The code in the pull request does this:
When the eye is pressed, a check is made to see if a safe screen lock (password, pattern, fingerprint) is configured.
- If yes, a password/pattern/fingerprint is requested before showing the password.
- if no, the password is not shown.
This is exactly how e.g. Firefox and Chrome does when you want to see saved passwords.