3e4b45fc21
Previously, this would include the entire User record in the update hash, which was rendered in the response using `to_json`, erroneously exposing every attribute of that record, including their (now removed) private token. Now we only include the user ID, and perform the lookup on-demand. |
||
|---|---|---|
| .. | ||
| award_emoji.rb | ||
| boards.rb | ||
| branches.rb | ||
| broadcast_messages.rb | ||
| builds.rb | ||
| commits.rb | ||
| deploy_keys.rb | ||
| deployments.rb | ||
| entities.rb | ||
| environments.rb | ||
| files.rb | ||
| groups.rb | ||
| helpers.rb | ||
| issues.rb | ||
| labels.rb | ||
| members.rb | ||
| merge_request_diffs.rb | ||
| merge_requests.rb | ||
| milestones.rb | ||
| notes.rb | ||
| pipelines.rb | ||
| project_hooks.rb | ||
| project_snippets.rb | ||
| projects.rb | ||
| repositories.rb | ||
| runners.rb | ||
| services.rb | ||
| settings.rb | ||
| snippets.rb | ||
| subscriptions.rb | ||
| system_hooks.rb | ||
| tags.rb | ||
| templates.rb | ||
| time_tracking_endpoints.rb | ||
| todos.rb | ||
| triggers.rb | ||
| users.rb | ||
| variables.rb | ||