git.ipfire.org Git - thirdparty/sqlalchemy/sqlalchemy.git/commit

]> git.ipfire.org Git - thirdparty/sqlalchemy/sqlalchemy.git/commit

projects / thirdparty / sqlalchemy / sqlalchemy.git / commit

author	Yassen Damyanov <yd@itlabs.bg>
	Thu, 22 Sep 2022 16:12:28 +0000 (12:12 -0400)
committer	Mike Bayer <mike_mp@zzzcomputing.com>
	Fri, 23 Sep 2022 21:27:30 +0000 (17:27 -0400)
commit	3333c6623fa45bcbc7fabd061184a79b7b7f2fa6
tree	6c262c52683c544470d68a0ae40c5c0ed16b1722	tree \| snapshot
parent	d50bbd56740f86bb363b405f7d8e5df9667bb4e3	commit \| diff

Tighten password security by removing `URL.__str__`

For improved security, the :class:`_url.URL` object will now use password
obfuscation by default when ``str(url)`` is called. To stringify a URL with
cleartext password, the :meth:`_url.URL.render_as_string` may be used,
passing the :paramref:`_url.URL.render_as_string.hide_password` parameter
as ``False``. Thanks to our contributors for this pull request.

Fixes: #8567
Closes: #8563
Pull-request: https://github.com/sqlalchemy/sqlalchemy/pull/8563
Pull-request-sha: d1f1127f753849eb70b8d6cc64badf34e1b9219b

Change-Id: If756c8073ff99ac83876d9833c8fe1d7c76211f9

doc/build/changelog/unreleased_20/8567.rst	[new file with mode: 0644]	blob
doc/build/changelog/whatsnew_20.rst		diff \| blob \| blame \| history
lib/sqlalchemy/engine/url.py		diff \| blob \| blame \| history
lib/sqlalchemy/testing/plugin/plugin_base.py		diff \| blob \| blame \| history
lib/sqlalchemy/testing/provision.py		diff \| blob \| blame \| history
test/dialect/oracle/test_dialect.py		diff \| blob \| blame \| history
test/engine/test_parseconnect.py		diff \| blob \| blame \| history
test/ext/asyncio/test_engine_py3k.py		diff \| blob \| blame \| history

Mirror of https://github.com/sqlalchemy/sqlalchemy.git

RSS Atom