Improve security within the frontend and the backend #42
Comments
|
Currently working on it and it will contain major & breaking changes. All tables, except user table in SQL will need to be dropped (using the provided SQL migration), as that's the easiest way of doing it. As no school is presently using the system, I can allow these kinds of migrations with dropping tables, but I PROMISE, that once schools actually install the system, I will do everything (if I can't do anything, then I will revert all my local changes to latest stable and won't implement the feature) in order to KEEP THE DATA INTACT during the migrations. What's new, that you need to drop tables?
This will help us improve code quality, as we'd be able to generate UUIDs directly in SQL. This will also help user privacy, as you can't identify other people (how many users there are) just by using the ID. Of course, this change will be firstly pushed into beta branch. NO CURRENT INSTANCES will be affected until a manual code review. After a manual code review and extensive testing, this will be merged into main branch. THE MERGE WILL BE DELAYED BY ONE DAY, for anybody to maybe opt-out of the auto-update system. You'll find all the details about it within the MeetPlan Documentation. Again, this is for the best, as security is massively improved and by not updating, you risk of having potentially useful information (such as amount of users in your system), leaked to the public. Thank you so much for understanding |
|
Oh, so this has been merged I see, closing now. |
Sources:
The text was updated successfully, but these errors were encountered: