| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Noah Misch <noah(at)leadboat(dot)com>, PostgreSQL-development <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: PG 18 release notes draft committed |
| Date: | 2025-06-04 21:02:38 |
| Message-ID: | CAKFQuwYhd6-fSM-inS9RnB5WydVpzj471-YNgU7CiVZ7WWi3ow@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jun 4, 2025 at 1:45 PM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> Now, if we do want to mention it, it should be done in a way that makes
> it clear to readers whether they are affected by this change. We can
> try text like:
>
> Execute non-SECURITY-DEFINER AFTER triggers as the role that was
> active at the time the trigger was fired
>
> Previously such triggers were run as the role that was active at
> commit time.
>
"Deferred constraint triggers now run as the role active when the trigger
was fired: previously they used the role active when execution began."
The timing is not only at commit, and it makes more sense to me to focus on
"deferred constraint" instead of the more general "after" trigger.
The trigger doesn't have a security definer clause - the function does and
would of course take effect during execution. Not strongly opposed to
keeping the note.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexander Korotkov | 2025-06-04 21:26:17 | Re: Incremental Sort Cost Estimation Instability |
| Previous Message | Daniel Gustafsson | 2025-06-04 20:55:47 | Re: pg_upgrade: warn about roles with md5 passwords |