dict_traceback showing locals which includes credentials

[leoskyrocker]

Sensitive data can be printed by exposing all of the locals.
I've encountered one with using psycopg2. It stores database connection strings, and is exposed when there is an uncaught exception.

Proposed Resolution

Allow dict traceback or traceback.SHOW_LOCALS to be configured (currently it is hardcoded)

[sscherfke]

Are you using structlog.processors.dict_tracebacks()?

This is just a shortcut for ExceptionRenderer(ExceptionDictTransformer()) which has a show_locals argument.

If secrets are wrapped with pydantic.Secret() or typed_settings.Secret(), they will not leak. But I think very few people actually to this and for external libs, you can't control this behavior.

So maybe changing the default of SHOW_LOCALS to False might be a good idea.

[hynek]

That would be a pretty breaking change; how about pointing this out in the docs? For all I care in a .. warning. Setting up traceback rendering outside of a console kinda implies reading the docs at least once.

P.S. environ-config's secrets shouldn't leak either :P