@sap/cds 6.8.4 → 7.0.1

package/CHANGELOG.md

@@ -4,11 +4,67 @@
 - The format is based on [Keep a Changelog](http://keepachangelog.com/).
 - This project adheres to [Semantic Versioning](http://semver.org/).
 
-## Version 6.8.4 - 2023-06-14
+## Version 7.0.1 - 2023-07-03
 
 ### Fixed
 
-- `$metadata` requests for multitenant applications
+- Feature toggle detection in single tenant mode
+- Log output for OData $batch requests
+- Avoid "catastrophic backtracking" issue in okra's tokenizer
+- Transaction marked as committed too early
+
+## Version 7.0.0 - 2023-06-21
+
+### Added
+
+- Handling of expand with multiple `*` (e.g. $expand=*,*) in new parser. When using `*` in an expand the new OData parser now removes all unneeded `*`.
+- Tests run with `cds.test()` now also load `cds-plugins`
+
+### Changed
+
+- Result of `READ` events is now always an array. Previously, it could be `null/undefined` (now empty array), single object (now array with one entry) or array.
+- OData: `PUT`/`PATCH` requests resulting in a new entity (i.e., the `UPSERT` effectively was an `INSERT`) return status code 201
+- Draft: Draft activate requests resulting in an `UPDATE` return status code 200
+- ETags are validated via `WHERE EXISTS` clause attached to query on `GET`, `PUT`/`PATCH`, and `DELETE`
+- OData: `PUT`/`PATCH` with `if-match` header prevents `UPSERT`, i.e., only an existing entity can be updated by such a request
+- Runtime support for `@sap/instance-manager` is removed in favor of the `cds-mtxs` Service Manager client.
+- In multitenant mode, the HANA pool uses the `cds-mtxs` credentials cache
+- Draft handlers are registered for all entities.
+- Decimals in client input are validated in runtime's assert framework (previously OData adapter)
+- `cds build` and `cds deploy --to hana` have moved to `@sap/cds-dk`. Upgrade `@sap/cds-dk` to version 7 to continue using these commands.
+- Changed the behavior of `SELECT` queries for single entities to return `undefined` instead of `null` when no record is found.
+- Fiori preview has moved to new `@sap/cds-fiori` module.
+- Numbers are now always used as placeholders in SQL, except for `SELECT 1 From...`, `LIMIT` and the comparison of two numeric values (e.g. `1 eq 1`).
+- Only new major version 3 of SAP Cloud SDK is from now on supported. Please make sure to upgrade. Version 2 is not maintained anymore.
+- `@protocol` annotation can be used to serve multiple protocols per service.
+- Per default, services are served with a protocol-specific prefix (for example '/odata/v4' for a service using the OData V4 protocol). To also serve without this prefix, as it was the case in older @sap/cds versions, the flag `cds.env.features.serve_on_root` can be set to `true`. Alternatively, the `@path` annotation can be used to explicitely specify an absolute path (with a leading `/`).
+- `cds.requires.middlewares` is enabled by default.
+- The order of csv files that `cds deploy --to sqlite` uses now reflects the dependency order of cds models.  This is needed if `UPSERT` is used to create a logically correct deployment.
+- `cds.fiori.lean_draft` is activated by default. You can still set it to `false` as fallback.
+
+### Fixed
+
+- UUID typed key properties are no longer automatically filled during UPSERT
+- OData: When undefined in the payload, requests for actions with not nullable array-type parameters result in a client-side error
+- Missing `GROUP BY` in request with $apply in combination with aggregate on restricted entity
+- When `@sap/cds` was not installed underneath project root, cds-plugins where not found
+- Support for multiline texts in `properties` files
+- Error when reading auth protected entities with infix filter in expand
+- Glitch in transaction handling in case of concurrent async before handlers
+- Detection of feature toggles in single-tenant mode
+
+### Removed
+
+- Deprecated `req.run()` function, use `cds.run()` instead.
+- Deprecated compat mode `cds.env.features.cds_tx_protection = false`
+- Deprecated referential integrity checks at runtime
+- Support for inofficial feature flag `cds.env.features.bigjs`
+- Support for inofficial feature flag `cds.features.parameterized_numbers`
+- Support for `cds-mtx`
+- Support for Node 14
+- Internal `req.getUriInfo()` and `req.getUrlObject()`
+- `cds deploy --to hana` is now part of `@sap/cds-dk`.
+- Beta `AuditLogService` and out-of-the-box audit logging. Use plugin `@cap-js/audit-logging` instead.
 
 ## Version 6.8.3 - 2023-06-13
 
@@ -48,6 +104,9 @@ For example, similar OData requests `Entity?$expand=items($expand=item($expand=t
 - `cds build` ignores invalid entries in `undeploy.json`
 - New `minorUnit` element in `sap.common.Currencies` for how many fractions the minor unit takes (e.g. `0`, or `2`).  See https://www.npmjs.com/package/@sap/cds-common-content for matching content.
 - Support for `$user.<attr> is null` and `$user.<attr> is not null` in `@restrict.where`. `is null` matches `null` and `[]`, `is not null` matches arrays with at least one entry as well as `!= null` if no array.
+- Plugins are now also fetched from `devDependencies`, unless `NODE_ENV === 'production'`
+- Plugins can now provide `cds` configurations in their package.json.
+- Support in OData entities with special letters (like ó,â,ü) in names.
 
 ### Changed
 
@@ -66,6 +125,10 @@ The fix relies on the `@sap-cloud-sdk/connectivity` npm package to be installed.
 - Fixes in lean-draft
 - Fixed an issue where the combined `$search` and `$expand` query and localized data was returning empty results on SAP HANA
 - Tests using `cds.test` no longer crash with a segmentation fault if `injectGlobals: false` is set in the Jest configuration.
+- Handlers registered with `cds.on('shutdown')` are now called with an `err` argument in case the shutdown happened in response to uncaught exceptions or unhandled rejected Promises.
+- Log output on uncaught exceptions or unhandled rejected Promises now is done via `cds.log` instead of `console`.
+- New config option `cds.env.server.force_exit_timeout` allows to configure the timeout in ms after which we force-exit the server (default: 1111) if it didn't do so as expected after a prior `server.close()`. Values `false` or `0` disable force-exit.
+- Require custom auth relative to project root when using pluggable middlewares
 
 ## Version 6.7.2 - 2023-04-24
 
@@ -273,6 +336,7 @@ cds env requires/cds.xt.ModelProviderService
 - `cds.context.http` is now available for webhook-based requests
 - `cds build` for SAP HANA migration tables now only saves model entities annotated with `@cds.persistence.journal` as `last-dev` version.
 - `cds deploy` now uses the `VCAP_SERVICES` environment variable (if set), and skips `cf` operations in this case
+- Support for timestamp precision greater than 3 digits of fractional seconds
 
 ### Changed
 
@@ -489,8 +553,6 @@ Content-Length: 145
 - `cds deploy` and `cds run/serve/watch` no longer print terminal escape sequences (`x1b...`) if they run non-interactively.
 - Some fields in entities like `path` generated invalid sql
 
-### Removed
-
 ## Version 6.1.3 - 2022-09-13
 
 ### Added

package/README.md

@@ -11,4 +11,3 @@ In case you find a bug, please report an [incident](https://cap.cloud.sap/docs/r
 ## License
 
 This package is provided under the terms of the [SAP Developer License Agreement](https://tools.hana.ondemand.com/developer-license-3.1.txt).
-

package/bin/cds-serve.js

@@ -1,6 +1,53 @@
 #!/usr/bin/env node
+const cds = require('../lib') //> ensure we are the first to load @sap/cds locally
+const cli = {
 
-const cds = require('./cds')
-const args = process.argv.slice(2)
+  exec (...argv) {
+    if (!argv.length) argv = process.argv.slice(2)
+    const task = require ('./serve')
 
-cds.exec ('serve', ...args)
+    let args = []
+    try {
+      args = this.args(task, argv)
+    } catch (err) { process.exitCode = 1; return console.error(err) }
+
+    return task.apply (this, args)
+  },
+
+  // TODO replace w/ common arg parser from node
+  args (task, argv) {
+
+    const { options:o=[], flags:f=[], shortcuts:s=[] } = task
+    const _global = /^--(profile|production|sql|odata|build-.*|cdsc-.*|odata-.*|folders-.*)$/
+    const _flags = { '--production':true }
+    const options = {}, args = []
+    let k,a, env = null
+
+    if (argv.length) for (let i=0; i < argv.length; ++i) {
+      if ((a = argv[i])[0] !== '-') args.push(a)
+      else if ((k = s.indexOf(a)) >= 0) k < o.length ? add(o[k],argv[++i]) : add(f[k-o.length])
+      else if ((k = o.indexOf(a)) >= 0) add(o[k],argv[++i])
+      else if ((k = f.indexOf(a)) >= 0) add(f[k])
+      else if (_global.test(a)) add_global(a, _flags[a] || argv[++i])
+      else throw 'Invalid option: '+ a
+    }
+
+    function add (k,v) { options[k.slice(2)] = v || true }
+    function add_global (k,v='') {
+      if (k === '--production') return process.env.NODE_ENV = 'production'
+      if (k === '--profile') return process.env.CDS_ENV = v.split(',')
+      if (k === '--odata') v = { flavor:v }
+      let e=env || (env={}), path = k.slice(2).split('-')
+      while (path.length > 1) { let p = path.shift(); e = e[p]||(e[p]={}) }
+      add (k, e[path[0]] = v)
+    }
+
+    if (env) cds.env.add (env)
+    return [ args, options ]
+  },
+}
+
+module.exports = Object.assign ((..._) => cli.exec(..._), cli)
+if (!module.parent)  cli.exec()
+
+/* eslint no-console:off */

package/bin/deploy/to-hana.js

@@ -0,0 +1 @@
+throw new Error('This application uses @sap/cds version >= 7, which is not compatible with the installed @sap/cds-dk version 6. Either update @sap/cds-dk to version 7 or downgrade @sap/cds to version 6 instead.')

package/bin/serve.js

@@ -154,6 +154,9 @@ async function serve (all=[], o={}) {
   if (o.watch)  return _watch.call(this, o.project,o)   // cds serve --watch <project>
   if (o.project) _chdir_to (o.project)      // cds run --project <project>
 
+  // Ensure loading plugins before calling cds.env!
+  await cds.plugins
+
   const TRACE = cds.debug('trace')
   // if (TRACE) {
   //   TRACE?.time('load express   '); require('express') // eslint-disable-line cds/no-missing-dependencies
@@ -166,7 +169,7 @@ async function serve (all=[], o={}) {
   if (!o.silent) _prepare_logging ()
 
   // The following things are meant for dev mode, which can be overruled by feature flagse...
-  const {features,fiori} = cds.env
+  const {features} = cds.env
   {
     // handle --with-mocks resp. --mocked
     if (features.with_mocks) o.mocked = _with_mocks(o)
@@ -180,16 +183,8 @@ async function serve (all=[], o={}) {
     // live reload, in cooperation with cds watch
     if (features.live_reload) require('../app/etc/livereload')
 
-    // add dev helper for Fiori URLs
-    if (fiori.routes) require('../app/fiori/routes')
-
-    // add fiori preview links to default index.html
-    if (fiori.preview) require('../app/fiori/preview')
-
   }
 
-  // activate plugins
-  await require("./plugins")(log)
   TRACE?.timeEnd('cds bootstrap  ')
 
   // bootstrap server from project-local server.js or from @sap/cds/server.js
@@ -209,27 +204,28 @@ async function serve (all=[], o={}) {
       _resolve (server)
     }
 
+    const LOG = cds.log('cli|server')
     cds.shutdown = _shutdown //> for programmatic invocation
-    process.on('unhandledRejection', (_,p) => _shutdown (console.error('❗️Uncaught',p)))
-    process.on('uncaughtException', (e) => _shutdown (console.error('❗️Uncaught',e)))
+    process.on('unhandledRejection', (e,p) => _shutdown (e, LOG.error('❗️Uncaught',p)))
+    process.on('uncaughtException', (e) => _shutdown (e, LOG.error('❗️Uncaught',e)))
     process.on('SIGINT', cds.watched ? _shutdown : (s,n)=>_shutdown(s,n,console.log())) //> newline after ^C
     process.on('SIGHUP', _shutdown)
     process.on('SIGHUP2', _shutdown)
     process.on('SIGTERM', _shutdown)
 
     async function _shutdown (signal,n) {
-      if (signal) DEBUG?.('⚡️',signal,n, 'received by cds serve')
-      await Promise.all(cds.listeners('shutdown').map(fn => fn()))
+      let err = typeof signal === 'object' ? signal : LOG.debug('⚡️',signal,n, 'received by cds serve')
+      await Promise.all(cds.listeners('shutdown').map(fn => fn(err)))
       server.close(()=>{/* it's ok if closed already */})   // first, we try stopping server and process the nice way
-      if (!global.it) setTimeout(process.exit,1111).unref() // after ~1 sec, we force-exit it, unless in test mode
+      let { force_exit_timeout: force_exit } = cds.env.server // after ~1 sec, we force-exit it, unless in test mode
+      if (force_exit && !global.it) setTimeout(process.exit,force_exit).unref()
     }
 
-    const DEBUG = cds.debug('cli')
-    if (DEBUG) {
-      cds.on('shutdown', () => DEBUG ('⚡️','cds serve - cds.shutdown'))
-      server.on('close', () => DEBUG ('⚡️','cds serve - server.close(d)'))
-      process.on('exit', () => DEBUG ('⚡️','cds serve - process.exit'))
-      process.on('beforeExit', ()=> DEBUG ('⚡️','cds serve - process.beforeExit'))
+    if (LOG._debug) {
+      cds.on('shutdown', () => LOG.debug ('⚡️','cds serve - cds.shutdown'))
+      server.on('close', () => LOG.debug ('⚡️','cds serve - server.close(d)'))
+      process.on('exit', () => LOG.debug ('⚡️','cds serve - process.exit'))
+      process.on('beforeExit', ()=> LOG.debug ('⚡️','cds serve - process.beforeExit'))
     }
 
     if (process.platform === 'win32') {

package/lib/auth/basic-auth.js

@@ -6,18 +6,19 @@ module.exports = function basic_auth (options) {
 
   /** @type { import('express').Handler } express_handler */
   return async function basic_auth (req, res, next) {
+    // REVISIT: passport also adds a login function with different meaning -> we need to be able to recognize ours -> req._login for now
     // allow subsequent code to request a user login
-    req.login = login
+    req._login = login
     // get basic authorization header
     let auth = req.headers.authorization
     // enforce login if requested
-    if (!auth) return login_required ? req.login('Logged in user required!') : next()
+    if (!auth || !auth.match(/^basic/i)) return login_required ? req._login('Logged in user required!') : next()
     // decode user credentials from autorization header
     let [id,pwd] = Buffer.from(auth.slice(6),'base64').toString().split(':')
     // verify user credentials and set req.user
     let u = req.user = await users.verify (id, pwd)
     // re-request login in case of wrong credentials
-    if (u.failed) return req.login (u)
+    if (u.failed) return req._login (u)
     // support for feature toggles via req.headers.features
     if (req.headers.features) u = req.user = { ...u, features: req.headers.features } // NOTE: need to clone u
     // done...
@@ -27,7 +28,8 @@ module.exports = function basic_auth (options) {
 
   function login (reason='') {
     const req=this, res=req.res
-    res.set ('WWW-Authenticate', `Basic realm="Users"`) .sendStatus (401)
+    // REVISIT: this json response is needed to be OData compliant. however, we should probably throw an error anyway so that a custom error middleware can get invoked.
+    res.set('WWW-Authenticate', `Basic realm="Users"`).status(401).json({ error: { code: '401', message: 'Unauthorized' } })
     LOG.info (req.method, decodeURIComponent(req.path), '>', res.statusCode, res.statusMessage, ...(!reason ? [] : ['-', reason]))
   }
 }

package/lib/auth/index.js

@@ -18,14 +18,15 @@ require = _require // eslint-disable-line no-global-assign
  */
 function auth_factory (options) {
   const o = { ...options, ...cds.requires.auth }
-  let kind = o.kind || o.strategy
+  let kind = o.impl ? 'custom' : o.kind || o.strategy
   let middleware = cds.auth[kind]
   if (middleware) {
     cds.log().info ('using auth strategy:', { kind }, '\n')
   } else {
-    let impl = o.impl || path.resolve (__dirname, kind)
+    let impl = kind === 'custom' ? cds.resolve (o.impl)?.[0] : path.resolve (__dirname, kind)
     try { impl = require.resolve (impl) }  catch {
-      throw cds.error `Cannot find auth impl: ${impl}`
+      const e = o.impl ? `Cannot find custom impl at: ${o.impl}` : `Cannot find unknown auth kind: ${o.kind}`
+      throw cds.error(e)
     }
     cds.log().info ('using auth strategy:', { kind, impl: local(impl) }, '\n')
     middleware = require(impl)

package/lib/auth/jwt-auth.js

@@ -10,11 +10,8 @@ module.exports = function jwt_auth(config) {
   // warn if no credentials
   if (!config.credentials) {
     LOG._warn &&
-      LOG.warn(`
-       No XSUAA instance bound to application, but "${config.kind}" configured.
-       This is NOT recommended in production!
-       `)
-
+      LOG.warn(`Authentication kind "${config.kind}" configured, but no XSUAA instance bound to application.
+        This is NOT recommended in production!`)
     return (req,res,next) => next()
   }
 

package/lib/compile/cds-compile.js

@@ -1,41 +1,38 @@
-const cds = require ('../index')
-const cdsc = require ('./cdsc')
-const {lazified} = require ('../lazy'); require = lazified (module)  // eslint-disable-line
-
-
 /**
  * This is the central API facade to call compiler functions.
  */
 const compile = module.exports = Object.assign (cds_compile, {
 
-  for: lazified ({
-    java: require('./for/java'),
-    nodejs: require('./for/nodejs'),
-    drafts: require('./for/drafts'),
-    lean_drafts: require('./for/lean_drafts'),
-    odata: require('./for/odata'),
-    sql: require('./for/sql'),
-  }),
+  for: new class {
+    get java(){ return super.java = require('./for/java') }
+    get nodejs() { return super.nodejs = require('./for/nodejs') }
+    get drafts() { return super.drafts = require('./for/drafts') }
+    get lean_drafts() { return super.lean_drafts = require('./for/lean_drafts') }
+    get odata() { return super.odata = require('./for/odata') }
+    get sql() { return super.sql = require('./for/sql') }
+  },
+
+  to: new class {
+    get csn() { return super.csn = require('./to/csn') }
+    get cdl() { return super.cdl = require('./to/cdl') }
+    get gql() { return super.gql = require('./to/gql') }
+    get yml() { return super.yml = require('./to/yaml') }
+    get yaml() { return super.yaml = require('./to/yaml') }
+    get json() { return super.json = require('./to/json') }
+    get edm() { return super.edm = require('./to/edm') }
+    get edmx() { return super.edmx = compile.to.edm.x }
+    get sql() { return super.sql = require('./to/sql') }
+    get hdbcds() { return super.hdbcds = compile.to.sql.hdbcds }
+    get hdbtable() { return super.hdbtable = compile.to.sql.hdbtable }
+    get hdbtabledata() { return super.hdbtabledata = require('./to/hdbtabledata') }
+    get serviceinfo() { return super.serviceinfo = require('./to/srvinfo') } //> REVISIT: move to CLI
+    get graphql() { return super.graphql = require('./to/gql') } //> REVISIT: move to gql CLI plugin
+  },
 
-  to: lazified ({
-    csn: cds_compile,
-    cdl: require('./to/cdl'),
-    gql: require('./to/gql'),
-    graphql: require('./to/gql'),
-    yml: require('./to/yaml'),
-    yaml: require('./to/yaml'),
-    json: require('./to/json'),
-    edm: require('./to/edm'), edmx: lazy => compile.to.edm.x,
-    sql: require('./to/sql'),
-    hdbcds: lazy => compile.to.sql.hdbcds,
-    hdbtable: lazy => compile.to.sql.hdbtable,
-    serviceinfo: require('./to/srvinfo'), //> REVISIT: move to CLI
-  }),
-
-  _localized: require('./etc/_localized'),
 })
 
 
+
 /**
  * This is the central frontend function to compile sources to CSN.
  * @param {string|string[]|{}} model one of:
@@ -49,70 +46,18 @@ const compile = module.exports = Object.assign (cds_compile, {
  * @returns {{ namespace?:string, definitions:{}, extensions?:[], meta:{ flavor:_flavor }}} CSN
  */
 function cds_compile (model, options, _flavor) {
-  if (!model) throw cds.error (`Argument 'model' must be specified`)
-  if (_is_csn(model) && _assert_flavor(model,_flavor,options)) return _fluent(model)   //> already parsed csn
-  const o = _options4 (options,_flavor)
-  const cwd = o.cwd || cds.root
-  const files = _is_files (model,cwd)
-  if (files) {
-    if (o.sync) return _fluent (_finalize (cdsc.compileSync(files,cwd,o)))  //> compile files synchroneously
-    else return _fluent (cdsc.compile(files,cwd,o) .then (_finalize))       //> compile files asynchroneously
-  }
-  else return _fluent (_finalize (cdsc.compileSources(model,o)))              //> compile CDL sources
-  function _finalize (csn) {
-    if (o.min) csn = cds.minify(csn)
-    // REVISIT: experimental implementation to detect external APIs
-    for (let each in csn.definitions) {
-      const d = csn.definitions[each]
-      if (d.kind === 'service' && cds.requires[each]?.external && (!o.mocked || cds.requires[each].credentials)) {
-        Object.defineProperty (d,'@cds.external', { value: cds.requires[each].kind || true })
-      }
-    }
-    if (!csn.meta) csn.meta = {}
-    csn.meta.flavor = o.flavor
-    return csn
-  }
+  const csn = compile.to.csn (model, options, _flavor)
+  return Object.defineProperties (csn, { // fluent
+    for : {configurable:true, get:()=> new Proxy ({api:compile.for,csn},_handlers)},
+    to  : {configurable:true, get:()=> new Proxy ({api:compile.to, csn},_handlers)},
+  })
 }
 
-
-const _is_csn = (x) => (x.definitions || x.extensions) && !x.$builtins
-const _is_files = (m,root) => {
-  if (Array.isArray(m) || /^file:/.test(m) && (m = m.slice(5)))
-    return cds.resolve(m,{root}) || cds.error ( `Couldn't find a CDS model for '${m}' in ${root||cds.root}`,{ code:'MODEL_NOT_FOUND', model: m })
-}
-const _assert_flavor = (m,_flavor,options) => {
-  if (!m.meta) return true; const f = _flavor || _flavor4 (options)
-  return !f || f === m.meta.flavor || cds.error (`cds.compile(...,{flavor:'${f}'}) called on csn with different meta.flavor='${m.meta.flavor}'`)
-}
-
-const _flavors = {
-  'parsed':   { level:1, cdsc_options: { parseCdl:true } },
-  'xtended':  { level:2, cdsc_options: { csnFlavor:'gensrc' } },
-  'inferred': { level:3 },
-}
-const _flavor4 = (o) => {
-  const f = typeof o === 'string' ? o : o && o.flavor
-  return !f || f in _flavors ? f : cds.error (`Option 'flavor' must be one of ${Object.keys(_flavors)}; got: '${f}'`)
-}
-const _options4 = (_o, _flavor) => {
-  const flavor = _flavor ? _flavor4(_flavor) : _flavor4(_o) || 'inferred'
-  const spec = _flavors[flavor]
-  const o = { ..._o, flavor, ...spec.cdsc_options, ...cds.env.cdsc, cdsHome: cds.home } // cdsHome is for the compiler resolving @sap/cds/... files
-  if (o.docs) o.docComment = true
-  if (o.locations) o.withLocations = true
-  if (!o.messages) o.messages = []
-  return o
-}
-
-const _fluent = (x) => Object.defineProperties (x, {
-  'for' : {configurable:true, get:()=> new Proxy ({api:compile.for,x},_handlers)},
-  'to'  : {configurable:true, get:()=> new Proxy ({api:compile.to, x},_handlers)},
-})
 const _handlers = {
   ownKeys: ({api}) => Reflect.ownKeys (api),
-  get: ({api,x},p) => {
+  get: ({api,csn},p) => {
+    delete csn.for; delete csn.to //> cleanup the decorated CSN or Promise
     let fn = api[p]; if (!fn) return
-    delete x.for; delete x.to //> cleanup the decorated CSN or Promise
-    return o => 'then' in x ? x.then(m => api[p](m,o)) : api[p](x,o)
+    return o => 'then' in csn ? csn.then(m => fn(m,o)) : fn(csn,o)
   }
 }

package/lib/compile/cdsc.js

@@ -101,6 +101,17 @@ const _options = {for: Object.assign (_options4, {
 
 })}
 
+
+const { inspect } = require('util')
+compile.CompilationError.prototype [inspect.custom] = function() {
+  // return this.stack
+  return 'Errors by cds.compile ...'+ this.messages.map (e => {
+    let {file,line,col} = e.$location
+    return `\nin ${file}:${line}:${col} — ${e.severity}: ${e.message}`
+  }).join('') + this.stack.slice(this.message.length+7)
+}
+
+
 /**
  * Return a derivate of cdsc, with the most prominent
  * @type { import('@sap/cds-compiler') }

package/lib/compile/etc/properties.js

@@ -17,8 +17,8 @@ function read (res, ext = '.properties') {
 }
 
 function parse (props) {
-  const lines = props.split(/\r?\n/)
-  const rows = lines.filter(each => !!each.trim()).map(each => {
+  const lines = props.split(/(?<![\\\r])\r?\n/)
+  const rows = lines.filter(each => !!each.trim()).map(each => each.replace(/\\\r?\n/, '')).map(each => {
     const index = each.indexOf('=')
     if (index < 0)  return [each, '']
     return [each.slice(0, index).trim(), each.slice(index + 1).trim()]

package/lib/compile/for/lean_drafts.js

@@ -19,58 +19,10 @@ function _isCompositionBacklink(e) {
   }
 }
 
-const IGNORED_ENTITY_ANNOTATIONS = new Set([
-  '@readonly',
-  '@insertonly',
-  '@restrict',
-])
-
-const IGNORED_ELEMENT_ANNOTATIONS = [
-  '@assert.range',
-  '@assert.enum',
-  '@assert.format',
-  '@assert.target',
-  '@mandatory',
-  '@Core.Immutable',
-  '@readonly',
-  '@Core.Computed',
-  '@Common.FieldControl.Readonly',
-  '@Common.FieldControl.Mandatory',
-  '@FieldControl.Mandatory',
-  '@FieldControl.ReadOnly',
-  '@Common.FieldControl',
-  '@PersonalData.DataSubjectRole',
-  '@PersonalData.EntitySemantics',
-  '@PersonalData.IsPotentiallyPersonal',
-  '@PersonalData.IsPotentiallySensitive',
-  '@PersonalData.FieldSemantics'
-  // These are still needed:
-  // '@odata.etag',
-  // '@cds.on.update',
-  // '@cds.on.insert',
-]
-
 module.exports = function cds_compile_for_lean_drafts(csn) {
-  const DRAFT_ELEMENTS = new Set([
-    'IsActiveEntity',
-    'HasDraftEntity',
-    'HasActiveEntity',
-    'DraftAdministrativeData',
-    'DraftAdministrativeData_DraftUUID',
-    'SiblingEntity'
-  ])
-  function _redirect(assoc, target, keys) {
+  function _redirect(assoc, target) {
     assoc.target = target.name
     assoc._target = target
-    if (keys) assoc.on = _onCondition(assoc.name, keys)
-  }
-
-  function _onCondition(left, keys, right) {
-    const on = []
-    for (let k in keys)
-      DRAFT_ELEMENTS.has(k) || on.push({ ref: [left, k] }, '=', { ref: right ? [right, k] : [k] }, 'and')
-    on.pop()
-    return on
   }
 
   function _isDraft(def) {
@@ -99,33 +51,52 @@ module.exports = function cds_compile_for_lean_drafts(csn) {
     DraftIsProcessedByMe  : Boolean; // REVISIT: these are calculated fields, aren't they?
   }
 `).definitions
-  function draftEntity(active, model) {
+  function addDraftEntity(active, model) {
     const _draftEntity = active.name + '.drafts'
     const d = model.definitions[_draftEntity]
     if (d) return d
     // We need to construct a fake draft entity definition
-    const draft = { __proto__: active, name: _draftEntity, elements: { ...active.elements, ...Draft.elements } }
+    // We cannot use new cds.entity because runtime aspects would be missing
+    const draft = {
+      __proto__: active,
+      name: _draftEntity,
+      elements: { ...active.elements, ...Draft.elements },
+      query: undefined
+    }
     Object.defineProperty(model.definitions, _draftEntity, { value: draft })
     Object.defineProperty(active, 'drafts', { value: draft })
     Object.defineProperty(draft, 'actives', { value: active })
     Object.defineProperty(draft, 'isDraft', { value: true })
-    draft['@cds.persistence.table'] = _draftEntity
 
-    for (const key in draft) {
-      if (IGNORED_ENTITY_ANNOTATIONS.has(key) || key.startsWith('@Capabilities') || key.startsWith('@PersonalData')) draft[key] = undefined
-    }
+    // Positive list would be bigger (search, requires, fiori, ...)
+    if (draft['@readonly']) draft['@readonly'] = undefined
+    if (draft['@insertonly']) draft['@insertonly'] = undefined
+    if (draft['@restrict']) draft['@restrict'] = undefined
+
     // Recursively add drafts for compositions
     for (const each in draft.elements) {
       const e = draft.elements[each]
       const newEl = Object.create(e)
-      if (e.isComposition || (e.isAssociation && e['@odata.draft.enclosed']) || _isCompositionBacklink(e)) {
+      if (e.isComposition || (e.isAssociation && e['@odata.draft.enclosed']) || ((!active['@Common.DraftRoot.ActivationAction'] || e._target === active) && _isCompositionBacklink(e))) {
         if (e._target['@odata.draft.enabled'] === false) continue // happens for texts if @fiori.draft.enabled is not set
-        _redirect(newEl, draftEntity(e._target, model))
+        _redirect(newEl, addDraftEntity(e._target, model))
       }
       newEl.parent = draft
-      for (const ignoredAnno of IGNORED_ELEMENT_ANNOTATIONS) {
-        if (newEl[ignoredAnno]) newEl[ignoredAnno] = undefined
+
+      for (const key in newEl) {
+        if (
+          key.startsWith('@assert') ||
+          key.startsWith('@FieldControl') ||
+          key.startsWith('@Common.FieldControl') ||
+          key.startsWith('@PersonalData') ||
+          key === '@mandatory' ||
+          key === '@readonly' ||
+          key === '@Core.Computed' ||
+          key === '@Core.Immutable'
+        )
+          newEl[key] = undefined
       }
+
       draft.elements[each] = newEl
     }
     return draft
@@ -133,16 +104,12 @@ module.exports = function cds_compile_for_lean_drafts(csn) {
   for (const name in csn.definitions) {
     const def = csn.definitions[name]
     if (!_isDraft(def)) continue
-    ;[
-      'IsActiveEntity',
-      'HasDraftEntity',
-      'HasActiveEntity',
-      'DraftAdministrativeData_DraftUUID',
-      'DraftAdministrativeData'
-    ].forEach(s => {
-      def.elements[s].virtual = true
-    })
+    def.elements.IsActiveEntity.virtual = true
+    def.elements.HasDraftEntity.virtual = true
+    def.elements.HasActiveEntity.virtual = true
+    def.elements.DraftAdministrativeData_DraftUUID.virtual = true
+    def.elements.DraftAdministrativeData.virtual = true
     // will insert drafts entities, so that others can use `.drafts` even without incoming draft requests
-    draftEntity(def, csn, Draft)
+    addDraftEntity(def, csn)
   }
 }