Potential fix for code scanning alert no. 7: Use of a broken or weak cryptographic hashing algorithm on sensitive data (#4353)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-01-14 21:04:02 -08:00 · 2026-01-14 21:04:02 -08:00 · d3ca9de3ca
parent a868229fe0
commit d3ca9de3ca
1 changed files with 2 additions and 2 deletions
--- a/controllers/actions.summerwind.net/multi_githubclient.go
+++ b/controllers/actions.summerwind.net/multi_githubclient.go
@ -2,7 +2,7 @@ package actionssummerwindnet

 import (
 	"context"
-	"crypto/sha1"
+	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"sort"
@ -176,7 +176,7 @@ func (c *MultiGitHubClient) initClientForSecret(secret *corev1.Secret, dependent

 	sort.SliceStable(ks, func(i, j int) bool { return ks[i] < ks[j] })

-	hash := sha1.New()
+	hash := sha256.New()
 	for _, k := range ks {
 		hash.Write(secret.Data[k])
 	}