[Feature request] Toggle for showing credentials in log #708
Description
I've noticed in the log that sometimes sensitive values are redacted, but sometimes they come through.
For example,
10:14:03.398 [main] INFO c.d.o.s.a.d.CassandraDataSource -- Initializing CassandraDataSource with config {database=openai, environment=PROD, password=, clientId=token, service=astra, secret=, token=}
but later in the log, I see this:
10:14:22.480 [MainThread] INFO root -- Initializing LangChain Chat with config {'astra-db-keyspace': 'doc_qa_demos', . . . "key": "AZURE_OPENAI_API_KEY", "value": " [ includes configs with sensitive values ]
When debugging, it's useful to show credentials in the log. However, for production, this can be a security risk.
It would be helpful to have a way to toggle whether credentials appear in the log.
I realize this might add some complexity around defining what config values are sensitive and would need to be obfuscated, but perhaps a list of variables to be obfuscated could be defined in a config somewhere and then used to substitute those values when logging. Hopefully, there's a way to do it without creating a significant performance impact when logging.