You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
line 108: there was actually no problem here in my current environment, but this seems like a safe bet, just in case
line 116: The url encoded connection string is currently logging the password in plain text between encodings. This change will redact passwords in a connection string message variable to be logged.
In utils.py
line 127: in a linux environment, if a special character is in the password, the quote_this function will put the password in double quotes and single quotes. So, the password becomes 'password' and this line fails to redact the password
line 128: will log the non-redacted password in the case mentioned for 127
The solution in all cases:
using regular expressions to redact a password from the url_encoded connection string and two other places, to ensure password is redacted from logs
…onnection string to keep password out of logs. also redacted in 2 other logging positions for when special characters in linux break current redacting
Merging #138 (e2cf90f) into master (bd61a32) will increase coverage by 0.10%.
The diff coverage is 100.00%.
❗ Current head e2cf90f differs from pull request most recent head 1379638. Consider uploading reports for the commit 1379638 to get more accurate results
Thanks so much for the contribution! This looks good to merge, just one small request - are you able to also write a (small) unit test that verifies this? Something simple that creates a credentials object, and verifies that the logs redact it - I recommend using pytests's caplog fixture https://docs.pytest.org/en/7.1.x/how-to/logging.html
Certainly, I will create the unit test for SqlCreds
This will also have an impact on the to_sql function, but I am not aware of how to create a unit test for something that would be inserting into a database.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In main.py
In utils.py
passwordbecomes'password'and this line fails to redact the passwordThe solution in all cases: