| Q | A |------------ | ----- | Version | 3.3.4 The doctrine channel records the following log when a connection is established to the database: ``` Connecting with parameters array{ "url":"postgresql://username:PLAIN_TEXT_PASSWORD@hostname/database_name", "driver":"pdo_pgsql", "host":"hostname", "port":null, "user":"username", "password":"<redacted>", "driverOptions":[], "serverVersion":"12", "defaultTableOptions":[], "dbname":"database_name", "charset":"utf8" } ``` Although the `password` field value is not visible (`<redacted>` instead), the password is visible in the `url` field (https://github.com/doctrine/dbal/blob/3.3.x/src/Logging/Driver.php#L31). Using an URL instead of individual DB parameters is valid though (https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#getting-a-connection). This can be a security issue regarding where the logs are stored and who has access to those logs.