-
Pick security fixes from 8.16.1 et al into master 5 of 5 checklist items completedupdated
-
- Merged
- 3
updated -
-
Reenables /user API request to return private-token if user is admin and requested with sudo 9 of 9 checklist items completed
- Merged
- 52
updated -
- Merged
- 2
updated -
- Merged
- 12
updated -
-
WIP: Check the CSRF token when using the Rails session cookie for API auth 0 of 9 checklist items completed
-
Restrict failed login attempts for users with 2FA 6 of 7 checklist items completed
- Merged
- 6
updated -
- Merged
- 6
updated -
Enable Import/Export for non-admin users 7 of 7 checklist items completed
- Merged
- 6
updated -
Don't expose a user's private token in the `/api/v3/user` API 5 of 7 checklist items completed
- Merged
- 13
- 1
updated -
- Merged
- 1
updated -
- Merged
- 5
updated -
Use per-build token to acts as an user triggering a build 1 of 8 checklist items completed