Do not include password in data source name with Persist Security Info=true#6395
Conversation
There was a problem hiding this comment.
Pull request overview
This PR fixes a security issue where passwords could leak through the data source name when PersistSecurityInfo=true in tracing and metrics reporting. The fix ensures that the Name property of NpgsqlDataSource never contains the password, even when PersistSecurityInfo is enabled.
Key changes:
- Modified
NpgsqlDataSourceconstructor to conditionally setNamewithout password whenPersistSecurityInfo=true - Added comprehensive test coverage for both tracing and metrics to verify passwords don't leak through data source names
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/Npgsql/NpgsqlDataSource.cs | Updated constructor logic to ensure the Name property always uses connection string without password, regardless of PersistSecurityInfo setting |
| test/Npgsql.Tests/TracingTests.cs | Added test to verify password doesn't leak via data source name in tracing activities |
| test/Npgsql.Tests/MetricTests.cs | Added test to verify password doesn't leak via data source name in metrics |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
b00e4fc to
5d88fa3
Compare
5d88fa3 to
464b66a
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Closes #6394