A code scanner popped up with this as a potential vulnerability. I'm not sure if logging the hash of a file to stdout is leaking anything of relevance. I don't see how it is sensitive information. But if someone can point out if this is a vulnerability, and if so, why? Then, we can remove the log message. But I've found this very useful when establishing the initial hash of expected data (which itself mitigates a security issue!). But this is still UX, so if this somehow is sensitive, then It would be helpful if someone could explain or ellaborate.
Erotemic
commented
4 months ago
A code scanner popped up with this as a potential vulnerability. I'm not sure if logging the hash of a file to stdout is leaking anything of relevance. I don't see how it is sensitive information. But if someone can point out if this is a vulnerability, and if so, why? Then, we can remove the log message. But I've found this very useful when establishing the initial hash of expected data (which itself mitigates a security issue!). But this is still UX, so if this somehow is sensitive, then It would be helpful if someone could explain or ellaborate.
Tracking issue for: