惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
V2EX - 技术
D
DataBreaches.Net
阮一峰的网络日志
阮一峰的网络日志
Recent Announcements
Recent Announcements
V
V2EX
Hugging Face - Blog
Hugging Face - Blog
T
The Exploit Database - CXSecurity.com
Simon Willison's Weblog
Simon Willison's Weblog
Cisco Talos Blog
Cisco Talos Blog
Microsoft Security Blog
Microsoft Security Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
K
Kaspersky official blog
F
Fortinet All Blogs
GbyAI
GbyAI
Forbes - Security
Forbes - Security
The Cloudflare Blog
博客园 - 司徒正美
博客园_首页
量子位
Schneier on Security
Schneier on Security
G
GRAHAM CLULEY
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
P
Proofpoint News Feed
N
News | PayPal Newsroom
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 聂微东
T
Tor Project blog
V
Vulnerabilities – Threatpost
Y
Y Combinator Blog
Jina AI
Jina AI
Help Net Security
Help Net Security
T
Threat Research - Cisco Blogs
Recent Commits to openclaw:main
Recent Commits to openclaw:main
C
Cybersecurity and Infrastructure Security Agency CISA
Project Zero
Project Zero
N
News and Events Feed by Topic
I
Intezer
B
Blog
美团技术团队
C
CERT Recently Published Vulnerability Notes
NISL@THU
NISL@THU
L
LINUX DO - 最新话题
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Blog — PlanetScale
Blog — PlanetScale
AWS News Blog
AWS News Blog
T
Tailwind CSS Blog
The Last Watchdog
The Last Watchdog
雷峰网
雷峰网
有赞技术团队
有赞技术团队

The Practical Developer

The Libuv Thread Pool Trap: Why Node.js Async APIs Stall Under Load Postgres Covering Indexes with INCLUDE: Eliminate Heap Fetches on Read-Heavy Workloads Postgres DISTINCT ON: The Fastest Way to Get the Latest Row Per Group Postgres Transaction Isolation: The Anomalies Your App Actually Faces in Production Linux TCP Tuning for Node.js Microservices: The Kernel Settings That Stop Silent Connection Drops Under Load Postgres HOT Updates and Fillfactor: Why Not All Writes Are Created Equal Database Connection Pool Leaks: Finding the Promise That Never Returns Its Seat Linux OOM Killer in Production: Why Your Node.js Containers Die Without a Stack Trace Postgres Materialized Views: Refresh Strategies That Do Not Lock Your Dashboards API Dependency Health Checks: Why /health Is Not Enough Authorization with Zanzibar Tuples: How Google Manages Permissions and How To Build the Same Check in Node.js Postgres Advisory Locks: The 20-Character Primitive That Replaces Redis for Coordination Dead Letter Queues: The Message Queue Pattern That Saves You at 2 a.m. File Descriptor Exhaustion: The Kernel Limit That Silently Drops Node.js Connections Graceful Degradation: The Pattern That Turns Total Outages into Partial Success PostgreSQL Full-Text Search: Dropping Elasticsearch for 90% of Use Cases S3 Presigned Multipart Uploads: Stop Your API Server from Being a File Upload Bottleneck MessagePack vs JSON: The Binary Serialization Switch That Cut Our Internal RPC Overhead by 40% DNS Caching in Node.js: The Silent Cause of Production Latency Spikes Reliable Cron Jobs: The Pattern That Stops Double Runs, Missed Executions, And The 2 AM Page GraphQL Query Complexity: Stop the OOM Query Before It Reaches Your Resolver Node.js Event Loop Lag: The Hidden Metric Behind Random Latency Spikes API Request Validation with Zod: The Schema That Catches Bad Input Before It Corrupts Your Database Load Shedding in Node.js: How to Reject Traffic Before You Drown Request Hedging: Cut Tail Latency In Half Without Overprovisioning Git Bisect: The Automated Binary Search That Finds Breaking Commits in Minutes Node.js Garbage Collection Tuning: Stop Letting V8 Pause Your Event Loop Node.js Server Timeouts: The Settings That Stop Slow Clients from Holding Sockets Hostage Postgres BRIN Indexes: The Time-Series Secret That Shrinks Indexes by 99% Event Sourcing with PostgreSQL: The Pragmatic 80% Solution Node.js Cluster Mode: Scaling the Event Loop Across CPU Cores Postgres Partial Indexes: Stopping Soft Deletes from Ruining Your Query Performance Request Coalescing with the Singleflight Pattern: Stop Drowning Your Database on Every Cache Miss The Bulkhead Pattern: Why One Slow Endpoint Should Not Drown Your Whole Service Node.js AsyncLocalStorage: End-to-End Request Context Without the Propagation Hell Postgres Deadlocks: Logging the Victim, Reproducing the Race, and Fixing the Lock Order Your Node.js HTTP Client Is the Bottleneck: Connection Pool Tuning That Works Optimistic Locking in Postgres: Stop Losing Data to Race Conditions Postgres Read Replicas: Stop Serving Stale Data to Your Users Cursor Pagination: Why Offset Queries Explode at Scale and How to Fix Them Node.js Worker Threads: 60 Lines That Stop a CSV Upload from Timing Out Every Other Request Reliable Webhook Delivery: Architecture for Outbound HTTP You Can Trust Request Timeouts and Deadline Propagation: Stop the Chain of Slowness Advanced Security Practices in Node.js Graceful Shutdown in Node.js: The 40 Lines That Stop 502s During Deploys Finding Node.js Memory Leaks with Heap Snapshots Idempotency Keys in 30 Lines: Stop Your Webhook From Charging Customers Twice Backpressure In Node.js: The Fix For Slow-Motion Queue Meltdowns Retries Done Right: Jitter, Budgets, and the Stampede You Did Not See Coming The Cache Stampede: Why Your "Just Add Redis" Layer Crashes Postgres at 3 a.m. Postgres SKIP LOCKED: An 80-Line Job Queue You Can Run Without Redis Stop Doing Work Nobody Wants: AbortController in Node.js, Done Right The N+1 Query Problem: We Found 23 In One Codebase And Killed Every One I Tried 5 AI Coding Tools for a Month. Here Is What I Actually Use CI/CD From Zero to Production in 30 Minutes With GitHub Actions Node.js vs Bun vs Deno: Which Runtime Should You Pick in 2025? Kubernetes Resource Requests And Limits: The Numbers That Decide If Your Cluster Is Stable The Three Pillars of Observability Are A Myth: What Actually Matters In Production pnpm Vs npm Vs yarn Vs Bun For Monorepos: Which One Earns The Migration In 2024 JSONB Indexing In Postgres: GIN Vs Expression Indexes, And When Each Is The Right Choice A Code Review Checklist That Ends The Same Three Arguments Every Sprint gRPC Vs REST In 2024: When The Switch Pays For Itself React Suspense For Data Fetching: The Pattern That Replaces Half Your Loading State Code The Five-Stage Rollout: How To Ship A Risky Change Without Holding Your Breath GitHub Actions In A Monorepo: Caching, Path Filters, And Secret Boundaries That Actually Work The Blameless Postmortem That Actually Improves Things: A Template And Six Hard-Won Rules Recursive CTEs In Postgres: How To Query A Tree Without N Round Trips Node.js Streams: When They Actually Help, And When They Just Add Complexity Playwright Vs Cypress In 2024: The Honest Comparison Of Which One Earns The Test Time React Server Components: The Mental Model That Makes The "use client" Boundary Obvious Pod Disruption Budgets: The K8s Object That Keeps Your Service Up During Cluster Maintenance Postgres LISTEN/NOTIFY: The Pub/Sub You Already Have And Are Not Using Chaos Engineering Starter Kit: The Five Drills That Don't Need Netflix-Scale Spec-Driven API Development With OpenAPI: How To Stop Drifting From Your Docs Saga Pattern vs Two-Phase Commit: Distributed Transactions Without The Lies Kubernetes Autoscaling Beyond CPU: The Custom-Metric HPA Pattern That Actually Works Postgres Partitioning For Time-Series: The Boring Setup That Saves Your Database Distributed Locks With Redis: An Honest Look At Redlock And When You Don't Need It HTTP/2 vs HTTP/3: What Actually Changes For Your App, And What Doesn't Image Optimization For The Web In 2023: srcset, AVIF, And The Lighthouse Score You Actually Want Kafka vs RabbitMQ: A Decision Tree That Doesn't Hate You UUID vs Bigint Primary Keys In Postgres: The Index Math That Decides For You Flame Graphs: How To Find The Slow Function In 30 Seconds Without Profiling Theatre Postgres Streaming Vs. Logical Replication: Which One Solves Your Actual Problem ESLint Rules That Earn Their Keep: The Twelve I Enable On Every Project Pre-Commit Hooks That Pay For Themselves: Husky, lint-staged, And The Five Rules That Stick Zero-Downtime Database Migrations: The Six-Step Pattern That Rules Them All Circuit Breakers In Node.js: 50 Lines That Stop A Failing Dependency From Taking Down Your Service Postgres VACUUM Is Not Magic: How Your Hot Table Bloats To 80GB And How To Fix It Kubernetes Liveness And Readiness Probes: The Difference That Causes Half Your Outages Rate Limiting In Production: A Token Bucket In 30 Lines Of Redis The Outbox Pattern: How To Stop Losing Events When Postgres And Kafka Disagree Load Testing With k6: The Three Scenarios That Find Real Bugs (Not Synthetic Numbers) Postgres Row-Level Security For Multi-Tenant Apps: The Pattern That Stops You From Leaking Data Rebase vs. Merge: The Team Policy That Ends The Argument Forever OpenTelemetry in Node.js: Distributed Tracing That Actually Helps During an Incident Feature Flags That Pay Rent: The 4 Flag Types And When To Delete Each ETag, Last-Modified, and the Caching Headers Most APIs Get Wrong Connection Pooling Without the Cargo Cult: pgbouncer in 100 Lines of Config Bash Strict Mode: The Three Lines That Stop Your Deploy Script From Lying To You
JSONB Is Not a Schema: When To Reach For It in Postgres, And When To Stop
The Practica · 2022-08-05 · via The Practical Developer

The first JSONB column on a table is usually a good idea. The third one is usually a sign that something has gone wrong. By the time you have metadata, settings, attributes, and extra_data columns each holding a different shape of dict that nobody documented, the schema is no longer telling you what your data is. The application is, somewhere, in code that runs at request time.

JSONB is one of the most useful features in Postgres. It is also one of the easiest to misuse. The rule for when to use it, the queries that tell you when a key should be promoted to a column, and the indexing pattern that makes querying it fast: that is what this post is. No “JSONB vs JSON” basics, no benchmarking. Just the practical decisions.

The honest rule

Use JSONB when the shape varies legitimately per row and the variation is not something you query against in performance-critical paths.

That is the entire rule. Examples that pass:

  • A webhook_events table where the payload shape depends on the event type and the variation is real (Stripe events vs GitHub events vs your internal ones).
  • An audit_log table where you store before/after diffs of arbitrary models.
  • A user_preferences blob where each user has a slightly different set of toggled features and you only ever read the whole blob to render a settings page.

Examples that fail:

  • A users.metadata column that always contains {"plan": "...", "trial_ends_at": "..."}. That is not “varies per row.” That is two columns hiding from a migration.
  • An orders.extra blob that the billing query has to filter on. You will need an index on that key, you will not get the planner statistics a column would give you, and you will spend the rest of the project arguing about JSON path syntax.
  • A products.spec blob that the search page filters on. You wanted EAV. JSONB is not EAV; it is unindexed-by-default unstructured data.

If a JSONB key is queried in WHERE more than once in your codebase, it should probably be a column. If two of those queries appear in the same hot path, it definitely should.

Run these against your real database before deciding whether a JSONB key has earned a column.

1. How many rows have this key?

SELECT count(*) FILTER (WHERE data ? 'plan') AS with_key,
       count(*)                              AS total
FROM accounts;

If 95%+ of rows have the key, it is no longer optional. Make it a column. JSONB is for legitimately optional data; once it is universal, you are paying the JSON parsing cost on every read for nothing.

2. What are the actual values?

SELECT data->>'plan' AS plan, count(*)
FROM accounts
GROUP BY 1
ORDER BY 2 DESC;

If there are five distinct values (free, pro, team, enterprise, legacy), you have an enum, not a free-form blob. Make it a column with a CHECK or a generated plan enum.

3. How often does the key appear in WHERE clauses?

grep -r "data->>'plan'" app/ (or your equivalent). Anywhere the key shows up in a WHERE is a query the planner cannot optimize without help. Each occurrence is an argument for a column.

4. What does the planner do with it?

EXPLAIN ANALYZE
SELECT * FROM accounts WHERE data->>'plan' = 'pro';

If you see a Seq Scan, the JSONB key has no index. You can fix that with a GIN index, but the rows-promoted-to-column version comes with btree statistics, which the planner uses for join ordering. JSONB does not. Bad estimates are how a fast-looking query becomes a slow one in production.

Indexing JSONB the right way

When you do keep something in JSONB, the wrong index is “no index” and the second-wrong index is a btree on (data->>'key') for a column you will eventually rename. The right default is a GIN index (General Inverted iNdex), which lets Postgres look up rows by JSONB key/value containment.

CREATE INDEX events_payload_gin ON events USING GIN (payload);

That index supports the JSONB containment operator @>:

-- Uses the GIN index. Fast.
SELECT * FROM events WHERE payload @> '{"type": "user.signup"}';

-- Does NOT use the GIN index above. Slow.
SELECT * FROM events WHERE payload->>'type' = 'user.signup';

The difference is real. The first version is “find rows where payload contains this object,” which GIN handles natively. The second is “extract the value at this path and compare it as text,” which is a function call the GIN index does not understand.

If you must use the ->> form (because you need the value, not just existence), index the expression directly:

CREATE INDEX events_type_idx ON events ((payload->>'type'));

Now the planner uses it, but you have a single-purpose index. If you have five hot keys, you have five indexes. At that point (see above), those keys want to be columns.

For partial GIN indexes, Postgres supports the jsonb_path_ops operator class, which is smaller and faster but supports only @>:

CREATE INDEX events_payload_gin
  ON events USING GIN (payload jsonb_path_ops);

Use it if @> is your only access pattern and the index size matters (it usually does once the table grows past a few million rows).

The query patterns nobody tells you about

A few JSONB tricks that pay back the investment.

Update a nested key without overwriting the whole blob:

UPDATE settings
SET data = jsonb_set(data, '{notifications,email}', 'false', true)
WHERE user_id = $1;

The fourth argument (true) means “create the key if it does not exist.” Without it, the update silently no-ops on rows missing notifications.email, which is exactly the bug pattern you do not want.

Remove a key:

UPDATE settings SET data = data - 'deprecated_flag' WHERE data ? 'deprecated_flag';

The - operator removes a top-level key. For nested removal, #- takes a path:

UPDATE settings SET data = data #- '{billing,old_card}';

Expand JSONB to rows, joining-style:

SELECT u.id, k.key, k.value
FROM users u, jsonb_each_text(u.preferences) k
WHERE k.value::boolean IS TRUE;

jsonb_each_text turns a JSONB object into a (key, value) set. This is the right tool when you really do want to query any key without indexing each one, but if you find yourself doing this in a hot path, the data model needs work.

Aggregate rows back into a JSONB object:

SELECT user_id, jsonb_object_agg(pref_key, pref_value) AS preferences
FROM user_preferences
GROUP BY user_id;

Useful when migrating out of JSONB into a properly normalized user_preferences table. You can run both representations side by side and verify they match before flipping reads.

The migration nobody plans for

Every team I have seen that overused JSONB ends up doing the same migration three years later: extract the keys that have become universal into proper columns. It is annoying because it is mostly text manipulation, and it is annoying because the JSONB schema was never written down anywhere. Save yourself by writing this migration as you go, not three years later:

-- Add the column nullable, populate it, then enforce NOT NULL.
ALTER TABLE accounts ADD COLUMN plan text;
UPDATE accounts SET plan = data->>'plan' WHERE data ? 'plan';
ALTER TABLE accounts ALTER COLUMN plan SET NOT NULL;
ALTER TABLE accounts ADD CHECK (plan IN ('free','pro','team','enterprise'));

-- Optional: drop the now-redundant key from JSONB.
UPDATE accounts SET data = data - 'plan' WHERE data ? 'plan';

Three-step migrations like this are easy if the column was used in a handful of places. They turn into a quarter-long project if every API endpoint, every analytics query, every export job has its own copy of data->>'plan'. The fix is to read JSONB through one helper module from day one, so that when you promote a key the change is in one place.

The takeaway

JSONB is a sharp tool. It is genuinely the right answer for variable-shape per-row data (webhook payloads, audit diffs, user-defined attributes) and the wrong answer for “I do not feel like writing a migration today.” The trap is that the wrong answer feels great for six months and then you cannot un-tangle the schema.

Use the four queries (coverage, distinct values, code occurrences, planner behavior) to decide when a key has graduated to a column. Index JSONB with GIN, query it with @>, and route every read through one helper so future migrations do not require sed-across-the-codebase. And the moment a JSONB key shows up in a join condition, treat that as a sign you skipped the data-modeling step.

A note from Yojji

Choosing the right data model for a feature, the boring decision between “ship a JSONB blob now” and “spend two hours writing the schema,” is one of those calls that is invisible if you make it well and three quarters of refactor work if you do not. It is the kind of judgment Yojji’s backend teams bring to client work.

Yojji is an international custom software development company founded in 2016, with offices across Europe, the US, and the UK. Their dedicated teams ship full-cycle product engineering across the JavaScript stack and the major cloud platforms, including the unglamorous database design that decides whether a product still feels good a year later.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。