willbarrett commented on a change in pull request #13223:
URL: https://github.com/apache/superset/pull/13223#discussion_r580566607
##########
File path: superset/databases/api.py
##########
@@ -238,6 +238,7 @@ def post(self) -> Response:
except DatabaseInvalidError as ex:
return self.response_422(message=ex.normalized_messages())
except DatabaseConnectionFailedError as ex:
+ logger.warning("Database connection failed: %s",
item["sqlalchemy_uri"])
Review comment:
It appears that `item["sqlalchemy_uri"` is only updated with the masked
version if line 236 is reached - if `CreateDatabaseCommand(...).run()` fails,
as we can expect if this code is reached, then I believe there's a good chance
that the full `sqlalchemy_uri` will be logged.
While the masked URI is better than the full URI, it still exposes username
and additional connection information that it might be better not to have in
logs.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
