Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use #[\SensitiveParameter] attribute for e.g. passwords #177

Closed
liayn opened this issue Oct 29, 2024 · 11 comments · Fixed by #178
Closed

Use #[\SensitiveParameter] attribute for e.g. passwords #177

liayn opened this issue Oct 29, 2024 · 11 comments · Fixed by #178
Assignees
@liayn
Labels
enhancement

Comments

@liayn
Copy link
Collaborator

liayn commented Oct 29, 2024

No description provided.

@liayn liayn self-assigned this Oct 29, 2024
@xperseguers
Copy link
Owner

Good idea! I did it for ig_ldap_sso_auth in v4.0 :)

@liayn
Copy link
Collaborator Author

liayn commented Oct 29, 2024

That's were I found it ;-)

@liayn
Copy link
Collaborator Author

liayn commented Oct 30, 2024
edited
Loading

Okay, currently we still support PHP 7.4 for v11.
I think it is okay to require PHP8.2+ now, so we can actually add this attribute.
@xperseguers What do you think?

@xperseguers
Copy link
Owner

xperseguers commented Oct 30, 2024
edited
Loading

Yes, that sounds totally legit, those still in need for PHP 7.4 or PHP 8.0 can stick on the existing version, and the new version supporting v11, v12, and possibly v13 requires PHP 8.1+, that's fair and in line with official support of PHP.

Switching to PHP 8.1+ allows to get much cleaner code, thus prone to good refactoring.

@liayn
Copy link
Collaborator Author

liayn commented Oct 30, 2024

I'd go for PHP8.2 actually, because this attribute is supported since then only

@xperseguers
Copy link
Owner

No problem with PHP 8.1, it's just not taken into account, which doesn't hurt since it wasn't there for many versions either. And PHP 8.1 is in ELTS mode, thus I find it makes sense to keep support for it, since that extension doesn't target most up-to-date environments... https://www.php.net/supported-versions.php

@liayn
Copy link
Collaborator Author

liayn commented Oct 30, 2024

Wasn't aware that non-supported attributes are silently ignored. Cool actually.

@xperseguers
Copy link
Owner

indeed!

@liayn
Copy link
Collaborator Author

liayn commented Oct 30, 2024

will prepare that now then.

@xperseguers
Copy link
Owner

IIRC it would even work with PHP 7.4 but would only require to be specified on a separate line with nothing afterwards as # is considered a comment for the reste of the line until 8.0 or 8.1 where #[...] is a special comment similar to /* ... */

@liayn
Copy link
Collaborator Author

liayn commented Oct 30, 2024

Okay, I'd still argue 8.1 is okay to raise

liayn added a commit to liayn/t3ext-oidc that referenced this issue Oct 30, 2024
@liayn
[TASK] Require PHP 8.1
fb42e86 
Cleanup code accordingly.
Add SensitiveParameter attribute for passwords.

Resolves: xperseguers#177
@liayn liayn mentioned this issue Oct 30, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@liayn liayn

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[TASK] Require PHP 8.1 liayn/t3ext-oidc
2 participants
@liayn @xperseguers