From 32930846e6bd1a2111742f8e19067c9fe9b3b3c1 Mon Sep 17 00:00:00 2001
From: Jeremy Cline <github@declined.dev>
Date: Mon, 20 May 2024 22:25:17 -0400
Subject: fix: redact password in database URI when logging (#2032)

Previously, in the event that there was a configuration issue and the
atuin server failed to connect to PostgreSQL, it would log the password.

For example, if the password authentication failed the following log
message would be printed:

Error: failed to connect to db: PostgresSettings { db_uri:
    "postgres://atuin:definitelymypassword@db.example.com/atuin" }

This change sets the password to "****" when printing it via Debug:

Error: failed to connect to db: PostgresSettings { db_uri:
    "postgres://atuin:****@db.example.com/atuin" }

Hopefully few people use **** as the actual password.
---
 crates/atuin-server-postgres/Cargo.toml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'crates/atuin-server-postgres/Cargo.toml')

diff --git a/crates/atuin-server-postgres/Cargo.toml b/crates/atuin-server-postgres/Cargo.toml
index 647d934a..2345b39d 100644
--- a/crates/atuin-server-postgres/Cargo.toml
+++ b/crates/atuin-server-postgres/Cargo.toml
@@ -21,3 +21,4 @@ sqlx = { workspace = true }
 async-trait = { workspace = true }
 uuid = { workspace = true }
 futures-util = "0.3"
+url = "2.5.0"
-- 
cgit v1.3.1