[Snyk] Upgrade winston from 3.14.0 to 3.14.1 #113

Summary

2 security issue(s)
- High : 0
- Medium : 0
- Low : 2

NShiftKey

Information exposure

Description : If the encryption key is hardcoded in the source code, it can be leaked

Countermeasure : Do not hard-code important information in code, but encrypt and manage it in a safe place. For more information, see the link below: https://naver-security.github.io/nshiftkey-rule-guides/Secret_Hardcoded_eng

Target Code : Accenture-sfmc-devtools/test/mockRoot/.mcdevrc.json [view change history] [ignore this]

Accenture-sfmc-devtools/test/mockRoot/.mcdevrc.json

Lines 39 to 41 in bd7ec26

    
           "buName": "testBU", 
        
           "secret": "secret", 
        
           "sharedFolder": "/Shared Data Extensions/test",

Target Code : Accenture-sfmc-devtools/test/mockRoot/.mcdevrc.json [view change history] [ignore this]

Accenture-sfmc-devtools/test/mockRoot/.mcdevrc.json

Lines 50 to 52 in bd7ec26

    
           "buName": "testBUTarget", 
        
           "secret": "target secret", 
        
           "sharedFolder": "/Shared Data Extensions/test target",

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade winston from 3.14.0 to 3.14.1 #113

[Snyk] Upgrade winston from 3.14.0 to 3.14.1 #113

Summary

Details

NShiftKey

Information exposure

Re-running checks...

	"buName": "testBU",
	"secret": "secret",
	"sharedFolder": "/Shared Data Extensions/test",

	"buName": "testBUTarget",
	"secret": "target secret",
	"sharedFolder": "/Shared Data Extensions/test target",

[Snyk] Upgrade winston from 3.14.0 to 3.14.1 #113

Merge pull request #115 from 2lambda123/restyled/snyk-upgrade-8d475d5…

[Snyk] Upgrade winston from 3.14.0 to 3.14.1 #113

Summary

Details

NShiftKey

Information exposure

Re-running checks...