Hello Tim and Adrien, Thank you for your answers.
I am thinking now a PSR is maybe not the appropriate response for this use case. The SensitiveParameter attribute and the SensitiveParameterValue give some solutions for opaque objects, however it is not sufficient alone. Do you think it should be better achieved as internal classes/functions? Grégory Le dimanche 9 juin 2024 à 15:10:40 UTC+2, Tim Düsterhus a écrit : > Hi > > On 6/7/24 04:39, Adrien Crivelli wrote: > > https://3v4l.org/IPXe0#v8.2.20 seems to demonstrate that the plain > native > > `SensitiveParameterValue` does not disclose any more information than > your > > custom `Secured` class. Unless there is more features than you did not > > mention, I'd also suggest to directly use the > > native `SensitiveParameterValue` for maximum interoperability and ease of > > use. > > As the RFC author of the RFC in question: One thing a userland class > cannot protect against that SensitiveParameterValue as an internal class > protects against is an `(array)` cast. > > Best regards > Tim Düsterhus > -- You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group. To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/php-fig/68824cf2-1ae7-48cc-bd1d-768086b81bb8n%40googlegroups.com.
