Summary
Vault example path included a hardcoded token placeholder that can lead to unsafe copy/paste usage.
Severity
Medium
Affected Files
cmdb-api/api/lib/secrets/vault.py
Recommended Remediation
Require VAULT_TOKEN from environment and fail fast when missing.
Patch Branch
codex/sec-vault-token-env
Patch Commit
8ad38f8
Fork Branch URL
https://github.com/lhy8888/cmdb-security-fork/tree/codex/sec-vault-token-env
Summary
Vault example path included a hardcoded token placeholder that can lead to unsafe copy/paste usage.
Severity
Medium
Affected Files
cmdb-api/api/lib/secrets/vault.py
Recommended Remediation
Require VAULT_TOKEN from environment and fail fast when missing.
Patch Branch
codex/sec-vault-token-env
Patch Commit
8ad38f8
Fork Branch URL
https://github.com/lhy8888/cmdb-security-fork/tree/codex/sec-vault-token-env