Hi hackers!
Attached a patch to redact the password value from pg_stat_statements_view when
executing:
{ CREATE|ALTER} {USER|ROLE|GROUP } identifier { [WITH] [ENCRYPTED]
PASSWORD 'value' }
To redact the password from the pg_stat_statements view a new field location
was added on String type which represents the password value. The location is
stored on JumbleState when JumbleQuery is called. The JumbleState is then used
on generate_normalized_query from pg_stat_statements.c to replace any location
stored with $%d.
The grammar was also changed to set the location field of the String type only
on these specific commands.
Thoughts?
--
Matheus Alcantara