Scrubbing
The TypeScript SDK scrubs sensitive-looking attribute values before export. Scrubbing applies to manual span attributes and to data processed through the Logfire API helpers.
import * as logfire from '@pydantic/logfire-node'
logfire.configure({
scrubbing: {
extraPatterns: ['secret_token', 'internal_customer_note'],
},
serviceName: 'checkout-api',
})
Disable scrubbing only when you are certain telemetry cannot contain sensitive data:
logfire.configure({
scrubbing: false,
serviceName: 'local-test',
})
Use a callback for application-specific handling:
logfire.configure({
scrubbing: {
callback: (match) => {
if (match.path.includes('debug')) return match.value
return '[scrubbed]'
},
},
serviceName: 'checkout-api',
})
Prefer not to attach secrets to span attributes in the first place. Scrubbing is a backstop, not a replacement for careful telemetry design.