Engine.__repr__ should censor out password
Issue #2821
resolved
To make it less likely that a database password leaks out into logs, error notifications and the like, Engine.__repr__
should censor it out.
Could just add a __repr__
method to URL
that replaces the password with '***'
. Then format the URL with %r
in Engine.__repr__
.
Comments (3)
-
repo owner -
repo owner - changed status to resolved
-
repo owner - removed milestone
Removing milestone: 0.8.xx (automated comment)
- Log in to comment
ok, take a look at what alembic does here: https://bitbucket.org/zzzeek/alembic/src/3b86868a6f8ebc77f9cba031ca524795556f9e67/alembic/command.py?at=master#cl-221 so we do something like that in URL.repr. send me a pullreq on github/bitbu... a pull request is coming in! look at that. Will try to merge it later tonight...thanks!