structlog icon indicating copy to clipboard operation
structlog copied to clipboard
verified publisher icon hynek

dict_traceback showing locals which includes credentials

Open leoskyrocker opened this issue 9 months ago • 2 comments

Sensitive data can be printed by exposing all of the locals. I've encountered one with using psycopg2. It stores database connection strings, and is exposed when there is an uncaught exception.

Proposed Resolution

Allow dict traceback or traceback.SHOW_LOCALS to be configured (currently it is hardcoded)

leoskyrocker avatar Mar 31 '25 04:03 leoskyrocker

Are you using structlog.processors.dict_tracebacks()?

This is just a shortcut for ExceptionRenderer(ExceptionDictTransformer()) which has a show_locals argument.

If secrets are wrapped with pydantic.Secret() or typed_settings.Secret(), they will not leak. But I think very few people actually to this and for external libs, you can't control this behavior.

So maybe changing the default of SHOW_LOCALS to False might be a good idea.

sscherfke avatar Apr 09 '25 10:04 sscherfke

That would be a pretty breaking change; how about pointing this out in the docs? For all I care in a .. warning. Setting up traceback rendering outside of a console kinda implies reading the docs at least once.

P.S. environ-config's secrets shouldn't leak either :P

hynek avatar Jun 02 '25 08:06 hynek