[client-v2, jdbc-v2] Implement SSL Modes

[chernser]

Summary

Branch 06/10/26/ssl_modes — Summary

Adds an explicit ssl_mode setting to client-v2 and jdbc-v2, replacing the old implicit SSL behavior. ~987 lines across 17 files (8 commits).

Key changes

• New SSLMode enum (client-v2/.../enums/SSLMode.java) with 4 modes.
• New SslContextProvider (client-v2-owned, builder-based) replacing the deprecated v1 ClickHouseDefaultSslContextProvider. Key material (client cert/key for mTLS) and trust material (trust store / CA cert / trust-all) are now configured independently.
• Client.Builder.setSSLMode(...) + ssl_mode config property (default STRICT).
• HttpAPIClientHelper.createSSLContext rewritten to build the context from the resolved mode; hostname verification is skipped for TRUST/VERIFY_CA.
• Inline PEM support: any cert/key value containing -----BEGIN is treated as PEM content, otherwise as a file path.
• Tests, examples (SSLExamples for both client-v2 and jdbc), and docs/features.md (the compatibility contract) updated.

Purpose of the modes (least → most strict)

• DISABLED — no SSL; plain protocols only. Rejected if endpoint is https://.
• TRUST — encrypt but accept any server cert, skip hostname check. Trust store / CA cert are ignored (warning logged); client cert/key still used for mTLS. MITM-vulnerable, testing only.
• VERIFY_CA — validate cert chain, but skip hostname verification.
• STRICT (default) — full chain + hostname verification.

Behavior worth noting (compatibility-sensitive)

• ssl_mode does not toggle encryption — the endpoint scheme (http/https) decides that.
• For VERIFY_CA/STRICT: if both trust store and CA cert are set, trust store wins and CA cert is ignored (warning). Trust store + sslcert together still throws ClientMisconfigurationException.
• Values are case-insensitive and normalized to canonical names at build time; unknown value → ClientMisconfigurationException (client) / SQLException (JDBC).

V1 JDBC compatibility — none = trust

JdbcConfiguration accepts the traditional JDBC ssl_mode=none value and aliases it to TRUST (the no-verification mode), so existing V1-style JDBC URLs/properties keep working. Other values are normalized case-insensitively before being forwarded to client-v2; unrecognized values throw SQLException.

This is the main backward-compatibility seam to trust/verify: V1 used none for "don't verify," and the branch maps that onto the new TRUST mode rather than introducing a breaking rename.

Closes: #2389
Closes: #2309
Closes: #2819

Checklist

Delete items not relevant to your PR:

• Closes #
• Unit and integration tests covering the common scenarios were added
• A human-readable description of the changes was provided to include in CHANGELOG
• For significant changes, documentation in https://github.com/ClickHouse/clickhouse-docs was updated with further explanations or tutorials

Review Guidance

SSL support consists of:

• Server verification
• Client verification (mTLS)
• Client authendication

Client authendication and verification requires KeyStore and configured with user key and user certificate (key used to sign certificate).
In PR it is located here https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-40a5e6ba1f1b64d0bb9ee63a8f4f98a913545af2d4e8c3839f76a7cb97d3e9d2R170
This part has nothing to do with SSL Mode.

Server verification has two checks: server certificate and server identity matching the certificate.
Certificates are supplied via truststore.

Server certificate verification is configured by root certificate (CA certificate) or external trust store. When ssl mode is TRUST then client skip this verification.
In PR it is located here https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-40a5e6ba1f1b64d0bb9ee63a8f4f98a913545af2d4e8c3839f76a7cb97d3e9d2R174

So the logic is:

• if in TRUST mode - then use trust all manger (see https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-7b2b57a7a63fa9670d746c1ee32500df0c727812ea73bbae6017076bbd136c6eR78)
  • tested here https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-adf3b7cc8de26ccb974241205acf5242979b499c5d3deefeb6561e5e83b14b9aR297
• if in STRICT mode - then do all verification. user can supply truststore or ca_certificate that will make client trrust only them (otherwise JDK truststore is used).
  • trust store tested here https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-adf3b7cc8de26ccb974241205acf5242979b499c5d3deefeb6561e5e83b14b9aR434
  • test also verifies that exception throws when no trust store is configured.
• if in VERIFY_CA mode - then verify only server certificate signature. Again user can supply truststore or ca_certificate.
  • tested here https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-adf3b7cc8de26ccb974241205acf5242979b499c5d3deefeb6561e5e83b14b9aR356

Server identity verification is done in another place thru SSL socket. When in TRUST or VERIFY_CA mode then no host verification needed.
In PR it is located here https://github.com/ClickHouse/clickhouse-java/pull/2874/changes#diff-40a5e6ba1f1b64d0bb9ee63a8f4f98a913545af2d4e8c3839f76a7cb97d3e9d2R289

---

Note

High Risk
Changes TLS trust and hostname verification defaults and wiring for all HTTPS clients; misconfiguration or mode semantics bugs could weaken security or break existing secure connections.

Overview
Adds an explicit ssl_mode setting to client-v2 and jdbc-v2 so HTTPS behavior is no longer implicit. New SSLMode enum (DISABLED, TRUST, VERIFY_CA, STRICT default) is exposed via Client.Builder.setSSLMode, the ssl_mode config property, and JDBC URL/properties.

HttpAPIClientHelper now builds TLS through a new SslContextProvider (replacing the v1 ClickHouseDefaultSslContextProvider): mTLS client cert/key is applied separately from trust strategy; TRUST uses a trust-all manager and ignores configured trust store/CA (with warnings); VERIFY_CA/STRICT use trust store, CA cert, or the JVM default, with trust store winning when both store and CA are set. Hostname checks are skipped for TRUST, VERIFY_CA, and custom SNI. Build-time validation normalizes case-insensitive mode names, rejects unknown values and DISABLED with https:// endpoints, and SSLException is wrapped as ClickHouseException.

JDBC maps legacy ssl_mode=none to TRUST and normalizes other values before forwarding to the client. Docs, feature contract, and SSL examples (including TRUST for self-signed) are updated; integration/unit tests cover each mode.

^{Reviewed by Cursor Bugbot for commit 683dd25. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

Repository collaborators can run the JMH benchmark suite against this PR by commenting:

/benchmark

Optional regression threshold override (Δ% on Time or Alloc/op; defaults to 10%):

/benchmark threshold=15

Only one benchmark run per PR is active at a time — issuing a new /benchmark comment cancels the previous run. After the run finishes a separate comment will be posted comparing it against the latest scheduled run on main; the PR check fails if any benchmark regresses by more than the threshold.

[github-actions]

Client V2 Coverage

Coverage Report

Package	Coverage	Lines Covered	Total Lines
com.clickhouse.client.api	83.96%	937	1116
com.clickhouse.client.api.command	43.33%	13	30
com.clickhouse.client.api.data_formats	40.29%	141	350
com.clickhouse.client.api.data_formats.internal	74.88%	1723	2301
com.clickhouse.client.api.enums	100.00%	14	14
com.clickhouse.client.api.http	0.00%		1
com.clickhouse.client.api.insert	85.44%	88	103
com.clickhouse.client.api.internal	84.67%	1204	1422
com.clickhouse.client.api.metadata	90.74%	49	54
com.clickhouse.client.api.metrics	93.75%	75	80
com.clickhouse.client.api.query	79.14%	129	163
com.clickhouse.client.api.serde	84.21%	48	57
com.clickhouse.client.api.sql	87.50%	28	32
com.clickhouse.client.api.transport	89.29%	50	56

Class Coverage

Class	Coverage	Lines Covered	Total Lines
com.clickhouse.client.api.ClickHouseException	85.71%	12	14
com.clickhouse.client.api.Client	84.96%	384	452
com.clickhouse.client.api.Client.Builder	85.27%	191	224
com.clickhouse.client.api.Client.new DataStreamWriter() {...}	100.00%	8	8
com.clickhouse.client.api.ClientConfigProperties	93.40%	184	197
com.clickhouse.client.api.ClientConfigProperties.new ClientConfigProperties() {...}	100.00%	8	8
com.clickhouse.client.api.ClientException	100.00%	4	4
com.clickhouse.client.api.ClientFaultCause	100.00%	7	7
com.clickhouse.client.api.ClientMisconfigurationException	100.00%	4	4
com.clickhouse.client.api.command.CommandResponse	47.06%	8	17
com.clickhouse.client.api.command.CommandSettings	38.46%	5	13
com.clickhouse.client.api.ConnectionInitiationException	50.00%	3	6
com.clickhouse.client.api.ConnectionReuseStrategy	100.00%	3	3
com.clickhouse.client.api.data_formats.internal.AbstractBinaryFormatReader	72.35%	293	405
com.clickhouse.client.api.data_formats.internal.AbstractBinaryFormatReader.RecordWrapper	50.00%	17	34
com.clickhouse.client.api.data_formats.internal.BinaryReaderBackedRecord	14.77%	13	88
com.clickhouse.client.api.data_formats.internal.BinaryStreamReader	84.74%	372	439
com.clickhouse.client.api.data_formats.internal.BinaryStreamReader.ArrayValue	81.40%	35	43
com.clickhouse.client.api.data_formats.internal.BinaryStreamReader.CachingByteBufferAllocator	100.00%	8	8
com.clickhouse.client.api.data_formats.internal.BinaryStreamReader.DefaultByteBufferAllocator	100.00%	2	2
com.clickhouse.client.api.data_formats.internal.BinaryStreamReader.EnumValue	80.00%	8	10
com.clickhouse.client.api.data_formats.internal.InetAddressConverter	66.67%	18	27
com.clickhouse.client.api.data_formats.internal.MapBackedRecord	45.54%	102	224
com.clickhouse.client.api.data_formats.internal.NumberConverter	88.17%	82	93
com.clickhouse.client.api.data_formats.internal.NumberConverter.NumberType	100.00%	7	7
com.clickhouse.client.api.data_formats.internal.ProcessParser	82.50%	33	40
com.clickhouse.client.api.data_formats.internal.SerializerUtils	83.96%	644	767
com.clickhouse.client.api.data_formats.internal.SerializerUtils.DynamicClassLoader	100.00%	3	3
com.clickhouse.client.api.data_formats.internal.ValueConverters	77.48%	86	111
com.clickhouse.client.api.data_formats.NativeFormatReader	80.77%	42	52
com.clickhouse.client.api.data_formats.NativeFormatReader.Block	66.67%	12	18
com.clickhouse.client.api.data_formats.RowBinaryFormatReader	15.79%	3	19
com.clickhouse.client.api.data_formats.RowBinaryFormatSerializer	19.82%	22	111
com.clickhouse.client.api.data_formats.RowBinaryFormatWriter	27.84%	27	97
com.clickhouse.client.api.data_formats.RowBinaryFormatWriter.InputStreamHolder	0.00%		4
com.clickhouse.client.api.data_formats.RowBinaryFormatWriter.ReaderHolder	0.00%		4
com.clickhouse.client.api.data_formats.RowBinaryWithNamesAndTypesFormatReader	100.00%	22	22
com.clickhouse.client.api.data_formats.RowBinaryWithNamesFormatReader	56.52%	13	23
com.clickhouse.client.api.DataStreamWriter	0.00%		1
com.clickhouse.client.api.DataTransferException	50.00%	2	4
com.clickhouse.client.api.DataTypeUtils	52.50%	63	120
com.clickhouse.client.api.enums.Protocol	100.00%	2	2
com.clickhouse.client.api.enums.ProxyType	100.00%	3	3
com.clickhouse.client.api.enums.SSLMode	100.00%	9	9
com.clickhouse.client.api.http.ClickHouseHttpProto	0.00%		1
com.clickhouse.client.api.insert.InsertResponse	52.94%	9	17
com.clickhouse.client.api.insert.InsertSettings	91.86%	79	86
com.clickhouse.client.api.internal.BaseCollectionConverter	100.00%	28	28
com.clickhouse.client.api.internal.BaseCollectionConverter.BaseArrayWriter	100.00%	6	6
com.clickhouse.client.api.internal.BaseCollectionConverter.BaseCollectionWriter	71.43%	15	21
com.clickhouse.client.api.internal.BaseCollectionConverter.BaseListWriter	100.00%	6	6
com.clickhouse.client.api.internal.BaseCollectionConverter.ListConversionState	100.00%	11	11
com.clickhouse.client.api.internal.BasicObjectsPool	0.00%		11
com.clickhouse.client.api.internal.CachingObjectsSupplier	0.00%		10
com.clickhouse.client.api.internal.ClickHouseLZ4InputStream	89.33%	67	75
com.clickhouse.client.api.internal.ClickHouseLZ4OutputStream	92.31%	60	65
com.clickhouse.client.api.internal.ClientStatisticsHolder	50.00%	7	14
com.clickhouse.client.api.internal.ClientUtils	100.00%	2	2
com.clickhouse.client.api.internal.CommonSettings	97.30%	72	74
com.clickhouse.client.api.internal.CompressedEntity	80.00%	28	35
com.clickhouse.client.api.internal.CredentialsManager	95.38%	62	65
com.clickhouse.client.api.internal.DataTypeConverter	87.57%	155	177
com.clickhouse.client.api.internal.DataTypeConverter.ArrayAsStringWriter	100.00%	18	18
com.clickhouse.client.api.internal.DataTypeConverter.ListAsStringWriter	100.00%	16	16
com.clickhouse.client.api.internal.EnvUtils	0.00%		14
com.clickhouse.client.api.internal.Gauge	66.67%	4	6
com.clickhouse.client.api.internal.HttpAPIClientHelper	92.46%	454	491
com.clickhouse.client.api.internal.HttpAPIClientHelper.CustomSSLConnectionFactory	66.67%	6	9
com.clickhouse.client.api.internal.HttpAPIClientHelper.DummySSLConnectionSocketFactory	0.00%		3
com.clickhouse.client.api.internal.HttpAPIClientHelper.MeteredManagedHttpClientConnectionFactory	50.00%	7	14
com.clickhouse.client.api.internal.LZ4Entity	82.93%	34	41
com.clickhouse.client.api.internal.MapUtils	35.48%	22	62
com.clickhouse.client.api.internal.ServerSettings	0.00%		1
com.clickhouse.client.api.internal.SslContextProvider	92.68%	38	41
com.clickhouse.client.api.internal.SslContextProvider.Builder	100.00%	38	38
com.clickhouse.client.api.internal.SslContextProvider.NonValidatingTrustManager	75.00%	3	4
com.clickhouse.client.api.internal.StopWatch	66.67%	10	15
com.clickhouse.client.api.internal.TableSchemaParser	80.77%	21	26
com.clickhouse.client.api.internal.ValidationUtils	55.00%	11	20
com.clickhouse.client.api.internal.ValidationUtils.SettingsValidationException	100.00%	3	3
com.clickhouse.client.api.metadata.DefaultColumnToMethodMatchingStrategy	100.00%	13	13
com.clickhouse.client.api.metadata.NoSuchColumnException	0.00%		2
com.clickhouse.client.api.metadata.TableSchema	92.31%	36	39
com.clickhouse.client.api.metrics.ClientMetrics	100.00%	7	7
com.clickhouse.client.api.metrics.MicrometerLoader	90.91%	40	44
com.clickhouse.client.api.metrics.OperationMetrics	94.12%	16	17
com.clickhouse.client.api.metrics.ServerMetrics	100.00%	12	12
com.clickhouse.client.api.query.NullValueException	50.00%	2	4
com.clickhouse.client.api.query.QueryResponse	60.98%	25	41
com.clickhouse.client.api.query.QuerySettings	96.51%	83	86
com.clickhouse.client.api.query.QueryStatement	0.00%		4
com.clickhouse.client.api.query.Records	60.87%	14	23
com.clickhouse.client.api.query.Records.new Iterator() {...}	100.00%	5	5
com.clickhouse.client.api.serde.DataSerializationException	0.00%		6
com.clickhouse.client.api.serde.POJOSerDe	97.96%	48	49
com.clickhouse.client.api.serde.SerializerNotFoundException	0.00%		2
com.clickhouse.client.api.ServerException	100.00%	13	13
com.clickhouse.client.api.ServerException.ErrorCodes	100.00%	9	9
com.clickhouse.client.api.Session	100.00%	42	42
com.clickhouse.client.api.sql.SQLUtils	87.50%	28	32
com.clickhouse.client.api.transport.HttpEndpoint	88.00%	44	50
com.clickhouse.client.api.transport.HttpEndpoint.EndpointDetails	100.00%	6	6

[github-actions]

JDBC V2 Coverage

Coverage Report

Package	Coverage	Lines Covered	Total Lines
com.clickhouse.data	19.23%	5	26
com.clickhouse.jdbc	78.77%	1566	1988
com.clickhouse.jdbc.internal	88.68%	1222	1378
com.clickhouse.jdbc.internal.parser.antlr4	40.76%	6367	15619
com.clickhouse.jdbc.internal.parser.javacc	71.75%	4798	6687
com.clickhouse.jdbc.metadata	85.50%	519	607
com.clickhouse.jdbc.types	55.23%	280	507

Class Coverage

Class	Coverage	Lines Covered	Total Lines
com.clickhouse.data.Tuple	19.23%	5	26
com.clickhouse.jdbc.ClientInfoProperties	100.00%	12	12
com.clickhouse.jdbc.ConnectionImpl	90.98%	232	255
com.clickhouse.jdbc.DataSourceImpl	96.15%	25	26
com.clickhouse.jdbc.Driver	79.17%	38	48
com.clickhouse.jdbc.Driver.FrameworksDetection	90.91%	10	11
com.clickhouse.jdbc.DriverProperties	93.33%	28	30
com.clickhouse.jdbc.internal.DetachedResultSet	80.39%	332	413
com.clickhouse.jdbc.internal.ExceptionUtils	69.57%	16	23
com.clickhouse.jdbc.internal.FeatureManager	100.00%	8	8
com.clickhouse.jdbc.internal.JdbcConfiguration	94.58%	192	203
com.clickhouse.jdbc.internal.JdbcUtils	89.45%	373	417
com.clickhouse.jdbc.internal.JdbcUtils.ArrayProcessingCursor	100.00%	11	11
com.clickhouse.jdbc.internal.ParsedPreparedStatement	96.08%	49	51
com.clickhouse.jdbc.internal.ParsedStatement	93.75%	15	16
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseLexer	77.78%	28	36
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser	45.55%	4793	10522
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AliasContext	66.67%	6	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterPrivilegeContext	0.00%		44
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterStmtContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseAddColumnContext	41.67%	5	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseAddIndexContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseAddProjectionContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseAlterTypeContext	31.25%	5	16
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseAttachContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseClearColumnContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseClearIndexContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseClearProjectionContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseCommentContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseDeleteContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseDetachContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseDropColumnContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseDropIndexContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseDropPartitionContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseDropProjectionContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseFreezePartitionContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseMaterializeIndexContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseMaterializeProjectionContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseModifyCodecContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseModifyCommentContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseModifyContext	50.00%	5	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseModifyOrderByContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseModifyRemoveContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseModifyTTLContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseMovePartitionContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseRemoveTTLContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseRenameContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseReplaceContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableClauseUpdateContext	0.00%		8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableColumnPositionContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AlterTableStmtContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ArrayJoinClauseContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AssignmentExprContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AssignmentExprListContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AssignmentValueContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AssignmentValuesContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AssignmentValuesEmptyContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AssignmentValuesListContext	45.45%	5	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.AttachStmtContext	33.33%	6	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CheckAllTablesStmtContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CheckGrantStmtContext	45.45%	5	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CheckStmtContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CheckTableStmtContext	35.71%	5	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ClusterClauseContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CodecArgExprContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CodecExprContext	0.00%		14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnAliasesContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnArgExprContext	66.67%	6	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnArgListContext	46.15%	6	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprAgrFuncWithFilterContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprAliasContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprAndContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprArrayAccessContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprArrayContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprAsteriskContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprBetweenContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprCaseContext	35.71%	5	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprCast2Context	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprCastContext	45.45%	5	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprDateContext	71.43%	5	7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprExtractContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprFunctionContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprIdentifierContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprIntervalContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprIsNullContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprListContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprLiteralContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprNegateContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprNotContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprOrContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprParamContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprParensContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprPrecedence1Context	50.00%	5	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprPrecedence2Context	50.00%	5	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprPrecedence3Context	26.32%	5	19
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprRegexpContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprSubqueryContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprSubstringContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprTernaryOpContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprTimestampContext	71.43%	5	7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprTrimContext	0.00%		14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprTupleAccessContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprTupleContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprWinFunctionContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnExprWinFunctionTargetContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnIdentifierContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnLambdaExprContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnPrivilegeContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnsClauseContext	53.85%	7	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnsExprAsteriskContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnsExprColumnContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnsExprContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnsExprSubqueryContext	0.00%		8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnTypeExprComplexContext	41.67%	5	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnTypeExprContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnTypeExprEnumContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnTypeExprNestedContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnTypeExprParamContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ColumnTypeExprSimpleContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateDatabaseStmtContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateDictionaryStmtContext	21.74%	5	23
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateFunctionStmtContext	33.33%	5	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateLiveViewStmtContext	0.00%		21
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateMaterializedViewStmtContext	0.00%		20
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateNamedCollectionStmtContext	27.78%	5	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreatePolicyStmtContext	17.24%	5	29
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreatePrivilegeContext	0.00%		24
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateProfileStmtContext	14.71%	5	34
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateQuotaStmtContext	18.52%	5	27
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateRoleStmtContext	26.32%	5	19
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateStmtContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateTableStmtContext	25.00%	5	20
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateUserStmtContext	17.86%	5	28
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CreateViewStmtContext	26.32%	5	19
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CteClauseContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CteUnboundColContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CteUnboundColExprContext	50.00%	5	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CteUnboundColLiteralContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CteUnboundColParamContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.CteUnboundSubQueryContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DatabaseIdentifierContext	63.64%	7	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DataClauseContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DataClauseFormatContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DataClauseSelectContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DataClauseValuesContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DeleteStmtContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DescribeStmtContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DestinationClauseContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DictionaryArgExprContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DictionaryAttrDfntContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DictionaryEngineClauseContext	75.00%	6	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DictionaryPrimaryKeyClauseContext	46.15%	6	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DictionarySchemaClauseContext	46.15%	6	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DictionarySettingsClauseContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DropPrivilegeContext	0.00%		24
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.DropStmtContext	15.00%	6	40
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.EngineClauseContext	75.00%	6	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.EngineExprContext	46.15%	6	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.EnumValueContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ExchangeStmtContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ExistsDatabaseStmtContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ExistsStmtContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ExistsTableStmtContext	31.25%	5	16
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ExplainStmtContext	33.33%	6	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.FilenameContext	0.00%		8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.FloatingLiteralContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.FrameBetweenContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.FrameStartContext	0.00%		6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.FromClauseContext	36.84%	7	19
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.GrantStmtContext	20.69%	6	29
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.GrantTableIdentifierContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.GroupByClauseContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.HavingClauseContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.IdentifierContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.IdentifierOrNullContext	66.67%	6	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.InserParameterExprContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.InsertParameterContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.InsertParameterFuncExprContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.InsertRawValueContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.InsertStmtContext	53.33%	8	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.IntervalContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinConstraintClauseContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinExprContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinExprCrossOpContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinExprOpContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinExprParensContext	0.00%		8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinExprTableContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinOpContext	0.00%		6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinOpCrossContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinOpFullContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinOpInnerContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.JoinOpLeftRightContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.KeywordContext	1.89%	6	318
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.KeywordForAliasContext	2.33%	6	258
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.KillMutationStmtContext	35.71%	5	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.KillQueryStmtContext	35.71%	5	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.KillStmtContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.LayoutClauseContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.LifetimeClauseContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.LimitByClauseContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.LimitClauseContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.LimitExprContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.LiteralContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.MoveStmtContext	33.33%	6	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.NameCollectionKeyContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.NamedQueryContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.NestedIdentifierContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.NumberLiteralContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.OptimizeByExprContext	30.00%	6	20
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.OptimizeStmtContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.OrderByClauseContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.OrderExprContext	37.50%	6	16
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.OrderExprListContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.PartitionByClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.PartitionClauseContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.PrewhereClauseContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.PrimaryKeyClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.PrivelegeListContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.PrivilegeContext	13.64%	6	44
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ProjectionOrderByClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ProjectionSelectStmtContext	0.00%		14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.QueryContext	38.24%	13	34
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.QueryStmtContext	46.67%	7	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.QuotaForClauseContext	33.33%	6	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.QuotaMaxExprContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.RangeClauseContext	0.00%		14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.RatioExprContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.RenameStmtContext	37.50%	6	16
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.RevokeStmtContext	26.09%	6	23
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SampleByClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SampleClauseContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SchemaAsFunctionClauseContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SchemaAsTableClauseContext	71.43%	5	7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SchemaDescriptionClauseContext	45.45%	5	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SelectStmtContext	21.43%	6	28
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SelectStmtWithParensContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SelectUnionStmtContext	40.00%	6	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SetRolesListContext	63.64%	7	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SetRoleStmtContext	38.10%	8	21
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SetStmtContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SettingExprContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SettingExprListContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SettingsClauseContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowAccessStmtContext	71.43%	5	7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowClustersStmtContext	27.78%	5	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowClusterStmtContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowColumnsStmtContext	23.81%	5	21
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowCreatePolicyStmtContext	41.67%	5	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowCreateProfileContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowCreateQuotaStmtContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowCreateRoleStmtContext	41.67%	5	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowCreateStmtContext	27.78%	5	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowCreateUserStmtContext	38.46%	5	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowDatabasesStmtContext	0.00%		18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowDictionariesStmtContext	26.32%	5	19
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowEnginesStmtContext	41.67%	5	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowFromDbClauseContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowFromTableFromDbClauseContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowFSCachesStmtContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowFunctionsStmtContext	45.45%	5	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowGrantsStmtContext	33.33%	5	15
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowIndexStmtContext	22.73%	5	22
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowMergesStmtContext	27.78%	5	18
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowPoliciesStmtContext	50.00%	5	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowPrivilegeContext	0.00%		25
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowProcessListStmtContext	41.67%	5	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowProfilesStmtContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowQuotasStmtContext	71.43%	5	7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowQuotaStmtContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowRolesStmtContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowSettingsStmtContext	45.45%	5	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowSettingStmtContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowStmtContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowTablesStmtContext	23.81%	5	21
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ShowUsersStmtContext	71.43%	5	7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SourceClauseContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SourcePrivilegeContext	0.00%		25
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SubqueryClauseContext	66.67%	6	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SystemPrivilegeContext	0.00%		81
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.SystemStmtContext	5.88%	6	102
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableArgExprContext	60.00%	6	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableArgListContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableColumnDfntContext	35.29%	6	17
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableColumnPropertyExprContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableColumnPropertyTypeContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableElementExprColumnContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableElementExprConstraintContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableElementExprContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableElementExprIndexContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableElementExprProjectionContext	0.00%		7
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableExprAliasContext	55.56%	5	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableExprContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableExprFunctionContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableExprIdentifierContext	100.00%	6	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableExprSubqueryContext	62.50%	5	8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableFunctionExprContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableIdentifierContext	80.00%	8	10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableIndexDfntContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableProjectionDfntContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TableSchemaClauseContext	83.33%	5	6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TopClauseContext	0.00%		11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TruncateStmtContext	42.86%	6	14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TtlClauseContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.TtlExprContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UndropStmtContext	50.00%	6	12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UpdateStmtContext	46.15%	6	13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UserCreateGranteesClauseContext	0.00%		19
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UserCreateHostClauseContext	0.00%		14
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UserCreateHostDefContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UserIdentifiedClauseContext	27.27%	6	22
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UserIdentifiedWithClauseContext	17.14%	6	35
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UserIdentifierContext	54.55%	6	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UseStmtContext	77.78%	7	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.UuidClauseContext	66.67%	6	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ValidUntilClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ViewIdentifierContext	0.00%		8
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.ViewParamContext	63.64%	7	11
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WatchStmtContext	0.00%		12
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WhereClauseContext	66.67%	6	9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WindowClauseContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WindowExprContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WinFrameBoundContext	0.00%		13
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WinFrameClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WinFrameExtendContext	0.00%		6
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WinOrderByClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WinPartitionByClauseContext	0.00%		10
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParser.WithClauseContext	0.00%		9
com.clickhouse.jdbc.internal.parser.antlr4.ClickHouseParserBaseListener	64.86%	382	589
com.clickhouse.jdbc.internal.parser.javacc.AbstractCharStream	52.04%	102	196
com.clickhouse.jdbc.internal.parser.javacc.ClickHouseSqlParser	71.49%	2884	4034
com.clickhouse.jdbc.internal.parser.javacc.ClickHouseSqlParserConstants	100.00%	1	1
com.clickhouse.jdbc.internal.parser.javacc.ClickHouseSqlParserTokenManager	82.98%	1648	1986
com.clickhouse.jdbc.internal.parser.javacc.ClickHouseSqlStatement	36.05%	53	147
com.clickhouse.jdbc.internal.parser.javacc.ClickHouseSqlUtils	68.57%	24	35
com.clickhouse.jdbc.internal.parser.javacc.JdbcParseHandler	24.05%	19	79
com.clickhouse.jdbc.internal.parser.javacc.LanguageType	100.00%	6	6
com.clickhouse.jdbc.internal.parser.javacc.OperationType	100.00%	2	2
com.clickhouse.jdbc.internal.parser.javacc.ParseException	3.95%	3	76
com.clickhouse.jdbc.internal.parser.javacc.ParseHandler	50.00%	2	4
com.clickhouse.jdbc.internal.parser.javacc.SimpleCharStream	30.00%	9	30
com.clickhouse.jdbc.internal.parser.javacc.StatementType	92.50%	37	40
com.clickhouse.jdbc.internal.parser.javacc.Token	66.67%	8	12
com.clickhouse.jdbc.internal.parser.javacc.TokenMgrException	0.00%		39
com.clickhouse.jdbc.internal.SqlParserFacade	90.63%	29	32
com.clickhouse.jdbc.internal.SqlParserFacade.ANTLR4AndParamsParser	90.91%	10	11
com.clickhouse.jdbc.internal.SqlParserFacade.ANTLR4AndParamsParser.ParseStatementAndParamsListener	92.86%	13	14
com.clickhouse.jdbc.internal.SqlParserFacade.ANTLR4Parser	97.30%	36	37
com.clickhouse.jdbc.internal.SqlParserFacade.ANTLR4Parser.ParsedPreparedStatementListener	94.34%	50	53
com.clickhouse.jdbc.internal.SqlParserFacade.ANTLR4Parser.ParsedStatementListener	100.00%	15	15
com.clickhouse.jdbc.internal.SqlParserFacade.ANTLR4Parser.ParserErrorListener	100.00%	2	2
com.clickhouse.jdbc.internal.SqlParserFacade.JavaCCParser	98.53%	67	68
com.clickhouse.jdbc.internal.SqlParserFacade.SQLParser	100.00%	4	4
com.clickhouse.jdbc.JdbcV2Wrapper	100.00%	4	4
com.clickhouse.jdbc.metadata.DatabaseMetaDataImpl	81.76%	390	477
com.clickhouse.jdbc.metadata.DatabaseMetaDataImpl.TableType	100.00%	14	14
com.clickhouse.jdbc.metadata.ParameterMetaDataImpl	100.00%	23	23
com.clickhouse.jdbc.metadata.ResultSetMetaDataImpl	98.80%	82	83
com.clickhouse.jdbc.metadata.ResultSetMetaDataImpl.ColumnTypeBinding	100.00%	10	10
com.clickhouse.jdbc.PreparedStatementImpl	77.35%	379	490
com.clickhouse.jdbc.PreparedStatementImpl.ArrayProcessingCursor	100.00%	7	7
com.clickhouse.jdbc.ResultSetImpl	82.20%	508	618
com.clickhouse.jdbc.StatementImpl	93.53%	260	278
com.clickhouse.jdbc.types.Array	88.00%	44	50
com.clickhouse.jdbc.types.ArrayResultSet	50.78%	228	449
com.clickhouse.jdbc.types.Struct	100.00%	8	8
com.clickhouse.jdbc.WriterStatementImpl	30.14%	63	209

[github-actions]

JDBC V1 Coverage

Coverage Report

Package	Coverage	Lines Covered	Total Lines
com.clickhouse.jdbc	35.29%	944	2675
com.clickhouse.jdbc.internal	63.53%	1336	2103
com.clickhouse.jdbc.parser	69.35%	4556	6570

Class Coverage

Class	Coverage	Lines Covered	Total Lines
com.clickhouse.jdbc.AbstractResultSet	1.33%	3	226
com.clickhouse.jdbc.ClickHouseArray	34.62%	9	26
com.clickhouse.jdbc.ClickHouseBlob	0.00%		12
com.clickhouse.jdbc.ClickHouseClob	0.00%		14
com.clickhouse.jdbc.ClickHouseConnection	52.78%	19	36
com.clickhouse.jdbc.ClickHouseDatabaseMetaData	47.31%	185	391
com.clickhouse.jdbc.ClickHouseDataSource	41.18%	7	17
com.clickhouse.jdbc.ClickHouseDriver	72.73%	40	55
com.clickhouse.jdbc.ClickHousePreparedStatement	16.67%	13	78
com.clickhouse.jdbc.ClickHouseResultSet	64.84%	166	256
com.clickhouse.jdbc.ClickHouseResultSetMetaData	34.21%	13	38
com.clickhouse.jdbc.ClickHouseScrollableResultSet	0.00%		17
com.clickhouse.jdbc.ClickHouseStatement	0.00%		1
com.clickhouse.jdbc.ClickHouseStruct	71.43%	5	7
com.clickhouse.jdbc.ClickHouseXml	0.00%		10
com.clickhouse.jdbc.CombinedResultSet	51.88%	83	160
com.clickhouse.jdbc.DataSourceV1	69.70%	23	33
com.clickhouse.jdbc.DriverV1	40.63%	39	96
com.clickhouse.jdbc.DriverV1.FrameworksDetection	90.91%	10	11
com.clickhouse.jdbc.internal.AbstractPreparedStatement	27.59%	16	58
com.clickhouse.jdbc.internal.ClickHouseConnectionImpl	66.61%	375	563
com.clickhouse.jdbc.internal.ClickHouseJdbcUrlParser	100.00%	29	29
com.clickhouse.jdbc.internal.ClickHouseJdbcUrlParser.ConnectionInfo	100.00%	18	18
com.clickhouse.jdbc.internal.ClickHouseParameterMetaData	70.37%	19	27
com.clickhouse.jdbc.internal.ClickHouseStatementImpl	61.66%	283	459
com.clickhouse.jdbc.internal.InputBasedPreparedStatement	71.76%	183	255
com.clickhouse.jdbc.internal.JdbcSavepoint	100.00%	14	14
com.clickhouse.jdbc.internal.JdbcTransaction	72.50%	58	80
com.clickhouse.jdbc.internal.SqlBasedPreparedStatement	68.60%	236	344
com.clickhouse.jdbc.internal.StreamBasedPreparedStatement	45.21%	66	146
com.clickhouse.jdbc.internal.TableBasedPreparedStatement	35.45%	39	110
com.clickhouse.jdbc.JdbcConfig	71.84%	74	103
com.clickhouse.jdbc.JdbcParameterizedQuery	67.78%	61	90
com.clickhouse.jdbc.JdbcParseHandler	95.12%	78	82
com.clickhouse.jdbc.JdbcTypeMapping	42.96%	61	142
com.clickhouse.jdbc.JdbcTypeMapping.AnsiTypeMapping	16.81%	20	119
com.clickhouse.jdbc.JdbcTypeMapping.InstanceHolder	100.00%	3	3
com.clickhouse.jdbc.JdbcWrapper	20.00%	1	5
com.clickhouse.jdbc.Main	0.00%		60
com.clickhouse.jdbc.Main.GenericQuery	0.00%		114
com.clickhouse.jdbc.Main.Int8Query	0.00%		59
com.clickhouse.jdbc.Main.MixedQuery	0.00%		89
com.clickhouse.jdbc.Main.Options	0.00%		124
com.clickhouse.jdbc.Main.Pojo	0.00%		25
com.clickhouse.jdbc.Main.StringQuery	0.00%		57
com.clickhouse.jdbc.Main.UInt64Query	0.00%		57
com.clickhouse.jdbc.parser.AbstractCharStream	44.44%	88	198
com.clickhouse.jdbc.parser.ClickHouseSqlParser	68.85%	2816	4090
com.clickhouse.jdbc.parser.ClickHouseSqlParserConstants	100.00%	1	1
com.clickhouse.jdbc.parser.ClickHouseSqlParserTokenManager	76.47%	1456	1904
com.clickhouse.jdbc.parser.ClickHouseSqlStatement	69.93%	100	143
com.clickhouse.jdbc.parser.ClickHouseSqlUtils	100.00%	28	28
com.clickhouse.jdbc.parser.LanguageType	100.00%	6	6
com.clickhouse.jdbc.parser.OperationType	100.00%	2	2
com.clickhouse.jdbc.parser.ParseException	3.95%	3	76
com.clickhouse.jdbc.parser.ParseHandler	75.00%	3	4
com.clickhouse.jdbc.parser.SimpleCharStream	30.00%	9	30
com.clickhouse.jdbc.parser.StatementType	97.30%	36	37
com.clickhouse.jdbc.parser.Token	66.67%	8	12
com.clickhouse.jdbc.parser.TokenMgrException	0.00%		39
com.clickhouse.jdbc.SqlExceptionUtils	50.00%	31	62

[github-actions]

Client V1 Coverage

Coverage Report

Package	Coverage	Lines Covered	Total Lines
com.clickhouse.client	51.66%	2097	4059
com.clickhouse.client.config	76.14%	217	285
com.clickhouse.client.naming	86.96%	20	23

Class Coverage

Class	Coverage	Lines Covered	Total Lines
com.clickhouse.client.AbstractClient	63.93%	78	122
com.clickhouse.client.AbstractSocketClient	3.13%	7	224
com.clickhouse.client.AbstractSocketClient.SocketRequest	0.00%		8
com.clickhouse.client.ClickHouseClient	6.16%	17	276
com.clickhouse.client.ClickHouseClientBuilder	68.67%	57	83
com.clickhouse.client.ClickHouseClientBuilder.Agent	19.05%	28	147
com.clickhouse.client.ClickHouseClientBuilder.DummyClient	53.85%	7	13
com.clickhouse.client.ClickHouseCluster	40.98%	25	61
com.clickhouse.client.ClickHouseConfig	80.93%	208	257
com.clickhouse.client.ClickHouseConfig.ClientOptions	66.67%	14	21
com.clickhouse.client.ClickHouseCredentials	60.00%	18	30
com.clickhouse.client.ClickHouseDnsResolver	41.67%	5	12
com.clickhouse.client.ClickHouseException	74.58%	44	59
com.clickhouse.client.ClickHouseLoadBalancingPolicy	67.06%	57	85
com.clickhouse.client.ClickHouseLoadBalancingPolicy.DefaultPolicy	100.00%	2	2
com.clickhouse.client.ClickHouseLoadBalancingPolicy.FirstAlivePolicy	95.24%	20	21
com.clickhouse.client.ClickHouseLoadBalancingPolicy.RandomPolicy	100.00%	6	6
com.clickhouse.client.ClickHouseLoadBalancingPolicy.RoundRobinPolicy	92.86%	13	14
com.clickhouse.client.ClickHouseNode	80.45%	284	353
com.clickhouse.client.ClickHouseNode.Builder	66.67%	68	102
com.clickhouse.client.ClickHouseNode.Status	100.00%	5	5
com.clickhouse.client.ClickHouseNodes	53.87%	202	375
com.clickhouse.client.ClickHouseNodeSelector	88.64%	78	88
com.clickhouse.client.ClickHouseParameterizedQuery	76.32%	174	228
com.clickhouse.client.ClickHouseParameterizedQuery.QueryPart	62.50%	15	24
com.clickhouse.client.ClickHouseProtocol	97.06%	33	34
com.clickhouse.client.ClickHouseRequest	55.84%	330	591
com.clickhouse.client.ClickHouseRequest.Mutation	83.33%	90	108
com.clickhouse.client.ClickHouseRequest.PipedWriter	100.00%	7	7
com.clickhouse.client.ClickHouseRequestManager	0.00%		22
com.clickhouse.client.ClickHouseRequestManager.InstanceHolder	0.00%		2
com.clickhouse.client.ClickHouseResponse	18.18%	2	11
com.clickhouse.client.ClickHouseResponse.new ClickHouseResponse() {...}	33.33%	3	9
com.clickhouse.client.ClickHouseResponseSummary	85.00%	51	60
com.clickhouse.client.ClickHouseResponseSummary.Progress	92.00%	23	25
com.clickhouse.client.ClickHouseResponseSummary.Statistics	64.71%	11	17
com.clickhouse.client.ClickHouseSimpleResponse	48.57%	34	70
com.clickhouse.client.ClickHouseSslContextProvider	90.91%	10	11
com.clickhouse.client.ClickHouseStreamResponse	0.00%		47
com.clickhouse.client.ClickHouseTransaction	0.00%		220
com.clickhouse.client.ClickHouseTransaction.XID	0.00%		35
com.clickhouse.client.ClickHouseTransactionException	0.00%		11
com.clickhouse.client.ClickHouseVersionUtils	44.65%	71	159
com.clickhouse.client.config.ClickHouseClientOption	89.61%	138	154
com.clickhouse.client.config.ClickHouseDefaults	94.44%	34	36
com.clickhouse.client.config.ClickHouseDefaultSslContextProvider	45.24%	38	84
com.clickhouse.client.config.ClickHouseDefaultSslContextProvider.NonValidatingTrustManager	0.00%		4
com.clickhouse.client.config.ClickHouseHealthCheckMethod	100.00%	3	3
com.clickhouse.client.config.ClickHouseProxyType	100.00%	2	2
com.clickhouse.client.config.ClickHouseSslMode	100.00%	2	2
com.clickhouse.client.naming.SrvResolver	86.96%	20	23
com.clickhouse.client.UnsupportedProtocolException	0.00%		4

[chernser]

@cursor review

[chernser]

@cursor review

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

1 issue from previous review remains unresolved.

Comment @cursor review or bugbot run to trigger another review on this PR

^{Reviewed by Cursor Bugbot for commit ea14e4f. Configure here.}

[github-actions]

Triage

Category: feature • Risk: high

Summary
This PR introduces an explicit ssl_mode setting (DISABLED, TRUST, VERIFY_CA, STRICT) to client-v2 and jdbc-v2, replacing the previous implicit SSL behavior. It adds a new SSLMode enum, a new SslContextProvider builder class (replacing the deprecated v1 ClickHouseDefaultSslContextProvider), and a Client.Builder.setSSLMode() API surface. The rewritten HttpAPIClientHelper.createSSLContext wires trust strategy (trust-all manager, trust-store, CA cert, or JVM default) and hostname-verification bypass (for TRUST/VERIFY_CA) independently from mTLS client certificate handling. JDBC maps the legacy ssl_mode=none to TRUST for backward compatibility. Default mode is STRICT (most secure). Closes #2389, #2309, #2819.

What this impacts

• client-v2: new public API (SSLMode enum, Client.Builder.setSSLMode, ssl_mode config property), rewritten SSL context construction, new SslContextProvider internal class
• jdbc-v2: JdbcConfiguration SSL mode parsing and V1 none→TRUST aliasing
• docs/features.md (compatibility contract) updated
• All existing users of HTTPS endpoints: behavior change if they relied on implicit SSL verification defaults

Concerns

• Security rule fires: core change is auth/certificate/trust-boundary handling — TLS verification logic, trust-all manager (NonValidatingTrustManager), and hostname verification bypass are all rewritten. Must be reviewed for correctness: TRUST truly ignoring the trust store, VERIFY_CA skipping only hostname (not chain), STRICT enforcing both.
• Large diff rule fires: 1,006 additions (threshold: 400 LOC). Consider requesting a split of tests/examples from core SSL logic if review bandwidth is limited.
• V1 JDBC compatibility seam: ssl_mode=none → TRUST alias is the main backward-compatibility change; if the mapping is wrong, existing V1 JDBC users silently get "trust any cert" instead of an error.
• The (hostname, session) -> true hostname verifier lambda is applied for both TRUST and VERIFY_CA modes — reviewer should confirm the condition covers all intended cases and no path produces a verifier bypass under STRICT.

Required reviewer action

• At least one human reviewer required; focus on the SSL trust and hostname verification logic in HttpAPIClientHelper and SslContextProvider, and the JDBC none→TRUST alias semantics.

[sonarqubecloud]

Quality Gate failed

Failed conditions
8.4% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud