Comparison
Eugene vs pgfence
An honest comparison of two Postgres migration safety tools: Eugene (Rust, trace-oriented) and pgfence (TypeScript, multi-ORM with safe rewrite guidance).
What Eugene does well
Eugene is a Rust-based Postgres migration safety tool known for trace-style verification: running your migration against a real PostgreSQL instance, observing the actual locks via pg_locks, then rolling back. It also has a focused static lint mode and context-aware analysis that skips new tables created in the same migration.
Feature comparison
| Feature | Eugene | pgfence |
|---|---|---|
| Language | Rust | TypeScript (Node.js native) |
| SQL parser | libpg_query (C bindings) | libpg_query (C bindings) |
| Rule surface | Focused DDL lint rule set | Broad migration-safety rule set |
| Trace mode (live lock observation) | Yes | Yes (Docker-based, observer polling for CONCURRENTLY) |
| Trace: catalog inspection | Yes (relfilenode diffs) | Yes (pg_class, pg_constraint, pg_index diffs) |
| Trace: ORM migration support | No (raw SQL only) | Yes (trace TypeORM, Knex, Sequelize, Prisma, Drizzle) |
| Input: raw SQL | Yes | Yes |
| Input: TypeORM / Prisma / Knex / Sequelize / Drizzle | No | Yes (built-in ORM extractors) |
| Lock mode reporting | Yes | Yes (per statement, static + trace) |
| Safe rewrite recipes | Suggestions in output | Step-by-step safe rewrite guidance |
| DB-size-aware risk scoring | No | Yes (stats snapshot or direct connection) |
| VS Code extension | No first-party VS Code extension | Yes (diagnostics, supported quick fixes, hover) |
| GitHub Action | No official action | Yes (repo-level composite action) |
| Output formats | Terminal, JSON | Terminal, JSON, GitHub PR comment, SARIF |
| Coverage reporting | No | Yes |
| Policy checks | No | Yes (lock_timeout, statement_timeout, tx policy) |
| Context-aware (skip new tables) | Yes | Yes |
Trace mode: both tools, different approaches
Eugene and pgfence both offer trace-oriented validation, but they use different execution models:
- Eugene: runs inside a single transaction (BEGIN, execute, observe, ROLLBACK). Clean and simple, but cannot trace
CONCURRENTLYstatements (they fail inside transactions). - pgfence: spins up a disposable Docker container, traces statements in an isolated Postgres instance, and uses an observer connection for
CONCURRENTLYoperations to capture transient locks. It can also trace ORM migrations after extraction.
Both tools diff system catalog snapshots to detect table rewrites, implicit index creation, and constraint state changes.
When to choose Eugene
- You write raw SQL migrations exclusively
- You want a Rust binary with zero Node.js dependency
- You already have a PostgreSQL instance available for trace mode
When to choose pgfence
- Your team uses TypeORM, Prisma, Knex, Sequelize, or Drizzle migrations
- You want trace mode that handles
CONCURRENTLYstatements - You want step-by-step safe rewrite guidance in the output for supported patterns
- You need table-size-aware risk scoring
- You want a VS Code extension with inline diagnostics, hover details, and supported quick fixes
- You want SARIF output for GitHub Code Scanning annotations
- You want policy enforcement: missing
lock_timeout,CONCURRENTLYinside transactions - Your stack is Node.js/TypeScript