Re: Printing passwords in Couch log files?

So it is user-creation (debug log level) and crashes. I was thinking an exclusion regex might do it for the former sed 's/.ini', Config: (.*)},"\S*"}'\n/.ini', Config: \1},"--redacted--"}'\n/' With a config option: [log] level = debug log-sed-redaction=s/.ini', Config:

Re: [VOTE] Release Apache CouchDB 2.0.0-rc.1

re: Docker klaemo/couchdb:2.0.0-rc1-vote is now available. klaemo/couchdb:2.0-dev (which runs the dev cluster) has als been updated to the latest RC. Build, run, dev/run, fauxton, verify install all seem to work. So, thumbs up :) In the next days I’ll add back GPG checks and get the image

CouchDB 2.0 issues

I tried CouchDB 2 on a Centos 7 vagrant box. Got an Application Version Crash error on compile, apparently due to conflicting system Erlang packages and the ones included in the source tarball. The Docker version seems to work well. I reverse-proxy CouchDB on /db/. Fauxton does not appreciate

[NEWS] The CouchDB weekly news for September 15 is out!

Hello there! The CouchDB weekly news is now live at: https://blog.couchdb.org/2016/09/15 /couchdb-weekly-news-september-15-2016/ Highlights include the release process moving along for CouchDB 2.0, a cool usecase for CouchDB, plus drones! Big thanks to Giovanni, Bill, and Martin for

Re: Printing passwords in Couch log files?

100% agree that we shouldn't but it's hard to guarantee it never happens, hence the warning. Passwords are held in process state so we can authenticate to remote sources and targets while replicating. Crashes of those processes write state dumps to the log. We can do better but it will

Printing passwords in Couch log files?

In http://guide.couchdb.org/draft/security.html it is disclosed that passwords are written to the log if the debug level is 'debug' level. I'm not sure that's good practice. I do not think Couch should log passwords at any log level, and I think others might agree. At the very least it should be

Re: 2.0 Website Update

As a user of CouchDB, I'm still hoping you folks will find some time to writeup a terse 'how to secure CouchDB' article in the 2.0 release cycle. I know it is not a matter for the home page (nice preview by the way), but the clear, concise and canonical set of instructions is needed. Specifically,

Re: High CPU usage caused by clustering and/or replication?

Best I can suggest at this point is to send on your logfiles, and if you have any data that helps reproduce the problem you are experiencing that you can share, that'd be great, too. If you can provide this data, please file a new ticket at

Re: 2.0 Website Update

*nudge* This needs more reviews, pls <3 Best Jan -- > On 03 Sep 2016, at 15:03, Jan Lehnardt wrote: > > Hey everybody, > > I’ve started a modest website update for the upcoming 2.0 release: > > - new logo > - removed textured linen background, moved to flat grey > - new

Re: Shards database name error in logs

> On 15 Sep 2016, at 00:00, Robert Samuel Newson wrote: > > cassim was removed from the 2.0 release though. I guess we forgot to tell the > setup application not to try creating it. That one is on me, since I did both the setup and the cassim remove, sorry about that.

Re: [VOTE] Release Apache CouchDB 2.0.0-rc.1

> On 14 Sep 2016, at 23:08, Joan Touzet wrote: > > Hi Nick, > > - Original Message - >> - Windows did not trust the installer, which might put cautious >> users >> off. > > Interesting. The installer is signed by Symantec. You should be able to > verify this