{"id":15019843,"url":"https://github.com/glaivepro/hidevara","last_synced_at":"2025-05-02T12:31:47.715Z","repository":{"id":56983227,"uuid":"156445884","full_name":"GlaivePro/Hidevara","owner":"GlaivePro","description":"Laravel millipackage that hides your variables from getting dumped in the Whoops page when your app crashes.","archived":false,"fork":false,"pushed_at":"2021-05-14T20:59:47.000Z","size":22,"stargazers_count":26,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-02T07:52:57.870Z","etag":null,"topics":["hacktoberfest","laravel","whoops-page"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/GlaivePro.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-11-06T20:50:06.000Z","updated_at":"2022-04-09T22:05:20.000Z","dependencies_parsed_at":"2022-08-21T12:20:51.654Z","dependency_job_id":null,"html_url":"https://github.com/GlaivePro/Hidevara","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlaivePro%2FHidevara","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlaivePro%2FHidevara/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlaivePro%2FHidevara/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlaivePro%2FHidevara/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/GlaivePro","download_url":"https://codeload.github.com/GlaivePro/Hidevara/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252038201,"owners_count":21684649,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","laravel","whoops-page"],"created_at":"2024-09-24T19:54:11.055Z","updated_at":"2025-05-02T12:31:46.102Z","avatar_url":"https://github.com/GlaivePro.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Hidevara\n\n\u003e Even though Laravel \u003e=6.x includes Ignition which no longer dumps your variables, it requires Whoops itself. And in some cases you can still get to the old error page with variables dumped.\n\n\u003e This package works fine with Laravel 8. I haven't updated it lately because it just works as fine as it did before.\n\nLaravel millipackage that hides your variables from getting dumped in the Whoops page when your app crashes.\n\n`Hidevara` is japonese for `hide the damn vars`.\n\n## Usage\n\nInstall it:\n\n``` bash\n$ composer require glaivepro/hidevara\n```\n\nTo deal with the cases where the app crashes before loading providers, you should open your `bootstrap/app.php` and extend the handler. Find these rows (or something similar with another namespace if you've changed that):\n```php\n// This is already there\n$app-\u003esingleton(\n    Illuminate\\Contracts\\Debug\\ExceptionHandler::class,\n    App\\Exceptions\\Handler::class\n);\n```\n\nImmediately after that insert these lines to extend the handler:\n```php\n// Enable only outside testing as this does not work well with phpunit... see below\nif ('testing' != env('APP_ENV'))  // this will work even with config caching\n\t$app-\u003eextend(\n\t\tIlluminate\\Contracts\\Debug\\ExceptionHandler::class,\n\t\tfunction($handler) {\n\t\t\treturn new GlaivePro\\Hidevara\\HidingHandler($handler);\n\t});\n```\n\nBy default this package will:\n\n- leave your GET and FILES intact;\n- hide value of any POST field that has a name containing `password`;\n- hide values of SESSION and COOKIE;\n- remove almost all SERVER variables (except REDIRECT_STATUS, REQUEST_METHOD, QUERY_STRING, REQUEST_URI);\n- remove all ENV variables.\n\n\"Hide\" means that the value will be replaced with a string. By default it's empty string for null/emptystring values and `[hidden]` for everything else.\n\n## Customization\n\nPublish the config:\n\n``` bash\n$ php artisan vendor:publish --provider=\"GlaivePro\\Hidevara\\Provider\"\n```\n\nNow you've got your very own `config/hidevara.php` file to edit. \n\nYou'll see a set of rules (`'action' =\u003e $test`) associated with each of the variables. The test can be an array of exact field names, string with a regex or `true` to take this action for anything.\n\nHere's an example:\n\n```php\n\t'_GET' =\u003e [                   //this is the ruleset for fields in GET\n\t\t'expose' =\u003e true,         // show all fields\n\t],\n\n\t'_ENV' =\u003e [\n\t\t'remove' =\u003e ['APP_KEY'],  // remove key field entirely\n\t\t'hide' =\u003e '/password/i',  // hide anything that matches regex contains password\n\t\t'trash' =\u003e '/PUSHER/'     // anything that's not 'expose' or 'hide' will remove matched fields\n\t\t'expose' =\u003e true,         // expose all that remains\n\t],\n\t\n\t'_SERVER' =\u003e [\n\t\t'expose' =\u003e ['REQUEST_METHOD'],  // show the REQUEST_METHOD\n\t\t                                 // everything that hasn't matched a rule will be removed\n\t],\n```\n\nThere are also `replaceHiddenValueWith` and `replaceHiddenEmptyValueWith` where you can supply whatever strings you love (like 🍑).\n\n## Changes to error handling\n\nTo hide the global variables from Whoops, they are hijacked/ruined just before calling your `Handler::render()`. If you need access to the original global at that method, you can get them in `$GLOBALS['hidevara']`. For example, `$GLOBALS['hidevara']['_SERVER']` is what `$_SERVER` was.\n\n## Working with PHPUnit\n\nSometimes (supposedly when an exception is raised) this package crashes PHPUnit. To prevent this, we are not enabling the custom handling when the environment is `testing`.\n\nIf you do need to enable this while running PHPUnit, the errors can be prevented by setting `processIsolation=\"true\"` on the `\u003cphpunit\u003e` tag in your `phpunit.xml`.\n\n## Collaboration\n\nPls help! Here are the open problems and questions:\n\n- We should make a console command that fixes `app\\bootstrap.php`. Can we force calling it in the provider if needed?\n- What should the default config be?\n- Should config allow repeating the same type of rule? It's possible but would make config syntax more complicated.\n- Are there better ways to do this in Laravel? \n- Can we intercept directly in the Whoopsies `PrettyPageHandler` and make this not Laravel specific?\n\n## Change log\n\nPlease see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently.\n\n## License\n\nThe MIT License (MIT). Please see [License File](LICENSE.md) for more information.\n\n[link-packagist]: https://packagist.org/packages/GlaivePro/Ajaxable\n[link-author]: https://github.com/tontonsb\n[link-contributors]: ../../contributors\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fglaivepro%2Fhidevara","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fglaivepro%2Fhidevara","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fglaivepro%2Fhidevara/lists"}