Do not log full request when bad response code is received

[faf0-addepar]

The request object potentially contains sensitive information. For
requests resulting in a bad response code, log only the response code
and the request method and URL.

[faf0-addepar]

@jesperfj please review when you have a moment

[jesperfj]

Thanks for this pull. I think this is good "hygiene" change. But it could make it harder to debug problems. In your opinion, would some people have a harder time debugging the cause of the error when they cannot see the full request? Should we solve that with a logger.debug type approach? (turn on more verbose logging to get the full request)

[jesperfj]

This is now released to 0.0.43

[faf0-addepar]

In your opinion, would some people have a harder time debugging the cause of the error when they cannot see the full request? Should we solve that with a logger.debug type approach? (turn on more verbose logging to get the full request)

That's possible, but at a minimum authentication headers should always be removed: #76 . Also, PII should be removed. It might be hard to enumerate where sensitive information such as PII can be present, so there is some risk with debug logging.