Re: Make contrib modules' installation scripts more secure. - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Make contrib modules' installation scripts more secure.
Date
Msg-id 3399442.1597161589@sss.pgh.pa.us
Whole thread Raw
In response to Re: Make contrib modules' installation scripts more secure.  (Christoph Berg <myon@debian.org>)
Responses Re: Make contrib modules' installation scripts more secure.
List pgsql-hackers
Christoph Berg <myon@debian.org> writes:
> I think this change neglected to add plpgsql to the extension
> dependencies in the .control file:

Adding plpgsql to the extension's dependencies would be a cure worse
than the disease: it'd mean that you could not remove plpgsql from the
system after installing cube, either.  That is surely unhelpful from
the standpoint of someone who would like to have cube without plpgsql.

> (The Debian regression tests remove plpgsql before testing all
> extensions in turn.)

Meh.  I think that's testing a case that we don't guarantee to work.
There was already a plpgsql dependency in hstore--1.1--1.2.sql,
which I just cribbed from to make these fixes.

In the long term, perhaps it'd be worth inventing a concept of an
"install-time dependency", whereby an extension could name something
it needs to have to run its script, but not necessarily afterwards.
But if you're someone who's afraid to have plpgsql installed, the
idea that it can be sucked in on-demand, behind the scenes, might not
make you feel better either.

A band-aid sort of fix would be to roll up the base install scripts
for these modules to the latest version, so that a plain install from
scratch doesn't need to execute any of the catalog adjustments in
their update scripts.  That's not terribly attractive from a maintenance
or testing standpoint, though.

            regards, tom lane



pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: SyncRepLock acquired exclusively in default configuration
Next
From: Andres Freund
Date:
Subject: Re: Can I test Extended Query in core test framework