Bug Description
Parameter $isOAuth .. might contain sensitive information
is reported for non-string arguments like bool, float, int - which IMO does not make sense.
would be great the error would only be reported for string, array (which might contain strings), or object (which might contain string properties)
Environment
PHP Version:
PHP 8.3.30 (cli) (built: Jan 13 2026 22:36:55) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.30, Copyright (c) Zend Technologies
PHPStan Version:
2.1.54
Extension Version:
0.1.0
Code Sample
having code like
public static function findByEmail(bool $isOAuth = false): ?self
{}
Expected Behavior
none
Actual Behavior
Parameter $isOAuth in X::findByEmail might contain sensitive information. Add the #[\SensitiveParameter] attribute or ignore with @phpstan-ignore sensitiveParameter.missing.
Bug Description
is reported for non-string arguments like bool, float, int - which IMO does not make sense.
would be great the error would only be reported for string, array (which might contain strings), or object (which might contain string properties)
Environment
PHP Version:
PHP 8.3.30 (cli) (built: Jan 13 2026 22:36:55) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.30, Copyright (c) Zend Technologies
PHPStan Version:
2.1.54
Extension Version:
0.1.0
Code Sample
having code like
Expected Behavior
none
Actual Behavior