extension-whitelist (ST001)

Automatic fix is not available.

What it does

Checks that an extension to be created is allowed.

Why not?

By default, any extension can be loaded into the database. This is quite dangerous as any bug causing a crash would mean a PostgreSQL would restart. So you not only want to empower CREATE EXTENSION to database owners, you also want to be able to review and explicitly allow extensions.

When should you?

Almost never. If an extension is not allowed, you are probably doing something wrong.

Use instead:

Extensions that are allowed.

Configuration

allowed-extensions: List of allowed extensions.