Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BREAK] Remove patch info from endpoint /api/info for non-logged in users #16050

Merged
merged 7 commits into from
Sep 3, 2021

Conversation

MarcosSpessatto
Copy link
Member

@MarcosSpessatto MarcosSpessatto commented Dec 23, 2019

closes #11721

If you need the full version for any reason, you should make the request using a loginToken .. We recommend using Personal Access Tokens for automated API usage.

ggazzo
ggazzo previously approved these changes Dec 25, 2019
@ggazzo ggazzo changed the title [IMPROVE] Remove patch info from endpoint /api/info [BREAK] Remove patch info from endpoint /api/info Dec 25, 2019
@MarcosSpessatto MarcosSpessatto modified the milestones: 3.0.0, 3.1.0 Feb 26, 2020
@ggazzo ggazzo modified the milestones: 3.1.0, 4.0.0 Mar 18, 2020
@CLAassistant
Copy link

CLA assistant check
All committers have signed the CLA.

@tassoevan
Copy link
Contributor

@diegolmello Please evaluate if mobile client is going to get hit by it.

@diegolmello
Copy link
Member

diegolmello commented Aug 2, 2021

@diegolmello Please evaluate if mobile client is going to get hit by it.

@tassoevan No impact on mobile apps.

Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have added 1 .js files, please convert to ts(x).
app/api/server/lib/server-info.js

@sampaiodiego sampaiodiego changed the title [BREAK] Remove patch info from endpoint /api/info [BREAK] Remove patch info from endpoint /api/info for non-logged in users Sep 2, 2021
@sampaiodiego sampaiodiego merged commit 6a6313a into develop Sep 3, 2021
@sampaiodiego sampaiodiego deleted the remove-patch-api-info branch September 3, 2021 11:28
@joker234
Copy link

Is it correct that I now have to give my monitoring tools full admin API access when they're only supposed to read the currently used version? At least that's what I read from this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Info Page Small Security Issue
7 participants