educationfutures
commented
2 years ago No imaginable security risk here, but leaves me to wonder if we can implement it better in the future. (Prob too late to change now without breaking all our existing files.)
willianmano
Nobody should be using
SHA1as a hash algorithm, right? Or is this a legacy Moodle thing?https://github.com/EvokeNet/moodle-mod_evokeportfolio/blob/859aeddc6e6130ad0239362a2f80fd1c4de346b5/lib.php#L308