2830
English speaking PostgreSQL public chat. This group is for discussions on PostgreSQL-related topics and strives to provide best-effort support as well.
Did you *read* the error message? Probably a permission problem.
Читать полностью…
"The system (initially created by a team of scientists at University of California, Berkeley) has enabled us to support massive global traffic with a single primary Azure PostgreSQL flexible server instance(opens in a new window)"
Читать полностью…
Should they at least add two daughter projects: Supabase-✅👍! and Supabase-№ ..?
Читать полностью…
skill = money, and no most of mid tire services are significantly cheaper than DBA that will not lose your data (or leak it)
Читать полностью…
Self hosted scales better than cloud. Cloud has generally poor iops, throughput compared to bare metal. Can't run petabyte scale on cloud at all.
Читать полностью…
I have a chat app
My messages table has rls disabled
Still to send a message ut’s required ur session id, so i mean how can people do this
From the CEO (in comments):
Fwiw, the new secret keys are automatically revoked if they are pushed to github, and github is progressively rolling out push protection - to prevent them getting pushed in the first place. Of course, not everyone uses github
People disabling RLS, or making RLS a simple pass-through, is a battle we are constantly fighting. We have made good strides here over the past 12 months:
https://supabase.com/blog/supabase-security-2025-retro
- event triggers to enforce RLS on all tables
- lints to scan for insecure rules
- ai to write secure policies (if they are too lazy or confused to do it themselves)
- big red labels when a table is exposed
- weekly emails with security alerts
- dashboard alerts and security advisors
- contractually requiring Vibe coding platforms to expose our Security Advisors if they are integrating with us
- red teaming customers that have egregious issues (this has been surprisingly effective, just harder to scale up)
I appreciate you creating this tool - as you can see we are also “tooling up” as much as we can. If there are any other things that you think we are missing let me know and we will prioritize it
We will be introducing new AuthZ patterns this year so I’m hoping that will also help
I mean
Just put the key in .dev file for Node js servers
And with frontend shouldnt u just use anonKey? That shouldn’t be a problem
it doesn't help in long run, if you need PG in your project just buy PG, if you need an data abstraction buy something like convex, supabase just add unnecessary complexity that could be replaced with tooling
Читать полностью…
Not saying this applies here, but whenever the word "vibe" is applied to coding or databases it makes me nervous.
Читать полностью…
Hey all,
Data Bene is looking for a number of positions to be filled. They're open to contract work, and are headquartered in France but are hiring globally. https://www.data-bene.io/en/jobs/
In particular, they're looking for anyone who would love to do R&D with open-source technologies. Experience with C is great. They're specifically looking for PostgreSQL support engineers, consultants, & technical leads.
Hello friends, I have a question, I installed PostgreSQL V17 with postgis 3.8 and I run it from Both QGIS and myadmin, the problem is that when I try to add table in QGIS, it gave me an error, and when I log to myadmin, I find that no table was added. How can I fix that and how to synchronize between QGIS and myadmin
Читать полностью…
Well, let's hope nobody accidentally closes that window!
I'll see myself out...
Scaling PostgreSQL to power 800 million ChatGPT users | OpenAI
https://openai.com/index/scaling-postgresql/
Or just buy service that closes gap between low and ultra high load
Читать полностью…
If u don't have enough money u do docker compose up.
If u have enough money u do something complex on your servers.
service, so no need to manage/admin (especially if scale and\or something like greenplum)
Читать полностью…
I think people really go out of their way and disable some built-in checks or may be their AI is doing it for them
Читать полностью…
90% chance of not leaking keys if using llm, very convenient
Читать полностью…
11% of vibe-coded apps are leaking Supabase keys
Article, Comments
Creating Postgres patches using AI – pros and cons? (and as usual, we'll create something) – PostgresTV hacking sessions with Andrey, Kirk, and Nik – LIVE, join! https://www.youtube.com/watch?v=4KVaeJfWPas
Читать полностью…