gitlab-org--gitlab-foss/spec/fixtures/api/schemas/public_api/v4/releases.json
Krasimir Angelov 241ba4be79 Allow guests users to access project releases
This is step one of resolving
https://gitlab.com/gitlab-org/gitlab-ce/issues/56838.

Here is what changed:
- Revert the security fix from bdee9e8412.
- Do not leak repository information (tag name, commit) to guests in API
responses.
- Do not include links to source code in API responses for users that do
not have download_code access.
- Show Releases in sidebar for guests.
- Do not display links to source code under Assets for users that do not
have download_code access.

GET ':id/releases/:tag_name' still do not allow guests to access
releases. This is to prevent guessing tag existence.
2019-05-03 13:29:20 +00:00

4 lines
61 B
JSON

{
"type": "array",
"items": { "$ref": "release.json" }
}