544ef7d394
Backport #15895 Storing these credentials is a liability. * Encrypt credentials with SECRET_KEY before persisting to task queue table (they need to be persisted due to the nature of the task queue) - security in depth: helps when attacker has access to DB only, but not app.ini * Delete all credentials (even encrypted) from the task table, once the migration is done, for safety - security in depth: minimizes leaked data if attacker gains access to snapshot of both DB and app.ini |
||
---|---|---|
.. | ||
comment.go | ||
downloader.go | ||
error.go | ||
issue.go | ||
label.go | ||
milestone.go | ||
null_downloader.go | ||
options.go | ||
pullrequest.go | ||
reaction.go | ||
release.go | ||
repo.go | ||
retry_downloader.go | ||
review.go | ||
uploader.go |