Alter RBR locality is blocked by sql_safe_updates

src/current/_includes/v24.1/misc/session-vars.md

@@ -70,7 +70,7 @@
 | <a id="server-version-num"></a> `server_version_num` | The version of PostgreSQL that CockroachDB emulates. | Version-dependent | Yes | Yes |
 | <a id="session-id"></a> `session_id` | The ID of the current session. | Session-dependent | No | Yes |
 | <a id="session-user"></a> `session_user` | The user connected for the current session. | User in connection string | No | Yes |
-| <a id="sql-safe-updates"></a> `sql_safe_updates` | If `true`, the following potentially unsafe SQL statements are disallowed: [`DROP DATABASE`]({% link {{ page.version.version }}/drop-database.md %}) of a non-empty database and all dependent objects; [`DELETE`]({% link {{ page.version.version }}/delete.md %}) and [`UPDATE`]({% link {{ page.version.version }}/update.md %}) without a `WHERE` clause, unless a [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause is included; [`SELECT ... FOR UPDATE`]({% link {{ page.version.version }}/select-for-update.md %}) and [`SELECT ... FOR SHARE`]({% link {{ page.version.version }}/select-for-update.md %}) without a `WHERE` or [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause; and [`ALTER TABLE ... DROP COLUMN`]({% link {{ page.version.version }}/alter-table.md %}#drop-column).<br/>For more details, refer to [Allow potentially unsafe SQL statements]({% link {{ page.version.version }}/cockroach-sql.md %}#allow-potentially-unsafe-sql-statements). | `true` for interactive sessions from the [built-in SQL client]({% link {{ page.version.version }}/cockroach-sql.md %}), <br/>`false` for sessions from other clients | Yes | Yes |
+| <a id="sql-safe-updates"></a> `sql_safe_updates` | If `true`, the following potentially unsafe SQL statements are disallowed: [`DROP DATABASE`]({% link {{ page.version.version }}/drop-database.md %}) of a non-empty database and all dependent objects; [`DELETE`]({% link {{ page.version.version }}/delete.md %}) and [`UPDATE`]({% link {{ page.version.version }}/update.md %}) without a `WHERE` clause, unless a [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause is included; [`SELECT ... FOR UPDATE`]({% link {{ page.version.version }}/select-for-update.md %}) and [`SELECT ... FOR SHARE`]({% link {{ page.version.version }}/select-for-update.md %}) without a `WHERE` or [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause; [`ALTER TABLE ... DROP COLUMN`]({% link {{ page.version.version }}/alter-table.md %}#drop-column); and converting an existing table to [`REGIONAL BY ROW`]({% link {{ page.version.version }}/alter-table.md %}#set-the-table-locality-to-regional-by-row) using [`ALTER TABLE ... LOCALITY`]({% link {{ page.version.version }}/alter-table.md %}#regional-by-row), unless a [region column]({% link {{ page.version.version }}/alter-table.md %}#crdb_region) has already been added to the table.<br/>For more details, refer to [Allow potentially unsafe SQL statements]({% link {{ page.version.version }}/cockroach-sql.md %}#allow-potentially-unsafe-sql-statements). | `true` for interactive sessions from the [built-in SQL client]({% link {{ page.version.version }}/cockroach-sql.md %}), <br/>`false` for sessions from other clients | Yes | Yes |
 | <a id="statement-timeout"></a> `statement_timeout` | The amount of time a statement can run before being stopped. <br/>This value can be an `int` (e.g., `10`) and will be interpreted as milliseconds. It can also be an interval or string argument, where the string can be parsed as a valid interval (e.g., `'4s'`). <br/>A value of `0` turns it off. | The value set by the `sql.defaults.statement_timeout` [cluster setting]({% link {{ page.version.version }}/cluster-settings.md %}) (`0s`, by default). | Yes | Yes |
 | <a id="stub-catalog-tables"></a> `stub_catalog_tables` | If `off`, querying an unimplemented, empty [`pg_catalog`]({% link {{ page.version.version }}/pg-catalog.md %}) table will result in an error, as is the case in v20.2 and earlier. If `on`, querying an unimplemented, empty `pg_catalog` table simply returns no rows. | `on` | Yes | Yes |
 | <a id="timezone"></a> `timezone` | The default time zone for the current session. | `UTC` | Yes | Yes |

src/current/_includes/v24.1/sql/sql-examples.md

@@ -403,7 +403,7 @@ In this example, we create a table and then use `\|` to programmatically insert
 
 ### Allow potentially unsafe SQL statements
 
-The `--safe-updates` flag defaults to `true`. This prevents SQL statements that may have broad, undesired side effects. For example, by default, we cannot use `DELETE` without a `WHERE` clause to delete all rows from a table:
+The [`--safe-updates` flag](#flag-safe-updates) defaults to `true`. This prevents SQL statements that may have broad, undesired side effects. For example, by default, we cannot use `DELETE` without a `WHERE` clause to delete all rows from a table:
 
 {% include_cached copy-clipboard.html %}
 ~~~ shell
@@ -449,7 +449,7 @@ DELETE 10
 ~~~
 
 {{site.data.alerts.callout_info}}
-Potentially unsafe SQL statements can also be allowed/disallowed for an entire session via the `sql_safe_updates` [session variable]({% link {{ page.version.version }}/set-vars.md %}).
+Potentially unsafe SQL statements can also be allowed/disallowed for an entire session via the [`sql_safe_updates` session variable]({% link {{ page.version.version }}/set-vars.md %}#sql-safe-updates). For a complete list of these statements, refer to the session variable documentation.
 {{site.data.alerts.end}}
 
 ### Reveal the SQL statements sent implicitly by the command-line utility

src/current/_includes/v24.3/misc/session-vars.md

@@ -70,7 +70,7 @@
 | <a id="server-version-num"></a> `server_version_num` | The version of PostgreSQL that CockroachDB emulates. | Version-dependent | Yes | Yes |
 | <a id="session-id"></a> `session_id` | The ID of the current session. | Session-dependent | No | Yes |
 | <a id="session-user"></a> `session_user` | The user connected for the current session. | User in connection string | No | Yes |
-| <a id="sql-safe-updates"></a> `sql_safe_updates` | If `true`, the following potentially unsafe SQL statements are disallowed: [`DROP DATABASE`]({% link {{ page.version.version }}/drop-database.md %}) of a non-empty database and all dependent objects; [`DELETE`]({% link {{ page.version.version }}/delete.md %}) and [`UPDATE`]({% link {{ page.version.version }}/update.md %}) without a `WHERE` clause, unless a [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause is included; [`SELECT ... FOR UPDATE`]({% link {{ page.version.version }}/select-for-update.md %}) and [`SELECT ... FOR SHARE`]({% link {{ page.version.version }}/select-for-update.md %}) without a `WHERE` or [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause; and [`ALTER TABLE ... DROP COLUMN`]({% link {{ page.version.version }}/alter-table.md %}#drop-column).<br/>For more details, refer to [Allow potentially unsafe SQL statements]({% link {{ page.version.version }}/cockroach-sql.md %}#allow-potentially-unsafe-sql-statements). | `true` for interactive sessions from the [built-in SQL client]({% link {{ page.version.version }}/cockroach-sql.md %}), <br/>`false` for sessions from other clients | Yes | Yes |
+| <a id="sql-safe-updates"></a> `sql_safe_updates` | If `true`, the following potentially unsafe SQL statements are disallowed: [`DROP DATABASE`]({% link {{ page.version.version }}/drop-database.md %}) of a non-empty database and all dependent objects; [`DELETE`]({% link {{ page.version.version }}/delete.md %}) and [`UPDATE`]({% link {{ page.version.version }}/update.md %}) without a `WHERE` clause, unless a [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause is included; [`SELECT ... FOR UPDATE`]({% link {{ page.version.version }}/select-for-update.md %}) and [`SELECT ... FOR SHARE`]({% link {{ page.version.version }}/select-for-update.md %}) without a `WHERE` or [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause; [`ALTER TABLE ... DROP COLUMN`]({% link {{ page.version.version }}/alter-table.md %}#drop-column); and converting an existing table to [`REGIONAL BY ROW`]({% link {{ page.version.version }}/alter-table.md %}#set-the-table-locality-to-regional-by-row) using [`ALTER TABLE ... LOCALITY`]({% link {{ page.version.version }}/alter-table.md %}#regional-by-row), unless a [region column]({% link {{ page.version.version }}/alter-table.md %}#crdb_region) has already been added to the table.<br/>For more details, refer to [Allow potentially unsafe SQL statements]({% link {{ page.version.version }}/cockroach-sql.md %}#allow-potentially-unsafe-sql-statements). | `true` for interactive sessions from the [built-in SQL client]({% link {{ page.version.version }}/cockroach-sql.md %}), <br/>`false` for sessions from other clients | Yes | Yes |
 | <a id="statement-timeout"></a> `statement_timeout` | The amount of time a statement can run before being stopped. <br/>This value can be an `int` (e.g., `10`) and will be interpreted as milliseconds. It can also be an interval or string argument, where the string can be parsed as a valid interval (e.g., `'4s'`). <br/>A value of `0` turns it off. | The value set by the `sql.defaults.statement_timeout` [cluster setting]({% link {{ page.version.version }}/cluster-settings.md %}) (`0s`, by default). | Yes | Yes |
 | <a id="stub-catalog-tables"></a> `stub_catalog_tables` | If `off`, querying an unimplemented, empty [`pg_catalog`]({% link {{ page.version.version }}/pg-catalog.md %}) table will result in an error, as is the case in v20.2 and earlier. If `on`, querying an unimplemented, empty `pg_catalog` table simply returns no rows. | `on` | Yes | Yes |
 | <a id="timezone"></a> `timezone` | The default time zone for the current session. | `UTC` | Yes | Yes |

src/current/_includes/v24.3/sql/sql-examples.md

@@ -403,7 +403,7 @@ In this example, we create a table and then use `\|` to programmatically insert
 
 ### Allow potentially unsafe SQL statements
 
-The `--safe-updates` flag defaults to `true`. This prevents SQL statements that may have broad, undesired side effects. For example, by default, we cannot use `DELETE` without a `WHERE` clause to delete all rows from a table:
+The [`--safe-updates` flag](#flag-safe-updates) defaults to `true`. This prevents SQL statements that may have broad, undesired side effects. For example, by default, we cannot use `DELETE` without a `WHERE` clause to delete all rows from a table:
 
 {% include_cached copy-clipboard.html %}
 ~~~ shell
@@ -449,7 +449,7 @@ DELETE 10
 ~~~
 
 {{site.data.alerts.callout_info}}
-Potentially unsafe SQL statements can also be allowed/disallowed for an entire session via the `sql_safe_updates` [session variable]({% link {{ page.version.version }}/set-vars.md %}).
+Potentially unsafe SQL statements can also be allowed/disallowed for an entire session via the [`sql_safe_updates` session variable]({% link {{ page.version.version }}/set-vars.md %}#sql-safe-updates). For a complete list of these statements, refer to the session variable documentation.
 {{site.data.alerts.end}}
 
 ### Reveal the SQL statements sent implicitly by the command-line utility

src/current/_includes/v25.2/misc/session-vars.md

@@ -74,7 +74,7 @@
 | <a id="server-version-num"></a> `server_version_num` | The version of PostgreSQL that CockroachDB emulates. | Version-dependent | Yes | Yes |
 | <a id="session-id"></a> `session_id` | The ID of the current session. | Session-dependent | No | Yes |
 | <a id="session-user"></a> `session_user` | The user connected for the current session. | User in connection string | No | Yes |
-| <a id="sql-safe-updates"></a> `sql_safe_updates` | If `true`, the following potentially unsafe SQL statements are disallowed: [`DROP DATABASE`]({% link {{ page.version.version }}/drop-database.md %}) of a non-empty database and all dependent objects; [`DELETE`]({% link {{ page.version.version }}/delete.md %}) and [`UPDATE`]({% link {{ page.version.version }}/update.md %}) without a `WHERE` clause, unless a [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause is included; [`SELECT ... FOR UPDATE`]({% link {{ page.version.version }}/select-for-update.md %}) and [`SELECT ... FOR SHARE`]({% link {{ page.version.version }}/select-for-update.md %}) without a `WHERE` or [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause; and [`ALTER TABLE ... DROP COLUMN`]({% link {{ page.version.version }}/alter-table.md %}#drop-column).<br/>For more details, refer to [Allow potentially unsafe SQL statements]({% link {{ page.version.version }}/cockroach-sql.md %}#allow-potentially-unsafe-sql-statements). | `true` for interactive sessions from the [built-in SQL client]({% link {{ page.version.version }}/cockroach-sql.md %}), <br/>`false` for sessions from other clients | Yes | Yes |
+| <a id="sql-safe-updates"></a> `sql_safe_updates` | If `true`, the following potentially unsafe SQL statements are disallowed: [`DROP DATABASE`]({% link {{ page.version.version }}/drop-database.md %}) of a non-empty database and all dependent objects; [`DELETE`]({% link {{ page.version.version }}/delete.md %}) and [`UPDATE`]({% link {{ page.version.version }}/update.md %}) without a `WHERE` clause, unless a [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause is included; [`SELECT ... FOR UPDATE`]({% link {{ page.version.version }}/select-for-update.md %}) and [`SELECT ... FOR SHARE`]({% link {{ page.version.version }}/select-for-update.md %}) without a `WHERE` or [`LIMIT`]({% link {{ page.version.version }}/limit-offset.md %}) clause; [`ALTER TABLE ... DROP COLUMN`]({% link {{ page.version.version }}/alter-table.md %}#drop-column); and converting an existing table to [`REGIONAL BY ROW`]({% link {{ page.version.version }}/alter-table.md %}#set-the-table-locality-to-regional-by-row) using [`ALTER TABLE ... LOCALITY`]({% link {{ page.version.version }}/alter-table.md %}#regional-by-row), unless a [region column]({% link {{ page.version.version }}/alter-table.md %}#crdb_region) has already been added to the table.<br/>For more details, refer to [Allow potentially unsafe SQL statements]({% link {{ page.version.version }}/cockroach-sql.md %}#allow-potentially-unsafe-sql-statements). | `true` for interactive sessions from the [built-in SQL client]({% link {{ page.version.version }}/cockroach-sql.md %}), <br/>`false` for sessions from other clients | Yes | Yes |
 | <a id="statement-timeout"></a> `statement_timeout` | The amount of time a statement can run before being stopped. <br/>This value can be an `int` (e.g., `10`) and will be interpreted as milliseconds. It can also be an interval or string argument, where the string can be parsed as a valid interval (e.g., `'4s'`). <br/>A value of `0` turns it off. | The value set by the `sql.defaults.statement_timeout` [cluster setting]({% link {{ page.version.version }}/cluster-settings.md %}) (`0s`, by default). | Yes | Yes |
 | <a id="stub-catalog-tables"></a> `stub_catalog_tables` | If `off`, querying an unimplemented, empty [`pg_catalog`]({% link {{ page.version.version }}/pg-catalog.md %}) table will result in an error, as is the case in v20.2 and earlier. If `on`, querying an unimplemented, empty `pg_catalog` table simply returns no rows. | `on` | Yes | Yes |
 | <a id="timezone"></a> `timezone` | The default time zone for the current session. | `UTC` | Yes | Yes |

src/current/_includes/v25.2/sql/sql-examples.md

@@ -403,7 +403,7 @@ In this example, we create a table and then use `\|` to programmatically insert
 
 ### Allow potentially unsafe SQL statements
 
-The `--safe-updates` flag defaults to `true`. This prevents SQL statements that may have broad, undesired side effects. For example, by default, we cannot use `DELETE` without a `WHERE` clause to delete all rows from a table:
+The [`--safe-updates` flag](#flag-safe-updates) defaults to `true`. This prevents SQL statements that may have broad, undesired side effects. For example, by default, we cannot use `DELETE` without a `WHERE` clause to delete all rows from a table:
 
 {% include_cached copy-clipboard.html %}
 ~~~ shell
@@ -449,7 +449,7 @@ DELETE 10
 ~~~
 
 {{site.data.alerts.callout_info}}
-Potentially unsafe SQL statements can also be allowed/disallowed for an entire session via the `sql_safe_updates` [session variable]({% link {{ page.version.version }}/set-vars.md %}).
+Potentially unsafe SQL statements can also be allowed/disallowed for an entire session via the [`sql_safe_updates` session variable]({% link {{ page.version.version }}/set-vars.md %}#sql-safe-updates). For a complete list of these statements, refer to the session variable documentation.
 {{site.data.alerts.end}}
 
 ### Reveal the SQL statements sent implicitly by the command-line utility