Must-share information (formatted with Markdown):
- which versions are you using- 8.6
We have analyze our project in SonarQube. After analysis, sonarqube is flagging for medium hotspot alert for new HMACSHA256(secret)). Not sure why we are getting alert for this.
var secret = Encoding.UTF8.GetBytes(fmsSecret); using (var hasher = new HMACSHA256(secret))
As per recommendation, SHA256 are safer alternative. Not sure why this is being highlighted and how to fix it.