Context
PR #99 added `#[instrument]` to all `GoveeBackend` trait methods in both backends, with `device = %id` as a span field. `DeviceId::Display` emits the raw MAC address (e.g. `AA:BB:CC:DD:EE:FF`).
This means every backend operation logs the full MAC in structured tracing spans. Depending on the subscriber (file logger, syslog, log aggregator), MACs may appear in logs shipped off the host.
Affected locations
- `src/backend/cloud.rs` — all `#[instrument]` attrs with `device = %id`
- `src/backend/local.rs` — all `#[instrument]` attrs with `device = %id`
Options
- Omit the device field from spans entirely (loses observability).
- Shorten to last 3 octets or a hash prefix for correlation without full disclosure.
- Redacting wrapper type — a newtype over `DeviceId` whose `Display` masks the MAC, used only in tracing field position.
Option 3 preserves correlation (same partial ID across spans for the same device) while not logging the full address.
Notes
Context
PR #99 added `#[instrument]` to all `GoveeBackend` trait methods in both backends, with `device = %id` as a span field. `DeviceId::Display` emits the raw MAC address (e.g. `AA:BB:CC:DD:EE:FF`).
This means every backend operation logs the full MAC in structured tracing spans. Depending on the subscriber (file logger, syslog, log aggregator), MACs may appear in logs shipped off the host.
Affected locations
Options
Option 3 preserves correlation (same partial ID across spans for the same device) while not logging the full address.
Notes