vdice
commented
1 year ago +1 we should redact or update to only print non-sensitive bits of the connection URL. We may need to do similar elsewhere (Redis? MySQL?)
Open etehtsea opened 1 year ago
vdice
commented
1 year ago +1 we should redact or update to only print non-sensitive bits of the connection URL. We may need to do similar elsewhere (Redis? MySQL?)
https://github.com/fermyon/spin/blob/04d67d5fd5882aafe028a2d03c56095d8d364ece/crates/outbound-pg/src/lib.rs#L240
Logs password in the clear-text which probably isn't desired.
Refs: https://github.com/iqlusioninc/crates/tree/main/secrecy might help controlling such stuff if/where applicable.