| 581 |
Definition of a non-minimal superkey instead of a candidate key (based on key constraints) |
Find primary/key unique constraints (sets of columns) that are proper subsets of other primary key/unique constraints of the same table. Candidate key is a minimal superkey, meaning that it is not possible to remove columns from the candidate key without losing its uniqueness property. One should define primary key's and unique constraints based on candidate keys, i.e., the keys should not have redundancy in terms of columns. |
Problem detection |
system catalog base tables only |
2021-10-16 10:29 |
MIT License |
View |
| 582 |
Constraints that are redefined in a subtable. |
Find primary key, unique, foreign key, and exclude constraints that have been defined in a supertable (parent table) and have been redefined in its subtable. |
General |
system catalog base tables only |
2020-12-02 17:28 |
MIT License |
View |
| 583 |
Constraints that are not redefined in a subtable and there is no CHECK constraint that compensates this |
Find primary key, unique, foreign key, and exclude constraints that have been defined in a supertable (parent table) but not in its subtable. Additional condition is that in case of the subtable there is no CHECK that permits only one specific value in the constraint column. The presence of such check would make the design acceptable. Unfortunately, PostgreSQL table inheritance is implemented in a manner that some constraints (CHECK, NOT NULL) are inherited from the supertable but others are not. "All check constraints and not-null constraints on a parent table are automatically inherited by its children, unless explicitly specified otherwise with NO INHERIT clauses. Other types of constraints (unique, primary key, and foreign key constraints) are not inherited." (PostgreSQL documentation) |
Problem detection |
INFORMATION_SCHEMA+system catalog base tables |
2021-02-25 17:30 |
MIT License |
View |
| 584 |
Constraints that are not redefined in a subtable but there is a CHECK constraint that compensates this |
Find primary key, unique, foreign key, and exclude constraints that have been defined in a supertable (parent table) but not in its subtable. Exclude constraints where in case of the subtable there is a CHECK that permits only one specific value in the constraint column. The presence of such check would make the design acceptable. Unfortunately, PostgreSQL table inheritance is implemented in a manner that some constraints (CHECK, NOT NULL) are inherited from the supertable but others are not. "All check constraints and not-null constraints on a parent table are automatically inherited by its children, unless explicitly specified otherwise with NO INHERIT clauses. Other types of constraints (unique, primary key, and foreign key constraints) are not inherited." (PostgreSQL documentation) |
General |
INFORMATION_SCHEMA+system catalog base tables |
2020-12-25 16:20 |
MIT License |
View |
| 585 |
Constraints that are not redefined in a subtable |
Find primary key, unique, foreign key, and exclude constraints that have been defined in a supertable (parent table) but not in its subtable. Unfortunately, PostgreSQL table inheritance is implemented in a manner that some constraints (CHECK, NOT NULL) are inherited from the supertable but others are not. "All check constraints and not-null constraints on a parent table are automatically inherited by its children, unless explicitly specified otherwise with NO INHERIT clauses. Other types of constraints (unique, primary key, and foreign key constraints) are not inherited." (PostgreSQL documentation) |
Problem detection |
system catalog base tables only |
2021-02-25 17:29 |
MIT License |
View |
| 586 |
Candidate keys and foreign keys of tables that participate in an inheritance hierarchies |
Find primary key, unique, foreign key, and exclude constraints that have been defined in tables that participate in an inheritance hierarchy. Do not forget to redefine the constraints that are defined on supertables also on their subtables. |
General |
system catalog base tables only |
2020-11-06 14:51 |
MIT License |
View |
| 587 |
Privileges on the database and its schemas, domains, types, languages, sequences, foreign data wrappers, and foreign servers |
Find privileges on the database and its schemas, domains, types, languages, sequences, foreign data wrappers, and foreign servers that are not for the owner and not for the systemic user postgres. Make sure that there is the right amount of privileges for each and every relevant user. |
General |
system catalog base tables only |
2021-03-07 20:57 |
MIT License |
View |
| 588 |
Privileges on the database and its schemas, domains, types, languages, sequences, foreign data wrappers, and foreign servers that have been granted to a superuser |
Find privileges on the database and its schemas, domains, types, languages, sequences, foreign data wrappers, and foreign servers that have been granted to a superuser. Superuser can do anything in the database and thus does not need the privileges. The result is a sign that perhaps the executed GRANT statements were incorrect (wrong username) or the grantee later got superuser status (that it shouldn't have). |
Problem detection |
system catalog base tables only |
2022-10-21 15:53 |
MIT License |
View |
| 589 |
Grantable privileges on the database and its schemas, domains, types, languages, sequences, foreign data wrappers, and foreign servers |
Find privileges on the database and its schemas, domains, types, languages, sequences, foreign data wrappers, and foreign servers that the carrier of the privilege can in turn grant to others, i.e., the privileges have been given WITH GRANT OPTION. The number of privileges that can be passed on should be as small as possible. |
Problem detection |
system catalog base tables only |
2024-01-07 13:43 |
MIT License |
View |
| 590 |
Privileges to execute routines |
Find privileges to execute routines that have been given to non-superusers. Check as to whether it conforms to the principle of least privilege. Check that users that correspond to applications have all the necessary privileges. Users (applications) should use a database through virtual data layer. Thus, if they need to modify data in the database (in case of table functions read data), then they must execute a routine. |
General |
INFORMATION_SCHEMA+system catalog base tables |
2020-12-29 10:38 |
MIT License |
View |
| 591 |
Publicly accessible system catalog tables |
Find privileges to use system catalog base tables or views that have been granted to public. |
General |
INFORMATION_SCHEMA only |
2023-11-24 14:56 |
MIT License |
View |
| 592 |
Privileges to use views |
Find privileges to use views. Check as to whether it conforms to the principle of least privilege. Check that users that correspond to applications have all the necessary privileges. Users (applications) should use a database through virtual data layer. Thus, if they need to read data from a database, then they should use views. |
General |
INFORMATION_SCHEMA+system catalog base tables |
2020-12-29 10:38 |
MIT License |
View |
| 593 |
Find all publications |
Find publications of tables that have been created in order to enable logical replication. |
General |
INFORMATION_SCHEMA+system catalog base tables |
2020-11-18 15:09 |
MIT License |
View |
| 594 |
Publications with no tables |
Find publications that do not contain any table. |
Problem detection |
system catalog base tables only |
2021-02-25 17:30 |
MIT License |
View |
| 595 |
Foreign keys with ON DELETE CASCADE |
Find referential constraints (foreign key constraints) that employ ON DELETE CASCADE compensatory action. ON DELETE CASCADE should only be used if it has been created based on a generalization or a composition in the conceptual data model or if the foreign key connects a table that corresponds to the main entity type with a table that corresponds to a non-main entity type. |
General |
system catalog base tables only |
2020-11-16 10:15 |
MIT License |
View |
| 596 |
Invalid use of the case insensitive search modifier in regular expressions |
Find regular expression patterns that use (?i) modifier in any other place than at the beginning of the pattern or (?-i) in any place of the pattern. Such use of the modifiers is not supported by PostgreSQL. |
Problem detection |
INFORMATION_SCHEMA+system catalog base tables |
2021-11-04 16:06 |
MIT License |
View |
| 597 |
Predefined character classes must be between double square brackets |
Find regular expressions that do not have predefined character classes between double square brackets, e.g., [:digit:] instead of [[:digit:]]. |
Problem detection |
INFORMATION_SCHEMA+system catalog base tables |
2023-11-22 17:34 |
MIT License |
View |
| 598 |
Perhaps a regular expression could be simplified |
Find regular expressions that name character classes a-zA-Z. |
Problem detection |
INFORMATION_SCHEMA+system catalog base tables |
2021-11-04 16:19 |
MIT License |
View |
| 599 |
Duplication of case insensitivity specification in a regular expression |
Find regular expressions that use both case insensitive search operator ~* and case insensitivity modifier (?i). |
Problem detection |
INFORMATION_SCHEMA+system catalog base tables |
2021-11-04 12:49 |
MIT License |
View |
| 600 |
A predefine character class has been incorrectly specified |
Find regular expressions where a predefined character class is incorrectly specified, e.g. [digit] instead of [:digit:]. |
Problem detection |
INFORMATION_SCHEMA+system catalog base tables |
2023-11-23 12:09 |
MIT License |
View |