2022.05.0 Release

Docker tag: quay.io/pganalyze/enterprise:v2022.05.0


  • This release requires a database migration when coming from older releases, be sure to follow the recommended upgrade steps
  • There are two security bugfixes contained in this release that protect against malicious use of manage/API permissions by an internal actor - upgrading is recommended
  • We've included a number of backend-only changes for the upcoming version of the Index Advisor
    • We're looking forward to share the new version with you soon!


  • Index Advisor query analysis improvements
    • Support more data type functions
    • Fixed many cases of Unexpected execution of function errors
    • Fix MergeAppend handling
    • Find extensions used in custom types
    • Support existing indexes that reference UDFs
    • Custom function support
    • Custom range type support
  • Preserve whitespace when showing Postgres config settings
  • Update embedded Postgres docs
    • This refreshes the bundled Postgres docs used on config settings pages to the latest releases (previously these were out of date, showing older versions of Postgres in some cases)
  • Add support for Crunchy Bridge database provider
  • Introduces a default log quota of "1 GB log data / server / day" to avoid busy servers overly consuming log processing resources
  • Index advisor query analysis: Move background process to a dedicated queue, and run daily (instead of continuously)
    • If you've seen queue backlogs in the last Enterprise release, this should most likely resolve the backlog issues
  • Log Insights improvements
    • Add support for Postgres 14 autovacuum and autoanalyze log events
    • Add regexp match for "permission denied for table" event
    • C22 Auth failed event: Detect additional DETAIL information
    • Handle non-UTC/non-local log_timezone values correctly


  • Increases table statistics processing performance for servers with a lot of databases
  • Snapshot API: Turn off KMS retries and lower timeout to avoid API server timeouts
  • Improve performance for per-table query list
  • Improve performance for per-database table list
  • Analyze all newly created partitions twice (at different intervals) to improve query plans
  • Partition connection monitoring data (backend_counts table) for better scalability


  • Ensure all statistics snapshots are only processed once by adding a unique index
  • Fix typecast problem when using Postgres 14 for statistics database
  • Improve Weekly Report rendering in Outlook
  • Avoid wrapping table headers when space is tight
  • Improve rendering of wait events graph data to avoid visual display bugs
  • Update <query text unavailable> guidance for clarity
  • Slack integration: Fix double redirect bug for errors
  • Log analysis: Avoid crashing when config settings are missing
  • Avoid recurring loading flash on connections view
    • This restores the intended behaviour that keeps the old data visible until the next data is loaded (whilst auto-refresh is active)
  • Query text truncation improvements (used in overview):
    • Correctly handle UPDATE and ON CONFLICT target lists
    • Simplify VALUES lists
  • Query analysis: Time out background task after 1 minute
    • This ensures overly complex queries don't consume the system's capacity
  • Avoid use of temporary tables, reducing churn on pg_catalog table
  • Bundled local collector updated from 0.42.0 to 0.43.1
    • Fix cleanup of temporary files used when processing logs
    • Filter out vacuum records we cannot match to a table name
    • Check citus.shard_replication_factor before querying citus_table_size


  • Security bugfix: Sanitize local collector values to prevent malicious settings running arbitrary commands
    • This protects against an internal actor who has manage permissions on the organization. Previously, they could exploit local collector configuration settings to run arbitrary commands within the Enterprise container
  • Security bugfix: Snapshot API: Improve validation of locations against permitted paths
    • This protects against an internal actor who has a valid API key to trick the server into deleting arbitrary paths on the local filesystem of the Enterprise container
  • Enables Content Security Policy (CSP) headers in the pganalyze app
  • Dependency updates (none of these are exploitable, to our knowledge, but may have shown in dependency scanners)

Couldn't find what you were looking for or want to talk about something specific?
Start a conversation with us →