Comment 2 for bug 1787214

Actually the JSON logger has been around quite a bit longer than that. There's an old bug against oslo.log for this: https://bugs.launchpad.net/oslo.log/+bug/1571714

I've subscribed you to that one so you should be able to see it now.

I left some thoughts on it, but the TLDR is that we should probably be running the args dict through mask_dict_password to catch as much as we can, have oslo.messaging explicitly filter this structure before passing it, and document that this is a possibility with the JSON logger for future situations where someone might pass sensitive data.

Addressing this has been on my todo list for quite a while but I have to admit it to dragging my feet on it because it's such an old bug. I will try to get some patches written up ASAP.