From 32c534eba0d8c5594d292d0e1b89aed14c2b65bc Mon Sep 17 00:00:00 2001
From: Ernesto Serrano <info@ernesto.es>
Date: Tue, 31 Mar 2026 11:47:15 +0100
Subject: [PATCH] Potential fix for code scanning alert no. 6: Clear-text
 logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/py_moodle/auth.py | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/py_moodle/auth.py b/src/py_moodle/auth.py
index 734d71d..d1da039 100644
--- a/src/py_moodle/auth.py
+++ b/src/py_moodle/auth.py
@@ -120,10 +120,9 @@ def _standard_login(self):
             "anchor": "",
         }
         if self.debug:
-            redacted_payload = payload.copy()
-            if "password" in redacted_payload:
-                redacted_payload["password"] = "***REDACTED***"
-            print(f"[DEBUG] POST {login_url} payload={redacted_payload}")
+            # Avoid logging sensitive information such as passwords.
+            # Log only non-sensitive fields for debugging.
+            print(f"[DEBUG] POST {login_url} with username={self.username}")
         resp = self.session.post(login_url, data=payload, allow_redirects=True)
         if self.debug:
             print(f"[DEBUG] Response {resp.status_code} {resp.url}")