From 7299d8a90b6ea607348271cf0261607497da8392 Mon Sep 17 00:00:00 2001
From: Ernesto Serrano <erseco@gmail.com>
Date: Mon, 4 Aug 2025 14:20:14 +0100
Subject: [PATCH] Potential fix for code scanning alert no. 3: Clear-text
 logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/py_moodle/auth.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/py_moodle/auth.py b/src/py_moodle/auth.py
index e929f3b..846b3b3 100644
--- a/src/py_moodle/auth.py
+++ b/src/py_moodle/auth.py
@@ -107,7 +107,10 @@ def _standard_login(self):
             "anchor": "",
         }
         if self.debug:
-            print(f"[DEBUG] POST {login_url} payload={payload}")
+            redacted_payload = payload.copy()
+            if "password" in redacted_payload:
+                redacted_payload["password"] = "***REDACTED***"
+            print(f"[DEBUG] POST {login_url} payload={redacted_payload}")
         resp = self.session.post(login_url, data=payload, allow_redirects=True)
         if self.debug:
             print(f"[DEBUG] Response {resp.status_code} {resp.url}")