The PostgreSQL dumping code produces a database URI that is then passed verbatim on the pg_dump command-line.
Command lines are considered public, because normally, everyone with shell access to a system can read them (by calling ps or looking inside /proc).
All utilities using libpq can be configured using environment variables for this exact reason, which I will propose in a merge request.
As of Django 3.2, the DatabaseClient class will have a settings_to_cmd_args_env method that does exactly this, but we cannot yet use it for backwards compatibility.
The PostgreSQL dumping code produces a database URI that is then passed verbatim on the pg_dump command-line.
Command lines are considered public, because normally, everyone with shell access to a system can read them (by calling
psor looking inside/proc).All utilities using libpq can be configured using environment variables for this exact reason, which I will propose in a merge request.
As of Django 3.2, the
DatabaseClientclass will have asettings_to_cmd_args_envmethod that does exactly this, but we cannot yet use it for backwards compatibility.