Should we update to a new Postgres database version that contains security patches?
New postgres database version is available with some security patches. Is it safe to upgrade it straight away to a new minor version or is it better to wait?
14 Replies
The supabase Postgres version updates for lots of things not just the Postgres changes. It includes fixes for Supabase specific stuff, new features and all the extensions and their versions might get upgraded.
There is a very small risk of down time anytime you upgrade so unless you need a feature or know this upgrade is for security I would not chase every single minor upgrade Supabase does.
Thanks Gary! This version is related to security and that’s why I wanted to ask for an opinion…
I would rather not update if I don't have to... but I don't want to sacrifice the security of my app
First I have seen of that security warning. May be a new feature.
Unless that has a link to what the patches are for, I would probably just upgrade at a safe time and NOT on a weekend.
Most security issues in Postgres are pretty esoteric, but without seeing them (and even then may be hard to judge impact) can't comment.
Otherwise one has to dig thru supabase/postgres PR's to try and sort what changed.
I have the same problem
How do i update to the newer version?
You are on latest.
oh then I'm not tweaking. The error is just cache problem then?
No idea. Never seen this security alert from users until this post.
interesting. Thanks
I'm asking SB about this as I now see the same message for .075.
Did you upgrade successfully?