Summary

The full Settings struct (including proxy_secret, synthetic.secret_key, handler passwords) is logged via Debug format at INFO level on every request. Synthetic ID generation logs client IP, user agent, and other PII. Integration responses (full bid payloads) are logged at debug. Logger is globally set to debug level. This is both a privacy/compliance risk and a perf/log-cost risk.

Refs

• crates/fastly/src/main.rs line 42 — log::info!("Settings {settings:?}")
• crates/fastly/src/main.rs line 177 — logger level set to debug
• crates/common/src/synthetic.rs line 99 — logs HMAC input (IP, UA)
• crates/common/src/synthetic.rs line 112 — logs synthetic ID details
• crates/common/src/integrations/prebid.rs line 832 — logs full bid response
• crates/common/src/integrations/aps.rs line 444 — logs APS response
• crates/common/src/integrations/adserver_mock.rs line 284 — logs mock response

Recommendation

Implement a Redacted<T> wrapper for secret fields that prints [REDACTED] in Debug/Display. Set production log level to INFO or WARN. Move payload logging to TRACE.

Context

Production readiness audit — see #396