Skip to content

procedural-language-whitelist (ST002)#

Automatic fix is not available.

What it does#

Checks that a procedural language to be created is allowed.

Why not?#

By default, any procedural language can be loaded into the database. This is quite dangerous as some unsafe operations might be introuduced by languages. So you not only want to empower CREATE LANGUAGE to database owners, you also want to be able to review and explicitly allow procedural languages.

When should you?#

Almost never. If a procedural language is not allowed, you are probably doing something wrong.

Use instead:#

Procedural languages that are allowed.

Configuration#

allowed-languages: List of allowed languages.