Version 2.0

2026-03-01 - Version 2.0

This new release adds last changes from CIS Benchmark for PostgreSQL 17 and
fixes some issues.

• Update documentation.
• Remove HTML internal link in text output format.
• Fix internal link after moving 1.3 chapter to 1.4
• Fix dpkg -l output to list only installed package.
• Allow provide path to pg_config. Thanks to Ales Zeleny for the patch.
• Update with last changes in CIS Benchmark for PostgreSQL 17.
• Add logtext() Perl method to write a text with indentation and no other
  formatting.

Version 1.2

2026-02-14 - Version 1.2

This release fixes several issues reported by users since last release and add
a new feature:

• Add option -r | --remove to specify checks to remove from the report,
  it can be used multiple time. The value must be the number of a check
  or a regexp.
• Add requirement information for package perl-bignum and perl-Math-BigRat
  on some RPM based distribution. Thanks to Osman Dinc for the report.
• Add support to Chines (zh_CN) language. Thanks to Steven Tong for the patch.

Here is the list of changes:

• Fix sslmode parameter wrong check for values require and verify-ca. Thanks
  to alperensen52 for the report.
• Do not emit pg_hba.conf warning about all database or users when the method
  is 'reject'. Thanks to Ales Zeleny for the report.
• Correctly lookup the provide value from no-pg-version-check. Thanks to
  Matthias Baur for the patch.
• Do not read the start-up file on psql invocations. Thanks to Ales Zeleny
  for the patch.
• Fix spaces while parsing unix_socket_directories. Thanks to Ales Zeleny
  for the patch.
• Fix double report of 2.4 check result. Thanks to Steven Tong.
• Move check of permission to read the PGDATA to check 1.3.1.
• Replace use of pg_controldata to check checksum by the read of data_checksum
  setting.
• Avoid double start of line in check remove regexp, pgdsat always append the
  start of line character ^ to the regexp.
• Fix pg_hba.conf parsing when host is fqdn. Thanks to Dennis for the report.
• Fix die when the ip range from pg_hba.conf can not be defined.

Version 1.1

2024-04-19 - Version 1.1

This release fixes several issues reported by users since last release and adds
some new features:

• Add cluster version mismatch check if --cluster is used.
• Add a check to ensure a data anonymization extension is installed
  (extensions searched in session_preload_libraries: pg_anonymize or anon).
• Add check to ensure tablespace location is not inside the PGDATA.
• Add statistics about checksum failures if any.
• Double check the Unix socket permission on disk
• Add check to ensure that the public schema is protected in all database.
  Thanks to Julien Rouhaud for the report.

Here is the list of changes:

• Fix check for versions shows success when using an unprivileged user.
  Thanks to Avinash Vallarapu for the report.
• Fix incorrect status for Checksum check when user has insufficient
  permission to use the PGDATA. Thanks to Avinash Vallarapu for the patch.
• Redirect ls command error to /dev/null for tablespace check. Thanks to
  Avinash Vallarapu for the report.
• Fix typo in psql command. Thanks to Avinash Vallarapu for the report.
• Mark last tablespace check as not from CIS Benchmark
• Fix number of checks done by pgdsat in documentation
• Verify that all necessary commands are available from $PATH.
• Review the way collapse id is generated.
• Verify at beginning that the connection user is really superuser. Thanks
  to Julien Rouhaud for the report.
• Use pg_controldata to verify checksum instead of pg_checksums for
  performances reason. Thanks to Julien Rouhaud for the report.
• Force use of -X with psql command to avoid looking at .psqlrc. Thanks to
  Julien Rouhaud for the patch.
• Remove the source option, not implemented yet.

Version 1.0

2024-04-08 Version 1.0

• Initial version.

Thanks to Julien Rouhaud for the review.