Version 4.5

2026-01-27 - Version 4.5.0

This is a maintenance release to fix issues reported by users since last release.

• Fix error cannot change data type of view column "roleid" from oid to
  regrole. Thanks to dbacvetkov for the report.
• Add missing upgrade SQL file from 4.3 to 4.4. Thanks to dbacvetkov for
  the report.
• Fix error when the user want to modify his password and
  credcheck.password_valid_until option is set. As we modify
  the VALID UNTIL clause it will generate an error message when
  the user changes his password:
  Only roles with the CREATEROLE attribute and the ADMIN
  option on role "..." may alter this role.
  Thanks to dwshin0416 for the report.
• Set the tzp argument in timestamp2tm() call to apply timezone to converted
  timestamp. Thanks to Christoph Berg for the report.

Version 4.4

2026-01-12 - Version 4.4.0

This is a maintenance release to fix issues reported by users since last release.

• Fix backend crash when current_user is used in ALTER ROLE statement. Thanks to Andrii for the report.
• Add the session timezone in the call to timestamp2tm(). Thanks to Christoph Berg for the report.
• Move extension SQL files into a dedicated directory.

Version 4.3

2025-12-23 - Version 4.3.0

This is a maintenance release to fix issues reported by users since last release.

• Fix background workers crash when pg_cron is used and potentially others
  extension using background workers. Thanks to Anton Glushakov for the report.
• Only execute processUtility hook if we are at top level (not SPI re-enter).
  Thanks to vidierr and Anton Glushakov for the report.
• Fix the change password after first login feature that was not affected only
  to the new user but to all users connecting to the database.

Version 4.2

2025-10-22 - Version 4.2.0

This is a quick maintenance release to fix a PG crash when parallel workers
are in used with credcheck > 3.0.

• Prevent credcheck code to be executed in parallel workers. Thanks to
  glushakov Anton for the report.

Version 4.0

2025-10-16 - Version 4.0.0

This major release adds new features and fixes bugs reported by users since
last release.

• When a user change its password and a VALID UNTIL clause is not set,
  credcheck will automatically set to now() + credcheck.password_valid_until
• Extended the functionality of 'username_contain' and 'username_not_contain'
  gucs to allow users to use substrings instead of single characters only.
  Thanks to Palak Chaturvedi for the patch.
• Add feature to send a warning to the user N days before his password expires.
  The number of days before can be set using the credcheck.password_valid_warning
  setting. Disabled by default. This is done using an event trigger up on login.
  The point is that the trigger must be set manually in all databases.
• Add force password change at first logging. This feature allow to force the
  users to change their password after the account creation. This behavior is
  active when credcheck.password_change_first_login is enabled.
  It is also possible force any user to change his password at any time using:
  ALTER USER user1 SET credcheck_internal.force_change_password = true;
• Fix license text to the corresponding PostgreSQL license.
• Fix test/expected/06_reuse_interval_1.out. Thanks to Christoph Berg for the patch.

Version 3.0

2024-12-31 - Version 3.0.0

This release adds a new feature to exclude a list of users from being banned
and fixes bugs reported by users since last release.

• Fix ban count with ssl.
• Fix compilation with PG11.
• Add new configuration variable to exclude some users from being banned.
  With credcheck.whitelist_auth_failure you can set a whitelist of usernames
  that must be excluded from this behavior. Example of use:
  credcheck.whitelist_auth_failure = 'appuser1,appuser2'
  Thanks to Kennycwc for the feature request.
• Update regression test expected output.
• Add a note about the \password command. Thanks to tsoulabail for the report.
• Fix test for password reuse.
• Fix pg_banned_role.roleid value. Thanks to Julien Rouhaud for the patch.
• Move the project under HexaCluster GitHub account.
• Update copyright year.

Version 2.8

2024-08-03 - Version 2.8.0

This release adds the compatibility with PostgreSQL 17. Upgrade require a
PostgreSQL restart to reload the credcheck library.

• Remove call to tuplestore_donestoring() for compatibility with PG v17.
• Show actual setted parameters in error messages. Thanks to coroneltortuga
  for the feature request.

v2.7

2024-04-25 - Version 2.7.0

This release is maintenance a release to fix a problem with pgBackRest backup.

• Change location of the pg_password_history file that used to be stored in
  the PGDATA/global/ subdirectory and now saved directly in the PGDATA. The
  old location was generating a checksum warning by pgBackRest. Thanks to
  glushakov for the report.

Backward compatibility is preserved, the file will be relocated automatically.

Version 2.6.0

2024-01-30 - Version 2.6.0

This release is the a quick maintenance release to fix path of pg_config
in Makefile and an errata in the previous upgrade filename. Thanks to Devrim
Gunduz for the report.

Please refer to v2.4.0 for the origin ChangeLog.

Version 2.5.0

2024-01-30 - Version 2.5.0

This release is a quick maintenance release to fix compilation issue with
PostgreSQL prior 15.0 on custom variable prefix restriction. Thanks to Devrim
Gunduz for the report.