Files
AstrBot/astrbot
LIghtJUNction 7b22e56252 security: remove legacy SHA256/MD5 password verification and fix API key logging
- Remove insecure SHA256/MD5 password hash verification from cmd_conf.py
  (rejection logic for storing legacy hashes is preserved)
- Remove API key logging from gemini_source.py, openai_source.py
- Remove header logging (contains Authorization header) from volcengine_tts.py

CodeQL issues fixed:
- Broken cryptographic hash (SHA256/MD5 for passwords)
- Clear-text logging of sensitive information (API keys)
2026-03-29 15:48:38 +08:00
..
2026-03-23 22:21:06 +08:00
2026-03-28 12:14:10 +08:00
2026-03-24 10:14:28 +08:00
2026-02-27 22:03:17 +08:00
2026-03-27 00:16:03 +08:00