Re: PG 16 draft release notes ready
Jonathan S. Katz <jkatz@postgresql.org>
Commits
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Revert MAINTAIN privilege and pg_maintain predefined role.
- 151c22deee66 17.0 cited
-
doc: PG 16 relnotes, remove "Have initdb use ICU by default"
- c729642bd760 16.0 cited
-
initdb: change default --locale-provider back to libc.
- 2535c74b1a61 16.0 cited
-
doc: PG 16 relnotes, add author
- b9e3f8005c99 16.0 landed
-
doc: PG 16 relnotes, move memory item and reword OUTER item
- e6a254c0d4af 16.0 landed
-
doc: PG 16 relnotes, add memory overhead reduction item
- 409d24485cbe 16.0 landed
-
doc: PG 16 relnotes, adjust subscription origin mention
- f7c16a120cfa 16.0 landed
-
doc: PG 16 relnotes, adjust auto_explain logging item
- 0bcb3ca3b95b 16.0 landed
-
doc: PG 16 relnotes: adjust outer/full hash join parallelization
- 5a6464096622 16.0 landed
-
doc: PG 16 relnotes, fix duplicate author and commit
- 9e28b83ae6fa 16.0 landed
-
doc: PG 16 relnotes, fix "locale" typo and windows locale text
- 503b0556d96f 16.0 landed
-
doc: PG 16 relnotes, add author from previous merge
- 46ba86cd32dc 16.0 landed
-
doc: PG 16 relnotes, wording adjustments
- 5c2c59ba0b5f 16.0 landed
-
doc: PG 16 relnotes, merge and move vector items
- ad5406246bff 16.0 landed
-
doc: PG 16 relnotes, update xid/subxid searches item
- a817edbf6f30 16.0 landed
-
doc: PG 16 relnotes, SIMD improvements
- 5cb54fc310fb 16.0 landed
-
doc: PG 16 relnotes, add major features list
- 60751aa50313 16.0 landed
-
doc: PG 16 relnotes, misc merged items and bootstrap detail
- de7c3fd34e0f 16.0 landed
-
doc: PG 16 relnotes, misc. updates
- c822358a256c 16.0 landed
-
doc: PG 16 relnotes, add commits
- 30579d23b226 16.0 landed
-
Allow logical decoding on standbys
- 0fdab27ad68a 16.0 cited
-
Fix ts_headline() edge cases for empty query and empty search text.
- 029dea882a7a 16.0 cited
-
Add a hook for modifying the ldapbind password
- 419a8dd8142a 16.0 cited
-
Rework design of functions in pg_walinspect
- 5c1b6628075a 16.0 cited
-
initdb: derive encoding from locale for ICU; similar to libc.
- c45dc7ffbba2 16.0 cited
-
Doc: add XML ID attributes to <sectN> and <varlistentry> tags.
- 78ee60ed84bb 16.0 cited
-
Simplify the implementations of the to_reg* functions.
- 3ea7329c9a79 16.0 cited
-
Rename pg_dissect_walfile_name() to pg_split_walfile_name()
- 13e0d7a60385 16.0 cited
-
Make materialized views participate in predicate locking
- 43351557d0d2 16.0 cited
-
Improve performance of and reduce overheads of memory management
- c6e0fe1f2a08 16.0 cited
-
Allow grant-level control of role inheritance behavior.
- e3ce2de09d81 16.0 cited
On 5/22/23 4:18 PM, Robert Haas wrote: > On Sun, May 21, 2023 at 3:05 PM Jonathan S. Katz <jkatz@postgresql.org> wrote: >> * Support for regular expressions for matching usernames and databases >> names in `pg_hba.conf`, and user names in `pg_ident.conf` > > I suggest that this is not a major feature. > > Perhaps the work that I did to improve CREATEROLE could be considered > for inclusion in the major features list. In previous releases, > someone with CREATEROLE can hack the PG OS account. Now they can't. In > previous releases, someone with CREATEROLE can manage all > non-superuser roles, but now they can manage the roles they create (or > ones they are given explicit authority to manage). You can even > control whether or not such users automatically inherit the privileges > of roles they create, as superusers inherit all privileges. There is > certainly some argument that this is not a sufficiently significant > set of changes to justify a major feature mention, and even if it is, > it's not clear to me exactly how it would be best worded. And yet I > feel like it's very likely that if we look back on this release in 3 > years, those changes will have had a significant impact on many > PostgreSQL deployments, above all in the cloud, whereas I think it > likely that the ability to have regular expressions in pg_hba.conf and > pg_ident.conf will have had very little effect by comparison. > > Of course, there is always a possibility that I'm over-estimating the > impact of my own work. In general, I'm completely fine with people advocating for their own features during this process, in case there's something that I missed. For this case, while I think this work is very impactful, but I don't know if I'd call it a major feature vs. modifying an unintended behavior. Additionally, folks have likely put mitigations in place for this through the years. I'm happy to be convinced otherwise. The regular expressions in the files adds an ability that both we didn't have before, and has been a request I've heard from users with very large deployments. For them, it'll help simplify a lot of their configurations/automations for setting this up en masse. Again, I'm happy to be convinced otherwise. I wanted to use the beta release to allow for us to see 1/ how people ultimately test these things and 2/ help better sift out what will be called a major feature. We could end up shuffling items in the list or completely rewriting it, so it's not set in stone. Thanks, Jonathan