Comment 4 for bug 1571714

In my opinion, this is not a big with oslo.log. The library should not be in the business of stripping secrets out of logs. The consumer of the library should be responsible to make sure that they do not send secrets to the logging layer.

I know it’s a stretch but if a user wanted to log passwords for any reason or other, we’ve just removed that behaviour.. and the next thing out of this is us forgetting to strip some other thing out of the dictionary like “token” and we start going the rabbit hole of things not to log.

I think oslo.log shouldn’t be responsible to strip logs. It’s the responsibility of the consumer to make sure that it’s not passing secrets to the log layer. Therefore, I still believe it’s a oslo.messaging bug.