You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should decide if we want Debug implementations on secret data. Patrick was removing it as part of his memory protections PR, but I think it warrants a larger discussion.
We've discussed that we could conditionally remove the Debug as part of a feature flag, which would allow people who don't want to be able to use Debug in their codebases while still allowing it for others. This feature could be on by default if we wanted to be safe by default (which is always a good goal).
Even if we do remove it, logging the bytes is still possible with {:?}, prv_key.bytes().
The text was updated successfully, but these errors were encountered:
We should decide if we want Debug implementations on secret data. Patrick was removing it as part of his memory protections PR, but I think it warrants a larger discussion.
We've discussed that we could conditionally remove the Debug as part of a feature flag, which would allow people who don't want to be able to use Debug in their codebases while still allowing it for others. This feature could be on by default if we wanted to be safe by default (which is always a good goal).
Even if we do remove it, logging the bytes is still possible with
{:?}, prv_key.bytes().The text was updated successfully, but these errors were encountered: