Automatically filter sensitive information in some Python standard libraries

I use an on-premises installation. I use the master branch to deploy at least once per-week. Currently I’m running commit 5f17a3b08b.

I also use raven and the it’s logging integration to report events to sentry.

I noticed that when errors occur using some protocol-oriented modules from the standard library, sensitive information may be sent to the Sentry.

Example: An error occurred while executing the IMAP LOGIN command and see the user’s email and password arguments to the _simple_command function in This is because in this function takes *args. In the same traceback the calling function has local variable password is properly filtered out.

Do raven keeps a blacklist of ‘standard library’ packages to filter. I know I could write a processor, but being the standard library standard, I think raven could include several known leaks like this one and avoid them by default.

Best regards,

Do raven keeps a blacklist of ‘standard library’ packages to filter.

We don’t. The tricky thing here is that Sentry processes exceptions from dozens of platforms, so maintaining such a list for every platform will be really onerous and hard to maintain.

I think it would be our preference that this be done in the Python SDK, perhaps ideally as a plugin of some kind.