twenty

mirror of https://github.com/twentyhq/twenty synced 2026-04-21 21:47:38 +00:00

History

Jeremy Dawes 6a391050d3 chore: improve password strength in install script (#12878 ) (#12896 ) ## Summary - Fixes #12878 - Increases PostgreSQL password generation from 16 to 32 bytes - Improves default security for new installations - Aligns with the password strength recommendation in the manual setup documentation ## Change Details Changed the password generation in `packages/twenty-docker/scripts/install.sh` from: ```bash echo "PG_DATABASE_PASSWORD=$(openssl rand -hex 16)" >> .env ``` to: ```bash echo "PG_DATABASE_PASSWORD=$(openssl rand -hex 32)" >> .env ``` This generates a 64-character hexadecimal password (32 bytes) instead of a 32-character one (16 bytes), providing significantly better security for PostgreSQL database passwords in new installations. --- 🤖 This fix was implemented using [Claude Code](https://claude.ai/code) by Jez (Jeremy Dawes) and Claude working together\! Thanks to the Twenty team for maintaining such a great project\! 🚀 Co-authored-by: Claude <noreply@anthropic.com>	2025-06-26 11:09:36 +02:00
..
1-click.sh	Update 1-click install script to use /tags endpoint instead of /release (#8689 )	2024-11-24 18:55:14 +01:00
install.sh	chore: improve password strength in install script (#12878 ) (#12896 )	2025-06-26 11:09:36 +02:00

chore: improve password strength in install script (#12878 ) (#12896 )

## Summary
- Fixes #12878 - Increases PostgreSQL password generation from 16 to 32
bytes
- Improves default security for new installations
- Aligns with the password strength recommendation in the manual setup
documentation

## Change Details
Changed the password generation in
`packages/twenty-docker/scripts/install.sh` from:
```bash
echo "PG_DATABASE_PASSWORD=$(openssl rand -hex 16)" >> .env
```
to:
```bash
echo "PG_DATABASE_PASSWORD=$(openssl rand -hex 32)" >> .env
```

This generates a 64-character hexadecimal password (32 bytes) instead of
a 32-character one (16 bytes), providing significantly better security
for PostgreSQL database passwords in new installations.

---

🤖 This fix was implemented using [Claude Code](https://claude.ai/code)
by Jez (Jeremy Dawes) and Claude working together\!

Thanks to the Twenty team for maintaining such a great project\! 🚀

Co-authored-by: Claude <noreply@anthropic.com>

2025-06-26 11:09:36 +02:00

1-click.sh

Update 1-click install script to use /tags endpoint instead of /release (#8689 )

2024-11-24 18:55:14 +01:00

install.sh

chore: improve password strength in install script (#12878 ) (#12896 )

2025-06-26 11:09:36 +02:00