Comment 12 for bug 2030976

Dan: From what I've been told, some deployments configure notifications to serve as a sort of "event stream" logging to external databases for posterity and later activities such as incident root cause analysis. With that in mind, it seems like this could be seen as similar to leaking credentials in (non-debug) service logs.

I agree it's probably low impact for most deployments, and so another reason not to need to review fixes in private, but still warrants an advisory to let operators know they might need to clean up external copies of notifications after patching or audit for the possibility of unauthorized token use depending on how and to whom their operational privileges are delegated.