When replica identity is full and row level security is on the old_record section of the output contains all data. This is a problem because we can not verify row level security on delete records so its possible for private columns to leak
Updated behavior:
When replica identity is full and row level security is on the old_record columns are filtered to primary key info only. This is the minimal info required for the user to uniquely identify the record on the client side
Current behavior:
When replica identity is full and row level security is on the
old_record
section of the output contains all data. This is a problem because we can not verify row level security on delete records so its possible for private columns to leakUpdated behavior:
When replica identity is full and row level security is on the
old_record
columns are filtered to primary key info only. This is the minimal info required for the user to uniquely identify the record on the client side