Vercel now automatically redacts Sensitive Environment Variables from build logs when their values are 32 characters or longer, replacing them with [REDACTED] inline.
The system logs the variable key, project name, and deployment ID in the Activity Log when redaction fires, so teams can audit what was masked and why without ever seeing the underlying value. Build Logs also surface a visible indicator when redaction occurred, closing the gap between security and debuggability.
Vercel extends this behavior to selected system Environment Variables tied to deployment security. The full changelog covers exactly which system variables are in scope and how the 32-character threshold interacts with existing Sensitive Variable configurations, details worth reading before your next secrets audit.
[READ ORIGINAL →]