Skip to content

[BREAK] Remove patch info from endpoint /api/info for non-logged in users#16050

Merged
sampaiodiego merged 7 commits intodevelopfrom
remove-patch-api-info
Sep 3, 2021
Merged

[BREAK] Remove patch info from endpoint /api/info for non-logged in users#16050
sampaiodiego merged 7 commits intodevelopfrom
remove-patch-api-info

Conversation

@MarcosSpessatto
Copy link
Contributor

@MarcosSpessatto MarcosSpessatto commented Dec 23, 2019
edited by sampaiodiego
Loading

closes #11721

If you need the full version for any reason, you should make the request using a loginToken .. We recommend using Personal Access Tokens for automated API usage.

@MarcosSpessatto MarcosSpessatto added this to the 3.0.0 milestone Dec 23, 2019
ggazzo
ggazzo previously approved these changes Dec 25, 2019
View reviewed changes
@ggazzo ggazzo changed the title [IMPROVE] Remove patch info from endpoint /api/info [BREAK] Remove patch info from endpoint /api/info Dec 25, 2019
@MarcosSpessatto MarcosSpessatto modified the milestones: 3.0.0, 3.1.0 Feb 26, 2020
@ggazzo ggazzo modified the milestones: 3.1.0, 4.0.0 Mar 18, 2020
@CLAassistant
Copy link

CLAassistant commented Mar 27, 2020

CLA assistant check
All committers have signed the CLA.

@tassoevan
Copy link
Contributor

tassoevan commented Aug 2, 2021

@diegolmello Please evaluate if mobile client is going to get hit by it.

@diegolmello
Copy link
Member

diegolmello commented Aug 2, 2021
edited
Loading

@diegolmello Please evaluate if mobile client is going to get hit by it.

@tassoevan No impact on mobile apps.

github-actions[bot]
github-actions bot previously requested changes Sep 2, 2021
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have added 1 .js files, please convert to ts(x).
app/api/server/lib/server-info.js

@github-actions github-actions bot dismissed their stale review September 2, 2021 21:04

js files removed

@sampaiodiego sampaiodiego changed the title [BREAK] Remove patch info from endpoint /api/info [BREAK] Remove patch info from endpoint /api/info for non-logged in users Sep 2, 2021
@sampaiodiego sampaiodiego merged commit 6a6313a into develop Sep 3, 2021
@sampaiodiego sampaiodiego deleted the remove-patch-api-info branch September 3, 2021 11:28
This was referenced Oct 1, 2021
Merged
Merged
Closed
Closed
@ankar84 ankar84 mentioned this pull request Oct 15, 2021
Closed
@joker234
Copy link

joker234 commented May 18, 2022

Is it correct that I now have to give my monitoring tools full admin API access when they're only supposed to read the currently used version? At least that's what I read from this change.

@joker234 joker234 mentioned this pull request May 18, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sampaiodiego sampaiodiego sampaiodiego approved these changes

@ggazzo ggazzo ggazzo left review comments

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

No one assigned

Labels

type: improvement

Projects

None yet

Milestone

4.0.0

Development

Successfully merging this pull request may close these issues.

Info Page Small Security Issue

7 participants

@MarcosSpessatto @CLAassistant @tassoevan @diegolmello @joker234 @ggazzo @sampaiodiego

Comments