From 35af98af26982e2adeba35318d6183fc81d2be4c Mon Sep 17 00:00:00 2001
From: Kanthi Subramanian <subkanthi@gmail.com>
Date: Fri, 29 May 2026 14:36:53 +0200
Subject: [PATCH 1/3] Removed references to clickhouse.cloud

---
 src/Access/AccessControl.cpp                                   | 3 ---
 src/Core/Settings.cpp                                          | 2 +-
 ...sic_auth_interactive_not_with_authorization_never.reference | 3 +--
 ...3362_basic_auth_interactive_not_with_authorization_never.sh | 2 +-
 4 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/src/Access/AccessControl.cpp b/src/Access/AccessControl.cpp
index 70818a25af16..802e049a4485 100644
--- a/src/Access/AccessControl.cpp
+++ b/src/Access/AccessControl.cpp
@@ -629,9 +629,6 @@ AuthResult AccessControl::authenticate(const Credentials & credentials, const Po
 
             message << R"(
 
-If you use ClickHouse Cloud, the password can be reset at https://clickhouse.cloud/
-on the settings page for the corresponding service.
-
 If you have installed ClickHouse and forgot password you can reset it in the configuration file.
 The password for default user is typically located at /etc/clickhouse-server/users.d/default-password.xml
 and deleting this file will reset the password.
diff --git a/src/Core/Settings.cpp b/src/Core/Settings.cpp
index 72de0663741c..d73c8fb5a46f 100644
--- a/src/Core/Settings.cpp
+++ b/src/Core/Settings.cpp
@@ -5895,7 +5895,7 @@ This setting takes a ClickHouse version number as a string, like `22.3`, `22.8`.
 Disabled by default.
 
 :::note
-In ClickHouse Cloud the compatibility setting must be set by ClickHouse Cloud support.  Please [open a case](https://clickhouse.cloud/support) to have it set.
+The compatibility setting can be overridden at the user, role, profile, query, or session level using standard ClickHouse setting mechanisms such as `SET compatibility = '22.3'` in a session or `SETTINGS compatibility = '22.3'` in a query.
 :::
 )", 0) \
     \
diff --git a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference
index 5d99d26a414a..915255185e1c 100644
--- a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference
+++ b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference
@@ -1,3 +1,2 @@
-1
+1
 < HTTP/1.1 403 Forbidden
-If you use ClickHouse Cloud, the password can be reset at https://clickhouse.cloud/
diff --git a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh
index 4a95f67bbe44..f7301a949aad 100755
--- a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh
+++ b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh
@@ -11,4 +11,4 @@ ${CLICKHOUSE_CURL} -H 'Authorization: never' "$URL?query=SELECT%201"
 # If the Authorization is set to "never", and the credentials are provided in URL parameters,
 # the server will return 403 instead of 401 Unauthorized, so there will be no prompt in the browser.
 URL="${CLICKHOUSE_PORT_HTTP_PROTO}://${CLICKHOUSE_HOST}:${CLICKHOUSE_PORT_HTTP}/?user=default&password=invalid_password"
-${CLICKHOUSE_CURL} -H 'Authorization: never' -v "$URL?query=SELECT%201" 2>&1 | grep -P '403 Forbidden|ClickHouse Cloud'
+${CLICKHOUSE_CURL} -H 'Authorization: never' -v "$URL?query=SELECT%201" 2>&1 | grep -P '403 Forbidden' | tr -d '\r'

From df7bca58c841d40aef2ad77d4e453a3b6d8ee623 Mon Sep 17 00:00:00 2001
From: Kanthi Subramanian <subkanthi@gmail.com>
Date: Fri, 12 Jun 2026 18:59:12 +0200
Subject: [PATCH 2/3] Fix test queries

---
 ...ive_not_with_authorization_never.reference |  4 +-
 ...nteractive_not_with_authorization_never.sh |  2 +-
 ...eberg_alter_modify_column_type_segfault.sh | 37 +++++++++++++++++++
 3 files changed, 40 insertions(+), 3 deletions(-)
 create mode 100755 tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh

diff --git a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference
index 915255185e1c..92b24e73bca6 100644
--- a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference
+++ b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.reference
@@ -1,2 +1,2 @@
-1
-< HTTP/1.1 403 Forbidden
+1
+< HTTP/1.1 403 Forbidden
diff --git a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh
index f7301a949aad..787e373b631a 100755
--- a/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh
+++ b/tests/queries/0_stateless/03362_basic_auth_interactive_not_with_authorization_never.sh
@@ -11,4 +11,4 @@ ${CLICKHOUSE_CURL} -H 'Authorization: never' "$URL?query=SELECT%201"
 # If the Authorization is set to "never", and the credentials are provided in URL parameters,
 # the server will return 403 instead of 401 Unauthorized, so there will be no prompt in the browser.
 URL="${CLICKHOUSE_PORT_HTTP_PROTO}://${CLICKHOUSE_HOST}:${CLICKHOUSE_PORT_HTTP}/?user=default&password=invalid_password"
-${CLICKHOUSE_CURL} -H 'Authorization: never' -v "$URL?query=SELECT%201" 2>&1 | grep -P '403 Forbidden' | tr -d '\r'
+${CLICKHOUSE_CURL} -H 'Authorization: never' -v "$URL&query=SELECT%201" 2>&1 | grep -P '403 Forbidden' | tr -d '\r'
diff --git a/tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh b/tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh
new file mode 100755
index 000000000000..e42240443bf4
--- /dev/null
+++ b/tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh
@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+# Tags: no-fasttest
+
+# Regression test: ALTER TABLE ... MODIFY COLUMN ... on an Iceberg table
+# should not throw a LOGICAL_ERROR exception ("Metadata is not initialized")
+# when no SELECT or INSERT preceded the alter in the same server lifetime.
+
+CURDIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
+# shellcheck source=../shell_config.sh
+. "$CURDIR"/../shell_config.sh
+
+TABLE="t_${CLICKHOUSE_DATABASE}_${RANDOM}"
+TABLE_PATH="${USER_FILES_PATH}/${TABLE}/"
+
+${CLICKHOUSE_CLIENT} --query "DROP TABLE IF EXISTS ${TABLE}"
+${CLICKHOUSE_CLIENT} --query "
+    CREATE TABLE ${TABLE} (c0 Float64)
+    ENGINE = IcebergLocal('${TABLE_PATH}')
+"
+# To have at least one real snapshot. Otherwise alter can be noop.
+${CLICKHOUSE_CLIENT} --allow_insert_into_iceberg=1 --query "INSERT INTO ${TABLE} VALUES (1.0)"
+
+# DETACH + ATTACH rebuilds the storage object from the stored CREATE statement,
+# so its in-memory metadata has no datalake metadata loaded — the same state as
+# after a server restart.
+${CLICKHOUSE_CLIENT} --query "DETACH TABLE ${TABLE}"
+${CLICKHOUSE_CLIENT} --query "ATTACH TABLE ${TABLE}"
+
+# Without the fix, this throws a LOGICAL_ERROR exception.
+${CLICKHOUSE_CLIENT} --allow_insert_into_iceberg=1 --query "
+    ALTER TABLE ${TABLE} MODIFY COLUMN c0 Nullable(Int64)
+"
+
+${CLICKHOUSE_CLIENT} --query "SHOW CREATE TABLE ${TABLE}" | grep -F "c0 Nullable(Int64)"
+
+${CLICKHOUSE_CLIENT} --query "DROP TABLE IF EXISTS ${TABLE}"
+rm -rf "${TABLE_PATH}"

From 6afa40f0b9c3d392753d81e08da6732f11d23721 Mon Sep 17 00:00:00 2001
From: Kanthi Subramanian <subkanthi@gmail.com>
Date: Fri, 12 Jun 2026 20:18:30 +0200
Subject: [PATCH 3/3] Removed tests not related to this PR

---
 ...eberg_alter_modify_column_type_segfault.sh | 37 -------------------
 1 file changed, 37 deletions(-)
 delete mode 100755 tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh

diff --git a/tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh b/tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh
deleted file mode 100755
index e42240443bf4..000000000000
--- a/tests/queries/0_stateless/04207_iceberg_alter_modify_column_type_segfault.sh
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-# Tags: no-fasttest
-
-# Regression test: ALTER TABLE ... MODIFY COLUMN ... on an Iceberg table
-# should not throw a LOGICAL_ERROR exception ("Metadata is not initialized")
-# when no SELECT or INSERT preceded the alter in the same server lifetime.
-
-CURDIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
-# shellcheck source=../shell_config.sh
-. "$CURDIR"/../shell_config.sh
-
-TABLE="t_${CLICKHOUSE_DATABASE}_${RANDOM}"
-TABLE_PATH="${USER_FILES_PATH}/${TABLE}/"
-
-${CLICKHOUSE_CLIENT} --query "DROP TABLE IF EXISTS ${TABLE}"
-${CLICKHOUSE_CLIENT} --query "
-    CREATE TABLE ${TABLE} (c0 Float64)
-    ENGINE = IcebergLocal('${TABLE_PATH}')
-"
-# To have at least one real snapshot. Otherwise alter can be noop.
-${CLICKHOUSE_CLIENT} --allow_insert_into_iceberg=1 --query "INSERT INTO ${TABLE} VALUES (1.0)"
-
-# DETACH + ATTACH rebuilds the storage object from the stored CREATE statement,
-# so its in-memory metadata has no datalake metadata loaded — the same state as
-# after a server restart.
-${CLICKHOUSE_CLIENT} --query "DETACH TABLE ${TABLE}"
-${CLICKHOUSE_CLIENT} --query "ATTACH TABLE ${TABLE}"
-
-# Without the fix, this throws a LOGICAL_ERROR exception.
-${CLICKHOUSE_CLIENT} --allow_insert_into_iceberg=1 --query "
-    ALTER TABLE ${TABLE} MODIFY COLUMN c0 Nullable(Int64)
-"
-
-${CLICKHOUSE_CLIENT} --query "SHOW CREATE TABLE ${TABLE}" | grep -F "c0 Nullable(Int64)"
-
-${CLICKHOUSE_CLIENT} --query "DROP TABLE IF EXISTS ${TABLE}"
-rm -rf "${TABLE_PATH}"