Security: simplify defineProperty non-enumerables

* `password` already has this set, but was a little long considering we only want to override default of one property
* `ssl.key` was showing up in tracebacks

packages/pg-pool/index.js

@@ -73,6 +73,14 @@ class Pool extends EventEmitter {
         value: options.password,
       })
     }
+    if (options != null && options.ssl && options.ssl.key) {
+      // "hiding" the ssl->key so it doesn't show up in stack traces
+      // or if the client is console.logged
+      this.options.ssl.key = options.ssl.key
+      Object.defineProperty(this.options.ssl, 'key', {
+        enumerable: false,
+      })
+    }
 
     this.options.max = this.options.max || this.options.poolSize || 10
     this.options.maxUses = this.options.maxUses || Infinity

packages/pg/lib/client.js

@@ -57,6 +57,15 @@ class Client extends EventEmitter {
     this.processID = null
     this.secretKey = null
     this.ssl = this.connectionParameters.ssl || false
+    // As with Password, make SSL->Key (the private key) non-enumerable.
+    // It won't show up in stack traces
+    // or if the client is console.logged
+    if (this.ssl && this.ssl.key) {
+      Object.defineProperty(this.ssl, 'key', {
+        enumerable: false,
+      })
+    }
+
     this._connectionTimeoutMillis = c.connectionTimeoutMillis || 0
   }
 

packages/pg/lib/connection-parameters.js

@@ -84,6 +84,11 @@ class ConnectionParameters {
     if (this.ssl === 'no-verify') {
       this.ssl = { rejectUnauthorized: false }
     }
+    if (this.ssl && this.ssl.key) {
+      Object.defineProperty(this.ssl, 'key', {
+        enumerable: false,
+      })
+    }
 
     this.client_encoding = val('client_encoding', config)
     this.replication = val('replication', config)