Github user steveloughran commented on the issue: https://github.com/apache/spark/pull/17080 thanks. One thing I realised last night is that logging the session token, even at debug level, would have been a security risk. So it's very good that the log statement got cut, even at the cost of making it slightly harder to track down where credentials came from. One thing which could be added to all the setters would be the use of `Configuration.set(key, value, origin)` and set the origin to be something like "Env var $varname on $hostname", so the provenance does get tracked. There's not much which is offered in terms of examining that though; hard to justify
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. --- --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org