I've subscribed you to that one so you should be able to see it now.
I left some thoughts on it, but the TLDR is that we should probably be running the args dict through mask_dict_password to catch as much as we can, have oslo.messaging explicitly filter this structure before passing it, and document that this is a possibility with the JSON logger for future situations where someone might pass sensitive data.
Addressing this has been on my todo list for quite a while but I have to admit it to dragging my feet on it because it's such an old bug. I will try to get some patches written up ASAP.
Actually the JSON logger has been around quite a bit longer than that. There's an old bug against oslo.log for this: https:/ /bugs.launchpad .net/oslo. log/+bug/ 1571714
I've subscribed you to that one so you should be able to see it now.
I left some thoughts on it, but the TLDR is that we should probably be running the args dict through mask_dict_password to catch as much as we can, have oslo.messaging explicitly filter this structure before passing it, and document that this is a possibility with the JSON logger for future situations where someone might pass sensitive data.
Addressing this has been on my todo list for quite a while but I have to admit it to dragging my feet on it because it's such an old bug. I will try to get some patches written up ASAP.