On Thu, Jun 13, 2019 at 9:36 AM Marco Pivetta <ocram...@gmail.com> wrote: > > You'd still see the DSN in the traces. >
My understanding is that if using pdo.dsn.mysql via INI, you wouldn't see the username / password in traces. I only learned about this configuration reading through Sjon's PR, but looks reasonable. To the original issue Lester faces: The crux of all this is "don't use exceptions to do customer support"! Most, if not all, log aggregation software (Splunk, ELK-stack, etc.) give you the ability to configure dashboards or reports to highlight different levels of "fail-boat" in the environment. We do this in our environment, which is very heterogeneous and uncontrolled; filled with undergraduates, graduates, faculty, staff, other IT organizations and everything in-between. Not only do I have to deal with *my* logs, but I also have to help facilitate improvements to tenant applications. If it were me, I would be looking to your system administrators to improve the configuration and management of your application monitoring. If you don't have any automated monitoring (Splunk or ELK (free), Telegraf/InfluxDB, Nagios even), look into these things. Configure these to solve this problem rather than having customers be the "free" monitoring solution as a default. If I tried to pitch to my team that we would just use our users as THE monitoring solution, I'd not only get some strange looks, but also a can of surströmming thrown in my face. As developers and system administrators, we can do better by our users to prevent these types of errors before they hit them. We can do this through improvements to our software design life cycle (or, to keep it simple... write tests and develop somewhere other than production). Ultimately, we're never going to catch everything... but customers reporting literal exceptions should be... exceptional :) P.S. I fully understand the "real world" sentiment even if I perceive a different reality than yours. In the "real world", people get set in their ways and higher-ed is no better a place that I have found to observe this. However, in my experience, even the saltiest of faculty with their 50 year old "Fortran codes" are amenable to change if it makes their lives easier. Applying some of these strategies *will* improve quality of work-life and *will* improve your business. Having customers report low-level exceptions / stack-traces cannot be "good for business" and must lower confidence in the product. Cheers, -- Dustin Wheeler | Software Developer NC State University mdwhe...@ncsu.edu "If you don't know where you're going, it's easy to iteratively not get there." -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
