I have a couple of scripts that are run as part of a project's CI pipeline and some of the scripts are run explicitly on protected branches. The scripts that are run on protected branches have _protected_ secret variables that are used to SSH to other servers and make this and that. In case I want to debug something, I set the CI_DEBUG_TRACE variable to true as documented but that results in the job log exposing protected secret variables. The job log can be deleted but since the commit enabling the CI_DEBUG_TRACE remains there, anyone with access rights can just `Retry` that specific job and get the variables exposed again. What is the suggested way of protecting against the variables leaking and getting rid of that specific commit/job if they already leaked? That being said/asked, I think it would be better if CI_DEBUG_TRACE did not expose protected secret variables by default.