db: add STRICT tables with migration for old databases#8559
db: add STRICT tables with migration for old databases#8559wqxoxo wants to merge 1 commit intoElementsProject:masterfrom
Conversation
415d91c to
dec2ae7
Compare
This seems good, except that it should be enabled by the --developer flag, not random environment variables. We get much of this checking already by using Postgresql as the backend, but it's definitely an improvement.
This is done in the wrong place. We use devtools/sql-rewrite.py to translate our SQL statements into local dialects already. The exception is the sql plugin, but that's also up to the user.
We don't load untrusted databases, but trusted_schema isn't harmful. cell_size_check will slow us down, and only helps if the db is corrupted (hopefully catching it earlier), so I like that one. secure_delete is not meaningful for us, that I can tell.
Except that doesn't matter since only developers changing the code will ever see such messages, when they add an invalid sql statement.
Hi ChatGPT? Or maybe claude? To be honest, this entire thing should be a several-line patch, which enables the pragmas inside db/db_sqlite3.c |
b01b22e to
55927b7
Compare
|
Thank you for the feedback @rustyrussell . I've reworked the implementation based on your guidance, I hope this is more aligned with what you had in mind. |
55927b7 to
eac29a0
Compare
03dd29c to
03a2736
Compare
Enables STRICT tables in developer mode, but old databases (~2019) may have BLOB values in TEXT columns. Migration converts BLOB faildetail to TEXT with UTF-8 validation, NULLs invalid data. Also adds security pragmas in developer mode: trusted_schema=OFF, cell_size_check=ON, mmap_size=0, quick_check on startup. Fixes ElementsProject#7913, fixes migration failures in PR ElementsProject#8559. Changelog-Added: Database: SQLite STRICT tables in developer mode Changelog-Added: Database: Security pragmas in developer mode Changelog-Fixed: Database migration for old BLOB-typed faildetail values
03a2736 to
878d7c7
Compare
e6264a8 to
1c3cdc5
Compare
1c3cdc5 to
18c0d94
Compare
582a105 to
76d6d7c
Compare
11edd24 to
64e0272
Compare
64e0272 to
08154c5
Compare
08154c5 to
1374314
Compare
Enables STRICT tables in developer mode, but old databases (~2019) may have BLOB values in TEXT columns. Migration converts BLOB faildetail to TEXT with UTF-8 validation, NULLs invalid data. STRICT is only applied to fresh databases; existing databases being upgraded skip STRICT to avoid type affinity issues with legacy data. Also adds security pragmas in developer mode: trusted_schema=OFF, cell_size_check=ON. Fixes ElementsProject#5390. Changelog-Added: Database: STRICT tables and security pragmas in developer mode Changelog-Fixed: Database migration for old BLOB-typed faildetail values
1374314 to
2d8cca4
Compare
Turns out old databases (~2019) can have BLOB values stuck in TEXT columns due to SQLite type affinity, so we can't just slap STRICT on existing tables. This adds STRICT to new CREATE TABLE statements in
--developermode, with a migration that cleans up the BLOB faildetail values in payments first. Also enablestrusted_schema=OFFandcell_size_check=ONwhile we're at it.For upgraded databases, STRICT is skipped entirely to avoid breaking legacy data.
Fixes #5390.