On Sat, Dec 07, 2024 at 03:39:55PM +0100, Guillaume Lelarge wrote: > I thought about it, and tried to write a patch. I've mostly copied the > "Deprecate MD5 passwords" patch/commit from Nathan Bossart. My patch works > on current HEAD. Documentation and tests are dealt with.
I've been thinking about this one for a couple of days, and I'm finding myself leaning -1. I certainly didn't intend for the MD5 password deprecation warnings to set a precedent of warning for every potentially undesired behavior, and given that there's no plan to remove the ability to specify a clear-text password in queries, I worry that this will generate far more noise than is warranted. I also worry that users may misinterpret the warning as saying that the clear-text password is stored in the catalogs. I know the topic of "password leakage" comes up a lot (e.g., [0]). It'd be good to find a path forward for that, but IMHO it will require more than warnings. [0] https://postgr.es/m/b75955f7-e8cc-4bbd-817f-ef536bacbe93%40joeconway.com -- nathan
