Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity
    • Default Quality Profiles:
      Sonar way, Sonar way recommended

      Description

      Questionable Code Example

      // === Server side ===
      const crypto = require("crypto");
      
      const hash = crypto.createHash('sha1'); // Questionable regardless of algorithm used
      
      crypto.scrypt(secret, salt, keylen, (err, derivedKey) => {}); // Questionable
      const derivedKey = crypto.scryptSync(secret, salt, keylen); // Questionable
      
      // === Client side ===
      crypto.subtle.digest("SHA-256", buffer) // Questionable regardless of algorithm used
        .then(function (hash) {});
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              lars.svensson Lars Svensson (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: