important security bug

Question

Opened this issue 2 years ago · 3 comments

why if add console.log(global.env.token)
console show me my token not encrypted
this is big security Probleme

Answer 1 · 2022-07-06T18:22:18.000Z

Thanks for raising the issue. Maintainer(s) will look into this shortly.

Answer 2 · 2023-07-06T17:55:14.000Z

Shortly...

Answer 3 · 2024-03-18T05:11:39.000Z

Is this actually a security issue? It appears to be working as intended.

Throughout the entire code the value should be decrypted so it can be accessed and used.

No values should be encrypted in the code unless you re-encrypt it using another library.