Re: BUG #16486: Prompted password is ignored when password specified in connection string

I wrote:
> "David G. Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> writes:
>> On Mon, Jun 8, 2020 at 2:36 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>> The entire point of the -W switch is that it prompts whether or not
>>> the password is going to be used for anything.

>> A more intuitive interpretation of -W is that it prompts for a password,
>> regardless of valid values being provided by other configuration, and uses
>> that password exclusively to attempt to connect to the server.
>> The documentation doesn't actually say which one of those two
>> interpretations is correct.

> Hmm ... I had thought that the docs explained -W in more or less the same
> way I did above, but I see that (at least on the psql page) things are
> indeed pretty vague. I'll see about improving that.

Concretely, it looks like we need edits as attached for psql, and
likewise for all our other programs with similar options.

The thing that was really missing here IMO is the specification that a
conninfo string overrides other command-line parameters. It's somewhat
debatable whether a -W prompt is a "command line parameter", but it
acts that way for this purpose. In any case, I'm disinclined to document
that specific interaction, because it would amount to blessing a pretty
damfool practice, which is to make your password visible on the program's
command line. (I wonder whether section 33.1.2 ought to specifically
caution against putting passwords into command-line conninfo strings.)

regards, tom lane