Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(mssql): avoid default `encrypt` option #11646

Open
wants to merge 1 commit into
base: master
from

Conversation

@davidjb
Copy link
Contributor

davidjb commented Nov 5, 2019

Pull Request check-list

Please make sure to review and check all of these items:

  • Does npm run test or npm run test-DIALECT pass with this change (including linting)?
  • Does the description below contain a link to an existing issue (Closes #[issue]) or a description of the issue you are solving?
  • Have you added new tests to prevent regressions?
  • Is a documentation update included (if this change modifies existing APIs, or introduces new ones)?
  • Did you update the typescript typings accordingly (if applicable)?
  • Did you follow the commit message conventions explained in CONTRIBUTING.md?

Description of change

Having encrypt: false set by default in the internal options for MSSQL connections means that Sequelize is overriding the now-default behaviour of Tedious v6.0.0 to use encrypted connections
(tediousjs/tedious@70ffe4a).

This change allows Tedious to use its own defaults for its connections, which makes configuration more obvious whilst improving the security of the Sequelize users since encryption is used by default.

For note, Tedious > 6.0.0 no longer outputs the options.encrypt
warning, which means the solution to #9574 in PR
#9588 is no longer required.

This is a breaking change and not backwards compatible, and so needs documenting accordingly; users who want keep using unencrypted connections would need to set dialectOptions: { options: { encrypt: false } } in their config.

Having `encrypt: false` means that Sequelize is overriding the
now-default behaviour of Tedious to use encrypted connections
(tediousjs/tedious@70ffe4a).

This change allows Tedious to use its own defaults for its
connections, which makes configuration more obvious whilst improving the
security of the Sequelize users since encryption is used by default.

For note, recent versions of Tedious no longer output the `options.encrypt`
warning, which means the solution to #9574 in PR
#9588 is no longer required.

This is a breaking change and not backwards compatible; users who want
keep using unencrypted connections will need to set
`dialectOptions: { options: { encrypt: false } }` in their config.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
1 participant
You can’t perform that action at this time.