fix(slackbot): remove global logging.basicConfig(DEBUG)#5696
fix(slackbot): remove global logging.basicConfig(DEBUG)#5696yashhzd wants to merge 1 commit intoOWASP-BLT:mainfrom
Conversation
logging.basicConfig(level=logging.DEBUG) sets the root logger to DEBUG for the entire application, not just this module. This causes excessive log output from all libraries (requests, urllib3, slack_bolt, etc.) and can leak sensitive data in production. Django projects should rely on the LOGGING setting in settings.py instead. Also remove redundant pass after logger.debug in exception handler.
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
👋 Hi @yashhzd! This pull request needs a peer review before it can be merged. Please request a review from a team member who is not:
Once a valid peer review is submitted, this check will pass automatically. Thank you! |
📊 Monthly LeaderboardHi @yashhzd! Here's how you rank for February 2026:
Scoring this month: Open PRs (+1 each), Merged PRs (+10), Closed (not merged) (−2), Reviews (+5; first two per PR in-month), Comments (+2, excludes CR). Coderabbit chats column is visible. Points per chat: 0; daily cap per user (UTC): 7. |
Nachiket-Roy
left a comment
There was a problem hiding this comment.
Could you please create one more PR so we can verify whether the 50-PR cap guard is working as expected?
|
Yes its working fine |
Jayant2908
left a comment
There was a problem hiding this comment.
Removing logging.debug seems correct. Removing pass seems to be unnecessary but fine.
|
@yashhzd STOP spamming the project with so many PRs, there are multiple PRs covering same file with slightly different feature/chore/bug-fix and if you have any question join the slack channel and discuss them there. https://join.slack.com/t/owasp/shared_invite/zt-3pe2u9d9g-NTPxlRsHc6PznHklsfutyQ You are free to open pull requests but so many at once creates insane burden for code review not to mention some of them are very low quality. |
Summary
logging.basicConfig(level=logging.DEBUG)inslackbot.pysets the root logger to DEBUG for the entire Django application, not just this module. This causes:Changes
logging.basicConfig(level=logging.DEBUG)— Django projects should configure logging throughsettings.LOGGINGinsteadpassstatement afterlogger.debug()in exception handler (the except block already has a statement)Note
The module-level
logger = logging.getLogger(__name__)is preserved. Its effective level is controlled by Django'sLOGGINGconfiguration insettings.py, which is the correct approach for Django applications.