hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

move change note

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-11-11 21:06:56 +01:00
parent 67d581edec
commit 74d933d475
1 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/change-notes/2020-11-09-jwt.md Normal file
View File

@@ -0,0 +1,5 @@
lgtm,codescanning
* The security queries now track taint through JWT decoding, and warns about hard-coded JWT signing keys.
Affected packages are
[jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken) and
[jwt-decode](https://www.npmjs.com/package/jwt-decode)