diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fadeee0..1979601 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -31,6 +31,11 @@ jobs:
     steps:
       - uses: actions/checkout@v1
 
+      # Make sure that there are no SemVer violations before publishing.
+      # https://github.com/obi1kenobi/cargo-semver-checks-action
+      - name: Check semver
+        uses: obi1kenobi/cargo-semver-checks-action@v2
+
       - uses: actions-rs/toolchain@v1
         with:
           profile: minimal
diff --git a/.gitignore b/.gitignore
index a363066..f68ea69 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,8 @@
 #######################
 .vscode/
 /target
+# Not needed in a library.
+Cargo.lock
 
 # Compiled source #
 ###################
@@ -39,4 +41,4 @@ bundle
 .Spotlight-V100
 .Trashes
 ehthumbs.db
-Thumbs.db
\ No newline at end of file
+Thumbs.db
diff --git a/CHANGELOG b/CHANGELOG
index 9d807e2..93ec96a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.3.6] - 2026-01-05
+### Security
+- Redact password from debug prints
+
 ## [0.3.1] - 2021-08-15
 ### Fixed
 - CI workflows issues due to missing conditional publishing triggerer and out of
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index dd913c7..65dd9c6 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -15,7 +15,7 @@ about behavior to being permanently banned from the http-auth-basic repository.
 
 Not all interactions that require remediation are clear violations
 of the Code of Conduct. Project maintainers will take appropriate
-action, when neccessary, to ensure the http-auth-basic community is a space
+action, when necessary, to ensure the http-auth-basic community is a space
 where individuals can comfortably collaborate and bring their
 entire selves. Unfortunately, if bringing your entire self is
 infringing on others from doing the same, you may be asked to leave.
diff --git a/Cargo.lock b/Cargo.lock
deleted file mode 100644
index 4033513..0000000
--- a/Cargo.lock
+++ /dev/null
@@ -1,16 +0,0 @@
-# This file is automatically @generated by Cargo.
-# It is not intended for manual editing.
-version = 3
-
-[[package]]
-name = "base64"
-version = "0.22.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
-
-[[package]]
-name = "http-auth-basic"
-version = "0.3.5"
-dependencies = [
- "base64",
-]
diff --git a/Cargo.toml b/Cargo.toml
index 90ded61..22041c9 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,11 +1,11 @@
 [package]
 name = "http-auth-basic"
-version = "0.3.5"
+version = "0.3.6"
 authors = ["Esteban Borai <estebanborai@gmail.com>"]
 
-edition = "2021"
+edition = "2024"
 license = "MIT OR Apache-2.0"
-description = "HTTP Basic Authentication Scheme (RFC 7617 and RFC 2617 compilant, base64-encoded credentials) for Rust applications"
+description = "HTTP Basic Authentication Scheme (RFC 7617 and RFC 2617 compliant, base64-encoded credentials) for Rust applications"
 readme = "README.md"
 repository = "https://github.com/EstebanBorai/http-auth-basic"
 categories = ["authentication", "encoding", "web-programming", "web-programming::http-server", "web-programming::http-client"]
diff --git a/README.md b/README.md
index b435b48..72bdb80 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@
   </div>
   <h1 align="center">http-auth-basic</h1>
   <h4 align="center">
-    HTTP Basic Authentication Scheme (RFC 7617 and RFC 2617 compilant, base64-encoded credentials) for Rust applications
+    HTTP Basic Authentication Scheme (RFC 7617 and RFC 2617 compliant, base64-encoded credentials) for Rust applications
   </h4>
 </div>
 
diff --git a/src/credentials.rs b/src/credentials.rs
index 7b4a92e..1bc68f2 100644
--- a/src/credentials.rs
+++ b/src/credentials.rs
@@ -1,12 +1,12 @@
-use std::str::FromStr;
+use std::{fmt, str::FromStr};
 
-use base64::{prelude::BASE64_STANDARD, Engine};
+use base64::{Engine, prelude::BASE64_STANDARD};
 
 use crate::error::AuthBasicError;
 
 /// A `struct` to represent the `user_id` and `password` fields
 /// from an _Authorization Basic_ header value
-#[derive(Debug, PartialEq)]
+#[derive(PartialEq)]
 pub struct Credentials {
     pub user_id: String,
     pub password: String,
@@ -102,3 +102,13 @@ impl FromStr for Credentials {
         Self::decode(s.into())
     }
 }
+
+/// Debug implementation never prints out the password.
+impl fmt::Debug for Credentials {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.debug_struct("Credentials")
+            .field("user_id", &self.user_id)
+            .field("password", &"REDACTED")
+            .finish()
+    }
+}
diff --git a/src/lib.rs b/src/lib.rs
index bf56ab2..ad850d6 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -153,4 +153,16 @@ mod tests {
 
         assert!(credentials.is_err());
     }
+
+    #[test]
+    fn debug_redacts_password() {
+        let password = "secret teapot";
+        let credentials = Credentials::new("username", password);
+
+        let debugged = format!("{credentials:?}");
+        let pretty = format!("{credentials:#?}");
+
+        assert!(!debugged.contains(password));
+        assert!(!pretty.contains(password));
+    }
 }