should pg_cron be on v1.6.4 ?
getting a security warning about pg_cron not being on 1.6.4? I dont see anyway to update it etc?
23 Replies
extensions are updated by update the Postgres version in the infrastructure tab. I see 1.6 as the latest though in my updated project.
Wait. I just noticed there is a new upgrade. I'll see if that bumps cron.
Nope still at 1.6
This postgres/extension version check is something new they just added and seems not ready for primetime.
so its a version behind what it should be then
Not sure if there is a security issue or just the linter flagging. But nothing you can do to upgrade if you are on Supabase latest Postgres version. I flagged them as yesterday it was flagging postgres versions as a security issue but was on latest. They took care of that one.
1.6.4 has been out over a year.
Also a bit strange the version shown in supabase is not 1.6.0 but just 1.6. Not sure if that has some meaning or not.
@David.Stanton try disabling and then re-enabling the extension. Mine then went from 1.6 to 1.6.4 on latest Postgres version.
@garyaustin but that delete all my jobs that are runnings, its not really a fix
OK here is another approach...
ALTER EXTENSION pg_cron UPDATE;
This is actually what the security advisor docs recommend. Did not know they existed.
https://supabase.com/docs/guides/database/database-advisors?queryGroups=lint&lint=0022_extension_versions_outdated#why-keep-extensions-updated
They made a change at some point to not upgrade automatically for extensions. So now they have the older versions still around and then you have to manually upgrade if you have the newer version installed in the system by a Postgres upgrade.
ERROR: 22023: extension "pg_cron" has no update path from version "1.6" to version "1.6.4"
Did you upgrade your Postgres?
errr, ye, or i would have made the post to start with? lol
I was dealing with two of you on a similar thing. The other user we went thru that extensions are carried in the Postgres version and you need to be on the latest from the infrasctructure tab.
@garyaustin any other ideas here. I think SB need to make a proper fix?
Sorry no as it is upgraded for me.
Turning off and on seems for sure to do it.
I could not produce the no upgrade path error, but don't have any old instances to attempt the alter update. All new instances come with it default. The latest postgres version you can upgrade to in infra also includes it.
So it is a matter of why upgrade does not work for you.
Run this in SQL editor:
[
{
"name": "pg_cron",
"default_version": "1.6.4",
"installed_version": "1.6",
"comment": "Job scheduler for PostgreSQL"
}
]
So you do have it.
no
Not sure why update did not work for you.
Your system has it available.
So update should work.
Otherwise copying your cron job details and restoring them after turning off and cron is it.
I believe you as you got that before.
But that does not make sense as there is an upgrade path as you have it.
Your other option is to contact support or generate an issue in supabase/supabase issues.
its a noddy fix, not a "real" fix though, if there was a "export" cron jobs and a import, maybe "sort of accetible" by there is not
Updating should work, not sure why it is not for you. That is the documented way and I did that. I don't think update gits rid of the tables.
But turning off and on will. At this point if you can't do that then you'll have to ask Supabase thru support or issues. I don't have any other suggestions and have no way to play with upgrading now.
But turning off and on will. At this point if you can't do that then you'll have to ask Supabase thru support or issues. I don't have any other suggestions and have no way to play with upgrading now.
i raised an issue:https://github.com/supabase/supabase/issues/38679
GitHub
bug around pg_cron not updating · Issue #38679 · supabase/supabase
there seems to be a bug when on version 17.6.1.003 , security advisor throws a "Issue Extension pg_cron is using version 1.6 but version 1.6.4 is available. Using outdated extension versions m...