fix: address CodeQL findings — sha512 for token hashing, secure tempfile

2026-04-03 00:41:16 -05:00 · 2026-04-03 00:41:16 -05:00 · 5c02598a46
commit 5c02598a46
parent aa38c3797e
3 changed files with 7 additions and 5 deletions
--- a/tests/test_api.py
+++ b/tests/test_api.py
@ -15,7 +15,7 @@ from wiregui.utils.time import utcnow
 def test_generate_api_token():
    plaintext, token_hash = generate_api_token()
    assert len(plaintext) > 20
-    assert token_hash == hashlib.sha256(plaintext.encode()).hexdigest()
+    assert token_hash == hashlib.sha512(plaintext.encode()).hexdigest()


 def test_generate_api_token_unique():