Message-ID: <gh-postgresql-interfaces-psqlodbc-184-rc3317616539@github.com>
From: "davecramer (@davecramer)" <noreply+davecramer@github.com>
To: "postgresql-interfaces/psqlodbc" <noreply+postgresql-interfaces-psqlodbc@github.com>
Date: Thu, 28 May 2026 12:05:21 +0000
Subject: Re: [postgresql-interfaces/psqlodbc] PR #184: Redact sensitive connection parameters in logs
In-Reply-To: <gh-postgresql-interfaces-psqlodbc-184@github.com>
References: <gh-postgresql-interfaces-psqlodbc-184@github.com>
List-Id: <gh-postgresql-interfaces-psqlodbc.github.com>
X-GitHub-Author-Login: davecramer
X-GitHub-Comment-Id: 3317616539
X-GitHub-Comment-Type: review_comment
X-GitHub-Commit: a8dae8f57158fddac3bf6757ca409718cf8a05a0
X-GitHub-Issue: 184
X-GitHub-Line: 2793
X-GitHub-Path: connection.c
X-GitHub-Repo: postgresql-interfaces/psqlodbc
X-GitHub-Type: review_comment
X-GitHub-Url: https://github.com/postgresql-interfaces/psqlodbc/pull/184#discussion_r3317616539
Content-Type: text/plain; charset=utf-8

(on connection.c:2793)

The PR description lists `sslcert`, `sslrootcert`, `sslcrl`, and `sslcrldir` as values being redacted, but the code intentionally keeps those visible (per the comment above). The description should be updated to match the code's actual behavior, since cert/CRL *paths* are not secrets.