PHPackages broadway/sensitive-data - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. broadway/sensitive-data ActiveLibrary[Security](/categories/security) broadway/sensitive-data ======================= helpers for handling sensitive data with Broadway 0.4.0(6y ago)718.0k↓50%1[1 PRs](https://github.com/broadway/broadway-sensitive-data/pulls)MITPHPPHP >=7.2CI passing Since Jan 3Pushed 5mo ago2 watchersCompare [ Source](https://github.com/broadway/broadway-sensitive-data)[ Packagist](https://packagist.org/packages/broadway/sensitive-data)[ RSS](/packages/broadway-sensitive-data/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (4)Dependencies (4)Versions (6)Used By (0) broadway/sensitive-data ======================= [](#broadwaysensitive-data) Helpers for handling sensitive data with Broadway. [![build status](https://github.com/broadway/broadway-sensitive-data/actions/workflows/ci.yml/badge.svg)](https://github.com/broadway/broadway-sensitive-data/actions/workflows/ci.yml/badge.svg) Installation ------------ [](#installation) ``` $ composer require broadway/sensitive-data ``` About ----- [](#about) In an Event Sourced environment you may have to deal with sensitive (e.g. personal) data ending up in your event stream. You could encrypt your event stream or remove sensitive data from your event stream after a certain amount or time (upcasting). Or you could choose not to store sensitive data in you event stream altogether. That's where this project helps out. Imagine the use case where a customer wants to pay an order with a credit card and you're not allowed to store the credit card number. A `PayWithCreditCardCommand` (with credit card number) should lead to a `PaymentWithCreditCardRequestedEvent` (without the credit card number) but the `Processor` that handles the event does need to know the credit card number. This project introduces a `SensitiveDataManager` which can be injected into a `CommandHandler`to capture the sensitive data from the command and make it available to the `SensitiveDataProcessor`hereby bypassing the event store. Pros: - sensitive data is not stored in your event stream - no need for encryption or upcasting of your events Cons: - handling of sensitive data can only be done once per request Example ------- [](#example) A detailed example with a test case can be found in the [`examples/`](examples/) directory. License ------- [](#license) This project is licensed under the MIT License - see the LICENSE file for details ### Health Score 39 — LowBetter than 86% of packages Maintenance48 Moderate activity, may be stable Popularity30 Limited adoption so far Community15 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 83% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~386 days Total 4 Last Release 2263d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e56158df0a7656e82c3fe2cee4d8173ef9c26fcd8882abd7dadfbdbd9eb93f89?d=identicon)[othillo](/maintainers/othillo) --- Top Contributors [![othillo](https://avatars.githubusercontent.com/u/2786663?v=4)](https://github.com/othillo "othillo (39 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (3 commits)")[![ThomasNunninger](https://avatars.githubusercontent.com/u/280145?v=4)](https://github.com/ThomasNunninger "ThomasNunninger (2 commits)")[![asm89](https://avatars.githubusercontent.com/u/657357?v=4)](https://github.com/asm89 "asm89 (1 commits)")[![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?v=4)](https://github.com/dependabot-preview[bot] "dependabot-preview[bot] (1 commits)")[![rgeraads](https://avatars.githubusercontent.com/u/6044164?v=4)](https://github.com/rgeraads "rgeraads (1 commits)") ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/broadway-sensitive-data/health.svg) ``` [![Health](https://phpackages.com/badges/broadway-sensitive-data/health.svg)](https://phpackages.com/packages/broadway-sensitive-data) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41478.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 87117.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption)[paragonie/hidden-string Encapsulate strings in an object to hide them from stack traces 7410.6M39](/packages/paragonie-hidden-string) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)