PREQUEL-2025-0086

Database Not-Null Constraint ViolationMedium

Impact: 7/10

Mitigation: 3/10

PREQUEL-2025-0086View on GitHub

DatabasePostgreSQLDjangoData Integrity

Description

An application is attempting to insert or update records in a database table with NULL values\nin columns that have NOT NULL constraints. This causes database operations to fail with\nintegrity errors, typically surfacing as NotNullViolation exceptions in application logs.\nIn Django applications, this commonly appears as django.db.utils.IntegrityError or\npsycopg2.errors.NotNullViolation when using PostgreSQL.\n

Mitigation

- Add proper validation in application code before database operations:\n validate models.Model.clean() or form validation in Django\n- Implement defensive programming by checking for null values before database operations\n- Add explicit default values in model definitions where appropriate:\n status_code = models.IntegerField(null=False, default=0)\n- Review database schema design to ensure constraints match business requirements\n- Add database-level default values for required columns\n- Implement proper exception handling with user-friendly error messages\n- Use database transactions to prevent partial updates when multiple tables are involved\n- Review and test database migrations thoroughly before applying to production\n

References

• https://python-forum.io/thread-29318.html
• https://docs.djangoproject.com/en/stable/ref/models/constraints/
• https://www.postgresql.org/docs/current/ddl-constraints.html