From 21e80a979253e4c98fd8852c93c6069028c184f6 Mon Sep 17 00:00:00 2001
From: sasanquaneuf <sasanquaneuf@gmail.com>
Date: Fri, 25 Feb 2022 09:16:52 +0900
Subject: [PATCH] Escape database passwords in config/database.yml (#17627)

* Add double quotes for using passwords that start with a comma

* Escape database password in yml
---
 config/database.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/database.yml b/config/database.yml
index c10bff6b2e..9b8d096e90 100644
--- a/config/database.yml
+++ b/config/database.yml
@@ -9,7 +9,7 @@ development:
   <<: *default
   database: <%= ENV['DB_NAME'] || 'mastodon_development' %>
   username: <%= ENV['DB_USER'] %>
-  password: <%= ENV['DB_PASS'] %>
+  password: <%= (ENV['DB_PASS'] || '').to_json %>
   host: <%= ENV['DB_HOST'] %>
   port: <%= ENV['DB_PORT'] %>
 
@@ -20,7 +20,7 @@ test:
   <<: *default
   database: <%= ENV['DB_NAME'] || 'mastodon' %>_test<%= ENV['TEST_ENV_NUMBER'] %>
   username: <%= ENV['DB_USER'] %>
-  password: <%= ENV['DB_PASS'] %>
+  password: <%= (ENV['DB_PASS'] || '').to_json %>
   host: <%= ENV['DB_HOST'] %>
   port: <%= ENV['DB_PORT'] %>
 
@@ -28,7 +28,7 @@ production:
   <<: *default
   database: <%= ENV['DB_NAME'] || 'mastodon_production' %>
   username: <%= ENV['DB_USER'] || 'mastodon' %>
-  password: <%= ENV['DB_PASS'] || '' %>
+  password: <%= (ENV['DB_PASS'] || '').to_json %>
   host: <%= ENV['DB_HOST'] || 'localhost' %>
   port: <%= ENV['DB_PORT'] || 5432 %>
   prepared_statements: <%= ENV['PREPARED_STATEMENTS'] || 'true' %>
-- 
GitLab