mirror of
https://github.com/github/codeql.git
synced 2026-04-30 03:05:15 +02:00
Update javascript/2020-11-09-jwt.md
Co-authored-by: Asger F <asgerf@github.com>
This commit is contained in:
Erik Krogh Kristensen
committed by
GitHub
GitHub
parent
ae7c7607f1
commit
67d581edec
@@ -1,5 +1,5 @@
|
||||
lgtm,codescanning
|
||||
* Libraries implementing JWT have been modeled.
|
||||
* The security queries now track taint through JWT decoding, and warns about hard-coded JWT signing keys.
|
||||
Affected packages are
|
||||
[jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken) and
|
||||
[jwt-decode](https://www.npmjs.com/package/jwt-decode)
|
||||
|
||||
Reference in New Issue
Block a user