Don't fight against ourselves for the default log level #16622
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If we want to always default to :debug, let's just do that. At which point the production.rb entry can become an "uncomment to change" instead.
|
|
2 similar comments
|
|
|
|
|
🚢 🇮🇹 |
matthewd
added a commit
that referenced
this pull request
Aug 22, 2014
Don't fight against ourselves for the default log level
| @@ -117,7 +117,7 @@ def database_configuration | |||
| end | |||
|
|
|||
| def log_level | |||
| @log_level ||= Rails.env.production? ? :info : :debug | |||
| @log_level ||= :debug | |||
There was a problem hiding this comment.
@matthewd This would change the default for existing applications too, whereas the older implementation would keep the same default for existing applications, c/d? While this is probably okay, we should at least mention it in the upgrade guides.
There was a problem hiding this comment.
+1 on this being a high risk change, people are going to be bitten by this hard. (eg: why is my app so slow, ahhh ... you have log level set to debug)
There was a problem hiding this comment.
Actually I found this change complicating the debugging process because of too many logs. So changed back to config.log_level = :info.
zzak
pushed a commit
to zzak/rails
that referenced
this pull request
Nov 25, 2014
zzak
pushed a commit
to zzak/rails
that referenced
this pull request
Nov 25, 2014
zzak
pushed a commit
to zzak/rails
that referenced
this pull request
Nov 25, 2014
ericpayneclio
added a commit
to ericpayneclio/rails
that referenced
this pull request
Jun 23, 2020
I recently learned that Rails logs at the :debug level (not the :info level) by default in production environments. This is a surprising behaviour, as other popular frameworks do not log at this level by default. It would not be surprising if a developer accidentally logged personally identifiable information (PII) in a production environment due to this behaviour. I noticed that [in 2014](rails#16622), the Rails project made an intentional decision to set the default log level to :debug. However, the landscape around logging PII has changed since then with the introduction of legislation like GDPR, so I thought it prudent to reopen this discussion.
rafaelfranca
pushed a commit
that referenced
this pull request
Sep 22, 2020
I recently learned that Rails logs at the :debug level (not the :info level) by default in production environments. This is a surprising behaviour, as other popular frameworks do not log at this level by default. It would not be surprising if a developer accidentally logged personally identifiable information (PII) in a production environment due to this behaviour. I noticed that [in 2014](#16622), the Rails project made an intentional decision to set the default log level to :debug. However, the landscape around logging PII has changed since then with the introduction of legislation like GDPR, so I thought it prudent to reopen this discussion.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If we want to always default to
:debug, let's just do that.At which point the production.rb entry can become an "uncomment to change" instead.