Strip user and document IDs from edit-resolution INFO logs
bmersereau opens a PR against upstream to remove INFO-level log lines in the edit-resolution handler that were emitting user identifiers, document identifiers, and edit identifiers alongside internal handler state - all going to whatever log aggregator the deployment uses.
The framing is GDPR data minimization: log lines that link user identities to legal document activity create a durable record the application doesn't need. The removal is scoped to this one handler; error-level logging in the storage and conversion paths is left intact.
Removing the log lines exposed something else. Two database update calls in the same handler had been silently swallowing errors, with the surrounding log statements obscuring the missing error handling. bmersereau restores explicit error propagation on both.
Two other fixes are bundled in. A build-config tweak excludes test directories from the TypeScript compilation root, addressing ESM syntax in tests that was breaking the production build. A test file targeting the wrong function name is corrected so static-analysis assertions actually run against the handler they claim to cover.
Verification is structural rather than behavioral: three static-analysis tests assert the handler source contains no console.log calls referencing the sensitive identifiers. Closes three tracked issues. Open against willchen96/mike.
Spotted something wrong? Or know the PR text has fresher detail than the writeup above?