So your application needs privileged access (to create tables, triggers, etc) to... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		daenz on Dec 19, 2021 \| parent \| context \| favorite \| on: Postgres is a great pub/sub and job server (2019) So your application needs privileged access (to create tables, triggers, etc) to the database in order to run? That's an anti-pattern. Your deployed application should only need least privileges possible. If you need to do extra things to your database, it should be done in migrations, which should be more privileged, but now you've decoupled the creation of these extra db objects from the library itself, meaning if the library changes, your migrations will not be in sync.

mlyle on Dec 19, 2021 [–]

No... JPA writes out a file with the necessary DDL and the administrator runs it.

If this is insufficient for more complicated migrations, there's tooling to support it. e.g. Flyway.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact