Migration safety insights for Postgres teams.
June 2, 2026
pgfence 0.6.1 closes several false-negative paths in ORM extraction, inline foreign key scoring, constrained-domain analysis, stats-source precedence, and public boundary linting.
May 31, 2026
A foreign key added through ADD COLUMN can look like a column change, but the referenced table matters too. Size-aware risk scoring has to include both sides of the relationship.
May 28, 2026
TypeORM, Knex, Sequelize, Prisma, and Drizzle all expose SQL differently. A migration safety tool has to keep valid statements, warn on dynamic pieces, and never let destructive SQL disappear from coverage.
May 26, 2026
A migration safety tool earns trust by saying what it could not prove. Unknown statements should show up in coverage, reports, and review policy instead of disappearing behind a green check.
May 25, 2026
v0.6 ships a paste-and-run statement explainer, a single-file rule catalog for in-editor coding assistants, seven new rules covering REPLICA IDENTITY FULL, CLUSTER, RLS toggles and INHERIT, plus a Trust Contract polish that surfaces unanalyzable line numbers in every reporter.
May 24, 2026
In-editor coding assistants are fluent in SQL syntax and blind to lock modes. Drop one curated file at the repo root and the assistant stops suggesting ACCESS EXCLUSIVE DDL and starts writing the expand/contract sequence. Here is what to put in the file and a concrete before/after.
May 23, 2026
Squawk, Eugene, pgrubic, and strong_migrations together catch most of the obvious dangers. These five operations slip past every one of them, and each has taken down a production system this year.
May 22, 2026
Prisma's deployment docs now show pgfence as a pre-deploy migration safety check before prisma migrate deploy. Here is what that check catches and why it belongs in CI.
One line of DDL, no lock contention, no rewrite, no warning from any safety guide. Three weeks later your WAL volume has doubled and Debezium is melting. Here is what REPLICA IDENTITY FULL actually costs and how to avoid it.
May 21, 2026
Every Postgres DDL statement takes a lock. Most cheat sheets on the internet get at least one wrong. This one is verified line by line against tablecmds.c, lockcmds.c, and indexcmds.c in PostgreSQL 17.
May 19, 2026
On PostgreSQL 11 and newer, the same shape of statement can finish in 8ms on a 200GB table or lock the table for 90 minutes. The difference is the volatility class of the default expression, and most production teams still believe the pre-PG11 rule.
May 18, 2026
Foreign keys, CHECK constraints, UNIQUE constraints, EXCLUDE constraints, USING INDEX, and VALIDATE CONSTRAINT do not all take the same lock. pgfence v0.6 fixed the map against PostgreSQL source.
April 30, 2026
Quick positioning update: pgfence is, and stays, a free open-source Postgres migration safety tool. The CLI, GitHub Action, LSP, ORM extractors, lock-mode rules, and safe rewrite recipes are all free forever.
April 24, 2026
pgfence 0.5 tightens ORM extraction, coverage reporting, editor diagnostics, and release boundaries so unknown migration SQL is surfaced instead of silently treated as safe.
April 21, 2026
A useful migration audit log is not just an activity feed. It needs to prove what changed, what risk was found, who approved it, and which policy applied at the time.
April 18, 2026
CREATE INDEX CONCURRENTLY is the right fix for blocking index builds, but it fails inside a transaction block. Here is why that happens and how to catch it before deploy.
March 20, 2026
Your migration grabs an ACCESS EXCLUSIVE lock. It queues behind a long-running query. Every new connection piles up behind it. In 30 seconds, your entire database is frozen. Here's the fix.
March 16, 2026
We audited every rule, extractor, and reporter in pgfence and fixed 18 silent failure paths, 6 bugs, and 11 stale comments. Here is what we found and what we fixed.
March 14, 2026
pgfence can now execute migrations against a real Postgres instance and verify lock predictions against observed behavior. It spins up a disposable Docker container and traces statements one by one.
March 10, 2026
Your migration linter says everything is safe. It's wrong. Here's why false negatives are more dangerous than false positives, and what we do about it.
March 6, 2026
pgfence now runs inside your editor. Real-time diagnostics, quick fixes for supported safe rewrites, and hover info for SQL migrations. Plus new rules for char fields, serial columns, DROP DATABASE, and domain constraints.
March 5, 2026
Step-by-step SQL sequences for the five most common dangerous migrations. No downtime, no blocked queries, no surprises.
February 27, 2026
Postgres Language Server validates SQL correctness. pgfence adds lock and migration-safety analysis. Here's how to run both in CI for broader migration coverage.
February 25, 2026
TypeORM's migration generator doesn't understand Postgres lock modes. Here's what that means for your production database and how to catch problems before they ship.
February 23, 2026
A plain-English reference for the eight PostgreSQL lock modes, which DDL statements trigger them, and what they actually block in production.
February 22, 2026
A war story about a volatile-default footgun, why ORMs hide it from you, and the staged rollout pattern that prevents it.