Thread

  1. Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample

    Robert Treat <rob@xzilla.net> — 2025-11-15T14:37:37Z

    On Fri, Nov 14, 2025 at 5:48 AM Michael Banck <mbanck@gmx.net> wrote:
    >
    > Hi,
    >
    > while looking through postgresql.conf on PG18, I noticed that
    > password_encryption mentions md5 as valid alternative to scram-sha-256.
    > I think it would be useful to mention md5 is deprecated so that people
    > looking at it (but have otherwise not gotten the memo) will realize and
    > hopefully act on it.
    >
    > Patch attached, I think it would be a candidate for being back-patched
    > to PG18 if accepted.
    >
    
    +1 to the general idea, though I think it should go the other way
    around (it is a small enough grammatical point I'm sure some would
    argue the other way around).
    
    # password_encryption = scram-sha-256 # scram-sha-256 or md5 (deprecated)
    
    Also +1 for backpatching. IIRC this would only show up in new
    clusters, but we're still pretty early on in the cycle, so it seems
    worth it.
    
    
    Robert Treat
    https://xzilla.net
    
    
    
    
  2. Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample

    Michael Banck <mbanck@gmx.net> — 2025-11-15T14:55:39Z

    Hi,
    
    On Sat, Nov 15, 2025 at 09:37:37AM -0500, Robert Treat wrote:
    > +1 to the general idea, though I think it should go the other way
    > around (it is a small enough grammatical point I'm sure some would
    > argue the other way around).
    > 
    > # password_encryption = scram-sha-256 # scram-sha-256 or md5 (deprecated)
    
    I thought about that, but then wondered whether people would think the
    whole thing (password_encryption) is deprecated or maybe both
    scram-sha-256 and md5?
    
    > Also +1 for backpatching. IIRC this would only show up in new
    > clusters, but we're still pretty early on in the cycle, so it seems
    > worth it.
    
    Yeah.
    
    
    Michael
    
    
    
    
  3. Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample

    Daniel Gustafsson <daniel@yesql.se> — 2025-11-17T12:35:21Z

    > On 15 Nov 2025, at 15:55, Michael Banck <mbanck@gmx.net> wrote:
    > 
    > Hi,
    > 
    > On Sat, Nov 15, 2025 at 09:37:37AM -0500, Robert Treat wrote:
    >> +1 to the general idea, though I think it should go the other way
    >> around (it is a small enough grammatical point I'm sure some would
    >> argue the other way around).
    >> 
    >> # password_encryption = scram-sha-256 # scram-sha-256 or md5 (deprecated)
    > 
    > I thought about that, but then wondered whether people would think the
    > whole thing (password_encryption) is deprecated or maybe both
    > scram-sha-256 and md5?
    
    Sleeping on it I agree with this, and ended up applying this version.
    
    --
    Daniel Gustafsson