544ef7d394
Backport #15895 Storing these credentials is a liability. * Encrypt credentials with SECRET_KEY before persisting to task queue table (they need to be persisted due to the nature of the task queue) - security in depth: helps when attacker has access to DB only, but not app.ini * Delete all credentials (even encrypted) from the task table, once the migration is done, for safety - security in depth: minimizes leaked data if attacker gains access to snapshot of both DB and app.ini |
||
---|---|---|
.. | ||
base | ||
dump.go | ||
error.go | ||
git.go | ||
gitea_downloader.go | ||
gitea_downloader_test.go | ||
gitea_uploader.go | ||
gitea_uploader_test.go | ||
github.go | ||
github_test.go | ||
gitlab.go | ||
gitlab_test.go | ||
gogs.go | ||
gogs_test.go | ||
main_test.go | ||
migrate.go | ||
migrate_test.go | ||
restore.go | ||
update.go |