Re: change password_encryption default to scram-sha-256?

Hi,

On 2019-04-08 01:34:42 -0400, Tom Lane wrote:
> Michael Paquier <michael@paquier.xyz> writes:
> > From what I can see, the major drivers not using directly libpq
> > support our SASL protocol: JDBC and npgsql.  However I can count three
> > of them which still don't support it: Crystal, pq (Go) and asyncpg.
> > pq and asyncpg are very popular on github, with at least 3000 stars
> > each, which is a lot I think.  I have also double-checked their source
> > code and I am seeing no trace of SASL or SCRAM, so it seems to me that
> > we may want to wait more before switching the default.
> 
> Perhaps we could reach out to the authors of those libraries,
> and encourage them to provide support in the next year or so?


Seems go/pq might get it soon-ish: https://github.com/lib/pq/pull/833

There doesn't appear to be much movement on the crystal front (
https://github.com/will/crystal-pg/issues/154 ), but I don't think it's
popular enough to really worry.  There's an issue for asyncpg
https://github.com/MagicStack/asyncpg/issues/314 - but not too much
movement either.

Greetings,

Andres Freund