It appears that credentials and tokens are logged by Nuxeo Drive => this is not essential information for investigation and they should be removed from the logs. Note that a username should be kept, because it may be useful to validate a connection, but not the password.
Maybe other sensitive information should be removed but we'll have to discuss if they are useful for any investigation the Drive team or the Support team could do.
- depends on
-
NXDRIVE-2880 Remove message on DEBUG log level
- Resolved
- is related to
-
NXDRIVE-2840 Discovery - Remove sensitive information
- Resolved
-
NXPY-248 Remove sensitive information
- Resolved