Re: Prevent remote libpq notices from being sent to clients

> On Jun 5, 2026, at 23:20, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> wrote:
>
> On Fri, Jun 5, 2026 at 7:43 AM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Also, I don't buy the argument that this is a "leak": if the remote
>> server was willing to send the message to its client, it doesn't think
>> that the message is security-critical.
>
> I don't think the remote gets to decide that, in general. It's up to
> the middle layer to know whether it's operating at the same level of
> trust as the end client.
>
> --Jacob

Thanks to all for the input. It looks like people have different opinions on this topic. BTW, I realized that my previous wording of "leak" was too strong, sorry about that.

Here, I think the main concern is that this is an “unintentional" user-visible behavior change. I went through the original discussion thread [1], and I don't see this behavior change being explicitly discussed. I am not against Fujii's idea that emitting a remote WARNING to the client could be helpful, and I also like Tom's idea of mapping the remote severity to the local log level. But if we really want to do that, I think we need a dedicated discussion, and that seems too late for v19. Also, if we eventually decide to change the client-visible behavior, I think we should document it explicitly.

How about preserving the old client-visible behavior for v19? I can add this topic to my TODO list and follow up with this work for v20.

[1] https://postgr.es/m/CALDaNm2xsHpWRtLm-VL_HJCsaE3+1Y_n-jDEAr3-suxVqc3xoQ@mail.gmail.com

Best regards,
--
Chao Li (Evan)
HighGo Software Co., Ltd.
https://www.highgo.com/