tuf: move INFO logs to DEBUG or WARNING #2243
Conversation
Signed-off-by: William Woodruff <william@trailofbits.com>
Pull Request Test Coverage Report for Build 3758797915
💛 - Coveralls |
Signed-off-by: William Woodruff <william@trailofbits.com>
There was a problem hiding this comment.
This should reduce some default logging noise when TUF's ngclient is used as a library in other applications (in particular, sigstore-python).
Thanks. I think I agree with this... but I will note that
a) sigstore-python is the one setting a non-default log level (WARNING is default IIRC)
b) maybe there is documentation on what should be considered INFO and what DEBUG but I haven't found any. I think your interpretation is that INFO is something that can be exposed to end users and DEBUG is not: that sounds reasonable but it also means libraries then essentially have one log level available to them 🤷
That one warning should be debug, otherwise LGTM.
Oh, you're completely right. I'm not sure why we set |
Signed-off-by: William Woodruff <william@trailofbits.com>
Signed-off-by: William Woodruff <william@trailofbits.com>
There was a problem hiding this comment.
looks good to me. I'm not 100% sure what the correct way to deal with logger.info() is (as this approach essentially means that libraries are only allowed to log at debug, and info essentially does not exist for libraries: this feels wrong) but I agree this change is in line with other logger calls.
We likely debug-log a little too much at the moment in ngclient but these are all useful logs so that's another issue.
|
Yeah, agreed -- I need to re-think how I'm going to file an issue for that. |
This should reduce some default logging noise when TUF's ngclient is used as a library in other applications (in particular,
sigstore-python).See: sigstore/sigstore-python#351
cc @jku
Signed-off-by: William Woodruff william@trailofbits.com