🚀 New blog post + django-rls-tenants 1.1.0 is out!
TL;DR: PostgreSQL RLS policies can't use your indexes because current_setting() isn't leakproof. The query planner falls back to sequential scans and applies tenant filtering row-by-row. On large tables, this hurts.

v1.1 fixes this by adding automatic ORM-level WHERE tenant_id = X alongside RLS - so Postgres uses your composite indexes for the fast path while RLS still enforces isolation as a safety net.

Also in this release:
→ select_related() now propagates tenant filters across joins
→ threading.local replaced with contextvars (ASGI-safe)
→ Superuser detection at startup (RLS is silently bypassed otherwise!)
→ Better exception handling in middleware
→ CASE WHEN policy rewrite for cleaner evaluation
Full write-up: https://dev.to/dvoraj75/postgresql-rls-is-fail-closed-but-is-it-fast-making-django-rls-tenants-index-friendly-2j18
GitHub: https://github.com/dvoraj75/django-rls-tenants
#Django #PostgreSQL #Python #MultiTenancy #RLS #OpenSource

Your Django ORM protects tenant data. Your raw SQL doesn't. 😬

That's why I built django-rls-tenants — multitenancy powered by PostgreSQL Row-Level Security, enforced at the database level.

🔒 Every query is filtered — ORM, raw SQL, even dbshell
🚫 Missing tenant context? Zero rows returned, never a data leak
📦 Single schema, no connection routing headaches
⚡ Drop-in: one base model, one middleware, done

Unlike schema-based or ORM-rewriting approaches, RLS policies live in PostgreSQL itself. The database becomes your last line of defense — not your app code.

Supports Python 3.11+, Django 4.2–6.0, PostgreSQL 15+.

Just shipped v1.0.0 🚀

pip install django-rls-tenants

📖 Docs & source: https://github.com/dvoraj75/django-rls-tenants

Feedback, stars & contributions welcome! ⭐

#Django #Python #PostgreSQL #MultiTenancy #RowLevelSecurity #OpenSource #WebDev #SaaS #InfoSec #Database

🚀 ForgeWatch 1.4.1 is out!

The big news: minimum Python version is now 3.11 (down from 3.13), and the CI matrix covers 3.11, 3.12, 3.13 and 3.14 — all must pass. More of you can now use it out of the box.

🔗 https://github.com/dvoraj75/forgewatch

#Python #OpenSource #CLI #DeveloperTools #ForgeWatch

🚀 Day 1 on django-rls-tenants — bringing true PostgreSQL Row-Level Security to Django multitenancy!

Instead of separate schemas or filtered querysets, this library leverages native RLS policies at the DB level to isolate tenant data automatically.

✅ Pros:
• True DB-level isolation — tenants can't bleed into each other
• Transparent to Django ORM — no custom managers needed
• Leaner than schema-per-tenant approaches
• Scales well for high tenant counts
• Security enforced even outside the app layer

❌ Cons:
• PostgreSQL-only (no MySQL/SQLite support)
• RLS policies add complexity to migrations
• Debugging cross-tenant issues can be tricky
• Superuser connections bypass RLS — needs care
• Less community tooling than shared-schema approaches

Still very early, but the foundations are solid. Would love feedback from anyone who's tackled multitenancy in Django before! 🐘🐍

#Django #PostgreSQL #Python #Multitenancy #RLS #RowLevelSecurity #OpenSource #WebDev #SaaS #DjangoORM #DevLife

github-monitor is now forgewatch!

I rebranded my PR monitoring daemon. The old name locked it to a single platform, but the vision has always been broader than that. "forgewatch" better reflects what the app is really about: watching over your code forge, wherever it lives.

Why the rename? Two reasons:

1. It's more general. The architecture doesn't depend on GitHub specifically, and I want to grow it to support GitLab, Gitea, and other forges over time.
2. It's more descriptive. "forgewatch" tells you exactly what it does -- it watches your forge for pull requests and keeps you notified via D-Bus and desktop notifications on Linux.

The daemon is async Python, runs as a systemd user service, and comes with an optional system tray indicator. Give it a look if you're a Linux dev who juggles PRs across repos.

https://github.com/dvoraj75/forgewatch
https://pypi.org/project/forgewatch/

#forgewatch #opensource #python #linux #devtools #foss #github #gitlab #gitea #asyncio #dbus #systemd

Our company is moving toward being AI-first, with a strong no-code mindset and more code expected to be generated by AI. After a 2-day workshop, I have to admit the progress was impressive: we finished sprint tasks in just 2 days, and the delivery speed felt multiplied.

So I’m genuinely split.

On one hand, the benefits are obvious: faster prototyping, less repetitive work, quicker iteration, and much more output in less time. On the other hand, I keep asking myself: where does this lead us? What happens to software engineering as a craft if writing code becomes less central? Do our jobs evolve, or do parts of them disappear?

Maybe the future is not fewer engineers, but engineers working differently: more architecture, more critical thinking, more review, and more responsibility for what AI produces.

Curious how others are thinking about this shift.

#AI #NoCode #SoftwareEngineering #FutureOfWork #DeveloperExperience #TechLeadership

Tired of missing GitHub PR reviews? I built github-monitor -- a lightweight Linux daemon that watches for PRs assigned to you and sends desktop notifications the moment they land.

Features:
- Desktop notifications with author avatars via notify-send
- System tray indicator with live PR count and clickable PR list
- Runs quietly as a systemd user service -- set it and forget it
- Config reload on SIGHUP, graceful shutdown on SIGTERM

Under the hood:
- Pure async Python (asyncio) -- no threads, no blocking I/O
- aiohttp for GitHub API, dbus-next for session bus IPC
- Daemon exposes live state over D-Bus, indicator connects as a separate process
- Frozen dataclasses, strict mypy, full test coverage

Built with Python 3.13+, packaged with hatchling, managed with uv.

It's open source and I'd love feedback -- whether it's bug reports, feature ideas, or contributions!

https://github.com/dvoraj75/github-monitor

#Python #Linux #OpenSource #GitHub #AsyncPython #DBus #Systemd

I found this interesting #react course on #udemy from Maximilian Schwarzmüller, i have to say it's quite interesting 🙂

But still...i think i'll be 4ever backend guy. It wont change 😆 #python #learning #code #introductionproject