You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've noticed that your NestJS backend configurations for authentication and storage, specifically in the files auth.config.ts and storage.ts within the develop branch, utilize hardcoded default values. This practice introduces several potential risks and limitations that could affect the security of deployments.
Hardcoded defaults, especially for authentication configurations, can pose significant security risks. If a deployment leave default values, it could be easily exploited by malicious actors.
If you don't have time to solve, but agreed about this fact, we can submit a PR, just say if you've a prefered approach.
The text was updated successfully, but these errors were encountered:
Hello,
First, thanks for your job.
I've noticed that your NestJS backend configurations for authentication and storage, specifically in the files
auth.config.ts
andstorage.ts
within thedevelop
branch, utilize hardcoded default values. This practice introduces several potential risks and limitations that could affect the security of deployments.Hardcoded defaults, especially for authentication configurations, can pose significant security risks. If a deployment leave default values, it could be easily exploited by malicious actors.
If you don't have time to solve, but agreed about this fact, we can submit a PR, just say if you've a prefered approach.
The text was updated successfully, but these errors were encountered: