Comet's InvalidAPIKey error prints the API key to any user

[jerpint-mila]

Describe the Bug

When comet raises the InvalidAPIKey error, it prints in plain-text the API key currently in use. This means anyone with access to logs could obtain access to someone's API key they don't necessarily have access to.

Expected behavior

It would be better to not print the API key in plain-text, or maybe just print the last few chars for reference to the user.

Where is the issue?

• [x] Comet Python SDK
• [ ] Comet UI
• [ ] Third Party Integrations (Huggingface, TensorboardX, Pytorch Lighting etc)

To Reproduce

Steps to reproduce the behavior: you can simply raise the InvalidAPIKey error. When it gets called passed the actual API key, it will print the api key as plaintext.

A scenario where this might happen:

from comet_ml import API
api = API()
api.get_experiment("restricted-workspace/exp/exp_id")

It's important here that restricted_workspace actually exists and that you don't have permissions to it. When those conditions are met, your API key is printed in plaintext to the user in the logs because the exception is raised and your API key is passed as an argument.

It is not a good idea to have API keys be written in logs. This could be true of an environment with API keys being set as secrets for example.