Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uMw24-007ZNr-FM for pgsql-hackers@arkaria.postgresql.org; Wed, 04 Jun 2025 21:52:24 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1uMw22-00HOfp-9S for pgsql-hackers@arkaria.postgresql.org; Wed, 04 Jun 2025 21:52:22 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uMw22-00HOfh-08 for pgsql-hackers@lists.postgresql.org; Wed, 04 Jun 2025 21:52:22 +0000 Received: from momjian.us ([72.94.173.45]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1uMw20-000Eod-37 for pgsql-hackers@lists.postgresql.org; Wed, 04 Jun 2025 21:52:21 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=momjian.us; s=2025010100; h=In-Reply-To:Content-Transfer-Encoding:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-ID:Content-Description; bh=Wsdt1XEkZcSeYz4ztGm/GxQIEiEutG31CDdzCxms6rA=; b=rVVLMvTw7XRnk1hAnUN2gl+b6L DoHQXCnMqM6dtdl//TeJ4qQ1H+2ZYPc2GtXjOLRj5u9oMeFhH569qtqIIBILsQMDXTi/h6yovYK1H R7wiSijUNBhcERG/mK9S5o9VNn3/gqrOJ4KeyyPv3wir1VDqGqxPSfh0As+dp8nslA58ztX7hY1V/ 1Kl9zTZlNu7g8UsiIgJCoV5FrjMTJuGJYHKdwjQmB9oo/odb6EV+neqNxG7jPjH/vI/VqzD935X+3 FvYB4dvLpW/1V65uZMR/LKIztViS7LjcW8JuDGDSDI2QNjlPtaIueOmwFW0MKq9UEYp0iTI4WoRqy IiolDL5g==; Received: from bruce by momjian.us with local (Exim 4.96) (envelope-from ) id 1uMw1z-001LI9-0I; Wed, 04 Jun 2025 17:52:19 -0400 Date: Wed, 4 Jun 2025 17:52:19 -0400 From: Bruce Momjian To: "David G. Johnston" Cc: Noah Misch , PostgreSQL-development Subject: Re: PG 18 release notes draft committed Message-ID: References: <20250603172123.5f.nmisch@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Wed, Jun 4, 2025 at 02:02:38PM -0700, David G. Johnston wrote: > On Wed, Jun 4, 2025 at 1:45 PM Bruce Momjian wrote: > > Now, if we do want to mention it, it should be done in a way that makes > it clear to readers whether they are affected by this change.  We can > try text like: > >         Execute non-SECURITY-DEFINER AFTER triggers as the role that was >         active at the time the trigger was fired > >         Previously such triggers were run as the role that was active at >         commit time. > > > "Deferred constraint triggers now run as the role active when the trigger was > fired: previously they used the role active when execution began." > > The timing is not only at commit, and it makes more sense to me to focus on > "deferred constraint" instead of the more general "after" trigger. Ah, yes, I see your point --- it is really only deferred after triggers, not before triggers, and deferrability is only available for constraint triggers. > The trigger doesn't have a security definer clause - the function does and > would of course take effect during execution.  Not strongly opposed to keeping > the note. I think we have to keep the non-SECURITY-DEFINER designation to keep the text accurate, but you are right it is part of the function, not the trigger: Execute deferred constraint triggers attached to non-SECURITY-DEFINER functions as the role that was active at the time the trigger was fired Previously such triggers were run as the role that was active at commit/execution time. As you can see, this is going to be hard to read, and I don't know if a sufficient number of people will care. -- Bruce Momjian https://momjian.us EDB https://enterprisedb.com Do not let urgent matters crowd out time for investment in the future.