TRKJ/mayfly-go
2
0
Fork 0
mirror of https://gitee.com/dromara/mayfly-go synced 2026-05-28 22:05:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a17fa5a103e42bced00ee7473391efec7ec7ba4f
mayfly-go/server/pkg
History
saa99999 a17fa5a103 Fix CWE-347: JWT algorithm confusion + CWE-798: hardcoded credentials in example config (#131) 
- Add HMAC algorithm verification in ParseToken to prevent JWT algorithm
  confusion attacks (CWE-347). Reject tokens with non-HMAC signing methods.
- Replace hardcoded secrets in config.yml.example with empty values
  (JWT key, DB password, AES key) to prevent users from deploying with
  weak/known credentials (CWE-798).
2026-05-27 19:10:12 +08:00
..
base
biz
cache
consts
contextx
feat: 初步新增ai助手
2026-04-15 12:47:10 +08:00
enumx
errorx
eventbus
global
gormx
gox
httpx
i18n
ioc
feat: 初步新增ai助手
2026-04-15 12:47:10 +08:00
logx
middleware
model
feat: 初步新增ai助手
2026-04-15 12:47:10 +08:00
pool
!149 fix:连接池修复和guacd自动重连
2026-04-07 13:29:31 +00:00
rediscli
req
Fix CWE-347: JWT algorithm confusion + CWE-798: hardcoded credentials in example config (#131)
2026-05-27 19:10:12 +08:00
scheduler
refactor: 代码优化&依赖升级
2026-03-18 20:58:41 +08:00
starter
feat: ai助手优化等
2026-04-28 22:37:10 +08:00
utils
feat: ai助手优化等
2026-04-28 22:37:10 +08:00
validatorx
feat: ai助手优化、请求库优化
2026-04-21 17:22:21 +08:00
ws
refactor: 代码优化&依赖升级
2026-03-18 20:58:41 +08:00