LIghtJUNction
7b22e56252
security: remove legacy SHA256/MD5 password verification and fix API key logging
- Remove insecure SHA256/MD5 password hash verification from cmd_conf.py
(rejection logic for storing legacy hashes is preserved)
- Remove API key logging from gemini_source.py, openai_source.py
- Remove header logging (contains Authorization header) from volcengine_tts.py
CodeQL issues fixed:
- Broken cryptographic hash (SHA256/MD5 for passwords)
- Clear-text logging of sensitive information (API keys)
2026-03-29 15:48:38 +08:00
..
2026-03-28 12:14:10 +08:00
2026-03-19 23:30:25 +08:00
2026-03-20 00:44:08 +08:00
2026-03-18 16:46:22 +08:00
2026-03-19 23:30:25 +08:00
2026-03-19 23:30:25 +08:00
2026-02-24 22:09:44 +08:00
2026-03-29 15:48:38 +08:00
2026-02-12 01:04:48 +08:00
2026-03-23 20:38:43 +08:00
2026-03-15 22:51:52 +08:00
2026-03-19 23:30:25 +08:00
2026-03-19 23:30:25 +08:00
2026-03-20 13:32:06 +08:00
2026-03-23 05:57:55 +08:00
2026-03-20 20:52:21 +08:00
2026-03-23 09:05:58 +08:00
2026-03-18 16:46:22 +08:00
2026-03-18 18:06:42 +08:00
2026-03-27 11:24:06 +08:00
2026-03-29 15:48:38 +08:00
2026-03-18 16:46:22 +08:00
2026-03-18 18:06:42 +08:00
2026-03-19 23:30:25 +08:00
2026-03-19 23:30:25 +08:00
2026-03-29 15:48:38 +08:00
2026-03-22 19:50:26 +08:00
2026-03-19 23:30:25 +08:00
2026-03-19 23:30:25 +08:00
2026-03-23 23:01:55 +08:00
2026-03-23 23:01:55 +08:00
2026-03-23 12:49:13 +08:00