hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f2f972567df7aec4183bf37076494aefad5d3cfb
codeql/java/ql/lib/change-notes/2023-02-17-add-hardcoded-secret-for-jwt-tokens.md
Ed Minnix 4aec708fac Add change note
2023-02-27 12:16:14 +01:00

313 B
Raw Blame History

category
category
minorAnalysis
  • Added new sinks for java/hardcoded-credential-api-call to identify the use of hardcoded secrets in the creation and verification of JWT tokens using com.auth0.jwt. These sinks are from an experimental query submitted by @luchua.