Add SensitiveParameter attribute in the security hardening list

chx · Dec 9, 2022 · 4cfa2ce · 4cfa2ce
1 parent c194f5c
commit 4cfa2ce
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/contributing/code/security.rst b/contributing/code/security.rst
@@ -22,8 +22,8 @@ email for confirmation):
   is set to ``true`` or ``APP_ENV`` set to anything but ``prod``);
 
 * Any fix that can be classified as **security hardening** like route
-  enumeration, login throttling bypasses, denial of service attacks, or timing
-  attacks.
+  enumeration, login throttling bypasses, denial of service attacks, timing
+  attacks, or lack of ``SensitiveParameter`` attributes.
 
 In any case, the core team has the final decision on which issues are
 considered security vulnerabilities.