Closed mutantcornholio closed 1 year ago
I'm thinking on cases with not sensitive secrets being masked in the logs.
A phrase "Not sensitive secrets" makes no sense to me. "secrets" and "sensitive data" are interchangeable terms IMO.
Do you mean configuration options that aren't secret? Well, just not add those to addSecretsToMask
.
Here's what I did in faucet to test it out locally:
for (const config of Object.values(specs.config)) {
for (const item of Object.values(config)) {
if (item.options.masked) { // <<< THIS
const value = configInstance.Get("CONFIG", item.name);
if (value !== undefined) {
logger.addSecretsToMask(value);
}
}
}
}
A phrase "Not sensitive secrets" makes no sense to me. "secrets" and "sensitive data" are interchangeable terms IMO.
I phrased wrong, I meant environment variables 😅
Well, just not add those to
addSecretsToMask
.
I see you have already considered that case. Perfect! That was my only doubt.
Fixes #48