Re: PG 14 release notes, first draft

Bruce Momjian <bruce@momjian.us>

From: Bruce Momjian <bruce@momjian.us>
To: Alvaro Herrera <alvherre@alvh.no-ip.org>
Cc: Ian Lawrence Barwick <barwick@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2021-05-17T02:51:02Z
Lists: pgsql-hackers
On Sat, May 15, 2021 at 07:05:35PM -0400, Álvaro Herrera wrote:
> On 2021-May-12, Bruce Momjian wrote:
> 
> > OK, updated text:
> > 
> > 	<listitem>
> > 	<!--
> > 	Author: Peter Eisentraut <peter@eisentraut.org>
> > 	2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
> > 	-->
> > 	
> > 	<para>
> > 	Change the default of the password_encryption server parameter
> > 	to scram-sha-256 (Peter Eisentraut)
> > 	</para>
> > 	
> > 	<para>
> > 	Previously it was md5.	All new passwords will be stored as SHA256
> > 	unless this server variable is changed or the password is already
> > 	md5-hashed.  Also, the legacy (and undocumented) boolean-like
> > 	values which were previously synonyms of <literal>md5</literal>
> > 	are no longer accepted.
> > 	</para>
> > 	</listitem>
> 
> Thanks, looks ok as far as what the original point was about.
> 
> I have to say that this sentence is a bit odd: "All new passwords will
> be stored as sha256 unless ... the password is already md5-hashed".
> Does this mean that if you change a password for a user whose password
> was md5, the new one is stored as md5 too even if the setting is
> scram-sha-256?  Or if "the password" means an old password, then why is
> it a new password?

OK, what I was trying to say was that if you dump/restore, and the old
password was md5, the newly-restored password will be md5, but it was
very unclear.  I changed it to this:

	<listitem>
	<!--
	Author: Peter Eisentraut <peter@eisentraut.org>
	2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
	Author: Peter Eisentraut <peter@eisentraut.org>
	2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
	-->
	
	<para>
	Change the default of the password_encryption server parameter to
	scram-sha-256 (Peter Eisentraut)
	</para>
	
	<para>
	Previously it was md5.	All new passwords will be stored as SHA256
	unless this server variable is changed or the password is specified
	in md5 format.	Also, the legacy (and undocumented) boolean-like
	values which were previously synonyms for <literal>md5</literal>
	are no longer accepted.
	</para>
	</listitem>

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EDB                                      https://enterprisedb.com

  If only the physical world exists, free will is an illusion.




Commits

  1. doc: add mention of +4GB windows file handling in PG14 relnotes

  2. doc: PG 14 relnotes fixes

  3. doc: PG 14 relnote updates

  4. doc: PG 14 relnotes, adjust pg_{read|write}_all_data entry

  5. Update PG 14 relnotes for vacuum_cost_page_miss

  6. doc: update PG 14 release notes with recent feedback

  7. Update replication statistics after every stream/spill.

  8. Add information of total data processed to replication slot stats.

  9. Use NameData datatype for slotname in stats.

  10. Add back vacuum_cleanup_index_scale_factor parameter.

  11. Don't consider newly inserted tuples in nbtree VACUUM.

  12. pgbench: Improve time logic.

  13. Track total amounts of times spent writing and syncing WAL data to disk.

  14. Allow decoding at prepare time in ReorderBuffer.

  15. Extend the output plugin API to allow decoding of prepared xacts.

  16. Fix nbtree cleanup-only VACUUM stats inaccuracies.

  17. Execute invalidation messages for each XLOG_XACT_INVALIDATIONS message

  18. Fix our Windows stat() emulation to handle file sizes > 4GB.

  19. Trigger autovacuum based on number of INSERTs

  20. Speed up planning when partitions can be pruned at plan time.

  21. Remove support for password_encryption='off' / 'plain'.

  22. Increase work_mem and maintenance_work_mem defaults by 4x