New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] Remove version from api #291

Merged
merged 1 commit into from Feb 21, 2019

Conversation

Projects
None yet
4 participants
@zamentur
Copy link
Contributor

zamentur commented Mar 31, 2017

Related to: https://dev.yunohost.org/issues/703

It's for security.

@opi

This comment has been minimized.

Copy link
Contributor

opi commented Mar 31, 2017

This will break web administration as we display current version in the footer ; We should be able to retreive version from API once logged in

@zamentur

This comment has been minimized.

Copy link
Contributor Author

zamentur commented Mar 31, 2017

So it will be more difficult to fix this. Currently, additionnal routes don't support authentication !

https://github.com/YunoHost/moulinette/blob/unstable/moulinette/interfaces/api.py#L710

@zamentur zamentur added work needed and removed important labels Mar 31, 2017

@zamentur zamentur added this to the 2.7.x milestone Jun 4, 2017

@alexAubin alexAubin added the inactive label Jan 9, 2018

@Psycojoker

This comment has been minimized.

Copy link
Member

Psycojoker commented Feb 8, 2018

On the webadmin the version number is not displayed anymore if the admin isn't logged in, but the API still make it accessible, I don't know if it's what we want https://ynh.local/yunohost/api/version

@alexAubin alexAubin changed the base branch from unstable to stretch-unstable Jun 17, 2018

@alexAubin

This comment has been minimized.

Copy link
Member

alexAubin commented Nov 27, 2018

[Semi-automatic message]
Trying to clean PR which are opened and inactive since more than 6 months ~ 1 year ... I propose to close this PR and keep it in the "Horizon" milestone in case somebody wants to take care of it later. But in the meantime there's no point in keeping all of these opened if there's no indication that someone might work on this soon.

@alexAubin

This comment has been minimized.

Copy link
Member

alexAubin commented Feb 5, 2019

Reviving this because : YunoHost/yunohost-admin#226

@alexAubin alexAubin merged commit 18d20c4 into stretch-unstable Feb 21, 2019

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@alexAubin alexAubin deleted the fix-703-dont-expose-yunohost-api-version branch Feb 21, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment