100pah edited a comment on issue #9964: 安全漏洞:加密密钥进行硬编码 URL: https://github.com/apache/incubator-echarts/issues/9964#issuecomment-465895120 > Porous Defenses - CWE ID 798 使用硬编码凭证。 CWE-798 声明:“软件包含硬编码凭证,例如密码或加密密钥,用于自身的入站验证、 外部组件的出站通信或者内部数据的加密”。 > public/js/echarts.min.js:1 > Sink: Operation > Enclosing Method: lambda() Source: > SCA > public/js/echarts.min.js:1 > Sink: Operation Enclosing Method: hv() Source: > SCA Generally, echarts has no "certification" or "key" in code. And I can not find "hv()" or "lambda()" in `dist/echarts.min.js` of [release 3.3.0](https://github.com/apache/incubator-echarts/blob/8f885ec3a42506c05f907385244a482d078d9b0a/dist/echarts.min.js) Could I have more detailed info about it?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
