On 2020-Jan-29, Tom Lane wrote: > Not sure what I think about these: > > bloom (are these useful in production?) > btree_gin > btree_gist > pgrowlocks (seems safe, but are there security issues?) > spi/autoinc (I doubt that these four are production grade) > spi/insert_username > spi/moddatetime > spi/refint > sslinfo (seems safe, but are there security issues?) > xml2 (nominally safe, but deprecated, and libxml2 > has been a fertile source of security issues)
Of these, btree_gist is definitely useful from a user perspective, because it enables creation of certain exclusion constraints. I've never heard of anyone using bloom indexes in production. I'd argue that if the feature is useful, then we should turn it into a core-included index AM with regular WAL logging for improved performance, and add a stripped-down version to src/test/modules to cover the WAL-log testing needs. Maybe exposing it more, as promoting it as a trusted extension would do, would help find more use cases for it. > Also, how should we document this, if we do it? Add a boilerplate > sentence to each module's description about whether it is trusted > or not? Put a table up at the front of Appendxix F? Both? If it were possible to do both from a single source of truth, that would be great. Failing that, I'd just list it in each module's section. -- Álvaro Herrera https://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
