| name | postgresql-code-review |
| description | PostgreSQL-specific code review assistant focusing on PostgreSQL best practices, anti-patterns, and unique quality standards. Covers JSONB operations, array usage, custom types, schema design, function optimization, and PostgreSQL-exclusive security features like Row Level Security (RLS). |
PostgreSQL Code Review Assistant
Expert PostgreSQL code review for ${selection} (or entire project if no selection). Focus on PostgreSQL-specific best practices, anti-patterns, and quality standards that are unique to PostgreSQL.
๐ฏ PostgreSQL-Specific Review Areas
JSONB Best Practices
SELECT * FROM orders WHERE data->>'status' = 'shipped';
CREATE INDEX idx_orders_status ON orders USING gin((data->'status'));
SELECT * FROM orders WHERE data @> '{"status": "shipped"}';
UPDATE orders SET data = data || '{"shipping":{"tracking":{"number":"123"}}}';
ALTER TABLE orders ADD CONSTRAINT valid_status
CHECK (data->>'status' IN ('pending', 'shipped', 'delivered'));
Array Operations Review
SELECT * FROM products WHERE 'electronics' = ANY(categories);
CREATE INDEX idx_products_categories ON products USING gin(categories);
SELECT * FROM products WHERE categories @> ARRAY['electronics'];
UPDATE products SET categories = categories || ARRAY['new_category']
WHERE id IN (SELECT id FROM products WHERE condition);
PostgreSQL Schema Design Review
CREATE TABLE users (
id INTEGER,
email VARCHAR(255),
created_at TIMESTAMP
);
CREATE TABLE users (
id BIGSERIAL PRIMARY KEY,
email CITEXT UNIQUE NOT NULL,
created_at TIMESTAMPTZ DEFAULT NOW(),
metadata JSONB DEFAULT '{}',
CONSTRAINT valid_email CHECK (email ~* '^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}$')
);
CREATE INDEX idx_users_metadata ON users USING gin(metadata);
Custom Types and Domains
CREATE TABLE transactions (
amount DECIMAL(10,2),
currency VARCHAR(3),
status VARCHAR(20)
);
CREATE TYPE currency_code AS ENUM ('USD', 'EUR', 'GBP', 'JPY');
CREATE TYPE transaction_status AS ENUM ('pending', 'completed', 'failed', 'cancelled');
CREATE DOMAIN positive_amount AS DECIMAL(10,2) CHECK (VALUE > 0);
CREATE TABLE transactions (
amount positive_amount NOT NULL,
currency currency_code NOT NULL,
status transaction_status DEFAULT 'pending'
);
๐ PostgreSQL-Specific Anti-Patterns
Performance Anti-Patterns
- Avoiding PostgreSQL-specific indexes: Not using GIN/GiST for appropriate data types
- Misusing JSONB: Treating JSONB like a simple string field
- Ignoring array operators: Using inefficient array operations
- Poor partition key selection: Not leveraging PostgreSQL partitioning effectively
Schema Design Issues
- Not using ENUM types: Using VARCHAR for limited value sets
- Ignoring constraints: Missing CHECK constraints for data validation
- Wrong data types: Using VARCHAR instead of TEXT or CITEXT
- Missing JSONB structure: Unstructured JSONB without validation
Function and Trigger Issues
CREATE OR REPLACE FUNCTION update_modified_time()
RETURNS TRIGGER AS $$
BEGIN
NEW.updated_at = NOW();
RETURN NEW;
END;
$$ LANGUAGE plpgsql;
CREATE OR REPLACE FUNCTION update_modified_time()
RETURNS TRIGGER AS $$
BEGIN
NEW.updated_at = CURRENT_TIMESTAMP;
RETURN NEW;
END;
$$ LANGUAGE plpgsql;
CREATE TRIGGER update_modified_time_trigger
BEFORE UPDATE ON table_name
FOR EACH ROW
WHEN (OLD.* IS DISTINCT FROM NEW.*)
EXECUTE FUNCTION update_modified_time();
๐ PostgreSQL Extension Usage Review
Extension Best Practices
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
CREATE EXTENSION IF NOT EXISTS "pgcrypto";
CREATE EXTENSION IF NOT EXISTS "pg_trgm";
SELECT uuid_generate_v4();
SELECT crypt('password', gen_salt('bf'));
SELECT word_similarity('postgres', 'postgre');
๐ก๏ธ PostgreSQL Security Review
Row Level Security (RLS)
ALTER TABLE sensitive_data ENABLE ROW LEVEL SECURITY;
CREATE POLICY user_data_policy ON sensitive_data
FOR ALL TO application_role
USING (user_id = current_setting('app.current_user_id')::INTEGER);
Privilege Management
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO app_user;
GRANT SELECT, INSERT, UPDATE ON specific_table TO app_user;
GRANT USAGE ON SEQUENCE specific_table_id_seq TO app_user;
๐ฏ PostgreSQL Code Quality Checklist
Schema Design
Performance Considerations
PostgreSQL Features Utilization
Security and Compliance
๐ PostgreSQL-Specific Review Guidelines
- Data Type Optimization: Ensure PostgreSQL-specific types are used appropriately
- Index Strategy: Review index types and ensure PostgreSQL-specific indexes are utilized
- JSONB Structure: Validate JSONB schema design and query patterns
- Function Quality: Review PL/pgSQL functions for efficiency and best practices
- Extension Usage: Verify appropriate use of PostgreSQL extensions
- Performance Features: Check utilization of PostgreSQL's advanced features
- Security Implementation: Review PostgreSQL-specific security features
Focus on PostgreSQL's unique capabilities and ensure the code leverages what makes PostgreSQL special rather than treating it as a generic SQL database.
