mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
6 lines
274 B
Markdown
6 lines
274 B
Markdown
lgtm,codescanning
|
|
* The security queries now track taint through JWT decoding, and warns about hard-coded JWT signing keys.
|
|
Affected packages are
|
|
[jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken) and
|
|
[jwt-decode](https://www.npmjs.com/package/jwt-decode)
|