gmitter-ef commented on issue #4935: URL: https://github.com/apache/hop/issues/4935#issuecomment-2736186217
> > I would like to add, that > > > > * the "REST client" transform (from DEBUG log level updwards) prints the URL it tries to connect to; when the URL contains sensitive information it is visible in the log > > * the "Set variables" transform also prints the values that are set in BASIC log level > > * ROW LEVEL log level seems to print the values of all fields, including any sensitive values if they are part of the stream (e.g., after decryption of encrypted secrets via "User defined Java expression" transform) > > I'm not sure about hiding this information at ROW LEVEL, at some point, you should be able to debug... if you have no context how will this be possible? There might be a misconfiguration and your variables are empty but if you have no way of knowing this you might spend a long time trying to figure it out. Yes, that's of course a good point. For debugging one could add an EXTRA "Write to log" transform to display the stream fields values for such a purpose perhaps. We currently just find no way to avoid printing out secrets using ROW LEVEL. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
