edx-platform

Author SHA1 Message Date

Author	SHA1	Message	Date
Tim McCormack	a1b09c0b8d	fix: More resilience when calling `encrypt_for_log` with missing key (#29878 ) It's likely that someone will at some point enable encrypted logging but forget to deploy the config change that sets the key; if this happens, we should gracefully return a warning rather than raise an exception. Along the same lines, make sure that safe-sessions won't raise an exception if the setting is missing, and document the suggested use of getattr.	2022-02-07 16:00:56 +00:00
Tim McCormack	1e55b4e1b6	feat: Add utility for logging sensitive information using encryption (#29682 ) Introduces `common.djangoapps.util.log_sensitive module` for public-key encryption of sensitive debug information in log messages, including CLI commands for generating keys and decrypting log output. Also: - Adds `PyNaCl` to base requirements for encryption tools - Requirements upgrade ref: ARCHBOM-1940	2022-01-05 21:37:45 +00:00

Tim McCormack

a1b09c0b8d

fix: More resilience when calling encrypt_for_log with missing key (#29878 )

It's likely that someone will at some point enable encrypted logging but
forget to deploy the config change that sets the key; if this happens, we
should gracefully return a warning rather than raise an exception.

Along the same lines, make sure that safe-sessions won't raise an exception
if the setting is missing, and document the suggested use of getattr.

2022-02-07 16:00:56 +00:00

Tim McCormack

1e55b4e1b6

feat: Add utility for logging sensitive information using encryption (#29682 )

Introduces `common.djangoapps.util.log_sensitive module` for
public-key encryption of sensitive debug information in log
messages, including CLI commands for generating keys and
decrypting log output.

Also:

- Adds `PyNaCl` to base requirements for encryption tools
- Requirements upgrade

ref: ARCHBOM-1940

2022-01-05 21:37:45 +00:00

2 Commits