Transaction & Policy Checks
Beyond DDL, pgfence enforces operational best practices that prevent silent production incidents.
Transaction Checks
| # | Pattern | Severity |
|---|---|---|
| 25 | NOT VALID + VALIDATE CONSTRAINT in the same transaction | error |
| 26 | Multiple ACCESS EXCLUSIVE statements compounding | warning |
| 27 | CREATE INDEX CONCURRENTLY inside a transaction | error |
| 28 | Bulk UPDATE without WHERE in migration | warning |
| 29 | Wide lock window: ACCESS EXCLUSIVE on multiple tables in same transaction | warning |
Policy Checks
- Missing
SET lock_timeout: prevents lock queue death spirals - Missing
SET statement_timeout: safety net for long operations - Missing
SET application_name: enablespg_stat_activityvisibility - Missing
SET idle_in_transaction_session_timeout: prevents orphaned locks lock_timeoutset after dangerous DDL: ordering violation, timeout must be set before any statement that acquires a dangerous locklock_timeout/statement_timeoutvalue exceeds threshold: warns when timeout values are too permissive (defaults: lock_timeout > 5s, statement_timeout > 10min)
Inline Ignore
Suppress a specific check on a statement with a comment directive:
sql
-- pgfence-ignore: add-column-not-null-no-default
ALTER TABLE users ADD COLUMN status TEXT NOT NULL;
-- pgfence-ignore
DROP TABLE legacy_sessions; -- suppress all checksSee Configuration → Inline Ignore for full syntax reference.