From 3333c6623fa45bcbc7fabd061184a79b7b7f2fa6 Mon Sep 17 00:00:00 2001 From: Yassen Damyanov Date: Thu, 22 Sep 2022 12:12:28 -0400 Subject: Tighten password security by removing `URL.__str__` For improved security, the :class:`_url.URL` object will now use password obfuscation by default when ``str(url)`` is called. To stringify a URL with cleartext password, the :meth:`_url.URL.render_as_string` may be used, passing the :paramref:`_url.URL.render_as_string.hide_password` parameter as ``False``. Thanks to our contributors for this pull request. Fixes: #8567 Closes: #8563 Pull-request: https://github.com/sqlalchemy/sqlalchemy/pull/8563 Pull-request-sha: d1f1127f753849eb70b8d6cc64badf34e1b9219b Change-Id: If756c8073ff99ac83876d9833c8fe1d7c76211f9 --- lib/sqlalchemy/testing/plugin/plugin_base.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lib/sqlalchemy/testing/plugin/plugin_base.py') diff --git a/lib/sqlalchemy/testing/plugin/plugin_base.py b/lib/sqlalchemy/testing/plugin/plugin_base.py index 494e7d5ab..b90a2ec58 100644 --- a/lib/sqlalchemy/testing/plugin/plugin_base.py +++ b/lib/sqlalchemy/testing/plugin/plugin_base.py @@ -436,7 +436,10 @@ def _engine_uri(options, file_config): if options.write_idents and provision.FOLLOWER_IDENT: with open(options.write_idents, "a") as file_: - file_.write(provision.FOLLOWER_IDENT + " " + db_url + "\n") + file_.write( + f"{provision.FOLLOWER_IDENT} " + f"{db_url.render_as_string(hide_password=False)}\n" + ) cfg = provision.setup_config( db_url, options, file_config, provision.FOLLOWER_IDENT -- cgit v1.2.1