Bug fixes and other internal updates.
Oracle - When TONIC_ORACLE_SKIP_CREATE_DB is true, tables in the destination database are preserved. If a table filter is provided in TONIC_TABLE_WHITELIST, then destination tables that are not in the whitelist are preserved. Before this change, those tables were truncated.
Bug fixes and other internal updates.
MongoDB - Added the environment setting TONIC_MONGO_MASK_FIELD_IDS
. When set to true
, Structural assigns the Mongo ObjectId Key generator to ObjectId field names. Consistency is enabled. The default value is false
.
Bug fixes and other internal updates.
Improved error handling for PII detectors.
Google BigQuery - Fixed an issue where some BigQuery workspaces did not release rows from memory in a timely manner.
MySQL - The new environment setting TONIC_MYSQL_USE_NATIVE_DUMP_TOOL
, when set true
, prefers the mysql
native tools over the existing default of mariadb
.
MySQL - You can now configure the following environment settings to override the Structural default behavior when a connection opens and a session is established:
TONIC_MYSQL_NETWORK_READ_TIMEOUT
TONIC_MYSQL_NETWORK_WRITE_TIMEOUT
TONIC_MYSQL_WAIT_TIMEOUT
TONIC_MYSQL_LOCK_WAIT_TIMEOUT
TONIC_MYSQL_INNODB_LOCK_WAIT_TIMEOUT
Azure SSO - Added support for authenticating application service principals using the EntraID client-credentials flow. Service principals can access the Structural API. For configuration requirements, refer to the Azure/EntraID SSO configuration information in the Structural User Guide.
SQL Server - Fixed the copy of stored procedures that reference full-text indexes.
Structural now supports diagnostic logging for upsert data generation.
Snowflake - Fixed an issue where, when using the connection string and key-pair authentication options, the test connection button was disabled unless a password was entered.
Updated the legal text that is displayed for new account creation on self-hosted Structural instances.
For custom sensitivity rules, column matching rules are now always case insensitive. Previously, the column matching rules were always case sensitive.
SQL Server - Added support for:
Bug fixes and other internal updates.
Improved the free trial onboarding flow. Added to the available data connectors. Fixed an issue with creating a Google BigQuery workspace. Fixed a duplicate display issue.
File connector - Fixed an issue that a caused authorization failures when using Assume Role to authorize access to Amazon S3 from Structural Cloud.
Fixed an issue where after an import from a JSON file, Subsetting view did not immediately reflect the state of the workspace.
Spark - Removed support for Livy on Hive.
PostgreSQL - Fixed an issue where Structural failed to process tables that contained a generated column that referenced a user-defined type.
Scheduling data generation - From the Jobs view (renamed from Job History) for a workspace, you can now configure the data generation to run automatically on a schedule. The schedule consists of one or more cron expressions, along with the time zone to use for the schedule. The Structural API includes new endpoints to manage the job schedule.
MongoDB - Fixed an issue that caused connection errors for connections to a Mongo Atlas cluster from Tonic Cloud.
Bug fixes and other internal updates.
File connector - You can now specify a separate IAM role for the output location.
Create sensitivity rule from Database View - When you select the Database View bulk edit option for columns that have the same data type, do not have an assigned generator, and do not have a recommended generator, you now have the option to create a custom sensitivity rule. You can then immediately run a new sensitivity scan to catch matching columns.
Fixed an issue with the JSON Mask generator configuration panel where the example data did not update correctly.
Structural now displays a warning when the pre-job checks determine that the source database is on a newer major version than the destination database.
Salesforce - Rewrote the connector algorithm to avoid using sentinels, and to improve subset creation.
Snowflake - Fixed a regression introduced in v1213 that limited table parallelism for all data generations that use the V2 pipeline.
Oracle - Fixed an issue where for subsetting data generation, the Maximum Character Limit was not calculated properly.
Databricks - Structural now supports writing Identity columns to tables.File connector - You can now assign the Timestamp Shift and Date Truncation generators to Parquet date fields.
PostgresSQL - Removed the option to run PostgreSQL jobs using the older flow. All jobs now run with the Data Pipeline v2.
Snowflake
Bug fixes and other internal updates.
The detector for city names now ignores misleading values that are not city names.
Bug fixes and other internal updates.
Bug fixes and other internal updates.
Updated the application to reflect the rename to Tonic Structural. Includes renaming the Tonic Settings view to Structural Settings.
From the Access Management tab of Structural Settings, users with permission to manage Structural access can now restore deleted users.
For a column that is part of a unique compound index, Structural now only suggests generators that can be used for unique columns.
Structural now detects SWIFT codes based on the format of the data in addition to the column name.
Fixed an issue where all subsetting WHERE clauses failed internally.
Databricks
TONIC_DATABRICKS_SKIP_CREATE_DB
indicates whether to skip the schema creation. The default is false. The environment setting TONIC_DATABRICKS_ENABLE_WORKSPACE_SKIP_CREATE_DB
indicates whether to include the option in the workspace configuration, and use TONIC_DATABRICKS_SKIP_CREATE_DB
to determine the default. The default is true. You can add these settings to the Environment Settings list on Structural Settings.File connector
Snowflake
The scheduled sensitivity scans are now daily instead of weekly. By default, the scans run every day at midnight. Structural scans the 10 workspaces that have the most recent activity. Activity is defined as either a user-initiated workspace event that is added to the Protection Audit Trail, or a data generation job.
On the details view for custom sensitivity rules, fixed an issue where the Edit Current Preset button was always disabled.
When a generation to Ephemeral fails, Structural job logs now include the Ephemeral logs and destination database pod logs.
For users who do not have permission to manage sensitivity rules, the Sensitivity Rules option now displays in a disabled state.
When you configure a workspace to write to a self-hosted Ephemeral instance, or to write to Ephemeral Cloud from a self-hosted Structural instance, the workspace configuration now includes an option to test the Ephemeral connection.
Yugabyte data connector - Structural now allows you to connect to databases on Yugabyte version 2024.1 and above. The Yugabyte data connector is available with a Professional or Enterprise license. It only supports Yugabyte SQL (YSQL).
When you configure a custom security rule, you can now create or edit the assigned generator preset. You can also use a workspace to preview the security rule results. The preview displays the matching columns for the selected workspace.
Structural can now detect the following additional sensitivity types:
MySQL
ALLOW_INVALID_DATES
is set, Structural now allows Passthrough for columns that contain invalid dates.Snowflake
Fixed an issue on the webhook configuration panel where users could not click Save when the Message Body tab contained large property values.
Fixed an issue that caused the Notifications service to stop processing webhooks.
Improved the detection of name values to identify more specific types of names.
Amazon EMR
Self-hosted instances can now schedule sensitivity scans to run automatically on a weekly basis. By default, the weekly scans are enabled and run each Sunday at midnight.
Structural can now detect the following additional sensitivity types:
File connector
Oracle
Salesforce
PostgreSQL
Snowflake on AWS
Structural can now detect the following additional sensitivity types that are defined by the HIPAA Safe Harbor method:
Removed the environment setting TONIC_SUBSETTING_CYCLE_BREAK_GREEDY_ALGORITHM
. The greedy algorithm to compute the required cycle breaks for subsetting is no longer available.
Snowflake
TONIC_SNOWFLAKE_SKIP_CREATE_DB
is false, meaning that Structural creates the destination database and schema. If you set this to true, then Structural does not create the schema. You must create the destination database with the full schema. You can add TONIC_SNOWFLAKE_SKIP_CREATE_DB
to the Environment Settings list on Tonic Settings.For post-job webhook URLs, you cannot use URLs that resolve to a private IPv4 range.
To provide the column name matching criteria for custom sensitivity rules, you can now use a regular expression.
The Structural sensitivity scan can now detect UK and Canada postal codes.
You can now use the Structural API to manage custom sensitivity rules.
When you configure a PostgreSQL or MySQL workspace to write the destination data to a container repository, you can now specify the name of the database.
Fixed an issue where the column sensitivity type was not updated when a later sensitivity scan detected a different type. Columns that are manually marked as sensitive are not affected.
Increased the number of column names that Structural uses to detect sensitivity types.
Amazon EMR
Salesforce
WHERE
clauses in subsetting target table configuration.When Structural detects a state abbreviation, it no longer identifies it as a full state name.
During a sensitivity scan, the value finders now look more holistically at both the data and the column name instead of assessing them individually.
Custom sensitivity rules - On self-hosted Enterprise instances, you can now configure custom sensitivity rules, which allow you to create your own sensitivity types. For each rule, you configure the general data type, text matching rules for the column name, and the recommended generator. Structural uses these rules during the sensitivity scan. Matching columns are included on the Recommended Generators by Sensitivity Type panel.
Toleration configuration for output to container repositories - Self-hosted customers who write output to a container repository can now set pod tolerations to enable pods to be scheduled on nodes that have taints. The tolerations are configured in environment settings. You can add these settings to the Environment Settings list on Tonic Settings.
MySQL
When configuring a workspace to write output to an Ephemeral snapshot, you can now optionally configure the compute resources. By default, the resources are based on the size of the source database.
Sensitivity scans now detect name values more accurately.
Fixed an issue with certificate uploads for database settings.
Fixed an issue where the Structural application would hang after you created a workspace.
Shared logs are now transferred to an HTTPS endpoint instead of an Amazon S3 endpoint.
Amazon EMR
WHERE
clauses as invalid.Amazon Redshift
PostgreSQL
Fixed an issue where sensitivity scans suggested generators based on substrings within a column name.
HTML is now removed from text in comment fields.
Fixed an issue where the XML Path generator did not work correctly.
A new environment setting, TONIC_SUBSETTING_CYCLE_BREAK_GREEDY_ALGORITHM
, indicates whether to use a new, faster greedy algorithm to compute the required cycle breaks for subsetting. By default, the setting is false
.
File connector
MongoDB
MySQL
Oracle
Salesforce
TONIC_SALESFORCE_CONSUMER_KEY
and TONIC_SALESFORCE_CONSUMER_SECRET
environment settings.Snowflake
ALTER
statements were inappropriately run through the GetDdl flow.Improved the accuracy of name detection.
MongoDB
Oracle
Salesforce data connector - The Salesforce data connector is now available for self-hosted instances that have a Professional or Enterprise license. It is currently only available by request. To request access to the Salesforce data connector, contact Tonic.ai support.
Linking address columns for recommended generators - The recommended generators panel in Privacy Hub now indicates when address columns should be linked. The columns are displayed in groups. You then apply the recommended generators to all of the columns in the group, and the columns are automatically linked.
Other updates
Fixed an issue with subsetting. When processing upstream tables with nullable foreign keys that had no referenced key values to process, upstream filters were not applied.
Improved performance of the Conditional generator when using the IS IN
operator.
The upsert option for workspaces is now out of beta.
Fixed an issue where the number of generators that are slow to compute was calculated incorrectly, which affected how we parallelized the generator processing.
The default value for the environment setting TONIC_ORACLE_DBLINK_ENABLED
is changed to false. The plan is to eventually remove the feature.
Fixed an issue where the TONIC_DISABLE_IPV6
setting did not completely prevent services from binding to ipv6 addresses.
When applied to a numeric type column, the SSN generator now by default generates values without hyphens.
Amazon EMR
File connector
MongoDB
MySQL
Oracle
Snowflake
Helm charts for deploying Structural to Kubernetes are now published at quay.io/tonicai/structural in addition to GitHub.
From the recommended generators panel on Privacy Hub, you can now enable or disable self-consistency for all columns within a sensitivity category.
Fixed an issue in Table View that sometimes caused the column order to be incorrect.
Added an environment variable TONIC_DISABLE_IPV6
to the PyML container. When set to true, the container no longer listens on IPv6 addresses.
File connector
MySQL
WHERE
clauses when the table or schema name contained special characters.PostgreSQL
Snowflake
SQL Server
From the recommended generators panel on Privacy Hub, you can now enable or disable self-consistency for each column.
When you create a virtual foreign key, the nullability of the foreign key is now determined by the nullability of the foreign key column.
On Privacy Hub and the job details view, changed the label on the Download option to Reports and Logs.
Db2 for LUW
MySQL
PostgreSQL
Sending telemetry to Tonic.ai is now required and enforced. After 5 days of failed telemetry connections, a warning displays. If the connection issue persists for 15 days, data generation is restricted.
Structural Cloud users can now reset their passwords from the login page. To reset your password, click Forgot your password?.
You can now set the TONIC_POSTGRES_REFRESH_MATERIALIZED_VIEWS
environment setting from the Environment Settings tab on Tonic Settings.
File connector
SQL Server
Added a new API endpoint to resolve all schema changes in a workspace. You can choose whether to resolve only conflicting changes, only notifications, or all of the schema changes.
Fixed an issue that caused the Tonic Structural PyML Service to be unreachable in IPV4-only containers.
Added a new conflicting schema change when a column that has an assigned generator becomes a foreign key. Foreign key columns must inherit the generator from the primary key.
Structural can now generate data with subsetting when a primary key table is truncated, as long as the foreign keys that reference the primary key are nullable.
Amazon Redshift
File connector
Snowflake
SQL Server
For the notifications image, replaced alpine with ubuntu.
File connector
MongoDB
MySQL
Snowflake
SQL Server
During the free trial, Structural now displays next step highlights to indicate the next recommended action. When you hover over the recommended action, Structural displays an explanatory tooltip.
A new environment setting, TONIC_DB_MAX_POOL_SIZE
, sets the connection pool size for the Structural application database. The default value is 3.
Fixed an issue where the preview data in the JSON Mask generator editor did not respect the applied table filter.
File connector
MongoDB
PostgreSQL
Fixed an issue in Table View where characters were sometimes represented inaccurately. For example, a lowercase x would become a multiplication symbol.
Fixed an issue where data generation to Tonic Ephemeral Cloud failed with the error "Ephemeral URL not found".
For a schema change that adds a new column, both the Schema Changes view and the API response now include the data type for the new column.
For the Structural free trial, Structural now displays a checklist for each workspace. There are slightly different checklists for database-based and file connector workspaces.
Added support to run Structural in dual-stack networks and IPv6-only network environments.
On the workspace details view, fixed an issue where an Ephemeral API key appeared to be populated when no value was provided.
Fixed an issue that caused data generation to Ephemeral to fail with "Ephemeral output must be configured".
Fixed an issue where data generation to Ephemeral failed after a first successful run.
Amazon Redshift
MySQL
SQL Server
Writing output to a Tonic Ephemeral snapshot - For database types that Tonic Ephemeral supports (currently PostgreSQL and MySQL), you can now write the output to an Ephemeral user snapshot. This replaces the option to write the output to an Ephemeral database, except for workspaces in the Structural free trial. In Ephemeral, you can use the user snapshot to start new Ephemeral databases.
Other updates
For the UUID Key generator, added a new configuration option, Preserve Version and Variant. By default, the setting is turned off. When turned on, the version and variant bits from the source UUID are preserved in the output value. For the API, the new setting is preserveVersionAndVariant
.
In the Tonic Structural free trial, the sample workspace now by default writes the output to a Tonic Ephemeral database.
Fixed an issue where vertical scrolling was sometimes blocked.
You can now configure the allowed SSL/TLS protocols and ciphers on the Tonic Web Server. To configure the protocols and ciphers, use the environment settings TONIC_WEB_SERVER_TLS_PROTOCOLS
and TONIC_WEB_SERVER_TLS_CIPHERS
.
File Connector
MongoDB
MySQL
The Structural API now includes endpoints to get and set the assigned table modes and table filters for a workspace.
Fixed an issue where the workspace audit trail displayed generator preset events that occurred before the workspace was created.
Fixed an issue where an error was returned when users tried to export selected files from a file group.
Improved error message when Structural cannot write output to Ephemeral because Ephemeral does not have a compatible base image for the database.
Databricks
Google BigQuery
Oracle
Output to a Tonic Ephemeral database - Tonic Ephemeral is a separate Tonic.ai product that allows you to create temporary databases. On Tonic Cloud, for data connectors that Ephemeral supports (currently PostgreSQL and MySQL), you can configure the workspace to write the destination data to an Ephemeral database. This is the default option for data connectors that Ephemeral supports.
The database belongs to your Ephemeral account. If you do not already have an Ephemeral account, then Tonic automatically creates a two-week Ephemeral free trial account for you. The Tonic data generation job details provide access to the database connection details.
Free trial checklist - During the free trial, the sample workspace now includes a checklist to help users get through the required steps to complete their first data generation.
Other updates
Free trial users can no longer use a public email address to create an account.
Fixed an issue where password reset links lead to a blank page.
Fixed an issue where pay-as-you-go users would see the countdown for a free trial.
In the sample workspace, fixed an issue where a faulty destination database template caused an error when a user tried to update it.
Google BigQuery
Oracle
PostgreSQL
Snowflake
You can now manually add selected environment settings to the Environment Settings list on Tonic Settings.
Improved the performance of data previews in the Tonic application.
For workspaces that write output data to a container repository, fixed an issue that prevented GAR credentials from being saved.
Google BigQuery
Snowflake
SQL Server
New Db2 for LUW data connector - Tonic now has a data connector for IBM Db2 for Linux, Unix, and Windows (Db2 for LUW). Tonic supports Db2 for LUW version 11.5.
Other updates
When the AI Synthesizer is used in a workspace, Tonic now verifies before data generation that the AI Synthesizer does not use more than the maximum allowed categories.
Amazon EMR
<view name>_tonic_table
.Privacy Report PDF file
We added a new Privacy Report PDF that you can download from Privacy Hub and the job details view. The Privacy Report PDF contains a summary of the privacy ranking values, visualizations to summarize the workspace column privacy rankings based on the applied generators, and a summary table that contains the .csv Privacy Report data.
To accommodate the new file, on Privacy Hub and the job details page, the available downloads are combined into a Download menu.
Assigning recommended generators from Database View
On Database View, when an unprotected column has a recommended generator, the generator name tag now displays the type of sensitive data that was detected.
When you click the generator name tag, Tonic displays a panel that displays the sensitivity type, the recommended generator, and sample source and output data based on the recommended generator. The panel provides options to either apply or ignore the recommendation.
Other updates
Fixed an issue where changing the configuration of a generator preset did not accurately update the count of occurrences of the preset.
Oracle
Fixed an issue with the Name generator where capitalization was not preserved if consistency was disabled.
For Table View, fixed an issue where the delete button to remove the generator assignment was sometimes hidden.
Oracle
PostgreSQL
SQL Server
Redesigned Database View
We redesigned Database View to improve the display and the filtering.
In the updated columns list, the Column column contains the schema, table, and column name, and the column data type. It provides access to the data preview option.
The Applied Generator column shows the applied generator. Applied Generator indicates when a column is unprotected, when the column is a primary or foreign key, and when the configuration overrides the parent workspace. If the table mode is not De-Identify, it shows the table mode. It provides access to the commenting option.
Filters other than the column name filter are moved under the Filters option. There are also new filters for the sensitivity type (the type of sensitive data that Tonic detected in the column) and whether the column has a recommended generator.
Privacy Report updates
In the Privacy Report, new column, Column Privacy Rank, indicates the privacy ranking for a column based on the assigned generator and generator configuration. The generator summary and generator reference include the possible privacy ranking values for each generator.
Added a new column, Tonic Detected Sensitivity, that indicates whether the Tonic sensitivity scan identified the column as sensitive. Renamed the Is Sensitive column to Current Sensitivity. Current Sensitivity indicates whether the column is currently marked as sensitive.
Also corrected an earlier issue with the order of the columns.
Other updates
Fixed an issue that caused all subset runs to record the percentage of rows in the subset as 100%. Subset runs that occur after updating to this version display the correct percentage.
The option to write output data to a container repository is out of beta.
Databricks
Google BigQuery
TONIC_GRPC_ENABLED
was false.NUMERIC
or BIGNUMERIC
column.Oracle
IDENTITY
columns. Before this change, IDENTITYM
columns caused errors during destination database creation.For the Custom Categorical generator, you can now add a NULL value to the available custom category values. To indicate a NULL value, use the keyword {NULL}
.
Made the following API updates to better accommodate users of the previous version of the API:
jobs/{id}/workspace_snapshot
now returns the WorkspaceDataModel object.GET jobs/{id}/workspace_snapshot?api-version=v2023_07_00
, that returns V17WorkspaceDataModel
Databricks
TBLPROPERTIES
from the source delta table, including 'delta.feature.allowColumnDefaults'
.Redesigned data model for generator assignments - The new version of the Tonic API includes a redesign of the data model for generator assignments. To use the previous version of the generator assignment data model, make sure that your API calls specify version 2023.07.0.
The generator assignment data model redesign includes the following changes:
metadata
object in the link
object:presetId
generatorId
customValueProcessor
encryptionProcessor
pathExpression
to the metadata
object in the link
object.link
object:subPresetId
subGeneratorId
customSubGeneratorValueProcessor
subGeneratorMetadata
object under metadata:presetId
generatorId
customValueProcessor
TONIC_GRPC_ENABLED
was set to true.NOTE: v1074 was removed.
If your instance of Tonic is deployed on Docker, you can now use an external Kubernetes cluster to enable the option to write destination data to container artifacts.
You can now assign the Integer Key generator to a column with a decimal data type. The actual column values must still be integers.
Fixed an issue in Table View where an error displayed if you changed the selected table while the data was loading.
Databricks
File connector
SQL Server
The Enable Diagnostic Logging global permission is now granted to the built-in Account Admin permission set.
Databricks
CREATE CATALOG
or CREATE SCHEMA
permissions are no longer required if the destination catalog or schema already exists.Diagnostic logging for data generation - By default, Tonic now redacts sensitive data in data generation log files.
When users start a data generation or upsert job, if they have the new global permission Enable diagnostic logging, they can choose to enable diagnostic logging, which does not redact the logs. The Enable diagnostic logging permission is also required to download the diagnostic logs. By default, the permission is only granted to the Admin and Admin (Environment) global permission sets.
In addition to the option for individual jobs, there are environment settings that enable diagnostic logging for specific data connectors.
Other updates
In the Release Candidate version of the API, the response model for the GET /api/workspace/minimal
endpoint has been updated for more straightforward de-serialization.
Fixed an issue where a non-unique composite primary key column could only be assigned unique generators.
Users can now press Enter to finish copying a workspace or a generator preset, instead of having to click Copy.
File connector
Google BigQuery
Oracle
SQL Server
WITH INLINE
clauses from definitions of user-defined functions (UDF). Inlining does not require these clauses. WITH_INLINE
clauses in UDF definitions that do not meet the requirements for inlining can prevent the UDF from being restored properly in the destination database.For the OpenID Connect (OIDC) SSO integration, Tonic now supports authentication by client secret that uses HTTP basic authentication (client_secret_basic
). To provide the client secret, configure the TONIC_SSO_CLIENT_SECRET
environment setting.
SQL Server
TONIC_SQL_SERVER_SKIP_CREATE_DB
, indicates whether to skip schema creation for the destination database. If true, then Tonic does not create the schema. It uses the existing schema to populate the destination database. The default is false. You can configure this environment setting from the Environment Settings tab on Tonic Settings.NOTE: These releases were removed.
During free trial signup, the data connector options now include an option to use local files for the source data. This creates a file connector workspace for local files, and displays the File Groups view to allow the free trial user to start to add file groups to the workspace.
Added an environment setting, Tonic Test Connection Timeout In Seconds (TONIC_TEST_CONNECTION_TIMEOUT_IN_SECONDS
), that you can set from the Environment Settings tab on Tonic Settings. This setting configures the timeout for testing a database connection. Previously, connection test attempts timed out after 5 seconds. The new default is 15 seconds.
When you configure a workspace to write the output to container artifacts, you can now specify custom resources for the Kubernetes pod, including the ephemeral storage, memory, and CPU millicores.
Improved performance when marking a large number of columns as not sensitive.
Fixed an issue that caused Tonic workers that are deployed on Docker to crash unexpectedly.
For numeric columns that support arbitrary precision and scale, when the scale is 0 (for example, NUMERIC(N,0)
), or when the underlying values are all integers, these columns are now supported as primary keys for the purpose of subsetting.
Amazon EMR
Amazon EMR and Databricks
TONIC_WORKSPACE_DEFAULT_SAVE_MODE
indicates the mode to use. If set to a value other than null (Ignore, Append, Overwrite), this setting takes precedence over TONIC_WORKSPACE_DEFAULT_ERROR_ON_OVERRIDE
.Google BigQuery
MongoDB
TONIC_DOCUMENT_MAX_DEPTH
, to configure the maximum depth of JSON document that can be handled. The default value, which is also the recommended minimum value, is 32.SQL Server
NOTE: v1051 through v1053 were removed.
Enable administration functions in Tonic Cloud - For Tonic Cloud customers, the new Account Admin permission set provides access to Tonic administration functions for their organization. The Account Admin can reset passwords, delete users, copy and share all workspaces, and download the usage report. The Account Admin permission set is initially granted to the first user in the organization.
Databricks
File connector
MySQL
TONIC_MYSQL_MAX_CONCURRENT_INDEX_CREATION
, to limit the number of concurrent indexes that are created. The default value is 0, which indicates that there is no limit.SQL Server
When you select the option to write destination data to container artifacts, you can now use Google Artifact Registry (GAR) authorization using Google Cloud Platform (GCP) service account keys.
For the JSON Mask and XML Mask generators, fixed the data preview for JSON or XML field samples that are larger than 120MB by generating a smaller subset of the field.
The Name generator now supports consistency with other columns.
Added new API endpoints to retrieve and set table replacements. These new endpoints are compatible with workspaces for data connectors that do not have schemas, such as Spark-based databases and the file connector. The existing endpoints, which require you to provide a schema, eventually will be deprecated.
Amazon EMR
File connector
MySQL
Oracle
PostgreSQL
SQL Server
Snowflake
Added an environment setting TONIC_DELETE_COLUMN_SCHEMA_ON_WORKSPACE_DELETE
. If the setting is true
, then when a workspace is deleted, Tonic also deletes the associated rows from the ColumnSchemas
table in the Tonic application database.
The new environment setting TONIC_NOTIFICATION_SMTP_TRUST_CERTIFICATE
indicates whether to allow the SMTP server certificate to be trusted.
Improved the performance of previewing data in Privacy Hub.
Fixed an issue where SSO groups were not removed when the value of TONIC_SSO_GROUP_FILTER_REGEX
changed in a way that excluded previously imported groups. The removed groups are removed from any workspaces that they were granted access to.
For the Timestamp Shift Generator, added Month and Year as options for the date part to use to set the allowed range.
When writing data to container artifacts, Tonic now first shuts down the temporary database before it begins to write data to the container.
Amazon EMR
Databricks
MongoDB
Oracle
TONIC_ORACLE_DBLINK_ENABLED
is false
), privileges were not copied from the source to the destination.Amazon EMR
Databricks
MySQL
REPLICATION CLIENT
and REPLICATION SLAVE
grants.Spark SDK
Spark with Livy
When an email notification contains a link to a comment, clicking the link now correctly navigates to and displays the comment.
Added a flag to mark log files that might contain sensitive information.
You can now assign the Timestamp Shift generator to primary key columns, including columns that are part of a composite primary key.
When writing destination data to a container repository, based on the size of the source database, Tonic attaches resource requests to the datapacker pod to verify that the cluster has sufficient resources for the data.
Tonic now supports writing destination data to container registries on Amazon Elastic Container Registry (Amazon ECR).
Fixed an issue where users could not assign access to permission sets when they did not have access to create and manage custom permission sets.
For foreign keys that have multiple primary keys, Tonic now prevents data generation if the assigned generation configuration for the primary key columns is inconsistent.
Standardized the display format of the heading area of the workspace management views.
File connector
MongoDB
MySQL
PostgreSQL
Snowflake
API endpoints for subset configuration - The Tonic API now includes endpoints for subsetting configuration. You can use the endpoints to retrieve the subsetting configurations for a workspace, update subsetting configuration, and remove subsetting configuration. A subsetting configuration identifies a table as either a target table (percentage or WHERE
clause) or a lookup table.
Improved how Tonic identifies values as names, to reduce false positives.
For upsert data generation, fixed an issue that caused failures on tables that contain foreign keys but no primary keys.
File connector
MongoDB
Oracle
PostgreSQL
Toggle between database server and container repository - On the workspace configuration view, if the data connector supports writing to a container repository, you can now switch between writing to a database server and writing to a container repository. Tonic saves the information you provide for each option.
Workspace override for statistics seed - From the workspace configuration view, you now can override the Tonic-wide statistics seed that is set as the value of the TONIC_STATISTICS_SEED
environment setting. You can either provide a custom seed value for the workspace, or disable consistency across data generation runs for the workspace. Consistency also applies across workspaces that have the same custom seed value.
New telemetry URL - Tonic telemetry now routes through https://telemetry.tonic.ai/ instead of https://api2.amplitude.com/. The following IP addresses must be allowed:
The following IP addresses no longer need to be allowed: 52.43.241.47, 54.186.140.101, 54.203.75.164, 44.236.122.176, 34.215.78.194, 54.149.61.206, 54.191.147.220, 52.24.22.222, 52.37.168.36, 54.213.191.53, 54.68.108.104, 52.10.121.164, 52.27.184.186, 44.239.225.209, 54.148.216.233, 52.88.224.247Other updates
Fixed an issue in the Kubernetes client configuration that caused Tonic to reject the SSL certificate of a Kubernetes context.
Fixed an issue where, during subset configuration, an error was returned incorrectly if the user had permission to edit subsetting but not to view source data.
Improved the error message that displays when an uploaded virtual foreign key file is invalid.
Fixed an issue that prevented the Character Substitution generator from being used on primary and foreign key columns when subsetting.
When a workspace import encounters an unhandled exception, the error now displays correctly.
For the Address generator, the Country and Country Code options can now be linked. When linked, the country and country code are either “United States” or “US” to match the other linkable components, which are locations in the United States.
Fixed an issue where SSO login using Okta did not work when a custom authorization server is used.
Fixed an issue where, when using data science mode on Tonic Cloud, users could not download CSV files that contained synthetic data.
Data generation jobs that write to a container now include the datapacker logs, if the worker has permissions to read the pods and logs.
Fixed an issue with uploading container output to Harbor.
For string data type columns:
Databricks
Spark SDK
Spark with Livy
SQL Server
SQL_SERVER_SCRIPT_CROSS_DATABASE_REFERENCES
. The default is true, which preserves the existing behavior. To prevent scripting of objects that are defined in other databases that the source database references, change the setting to false.TONIC_SQL_COMMAND_TIMEOUT
environment setting. The default is 0, which indicates an infinite timeout.Apply recommended generators to multiple detected sensitive columns - On Privacy Hub, a new banner displays the number of detected (not manually designated) sensitive columns that are not protected. From the banner, you can display the list of columns, grouped by sensitivity type. For each sensitivity type, for the selected columns, you can:
There is also an option to apply the recommended generators to all of the selected columns across all of the sensitivity types.
Writing destination data to container registries (beta feature) - For data connectors that support it, you can now configure a workspace to write destination data to container artifacts on a container registry instead of to a database server. The Job History view provides access to the generated artifacts for each job.
Other updates
Fixed an issue where generated API documentation did not exclude endpoints and schemas from API versions other than the version being viewed.
Fixed an issue where the Protection Audit Trail displayed the incorrect override status of columns in child workspaces.
On the System Status tab of Tonic Settings, fixed an issue where the Data Sharing section incorrectly showed logging as unable to connect.
Databricks
File connector
MongoDB
Oracle
Configure Tonic environment settings from Tonic Settings - On the Tonic Settings view, a new Environment Settings tab allows you to configure a subset of Tonic environment settings (previously referred to as Tonic environment variables). To use the Environment Settings tab to configure settings, you must have the new Manage environment settings global permission. When you change the values from Tonic Settings, you do not need to restart Tonic.
Other updates
For the Regex Mask generator, fixed an issue where quotes in regular expressions were malformed.
Fixed an issue where the Test Webhook option failed when it shouldn’t.
Fixed issue where the Confirm Data Generation panel erroneously indicated that Tonic could not connect to the destination database when it actually was only unable to connect to the source database.
For the Address generator, removed an inappropriate value from the possible street names.
Improved error messages when Tonic containers fail to start because of missing or incorrect environment variable values.
Databricks
File connector
Google BigQuery
MongoDB
Snowflake on AWS and Azure
Logging and telemetry connection status - On the System Status tab of Tonic Settings, a new Data Sharing section provides a summary of the logging and telemetry connectivity to the Tonic backend. The new section indicates:
Other updates
Tonic now checks for invalid virtual foreign keys for all data generation. Previously it only ran the check for subsetting data generation.
Fixed an issue where the Continuous generator failed when a column contained only NULL values.
Improved performance for the Continuous Generator.
Fixed an issue where the Cell Count in the Usage Report could throw an integer overflow error.
Fixed a subsetting issue where Tonic displayed the error “Error fetching Subset preview
” when users navigated to a workspace.
For subsetting, updated the Graph View display to make it easier to see the connections between the tables.
Improved messaging when Tonic cannot reach the database when you test a database connection.
Databricks
File connector
PostgreSQL
SQL Server
The new TONIC_ENABLE_SECURE_COOKIES
setting indicates whether to enable the "Secure" attribute on Tonic authorization and analytics cookies. The default value is false
. Do not set this to true
if you access Tonic over an HTTP connection. When TONIC_HTTPS_ONLY
is set to true, the “Secure’” attribute is always enabled on Tonic authorization and analytics cookies, and the value of TONIC_ENABLE_SECURE_COOKIES
is ignored.
Updated to prevent simultaneous updates to the same workspace configuration.
For the Constant generator, fixed an issue for JSON columns where setting the constant to an empty string caused data generation to fail without setting the job status to failed.
The upsert pre-job check that validates the constraints on the intermediate and destination databases no longer fails when a database has constraints with duplicate signatures.
Fixed an issue where an empty upstream filter WHERE
clause caused subsetting to fail if the schema changed so that the table was no longer upstream.
To use the API to obtain data encryption settings, the API user must now have the required global permission.
When users log out of Tonic, we now automatically invalidate any JSON Web Tokens (JWTs) that are not expired.
The API endpoint /api/permission-sets
now requires the ManageUserAccess
(Manage user access to Tonic and to any workspace) permission. Added a new endpoint /api/permission-sets/public
, which returns the subset of the data needed by users who do not have that permission.
Amazon EMR
NOTE: v980 through v982 were removed.
New monthly pay-as-you-go plan on Tonic Cloud - Tonic now offers a pay-as-you-go subscription plan for Tonic Cloud. Free trial users are offered the option to use a credit card to purchase a pay-as-you-go license. The monthly subscription grants a Professional level license. With the pay-as-you-go plan, you can configure generators for up to 20 tables across all of your workspaces. Tonic bills you separately for each additional table that you configure. The license renews automatically each month. On Tonic Settings, a new Billing tab displays the next renewal date.
Data migration option for upsert - For upsert, Enterprise users can now connect a workspace to their own data migration script or tool to ensure that schema changes are automatically reflected in the intermediate database.
Other updates
Timestamp Shift is now the suggested generator for birthdate fields. Previously, the suggested generator was Random Timestamp.
Fixed an issue where editing workspace settings could cause you to be logged out.
File connector
Google BigQuery
MongoDB
Oracle
PostgreSQL
SQL Server
New global permission to view organization users - A new global permission, View organization users, determines whether a user is able to see the lists of users and groups in the organization. This permission is required in order to use the Tonic application to grant access to and transfer ownership of a workspace, and to grant access to global permission sets. It is not required when you use the Tonic API to perform these tasks. The permission is granted to the built-in Admin, Admin (Environment), and General User permission sets. When you upgrade, Tonic automatically grants this permission to your custom global permission sets.
Other updates
On the workspace details view, added a new upsert processing option, Warn on Mismatched Constraints. When this is enabled, Tonic treats mismatched foreign key and unique constraints between the source and destination databases as warnings instead of errors, so that the upsert job does not fail.
Tonic now accepts all AWS RDS certificate authorities. Previously, we only accepted rds-ca-2019. The accepted certificates include:
When job log recording (used to download job logs from the Tonic application) fails, it no longer creates a recording retry loop.
File connector
PostgreSQL
Create virtual foreign keys from Subsetting view - On Subsetting view, from a table details panel, you can now add a virtual foreign key to that table. To add a virtual foreign key, you select the foreign key column from the current table, then select the primary key column from the other table.
Other updates
Fixed an issue with TLSv1 and TLSv1.1 support in Tonic.
Improved performance of downstream processing during subsetting.
Fixed an issue where subsetting failed when a composite foreign key included a Boolean value.
On Table View:
File connector
MongoDB
MySQL
Oracle
PostgreSQL
Snowflake on Azure
Removed the requirement that the authentication cookie goes over HTTPS (Secure Cookie). This fixed an issue where users could no longer log into Tonic over HTTP, but they could still log in over HTTPS.
Fixed an issue where users could not log out of Tonic from the email confirmation page.
Fixed an issue where upsert failed because of foreign key violations. Also improved upsert performance.
MongoDB
In Table View, when a generator cannot be applied to a column in order to produce the preview data, the error message now includes the name of the column.
Expanded the table and collection dropdown lists to accommodate longer names.
The Privacy Report now marks a column as consistent when the generator is always consistent.
Fixed a migration issue with file connector files that were added before V920.
Fixed an issue where data generation could not run because of the permissions hierarchy.
Fixed a security issue related to JWT authentication.
Fix an issue where webhooks sometimes did not start when a job was canceled.
Improved error message when Tonic cannot display a date value.
PostgreSQL
TONIC_PAGE_PARALLELISM
and TONIC_PARALLEL_READ_RANGES_TABLES
environment variables for parallel processing.SQL Server
You can now export individual topics from the Tonic documentation to PDF files. To export a topic to PDF, click the actions menu next to the topic title, then click Export as PDF.
Fixed an issue with removing unique constraint conflicts in upsert where rows that didn’t have a conflict were excluded from the upsert process.
File connector
Upsert data generation (beta feature)
Previously, the data generation process always replaced the entire destination database. The new upsert data generation option (currently in beta) allows you to add new records and update existing records without touching any of the other records in the destination database. For example, you might have a regular set of records that you use for testing that you want to maintain.
Upsert requires a connection to an intermediate database. When you run data generation with upsert, the initial data generation writes the transformed data to the intermediate database. It replaces the intermediate database, similar to regular data generation. After the generation to the intermediate database, the upsert process identifies the records to add to or update in the destination database. It ignores other records in the destination database.
Upsert requires a Professional or Enterprise license, and is only supported for the following data connectors:
New AI-enhanced documentation search option
The Tonic documentation now provides access to Lens, an AI-based search option. Instead of searching for specific words, you can ask questions such as "How do I create a workspace?". Lens searches the documentation for the answer. It generates a response that includes links to the topics that contain the information it used.
To use the Lens search, click the search field. At the top right of the search panel, click Lens. Then ask your question.
Other updates
The Custom Categorical generator now supports consistency with other columns. Previously, the generator only supported self-consistency.
Tonic now prevents you from starting data generation for a workspace that does not have a destination database specified.
Fixed a display issue where the generator preset details panel briefly showed the occurrences for the previously selected generator preset.
Tonic now suggests the Name generator for columns that Tonic detects as containing names, when the detection is based on the sampled data in the column. By default, the Name generator uses the First Last format.
A new configuration option allows webhooks to bypass SSL certificate validation and trust the server certificate.
File connector
MongoDB
PostgreSQL
On the generator configuration panel, changed the label of the Save As menu to Preset Options. The menu contains options related to configuring generator presets.
Free trial users now have access to the file connector.
Tonic now displays the error that occurs when an Algebraic generator configuration does not include any floating-point values.
For composite generators, the generator preset details panel now provides a clearer explanation that presets for composite generators must be configured from within a workspace.
Improved performance for the Address generator and the HIPAA Address generator.
Amazon Redshift
File connector
MongoDB
Snowflake
SQL Server
MultiSubnetFailover
option.Removed support for TIM - The Tonic Installation Manager (TIM) command-line tool to install and configure Tonic is no longer available.
Free trial users can now use a public email address to create the free trial account. Users with public email addresses cannot invite other users or share workspaces. Public accounts are only allowed for free trials.
Users on a Professional instance can now share the Manager workspace permission set with users and groups.
Improved error handling and validation messages for the foreign key file upload process.
Counts of generator preset occurrences no longer include occurrences in deleted workspaces.
On the bulk update panel in Database View, the consistency and differential privacy options now display correctly.
Fixed an issue where you could not select Passthrough as a sub-generator in a composite generator.
Fixed an issue where custom presets could not be deleted.
Fixed a display issue where long post-job action names overflowed into the next column.
Fixed an issue where you could not assign Random Timestamp as a sub-generator for the Conditional generator.
Fixed an issue where the generator configuration panel displayed the generator preset options when the user did not have the Manage generator presets global permission.
Fixed an issue where when a constraint failed to be applied, data generation failed.
Improved display when users who do not have the Manage generator presets permission try to display the Occurrences tab on the preset details panel.
Improved how we handle unavailable options for workspace actions in Workspaces view and in the Tonic navigation options.
For the Conditional generator, Tonic now correctly compares MySQL date values.
Databricks
/Shared
.File connector
Failed to fetch files from S3. The continuation token provided is incorrect.
" but could still see the list of files in the S3 bucket.MongoDB
Custom generator presets
Earlier this year, for Enterprise instances, we introduced the concept of generator presets. A generator preset is a saved configuration of a generator. You can assign generator presets to columns.
The initial release only included built-in generator presets, which allowed you to set the default configuration for Tonic generators.
This update in v924 introduces custom generator presets, which allow you to set up multiple configurations of the same generator. You can create custom generator presets from Generator Presets view. From a generator configuration panel, you can also save the current configuration as a new custom generator preset.
Generator preset occurrences
From Generator Presets view, you can see how often each preset was used in a workspace configuration.
The Occurrences column of the generator presets list shows:
On the generator preset details panel, the Occurrences tab displays both the number of occurrences and the specific workspaces and columns where the generator preset was used. You cannot see workspace and column details for workspaces that you do not have access to.
Other updates
Tonic can now integrate with GitHub for SSO authentication.
To manage generator presets, users must now have the Manage generator presets global permission. Previously, you could also manage generator presets if you had the Manager or Editor workspace permission set for any workspace.
Fixed an issue where the table data in Table View was not updated correctly when switching the table mode to or from Scale mode.
Improved performance for the Regex Mask and Conditional generators.
MongoDB
PostgreSQL
Permissions and permission sets
As of v922, Tonic now uses permissions and permission sets to manage access to Tonic features and functions.
A permission controls access to a single feature or function. A permission set is a saved collection of permissions.Tonic provides built-in global and workspace permission sets. You cannot change the configuration of built-in permission sets. Enterprise instances can create custom permission sets.
Global permission sets contain global permissions, which control access to actions outside the context of a specific workspace. The built-in Admin global permission set grants access to all global permissions. Users and groups configured in the TONIC_ADMINISTRATORS
environment variable are granted the Admin (Environment) global permission set, which also grants access to all global permissions. These global permission sets replace the previous admin user concept.
The built-in General User global permission set is assigned to all Tonic users, and grants access to create workspaces. You can also designate a different global permission set to assign to all Tonic users.
Workspace permission sets are assigned in the context of a specific workspace. They provide access to workspace permissions, which are associated with workspace management functions. The built-in workspace permission sets (Manager, Editor, Viewer Auditor) mirror the previous workspace roles. Similar to the previous Owner role, the Manager workspace permission set is granted access to all workspace permissions. However, unlike the Owner role, the Manager workspace permission set can be assigned to any user or group. You use the workspace sharing function to assign workspace permission sets within a workspace.
Each workspace has a single owner. The user who creates the workspace is the initial owner. All owners are by default granted the Manager workspace permission set. You can also designate a different workspace permission set to assign to workspace owners. You use the transfer ownership function to select a different owner for a workspace.
On Tonic Settings view, the User Management tab is replaced by the Access Management tab. From the Access Management tab, you can:
API endpoint to track user access and permissions
A new API endpoint to track the following events related to user access and permissions:
The endpoint is:GET /api/audit-events/search
Other updates
You can now assign the Business Name generator as a sub-generator for the Regex Mask generator.
For subsetting, Graph View and the table details panel now display information about cycle breaks, when the subsetting process needs to break a circular dependency.
Databricks
File connector
Spark
The Admin Panel is renamed to Tonic Settings.
Tonic now provides a more meaningful error when Preserve Destination mode is assigned to a table in a workspace that does not have a defined destination database.
Fixed an issue where Tonic opened too many connections to the application database.
Fixed an issue with timestamps in the Tonic API specification.
Fixed a Tonic Cloud issue where using a different email domain to update a Tonic license caused issues with Tonic logging.
Enhanced the performance of the HIPAA Address generator.
The Data Pipeline V2 data generation process now respects the TONIC_PROCESS_PARALLELISM
environment variable.
Improved performance for subsetting, especially for data that contains a large number of foreign key relationships.Made a small performance improvement to primary key generators.
File connector
MongoDB
Oracle
PostgreSQL
Spark
NOTE: Releases v899 through v901 were removed.
Tonic Data Pipeline V2 for PostgreSQL ends beta
During the first half of 2023, Tonic has run a beta program for PostgreSQL for our new Data Pipeline V2. The beta program is now ending. Thank you to all of those who provided feedback.
Starting with version V905, Tonic.ai will progressively enable Data Pipeline V2 for all customers. To ensure a smooth transition for all our PostgreSQL customers, Tonic.ai controls the rollout remotely.
The remote rollout mechanism is controlled by an HTTPS request from your instance to https://feature-flag.tonic.ai
. A JSON payload with a unique identifier for your deployment is sent, and the status of Data Pipeline V2 is returned. This request happens at the start of each data generation. If your Tonic server cannot reach https://feature-flag.tonic.ai
, then the check is skipped.
What to expect for the enrollment:
For jobs that run on V2:
We will continue to improve Data Pipeline V2 as we expand coverage to other data connectors.
Expanded Graph View for subsetting
The subsetting Graph View is expanded to use more of the available screen space. The Configure Subset panel, which includes the Options and Latest Results tabs, no longer displays on Graph View. It only displays on Table View.
Other updates
Fixed an issue where when a data generation job failed, tables that used Preserve Destination table mode were not restored.
The generated Tonic API documentation now includes the endpoints for managing file groups for file connector workspaces.
Fixed an issue that caused jobs for some workspaces to fail with the exception "Cannot modify workspace whose schema is not the latest version.
".
Fixed an issue where the job details view displayed incorrect information.
Updated the /api/DataSource
endpoint to not contain secure data such as the API key.
Updated our OpenAPI documents to ensure that all values of operationId are unique.
Improved error messages for failed data generation.
Databricks
Test Connection
button on the workspace details view now works correctly.MongoDB
MySQL
Oracle
PostgreSQL
Snowflake
Spark
SQL Server
NOTE: Releases v897 and v898 were removed.
On Subsetting view, Graph View now displays a loading animation as new data is loaded.
Improved performance for the UUID Key and Integer Key generators.
File connector
Google BigQuery
MySQL
Oracle
File connector
The new file connector data connector allows you to use files from either Amazon S3, Google Cloud Storage, or a local file system as the source data. The file connector supports .csv, .json, and .xml files. Within a file connector workspace, you create file groups. Each file group contains files that have an identical format and structure. A file group is treated as a table for the purposes of table mode and generator configuration. The file connector is available with the Professional and Enterprise license plans.
Generic OIDC SSO Support
Tonic now supports authentication using a generic OpenID connection.
Tonic API versioning
We have introduced a versioning scheme for the Tonic API. API versions are released more or less quarterly, with the version identifier in the format vYYYY.MM.P
(Year.Month.Patch
). The current release candidate (v.RC
) contains API updates in progress.
You should now specify an API version in your API requests. The System Status tab of the Admin Panel lists the latest available version. You can also select the version to use when you do not provide a version in the request. If you do not provide an API version in a request or select a default API version, then until January 31, 2024, Tonic automatically uses the latest version. After January 31, 2024, Tonic will return an error from the request.
Other updates
Fixed an issue where Tonic incorrectly returned the error No Destination DB has been configured for this Workspace
for workspaces that used Preserve Destination.
For subsetting Graph View, updated the default zoom level to allow users to see more of the graph.
The Keycloak SSO provider now supports PKCE challenge.
Fixed an issue where deep links did not work for SAML SSO.
MongoDB
Oracle
SKIP_CREATE_DB
is set to true
.PostgreSQL
SQL Server
Spark
The ASCII Key generator now includes an Exclude Lowercase Alphabet option to exclude lowercase letters from the destination values.
Fixed an issue that prevented free trial signups.
Data generation no longer fails when Tonic is unable to retrieve the destination database size.
Updated the FNR generator to prevent a possible leakage of PII.
Added a Date column to the usage report. The date column provides the date and time when the data generation job was completed.
Fixed an issue in the JSON Mask generator where it incorrectly changed the format of timestamps.
Subsetting is no longer prevented when a table that is not in the subset is assigned Preserve Destination mode.
Databricks
MongoDB
Oracle
PostgreSQL
Snowflake
SQL Server
The new usage report summarizes the data processed for each table for data generation jobs. The report is a .csv file that you download from Tonic. To download the report, on the Admin Panel, click Download Usage Report.
When certain sensitive loggers are enabled, Tonic now disables log collection.
Fixed an issue on Database View where a column configuration panel would close unexpectedly.
For the TONIC_ADMINISTRATORS
environment variable, you can now specify the names of SSO groups to grant administrator privileges to. Previously you could only specify user email addresses.
The Tonic SDK Javadoc now displays correctly.
Restored the ability to import a workspace configuration from Workspaces view.
MongoDB
PostgreSQL
DEBUG
.TONIC_JOBFLOW_MAX_SOURCE_CONNECTIONS
and TONIC_JOBFLOW_MAX_DESTINATION_CONNECTIONS
environment variables. We recommend that you set each value to the number of CPUs on the corresponding database.Snowflake
The new FNR generator transforms Norwegian national identity numbers. The FNR generator was added in V857. It included options to specify a range of birthdates and preserve the indicated gender. In V866, removed the date range configuration options. The destination values are now always within the same date range as the source values. The FNR generator also now can be used for columns that have uniqueness constraints. The final digits in the destination value are not a valid checksum.
For the beta Data Pipeline V2 processing, fixed an issue where jobs would hang if they were canceled before the job started.
Fixed an issue where the Foreign Keys view would freeze.
Fixed an issue where when you typed @ to add a user mention to a comment, suggestions for the user did not display.Upgraded to use .NET 7.
"Data science modeling" is changed to "data science mode".
When you configure the SSH tunnel settings for a workspace, Tonic now obscures the SSH passphrase.
MongoDB
TONIC_MONGO_DISABLE_COLLECTION_INFORMATION_FETCHING
to false.PostgreSQL
Snowflake
Unable to determine AWS Region
".SQL Server
NOTE: Releases v849 through v854 are removed.
Removed caching of AWS credentials.
For the beta Data Pipeline V2 job processing (available for PostgreSQL only):
DEBUG
.On the Foreign Keys view, when you filter the keys, click the select all option, and then clear the filter, only the matching keys are selected. Previously, the select all option always selected all of the keys.
Fixed an issue where CSV files could not be uploaded to data science mode workspaces.
You can now configure parallelism for sensitivity scans. For relational databases, you use the environment variable TONIC_PII_SCAN_PARALLELISM_RDMBS
, and the default is 4
. For document-based databases, you use the environment variable TONIC_PII_SCAN_PARALLELISM_DOCUMENTDB
, and the default is 1
.
On the table configuration panel for subsetting, Tonic no longer displays a count of post-subset rows before a subset is generated.
Fixed an issue where subsetting data from one workspace appeared in a different workspace.
You can now use UUID columns in the conditions for the Conditional generator.
Fixed an issue where when you deleted a linked column from a column configuration panel, the other linked columns were deleted.
The Timestamp Shift generator can now be assigned to columns where the values use the date format MMddyyyy
.
Fixed a regression that caused NPGSQL logging to occur even when it was disabled.
Google BigQuery
MongoDB
Oracle
Snowflake
CREATE SCHEMA
permissions in order to support Preserve Destination mode for tables. Snowflake on AWS with Lambda processing continues to require CREATE SCHEMA
permissions in order to support Preserve Destination mode.SQL Server
The new Business Name generator produces realistic names of businesses or companies. The Business Name generator can be consistent with itself or with other columns. It improves on and is intended to replace the Company Name generator, which is now deprecated.
Fixed an issue on Table View where users could not use the delete icon to remove a generator assignment for a linked column.
Fixed an issue where the job details view for a subsetting job did not always show all of the steps as completed.Updated the version of pytorch, which is used for data science mode. This new version addresses some security vulnerabilities.
Fixed an issue where when the Tonic server was air gapped, the Admin Panel did not correctly display the current Tonic version.
Fixed an issue where jobs took longer than expected to complete.
Fixed an issue where the subsetting Graph View did not show how table participation in the subset changed since the most recent subsetting data generation.
Fixed an issue where after a single failure to write logs, the Download Job Logs feature stopped refreshing the logs. Tonic now continues to try to upload logs.
Google BigQuery
MongoDB
MySQL
Oracle
TONIC_ORACLE_SKIP_CREATE_DB
= true
, foreign keys are now correctly enabled on the destination database.PostgreSQL
Snowflake
SQL Server
Generator presets are now supported for Enterprise licenses on Tonic Cloud.
For Tonic data encryption, fixed an issue where the previous encryption key environment variable value was saved in the application database, which caused Tonic to use those values even after they were removed.
The Tonic diagnostic logs now include the Tonic worker ID.
Fixed an issue where the Tonic web server would not launch unless the Tonic application database used PostgreSQL v13 or later.
For data connectors other than MongoDB, the sensitivity scan is now parallelized.
Google BigQuery
MySQL
Oracle
TONIC_ORACLE_SKIP_CREATE_DB=true
, fixed an issue where the truncation of tables violated foreign key dependencies, which caused jobs to fail.PostgreSQL
Snowflake
Fixed an issue where users could only select generators that supported uniqueness constraints for columns that were not unique.
Fixed an issue where admin users who did not have edit permissions on any workspaces could not edit presets from the Generator Presets view.
Improved data generation resiliency against transient failures.
Removed erroneous error messages.
To add AWS credentials to containers, you can now mount to ~/.aws/credentials
.
Improved error messaging for Table View.
Fixed a display issue where the column configuration panel was too narrow and required horizontal scrolling.
Exporting or copying a workspace no longer requires the workspace to have a valid source database connection.
Reduced the amount of memory needed to run the Tonic web server.
MongoDB
Oracle
SELECT ANY DICTIONARY
or SELECT_CATALOG_ROLE
cannot be granted, then Tonic can use a selection of ALL_
views (not recommended).TONIC_ORACLE_SKIP_CREATE_DB=true
, then external tables are now excluded from the table list in Tonic. Tonic does not process those tables.PostgreSQL
Snowflake on AWS
Snowflake on Azure
TONIC_AZURE_BLOB_STORAGE_ACCOUNT_KEY
.For Tonic data encryption, Tonic now only verifies the key for the enabled process. If you only enable decryption, then Tonic only verifies the value of TONIC_DATA_DECRYPTION_KEY
. If you only enable encryption, then Tonic only verifies the value of TONIC_DATA_ENCRYPTION_KEY
.
Upgraded our Docker images from Ubuntu 20 to Ubuntu 22.04.
Updated to ensure that the Tonic URL reflects the currently active workspace.
Recently started jobs no longer display a start time that occurred several years ago.
On the Data Encryption tab, the option to provide custom initialization vectors is now a toggle instead of radio buttons.
Resolved an issue where Tonic took an extremely long time to load.
Oracle
TONIC_ORACLE_DBLINK_ENABLED
is false
. For the source database user, you can either grant SELECT ANY DICTIONARY
, grant SELECT_CATALOG_RULE
, or (not recommended) grant access to the ALL_*
views.PostgreSQL
Snowflake
NOTE: v805 and v806 are removed.
The new Snowflake on Azure data connector uses Azure Blob Storage to store interim uploaded and generated files.
A copied workspace now includes manual sensitivity designations. A manual sensitivity designation is when you change the sensitivity designation that was assigned by the sensitivity scan to either sensitive or not sensitive.
When the configured encryption or decryption key is not valid - for example, the key is not configured or uses the incorrect size - then Tonic does not allow you to configure Tonic data encryption.
Tonic Cloud now correctly enforces the supported data connectors.
Improved error messaging when subsetting data generation fails because the generator cannot be used with subsetting.When you change the type of Tonic data encryption (decryption, encryption, or both), Tonic no longer clears the decryption and encryption text fields.
MongoDB
Oracle
PostgreSQL
SQL Server