b3256d4df1
Restrict mass-assignable attributes across user/team/redis models and switch privileged root/team creation paths to forceFill/forceCreate. Encrypt legacy ClickHouse admin passwords via migration and cast the correct ClickHouse password field as encrypted. Tighten API and runtime exposure by removing sensitive team fields from responses and sanitizing Git/compose error messages. Expand security-focused feature coverage for command-injection and mass assignment protections. |
||
|---|---|---|
| .. | ||
| Api | ||
| Webhook | ||
| Controller.php | ||
| OauthController.php | ||
| UploadController.php | ||