On 8/31/20 1:21 PM, Tom Lane wrote:
Stephen Frost <sfrost@xxxxxxxxxxx> writes:
My memory might be faulty, but I've got some specific recollection of
people complaining about this before and the community response being
"who would ever need such very long things?!"
Yeah, so I guessed wrong ;-). Never too late to absorb new facts though.
That thread does point out that passwordFromFile() is far from the
only place that assumes passwords aren't going to be longer than
what would be sane to enter manually. I wonder whether we need to
worry about the other bottlenecks.
Would it be better to add a .pgtoken file which gets examined (and bypasses
those other length restrictions) if the user isn't in .pgpass? Or is that a
feature which would have to wait for v14?
--
Angular momentum makes the world go 'round.
