PHP 8.2: the SensitiveParameter attribute

Functions, objects, or some configs can contain credentials and sensitive data. There could be multiple occurrences in your code.

Using the SensitiveParameter attribute will prevent any unwanted disclosure in stack traces (e.g., debug_print_backtrace), error logs, and, more generally, in fatal errors.

Basic syntax

function getData(#[\SensitiveParameter] string $password) {}

Instead of the actual value, people will get a SensitiveParameterValue in debugs and other var_dump. Behind the scene, it encapsulates the real value in a private value.

The …

basic beginners code credentials data disclosure error errors function functions logs password people php programming security sensitive data stack traces value