Welcome to SlashDB 2.0 — A Powerful Leap Forward
Welcome to the SlashDB 2.0 release. After more than 11 months of development and 228 work items completed, SlashDB 2.0 is ready for you to explore. Packed with innovation and enhancements, this release delivers a significantly improved experience. Highlights include:
- Support for Trino/Starburst as the latest addition to our database backend lineup
- A new Request Status page to help you identify slow queries and troubleshoot failed requests
- A feature-packed, brand-new web UI built on a modern, robust tech stack for a smoother, more intuitive user experience
- A more secure method for defining, assigning, and persisting database credentials
- Match SAML claims containing lists (e.g. group memberships) to any SlashDB user field, enabling flexible, group-based user mapping
- New Security features and improvements, including front end and backend
- An upgraded technology foundation offering enhanced resiliency, performance, and security
SlashDB 2.0 is available for download, or you can launch it instantly via Azure, AWS, or as a Docker container.
For upgrade instructions, please refer to the Upgrading chapter in our User Guide.
Trino/Starburst
We’re thrilled to announce native support for Trino and Starburst Enterprise in SlashDB 2.0!
This powerful integration solves a long-standing challenge: seamlessly querying and joining data across disparate sources through a single API endpoint. By combining Trino’s high-performance distributed SQL engine with SlashDB’s API-driven data access model, users can now tap into federated data—structured, unstructured, or both—without writing custom middleware. With prominent Starburst customers like Comcast, FINRA, and Doordash proving Trino’s scalability in the enterprise, this new capability brings unmatched agility to your data workflows.
Example (e-commerce)
Need to combine customer order data from PostgreSQL with shipment tracking from an S3-based data lake? With Trino as the query layer and SlashDB exposing that query as a clean REST API, you can retrieve unified results in JSON from a single HTTP request—no ETL or custom connectors required.
Example (Financial Services)
Imagine a quantitative analyst needs to correlate portfolio positions stored in a Snowflake data warehouse with real-time market data from Kafka and ESG metrics from S3. With Trino as the federation layer and SlashDB exposing the query as a RESTful API, they can execute a single HTTP request to retrieve all this data—instantly structured as JSON and ready for modeling or reporting, no ETL pipelines required.
SlashDB 2.0 + Trino: Enterprise data federation, simplified. API on the Fly!
Diagnostics: Request Status
SlashDB 2.0 introduces Request Status, a powerful new diagnostics screen designed to provide real-time visibility into system activity. This feature gives authorized users the ability to inspect recent requests at a glance, offering valuable insights for troubleshooting, monitoring, and performance analysis.
Key Capabilities:
- Request Overview: Displays a list of recent API requests with configurable time range
- Detailed Metrics: Includes start and end timestamps, duration, request URL, and status code
- Filter & Search: Easily narrow results to show only successful, failed, or currently running requests; supports keyword search and column sorting
- Drill-down Diagnostics: Clicking the detail icon reveals a step-by-step timeline of the request lifecycle, helping pinpoint slow stages or anomalies
- API-Driven: Like all major SlashDB features, Request Status is fully accessible via its own API endpoint—enabling automated health checks and integration with external observability tools
Benefits:
- Accelerates root cause analysis by exposing request-level timing data
- Enables proactive system monitoring through automation or UI
- Simplifies performance tuning and error triage
- Promotes transparency and accountability in shared environments
Request Status strengthens SlashDB’s diagnostic capabilities, giving teams deeper operational insight and more control—all in one centralized view.
User Experience
The new SlashDB interface is built as a responsive single-page application using a ReactJS-based framework, replacing the legacy AngularJS frontend. This upgrade delivers a faster, more robust user experience.
Styling is now more consistent across page elements, fonts, and colors. True to SlashDB’s philosophy, every page in the UI also serves as an API endpoint. On data screens, buttons for JSON, CSV, and XML output appear in the top right corner—alongside action buttons such as Save. Configuration screens also expose their underlying JSON structure for transparency and automation.
Redesigned Main Navigation
The main menu has moved from the top of the screen to a new sidebar on the left, creating a cleaner layout and easier access to core features. Along with this redesign, several menu items have been renamed for better organization and clarity:
| Old Menu Name | New Menu Name |
|---|---|
| Data Discovery | Data Discovery |
| SQL Pass-thru | Run Queries |
| Configure > Databases | Manage > Database Connections |
| Configure > Users | Manage > Users |
| Configure > Queries | Manage > SQL Pass-thru Queries |
| Configure > License | Manage > License |
| << New Feature >> | Diagnostics > Request Status |
| Help | Help |
The navigation sidebar displays only items, which are available to the user based on their functionality privileges.
These updates align with the overall UI refresh and make navigating the platform more intuitive.
Query Execution vs. Editing
We’ve improved the separation between executing saved queries and editing them. These two functions now have distinct icons and dedicated placements in the navigation bar.
The screen layout for running queries has been simplified for efficiency, while the editing interface offers a near full IDE experience for advanced query work.
Schema Toggle for Metadata Inspection
The legacy XSD button has been replaced with a more versatile schema toggle in Data Discovery. With this toggle, users can easily switch between viewing actual data and inspecting the table schema (metadata). While in schema mode, the JSON, CSV, and XML buttons return schema representations instead of data. To return to data view, simply click the toggle again and select DATA.
In the SQL Pass-thru screen, schema output can be enabled by selecting the appropriate checkbox in the Modifiers tab. While a toggle button similar to Data Discovery is not yet available here, it may be introduced in a future release. Please note: in the query editing screen, the Schema tab refers to the database structure—not the output schema of the query itself.
NULL Values
Users can now explicitly set NULL values in forms using toggle switches for any nullable field or query parameter. This replaces prior behavior where NULL was either unsupported or inferred from empty input, ensuring clearer intent and more reliable data handling.
No more modals
We’ve removed pop-up modal dialogs across the interface in favor of more spacious and intuitive layouts. User Configuration and similar views now open as full-page screens, offering ample room for detailed input. On list-based screens like database definitions, modals have been replaced with responsive sidebars that preserve context while improving usability.
Safeguard Against Unsaved Changes
All configuration screens now include a built-in safeguard to prevent accidental loss of changes. If a user attempts to navigate away from a screen—such as Users, Databases, Database Credentials, or Queries—with unsaved edits, a confirmation dialog will prompt them to save or discard their changes
Security
Database Credential Management
This release introduces a new configuration object specifically for managing database credentials. Credentials are now stored securely in encrypted form (with an option to disable encryption if needed). Previously, these credentials were embedded in each User object, which posed two limitations:
- Updating database credentials required changes across all associated users.
- Granting user access to a database necessitated knowledge of the credentials, creating unnecessary exposure.
With this update, database credential management is cleanly separated from user management. Now, access can be assigned without revealing credentials—making the system more secure, scalable, and easier to maintain.
Using a credentials so configured we avoid having to type in the database username and password in the User Configuration screen (credential assignment). The old method (local assignment) remains available and backward compatibility is preserved.
Improvements to Single Sign-on
In addition to matching single sign-on users by username or email, SlashDB now supports matching against list-based SAML claims—such as group memberships—allowing identity providers to map external users to application users based on any field. This enables flexible, group-aware authentication for enterprise environments.
We’ve also improved how exceptions from identity providers are handled, ensuring that users receive informative error messages without exposing unnecessary technical details. Previously, certain failure scenarios could result in a blank screen or an unresponsive login form.
User ID in logs
This release fixes a bug whereby user id value was not captured in the logs.
API Key in URL: Optional for Security
While including an API key in the URL can be convenient, it is widely considered insecure. To balance usability with best practices, this behavior can now be disabled via the slashdb.ini configuration file—allowing administrators to enforce stricter security policies when needed.
Database Connection Testing (behavior change)
Only users with explicit permission to edit credentials for a given database can now test its connection. Previously, broader privileges—such as user management or access to screens with a test feature—were sufficient. This change tightens access control and reinforces security boundaries.
Basic Authentication (behavior change)
Basic Authentication can now be disabled via the auth.cfg file. As of this release, the default configuration ships with Basic Authentication turned off to align with modern security best practices.
Administrative Privileges (behavior change)
Assigning administrative rights is now more controlled. Users can only delegate privileges they already possess—closing a gap where broader rights could previously be granted without holding them. Additionally, the View header in the user configuration screen has been renamed to Manage, and menu items for managing users, databases, credentials, or queries are now hidden from those without corresponding privileges.
Password and API Key (behavior change)
In this release, we’ve added new toggle switches to the User Configuration screen, giving administrators control over whether a user’s password or API key should be updated. To enhance security and minimize unnecessary exposure, these sensitive credentials—even when encrypted—no longer need to be transmitted to the GUI unless explicitly intended for update.
Penetration Testing & Vulnerability Fixes
As part of this release, we engaged a reputable security firm to conduct a full penetration test. No critical vulnerabilities were identified. Two new high-severity issues were discovered, remediated, and confirmed resolved through a follow-up retest. In total, this release addresses 20 vulnerabilities uncovered in this and previous assessments. Specific findings are not disclosed publicly.
Under-the-Hood Enhancements for Stability and Maintainability
While not all changes are visible on the surface, SlashDB 2.0 includes several technical improvements that strengthen long-term stability, maintainability, and developer experience.
⚙️ Codebase and Dependency Upgrades
- Refactored source code to adopt modern idioms and eliminate redundant fragments
- Upgraded SQLAlchemy and other core dependencies to their latest compatible versions
- Dropped support for Python 3.8 and earlier to align with current best practices
🐳 Docker Image Improvements
- Fixed a broken repository mirror affecting image builds
- Reduced Docker image size for faster deployment and smaller footprint
📦 Packaging and Modularization
- Separated database drivers into independently installable packages for better modularity and streamlined maintenance
🛠️ Build and Testing Enhancements
- Executed the complete test suite on the compiled (frozen) version to ensure runtime parity with source-based testing
🧾 Logging and Diagnostics
- Resolved issues with logging that previously caused incomplete or inconsistent output
These internal upgrades lay a stronger foundation for future development while minimizing risk and improving platform resilience.
Documentation, Dev/Ops and Testing
We’ve made the SlashDB User Guide better and easier to use.
Some chapters and pages have been reorganized so it’s simpler to find what you need. We also walked through the installation and upgrade steps ourselves to make sure they’re clear and easy to follow. All configuration settings in the slashdb.ini file are now fully documented, and we’ve refreshed the guide with updated screenshots and videos to help you get started faster.
Whether you’re new to SlashDB or a longtime user, we hope that the improved guide will make your experience smoother.
Important Note on Compatibility
SlashDB 2.0 is a major version release. While we’ve made every effort to preserve backward compatibility, some behavior changes may occur. We strongly recommend thorough testing before deploying to production environments.
Any changes to default behavior can be adjusted through configuration settings in the slashdb.ini file.
Connect with us
We invite you to get in touch with us. You can reach us via:
- StackOverflow (use tag “slashdb” to post questions)
- Contact form
Attribution
- Trino® is a registered trademark of the Trino Software Foundation. Logo used for illustrative purposes only.
- Title image generated using Google Gemini AI. Image is for illustrative purposes only and not affiliated with or endorsed by Google or the Gemini project.