fix: log trace should not log sql values

[ssoroka]

What did this pull request do?

Log parameterized queries instead of full sql queries that may contain sensitive information

User Case Description

See #5287

Closes #5287

[jinzhu]

Hello @ssoroka

Thank you for your PR, but I think we can change log's callback method to

func(... logger.Config) (string, int64) and use the Config param to control returns parameterized or full SQL.

Can you make the change?

[ssoroka]

That sounds like it would be a breaking change for anyone who has a custom logger already. Is there another place to put the config that wouldn't be a breaking change? And if we do that, can we default to the secure option?

Edit: oh, I think I see what you're saying.

[dorsha]

Hi, any update with this one?
It is really important for us (and I think any consumer), since PII is getting leaked when enabling sql logs.
Any help needed to close this one?

[finnnark]

+1

[ssoroka]

PR Updated. let me know if this is what you were thinking. Test failures don't seem related to my change.

[dageev-hs]

Hi @ssoroka @demoManito
Any updates on this PR?

[thundering-herd]

Hej

Is there any way to support this to be integrated into gorm? @ssoroka @demoManito