SQLAlchemy patching does not correctly remove password component from URL

[WFT]

This was noticed when using flask_sqlalchemy, but I believe it affects plain SQLAlchemy as well.

app = Flask(__name__) 
app.config["SQLALCHEMY_DATABASE_URI"] = "postgresql://foo:[email protected]:2834/thing"
db = XRayFlaskSqlAlchemy(app)

Subsegments get recorded with the name postgresql://foo:***@baz.us-east-1.rds.amazonaws.com:2834/thing. Note that the password text is not present in the subsegment name (woohoo!), but it is composed of invalid characters, resulting in an error log message:

Removing Segment/Subsugment Name invalid characters from postgresql://foo:***@baz.us-east-1.rds.amazonaws.com:2834/thing

I believe that the issue lies here:

aws-xray-sdk-python/aws_xray_sdk/ext/sqlalchemy/util/decorators.py

Lines 104 to 107 in dcb0801

	# Strip password from URL
	host_info = u.netloc.rpartition('@')[-1]
	parts = u._replace(netloc='{}@{}'.format(u.username, host_info))
	safe_url = u.geturl()

The URL is parsed and the password stripped, but the old URL is assigned to safe_url. The method ParseResult._replace returns a new ParseResult but does not modify the initial ParseResult.

Because the fix seems to be so simple, I'll put up a PR before hearing back, but please let me know if there's something I've misunderstood about this.

Configuration:
aws-xray-sdk-python == 2.3.0
Python 3.6

[chanchiem]

Thank you very much for your contribution! I looked at your PR and it looks good to me. I have approved it. Very nice find :)