Add PostgreSQL 17.2.1 configuration and update release properties

[N6REJ]

PR Type

enhancement, configuration changes

---

Description

• Added new configuration and initialization scripts for PostgreSQL 17.2.1.
• Updated bearsampp.conf with paths and settings for PostgreSQL 17.2.1.
• Added host-based authentication and main configuration files.
• Updated release properties to include PostgreSQL 17.2.1.
• Changed bundle release date in build.properties.

---

Changes walkthrough 📝

	Relevant files
Enhancement	init.bat Add initialization script for PostgreSQL 17.2.1                    bin/postgresql17.2.1/init.bat Added batch script to initialize PostgreSQL 17.2.1. Configures database with UTF-8 encoding and trust authentication. Copies configuration files to the data directory. +5/-0
Configuration changes	bearsampp.conf Add configuration file for PostgreSQL 17.2.1                          bin/postgresql17.2.1/bearsampp.conf Added configuration file for PostgreSQL 17.2.1. Specifies executable paths and configuration files. Sets default port and user credentials. +14/-0    pg_hba.conf.ber Add host-based authentication configuration                            bin/postgresql17.2.1/pg_hba.conf.ber Added host-based authentication configuration. Allows trust authentication for local connections. +3/-0      postgresql.conf.ber Add main configuration file for PostgreSQL 17.2.1                bin/postgresql17.2.1/postgresql.conf.ber Added main configuration file for PostgreSQL 17.2.1. Configures file locations, connections, and logging. Sets resource usage parameters. +35/-0    build.properties Update bundle release date                                                              build.properties Updated bundle release date to 2024.12.1. +1/-1      releases.properties Add release entry for PostgreSQL 17.2.1                                    releases.properties Added release entry for PostgreSQL 17.2.1. +1/-0

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[qodo-merge-pro]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Multiple security concerns: Authentication method: The pg_hba.conf file uses 'trust' authentication for all local connections, allowing any local user to connect without password File permissions: The postgresql.log file permissions are set to 0777 (world-readable/writable), which could expose sensitive database operation details Listen addresses: The postgresql.conf has listen_addresses set to '*' which allows connections from any IP address, potentially exposing the database to external access if not properly firewalled

⚡ Recommended focus areas for review Security Configuration The host-based authentication is set to 'trust' method which allows connections without password authentication. Consider if this is appropriate for the intended use. Resource Configuration The shared_buffers setting of 32MB may be too low for optimal performance depending on the expected workload Log Configuration Log file permissions are set to 0777 which is overly permissive and could expose sensitive information

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Score
Security	Restrict log file permissions to prevent unauthorized access to sensitive information The log file mode 0777 grants full read/write/execute permissions to all users, which is a security risk. Use a more restrictive permission like 0640. bin/postgresql17.2.1/postgresql.conf.ber [27] -log_file_mode = 0777 +log_file_mode = 0640 Apply this suggestion Suggestion importance[1-10]: 9 Why: Setting log_file_mode to 0777 is a significant security risk as it allows all users to read, write, and execute log files that may contain sensitive information.	9
	Limit database connection access to specific addresses to reduce attack surface Setting listen_addresses to '*' allows connections from any IP address. Consider restricting it to specific IP addresses or 'localhost' for better security. bin/postgresql17.2.1/postgresql.conf.ber [11] -listen_addresses = '*' +listen_addresses = 'localhost' Apply this suggestion Suggestion importance[1-10]: 8 Why: Using '*' for listen_addresses exposes the database to connections from any IP address, significantly increasing security risks in a development environment.	8
General	Ensure consistent spacing and alignment in configuration files to prevent parsing errors Remove the inconsistent tab characters and align the fields properly to improve readability and prevent potential parsing issues. bin/postgresql17.2.1/pg_hba.conf.ber [1-3] # TYPE DATABASE USER ADDRESS METHOD host all all 127.0.0.1/32 trust -host all all ::1/128 trust +host all all ::1/128 trust Apply this suggestion Suggestion importance[1-10]: 7 Why: The inconsistent tab characters and misaligned fields in pg_hba.conf could cause configuration parsing issues. Proper alignment is important for PostgreSQL's host-based authentication configuration.	7

💡 Need additional feedback ? start a PR chat