LIghtJUNction
7b22e56252
security: remove legacy SHA256/MD5 password verification and fix API key logging
- Remove insecure SHA256/MD5 password hash verification from cmd_conf.py
(rejection logic for storing legacy hashes is preserved)
- Remove API key logging from gemini_source.py, openai_source.py
- Remove header logging (contains Authorization header) from volcengine_tts.py
CodeQL issues fixed:
- Broken cryptographic hash (SHA256/MD5 for passwords)
- Clear-text logging of sensitive information (API keys)
2026-03-29 15:48:38 +08:00
..
2026-03-29 15:40:57 +08:00
2026-03-19 23:30:25 +08:00
2026-03-29 15:40:57 +08:00
2026-03-29 15:46:11 +08:00
2026-03-22 22:44:05 +08:00
2026-03-24 16:36:46 +08:00
2026-03-23 20:38:43 +08:00
2026-03-19 23:30:25 +08:00
2026-03-29 15:40:57 +08:00
2026-03-28 12:14:10 +08:00
2026-03-29 15:48:38 +08:00
2026-03-27 00:27:03 +08:00
2026-03-29 15:40:57 +08:00
2026-03-24 10:14:28 +08:00
2026-03-23 20:38:43 +08:00
2026-03-23 01:56:39 +08:00
2026-03-21 00:09:58 +08:00
2026-03-22 22:44:05 +08:00
2026-03-23 01:18:03 +08:00
2026-03-29 15:40:57 +08:00
2026-03-24 16:36:46 +08:00
2026-03-29 15:40:57 +08:00
2026-03-24 10:14:28 +08:00
2026-03-23 23:01:55 +08:00
2026-03-22 22:44:05 +08:00
2026-03-25 23:48:49 +08:00
2026-03-22 19:08:56 +08:00
2026-03-19 23:30:25 +08:00
2026-03-25 23:48:49 +08:00
2026-03-23 01:18:03 +08:00
2026-02-28 13:34:12 +09:00
2026-03-23 20:38:43 +08:00
2026-03-23 01:56:39 +08:00
2026-02-28 13:34:12 +09:00
2026-03-23 01:18:03 +08:00
2026-03-10 21:05:09 +08:00
2026-03-19 23:30:25 +08:00
2026-03-19 23:30:25 +08:00
2026-03-19 23:30:25 +08:00