Infrastructure

What is Database Migration?

A database migration is a versioned, incremental change to your database schema — adding a column, creating a table, or modifying indexes. Migrations let your schema evolve alongside your code safely.

In plain English

Database migrations are like renovation permits for your building. Before knocking down a wall or adding a room, you file a permit (write a migration), get it approved (test it in staging), and have a plan to undo the work if something goes wrong (rollback migration). Ad-hoc renovations without permits lead to structural problems.

How it works

Migrations are SQL scripts or ORM-generated files stored in your codebase alongside your application code. A migration runner (like Flyway, Liquibase, or Prisma Migrate) tracks which migrations have been applied and runs pending ones in order. Rolling back reverts the most recently applied migration.

Why it matters for AI-built apps

AI-generated ORMs and schema changes often skip the migration layer, leading to manual database edits that aren't tracked anywhere. This makes it impossible to reproduce the schema in staging or recover after a botched change. Proper migrations make your schema as reproducible and auditable as your code.

Best practices

Never modify an already-applied migration — always create a new one. Write backward-compatible migrations when possible: add a column as nullable before making it required. Always test migrations on a staging database with production-like data volume before running them in production.

Frequently asked questions

Can I run migrations automatically on deploy?

Yes, and it's a best practice. Run migrations as a pre-deploy step in your CI/CD pipeline, but ensure they're backward compatible so the old code version keeps working during the transition.

What if a migration fails halfway through?

Run migrations inside transactions where possible so a failure rolls back automatically. For operations that can't be transactional (like adding indexes), monitor and have a rollback script ready.

How we can help

Infrastructure

Databases, APIs, auth systems, email, file storage — the backend services that power your application.

Deploy & Ship

From local development to production deployment.

Check your app

Get a professional review of your app at a fixed price.

Security Scan

Black-box review of your public-facing app. No code access needed.

$19
  • OWASP Top 10 checks
  • SSL/TLS analysis
  • Security headers
  • Expert review within 24h
Get Started

Code Audit

In-depth review of your source code for security, quality, and best practices.

$19
  • Security vulnerabilities
  • Code quality review
  • Dependency audit
  • AI pattern analysis
Get Started
Best Value

Complete Bundle

Both scans in one package with cross-referenced findings.

$29$38
  • Everything in both products
  • Cross-referenced findings
  • Unified action plan
Get Started

100% credited toward any paid service. Start with an audit, then let us fix what we find.

Related terms

Staging EnvironmentBackup & RecoveryCI/CD (Continuous Integration / Continuous Deployment)

Worried about database migration in your app?

Get a professional code audit ($19) or book a free call to discuss your concerns.

Tell Us About Your App