544ef7d394
Backport #15895 Storing these credentials is a liability. * Encrypt credentials with SECRET_KEY before persisting to task queue table (they need to be persisted due to the nature of the task queue) - security in depth: helps when attacker has access to DB only, but not app.ini * Delete all credentials (even encrypted) from the task table, once the migration is done, for safety - security in depth: minimizes leaked data if attacker gains access to snapshot of both DB and app.ini |
||
|---|---|---|
| .. | ||
| comment.go | ||
| downloader.go | ||
| error.go | ||
| issue.go | ||
| label.go | ||
| milestone.go | ||
| null_downloader.go | ||
| options.go | ||
| pullrequest.go | ||
| reaction.go | ||
| release.go | ||
| repo.go | ||
| retry_downloader.go | ||
| review.go | ||
| uploader.go | ||