duckle / Tickets / #9 Data source redacted?

#9 Data source redacted?

Status: open

Owner: nobody

Labels: enhancement (21)

Updated: 2026-06-17

Created: 2026-05-30

Creator: Anonymous

Private: No

Originally created by: add944
Originally owned by: SouravRoy-ETL

Hello, I found that data sources gets redacted when exporting to sql ; is there an option to turn this off so the SQL compiles externally?

Discussion

Anonymous - 2026-05-30

Originally posted by: add944

update - confirmed this is only present in 0.1.0 hotfix v2

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anonymous - 2026-05-30

Originally posted by: SouravRoy-ETL

Thanks for flagging this, and for the clean repro.

This is intentional behavior, not a bug. The SQL shown in the Plan tab and produced by Copy / Export is display-only - it is never the SQL that actually runs (the execution path uses your real credentials directly). To avoid leaking plaintext secrets - passwords, tokens, API keys, connection strings - into a file or the clipboard, that display SQL has its secret values scrubbed and replaced with a redaction marker. That scrubbing was introduced recently and ships in the re-rolled v0.1.0-hotfix2 binaries, which is why you only see it in hotfix v2.

The downside you hit is real: the exported script no longer runs as-is against the external database. I would like to give you a proper opt-out. Two shapes I can add:

An explicit "include credentials" toggle (e.g. an env var like DUCKLE_EXPORT_INCLUDE_SECRETS=1) that emits the real values so the script runs unchanged, with a clear warning that the output then contains live credentials.

Named placeholders instead of the redaction marker (e.g. :password or ${DUCKLE_PG_PASSWORD}) so the script stays structurally valid and you substitute the secret at run time - safe to share.

A sensible default would be placeholders for everyone, with raw values available only behind the explicit toggle. Which fits your workflow better?

To be clear, this opt-out is not in the current build yet - leaving this open to track it. Thanks again.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anonymous - 2026-05-30

Originally posted by: add944

Thank you for the above - that's clear now! And yes an env variable option would be great in future iterations so that the raw script can be exported if needed!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anonymous - 2026-06-01

assigned_to: SouravRoy-ETL
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anonymous - 2026-06-17

Originally posted by: SouravRoy-ETL

@all-contributors please add @add944 for infrastructure, tests and code

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anonymous - 2026-06-17

Originally posted by: allcontributors[bot]

@SouravRoy-ETL

I've put up a pull request to add @add944! 🎉

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Data source redacted?

Local-first ETL/ELT studio: a drag-and-drop visual pipeline designer

Milestone

Searches

Help

#9 Data source redacted?

Discussion