[Feature Request]: Add enabled-by-default option to censor sensitive secrets outputted by stacktraces and logging

[Derpitron]

Description

Currently the stacktrace and loguru logging modules spit out a bunch of local variable values at crash-time. Some of these variables include runtime configurations containing sensitive user secrets such as passwords, email addresses, and account tokens.

This is a potential security risk for users if they share their runtime logs publically for bug-tracking/fixing purposes.

Describe the solution you'd like

Implement a feature that's opted in by default, to redact/suppress any sensitive log/console outputs in logging or stack traces. Especially events of the SENSITIVE_DEBUG level in Loguru.

Describe alternatives you've considered

No response

Any other context/information?

In tandem: eventually split cfg.yml config file into a public and private config file: where public has program setting such as modes and can easily be shared in crash/bug reports, while private somehow securely stores inputted user secrets (preferably in an encrypted form)

[Luminaex]

Do we even need to log the sensitive information from cfg.yml shouldn't we just log the modes used?

[Derpitron]

Sometimes the user might want sensitive logs for debugging purposes.

I implemented any sensitive logs as a SENSITIVE_DEBUG Log Level in Loguru logging library. This means it should be easy to suppress any logs with that level.

However, redacting stack traces might be harder.

[Luminaex]

Ah okay, It was easy to implement the hiding of the sensitive logs but still looking at the stack traces, however suppressed_paths seems like it should sort the stack traces so going to look into that.

[Derpitron]

⚠️ Program Stack traces still reveal sensitive secrets (afaik the user's ENTIRE CONFIG).