Re: Time to drop RADIUS support?

On 2026-Jan-23, Michael Banck wrote:

So you are saying we add a deprecation notice in the back branches and
drop it in V19? If this is a severe security issue then maybe we can
just remove it everywhere (ugh), or if not, I think it probably warrants
at least one release cycle of deprecation. Do we have a formal
deprecation timeline policy nowadays?

I don't think we do.

Would it work to add a WARNING (or something) to all back branches to
ask users to write here, so that we can confirm in the next few months
whether the protocol is completely unused or not? If we do find users,
then we could try to think of workarounds[*], but otherwise we'd just
remove it for pg19 (or pg20 at the latest) and not waste any more time
on it.

I don't think removing it entirely from all back branches is a good
idea, without first making sure that there are no users.

[*] or even just a way to document a migration to PAM-based Radius.

--
Álvaro Herrera 48°01'N 7°57'E — https://www.EnterpriseDB.com/
"I'm impressed how quickly you are fixing this obscure issue. I came from
MS SQL and it would be hard for me to put into words how much of a better job
you all are doing on [PostgreSQL]."
Steve Midgley, http://archives.postgresql.org/pgsql-sql/2008-08/msg00000.php