From 10d40fd84be10f9cc182e1fdc746b72d640227e4 Mon Sep 17 00:00:00 2001
From: Mark <14284867+xHeaven@users.noreply.github.com>
Date: Sun, 29 Dec 2024 09:02:25 +0100
Subject: [PATCH] Declare sensitive parameters as sensitive

... just so that they don't show up in logs
---
 src/Commands/CreateUserWithRLSPolicies.php | 1 +
 src/Features/UserImpersonation.php         | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Commands/CreateUserWithRLSPolicies.php b/src/Commands/CreateUserWithRLSPolicies.php
index fd0338b6..aa171d58 100644
--- a/src/Commands/CreateUserWithRLSPolicies.php
+++ b/src/Commands/CreateUserWithRLSPolicies.php
@@ -66,6 +66,7 @@ class CreateUserWithRLSPolicies extends Command
     protected function makeDatabaseConfig(
         PermissionControlledPostgreSQLSchemaManager $manager,
         string $username,
+        #[\SensitiveParameter]
         string $password,
     ): DatabaseConfig {
         /** @var TenantWithDatabase $tenantModel */
diff --git a/src/Features/UserImpersonation.php b/src/Features/UserImpersonation.php
index e2a0e69f..fd608cc4 100644
--- a/src/Features/UserImpersonation.php
+++ b/src/Features/UserImpersonation.php
@@ -30,7 +30,7 @@ class UserImpersonation implements Feature
     }
 
     /** Impersonate a user and get an HTTP redirect response. */
-    public static function makeResponse(string|ImpersonationToken $token, ?int $ttl = null): RedirectResponse
+    public static function makeResponse(#[\SensitiveParameter] string|ImpersonationToken $token, ?int $ttl = null): RedirectResponse
     {
         /** @var ImpersonationToken $token */
         $token = $token instanceof ImpersonationToken ? $token : ImpersonationToken::findOrFail($token);