v11.0.1

Fixed

• #2762, Fixes "permission denied for schema" error during schema cache load - @steve-chavez
• #2756, Fix bad error message on generated columns when using Prefer: missing=default - @steve-chavez
• #1139, Allow a 30 second skew for JWT validation - @steve-chavez
  • It used to be 1 second, which was too strict

v11.0.0

Added

• #1414, Add related orders - @steve-chavez
  • On a many-to-one or one-to-one relationship, you can order a parent by a child column /projects?select=*,clients(*)&order=clients(name).desc.nullsfirst
• #1233, #1907, #2566, Allow spreading embedded resources - @steve-chavez
  • On a many-to-one or one-to-one relationship, you can unnest a json object with /projects?select=*,...clients(client_name:name)
  • Allows including the join table columns when resource embedding
  • Allows disambiguating a recursive m2m embed
  • Allows disambiguating an embed that has a many-to-many relationship using two foreign keys on a junction
• #2340, Allow embedding without selecting any column - @steve-chavez
• #2563, Allow is.null or not.is.null on an embedded resource - @steve-chavez
  • Offers a more flexible replacement for !inner, e.g. /projects?select=*,clients(*)&clients=not.is.null
  • Allows doing an anti join, e.g. /projects?select=*,clients(*)&clients=is.null
  • Allows using or across related tables conditions
• #1100, Customizable OpenAPI title - @AnthonyFisi
• #2506, Add server-trace-header for tracing HTTP requests. - @steve-chavez
  • When the client sends the request header specified in the config it will be included in the response headers.
• #2694, Make db-root-spec stable. - @steve-chavez
  • This can be used to override the OpenAPI spec with a custom database function
• #1567, On bulk inserts, missing values can get the column DEFAULT by using the Prefer: missing=default header - @steve-chavez
• #2501, Allow filtering byIS DISTINCT FROM using the isdistinct operator, e.g. /people?alias=isdistinct.foo
• #1569, Allow any/all modifiers on the eq,like,ilike,gt,gte,lt,lte,match,imatch operators, e.g. /tbl?id=eq(any).{1,2,3} - @steve-chavez
  • This converts the input into an array type
• #2561, Configurable role settings - @steve-chavez
  • Database roles that are members of the connection role get their settings applied, e.g. doing
    ALTER ROLE anon SET statement_timeout TO '5s' will result in that statement_timeout getting applied for that role.
  • Works when switching roles when a JWT is sent
  • Settings can be reloaded with NOTIFY pgrst, 'reload config'.
• #2468, Configurable transaction isolation level with default_transaction_isolation - @steve-chavez
  • Can be set per function create function .. set default_transaction_isolation = 'repeatable read'
  • Or per role alter role .. set default_transaction_isolation = 'serializable'

Fixed

• #2651, Add the missing get path item for RPCs to the OpenAPI output - @laurenceisla
• #2648, Fix inaccurate error codes with new ones - @laurenceisla
  • PGRST204: Column is not found
  • PGRST003: Timed out when acquiring connection to db
• #1652, Fix function call with arguments not inlining - @steve-chavez
• #2705, Fix bug when using the Range header on PATCH/DELETE - @laurenceisla
  • Fix the"message": "syntax error at or near \"RETURNING\"" error
  • Fix doing a limited update/delete when an order query parameter was present
• #2742, Fix db settings and pg version queries not getting prepared - @steve-chavez
• #2618, Fix PATCH requests not recognizing embedded filters and using the top-level resource instead - @steve-chavez

Changed

• #2705, The Range header is now only considered on GET requests and is ignored for any other method - @laurenceisla
  • Other methods should use the limit/offset query parameters for sub-ranges
  • PUT requests no longer return an error when this header is present (using limit/offset still triggers the error)
• #2733, Remove bulk RPC call with the Prefer: params=multiple-objects header. A function with a JSON array or object parameter should be used instead.

v10.2.0

Added

• #2663, Limit maximal postgresql connection lifetime - @robx
  • New option db-pool-max-lifetime (default 30m)
  • db-pool-acquisition-timeout is no longer optional and defaults to 10s
  • Fixes postgresql resource leak with long-lived connections (#2638)

Fixed

• #2667, Fix db-pool-acquisition-timeout not logging to stderr when the timeout is reached - @steve-chavez

v10.1.2

Fixed

• #2565, Fix bad M2M embedding on RPC - @steve-chavez
• #2575, Replace misleading error message when no function is found with a hint containing functions/parameters names suggestions - @laurenceisla
• #2582, Move explanation about "single parameters" from the message to the details in the error output - @laurenceisla
• #2569, Replace misleading error message when no relationship is found with a hint containing parent/child names suggestions - @laurenceisla
• #1405, Add the required OpenAPI items object when the parameter is an array - @laurenceisla
• #2592, Add upsert headers for POST requests to the OpenAPI output - @laurenceisla
• #2623, Fix FK pointing to VIEW instead of TABLE in OpenAPI output - @laurenceisla
• #2622, Consider any PostgreSQL authentication failure as fatal and exit immediately - @michivi
• #2620, Fix NOTIFY pgrst not reloading the db connections catalog cache - @steve-chavez

v10.1.1

Fixed

• #2548, Fix regression when embedding views with partial references to multi column FKs - @wolfgangwalther
• #2558, Fix regression when requesting limit=0 and db-max-row is set - @laurenceisla

v10.1.0

Added

• #2348, Add db-pool-acquisition-timeout configuration option, time in seconds to wait to acquire a connection. - @robx

Fixed

• #2261, #2349, #2467, Reduce allocations communication with PostgreSQL, particularly for request bodies. - @robx
• #2401, #2444, Fix SIGUSR1 to fully flush connections pool. - @robx
• #2428, Fix opening an empty transaction on failed resource embedding - @steve-chavez
• #2455, Fix embedding the same table multiple times - @steve-chavez
• #2518, Fix a regression when embedding views where base tables have a different column order for FK columns - @wolfgangwalther
• #2458, Fix a regression with the location header when inserting into views with PKs from multiple tables - @wolfgangwalther
• #2356, Fix a regression in openapi output with mode follow-privileges - @wolfgangwalther
• #2283, Fix infinite recursion when loading schema cache with self-referencing view - @wolfgangwalther
• #2343, Return status code 200 for PATCH requests which don't affect any rows - @wolfgangwalther
• #2481, Treat computed relationships not marked SETOF as M2O/O2O relationship - @wolfgangwalther
• #2534, Fix embedding a computed relationship with a normal relationship - @steve-chavez
• #2362, Fix error message when [] is used inside select - @wolfgangwalther
• #2475, Disallow !inner on computed columns - @wolfgangwalther
• #2285, Ignore leading and trailing spaces in column names when parsing the query string - @wolfgangwalther
• #2545, Fix UPSERT with PostgreSQL 15 - @wolfgangwalther
• #2459, Fix embedding views with multiple references to the same base column - @wolfgangwalther

Changed

• #2444, Removed db-pool-timeout option, because this was removed upstream in hasql-pool. - @robx
• #2343, PATCH requests that don't affect any rows no longer return 404 - @wolfgangwalther
• #2537, Stricter parsing of query string. Instead of silently ignoring, the parser now throws on invalid syntax like json paths for embeddings, hints for regular columns, empty casts or fts languages, etc. - @wolfgangwalther

Deprecated

• #1385, Deprecate bulk-calls when including the Prefer: params=multiple-objects in the request. A function with a JSON array or object parameter should be used instead for a better performance.

v10.0.0

Added

• #1933, #2109, Add a minimal health check endpoint - @steve-chavez
  • For enabling this, the admin-server-port config must be set explictly
  • A <host>:<admin_server_port>/live endpoint is available for checking if postgrest is running on its port/socket. 200 OK = alive, 503 = dead.
  • A <host>:<admin_server_port>/ready endpoint is available for checking a correct internal state(the database connection plus the schema cache). 200 OK = ready, 503 = not ready.
• #1988, Add the current user to the request log on stdout - @DavidLindbom, @wolfgangwalther
• #1823, Add the ability to run postgrest without any configuration. - @wolfgangwalther
  • #1991, Add the ability to run without db-uri using libpq's PG environment variables to connect. - @wolfgangwalther
  • #1769, Add the ability to run without db-schemas, defaulting to db-schemas=public. - @wolfgangwalther
  • #1689, Add the ability to run without db-anon-role disabling anonymous access. - @wolfgangwalther
• #1543, Allow access to fields of composite types in select=, order= and filters through JSON operators -> and ->>. - @wolfgangwalther
• #2075, Allow access to array items in ?select=, ?order= and filters through JSON operators -> and ->>. - @wolfgangwalther
• #2156, #2211, Allow applying limit/offset to UPDATE/DELETE to only affect a subset of rows - @steve-chavez
  • It requires an explicit order on a unique column(s)
• #1917, Add error codes with the "PGRST" prefix to the error response body to differentiate PostgREST errors from PostgreSQL errors - @laurenceisla
• #1917, Normalize the error response body by always having the detail and hint error fields with a null value if they are empty - @laurenceisla
• #2176, Errors raised with SQLSTATE now include the message and the code in the response body - @laurenceisla
• #2236, Support POSIX regular expression operators for row filtering - @enote-kane
• #2202, Allow returning XML from RPCs - @fjf2002
• #2268, Allow returning XML from single-column queries - @fjf2002
• #2300, RPC POST for function w/single unnamed XML param #2300 - @fjf2002
• #1564, Allow geojson output by specifying the Accept: application/geo+json media type - @steve-chavez
  • Requires postgis >= 3.0
  • Works for GET, RPC, POST/PATCH/DELETE with Prefer: return=representation.
  • Resource embedding works and the embedded rows will go into the properties key
  • In case of multiple geometries in the same table, you can choose which one will go into the geometry key with the usual ?select query parameter.
• #1082, Add security definitions to the OpenAPI output - @laurenceisla
• #2378, Support http OPTIONS method on RPC and root path - @steve-chavez
• #2354, Allow getting the EXPLAIN plan of a request by using the Accept: application/vnd.pgrst.plan header - @steve-chavez
  • Only allowed if the db-plan-enabled config is set to true
  • Can generate the plan for different media types using the for parameter: Accept: application/vnd.pgrst.plan; for="application/vnd.pgrst.object"
  • Different options for the plan can be used with the options parameter: Accept: application/vnd.pgrst.plan; options=analyze|verbose|settings|buffers|wal
  • The plan can be obtained in text or json by using different media type suffixes: Accept: application/vnd.pgrst.plan+text and Accept: application/vnd.pgrst.plan+json.
• #2144, Support computed relationships which allow extending and overriding relationships for resource embedding - @steve-chavez, @wolfgangwalther
• #1984, Detect one-to-one relationships for resource embedding - @steve-chavez
  • Detected when there's a foreign key with a unique constraint or when a foreign key is also a primary key

Fixed

• #2058, Return 204 No Content without Content-Type for PUT - @wolfgangwalther
• #2107, Clarify error for failed schema cache load. - @steve-chavez
  • From Database connection lost. Retrying the connection to Could not query the database for the schema cache. Retrying.
• #1771, Fix silently ignoring filter on a non-existent embedded resource - @steve-chavez
• #2152, Remove functions, which are uncallable because of unnamend arguments from schema cache and OpenAPI output. - @wolfgangwalther
• #2145, Fix accessing json array fields with -> and ->> in ?select= and ?order=. - @wolfgangwalther
• #2155, Ignore max-rows on POST, PATCH, PUT and DELETE - @steve-chavez
• #2254, Fix inferring a foreign key column as a primary key column on views - @steve-chavez
• #2070, Restrict generated many-to-many relationships - @steve-chavez
  • Only adds many-to-many relationships when: a table has FKs to two other tables and these FK columns are part of the table's PK columns.
• #2278, Allow casting to types with underscores and numbers(e.g. select=oid_array::_int4) - @steve-chavez
• #2277, #2238, #1643, Prevent views from breaking one-to-many/many-to-one embeds when using column or FK as target - @steve-chavez
  • When using a column or FK as target for embedding(/tbl?select=*,col-or-fk(*)), only tables are now detected and views are not.
  • You can still use a column or an inferred FK on a view to embed a table(/view?select=*,col-or-fk(*))
• #2317, Increase the db-pool-timeout to 1 hour to prevent frequent high connection latency - @steve-chavez
• #2341, The search path now correctly identifies schemas with uppercase and special characters in their names (regression) - @laurenceisla
• #2364, "404 Not Found" on nested routes and "405 Method Not Allowed" errors no longer start an empty database transaction - @steve-chavez
• #2342, Fix inaccurate result count when an inner embed was selected after a normal embed in the query string - @laurenceisla
• #2376, OPTIONS requests no longer start an empty database transaction - @steve-chavez
• #2395, Allow using columns with dollar sign($) without double quoting in filters and select - @steve-chavez
• #2410, Fix loop crash error on startup in Postgres 15 beta 3. Log: "UNION types "char" and text cannot be matched". - @yevon
• #2397, Fix race conditions managing database connection helper - @robx
• #2269, Allow limit=0 in the request query to return an empty array - @gautam1168, @laurenceisla

Changed

• #2001, Return 204 No Content without Content-Type for RPCs returning VOID - @wolfgangwalther
  • Previously, those RPCs would return "null" as a body with Content-Type: application/json.
• #2156, limit/offset now limits the affected rows on UPDATE/DELETE - @steve-chavez
  • Previously, limit/offset only limited the returned rows but not the actual updated rows
• #2155, max-rows is no longer applied on POST/PATCH/PUT/DELETE returned rows - @steve-chavez
  • This was misleading because the affected rows were not really affected by max-rows, only the returned rows were limited
• #2070, Restrict generated many-to-many relationships - @steve-chavez
  • A primary key that contains the foreign key columns is now needed for generating many-to-many relationships.
• #2277, Views now are not detected when embedding using the column or FK as target (/view?select=*,column(*)) - @steve-chavez
  • This embedding form was easily made ambiguous whenever a new view was added.
  • You can use computed relationships to keep this embedding form working
• #2312, Using Prefer: return=representation no longer returns a Location header - @laurenceisla
• #1984, For the cases where one to one relationships are detected, json objects will be returned instead of json arrays of length 1
  • If you wish to override this behavior, you can use computed relationships to return arrays again

v9.0.1

Fixed

• #2165, Fix json/jsonb columns should not have type in OpenAPI spec - @clrnd
• #2020, Execute deferred constraint triggers when using Prefer: tx=rollback - @wolfgangwalther
• #2077, Fix is not working with upper or mixed case values like NULL, TrUe, FaLsE - @steve-chavez
• #2024, Fix schema cache loading when views with XMLTABLE and DEFAULT are present - @wolfgangwalther
• #1724, Fix wrong CORS header Authentication -> Authorization - @wolfgangwalther
• #2120, Fix reading database configuration properly when = is present in value - @wolfgangwalther
• #2135, Remove trigger functions from schema cache and OpenAPI output, because they can't be called directly anyway. - @wolfgangwalther
• #2101, Remove aggregates, procedures and window functions from the schema cache and OpenAPI output. - @wolfgangwalther
• #2153, Fix --dump-schema running with a wrong PG version. - @wolfgangwalther
• #2042, Keep working when EMFILE(Too many open files) is reached. - @steve-chavez
• #2147, Ignore Content-Type headers for GET requests when calling RPCs. - @laurenceisla
  • Previously, GET without parameters, but with Content-Type: text/plain or Content-Type: application/octet-stream would fail with 404 Not Found, even if a function without arguments was available.
• #2239, Fix misleading disambiguation error where the content of the relationship key looks like valid syntax - @laurenceisla
• #2294, Disable parallel GC for better performance on higher core CPUs - @steve-chavez
• #1076, Fix using CPU while idle - @steve-chavez

v9.0.0

Added

• #1783, Include partitioned tables into the schema cache. Allows embedding, UPSERT, INSERT with Location response, OPTIONS request and OpenAPI support for partitioned tables - @laurenceisla
• #1878, Add Retry-After hint header when in recovery mode - @gautam1168
• #1735, Allow calling function with single unnamed param through RPC POST. - @steve-chavez
  • Enables calling a function with a single json parameter without using Prefer: params=single-object
  • Enables uploading bytea to a function with Content-Type: application/octet-stream
  • Enables uploading raw text to a function with Content-Type: text/plain
• #1938, Allow escaping inside double quotes with a backslash, e.g. ?col=in.("Double\"Quote"), ?col=in.("Back\\slash") - @steve-chavez
• #1075, Allow filtering top-level resource based on embedded resources filters. This is enabled by adding !inner to the embedded resource, e.g. /projects?select=*,clients!inner(*)&clients.id=eq.12- @steve-chavez, @Iced-Sun
• #1857, Make GUC names for headers, cookies and jwt claims compatible with PostgreSQL v14 - @laurenceisla, @robertsosinski
  • Getting the value for a header GUC on PostgreSQL 14 is done using current_setting('request.headers')::json->>'name-of-header' and in a similar way for request.cookies and request.jwt.claims
  • PostgreSQL versions below 14 can opt in to the new JSON GUCs by setting the db-use-legacy-gucs config option to false (true by default)
• #1988, Allow specifying unknown for the is operator - @steve-chavez
• #2031, Improve error message for ambiguous embedding and add a relevant hint that includes unambiguous embedding suggestions - @laurenceisla

Fixed

• #1871, Fix OpenAPI missing default values for String types and identify Array types as "array" instead of "string" - @laurenceisla
• #1930, Fix RPC return type handling for RETURNS TABLE with a single column. Regression of #1615. - @wolfgangwalther
• #1938, Fix using single double quotes(") and backslashes(/) as values on the "in" operator - @steve-chavez
• #1992, Fix schema cache query failing with standard_conforming_strings = off - @wolfgangwalther

Changed

• #1949, Drop support for embedding hints used with .(e.g. select=projects.client_id(*)), ! should be used instead(e.g. select=projects!client_id(*)) - @steve-chavez
• #1783, Partitions (created using PARTITION OF) are no longer included in the schema cache. - @laurenceisla
• #2038, Dropped support for PostgreSQL 9.5 - @wolfgangwalther

v8.0.0

Added

• #1525, Allow http status override through response.status guc - @steve-chavez
• #1512, Allow schema cache reloading with NOTIFY - @steve-chavez
• #1119, Allow config file reloading with SIGUSR2 - @steve-chavez
• #1558, Allow 'Bearer' with and without capitalization as authentication schema - @wolfgangwalther
• #1470, Allow calling RPC with variadic argument by passing repeated params - @wolfgangwalther
• #1559, No downtime when reloading the schema cache with SIGUSR1 - @steve-chavez
• #504, Add log-level config option. The admitted levels are: crit, error, warn and info - @steve-chavez
• #1607, Enable embedding through multiple views recursively - @wolfgangwalther
• #1598, Allow rollback of the transaction with Prefer tx=rollback - @wolfgangwalther
• #1633, Enable prepared statements for GET filters. When behind a connection pooler, you can disable preparing with db-prepared-statements=false
  • This increases throughput by around 30% for simple GET queries(no embedding, with filters applied).
• #1729, #1760, Get configuration parameters from the db and allow reloading config with NOTIFY - @steve-chavez
• #1824, Allow OPTIONS to generate certain HTTP methods for a DB view - @laurenceisla
• #1872, Show timestamps in startup/worker logs - @steve-chavez
• #1881, Add openapi-mode config option that allows ignoring roles privileges when showing the OpenAPI output - @steve-chavez
• CLI options(for debugging):
  • #1678, Add --dump-config CLI option that prints loaded config and exits - @wolfgangwalther
  • #1691, Add --example CLI option to show example config file - @wolfgangwalther
  • #1697, #1723, Add --dump-schema CLI option for debugging purposes - @monacoremo, @wolfgangwalther
• #1794, (Experimental) Add request.spec GUC for db-root-spec - @steve-chavez

Fixed

• #1592, Removed single column restriction to allow composite foreign keys in join tables - @goteguru
• #1530, Fix how the PostgREST version is shown in the help text when the .git directory is not available - @monacoremo
• #1094, Fix expired JWTs starting an empty transaction on the db - @steve-chavez
• #1162, Fix location header for POST request with select= without PK - @wolfgangwalther
• #1585, Fix error messages on connection failure for localized postgres on Windows - @wolfgangwalther
• #1636, Fix application/octet-stream appending charset=utf-8 - @steve-chavez
• #1469, #1638 Fix overloading of functions with unnamed arguments - @wolfgangwalther
• #1560, Return 405 Method not Allowed for GET of volatile RPC instead of 500 - @wolfgangwalther
• #1584, Fix RPC return type handling and embedding for domains with composite base type (#1615) - @wolfgangwalther
• #1608, #1635, Fix embedding through views that have COALESCE with subselect - @wolfgangwalther
• #1572, Fix parsing of boolean config values for Docker environment variables, now it accepts double quoted truth values ("true", "false") and numbers("1", "0") - @wolfgangwalther
• #1624, Fix using app.settings.xxx config options in Docker, now they can be used as PGRST_APP_SETTINGS_xxx - @wolfgangwalther
• #1814, Fix panic when attempting to run with unix socket on non-unix host and properly close unix domain socket on exit - @monacoremo
• #1825, Disregard internal junction(in non-exposed schema) when embedding - @steve-chavez
• #1846, Fix requests for overloaded functions from html forms to no longer hang (#1848) - @laurenceisla
• #1858, Add a hint and clarification to the no relationship found error - @laurenceisla
• #1841, Show comprehensive error when an RPC is not found in a stale schema cache - @laurenceisla
• #1875, Fix Location headers in headers only representation for null PK inserts on views - @laurenceisla

Changed

• #1522, #1528, #1535, Docker images are now built from scratch based on a the static PostgREST executable (#1494) and with Nix instead of a Dockerfile. This reduces the compressed image size from over 30mb to about 4mb - @monacoremo
• #1461, Location header for POST request is only included when PK is available on the table - @wolfgangwalther
• #1560, Volatile RPC called with GET now returns 405 Method not Allowed instead of 500 - @wolfgangwalther
• #1584, #1849 Functions that declare returns composite_type no longer return a single object array by default, only functions with returns setof composite_type return an array of objects - @wolfgangwalther
• #1604, Change the default logging level to log-level=error. Only requests with a status greater or equal than 500 will be logged. If you wish to go back to the previous behaviour and log all the requests, use log-level=info - @steve-chavez
  • Because currently there's no buffering for logging, defaulting to the error level(minimum logging) increases throughput by around 15% for simple GET queries(no embedding, with filters applied).
• #1617, Dropped support for PostgreSQL 9.4 - @wolfgangwalther
• #1679, Renamed config settings with fallback aliases. e.g. max-rows is now db-max-rows, but max-rows is still accepted - @wolfgangwalther
• #1656, Allow Prefer=headers-only on POST requests and change default to minimal (#1813) - @laurenceisla
• #1854, Dropped undocumented support for gzip compression (which was surprisingly slow and easily enabled by mistake). In some use-cases this makes Postgres up to 3x faster - @aljungberg
• #1872, Send startup/worker logs to stderr to differentiate from access logs on stdout - @steve-chavez