diff --git a/develop-docs/sdk/foundations/client/data-collection/index.mdx b/develop-docs/sdk/foundations/client/data-collection/index.mdx
index a289132d9ac4f..943bd508d0982 100644
--- a/develop-docs/sdk/foundations/client/data-collection/index.mdx
+++ b/develop-docs/sdk/foundations/client/data-collection/index.mdx
@@ -2,12 +2,15 @@
title: Data Collection
description: Configuration for what data SDKs collect by default, including technical context, PII, and sensitive data.
spec_id: sdk/foundations/client/data-collection
-spec_version: 0.5.0
+spec_version: 0.6.0
spec_status: candidate
spec_depends_on:
- id: sdk/foundations/client
version: ">=1.0.0"
spec_changelog:
+ - version: 0.6.0
+ date: 2026-06-26
+ summary: Include configuration for database queries.
- version: 0.5.0
date: 2026-06-26
summary: Include configuration options for controlling the inclusion of graphql documents and variables.
@@ -73,7 +76,7 @@ Personally Identifiable Information (PII) or user-linked data. Examples include,
- Contact (email, phone number, address)
- IP address
- Cookies and headers that identify the user or session
-- HTTP request data (TBD)
+- HTTP request data or database query parameters (TBD)
For context types that may carry PII fields (e.g. `device_unique_identifier` in [Device Context](/sdk/foundations/transport/event-payloads/contexts/#device-context), or fields in the [User Interface](/sdk/foundations/transport/event-payloads/user/)), see the linked specs.
@@ -537,6 +540,9 @@ init({
inputs?: boolean, // default: true
outputs?: boolean, // default: true
},
+ database?: {
+ queryParams?: boolean // default: true
+ },
stackFrameVariables?: boolean, // default: true
frameContextLines?: integer, // default: 5 (see boolean fallback below)
},
@@ -552,6 +558,7 @@ init({
| `queryParams` | Key-value collection | `{ mode: "denyList" }` | 0.1.0 | Collect URL query parameters. All key names are always included; the SDK scrubs values for keys matching the sensitive denylist or custom allow/deny terms. |
| `graphql` | `{ document?, variables? }` | Both `true` | 0.5.0 | For `document`: Collect the GraphQL document.
For `variables`: Collect the variables that are passed to GraphQL operations. |
| `genAI` | `{ inputs?, outputs? }` | Both `true` | 0.1.0 | For `inputs`: Include the content of generative AI inputs (e.g. prompt text, tool call arguments).
For `outputs`: Include the content of generative AI outputs (e.g. completion text, tool call results). Metadata such as model name and token counts is always collected regardless of these settings. |
+| `database` | `{ queryParams? }` | `true` | 0.6.0 | Include parameters/arguments passed to database queries. Setting this to false will either omit the value altogether, or replace the value with '[Filtered]'. |
| `stackFrameVariables` | Boolean | `true` | 0.1.0 | Include local variable values captured within stack frames. |
| `frameContextLines` | Integer (`Boolean` fallback) | `5` (`true`) | 0.1.0 | Number of source code lines to include above and below each stack frame.
**`Boolean` fallback:** Not all platforms support integer configuration values. SDKs **MAY** accept a boolean, where `true` is equivalent to the platform default (typically `5`) and `false` is equivalent to `0` (no context lines). SDKs **SHOULD** prefer accepting an integer when their platform supports it. |
@@ -655,6 +662,9 @@ init({
inputs: false,
outputs: false,
},
+ database: {
+ queryParams: false,
+ },
httpHeaders: { deny: ["forwarded", "-ip", "remote-", "via", "-user"] },
cookies: { deny: ["forwarded", "-ip", "remote-", "via", "-user"] },
queryParams: { deny: ["forwarded", "-ip", "remote-", "via", "-user"] },