Hard-coded secret detected.
- Rule ID: javascript_express_hardcoded_secret
- Languages: javascript
- Source: hardcoded_secret.yml
Description
Code is not a secure place to store hard-coded secrets. Use environment variables instead.
Remediations
✅ Use environment variables and a secret management system instead
app.use(
session({
secret: process.env.secret,
name: "my-custom-session-name",
})
)