Commit cebc127
fix(security): use UTF-8 charset in RateLimitFilter.sha256Short (SpotBugs DM_DEFAULT_ENCODING)
SpotBugs flagged String.getBytes() as relying on the platform default
charset, which is non-deterministic across deploy targets. Switch to
StandardCharsets.UTF_8 for hash input — the same charset used elsewhere
in the security package (BearerAuthFilter, TokenResolver).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent 4a09fad commit cebc127
1 file changed
Lines changed: 3 additions & 1 deletion
Lines changed: 3 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
| 19 | + | |
19 | 20 | | |
20 | 21 | | |
21 | 22 | | |
| |||
155 | 156 | | |
156 | 157 | | |
157 | 158 | | |
158 | | - | |
| 159 | + | |
| 160 | + | |
159 | 161 | | |
160 | 162 | | |
161 | 163 | | |
| |||
0 commit comments