Re: uuidv7 improperly accepts dates before 1970-01-01

Hi,

On Mon, Apr 27, 2026 at 3:51 PM Christophe Pettus <xof(at)thebuild(dot)com> wrote:
>
> > We wrote the specific test that ensures vast space for shift, but not unlimited.
>
> That's another problem: the API gives the impression of a much larger space than actually exists.
>
> # select uuidv7('100000 years'::interval); # ~11.2 x total time range in a UUID v7.
> uuidv7
> --------------------------------------
> 37b45c74-469d-7e1b-9397-1a971a99ab2b
> (1 row)
>

Fair point.

> At a minimum, it should reject a shift that creates a time later than a UUID v7 can represent.

I think that if we add a lower-bound check as the proposed patch does
an upper-bound check should also be added.

>
> > Time shifting would become a footgun if we throw an exception when overflown.
>
> I don't understand why. If the concern is that someone will pick a value that's close to the maximum, and get a surprising exception when the time overflows that, the right answer is to caution them not to do that rather than permit the wraparound.

I guess that monotonicity could easily be violated depending on how
users shift the wall-clock. Taking Andrey's example, if they use
something like uuidv7('-10 years' * shard_id), the monotonicity would
be broken with just 6 shards.

I guess it would be safer to raise an error in such cases rather than
silently allowing wraparound. Otherwise, users might only realize that
their UUIDv7 values are no longer sortable years down the road, which
would be disastrous. Moreover, raising an error would be consistent
with how PostgreSQL natively handles timestamp + interval overflows.

That said, while I am leaning toward introducing boundary checks, we
should carefully consider this change since it could potentially break
existing applications that rely on the current behavior of
uuidv7(interval).

Regards,

--
Masahiko Sawada
Amazon Web Services: https://aws.amazon.com