esapi-java-legacy
esapi-java-legacy copied to clipboard
Fix code scanning alert - Use of a broken or risky cryptographic algorithm - HMacSHA1
This is a false positive. SHA-1 is a risky algorithm, but not when it is used as an HMac. Need to report this to GitHub. Nothing to fix here, but recording an issue so I (@kwwall ) remember to report it against the code scanning software.
Tracking issue for:
- [ ] https://github.com/ESAPI/esapi-java-legacy/security/code-scanning/1