Catalog of PostgreSQL queries for finding information about a PostgreSQL database and its design problems

AND
AND
AND
ANDFrom where does the query gets its information?
AND
AND

There are 961 queries.

Seq nrNameGoalTypeData sourceLast updateLicense...
841Updatable views that have not been turned to read onlyFind views that are theoretically updatable but do not have INSTEAD OF trigger or DO INSTEAD NOTHING rule to prevent data modifications through the view.Problem detectionINFORMATION_SCHEMA+system catalog base tables2023-10-29 10:20MIT License
View
842Updatable views with WHERE clause that do not have WITH CHECK OPTION constraintFind updatable views that restrict rows, i.e., have WHERE clause, but do not have WITH CHECK OPTION constraint. WITH CHECK OPTION constraint prevents updates through the view that violate the predicate of the view. Such updates must be prevented.Problem detectionINFORMATION_SCHEMA only2024-01-14 17:11MIT License
View
843Update prevention may prevent legal updatesFind triggers that try prevent updating data in a certain column but prevent also certain legal updates - updates that write to a field a value that was in the field before the update.Problem detectionINFORMATION_SCHEMA+system catalog base tables2022-07-07 13:12MIT License
View
844UPDATE triggers that maybe execute too oftenDo not let the system to do extra work. Ensure that trigger procedures are executed only if there is a real need of that. Find UPDATE triggers that could be executed too often because unneeded executions are not prevented.Problem detectionINFORMATION_SCHEMA only2021-02-25 17:29MIT License
View
845Updating or deleting data in a routine without restricting rowsFind user-defined routines that contain UPDATE or DELETE statement but do not contain any WHERE clause, meaning that at least one UPDATE or DELETE operation influences all the rows of a table.Problem detectionINFORMATION_SCHEMA+system catalog base tables2023-11-29 13:21MIT License
View
846Use invocation of a precise function instead of casting in a default value expressionBe precise and write as little code as possible. Prefer expressions with simple invocations of functions like localtimestamp, current_timestamp, and current_date over expressions like (now())::date. Find table columns that have a default value that casts the type of the returned value of a non-deterministic function (now, localtimestamp, current_timestamp, and current_date).Problem detectionINFORMATION_SCHEMA only2021-02-25 17:29MIT License
View
847Useless type indicationFind columns and parameters where the type of the identifier is perhaps explicitly indicated in the name.Problem detectionINFORMATION_SCHEMA+system catalog base tables2023-11-10 14:47MIT License
View
848Useless type indication (2)Find columns and parameters where the type of the identifier is perhaps explicitly indicated in the name.Problem detectionINFORMATION_SCHEMA+system catalog base tables2023-11-10 14:55MIT License
View
849User-defined routine execution privilege has been granted to PUBLICYou should follow the principle of least privilege and thus not have in your database user-defined routines that execution privilege is granted to PUBLIC, i.e., to all the database users now and in the future. By default, PostgreSQL gives routine execution privileges to PUBLIC.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-02-25 17:30MIT License
View
850User-defined routines that have the same name as some system-defined routine.Avoid creating user-defined routines that have the same name as some system-defined routine because it may cause confusion.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-02-25 17:30MIT License
View
851User-defined routines that use dynamic SQL to execute data manipulation statementsFind user-defined routines that use dynamic SQL to execute data manipulation statements (SELECT, INSERT, UPDATE, DELETE).Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-11-04 12:39MIT License
View
852User-defined routines that use keyword DECLARE but do not declare anythingFind user-defined routines that use keyword DECLARE but do not declare anything.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-11-05 14:47MIT License
View
853User-defined routines that use md5 hash for other purposes than generating test dataFind user-defined routines that use md5 hashes for the security purposes. Nowadays such hashes can be calculated too quickly and its use should be avoided at least for hashing passwords. Exclude routines that invoke both md5 function and generate_series function and are thus probably used to generate test data.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-10-31 15:23MIT License
View
854User-defined routines that use positional references to parametersUse parameter names instead of positional references to improve code evolvability.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-11-05 13:18MIT License
View
855User-defined routines with dynamic SQL that are potential targets of the SQL injection attackFind routines that have at least one input parameter, use dynamic SQL but do not escape the input arguments at all.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-11-04 11:58MIT License
View
856Username is not uniqueFind textual columns that potentially contain usernames (including columns that potentially contain e-mail addresses) that do not have a unique constraint or a unique index that involves only this column.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-02-25 17:29MIT License
View
857Using AFTER triggers to enforce constraintsDo not let the system to do extra work. Checking a constraint with an AFTER trigger means that the trigger procedure will be executed after the data modification and if the check fails, then the system has to do extra work to roll back the changes.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-02-25 17:29MIT License
View
858Using BEFORE triggers to log data changesDo not let the system to do extra work. Logging changes with a BEFORE trigger means extra work for rolling back the changes in case the logged data modification fails.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-02-25 17:29MIT License
View
859Using conditionals to determine the returned valueUse SQL language instead of PL/pgSQL where possible. Instead of using an IF statement, you can check as to whether the data modification succeeded or not by using the RETURNING clause in the data modification statement.Problem detectionINFORMATION_SCHEMA+system catalog base tables2021-11-04 11:52MIT License
View
860Using in some way reserved (in PostgreSQL) SQL keywords as the names of a database object (aggregate view)"Names in software are 90 percent of what make software readable. You need to take the time to choose them wisely and keep them relevant. Names are too important to treat carelessly. Names should not cause confusion." (Robert C. Martin, Clean Code) Names should not cause confusion. Find the distinct names (identifiers) of user-defined objects that are SQL keywords that are not completely unreserved in PostgreSQL, i.e., these either never cannot be used as regular identifiers or cannot be used in case of some type of database objects. In PostgreSQL "there are several different classes of tokens ranging from those that can never be used as an identifier to those that have absolutely no special status in the parser as compared to an ordinary identifier. " (PostgreSQL manual) Moreover, such identifiers are often too general, i.e., do not provide enough information about the named object.Problem detectionINFORMATION_SCHEMA+system catalog base tables2023-03-17 11:19MIT License
View