Log redaction

To prevent sensitive information from ending up in log messages, log entries will be redacted by turning previously encrypted information back into environment variables.

Assuming the variable ${API_PASSWORD} is encrypted and holds the value my-secret-password and assuming the value for ${API_USER} is admin, the following log message contains sensitive information:

Log [NOTICE] Could not connect to https://api.alumio.com with user "admin" and
password "my-secret-password".

Alumio will automatically detect this information as sensitive and redact the log entry. This will turn the log entry into the following:

Log [NOTICE] Could not connect to https://api.alumio.com with user "admin" and
password "<REDACTED>".

Notice that the password has been replaced with <REDACTED> and that the username admin has been left untouched, because it was not previously encrypted.