remove query parameters from logs #1996
Description
Sql query parameters often contain sensitive data so letting these parameters be logged by default is risky for users.
> illustrative example
DEBUG:tortoise.db_client:INSERT INTO "users"
("hashpass", "hashpass_salt", "social_security_number")
VALUES ($1,$2,$3): ['SENSITIVE_STUFF', 'SENSITIVE_STUFF', 'SENSITIVE_STUFF']
Here's one example:
There are a few more.
Resolution: modify the log statements to include only the query, not the parameters.