Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "postgres"
Our boss did always the same thing. When there was a BIG potential customer who indicates a small interest in our software, then he lied constantly about features. After the customer bought our software we got a deadline and should develop the missing features. I could remember two features: The first one was a quote tool for a car transport company. The tool should estimate a price for a transportation from an email with no structure and the other one was an API which should be possible to write dynamicly to MySQL, MariaDB, Postgres, MSSQL, DB2, Mongo or better said any possible dbms. The API should guess the structure of the dbs and offer CRUD actions. The funny thing is must write the api with go. Yeah dynamic and GO.
At some time, we told him we wont make any overtime and if the deadline is not possible we told that immediatly the customers, so that they call him. Thank god I don't work anymore in this company.1
Working with postgres is just a great experience every time, I've never EVER had a problem with it.
and it's so insanely POWERFUL!!!!
great role model of what all open-source software should strive to be3
I would like to murder postgres and the awful requirements of this damn project... Plus, I practically didn't sleep more than a blink last night so either postgres fucks off and gets its shit together with its transaction handling shit, or imma about to stab a bitch! 🗡 ⚔️20
So why on earth would Postgres not spell this correctly?
```select rolname from pg_roles;```
Is it that someone could not spell rolename correctly?4
What's your worst debugging experience?
I just had it today and yesterday when I tried to connect to an aws postgres rds..... 😭😭😭7
Client be like:
Pls, could you give the new Postgres user the same perms as this one other user?
Then I find out that, for whatever reason, all of their user accounts have disabled inheritance... So, wtf.
Postgres doesn't really allow you to *copy* perms of a role A to role B. You can only grant role A to role B, but for the perms of A to carry over, B has to have inheritance allowed... Which... It doesn't.
So... After a bit of manual GRANT bla ON DATABASE foo TO user, I ping back that it is done and breath a sigh of relief.
Oooooonly... They ping back like -- Could you also copy the perms of A on all the existing objects in the schema to B???
Ugh. More work. Lets see... List all permissions in a schema and... Holy shit! That's thousands of tables and sequences, how tf am I ever gonna copy over all that???
Maybe I could... Disable the pager of psql, and pipe the list into a file, parse it by the magic of regex... And somehow generate a fuckload of GRANT statements? Uuuugh, but that'd kill so much time. Not to mention I'd need to find out what the individual permission letters in the output mean... And... Ugh, ye, no, too much work. Lets see if SO knows a solution!
And, surprise surprise, it did! The easiest, simplest to understand way, was to make a schema-only dump of the database, grep it for user A, substitute their name with B, and then input it back.
What I didn't expect is for the resulting filtered and altered grant list to be over 6800 LINES LONG. WHAT THE FUCK.
...And, shortly after I apply the insane number of grants... I get another ping. Turns out the customer's already figured out a way to grant all the necessary perms themselves, and I... No longer have to do anything :|
Joy. Utter, indescribable joy.
Is there any actual security reason for disabling inheritance in Postgres? (14.x) I'd think that if an account got compromised, it doesn't matter if it has the perms inherited or not, cuz you can just SET ROLE yourself to the granted role with the actual perms and go ham...3
Do people still use redis when you already use postgres? How is pg perf if you are writing like 10,000s of row data/second. I am slightly outdated....12
honest question: if I know ReactJS, Golang, Python, Typescript, and a bit of Postgres and living in Costa Rica, what sort of freelance services could I promote on the net?
I used to freelance on sites like PeoplePerHour, doing projects of 1 month in 3 weeks or less, but I would like to do that again in my own website under my own terms, sort of speak.
A question to all software security specialists of devRant. Please, take it serious.
Is it fundamentally possible to restrict a SQL database like Postgres in a way that unintended SQL queries are impossible to execute? Perhaps in some kind of whitelist fashion. Is it possible to achieve the kind of security that will be just fine exposed to the outside world akin to "SQL queries in onClick handlers" scenario?
Or is this an uphill battle of never being able to moderate an infinite set of possible fraudulent queries?5
RDS Proxy is quickly becoming my least favourite AWS offering.
I ranted about it a while back because I had to abandon it for a project because it doesn’t support clusters very well (it only proxys to the primary node).
Well I tried to use it again for a different project with only a single RW instance. Surely it will be ideal?
Nope. It doesn’t support Postgres 13. Only goes up to 12.
What the hell Amazon?
pgbouncer it is I guess.
TL;DR I have to bump a Redis cluster from t3.medium to m6g.large just to get enough network bandwidth even though I have no need of the extra memory.
Debugged an interesting issue today.
I am adding Elasticache to a project to reduce strain on the single node postgres DB.
Deployed a Redis replication group with 2 shards, with multi-AZ replication for resilience.
Everything was going well. We arent caching that much atm so was barely using 100Mb of memory.
Suddenly, when our US region comes online, latency skyrockets and the logs are full of Jedis timeout errors.
Still no issue with memory or node CPU.
The cause? Arbitrary network bandwidth throttling by AWS. The app currently processes about 3,000 requests per second so we were exceeding Amazons random ass allowances which arent documented anywhere.1
Why has nobody at Microsoft thought of implementing optional parameters for functions in SQL Server? I guess backward compatibility is something they haven't heard of. I mean hell, Postgres can do it easily.2