From 8bf4664dfdb090626ce31e4abc267a82d3ce0b81 Mon Sep 17 00:00:00 2001
From: nscuro <nscuro@protonmail.com>
Date: Fri, 18 Feb 2022 09:37:00 +0100
Subject: [PATCH] Fix v440Updater for MSSQL

The `NAME` column of the `PERMISSION` table has a `UNIQUE` constraint, using `TOP` or `LIMIT` is thus not necessary to get only a single result.

Signed-off-by: nscuro <nscuro@protonmail.com>
---
 docs/_posts/2022-xx-xx-v4.4.1.md              | 32 +++++++++++++++++++
 .../upgrade/v440/v440Updater.java             |  2 +-
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 docs/_posts/2022-xx-xx-v4.4.1.md

diff --git a/docs/_posts/2022-xx-xx-v4.4.1.md b/docs/_posts/2022-xx-xx-v4.4.1.md
new file mode 100644
index 0000000000..5fdbff6905
--- /dev/null
+++ b/docs/_posts/2022-xx-xx-v4.4.1.md
@@ -0,0 +1,32 @@
+---
+title: v4.4.1
+type: patch
+---
+
+**Features:**
+
+* **Fixes:**
+* Resolved defect where the automatic upgrade failed on Microsoft SQL Server databases
+
+**Security:**
+
+**Upgrade Notes:**
+* For MSSQL users only: If an upgrade to v4.4.0 was previously attempted and no rollback was performed yet, 
+  the following SQL statement must be executed before launching v4.4.1: `DELETE FROM "PERMISSION" WHERE "NAME" = 'VIEW_VULNERABILITY'`
+
+###### dependency-track-apiserver.war
+
+| Algorithm | Checksum |
+| SHA-1     |  |
+| SHA-256   |  |
+
+###### dependency-track-bundled.war
+
+| Algorithm | Checksum |
+| SHA-1     |  |
+| SHA-256   |  |
+
+###### Software Bill of Materials (SBOM) ######
+
+[bom.json](https://github.com/DependencyTrack/dependency-track/releases/download/4.4.1/bom.json)
+[bom.xml](https://github.com/DependencyTrack/dependency-track/releases/download/4.4.1/bom.xml)
diff --git a/src/main/java/org/dependencytrack/upgrade/v440/v440Updater.java b/src/main/java/org/dependencytrack/upgrade/v440/v440Updater.java
index 1f547b120f..5674e11cba 100644
--- a/src/main/java/org/dependencytrack/upgrade/v440/v440Updater.java
+++ b/src/main/java/org/dependencytrack/upgrade/v440/v440Updater.java
@@ -16,7 +16,7 @@ public class v440Updater extends AbstractUpgradeItem {
 
     private static final Logger LOGGER = Logger.getLogger(v440Updater.class);
     private static final String STMT_1 = "INSERT INTO \"PERMISSION\" (\"NAME\", \"DESCRIPTION\") VALUES (?, ?)";
-    private static final String STMT_2 = "SELECT \"ID\" FROM \"PERMISSION\" WHERE \"NAME\" = ? LIMIT 1";
+    private static final String STMT_2 = "SELECT \"ID\" FROM \"PERMISSION\" WHERE \"NAME\" = ?";
     private static final String STMT_3 = "SELECT \"u\".\"ID\" FROM \"MANAGEDUSER\" AS \"u\" INNER JOIN \"MANAGEDUSERS_PERMISSIONS\" AS \"up\" ON \"up\".\"MANAGEDUSER_ID\" = \"u\".\"ID\" WHERE \"up\".\"PERMISSION_ID\" = %d";
     private static final String STMT_4 = "INSERT INTO \"MANAGEDUSERS_PERMISSIONS\" (\"MANAGEDUSER_ID\", \"PERMISSION_ID\") VALUES (?, ?)";
     private static final String STMT_5 = "SELECT \"u\".\"ID\" FROM \"LDAPUSER\" AS \"u\" INNER JOIN \"LDAPUSERS_PERMISSIONS\" AS \"up\" ON \"up\".\"LDAPUSER_ID\" = \"u\".\"ID\" WHERE \"up\".\"PERMISSION_ID\" = %d";