From 21e80a979253e4c98fd8852c93c6069028c184f6 Mon Sep 17 00:00:00 2001 From: sasanquaneuf Date: Fri, 25 Feb 2022 09:16:52 +0900 Subject: [PATCH] Escape database passwords in config/database.yml (#17627) * Add double quotes for using passwords that start with a comma * Escape database password in yml --- config/database.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config/database.yml b/config/database.yml index c10bff6b2e6..9b8d096e904 100644 --- a/config/database.yml +++ b/config/database.yml @@ -9,7 +9,7 @@ development: <<: *default database: <%= ENV['DB_NAME'] || 'mastodon_development' %> username: <%= ENV['DB_USER'] %> - password: <%= ENV['DB_PASS'] %> + password: <%= (ENV['DB_PASS'] || '').to_json %> host: <%= ENV['DB_HOST'] %> port: <%= ENV['DB_PORT'] %> @@ -20,7 +20,7 @@ test: <<: *default database: <%= ENV['DB_NAME'] || 'mastodon' %>_test<%= ENV['TEST_ENV_NUMBER'] %> username: <%= ENV['DB_USER'] %> - password: <%= ENV['DB_PASS'] %> + password: <%= (ENV['DB_PASS'] || '').to_json %> host: <%= ENV['DB_HOST'] %> port: <%= ENV['DB_PORT'] %> @@ -28,7 +28,7 @@ production: <<: *default database: <%= ENV['DB_NAME'] || 'mastodon_production' %> username: <%= ENV['DB_USER'] || 'mastodon' %> - password: <%= ENV['DB_PASS'] || '' %> + password: <%= (ENV['DB_PASS'] || '').to_json %> host: <%= ENV['DB_HOST'] || 'localhost' %> port: <%= ENV['DB_PORT'] || 5432 %> prepared_statements: <%= ENV['PREPARED_STATEMENTS'] || 'true' %>