
• @krinart
• @mach-kernel

Breaking Changes​

No breaking changes.

Cookbook Updates​

No major cookbook updates.

The Spice Cookbook includes 82 recipes to help you get started with Spice quickly and easily.

Upgrading​

To upgrade to v1.9.1, use one of the following methods:

CLI:

spice upgrade

Homebrew:

brew upgrade spiceai/spiceai/spice

Docker:

Pull the spiceai/spiceai:1.9.1 image:

docker pull spiceai/spiceai:1.9.1

For available tags, see DockerHub.

Helm:

helm repo update
helm upgrade spiceai spiceai/spiceai

AWS Marketplace:

🎉 Spice is now available in the AWS Marketplace!

What's Changed​

Changelog​

• fix integration tests: order by the query to make snapshots deterministic by @phillipleblanc in #8198
• Add health probe override by @lukekim in #8236
• Use Moka optionally_get_with for SWR single-in-flight semantics by @lukekim in #8231
• fix: Arbitrary file access during archive extraction ("Zip Slip") by @phillipleblanc in #8242
• Migrate trust_dns_resolver to hickory_resolver by @phillipleblanc in #8243
• fix: Deny assert macros in non-test code by @peasee in #8223
• Distributed query: Object store initialization across scheduler/executor gap, misc bugfixes & improvements by @mach-kernel in #8009
• Add Blake3, enable xxHash, set xxh3_64 as default, add bench by @lukekim in #8157
• Make cache zstd default compression level 6 by @lukekim in #8234
• Use seed for xxh3 by @lukekim in #8232
• DynamoDB Timestamp Filter Pushdown by @krinart in #8235
• Add ready_wait for mongo-arrow benchmarks by @krinart in #8246
• Add support for amazon.nova-2-multimodal-embeddings-v1:0 by @Jeadie in #8225
• Improve the output of dataset loading by @lukekim in #8256
• Load views in topological order by @lukekim in #8255
• Distributed query: Do not send runtime.* schema queries to scheduler by @mach-kernel in #8271
• Remove input length check for Nova model. by @Jeadie in #8270