From 3c41159d264c48794a4539efbbd4f04fa48bcdce Mon Sep 17 00:00:00 2001
From: FoolFu <162613064+FoolFu@users.noreply.github.com>
Date: Mon, 24 Nov 2025 10:21:06 +0800
Subject: [PATCH] Update logging for auto-generated SECRET_KEY (#11458)

Remove the code that exposes the generated key in the log, as it poses a
security risk.

<img width="1170" height="269" alt="image"
src="https://github.com/user-attachments/assets/03c42516-af1a-49a4-ade2-4ef3ee4b3cdd"
/>

---------

Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com>
---
 common/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/settings.py b/common/settings.py
index ac2b13e00..9df0c0cd2 100644
--- a/common/settings.py
+++ b/common/settings.py
@@ -139,7 +139,7 @@ def _get_or_create_secret_key():
     import logging
 
     new_key = secrets.token_hex(32)
-    logging.warning(f"SECURITY WARNING: Using auto-generated SECRET_KEY. Generated key: {new_key}")
+    logging.warning("SECURITY WARNING: Using auto-generated SECRET_KEY.")
     return new_key
 
 class StorageFactory: