fix: services/util/SesameSecured: avoid timing attack on verifying MAC #818

richardapeters · 2025-02-07T06:43:46Z

No description provided.

github-actions · 2025-02-07T06:44:12Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Package	Version	Score	Details

github-actions · 2025-02-07T06:46:46Z

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	12		0	0.05s
✅ CPP	clang-format	1002	3	0	6.34s
✅ DOCKERFILE	hadolint	2		0	0.16s
✅ JSON	jsonlint	7		0	0.19s
✅ JSON	prettier	7	0	0	0.66s
⚠️ MARKDOWN	markdownlint	6	0	4	1.24s
⚠️ MARKDOWN	markdown-link-check	6		1	109.77s
✅ MARKDOWN	markdown-table-formatter	6	0	0	0.21s
✅ REPOSITORY	checkov	yes		no	18.7s
✅ REPOSITORY	git_diff	yes		no	0.05s
✅ REPOSITORY	grype	yes		no	9.16s
✅ REPOSITORY	ls-lint	yes		no	0.07s
✅ REPOSITORY	secretlint	yes		no	6.13s
✅ REPOSITORY	trivy	yes		no	5.19s
✅ REPOSITORY	trivy-sbom	yes		no	0.08s
✅ REPOSITORY	trufflehog	yes		no	3.45s
⚠️ SPELL	lychee	137		1	4.58s
⚠️ YAML	prettier	22	1	1	0.86s
✅ YAML	v8r	22		0	8.67s
✅ YAML	yamllint	22		0	0.45s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by

sonarqubecloud · 2025-02-07T07:21:39Z

fix: services/util/SesameSecured: avoid timing attack on verifying MAC

47a974a

richardapeters requested a review from a team as a code owner February 7, 2025 06:43

esalman-philips requested a review from oguzcanoguz February 7, 2025 08:11

esalman-philips approved these changes Feb 7, 2025

View reviewed changes

esalman-philips added this pull request to the merge queue Feb 7, 2025

Merged via the queue into main with commit 51dca2d Feb 7, 2025
35 checks passed

esalman-philips deleted the feature/sesame-timing-attack branch February 7, 2025 08:27

philips-software-forest-releaser bot mentioned this pull request Feb 7, 2025

chore(main): release 7.2.0 #810

Open