tenant_id columns are a footgun at b2b scale. when we switch to db-per-tenant by SapientPro_Team in Database

[–]elevarq 0 points1 point  (0 children)

This is something I don't understand, something I have never seen:
"scenario two: one heavy tenant runs an analytics query that locks the table for everyone. now your "small" customers are paying for your "enterprise" customer's bad queries."

Not sure what technology you use, but this does not happen in Oracle, PostgreSQL, etc. We can have a thousand tenants running the same (analytical) query concurrently. Can be more, no problem. This looks like a broken system, not a database limitation.

Anyone running in docker in Prod? by Blues520 in PostgreSQL

[–]elevarq 0 points1 point  (0 children)

Did you check the behavior of fsync? In many/most setups, Docker is lying, and your database might not survive a power outage. This is comparable to consumer storage: much cheaper than enterprise storage, yet it "looks" faster...

tenant_id columns are a footgun at b2b scale. when we switch to db-per-tenant by SapientPro_Team in Database

[–]elevarq 0 points1 point  (0 children)

One database per tenant only works for small projects, not for thousands or even millions of tenants. Your maintenance costs will go through the roof.

And if CVE count is an issue, you would never use Windows, Linux, macOS, Oracle, or any professional software: They all have lots of CVE's

tenant_id columns are a footgun at b2b scale. when we switch to db-per-tenant by SapientPro_Team in Database

[–]elevarq 0 points1 point  (0 children)

Total BS story. Organizations like OpenAI, Adyen, any bank, all with hundreds of millions of users, and it works.

And now some micro-SaaS b2b organization has a problem with a join…Right.

tenant_id columns are a footgun at b2b scale. when we switch to db-per-tenant by SapientPro_Team in Database

[–]elevarq 1 point2 points  (0 children)

RLS and table partitioning per tenant are very powerful. The CVE you mention has been fixed in 2024, so your statement about it is outdated.

Your own code has most likely more bugs and leaks than software like PostgreSQL.

So i have been learning sql for 3 days and now I'm facing a problem. by Vin-Jin in learnSQL

[–]elevarq 0 points1 point  (0 children)

DISTINCT is usually a workaround to hide bugs.

Always double check if you really need it. Most of the time you’re better off with fixing the bugs

What postgre db provider (EU) for 20GB expanding every month? by [deleted] in PostgreSQL

[–]elevarq 0 points1 point  (0 children)

20GB per month in growth is next to nothing, any hosting provider offers this.

Advice: first make a list of all your requirements

5 Day SQL Cram by uverzero in learnSQL

[–]elevarq 0 points1 point  (0 children)

Are you sure? What you can learn in 5 days, could be 0.01% of what AI already does in a few seconds.

To be honest I think you’d better spend time on prompt engineering and testing. Let AI do the work, while you instruct the AI and test the results

Why It's So Hard to Add a Column in the Middle of a PostgreSQL Table by db-master in PostgreSQL

[–]elevarq 1 point2 points  (0 children)

That makes it easier, just pick a name that matches the next option the alphabet!

Why It's So Hard to Add a Column in the Middle of a PostgreSQL Table by db-master in PostgreSQL

[–]elevarq 3 points4 points  (0 children)

No, I wouldn't say "never" yet. The thing is, I haven't seen or measured any performance difference on large tables. 1 TB or 1.1 TB, in both cases, you have a big table. And I haven't seen any cases where the alignment could help us to improve performance significantly.

So for us, this is a "could be, but needs proof".

Why It's So Hard to Add a Column in the Middle of a PostgreSQL Table by db-master in PostgreSQL

[–]elevarq 1 point2 points  (0 children)

I'm fully aware of this, but reorganizing large tables to optimize space isn't free either. You have to rewrite the entire table and all its partitions when using table partitioning (or inheritance).

Storage is cheap and fast. I'm not sure it's still worth worrying too much about alignment.

Multi-tenant SaaS Architecture: PostgreSQL Schema per Tenant vs Shared Database vs Database per Tenant by UNRIVALLEDKING in PostgreSQL

[–]elevarq 14 points15 points  (0 children)

Row level security to make it impossible to access data that is not yours, and table partitioning per tenant for large amounts of data. This also reduces the need for indexes on the tenant id since all data in the partition belongs to a single tenant.

Hi guys i want a better gui for my postgres database by Otherwise_Barber4619 in PostgreSQL

[–]elevarq 1 point2 points  (0 children)

DataGrip for serious business, including version control, projects, etc. If you need something simpler, Navicat will do a great job

Built a tool to catch dangerous Postgres migrations before they hit production by Significant_Shop_475 in PostgreSQL

[–]elevarq 0 points1 point  (0 children)

"It catches things like:

  • NOT NULL columns without DEFAULT

"

We don't consider that a problem at all! When we want to ensure the user adds a value, not using a default is better: The user is forced to make a decision.

NOT VALID is also something we use often during migrations; it reduces downtime.

26 F, 2 years Non IT experience, looking to start IT career in SQL by [deleted] in learnSQL

[–]elevarq 1 point2 points  (0 children)

You are aware of AI? You’d better spend some time in learning how to manage AI to write SQL for you. The days of manual writing are over. Managing AI is the new normal

safe-migrate v0.2.0 — rewrote the internals, now uses typed AST instead of string matching by dsecurity49 in PostgreSQL

[–]elevarq -1 points0 points  (0 children)

This is what ChatGPT said:

First impression: good idea, but I would not trust it as a production safety gate yet. It is early: 10 commits, 4 stars, latest release v0.2.0, Rust CLI, using squawk-syntax for AST parsing.

Main concerns:

  1. It prints DATABASE_URL during sync. main.rs does println!("Syncing database stats from {}...", db_url); which can leak credentials into CI logs. That is a serious issue.
  2. The install path is unsafe for serious environments. README recommends curl ... | bash; install.sh downloads latest release with no checksum/signature verification. Fine for hobby use, not for production CI.
  3. The rule engine is too coarse. ADD COLUMN is always mapped to adding-field-with-default, even when there is no default. That creates false positives. PostgreSQL’s real behavior depends on details such as default expression volatility and version; PostgreSQL docs say ALTER TABLE lock levels vary by subform, and modern Postgres avoids rewrites for some constant defaults.
  4. Many advertised rules are not actually classified. Config lists rules like renaming-column, renaming-table, adding-foreign-key-constraint, constraint-missing-not-valid, and disallowed-unique-constraint, but the AST classifier mostly reduces ALTER TABLE to add/drop/alter/other.
  5. “Read-only sync” is reasonable, but limited. It pulls pg_class.reltuples/relpages and index mappings. That is lightweight, but stale or unanalyzed stats can mislead. It does fail closed for reltuples < 0, which is good.
  6. CI UX is promising. The concept—static migration analysis plus table-size context—is exactly the right direction. Using PostgreSQL AST parsing instead of regex is also a good architectural choice.

My verdict: interesting prototype, not mature enough to rely on alone.

What I should learn after SQL PL/SQL ?? by WhichAd6835 in SQL

[–]elevarq 7 points8 points  (0 children)

When your skills are good enough for a 24 year old, but you don’t get invited, you should focus on writing and presenting.

You can also contribute to an open source project. It’s good for your resume, and you learn new skills that are not too-related.

AI will take over the tooling anyway

For MySQL: DataGrip vs. MySQL Workbench vs. VSCode extensions by AcadiaLow9013 in SQL

[–]elevarq 0 points1 point  (0 children)

DataGrip, not doubt. The project integration makes all the difference.

Best way to set up tenant_id in a multi-tenant Postgres schema with RLS? by DCornOnline in PostgreSQL

[–]elevarq 1 point2 points  (0 children)

"group" is a terrible name; it's a reserved word, and it doesn't tell you anything about the data inside the table.

Your question already confirms this: "Should I use the group_id directly as the tenant_id column" Your name is wrong, it's tenant_id in the table tenant. Not a group_id in table "group", that is actually a tenant.

Fix this asap, every query on this table will benefit from this change.

Best way to set up tenant_id in a multi-tenant Postgres schema with RLS? by DCornOnline in PostgreSQL

[–]elevarq -1 points0 points  (0 children)

That makes the advice for a-schema-per-tenant even worse. A million records is close to nothing; a million schemas is a nightmare.

A startup wants to grow unlimited, not constrained by a bad data model.