pgjdbc
pgjdbc copied to clipboard
pgjdbc
Feature/urlparser improve3 pr2
1. Compatibility with libpq is improved regarding URL syntax and resolving url values
1.1. user and password are supported
Complete syntax:
jdbc:postgresql://[[user][:password]@][host1[:port1][,host2[:port2]][,...]][/database][?property1=value1[&property2=value2][&...]]
URL may include:
user (Optional) is the user to connect. Defaults to operating system username.
password (Optional) is the password to connect. No default value.
1.2. property passfile is supported
Example:
Properties props = new Properties();
PGProperty.PASSFILE.set(props, "/mydir/mypass");
Connection conn = DriverManager.getConnection(url, props);
1.3. Code is more clear regarding Properties override rules (source and result are logged at FINE logging level)
There are multiple sources for connection properties. If same property is specified in multiple sources then highest priority source is used. Priority list is here:
1) URL arguments (values after `?` mark)
2) URL values (values before `?` mark)
3) Properties given to `DriverManager.getConnection()`
4) values provided by `service` (from resource `.pg_service.conf`)
5) values in Java System Properties
6) values in Operating System environment
7) values from driverconfig file(s) (`org/postgresql/driverconfig.properties`)
8) global defaults (`dbname`, `host`, `pgpass`, `port`, `user`)
1.4. References
Related to: #2260 #2278 #2398 #2393 #2395 #2424 #2569 #2641 #2644
All Submissions:
- [x] Have you followed the guidelines in our Contributing document?
- [x] Have you checked to ensure there aren't other open Pull Requests for the same update/change?
New Feature Submissions:
- [x] Does your submission pass tests?
- [x] Does
./gradlew autostyleCheck checkstyleAllpass ? - [x] Have you added your new test classes to an existing test suite in alphabetical order?
Changes to Existing Features:
- [x] Have you added an explanation of what your changes do and why you'd like us to include them?
- [x] Have you written new tests for your core changes, as applicable?
- [x] Have you successfully run tests with your changes locally?
⚠️ GitGuardian has uncovered 21 secrets following the scan of your pull request.
Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.
🔎 Detected hardcoded secrets in your pull request
| GitGuardian id | Secret | Commit | Filename | |
|---|---|---|---|---|
| - | Generic Database Assignment | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | PostgreSQL Credentials | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | PostgreSQL Credentials | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/resources/pg_service/pgservicefileProps.conf | View secret |
| - | Generic Password | fe4824475e257e0078f1c2b008e693ee490569eb | pgjdbc/src/test/resources/pg_service/pgservicefileProps.conf | View secret |
| - | Generic Password | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | PostgreSQL Credentials | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | PostgreSQL Credentials | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | PostgreSQL Credentials | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | PostgreSQL Credentials | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/java/org/postgresql/jdbcurlresolver/JdbcUrlResolverTest.java | View secret |
| - | Generic Password | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/resources/pg_service/pgservicefileProps.conf | View secret |
| - | Generic Password | 902d9b0d8afa894edea01c52d97fc2036467f1c5 | pgjdbc/src/test/resources/pg_service/pgservicefileProps.conf | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
![gitguardian[bot] avatar](https://avatars.githubusercontent.com/in/46505?v=4 "Published by a pub.dev verified publisher"){kind=small}
@davecramer Hi! What are merge plans? Should I resolve conflicts now or at a later time?
@MarekUniq currently my plans are 1) merge in the issue with longs https://github.com/pgjdbc/pgjdbc/pull/2710 will be reopened and merged. A release with this fix will be released. Then we plan on merging in https://github.com/pgjdbc/pgjdbc/pull/2635 and releasing as a new major version.
I would hold off rebasing until after the above happens.
Thanks for your patience
@davecramer Hi! The following pull requests are merged: #2710 #2635. Any plans for this one?
