Content-Type: multipart/alternative; boundary="===============7532845142063929415=="
MIME-Version: 1.0
Subject: credcheck v4.5 has been released
To: PostgreSQL Announce <pgsql-announce@lists.postgresql.org>
From: HexaCluster via PostgreSQL Announce <announce-noreply@postgresql.org>
Reply-To: gilles@hexacluster.ai
Date: Mon, 09 Feb 2026 15:43:01 +0000
Message-ID: <177065178112.785.2779328678247786498@wrigleys.postgresql.org>
Auto-Submitted: auto-generated
Archived-At: <https://www.postgresql.org/message-id/177065178112.785.2779328678247786498%40wrigleys.postgresql.org>
Precedence: bulk

--===============7532845142063929415==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Casablanca, Morocco - Febuary 05, 2026

## PostgreSQL credcheck extension

The credcheck PostgreSQL extension provides few general credential checks, =
which will be evaluated during the user creation, during the password chang=
e and user renaming. By using this extension, we can define a set of rules:

  * allow a specific set of credentials
  * reject a certain type of credentials
  * deny password that can be easily cracked
  * enforce use of an expiration date with a minimum of day for a password
  * define a password reuse policy
  * define the number of authentication failure allowed before a user is ba=
nned
  * define a delay on authentication failures
  * force users to change their password after first login
  * throw a warning N days before when the password user is about to expire

Release 4.5 has been published, it fixes several issues reported by users s=
ince last release.

  - Fix error cannot change data type of view column "roleid" from oid to r=
egrole.
  - Add missing upgrade SQL file from 4.3 to 4.4.
  - Fix error when the user want to modify his password and
    credcheck.password_valid_until option is set.  As we modify
    the VALID UNTIL clause it will generate an error message when
    the user changes his password:
         Only roles with the CREATEROLE attribute and the ADMIN
         option on role "..." may alter this role.
  - Set the tzp argument in timestamp2tm() call to apply timezone to conver=
ted
    timestamp.

Upgrade require a PostgreSQL restart to reload the credcheck library.

Complete list of changes and acknowledgements are available [here](https://=
github.com/HexaCluster/credcheck/releases/tag/v4.5)

## Links & Credits

credcheck is an open project under the PostgreSQL license maintained by [He=
xaCluster](https://github.com/HexaCluster/credcheck/).
Any contribution to build a better tool is welcome. You can send your ideas=
, features requests or patches
using the GitHub tools.

**Links :**

* Download:  [https://github.com/HexaCluster/credcheck/releases/](https://g=
ithub.com/HexaCluster/credcheck/releases/)
* Support: use GitHub report tool at [https://github.com/HexaCluster/credch=
eck/issues](https://github.com/HexaCluster/credcheck/issues)

## About credcheck

The credcheck extension is developed and maintained by Gilles Darold at [ht=
tps://hexacluster.ai](HexaCluster Corp). If you need more information pleas=
e [https://hexacluster.ai/contact-us/](contact us).

Documentation at [https://github.com/HexaCluster/credcheck#readme](https://=
github.com/HexaCluster/credcheck#readme)
--===============7532845142063929415==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable


<!doctype html>
<html>
  <head>
    <meta name=3D"viewport" content=3D"width=3Ddevice-width">
    <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DUTF-8=
">
    <title>credcheck v4.5 has been released</title>
    <style>

    @media only screen and (max-width: 620px) {
      table[class=3Dbody] h1 {
        font-size: 28px !important;
        margin-bottom: 10px !important;
      }
      table[class=3Dbody] p,
            table[class=3Dbody] ul,
            table[class=3Dbody] ol,
            table[class=3Dbody] td,
            table[class=3Dbody] span,
            table[class=3Dbody] a {
        font-size: 16px !important;
      }
      table[class=3Dbody] .wrapper,
            table[class=3Dbody] .article {
        padding: 10px !important;
      }
      table[class=3Dbody] .content {
        padding: 0 !important;
      }
      table[class=3Dbody] .container {
        padding: 0 !important;
        width: 100% !important;
      }
      table[class=3Dbody] .main {
        border-left-width: 0 !important;
        border-radius: 0 !important;
        border-right-width: 0 !important;
      }
      table[class=3Dbody] .btn table {
        width: 100% !important;
      }
      table[class=3Dbody] .btn a {
        width: 100% !important;
      }
      table[class=3Dbody] .img-responsive {
        height: auto !important;
        max-width: 100% !important;
        width: auto !important;
      }
    }

    @media all {
      .ExternalClass {
        width: 100%;
      }
      .ExternalClass,
            .ExternalClass p,
            .ExternalClass span,
            .ExternalClass font,
            .ExternalClass td,
            .ExternalClass div {
        line-height: 100%;
      }
      .apple-link a {
        color: inherit !important;
        font-family: inherit !important;
        font-size: inherit !important;
        font-weight: inherit !important;
        line-height: inherit !important;
        text-decoration: none !important;
      }
      #MessageViewBody a {
        color: inherit;
        text-decoration: none;
        font-size: inherit;
        font-family: inherit;
        font-weight: inherit;
        line-height: inherit;
      }
      .btn-primary table td:hover {
        background-color: #34495e !important;
      }
      .btn-primary a:hover {
        background-color: #34495e !important;
        border-color: #34495e !important;
      }
    }
    </style>
  </head>
  <body class=3D"" style=3D"background-color: #f6f6f6; font-family: sans-se=
rif; -webkit-font-smoothing: antialiased; font-size: 14px; line-height: 1.4=
; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adju=
st: 100%;">
    <table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" class=3D"body" =
style=3D"border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace=
: 0pt; width: 100%; background-color: #f6f6f6;">
      <tr>
        <td style=3D"font-family: sans-serif; font-size: 14px; vertical-ali=
gn: top;">&nbsp;</td>
        <td class=3D"container" style=3D"font-family: sans-serif; font-size=
: 14px; vertical-align: top; display: block; Margin: 0 auto; max-width: 580=
px; padding: 10px; width: 580px;">
          <div class=3D"content" style=3D"box-sizing: border-box; display: =
block; Margin: 0 auto; max-width: 580px; padding: 10px;">


            <span class=3D"preheader" style=3D"color: transparent; display:=
 none; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden=
; mso-hide: all; visibility: hidden; width: 0;"></span>
            <table class=3D"main" style=3D"border-collapse: separate; mso-t=
able-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; background: #ffffff; =
border-radius: 3px;">


              <tr>
                <td class=3D"wrapper" style=3D"font-family: sans-serif; fon=
t-size: 14px; vertical-align: top; box-sizing: border-box; padding: 20px;">
                  <table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" s=
tyle=3D"border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace:=
 0pt; width: 100%;">
                    <tr>
                      <td style=3D"font-family: sans-serif; font-size: 14px=
; vertical-align: top;">

<div>
<h1 style=3D"color: #000; font-family: sans-serif; line-height: 1.4; margin=
: 0; margin-bottom: 30px; font-size: 25px; font-weight: 300; text-align: ce=
nter">credcheck v4.5 has been released</h1>
</div>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Casablanca, Morocco - Febuary 05, 2026</p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">PostgreSQL credcheck extension<=
/h2>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The credcheck PostgreSQL extension provides=
 few general credential checks, which will be evaluated during the user cre=
ation, during the password change and user renaming. By using this extensio=
n, we can define a set of rules:</p>
<ul style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal;=
 margin: 0; margin-bottom: 15px">
<li style=3D"list-style-position: inside; margin-left: 5px">allow a specifi=
c set of credentials</li>
<li style=3D"list-style-position: inside; margin-left: 5px">reject a certai=
n type of credentials</li>
<li style=3D"list-style-position: inside; margin-left: 5px">deny password t=
hat can be easily cracked</li>
<li style=3D"list-style-position: inside; margin-left: 5px">enforce use of =
an expiration date with a minimum of day for a password</li>
<li style=3D"list-style-position: inside; margin-left: 5px">define a passwo=
rd reuse policy</li>
<li style=3D"list-style-position: inside; margin-left: 5px">define the numb=
er of authentication failure allowed before a user is banned</li>
<li style=3D"list-style-position: inside; margin-left: 5px">define a delay =
on authentication failures</li>
<li style=3D"list-style-position: inside; margin-left: 5px">force users to =
change their password after first login</li>
<li style=3D"list-style-position: inside; margin-left: 5px">throw a warning=
 N days before when the password user is about to expire</li>
</ul>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Release 4.5 has been published, it fixes se=
veral issues reported by users since last release.</p>
<ul style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal;=
 margin: 0; margin-bottom: 15px">
<li style=3D"list-style-position: inside; margin-left: 5px">Fix error canno=
t change data type of view column "roleid" from oid to regrole.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Add missing upg=
rade SQL file from 4.3 to 4.4.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix error when =
the user want to modify his password and
    credcheck.password_valid_until option is set.  As we modify
    the VALID UNTIL clause it will generate an error message when
    the user changes his password:
         Only roles with the CREATEROLE attribute and the ADMIN
         option on role "..." may alter this role.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Set the tzp arg=
ument in timestamp2tm() call to apply timezone to converted
    timestamp.</li>
</ul>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Upgrade require a PostgreSQL restart to rel=
oad the credcheck library.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Complete list of changes and acknowledgemen=
ts are available <a href=3D"https://github.com/HexaCluster/credcheck/releas=
es/tag/v4.5" style=3D"color: #3498db; text-decoration: underline">here</a><=
/p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">Links &amp; Credits</h2>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">credcheck is an open project under the Post=
greSQL license maintained by <a href=3D"https://github.com/HexaCluster/cred=
check/" style=3D"color: #3498db; text-decoration: underline">HexaCluster</a=
>.
Any contribution to build a better tool is welcome. You can send your ideas=
, features requests or patches
using the GitHub tools.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px"><strong>Links :</strong></p>
<ul style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal;=
 margin: 0; margin-bottom: 15px">
<li style=3D"list-style-position: inside; margin-left: 5px">Download:  <a h=
ref=3D"https://github.com/HexaCluster/credcheck/releases/" style=3D"color: =
#3498db; text-decoration: underline">https://github.com/HexaCluster/credche=
ck/releases/</a></li>
<li style=3D"list-style-position: inside; margin-left: 5px">Support: use Gi=
tHub report tool at <a href=3D"https://github.com/HexaCluster/credcheck/iss=
ues" style=3D"color: #3498db; text-decoration: underline">https://github.co=
m/HexaCluster/credcheck/issues</a></li>
</ul>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">About credcheck</h2>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The credcheck extension is developed and ma=
intained by Gilles Darold at <a style=3D"color: #3498db; text-decoration: u=
nderline">https://hexacluster.ai</a>. If you need more information please <=
a style=3D"color: #3498db; text-decoration: underline">https://hexacluster.=
ai/contact-us/</a>.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Documentation at <a href=3D"https://github.=
com/HexaCluster/credcheck#readme" style=3D"color: #3498db; text-decoration:=
 underline">https://github.com/HexaCluster/credcheck#readme</a></p>

                      </td>
                    </tr>
                  </table>
                </td>
              </tr>

            </table>

            <div class=3D"footer" style=3D"clear: both; Margin-top: 10px; t=
ext-align: center; width: 100%;">
              <table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" style=
=3D"border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt=
; width: 100%;">
                <tr>
                  <td class=3D"content-block" style=3D"font-family: sans-se=
rif; vertical-align: top; padding-bottom: 10px; padding-top: 10px; font-siz=
e: 12px; color: #999999; text-align: center;">
                    <span class=3D"apple-link" style=3D"color: #999999; fon=
t-size: 12px; text-align: center;">
This email was sent to you from HexaCluster. It was delivered on their beha=
lf by
the PostgreSQL project. Any questions about the content of the message shou=
ld be
sent to HexaCluster.
</span>
		    <br><br>
You were sent this email as a subscriber of the <em>pgsql-announce</em> mai=
linglist, for
the content tag Related Open Source.
To unsubscribe from
further emails, or change which emails you want to receive, please click th=
e personal unsubscribe
link that you can find in the headers of this email, or visit
<a href=3D"https://lists.postgresql.org/unsubscribe/" style=3D"color: #3498=
db; text-decoration: underline">https://lists.postgresql.org/unsubscribe/</=
a>.

                  </td>
                </tr>
              </table>
            </div>

          </div>
        </td>
        <td style=3D"font-family: sans-serif; font-size: 14px; vertical-ali=
gn: top;">&nbsp;</td>
      </tr>
    </table>
  </body>
</html>

--===============7532845142063929415==--