Mark passwords and URIs as #[\SensitiveParameter] (PHP 8.2+)

Author: SimonFrings

src/Client.php

@@ -97,8 +97,11 @@ private function setProtocolVersionFromScheme($scheme)
      * @param string $password
      * @link http://tools.ietf.org/html/rfc1929
      */
-    private function setAuth($username, $password)
-    {
+    private function setAuth(
+        $username,
+        #[\SensitiveParameter]
+        $password
+    ) {
         if (strlen($username) > 255 || strlen($password) > 255) {
             throw new InvalidArgumentException('Both username and password MUST NOT exceed a length of 255 bytes each');
         }

src/Server.php

@@ -57,8 +57,12 @@ final class Server
      * @param ?ConnectorInterface $connector
      * @param null|array|callable $auth
      */
-    public function __construct(LoopInterface $loop = null, ConnectorInterface $connector = null, $auth = null)
-    {
+    public function __construct(
+        LoopInterface $loop = null,
+        ConnectorInterface $connector = null,
+        #[\SensitiveParameter]
+        $auth = null
+    ) {
         if (\is_array($auth)) {
             // wrap authentication array in authentication callback
             $this->auth = function ($username, $password) use ($auth) {
@@ -215,8 +219,12 @@ public function handleSocks4(ConnectionInterface $stream, StreamReader $reader)
     }
 
     /** @internal */
-    public function handleSocks5(ConnectionInterface $stream, $auth, StreamReader $reader)
-    {
+    public function handleSocks5(
+        ConnectionInterface $stream,
+        #[\SensitiveParameter]
+        $auth,
+        StreamReader $reader
+    ) {
         $remote = $stream->getRemoteAddress();
         if ($remote !== null) {
             // remove transport scheme and prefix socks5:// instead