Message-ID: From: "vlsi (@vlsi)" To: "pgjdbc/pgjdbc" Date: Tue, 26 May 2026 06:28:28 +0000 Subject: Re: [pgjdbc/pgjdbc] PR #4016: feat: harden protocol reader against desynced streams (#4015) In-Reply-To: References: List-Id: X-GitHub-Author-Login: vlsi X-GitHub-Comment-Id: 4541119566 X-GitHub-Comment-Type: issue_comment X-GitHub-Issue: 4016 X-GitHub-Repo: pgjdbc/pgjdbc X-GitHub-Type: comment X-GitHub-Url: https://github.com/pgjdbc/pgjdbc/pull/4016#issuecomment-4541119566 Content-Type: text/plain; charset=utf-8 > There's no point in having enablement modes The `pgjdbc.protocolViolationBehaviour` property does not relax protocol invariants. Checks that prove the stream is desynced remain fatal in every mode. The property only affects defensive hardening bounds where the PostgreSQL protocol does not define a strict maximum, such as the `1 MiB` caps for `NotificationResponse` and `ParameterStatus`. Those caps are intended to catch desyncs early, but because they are pgjdbc-chosen compatibility limits rather than protocol limits, the default is `warn`.