Skip to content

[Security] Hardcoded encryption key in formatter.py:259 #215

Description

@poliakarmai

Severity: CRITICAL
File: gitsome/formatter.py:259

Description: A hardcoded encryption key was found in the source. Keys baked into code cannot be rotated without a new release and are visible to anyone with repo access.

Mitigation: Move the key to an environment variable or secure key management service. Rotate immediately.


Found during automated security audit of gitsome (⭐7,675).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions