Postgres Weekly Issue 641: March 25, 2026

#641 — March 25, 2026

Together with

Ctrl-C in psql Gives Me the Heebie-Jeebies — When you hit Ctrl-C in psql, the cancel request is sent unencrypted over a separate connection, even if your main session uses TLS. This deep dive explains how CancelRequest works at the protocol level, a potential security risk, and why it operates in this way.

George MacKerron (Neon)

Digging into pg_plan_advice: Query Plan 'Hints' for Postgres 19 — We featured Robert Haas's explainer recently, but Hubert goes further with examples using his explain.depesz.com dataset, showing how this new module lets you capture, replay, and override key planner decisions.

Hubert Lubaczewski

Security Gateway for Postgres – Inspect Queries and Results — Protect your sensitive data with a second layer of defense in front of your PostgreSQL. Whitelist queries, inspect results, enforce SQL policies, and isolate your database network. Full bidirectional audit trail. No app changes required.

Signando GmbH sponsor

IN BRIEF:

Corey Quinn covers AWS's recent ending of support for Postgres 13 on RDS. If you upgrade, take care: it can break AWS Glue.
📘 Supabase and Manning Publications have published Mastering Postgres: Accelerate Your Weekend Projects and Seamlessly Scale to Millions, a free ebook (though it's behind an email wall).
PlanetScale has introduced a Database Traffic Control feature to manage database workflows according to a budget on the fly. Here's how it works at a technical level.

EVENTS IN APRIL:

🇩🇪 Looking for a Postgres event to attend in April? Head over to PostgreSQL Conference Germany 2026 taking place in Essen on April 21-22.
🇨🇳 Meanwhile in China, the HOW2026 Postgres and IvorySQL Conference is taking place April 26-28 in Jinan.
🇦🇲 Last but not least, registration for PGDay Armenia opens this week. It takes place in Yerevan on April 30.

How Moving One Word Can Speed Up a Query 10-50x — Two logically equivalent queries (one using EXISTS ... AND NOT deleted, the other NOT EXISTS ... AND deleted) lead to a 32x difference in performance. It comes down to a difference in how indexes are used, and is the sort of thing that could bite you one day too.

Boguk & Samokhvalov (PostgresAI)

Postgres 19's New, Built-In REPACK Command — "REPACK absorbs the functionality of VACUUM FULL and CLUSTER in a single command. Because this functionality is completely different from regular VACUUM, having it separate makes it easier for users to understand..." Hubert, who is very excited about this development, shows us how it works in practice.

Hubert Lubaczewski

Waiting For Postgres 19: Allow Table Exclusions in Publications — Logical replication publications using FOR ALL TABLES will be able to exclude specific tables with a new EXCEPT TABLE syntax.

Hubert Lubaczewski

▶ Building Postgres Services on Azure with Charles Feddersen — Charles leads production management for Postgres on Azure at Microsoft and joined Claire Giordano to explain just what Microsoft builds on top of Postgres, why, and how they respect and get involved with the open source community.

Talking Postgres podcast

📄 EXPLAIN's Other Superpowers — A look at commonly overlooked options like BUFFERS, MEMORY (new in PG18), WAL, SETTINGS, and VERBOSE. Richard Yen

📄 Debugging RDS Proxy Pinning: How a Hidden JIT Toggle Created Thousands of Pinned Connections Richard Yen

📄 A Postgres 17 to 18 Upgrade Guide Ilya Kosmodemiansky (Data Egret)

📰 Classifieds

📌 pgedge-postgres-mcp: an open source bridge between AI assistants & your data with prod-ready performance.

👾 A conference for engineers who did the big rewrite - and lived to tell the story. BugBash 2026, April 23-24, Washington DC.

Build & share your dev journey using Aiven's free tier to compete for $1,000. Share your project using #AivenFreeTier by March 31. Enter here.

TOOLS, RELEASES AND CODE:

TigerFS: A Filesystem Backed by Postgres — A new project out of Tiger Data that provides a FUSE/NFS filesystem where every file is a table row, writes use transactions, and multiple users can read/write concurrently with full ACID guarantees. Designed for agent coordination or any tool that works with files.

Tiger Data

pg_jitter 0.2: Alternative JIT Backends for Postgres 14-18 — Brings extra JIT backends to Postgres for faster compilation of queries (benchmarks here). v0.2 adds SIMD acceleration for string and JSON ops, acceleration of regexes and LIKE, binary search for CASE, Windows support, and more.

Vladimir Churyukin

Introducing pgtui: A Postgres TUI Client — A new Rust and Ratatui-powered TUI for doing basic work on Postgres databases. The unique idea is you use your own editor for data entry and edits, with TOML as the interchange format.

Kris Warner

🔎 SlowQL: A SQL Static Analyzer — An SQL static analyzer that identifies dangerous query patterns before they reach production, offering over 250 rules covering security, performance anti-patterns, and compliance. It works completely offline and includes dialect-aware analysis for Postgres.

makroumi

🕒 TimescaleDB 2.26.0 – The popular time-series database extension gets a few key performance improvements.
🔒 safesession 0.1 – Extension to lock a session as read-only. Once loaded, every transaction in the session is forced read-only. Targeted at AI agent and automated use cases.
River 0.32 – High-performance Postgres-powered job processing for Go.
Knex.js 3.2 – Powerful SQL query builder for Node.js.
squawk 2.44.0 – Linter for Postgres migrations.
pg_clickhouse 0.1.5